On Thu, Nov 29, 2007 at 11:09:26PM +0100, Micha Lenk wrote:
Hi,I am the maintainer of package libchipcard, a library for accessing smart cards. The software is designed in a client/server layout, where the server manages chipcard reader devices and serves requests made by applications willing to access a smart card. The daemon process is running as unprivileged user "chipcard", created by a postinst script. In order to access ReinerSCT Cyberjack smart card readers a driver package libcyberjack-ctapi2 is needed, which is not in the archive but available on SF.net or the manufacturer's homepage. Unfortunately the driver package restricts access to the kernel device to members of the system group "cyberjack" (using a udev rule). This usually locks the chipcard daemon out. The author of the driver package dislikes to change the name of the group "cyberjack" for rather historical reasons.
If you're intending on packaging this, then change the udev rule to be a sane default. If you're not, then simply document this problem and its solution in README.Debian. You could also try to convince the upstream maintainer to use the group chipcard on new Debian installations, using the presence of /etc/debian_version or lsb_release -i.
You probably don't want to add the chipcard user to the cyberjack group because it is entirely possible that someone has a user named cyberjack[0], which would have unfortunate consequences. If an in-archive package has a conflict with an existing username, then it will generally fail when it tries to add an already existing non-system user as a system user (at least it should), so this problem will never occur with an in-archive package.
[0] I have found at least three websites having users named cyberjack, so this is not entirely theoretical.
-- brian m. carlson / brian with sandals: Houston, Texas, US +1 713 440 7475 | http://crustytoothpaste.ath.cx/~bmc | My opinion only a typesetting engine: http://crustytoothpaste.ath.cx/~bmc/code/thwack OpenPGP: RSA v4 4096b 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187
signature.asc
Description: Digital signature
