When using seatd stand alone with no logind functionality such as elogind neither turnstile, one needs to include the non root user in each group required for the user to have access to the associated device.
I believe there's no specific group for yubikeys being usb devices. I've read about udev rules, but I got before a yubikey usb-a working without udev rules, but I was using elogind which provided dbus seassion and I was launching polkit from sway. Now one needs to use polkit or seatd, but I guess not both (I tried it any ways without success), so I'm guessing polkit works when using elogind.
I'm wondering if someone has gotten to be able to have access to the yubikey as non root user...
Just in case:
> % ykman info
> WARNING: PC/SC not available. Smart card (CCID) protocols will not function.
> ERROR: No YubiKey detected!
> % doas ykman info
> doas (vasqueja at m1) password:
> Device type: YubiKey 5C Nano
> Serial number: 29684086
> Firmware version: 5.7.1
> Form factor: Nano (USB-C)
> Enabled USB interfaces: OTP, FIDO, CCID
>
> Applications
> Yubico OTP Enabled
> FIDO U2F Enabled
> FIDO2 Enabled
> OATH Enabled
> PIV Enabled
> OpenPGP Enabled
> YubiHSM Auth Enabled
You can see how as root the yubikey is actually detected, but not as non root. As root the yubikey is detected whether or not the pcscd daemon is running or not:
> % ps auxww | grep pcscd
> 216:root 9725 0.0 0.0 411360 7692 ? Ssl 13:06 0:00 /usr/bin/pcscd -f
However as non root it never gets detected regardless...
Thanks for any help/hint !
--
Javier
More information about the artix-general
mailing list