Hello !
It so happens when using seatd and not polkit *pcsclite* as it is currently built doesn't allow yubikeys to work as a non root user. I just did what void, which supports both seatd and polkit do, to build *pcslite* with the *-D polkit=false* option, and now I can use my yubikey as non root flawlessly.
Here it's my patch:
> % diff -Naur pcsclite.old/ pcsclite/
> diff -Naur pcsclite.old/PKGBUILD pcsclite/PKGBUILD
> --- pcsclite.old/PKGBUILD 2025-04-02 13:49:23.000000000 -0600
> +++ pcsclite/PKGBUILD 2025-05-15 20:54:33.275892038 -0600
> @@ -18,12 +18,10 @@
> )
> depends=(
> 'libudev.so'
> - 'libpolkit-gobject-1.so'
> )
> makedepends=(
> 'git'
> 'meson'
> - 'polkit'
> 'udev'
> )
> optdepends=(
> @@ -48,7 +46,7 @@
> local meson_options=(
> -D libsystemd=false
> -D libudev=true
> - -D polkit=true
> + -D polkit=false
> -D serial=true
> )
> artix-meson PCSC build "${meson_options[@]}"
I also, as the void package template do, removed polkit make and run time dependencies.
I might be mistaken, but I believe this should work when using both seatd and polkit, since as mentioned void supports both seatd and polkit. According to *meson_options.txt*:
> option('polkit',
> type : 'boolean',
> description : 'Use polkit to enforce access control')
I don't know if that makes polkit require udev rules or not. But as the package is built, even with udev rules there's no way to get *pcsclite* fully work as non user (one might get ykman with udev rules, but browser wouldn't recognize the yubikey at all). It's only until it gets built with *-D polkit=false* that things truly work for seatd.
Thanks a lot !
--
Javier
More information about the artix-general
mailing list