Poldi and kdesu

Gordian Klein gordian.klein at gmx.de
Tue Nov 4 13:49:54 CET 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello again,

sudo works now.

> i guess the problem is the line "PC/SC OPEN failed: sharing violation".
> What can i do here?
> 
> If i kill all scdaemons and do a sudo it works fine.
> 

The problem was that the env variable GPG_AGENT_INFO was not set for
root. So pam_poldi trys to start a new scdaemon instead of querying
gpg-agent for the current one. I dont know why, but the second scdaemon
has no access to the openpgp card.
So in /etc/sudoers i added GPG_AGENT_INFO to the env_keep line.
Now pam_poldi finds gpg-agent and therewith the currently running
scdaemon and so sudo works.
Is adding GPG_AGENT_INFO to env_keep a security risk?

Regards,
Gordian Klein
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)

iJwEAQECAAYFAkkQRPEACgkQJQ/nLhGdw57MBAP/VUpOgGCHu7NFSAkgGSluHOm6
Ok/Uus1tbQLTgk1w3sehHQLn7fTcPQU9np93hHa3MDjoQbUdWyDBugYnEgGCH9ds
RCIpVqYX8gdmhPIJOYS7BYSY2ymo/og7jY0E5vOgXKoG3HhqhOxbm6gUUkBldenX
b7gPIVIHiDI+YJRPRHE=
=ACVL
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list