Am Mon, Nov 18, 2024 at 02:50:09PM +0100 schrieb Winfried de Heiden: > Hi all, > > The tuning options as provided on > https://github.com/OpenSC/OpenSC/wiki/Aventra-MyEID-PKI-card#smart-card-reader-configuration. > > He looks however it is related to file caching. In "man 5 opensc.conf": > > If caching is done by a system process, the cached files may be > placed inaccessible from a user account. Use a globally readable > and writable location if you wish to share the cached > information. > Note that the cached files may contain personal data such as name > and mail address. > > email handtekening privé It seems caching is done by GDM (user: gdm) and > sssd (user: root) and I added to ensure a caching directory is created (and > removed when rebooted, nice and handy during testing) > > /etc/tmpfiles.d/opensc.conf > d /dev/shm/.cache/opensc 2700 gdm root - > > I also added "file_cache_dir" to /etc/opensc.conf: > > app default { > # debug = 3; > # debug_file = opensc-debug.txt; > framework pkcs15 { > use_file_caching = public; > file_cache_dir = /dev/shm/.cache/opensc; > } > reader_driver pcsc { > # The pinpad is disabled by default, > # because of many broken readers out there > enable_pinpad = false; > } > } > # the pkcs15-init is used for card initialization when the file caching > # brings more trouble than use so disable that: > app pkcs15-init { > framework pkcs15 { > use_file_caching = no; > } > } > > It's still not bleeding fast () but it'sa shure more acceptable and > workable. After a reboot: > > time sudo -l; sudo -k; time sudo -l > PIN for MyEID-222 (MyEID-222 Basic PIN): > > User winfried may run the following commands on minicard: > (ALL : ALL) ALL > > real 0m8.016s > user 0m0.019s > sys 0m0.022s > > PIN for MyEID-222 (MyEID-222 Basic PIN): > User winfried may run the following commands on minicard: > (ALL : ALL) ALL > > real 0m5.428s > user 0m0.019s > sys 0m0.012s > > > When I remove the line "file_cache_dir", sudo -l takes ages (...) but > strangely there are no traces of any cache anywhere on the filesystem; no > wonder it is slow... > According to the man pages: > > Where to cache the card's files. The default values are: > • $XDG_CACHE_HOME/opensc/ (If $XDG_CACHE_HOME is defined) > • $HOME/.cache/opensc/ (Unix) > • $USERPROFILE\.eid-cache\ (Windows) > > But nothing is there!? Anyone got an idea whatś happening here?
Hi, have you check if the `$XDG_CACHE_HOME` or `$HOME/.cache` directories exists for the root user? bye, Sumit > > Thanks! > > Winfried > -- _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
