[SOLVED] Guest session USB device not recognized (LM 18.2)

Questions about other topics - please check if your question fits better in another category before posting here
Forum rules
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
Locked
odbabos

[SOLVED] Guest session USB device not recognized (LM 18.2)

Post by odbabos »

Hello,

I'm struggling with a Smart Card reader in a guest session under Linux Mint 18.2.

Operating public computers, I've set up a customized guest session (thanks to Sonya, lightdm is now the default greeter which made new setup easier), the guest user is loaded from a template one (inspired by https://sites.google.com/site/easylinuxtipsproject/2 and https://help.ubuntu.com/community/CustomizeGuestSession).
I need my customers to be able to use their ID cards trough a Smart Card Reader but it seems that the guest user can't access the device although it's listed by lsusb in a guest session terminal :

Code: Select all

guest-azeyoi@virt0001 ~ $ lsusb
Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
Bus 001 Device 004: ID 072f:9000 Advanced Card Systems, Ltd ACR38 AC1038-based Smart Card Reader
Bus 001 Device 002: ID 80ee:0021 VirtualBox USB Tablet
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub

Note that regular users can fully use the device (even the template user upon which is based the guest-session). Note also that i have the same issue both on a virtual machine and a physical one.

Is USB access restricted for the guest user ? I have no troubles with USB storage.

Thanks for the reading,
Last edited by LockBot on Wed Dec 28, 2022 7:16 am, edited 3 times in total.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Top
User avatar
JerryF
Level 16
Level 16
Posts: 6571
Joined: Mon Jun 08, 2015 1:23 pm
Location: Rhode Island, USA

Re: Guest session USB device not recognized (LM 18.2)

Post by JerryF »

Shot in the dark. You may need to add the guest user to the smart card reader group if there has been one created.
Top
MintBean

Re: Guest session USB device not recognized (LM 18.2)

Post by MintBean »

Mint uses software called 'Apparmor' to limit the functionality of guest accounts. A quick Google (see below) shows it's possible to put Apparmor into a mode where it will log violations rather than blocking them. Perhaps you could initiate this mode, use the smartcard reader and then see what was logged as a starter for ten.

http://www.thegeekstuff.com/2014/03/apparmor-ubuntu/

Please let us know how you get on as this could be useful for others.
Top
odbabos

Re: Guest session USB device not recognized (LM 18.2)

Post by odbabos »

Thanks for the leads, i'm not sure to be able to explore them before next week but i'll post the results as soon as i have any progress.
Top
odbabos

Re: Guest session USB device not recognized (LM 18.2)

Post by odbabos »

More than two years later, I eventually managed to get this working.

Thanks to MintBean, I was able to configure AppArmor to allow acces to the smartcard reader.

The link he provided : http://www.thegeekstuff.com/2014/03/apparmor-ubuntu/ is full of interesting stuff, in my case, id did the following :
* set the apparmor profile lightdm-guest-session in complain mode
install apparmor-utils package then cahnge profile type
# apt install apparmor-utils
# aa-complain lightdm-guest-session
* check the logs
# tail -f /var/log/kern.log
* plug the reader, launch the associated program and watch the log → in my case the processus which was denied was pcscd
* edit the apparmor profile
/etc/apparmor.d/lightdm-guest-session
add at the end :
/run/pcscd/pcscd.comm rv,
* reenable apparmor for the guest profile
# aa-enforce lightdm-guest-session

To sum up, I had to add the line
/run/pcscd/pcscd.comm rv,
to
/etc/apparmor.d/lightdm-guest-session

This works also in mint 19.3.

have a nice summer !
Top
Locked

Return to “Other topics”