Thursday, October 13, 2022

firefox: unveil pcscd socket to make smart cards work

Besides the now complete pcscd/munlock patch on ports@, the pcscd(8)
socket is all that is needed for smart cards to work out of the box with
/usr/local/lib/pkcs11/opensc-pkcs11.so (and probably other modules).

I didn't build a new package with this diff due to resource constraints,
but instead just tweaked /etc/firefox/unveil.main after tracing Firefox.

The ESR diff is untested but included for completeness as I'm under the
impression hat those pledge/unveil files should stay in sync.

If adding such paths is acceptable, I can test the chromiums next.

Feedback? Objection? OK?

Index: mozilla-firefox/Makefile
===================================================================
RCS file: /cvs/ports/www/mozilla-firefox/Makefile,v
retrieving revision 1.513
diff -u -p -r1.513 Makefile
--- mozilla-firefox/Makefile 12 Oct 2022 16:15:03 -0000 1.513
+++ mozilla-firefox/Makefile 13 Oct 2022 11:10:00 -0000
@@ -8,7 +8,7 @@ MOZILLA_PROFDATA_TASKID=ddAkcOlrRBy33XBj
MOZILLA_BRANCH = release
MOZILLA_PROJECT = firefox
MOZILLA_CODENAME = browser
-REVISION = 0
+REVISION = 1

WRKDIST = ${WRKDIR}/${MOZILLA_DIST}-${MOZILLA_DIST_VERSION:C/b[0-9]*//}
HOMEPAGE = https://www.mozilla.org/firefox/
Index: mozilla-firefox/files/unveil.main
===================================================================
RCS file: /cvs/ports/www/mozilla-firefox/files/unveil.main,v
retrieving revision 1.12
diff -u -p -r1.12 unveil.main
--- mozilla-firefox/files/unveil.main 11 Mar 2022 20:10:06 -0000 1.12
+++ mozilla-firefox/files/unveil.main 13 Oct 2022 11:30:03 -0000
@@ -23,6 +23,9 @@
/usr/X11R6/share r
/var/run r

+# security devices, e.g. OpenSC's PKCS #11 module, may talk to this socket
+/var/run/pcscd/pcscd.comm rw
+
# printing
/usr/bin/lpr rx

Index: firefox-esr/Makefile
===================================================================
RCS file: /cvs/ports/www/firefox-esr/Makefile,v
retrieving revision 1.180
diff -u -p -r1.180 Makefile
--- firefox-esr/Makefile 12 Oct 2022 16:15:03 -0000 1.180
+++ firefox-esr/Makefile 13 Oct 2022 11:33:40 -0000
@@ -7,7 +7,7 @@ MOZILLA_BRANCH = release
MOZILLA_PROJECT = firefox-esr
MOZILLA_CODENAME = browser
MOZILLA_DIST = firefox
-REVISION = 0
+REVISION = 1

WRKDIST = ${WRKDIR}/${MOZILLA_DIST}-${MOZILLA_DIST_VERSION:C/esr//}
HOMEPAGE = https://www.mozilla.org/firefox/organizations/
Index: firefox-esr/files/unveil.main
===================================================================
RCS file: /cvs/ports/www/firefox-esr/files/unveil.main,v
retrieving revision 1.5
diff -u -p -r1.5 unveil.main
--- firefox-esr/files/unveil.main 26 Jul 2022 13:22:07 -0000 1.5
+++ firefox-esr/files/unveil.main 13 Oct 2022 11:33:32 -0000
@@ -23,6 +23,9 @@
/usr/X11R6/share r
/var/run r

+# security devices, e.g. OpenSC's PKCS #11 module, may talk to this socket
+/var/run/pcscd/pcscd.comm rw
+
# printing
/usr/bin/lpr rx

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)