pcscd, udevd, and yubikeys working at boot

2024-06-20 20:42:57 -07:00 · 2024-06-20 20:42:57 -07:00 · c20dedcc35
parent d737fce6ea
commit c20dedcc35
5 changed files with 29 additions and 8 deletions
--- a/6
+++ b/6
@ -7,6 +7,8 @@ FROM stagex/linux-airgap AS linux
 FROM stagex/mtools AS mtools
 FROM stagex/xz AS xz
 FROM stagex/eudev AS eudev
+FROM stagex/ccid AS ccid
+FROM stagex/libusb AS libusb
 FROM stagex/keyfork AS keyfork
 FROM stagex/openpgp-card-tools AS openpgp-card-tools
 FROM stagex/gpg AS gpg
@ -25,6 +27,7 @@ FROM stagex/tpm2-tools AS tpm2-tools
 FROM stagex/tpm2-tss AS tpm2-tss
 FROM stagex/openssl AS openssl
 FROM stagex/pcsc-lite AS pcsc-lite
+FROM stagex/pcsc-tools AS pcsc-tools
 FROM stagex/flashtools AS flashtools

 FROM scratch AS base
@ -66,7 +69,10 @@ COPY --from=flashtools . initramfs
 COPY --from=tpm2-tools . initramfs
 COPY --from=tpm2-tss . initramfs
 COPY --from=openssl . initramfs
+COPY --from=libusb . initramfs
+COPY --from=ccid . initramfs
 COPY --from=pcsc-lite . initramfs
+COPY --from=pcsc-tools . initramfs
 COPY --from=openpgp-card-tools . initramfs
 COPY rootfs/ initramfs
 COPY <<-EOF initramfs/etc/environment
--- a/rootfs/etc/init.d/S10udev
+++ b/rootfs/etc/init.d/S10udev
@ -1,10 +1,5 @@
 #!/bin/sh

-# Check for config file and read it
-UDEV_CONFIG=/etc/udev/udev.conf
-test -r $UDEV_CONFIG || exit 6
-. $UDEV_CONFIG
-
 case "$1" in
    start)
        printf "Populating %s using udev: " "${udev_root:-/dev}"
--- a/rootfs/etc/init.d/S12pcscd
+++ b/rootfs/etc/init.d/S12pcscd
@ -0,0 +1,20 @@
+#!/bin/sh
+
+case "$1" in
+    start)
+        /usr/sbin/pcscd -d || { echo "FAIL"; exit 1; }
+        killall pcscd
+        /usr/sbin/pcscd -d || { echo "FAIL"; exit 1; }
+        echo "done"
+        ;;
+    stop)
+        # Stop execution of events
+        killall pcscd
+        ;;
+    *)
+        echo "Usage: $0 {start|stop}"
+        exit 1
+        ;;
+esac
+
+exit 0
--- a/rootfs/etc/inittab
+++ b/rootfs/etc/inittab
@ -9,10 +9,10 @@

 # Startup the system
 ::sysinit:/bin/mount -t devtmpfs devtmpfs /dev
-::sysinit:/bin/mkdir -p /proc /run /dev/pts /dev/shm
+::sysinit:/bin/mkdir -p /proc /run /dev/pts /dev/shm /sys
+::sysinit:/bin/mount -t sysfs sysfs /sys
 ::sysinit:/bin/mount -t proc proc /proc
 ::sysinit:/bin/mount -o remount,rw /
-::sysinit:/bin/mount -a
 null::sysinit:/bin/ln -sf /proc/self/fd /dev/fd
 null::sysinit:/bin/ln -sf /proc/self/fd/0 /dev/stdin
 null::sysinit:/bin/ln -sf /proc/self/fd/1 /dev/stdout
--- a/rootfs/etc/udev/rules.d/sdcard-autorun.rules
+++ b/rootfs/etc/udev/rules.d/sdcard-autorun.rules
@ -5,7 +5,7 @@ ACTION=="add", ENV{mount_options}="relatime"

 # Filesystem specific options
 ACTION=="add", IMPORT{program}="/sbin/blkid -o udev -p %N"
-ACTION=="add", ENV{ID_FS_TYPE}=="vfat|ntfs", ENV{mount_options}="$env{mount_options},utf8,flush,user,umask=0000"
+ACTION=="add", ENV{ID_FS_TYPE}=="vfat", ENV{mount_options}="$env{mount_options},utf8,flush,user,umask=0000"
 ACTION=="add", RUN+="/bin/mkdir -p /media/sd-%k", RUN+="/bin/mount -o $env{mount_options} /dev/%k /media/sd-%k"
 ACTION=="add", RUN+="/usr/local/bin/autorun /media/sd-%k"
 ACTION=="remove", RUN+="/bin/umount -l /media/sd-%k", RUN+="/bin/rmdir /media/sd-%k"