Vap #1734
Vap #1734
Conversation
Add pcsc-lite. pcsc-lite is a middleware to access a smart card using SCard API (PC/SC). https://pcsclite.apdu.fr/ Required to access the (Thales-) gemalto SafeNet eToken for vAP. Note: To use, the pcscd installed by this package needs to run. startup/unit files not yet included.
Add CCID (Chip/Smart Card Interfrace Decices) driver for PCSC lite. https://ccid.apdu.fr/ Required to access the (Thales-) gemalto SafeNet eToken for vAP.
Add pcsc-tools, which can be used to test SmartCard connectivity provided by pcsc-lite.
Remove pcsc-tools which are not required to use pcsc-lite. It doesn't provide much help anyway.
Add Citrix Workspace App for vAP.
Install driver for Thales / gemalto SafeNet eToken 5300.
To use, the user has to add
/usr/lib/libeToken.so
as a security module. E.g. for firefox via
Preferences - Privacy and Security - Security Devices - Load
| # # Extract system ca-certificates and install in the Citrix cacerts directory | ||
| # cp /etc/ca-certificates/extracted/tls-ca-bundle.pem "${pkgdir}$ICAROOT/keystore/cacerts/" | ||
| # cd "${pkgdir}$ICAROOT/keystore/cacerts/" | ||
| # awk 'BEGIN {c=0;} /BEGIN CERT/{c++} { print > "cert." c ".pem"}' < tls-ca-bundle.pem |
There was a problem hiding this comment.
Why can’t the system CA certificates not be used or symlinked?
There was a problem hiding this comment.
Using the above code, the certificates would be copied from the build system, which is not what we want. Again this part is copy-and-pasted from the "stolen from" source. I want to make as few modifications to it as possible, so this is easier to maintain. Commenting out unwanted lines is a small modification and easy to understand. Changing the code to create symlinks would be a bigger modification. And it is not needed at all. Why add complexity without reason? Plus, I want the Citrix junk to be as self-contained as possible.
| # https://aur.archlinux.org/cgit/aur.git/tree/PKGBUILD?h=icaclient | ||
|
|
||
| srcdir="$S" | ||
| pkgdir=$D |
There was a problem hiding this comment.
Add of curiosity, why the new variables?
There was a problem hiding this comment.
Because the following code is copy-and-pasted from the source referenced above. By adding these names we don't need to modify each and every line below.
There was a problem hiding this comment.
Ah, that makes sense. “stolen from” was not clear enough for me.
| # rm -r "${pkgdir}/opt/Citrix/ICAClient/keystore/cacerts" | ||
| # ln -s /etc/ssl/certs "${pkgdir}/opt/Citrix/ICAClient/keystore/cacerts" | ||
| # #ln -s /usr/share/ca-certificates/trust-source/* "${pkgdir}/opt/Citrix/ICAClient/keystore/cacerts/" | ||
| # #c_rehash "${pkgdir}/opt/Citrix/ICAClient/keystore/cacerts/" |
There was a problem hiding this comment.
The comment? No. Again: This is all verbatim copy-and-pasted.
|
|
||
| # install scripts | ||
| # install -Dm755 wfica.sh "${pkgdir}$ICAROOT" | ||
| # install -Dm755 wfica_assoc.sh "${pkgdir}$ICAROOT" |
There was a problem hiding this comment.
Add a comment why the scripts above are not used?
There was a problem hiding this comment.
The script is created from a here document in the bee script. I already forgot, why this needed to be changed.
Packages to support "Virtueller Arbeitsplatz". There might be more things to do, but I want it merged for now, so that I don't have to reinstall it every day for testing.