Astra linux Орел 2.12 + retoken S + Крипто Про 5

Добрый день.
Все выполнялось согласно инструкции https://dev.rutoken.ru/pages/viewpage.a … 0%B0%D1%85
$ lsusb
Bus 008 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
Bus 007 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 006 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
Bus 005 Device 003: ID 093a:2510 Pixart Imaging, Inc. Optical Mouse
Bus 005 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 004 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
Bus 003 Device 003: ID 0a89:0020 Aktiv Rutoken S
Bus 003 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
Bus 001 Device 003: ID 046d:080a Logitech, Inc. Portable Webcam C905
Bus 001 Device 002: ID 0a5c:218c Broadcom Corp.
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub

$ /opt/cprocsp/bin/amd64/list_pcsc
ERROR: SCardListReaders(NULL)
как и $ list_pcsc
ERROR: SCardListReaders(NULL)

$ pcsc_scan
PC/SC device scanner
V 1.4.27 (c) 2001-2011, Ludovic Rousseau <ludovic.rousseau@free.fr>
Compiled with PC/SC lite version: 1.8.20
Using reader plug'n play mechanism
Scanning present readers...
Waiting for the first reader...

$ /opt/cprocsp/sbin/amd64/cpconfig -hardware reader -view

Nick name: CLOUD
Connect name:
Reader name: Cloud Token

Nick name: FLASH
Connect name:
Reader name: FLASH

Nick name: HDIMAGE
Connect name:
Reader name: HDD key storage

Куда копать

Re: Astra linux Орел 2.12 + retoken S + Крипто Про 5

Добрый день!

Если "Шаг 2. Загрузка и установка драйвера" действительно выполнялся, стоит посмотреть на вывод pcscd в отладочном режиме. Примерно так:

sudo killall pcscd
sudo killall pcscd
sudo killall pcscd
sudo pcscd -afd

Re: Astra linux Орел 2.12 + retoken S + Крипто Про 5

$ sudo pcscd -afd
00000000 [125195006437504] debuglog.c:299:DebugLogSetLevel() debug level=debug
00000105 [125195006437504] configfile.l:284:DBGetReaderListDir() Parsing conf directory: /etc/reader.conf.d
00000030 [125195006437504] configfile.l:321:DBGetReaderListDir() Skipping non regular file: .
00000007 [125195006437504] configfile.l:321:DBGetReaderListDir() Skipping non regular file: ..
00000009 [125195006437504] configfile.l:360:DBGetReaderList() Parsing conf file: /etc/reader.conf.d/libccidtwin
00000045 [125195006437504] pcscdaemon.c:662:main() pcsc-lite 1.8.24 daemon ready.
00003427 [125195006437504] hotplug_libudev.c:297:get_driver() Looking for a driver for VID: 0x1D6B, PID: 0x0002, path: /dev/bus/usb/001/001
00000080 [125195006437504] hotplug_libudev.c:297:get_driver() Looking for a driver for VID: 0x1D6B, PID: 0x0002, path: /dev/bus/usb/001/001
00000081 [125195006437504] hotplug_libudev.c:297:get_driver() Looking for a driver for VID: 0x0A5C, PID: 0x218C, path: /dev/bus/usb/001/002
00000079 [125195006437504] hotplug_libudev.c:297:get_driver() Looking for a driver for VID: 0x0A5C, PID: 0x218C, path: /dev/bus/usb/001/002
00000077 [125195006437504] hotplug_libudev.c:297:get_driver() Looking for a driver for VID: 0x0A5C, PID: 0x218C, path: /dev/bus/usb/001/002
00000078 [125195006437504] hotplug_libudev.c:297:get_driver() Looking for a driver for VID: 0x0A5C, PID: 0x218C, path: /dev/bus/usb/001/002
00000074 [125195006437504] hotplug_libudev.c:297:get_driver() Looking for a driver for VID: 0x1D6B, PID: 0x0002, path: /dev/bus/usb/001/001
00000079 [125195006437504] hotplug_libudev.c:297:get_driver() Looking for a driver for VID: 0x046D, PID: 0x080A, path: /dev/bus/usb/001/003
00000077 [125195006437504] hotplug_libudev.c:297:get_driver() Looking for a driver for VID: 0x046D, PID: 0x080A, path: /dev/bus/usb/001/003
00000078 [125195006437504] hotplug_libudev.c:297:get_driver() Looking for a driver for VID: 0x046D, PID: 0x080A, path: /dev/bus/usb/001/003
00000076 [125195006437504] hotplug_libudev.c:297:get_driver() Looking for a driver for VID: 0x046D, PID: 0x080A, path: /dev/bus/usb/001/003
00000127 [125195006437504] hotplug_libudev.c:297:get_driver() Looking for a driver for VID: 0x1D6B, PID: 0x0003, path: /dev/bus/usb/002/001
00000128 [125195006437504] hotplug_libudev.c:297:get_driver() Looking for a driver for VID: 0x1D6B, PID: 0x0002, path: /dev/bus/usb/003/001
00000073 [125195006437504] hotplug_libudev.c:297:get_driver() Looking for a driver for VID: 0x1D6B, PID: 0x0002, path: /dev/bus/usb/003/001
00000078 [125195006437504] hotplug_libudev.c:297:get_driver() Looking for a driver for VID: 0x0A89, PID: 0x0020, path: /dev/bus/usb/003/003
00000005 [125195006437504] hotplug_libudev.c:436:HPAddDevice() Adding USB device: Aktiv Co. Rutoken S
00000028 [125195006437504] readerfactory.c:1075:RFInitializeReader() Attempting startup of Aktiv Co. Rutoken S 00 00 using /usr/lib/pcsc/drivers/ifd-rutokens.bundle/Contents/Linux/librutokens.so
00000981 [125195006437504] readerfactory.c:950:RFBindFunctions() Loading IFD Handler 3.0
00288253 [125195006437504] readerfactory.c:396:RFAddReader() Using the reader polling thread
00003186 [125195006437504] hotplug_libudev.c:297:get_driver() Looking for a driver for VID: 0x1D6B, PID: 0x0003, path: /dev/bus/usb/004/001
00000125 [125195006437504] hotplug_libudev.c:297:get_driver() Looking for a driver for VID: 0x1D6B, PID: 0x0002, path: /dev/bus/usb/005/001
00000070 [125195006437504] hotplug_libudev.c:297:get_driver() Looking for a driver for VID: 0x1D6B, PID: 0x0002, path: /dev/bus/usb/005/001
00000074 [125195006437504] hotplug_libudev.c:297:get_driver() Looking for a driver for VID: 0x093A, PID: 0x2510, path: /dev/bus/usb/005/003
00000118 [125195006437504] hotplug_libudev.c:297:get_driver() Looking for a driver for VID: 0x1D6B, PID: 0x0003, path: /dev/bus/usb/006/001
00000105 [125195006437504] hotplug_libudev.c:297:get_driver() Looking for a driver for VID: 0x1D6B, PID: 0x0002, path: /dev/bus/usb/007/001
00000099 [125195006437504] hotplug_libudev.c:297:get_driver() Looking for a driver for VID: 0x1D6B, PID: 0x0003, path: /dev/bus/usb/008/001
00000038 [125195006437504] readerfactory.c:1410:RFWaitForReaderInit() Waiting init for reader: Aktiv Co. Rutoken S 00 00
00010071 [125195006437504] readerfactory.c:1410:RFWaitForReaderInit() Waiting init for reader: Aktiv Co. Rutoken S 00 00
00003093 [125194967303936] eventhandler.c:289:EHStatusHandlerThread() powerState: POWER_STATE_POWERED
00000020 [125194967303936] Card ATR: 3B 6F 00 FF 00 56 72 75 54 6F 6B 6E 73 30 20 00 00 90 00

Re: Astra linux Орел 2.12 + retoken S + Крипто Про 5

Не могли бы при запущенном в режиме отладки pcscd выполнить pcsc_scan? Пока что логи говорят о том, что все должно нормально работать.

Re: Astra linux Орел 2.12 + retoken S + Крипто Про 5

Вот при запущенном режиме отладки sudo pcscd -afd носитель в системе виден
$ pcsc_scan
PC/SC device scanner
V 1.4.27 (c) 2001-2011, Ludovic Rousseau <ludovic.rousseau@free.fr>
Compiled with PC/SC lite version: 1.8.20
Using reader plug'n play mechanism
Scanning present readers...
0: Aktiv Co. Rutoken S 00 00

Thu Feb 18 17:12:19 2021
Reader 0: Aktiv Co. Rutoken S 00 00
  Card state: Card inserted,
  ATR: 3B 6F 00 FF 00 56 72 75 54 6F 6B 6E 73 30 20 00 00 90 00

ATR: 3B 6F 00 FF 00 56 72 75 54 6F 6B 6E 73 30 20 00 00 90 00
+ TS = 3B --> Direct Convention
+ T0 = 6F, Y(1): 0110, K: 15 (historical bytes)
  TB(1) = 00 --> VPP is not electrically connected
  TC(1) = FF --> Extra guard time: 255 (special value)
+ Historical bytes: 00 56 72 75 54 6F 6B 6E 73 30 20 00 00 90 00
  Category indicator byte: 00 (compact TLV data object)
    Tag: 5, len: 6 (card issuer's data)
      Card issuer data: 72 75 54 6F 6B 6E
    Tag: 7, len: 3 (card capabilities)
      Selection methods: 30
        - DF selection by path
        - DF selection by file identifier
      Data coding byte: 20
        - Behaviour of write functions: proprietary
        - Value 'FF' for the first byte of BER-TLV tag fields: invalid
        - Data unit in quartets: 1
      Command chaining, length fields and logical channels: 00
        - Logical channel number assignment: No logical channel
        - Maximum number of logical channels: 1
    Mandatory status indicator (3 last bytes)
      LCS (life card cycle): 00 (No information given)
      SW: 9000 (Normal processing.)

Possibly identified card (using /usr/share/pcsc/smartcard_list.txt):
3B 6F 00 FF 00 56 72 75 54 6F 6B 6E 73 30 20 00 00 90 00
        ruToken-S (USB token)
        http://www.rutoken.ru/products/rutoken/rutoken-s/

и КриптоПро видит закрытые контейнеры, как только закрываю режим отладки все
$ pcsc_scan
PC/SC device scanner
V 1.4.27 (c) 2001-2011, Ludovic Rousseau <ludovic.rousseau@free.fr>
Compiled with PC/SC lite version: 1.8.20
SCardEstablishContext: Service not available.

ядро 5.4.0-54-generic #astra31+ci28 SMP Tue Dec 1 08:49:27 UTC 2020 x86_64 GNU/Linux

Re: Astra linux Орел 2.12 + retoken S + Крипто Про 5

crion2005 пишет:

$ pcsc_scan
PC/SC device scanner
V 1.4.27 (c) 2001-2011, Ludovic Rousseau <ludovic.rousseau@free.fr>
Compiled with PC/SC lite version: 1.8.20
SCardEstablishContext: Service not available.

Это ожидаемо. pcscd убили и не стартовали. Попробуйте позвать pcsc_scan после выполнения sudo service pcscd start.
Если все также не работает, помогло бы знание, под каким пользователем запускается pcscd: ps aux | grep pcscd.
Еще предложил бы попробовать

sudo killall pcscd
sudo udevadm control --reload-rules
sudo service pcscd start
pcsc_scan

Это голый Astra linux Орел 2.12, или дополнительно что-то настроено типа SELinux, polkit?

Re: Astra linux Орел 2.12 + retoken S + Крипто Про 5

Спасибо все заработало.