-
Notifications
You must be signed in to change notification settings - Fork 10
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Does not display registered one-time passwords #35
Comments
I would like to report the same issue. The key works with both the ykman cli and phone app but not the flatpak version. The problem is also not present when using the official app image for Linux when running in debug mode with the Debug log
My assumption is that this is an issue only on the flatpak version Note: this could perhaps be a duplicate of #26 |
Same issue here seen on fedora silverblue and PopOs with this flatpak version. If I use the equivalent AppImage version (5.1.0) provided by YubiCo it all works as expected. |
Yes, i can confirm the same issue on Fedora Silverblue 35. |
Can you post output from: |
Sure
and
|
Thx, it looks good, user |
True and as the other reported, the official AppImage from Yubico works well. |
I do believe the sandbox permissions are the issue here. A quick check shows, yubioath does not have any special permissions set by default. I will play around this evening a little bit. By the way, I do have selinux enabled, if this makes a different, which it probably does, not sure. Ou, you asked about selinux, sorry did not see that. I'll check this as well. |
sorry for not responding before, I've had uni exams. The sandbox permission are not a issue since we use |
Sorry for the delay. I've tested it even with selinux disabled. Nothing changed. Also there is no log entry in /var/log/audit/audit.log But also flatpak override com.yubico.yubioath --device=all does not help, but you said already this should be the application default. I do not have any more ideas right now 🙈 |
I suspect flatpak changed something under the hood. I have no idea honeslty how to fix things |
I tried to dig a bit deeper but without any major success. Still far away from your research i guess ;-)
Did try to add the udev rules from yubico, without success What i noticed, the yubikey works fine in keepassxc from flathub. But it seems they are not communicating over pcsc, at least, they do not use socket=pcsc permissions but device=all. Which leads me to the conclusion, the error lies in the pcsc communication somehow. |
Note that fedora is carrying some custom patch for pcsc-lite that break interoperability with non-patched clients in smartcard contexts. I don't know if this can affect usage of this app as well. You may try adding same patch for psc-lite in flatpak test build to confirm if this is related. |
Hello Erick |
I also have this issue on Fedora 35 Silverblue with the Flatpak. However, running the AppImage, it was able to recognize my YubiKey 5 NFC like it should. |
Did some basic testing with the beta ver of the app (#58), and it's probably related to this. With the patch it works perfectly fine. Tested the stable ver as well and it's the same result. Tested on Nobara/Fedora 36 |
I found the corresponding issue in the pcsc-lite Github repo: LudovicRousseau/PCSC#118 (comment) There are three possible solutions I came up with right now, but there might be more:
Edit: pressed enter too soon |
Fedora 38 will ship a unpatched pscc-lite. I'm for the 3rd option since patching our pcsc would break it for everyone else |
You can get the fixed version already by installing the version from rawhide sudo dnf install fedora-repos-rawhide -y
sudo dnf install pcsc-lite --disablerepo="*" --enablerepo=rawhide |
unless you want a partially upgraded system avoid this. it is not supported by fedora and will break things. I'll look into getting a unpatched pcsc-lite package on obs this weekend so everyone can enjoy it |
This is fixed in Fedora 38. Does this ticket need to stay open? |
I'll close this |
According to pre-existing issues [^1] and my experience, Fedora 38 is no longer causing issues. [^1]: flathub#35 (comment)
On both Ubuntu 21.10 and Pop_OS 21.10 when installed via flatpak no one time password registrations are shown for my devices.
I can see the fact that the device has been plugged in.
When I install the version in the repositories instead (as well as using the mobile apps on my phone), I am able to see/generate one time passwords
The text was updated successfully, but these errors were encountered: