Unable to list the reader inside docker container.

[qxlsz]

outside the docker container (it works) and inside docker container it doesn't
apdu4j.ar used is from here

# Listing the readers
rjosyula@qxlsz:~$ java -jar apdu4j.jar -l
[ ] Identiv uTRust 4711 F CL + SAM Reader [uTrust 4711 F SAM Reader] (55651807201207) 00 00
[ ] Identiv uTRust 4711 F CL + SAM Reader [uTrust 4711 F CL Reader] (55651807201207) 01 00
rjosyula@qxlsz:~$ which pcscd
/usr/sbin/pcscd
rjosyula@qxlsz:~$ pcscd -v
pcsc-lite version 1.8.14.
Copyright (C) 1999-2002 by David Corcoran <[email protected]>.
Copyright (C) 2001-2011 by Ludovic Rousseau <[email protected]>.
Copyright (C) 2003-2004 by Damien Sauveron <[email protected]>.
Report bugs to <[email protected]>.
rjosyula@qxlsz:~$ lsusb
Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
Bus 001 Device 005: ID 04e6:5725 SCM Microsystems, Inc.
Bus 001 Device 004: ID 8087:0aaa Intel Corp.
Bus 001 Device 003: ID 0b05:1872 ASUSTek Computer, Inc.
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
rjosyula@qxlsz:~$ uname -r
4.15.0-47-generic
rjosyula@qxlsz:~$ dmesg | grep Identiv
[    1.490979] usb 1-2: Product: Identiv uTrust 4711 F CL + SAM Reader
[    1.490980] usb 1-2: Manufacturer: Identiv
[ 1076.766135] usb 1-2: Product: Identiv uTrust 4711 F CL + SAM Reader
[ 1076.766139] usb 1-2: Manufacturer: Identiv
rjosyula@qxlsz:~$ apt list --installed | grep pcsc
WARNING: apt does not have a stable CLI interface. Use with caution in scripts.
libpcsclite1/xenial-updates,xenial-security,now 1.8.14-1ubuntu1.16.04.1 amd64 [installed]
pcscd/xenial-updates,xenial-security,now 1.8.14-1ubuntu1.16.04.1 amd64 [installed]

Dockerfile looks like this

FROM ubuntu:16.04
# Install Essentials
RUN rm -rf /var/lib/apt/lists/* && apt-get clean && apt-get update && apt-get upgrade -y \
    && apt-get install -y --no-install-recommends curl ca-certificates apt-utils\
    && rm -rf /var/lib/apt/lists/*
RUN apt-get update && apt-get install -y git \
            udev \
			software-properties-common\
			autoconf \
			libtool \
			pkg-config \
			libsystemd-dev \
			libudev-dev \
			flex \
			usbutils \
            libpcsclite1 \
            libpcsclite-dev \
            libusb-1.0-0-dev \
            pcscd \
            kmod \ 
            nano \
            linux-headers-`uname -r`
RUN apt-get -y install openjdk-8-jdk
COPY artifacts/* /home/
CMD ["bash"]

Building Dockerfile

docker build  .
Sending build context to Docker daemon  51.27MB
Step 1/7 : FROM ubuntu:16.04
 ---> a3551444fc85
Step 2/7 : RUN rm -rf /var/lib/apt/lists/* && apt-get clean && apt-get update && apt-get upgrade -y     && apt-get install -y --no-install-recommends curl ca-certificates apt-utils    && rm -rf /var/lib/apt/lists/*
 ---> Using cache
 ---> d6b506a9e678
Step 3/7 : RUN apt-get update && apt-get install -y git             udev 			software-properties-common			autoconf 			libtool 			pkg-config 			libsystemd-dev 			libudev-dev 			flex 			usbutils             libpcsclite1             libpcsclite-dev             libusb-1.0-0-dev             pcscd             kmod             nano             linux-headers-`uname -r`
 ---> Using cache
 ---> 755d4f82fadf
Step 4/7 : RUN apt-get -y install openjdk-8-jdk
 ---> Using cache
 ---> 6eeea98651aa
Step 5/7 : COPY artifacts/* /home/
 ---> Using cache
 ---> c8c6f79c2939
Step 6/7 : WORKDIR /home/
 ---> Using cache
 ---> 8a2646f06d22
Step 7/7 : CMD ["bash"]
 ---> Using cache
 ---> 59180181e2d9
Successfully built 59180181e2d9

Ran docker using this command

rjosyula@qxlsz:~$ docker run -it --privileged 59180181e2d9
root@59180181e2d9:/home#

Now trying to list readers inside the container. But failing miserably. Not sure what am i doing wrong. please help!

root@59180181e2d9:/home# uname -a
Linux 59180181e2d9 4.15.0-47-generic #50~16.04.1-Ubuntu SMP Fri Mar 15 16:06:21 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux

root@59180181e2d9:/home# lsusb
Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
Bus 001 Device 005: ID 04e6:5725 SCM Microsystems, Inc.
Bus 001 Device 004: ID 8087:0aaa Intel Corp.
Bus 001 Device 003: ID 0b05:1872 ASUSTek Computer, Inc.
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub

root@59180181e2d9:/home# which pcscd
/usr/sbin/pcscd

root@59180181e2d9:/home# pcscd -version
pcsc-lite version 1.8.14.
Copyright (C) 1999-2002 by David Corcoran <[email protected]>.
Copyright (C) 2001-2011 by Ludovic Rousseau <[email protected]>.
Copyright (C) 2003-2004 by Damien Sauveron <[email protected]>.
Report bugs to <[email protected]>.
Enabled features: Linux x86_64-pc-linux-gnu serial usb libudev usbdropdir=/usr/lib/pcsc/drivers ipcdir=/var/run/pcscd configdir=/etc/reader.conf.d

root@59180181e2d9:/home# ps aux
USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
root         1  0.0  0.0  18236  3192 pts/0    Ss   19:23   0:00 bash
root        25  0.0  0.0  34424  2724 pts/0    R+   19:26   0:00 ps aux

root@59180181e2d9:/home# pcscd

root@59180181e2d9:/home# ps aux
USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
root         1  0.0  0.0  18236  3192 pts/0    Ss   19:23   0:00 bash
root        28  0.0  0.0  19240  1668 pts/0    Sl   19:26   0:00 pcscd
root        30  0.0  0.0  34424  2844 pts/0    R+   19:26   0:00 ps aux

root@59180181e2d9:/home# java -jar apdu4j.jar -l
No readers found

root@59180181e2d9:/home# dmesg | grep Identiv
[    1.490979] usb 1-2: Product: Identiv uTrust 4711 F CL + SAM Reader
[    1.490980] usb 1-2: Manufacturer: Identiv
[ 1076.766135] usb 1-2: Product: Identiv uTrust 4711 F CL + SAM Reader
[ 1076.766139] usb 1-2: Manufacturer: Identiv
root@59180181e2d9:/home#
root@59180181e2d9:/home# java -jar apdu4j.jar -ldv
# Using jnasmartcardio.Smartcardio - JNA2PCSC version 0.2
# sun.security.smartcardio.library=/lib/x86_64-linux-gnu/libpcsclite.so.1
# Found 0 terminals
No readers found
root@59180181e2d9:/home#

let me know if you need more information .
Thanks

[LudovicRousseau]

I must say I never tried to use pcscd inside docker.

Please generate a pcscd log as documented at https://pcsclite.apdu.fr/#support

[LudovicRousseau]

No news since more than 3 months.
Closing.

[Starkeffect-007]

@LudovicRousseau Are there any new development on this.

[LudovicRousseau]

@Starkeffect-007 no development planned.
I asked for a pcscd log but got nothing.

See also https://ludovicrousseau.blogspot.com/2020/11/how-to-get-smart-card-support.html

[bramevo]

Here is a pcscd log of a cardreader (detected) inside docker.

Wonder if it's related to:

03816643 [140126218053568] ccid_usb.c:1266:ControlUSB() control failed (2/4): -1 LIBUSB_ERROR_IO
00000051 [140126218053568] ccid_usb.c:1197:get_data_rates() IFD does not support GET_DATA_RATES request: -1

Full log output

LIBCCID_ifdLogLevel=0x000F pcscd --foreground --debug --apdu --color | tee log.txt
00000000 debuglog.c:299:DebugLogSetLevel() debug level=debug
00000014 debuglog.c:320:DebugLogSetCategory() Debug options: APDU
00000002 [140126218053568] pcscdaemon.c:352:main() Force colored logs
00000227 [140126218053568] configfile.l:284:DBGetReaderListDir() Parsing conf directory: /etc/reader.conf.d
00000015 [140126218053568] configfile.l:360:DBGetReaderList() Parsing conf file: /etc/reader.conf.d/libccidtwin
00000037 [140126218053568] configfile.l:321:DBGetReaderListDir() Skipping non regular file: .
00000003 [140126218053568] configfile.l:321:DBGetReaderListDir() Skipping non regular file: ..
00000007 [140126218053568] pcscdaemon.c:662:main() pcsc-lite 1.8.24 daemon ready.
00002851 [140126218053568] hotplug_libudev.c:297:get_driver() Looking for a driver for VID: 0x1D6B, PID: 0x0001, path: /dev/bus/usb/002/001
00000124 [140126218053568] hotplug_libudev.c:297:get_driver() Looking for a driver for VID: 0x1D6B, PID: 0x0001, path: /dev/bus/usb/002/001
00000151 [140126218053568] hotplug_libudev.c:297:get_driver() Looking for a driver for VID: 0x0E0F, PID: 0x0003, path: /dev/bus/usb/002/002
00000119 [140126218053568] hotplug_libudev.c:297:get_driver() Looking for a driver for VID: 0x1D6B, PID: 0x0001, path: /dev/bus/usb/002/001
00000128 [140126218053568] hotplug_libudev.c:297:get_driver() Looking for a driver for VID: 0x0E0F, PID: 0x0002, path: /dev/bus/usb/002/003
00005212 [140126218053568] hotplug_libudev.c:297:get_driver() Looking for a driver for VID: 0x058F, PID: 0x9540, path: /dev/bus/usb/002/004
00000274 [140126218053568] hotplug_libudev.c:436:HPAddDevice() Adding USB device: Alcor Micro AU9560
00000113 [140126218053568] readerfactory.c:1075:RFInitializeReader() Attempting startup of Alcor Micro AU9560 00 00 using /usr/lib/pcsc/drivers/ifd-ccid.bundle/Contents/Linux/libccid.so
00000557 [140126218053568] readerfactory.c:950:RFBindFunctions() Loading IFD Handler 3.0
00000482 [140126218053568] ifdhandler.c:1961:init_driver() Driver version: 1.4.30
00000570 [140126218053568] ifdhandler.c:1978:init_driver() LogLevel: 0x0003
00000520 [140126218053568] ifdhandler.c:1989:init_driver() DriverOptions: 0x0000
00000474 [140126218053568] ifdhandler.c:2002:init_driver() LogLevel from LIBCCID_ifdLogLevel: 0x000F
00000128 [140126218053568] ifdhandler.c:110:CreateChannelByNameOrChannel() Lun: 0, device: usb:058f/9540:libudev:0:/dev/bus/usb/002/004
00000023 [140126218053568] ccid_usb.c:237:OpenUSBByName() Reader index: 0, Device: usb:058f/9540:libudev:0:/dev/bus/usb/002/004
00000022 [140126218053568] ccid_usb.c:269:OpenUSBByName() interface_number: 0
00000016 [140126218053568] ccid_usb.c:270:OpenUSBByName() usb bus/device: 2/4
00000016 [140126218053568] ccid_usb.c:302:OpenUSBByName() Using: /usr/lib/pcsc/drivers/ifd-ccid.bundle/Contents/Info.plist
00000628 [140126218053568] ccid_usb.c:320:OpenUSBByName() ifdManufacturerString: Ludovic Rousseau ([email protected])
00000028 [140126218053568] ccid_usb.c:321:OpenUSBByName() ifdProductString: Generic CCID driver
00000016 [140126218053568] ccid_usb.c:322:OpenUSBByName() Copyright: This driver is protected by terms of the GNU Lesser General Public License version 2.1, or (at your option) any later version.
00007245 [140126218053568] ccid_usb.c:406:OpenUSBByName() Try device: 2/4
00000054 [140126218053568] ccid_usb.c:416:OpenUSBByName() vid/pid : 058F/9540
00000017 [140126218053568] ccid_usb.c:483:OpenUSBByName() Checking device: 2/4
00000015 [140126218053568] ccid_usb.c:554:OpenUSBByName() Trying to open USB bus/device: 2/4
00000113 [140126218053568] ccid_usb.c:660:OpenUSBByName() Found Vendor/Product: 058F/9540 (Alcor Micro AU9560)
00000021 [140126218053568] ccid_usb.c:662:OpenUSBByName() Using USB bus/device: 2/4
00000026 [140126218053568] ccid_usb.c:1253:ControlUSB() request: 0x03
03816643 [140126218053568] ccid_usb.c:1266:ControlUSB() control failed (2/4): -1 LIBUSB_ERROR_IO
00000051 [140126218053568] ccid_usb.c:1197:get_data_rates() IFD does not support GET_DATA_RATES request: -1
00001720 [140126218053568] ccid_usb.c:1306:InterruptRead() before (0)
00002551 [140126218053568] ccid_usb.c:1352:InterruptRead() after (0) (0)
00000043 [140126218053568] NotifySlotChange: 50 03
00000015 [140126218053568] -> 000000 65 00 00 00 00 00 00 00 00 00
00005189 [140126218053568] <- 000000 81 00 00 00 00 00 00 01 00 01
00000037 [140126218053568] -> 000000 65 00 00 00 00 00 01 00 00 00
00002880 [140126218053568] <- 000000 81 00 00 00 00 00 01 01 00 01
00000036 [140126218053568] ifdhandler.c:381:IFDHGetCapabilities() tag: 0xFB3, usb:058f/9540:libudev:0:/dev/bus/usb/002/004 (lun: 0)
00000013 [140126218053568] readerfactory.c:396:RFAddReader() Using the reader polling thread
00000011 [140126218053568] ifdhandler.c:1821:IFDHICCPresence() usb:058f/9540:libudev:0:/dev/bus/usb/002/004 (lun: 0)
00000012 [140126218053568] -> 000000 65 00 00 00 00 00 02 00 00 00
00005992 [140126218053568] <- 000000 81 00 00 00 00 00 02 01 00 01
00000046 [140126218053568] ifdhandler.c:1942:IFDHICCPresence() Card present
00000075 [140126218053568] ifdhandler.c:381:IFDHGetCapabilities() tag: 0xFAE, usb:058f/9540:libudev:0:/dev/bus/usb/002/004 (lun: 0)
00000016 [140126218053568] ifdhandler.c:476:IFDHGetCapabilities() Reader supports 1 slot(s)
00000244 [140126218053568] hotplug_libudev.c:297:get_driver() Looking for a driver for VID: 0x0E0F, PID: 0x0002, path: /dev/bus/usb/002/003
00000290 [140126218053568] hotplug_libudev.c:297:get_driver() Looking for a driver for VID: 0x1D6B, PID: 0x0002, path: /dev/bus/usb/001/001
00000068 [140126218053568] readerfactory.c:1410:RFWaitForReaderInit() Waiting init for reader: Alcor Micro AU9560 00 00
00000029 [140126198945536] ifdhandler.c:1821:IFDHICCPresence() usb:058f/9540:libudev:0:/dev/bus/usb/002/004 (lun: 0)
00000014 [140126198945536] -> 000000 65 00 00 00 00 00 03 00 00 00
00003250 [140126198945536] <- 000000 81 00 00 00 00 00 03 01 00 01
00000032 [140126198945536] ifdhandler.c:1942:IFDHICCPresence() Card present
00000013 [140126198945536] ifdhandler.c:1821:IFDHICCPresence() usb:058f/9540:libudev:0:/dev/bus/usb/002/004 (lun: 0)
00000012 [140126198945536] -> 000000 65 00 00 00 00 00 04 00 00 00
00005149 [140126198945536] <- 000000 81 00 00 00 00 00 04 01 00 01
00000030 [140126198945536] ifdhandler.c:1942:IFDHICCPresence() Card present
00000013 [140126198945536] ifdhandler.c:1154:IFDHPowerICC() action: PowerUp, usb:058f/9540:libudev:0:/dev/bus/usb/002/004 (lun: 0)
00000013 [140126198945536] -> 000000 62 00 00 00 00 00 05 00 00 00
00001587 [140126218053568] readerfactory.c:1410:RFWaitForReaderInit() Waiting init for reader: Alcor Micro AU9560 00 00
00010145 [140126218053568] readerfactory.c:1410:RFWaitForReaderInit() Waiting init for reader: Alcor Micro AU9560 00 00
00010174 [140126218053568] readerfactory.c:1410:RFWaitForReaderInit() Waiting init for reader: Alcor Micro AU9560 00 00
00010097 [140126218053568] readerfactory.c:1410:RFWaitForReaderInit() Waiting init for reader: Alcor Micro AU9560 00 00
00010153 [140126218053568] readerfactory.c:1410:RFWaitForReaderInit() Waiting init for reader: Alcor Micro AU9560 00 00
00010163 [140126218053568] readerfactory.c:1410:RFWaitForReaderInit() Waiting init for reader: Alcor Micro AU9560 00 00
00010179 [140126218053568] readerfactory.c:1410:RFWaitForReaderInit() Waiting init for reader: Alcor Micro AU9560 00 00
00010155 [140126218053568] readerfactory.c:1410:RFWaitForReaderInit() Waiting init for reader: Alcor Micro AU9560 00 00
00010113 [140126218053568] readerfactory.c:1410:RFWaitForReaderInit() Waiting init for reader: Alcor Micro AU9560 00 00
00010178 [140126218053568] readerfactory.c:1410:RFWaitForReaderInit() Waiting init for reader: Alcor Micro AU9560 00 00
00010149 [140126218053568] readerfactory.c:1410:RFWaitForReaderInit() Waiting init for reader: Alcor Micro AU9560 00 00
00010146 [140126218053568] readerfactory.c:1410:RFWaitForReaderInit() Waiting init for reader: Alcor Micro AU9560 00 00
00010152 [140126218053568] readerfactory.c:1410:RFWaitForReaderInit() Waiting init for reader: Alcor Micro AU9560 00 00
00010147 [140126218053568] readerfactory.c:1410:RFWaitForReaderInit() Waiting init for reader: Alcor Micro AU9560 00 00
00010144 [140126218053568] readerfactory.c:1410:RFWaitForReaderInit() Waiting init for reader: Alcor Micro AU9560 00 00
00010100 [140126218053568] readerfactory.c:1410:RFWaitForReaderInit() Waiting init for reader: Alcor Micro AU9560 00 00
00010147 [140126218053568] readerfactory.c:1410:RFWaitForReaderInit() Waiting init for reader: Alcor Micro AU9560 00 00
00002659 [140126198945536] <- 000000 80 0B 00 00 00 00 05 00 00 00 3B 67 00 00 00 00 00 00 00 90 00
00000029 [140126198945536] eventhandler.c:289:EHStatusHandlerThread() powerState: POWER_STATE_POWERED
00000012 [140126198945536] Card ATR: 3B 67 00 00 00 00 00 00 00 90 00
00000013 [140126198945536] ifdhandler.c:1821:IFDHICCPresence() usb:058f/9540:libudev:0:/dev/bus/usb/002/004 (lun: 0)
00000013 [140126198945536] -> 000000 65 00 00 00 00 00 06 00 00 00
00004849 [140126198945536] <- 000000 81 00 00 00 00 00 06 00 00 00
00000032 [140126198945536] ifdhandler.c:1942:IFDHICCPresence() Card present
00000013 [140126198945536] ifdhandler.c:310:IFDHPolling() usb:058f/9540:libudev:0:/dev/bus/usb/002/004 (lun: 0) 5000 ms
00000011 [140126198945536] ccid_usb.c:1306:InterruptRead() before (0)
05043968 [140126198945536] ccid_usb.c:1352:InterruptRead() after (0) (2)
00000054 [140126198945536] ifdhandler.c:1821:IFDHICCPresence() usb:058f/9540:libudev:0:/dev/bus/usb/002/004 (lun: 0)
00000017 [140126198945536] -> 000000 65 00 00 00 00 00 07 00 00 00
01005265 [140126198945536] <- 000000 81 00 00 00 00 00 07 00 00 00
00000054 [140126198945536] ifdhandler.c:1942:IFDHICCPresence() Card present
00000014 [140126198945536] ifdhandler.c:1154:IFDHPowerICC() action: PowerDown, usb:058f/9540:libudev:0:/dev/bus/usb/002/004 (lun: 0)
00000013 [140126198945536] -> 000000 63 00 00 00 00 00 08 00 00 00
00043796 [140126198945536] <- 000000 81 00 00 00 00 00 08 01 00 01
00000041 [140126198945536] eventhandler.c:482:EHStatusHandlerThread() powerState: POWER_STATE_UNPOWERED
00000015 [140126198945536] ifdhandler.c:1821:IFDHICCPresence() usb:058f/9540:libudev:0:/dev/bus/usb/002/004 (lun: 0)
00000014 [140126198945536] -> 000000 65 00 00 00 00 00 09 00 00 00
00005919 [140126198945536] <- 000000 81 00 00 00 00 00 09 01 00 01
00000034 [140126198945536] ifdhandler.c:1942:IFDHICCPresence() Card present
00000013 [140126198945536] ifdhandler.c:310:IFDHPolling() usb:058f/9540:libudev:0:/dev/bus/usb/002/004 (lun: 0) 600000 ms
00000012 [140126198945536] ccid_usb.c:1306:InterruptRead() before (0)

[LudovicRousseau]

You log indicates everything works fine.
You get the ATR of the card so all components are working https://smartcard-atr.apdu.fr/parse?ATR=3B67000000000000009000

You can ignore the 2 "error" messages in the first log extract.

So no problem to fix here. Execution is nominal :-)

[bramevo]

Was able to get it working in a docker container.
Docker needs to run the service before executing smartcard reader code.

And during the run, you need to pass USB device. In my case:
--device=/dev/bus/usb/002/004

[davnig]

@bramevo could you share the Dockerfile you've used?