Open MagicFab opened 6 years ago
metsma
commented
6 years ago Firefox 57 does not provide alternative to load PKCS11 modules with WebExtensions It will come with FF 58 https://bugzilla.mozilla.org/show_bug.cgi?id=1357391 and is implemented here https://github.com/open-eid/firefox-pkcs11-loader/pull/6. Signing is not affected by this change.
explit7
commented
6 years ago I have Debian 10 (Sid atm.) It would be very good, if it could be supported
MagicFab
commented
6 years ago Firefox is now at version 59, but is only available when installed manually in Debian.
@explit7 Debian 10 is the current "testing" release, it will include Firefox 59 but not before ~May 2019. It could be a good plan to target that for proper support of Open-EID installation, maunal installation of FF59 in Debian 9 could be an alternative.
MagicFab
commented
5 years ago The last release as of last month has been reported broken (see #36) with several important bugs, it targets Ubuntu 16.04 (LTS), 18.04 (LTS) (64bit), 18.10, Chrome or Firefox (no mention of versions)
ID-software version: 18.12, DigiDoc4 client version: 4.2.0.43, released 03.12.2018
Debian Stable now has support for Firefox-ESR (60.4 as of today), no need for backports or external sources.
According to information at https://www.ria.ee/en/state-information-system/eid/digidoc-software.html :
Installation of DigiDoc software
The following will be installed into your computer during the installation of the DigiDoc software:
ID-card application DigiDoc4 Client, timestamping application TeRa.
In 2018, DigiDoc4, the new ID-card software that combines the former three applications in one utility, was taken into use. This means that only one application will be installed into your computer during the installation of the software. As of June 2018, DigiDoc3 will automatically update into DigiDoc4.
zsoltsandor
commented
4 years ago I revisit this issue, because I am considering joining the e-Estonians.
I am using Kali, which is obviously not the most common Debian derivative, but supporting Testing, or at least Sid would also mean support for Parrot OS and PureOS Byzantium.
Using the candidate/sid repo for the Belgian eID provides the same version as what is currently available for Ubuntu 20.04, and installs without an issue: deb https://files.eid.belgium.be/debian/ candidate/sid main
Estonian eID repos for Ubuntu versions don't seem to work properly. The middleware package gets broken, and open-eid metapackage breaks too.
kali-gandaki
commented
3 years ago Hi, I came up this issue as repo for ubuntu hirsute/focal won't install in debian 11. So I spent this morning packaging for my own use. I hosted it in OBS. If you need it add the following location in sources.list. deb [signed-by=/usr/share/keyrings/my_obs.gpg] https://download.opensuse.org/repositories/home:/sapanaryal:/openeid/Debian_11/ ./ Don't forget to download release.key file from above mentioned link, convert it to gpg file and add it in /usr/share/keyrings.
Install it by apt-get update && apt-get install open-eid
maltfield
commented
2 years ago +1 Please add Debian 11 support.
If you support Debian, then you'll not only support Ubuntu (a downstream derivitative of Debian), but you'll also support countless other downstream derivatives of Debian.
Why not implement it at the source to support more people with the same effort? Please support Debian 11.
teadur
commented
2 years ago +1 for Debian 11 support
hanna142x
commented
2 years ago Debian 11 bullseye ships with libxalan-c112, but focal open-eid install wants libxalan-c111 (focal is closest to bullseye).
Fix is to download libxalan-c111 from buster (Debian 10) repo (https://packages.debian.org/buster/amd64/libxalan-c111/download) and install it manually using sudo dpkg -i <package name>
Then edit install-open-eid.sh after buster section add:
bullseye)
add_repository focal
;;After that install-open-eid.sh installs everything needed without a problem. ... and the most important, both Digidoc4 Client and authentication in web using the ID-card works.
teadur
commented
2 years ago Debian 11 bullseye ships with libxalan-c112, but focal open-eid install wants libxalan-c111 (focal is closest to bullseye). Fix is to download libxalan-c111 from buster (Debian 10) repo (https://packages.debian.org/buster/amd64/libxalan-c111/download) and install it manually using
sudo dpkg -i <package name>Then edit install-open-eid.sh after buster section add:
bullseye) add_repository focal ;;After that install-open-eid.sh installs everything needed without a problem. ... and the most important, both Digidoc4 Client and authentication in web using the ID-card works.
@metsma would pull request doing that be accepted to installer ?
AlexDaniel
commented
2 years ago @teadur Ubuntu packages can no longer be installed in debian because debian's dpkg does not support zstd. See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892664.
maltfield
commented
2 years ago Actually, I think we should update this request from "Support Debian" to "Change support from Ubuntu to Debian". Support for open-eid in Ubuntu is already broken. Supporting Debian would require less work and provide support for more users. See also:
Ubuntu 22.04 is moving away deb packaged Firefox (to snap) and this has other set problems (Sandbox does not allow to communicate with native messaging host and there is currently no workaround, except to install official Firefox/Chrome binary)
Oh man, you're right. When I saw that firefox switched from deb to snap I decided to stop recommending Ubuntu and recommend Mint instead.
snap is a cancer closed-wall garden created by Canonical, and a lot of people are leaving Ubuntu because of this. I highly, highly recommend supporting Debian instead of Ubuntu; you'll support more users, especially as everyone leaves Ubuntu for more libre distros.
Is "supporting Ubuntu only" RIK's requirement? Can it be changed through an enumeration of:
I think a very strong argument can be made that switching support of open-eid from Ubuntu to Debian would
mrts
commented
2 years ago Web eID unofficially supports Debian now (by including Firefox extension XPI), see https://github.com/web-eid/web-eid-app/pull/215.
kristelmerilain
commented
2 years ago We added c111 package into our repo so now you should be able to install ID-software on Debian 11 with install script.
If you use Firefox on Debian then you have to install Web eID extension from Firefox Add-on Store: https://addons.mozilla.org/en-US/firefox/addon/web-eid-webextension/ This will be fixed in the next ID-software release.
Jalakas
commented
1 year ago Ubuntu 21.10 switched on compressing Debian packages with Zstd. [1] Debian is still not supporting Zstd compression. [2] So packages built from 21.10 on are not usable in Debian.
One solution would be [3] adding this build rule into "debian/rules":
override_dh_builddeb: dh_builddeb -- -Zgzip
pauljamesharper
commented
1 year ago I can report I am on Debian 12 Bookworm which is the latest stable version and I can connect to the Estonia E-Residency site with the ID, I used the install script and in added Ubuntu Kinetic to the sources.list.d:
deb [signed-by=/usr/share/keyrings/ria-repository.gpg] https://installer.id.ee/media/ubuntu/ kinetic main
OS: Debian GNU/Linux 12 (bookworm) x86_64
ThinkPad X1 Carbon Gen 1
Kernel: 6.1.0-10-amd64
Arszilla
commented
1 year ago In my testing, using focal (i.e. the same as bullseye) works for Kali Linux. Thus the script can be modified to the following:
case $distro in
debian|kali)
make_warn "Debian is not officially supported"
echo "### Installing possibly missing https support for APT (apt install apt-transport-https)"
# Debian lacks https support for apt, by default
sudo apt install apt-transport-https
case "$codename" in
bullseye|kali-rolling)
make_warn "Debian $codename is not officially supported"
make_warn "Installing from ubuntu-focal repository"
add_repository focal
;;
bookworm)
make_warn "Debian $codename is not officially supported"
make_warn "Installing from ubuntu-kinetic repository"
add_repository kinetic
;;
*)
make_fail "Debian $codename is not officially supported"
;;
esac
;;However, as per open-eid/DigiDoc4-Client#1215, there's a Segmentation Fault occurring in DigiDoc4 client. Not sure what's the cause of this, as the packages used by open-eid are coming from Debian upstream, not from Kali themselves.
However, a few packages are missing, but can be downloaded and installed via Debian's online repository:
Arszilla
commented
10 months ago Update to my previous reply: The aforementioned Debian packages are not needed anymore. With https://github.com/open-eid/linux-installer/pull/120, Kali Linux should work. However, I must address that the use of Ubuntu repositories in Debian and its derivates (such as Kali Linux or Parrot OS) is a big problem, as the use of Ubuntu repositories could break apt in the future.
I highly advise the creation of a Debian-specific repository to allow Debian users to use DigiDoc4/open-eid without worrying if this will break their apt in the future.
eluuk
commented
6 months ago I've used my ID card on Debian for years but signing in browsers (i.e. open-eid and web-eid) has stopped working since the new ID software was released in April 2024 (DigiDoc4, i.e. qdigidoc4 works). The browsers are chromium and firefox-esr and it would suffice if it worked in one of them. I upgraded from buster to bullseye, run the install script, installed browser extensions and it's still not working
I'm investigating this issue further, would appreciate any advice and have some specific questions:
libxalan-c112 and libxalan-c111 installed. Should I remove one of them (and which one)?metsma
commented
6 months ago Chromium browser is not supported at this version, you can try use Chrome or modify system by hand (https://github.com/web-eid/web-eid-app/pull/324). Firefox-esr should be working.
eluuk
commented
6 months ago More precisely, the errors are as follows:
On seb.ee:
Chromium: error on PIN2:
allkirjastamine ebaõnnestus. palun sulgege kõik veebilehitseja aknad ja sisenege uuesti internetipanka. vea kordumisel kontrollige, kas veebilehitseja allkirjastamise mooduli kasutamine on lubatud. juhised leiate veebilehelt id.ee > abikeskus
FF ESR: error on primary authentication (kasutajatunnus before PIN1):
ID-kaardiga sisenemine ebaõnnestus. Palun veenduge, et ID-kaart on korrektselt lugejas. Sulgege kõik brauseri aknad ja proovige seejärel uuesti.
On eesti.ee:
Chromium: error on PIN1:
Kasutaja tuvastamine ebaõnnestus. Palun uuendage ID-tarkvara id.ee veebilehelt ja järgige seal kirjeldatud veebibrauseri seadistamise juhiseid. Uuendamata ID-tarkvaraga ei ole võimalik ID-kaardiga sisse logida Riigi autentimisteenuse kaudu.
FF ESR: PIN1 works (no PIN2 authentication there)
mrts
commented
4 months ago Chromium support will come in https://github.com/web-eid/web-eid-app/pull/324.
edmundlaugasson
commented
4 months ago Different Linux distro support are listed here https://github.com/open-eid/linux-installer/wiki/Linux-Packages Sounds like lines 134-155 add some Debian support in main script. As ID-card software requires Internet connectivity anyway, a distro-agnostic solution could be fully in browser working software. Web eID is already as web browser extension, why not also DigiDoc. Web eID can communicate with smart card readers. Even better solution would be DigiDoc as web application like earlier times was DigiDoc portal, now Dokobit - sold to Lithuanian company... Actually Estonia as a e-country and for e-residents desperately needs a web DigiDoc portal owned by Estonian government (never sold) and web-based DigiDoc software is key pillar of that portal. Actually, a Flatpak version of DigiDoc is also available, would be interesting to hear, how it works.
edmundlaugasson
commented
4 months ago Chromium support will come in web-eid/web-eid-app#324.
Still in Linux Mint the Chromium support does not work at all - tested in last three versions of Linux Mint (20, 21, 22). Only official Google Chrome works with web-eid extension. Linux Mint is closely based on officially supported Ubuntu LTS and therefore is quite weird, that web-eid does not work at all in Chromium At the same time in EndeavourOS the Chromium support works fine. EndeavourOS is closely Arch Linux based, which is very unofficial but works fine.
metsma
commented
3 months ago Chromium support will come in web-eid/web-eid-app#324.
Still in Linux Mint the Chromium support does not work at all - tested in last three versions of Linux Mint (20, 21, 22). Only official Google Chrome works with web-eid extension. Linux Mint is closely based on officially supported Ubuntu LTS and therefore is quite weird, that web-eid does not work at all in Chromium At the same time in EndeavourOS the Chromium support works fine. EndeavourOS is closely Arch Linux based, which is very unofficial but works fine.
Chromium and Chrome do not share same config paths. https://developer.chrome.com/docs/extensions/develop/concepts/native-messaging Linux (system-wide)
https://developer.chrome.com/docs/extensions/how-to/distribute/install-extensions#preference-linux Place it in one of the following folders:
I previously requested support for Debian Jessie installation (see #3 ).
I'd like to reiterate my request this time to cover Debian and following its releases. Supporting Debian would mean support for all its derivatives would be available, including Devuan, Trisquel and Ubuntu just to name a few.
Ubuntu's default desktop environment in Ubuntu 18.04 LTS will be GNOME again, the same as Debian's (now released, since 2018-04), so this would be a good time to target that. It means desktop support and documentation will be easier to implement and maintain as they should be very close going forward.
Special attention has to be paid to the browser choice (see #14), but Debian and other distributions should carry Firefox ESR for some more time (at least June 2018 or by next ESR release). The official release date for ESR-59 should be in march 2018, meaning it would be available from official packages in Debian around June 2018, typically earlier in Ubuntu. Manual installation is possible and rather easy, it's possible to keep an existing Firefox version with a more recent manually-installed one.
Since Firefox 57 came out (2017-11) many extensions stopped working as XUL is not supported anymore for their development. I believe this also means Open-EID stopped working for anyone that upgraded (see https://github.com/open-eid/linux-installer/issues/14#issuecomment-350740053 ), I am not certain. This means Firefox 57 and up should be targeted for proper support.
The Debian Backports repository for the current Debian stable version (Debian 9) could be an option to check which packages more recent version can be used to remain as close as possible to a supported Debian install by using package repositories instead of manual installation or compilation which can break Debian.