In "Debug a smart card application on Yosemite" we have seen how Apple provides a way to get the ATR and exchanged APDU from the com.apple.ifdreader process (new on Yosemite).
syslog(3)In some cases you need more than just ATR and APDU. That is why my CCID driver also uses
syslog()to log debug messages.
According to syslog(3) manual page
void syslog(int priority, const char *message, ...);
priorityparameter is used to tell if the syslog message is important or not. For example messages of level
LOG_EMERGare "A panic condition. This is normally broadcast to all users."
You can use the syslog(1) command line tool to log a message. To log an emergency message just do:
$ syslog -s -l 0 Read https://blog.apdu.fr/
-sto send a message
-l 0to use level 0 i.e. Emergency
You should see a message broadcasted in every Terminal console and a message in /var/log/system.log. You can use the Console application to read the /var/log/system.log file.
By default messages with level Info (6) or Debug (7) are just ignored.
Logging low level messagesTo log messages of level Info and Debug from the CCID driver you need to tell syslog to accept them. We could change the global configuration to accept debug messages from every running process but that may generate a lot of noise. Each process has its own syslog filter. We will use that feature instead.
First step is to get the process identification (PID) of the com.apple.ifdreader process. I use something like:
$ ps -Aww | grep com.apple.ifdreader 28775 ?? 0:00.74 /System/Library/CryptoTokenKit/com.apple.ifdreader.slotd/Contents/MacOS/com.apple.ifdreader 28803 ttys000 0:00.00 grep com.apple.ifdreader
In my case the PID is 28775.
You can see the syslog filter for the process using:
$ syslog -c 28775 Process 28775 syslog filter mask: Off
Change the filter using:
$ sudo syslog -c 28775 -d
-dindicates: set the filter level to cause to log messages from Emergency up to Debug.
And verify the filter has changed:
$ syslog -c 28775 Process 28775 syslog filter mask: Emergency - Debug
Displaying logsYou can use the Console application to display the logs.
You can also use a command line program with:
$ syslog -w -k Sender com.apple.ifdreaderThis will continuously display the log messages from com.apple.ifdreader as they are generated by the driver.
ConclusionApple removed the ability to run pcscd in foreground mode from the console on Yosemite because pcscd has been replaced by something different (See "OS X Yosemite and smart cards status").
As we have seen in this article it is still possible to log messages from a smart card reader driver. Using
syslogmay even be easier to use than restarting the pcscd process.