Add polkit rules to allow sigul user to access smartcard/yubikey for autosign binding.

roles/sigul/server/files/00-sigul.rules

@@ -0,0 +1,12 @@
+polkit.addRule(function(action, subject) {
+    if (action.id == "org.debian.pcsc-lite.access_pcsc" &&
+        subject.user == "sigul") {
+            return polkit.Result.YES;
+    }
+});
+
+polkit.addRule(function(action, subject) {
+    if (action.id == "org.debian.pcsc-lite.access_card" &&
+        subject.user == "sigul") {
+            return polkit.Result.YES;    }
+});

roles/sigul/server/tasks/main.yml

@@ -50,3 +50,8 @@
 - name: Setup gpg link on rhel7
   file: state=link src=/usr/bin/gpg1 dest=/usr/bin/gpg
   when: ansible_distribution_major_version|int == 7
+
+- name: add polkit rules to allow sigul user to access the smartcard/yubikey
+  file: src=00-sigul.rules dest=/etc/polkit-1/rules.d/00-sigul.rules
+  tags:
+  - config