Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/sys-auth/fingerprint-gui
diff options
context:
space:
mode:
Diffstat (limited to 'sys-auth/fingerprint-gui')
-rw-r--r--sys-auth/fingerprint-gui/Manifest6
-rw-r--r--sys-auth/fingerprint-gui/files/Install-step-by-step.html699
-rw-r--r--sys-auth/fingerprint-gui/fingerprint-gui-1.00.ebuild60
-rw-r--r--sys-auth/fingerprint-gui/fingerprint-gui-1.04.ebuild60
-rw-r--r--sys-auth/fingerprint-gui/metadata.xml11
5 files changed, 0 insertions, 836 deletions
diff --git a/sys-auth/fingerprint-gui/Manifest b/sys-auth/fingerprint-gui/Manifest
deleted file mode 100644
index c41eb11..0000000
--- a/sys-auth/fingerprint-gui/Manifest
+++ /dev/null
@@ -1,6 +0,0 @@
-AUX Install-step-by-step.html 35402 RMD160 71621422c155aa56bcb437020c98983ec81e1f40 SHA1 dbaf46767ed8a8c14609985dd6d1960324a3d9e3 SHA256 fc655877434ba04d449a31e91a6335adbf99f0fdc7f19936cf327eadc5890790
-DIST fingerprint-gui-1.00.tar.gz 3781064 RMD160 0dd6857c3e3c6b800fe104cd468bb1eb0cc7aa6e SHA1 048d93f618212069475c211f4f4dd133d5677adb SHA256 4d826156e553076f6d7817c4a347ab955e81c44c355ec10b7ab2d3d7732136f5
-DIST fingerprint-gui-1.04.tar.gz 3801451 RMD160 1e0481cd0762eae7474e1fab25f8ff35af224ecc SHA1 1f7f003ff8947d9c15fe8ab0f8359de13266d4b0 SHA256 f83541429e563d35f5e4caea979d22b1f4662f41b76e45776d9d7e6eb0eda35d
-EBUILD fingerprint-gui-1.00.ebuild 1648 RMD160 fcae3f702401f26a931c51be3db4c7d95a0a5c59 SHA1 6d3ddffdbeb0169e43cc941408e17c7b3c272673 SHA256 29c6f07e94e37eb0b4b34086189a6d7605b04410c36cb15146ca30a4e6903f8f
-EBUILD fingerprint-gui-1.04.ebuild 1663 RMD160 c2adb32eeb545fa88f45d8301df8b53ff1b118d2 SHA1 0c223ada9de43fb08a558d56a7fe65000f8efb36 SHA256 c7676e073b4e59ad59a5c043e2186d30ed2c69faaff79818f9a67e58b86c7b48
-MISC metadata.xml 305 RMD160 0e2bc7aa8dedc1916ae840e37cfb177c73f4cc31 SHA1 e7d4eb6a6066963bceee6239d6bdb9e48307d469 SHA256 5c367fe28d84c2472c9baf54cee605f70123c52f672dd1ffb9c97135bdaf6b6d
diff --git a/sys-auth/fingerprint-gui/files/Install-step-by-step.html b/sys-auth/fingerprint-gui/files/Install-step-by-step.html
deleted file mode 100644
index 240f49e..0000000
--- a/sys-auth/fingerprint-gui/files/Install-step-by-step.html
+++ /dev/null
@@ -1,699 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
-<HTML>
-<HEAD>
- <META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html; charset=utf-8">
- <TITLE></TITLE>
- <META NAME="GENERATOR" CONTENT="OpenOffice.org 3.2 (Unix)">
- <META NAME="AUTHOR" CONTENT="Wolfgang Ullrich">
- <META NAME="CREATED" CONTENT="20081021;15191700">
- <META NAME="CHANGEDBY" CONTENT="Wolfgang Ullrich">
- <META NAME="CHANGED" CONTENT="20100819;20523800">
- <META NAME="Info 1" CONTENT="">
- <META NAME="Info 2" CONTENT="">
- <META NAME="Info 3" CONTENT="">
- <META NAME="Info 4" CONTENT="">
- <STYLE TYPE="text/css">
- <!--
- @page { margin: 2cm }
- P { margin-bottom: 0.21cm; page-break-before: auto }
- P.cjk { font-size: 10pt }
- H1 { margin-bottom: 0.21cm; page-break-before: auto }
- H1.western { font-family: "Arial", sans-serif; font-size: 16pt }
- H1.cjk { font-family: "DejaVu Sans"; font-size: 16pt }
- H1.ctl { font-family: "DejaVu Sans"; font-size: 16pt }
- H2 { margin-bottom: 0.21cm; page-break-before: auto }
- H2.western { font-family: "Arial", sans-serif; font-size: 14pt; font-style: italic }
- H2.cjk { font-size: 14pt; font-style: italic }
- H2.ctl { font-size: 14pt; font-style: italic }
- H3 { margin-bottom: 0.21cm; page-break-before: auto }
- H3.western { font-family: "Arial", sans-serif }
- A.western:visited { so-language: en-US }
- A.cjk:visited { so-language: zxx }
- A.ctl:visited { so-language: zxx }
- -->
- </STYLE>
-</HEAD>
-<BODY LANG="en-US" DIR="LTR">
-<P ALIGN=CENTER STYLE="margin-top: 0.42cm; page-break-after: avoid"><FONT FACE="Arial, sans-serif"><FONT SIZE=4><B>Installing
-Step by Step</B></FONT></FONT></P>
-<P CLASS="western" ALIGN=CENTER><FONT SIZE=2>(Version 0.15)</FONT></P>
-<DIV ID="Inhaltsverzeichnis1" DIR="LTR">
- <DIV ID="Inhaltsverzeichnis1_Head" DIR="LTR">
- <P STYLE="margin-top: 0.42cm; page-break-after: avoid"><FONT FACE="Arial, sans-serif"><FONT SIZE=4 STYLE="font-size: 16pt"><B>Contents</B></FONT></FONT></P>
- </DIV>
- <P STYLE="margin-bottom: 0cm"> 1 Installing Executables and
- Libraries 2</P>
- <P STYLE="margin-left: 0.5cm; margin-bottom: 0cm"> 1.1 Installing
- required Libraries 2</P>
- <P STYLE="margin-left: 0.5cm; margin-bottom: 0cm"> 1.2 Installing
- executables 2</P>
- <P STYLE="margin-left: 0.5cm; margin-bottom: 0cm"> 1.3 Creating a
- “plugdev” group 3</P>
- <P STYLE="margin-left: 0.5cm; margin-bottom: 0cm"> 1.4 Uninstalling
- other Fingerprint Solutions 3</P>
- <P STYLE="margin-left: 0.5cm; margin-bottom: 0cm"> 1.5 Special
- preparations for Lubuntu 3</P>
- <P STYLE="margin-bottom: 0cm"> 2 Acquiring Fingerprints 3</P>
- <P STYLE="margin-bottom: 0cm"> 3 Setting up Fingerprint
- Authentication 3</P>
- <P STYLE="margin-left: 0.5cm; margin-bottom: 0cm"> 3.1 Configuring
- “su” 4</P>
- <P STYLE="margin-left: 0.5cm; margin-bottom: 0cm"> 3.2 Configuring
- “login” 5</P>
- <P STYLE="margin-left: 0.5cm; margin-bottom: 0cm"> 3.3 Configuring
- “sudo” 5</P>
- <P STYLE="margin-left: 0.5cm; margin-bottom: 0cm"> 3.4 Configuring
- “gdm” 5</P>
- <P STYLE="margin-left: 0.5cm; margin-bottom: 0cm"> 3.5 Configuring
- “gnome-screensaver” 6</P>
- <P STYLE="margin-bottom: 0cm"> 4 Exporting Fingerprint Data and
- Testing PAM Settings 6</P>
- <P STYLE="margin-bottom: 0cm"> 5 Password Store 6</P>
- <P STYLE="margin-bottom: 0cm"> 6 Troubleshooting 8</P>
- <P STYLE="margin-left: 0.5cm; margin-bottom: 0cm"> 6.1 Gdm Greeter
- doesn't show the Fingerprint GUI Widget or needs a long time (up to
- 20 seconds) to show it 8</P>
- <P STYLE="margin-left: 0.5cm; margin-bottom: 0cm"> 6.2
- Fingerprint-gui Error “Could not open fingerprint device” 8</P>
- <P STYLE="margin-left: 0.5cm; margin-bottom: 0cm"> 6.3 Login on a
- secure tty hangs with “OK” Message 8</P>
- <P STYLE="margin-left: 0.5cm; margin-bottom: 0cm"> 6.4 You have a
- fingerprint device from UPEK/SGS Thomson and get some “ABSOpen()
- failed...” error message in /var/log/auth.log 8</P>
- <P STYLE="margin-left: 0.5cm; margin-bottom: 0cm"> 6.5 Password can
- not be saved to removable media 8</P>
- <P STYLE="margin-bottom: 0cm"> 7 Known Limitations 9</P>
- <P STYLE="margin-left: 0.5cm; margin-bottom: 0cm"> 7.1 Applications
- that don't use PAM for prompting a password 9</P>
- <P STYLE="margin-left: 0.5cm; margin-bottom: 0cm"> 7.2 Missing
- XAUTHORITY environment variable 9</P>
- <P STYLE="margin-left: 0.5cm; margin-bottom: 0cm"> 7.3 Other Linux
- distributions 9</P>
- <P STYLE="margin-left: 1cm; margin-bottom: 0cm">Debian 4.0 9</P>
- <P STYLE="margin-left: 1cm; margin-bottom: 0cm">SuSE 11.1 (gnome
- edition) 9</P>
- <P STYLE="margin-left: 1cm; margin-bottom: 0cm">Slackware 9</P>
-</DIV>
-<P CLASS="western" ALIGN=CENTER><BR><BR>
-</P>
-<P CLASS="western"><BR><BR>
-</P>
-<P CLASS="western" STYLE="page-break-before: always">This HowTo
-describes the installation and setup of the “Fingerprint GUI”
-project. It was tested on <I><U>Ubuntu 8.04, 8.10, 9.04, 9.10 and
-10.04 Desktop</U></I>, <I><U>Lubuntu 10.04</U></I> and <I><U>Fedora
-10 and 12</U></I> (32bit versions) and <I><U>Ubuntu 8.10 9.04 and
-10.04 Desktop</U></I> (64bit version) each new installed with default
-settings. It is applicable for GDM/Gnome desktop systems only and <B>can
-</B><U><B>not</B></U><B> be used as a HowTo for KDE systems</B>. It
-should show the principles of installing and configuring the system
-and provide enough information needed for deployment in other Linux
-distributions. In the chapter <B>&quot;Other Linux distributions&quot;</B>,
-my experiences with these distributions are described. I didn't have
-the time to solve all those problems. That should be the
-responsibility of the distributors or of experienced users. Please
-contact me if you have the system installed properly to such a
-distribution or if you experience a bug.</P>
-<OL>
- <LI><H1 CLASS="western">Installing Executables and Libraries</H1>
-</OL>
-<P CLASS="western">After downloading the
-“fingerprint-gui-x.y-&lt;arch&gt;.tar.gz” package please unpack
-it into some directory (<FONT FACE="Courier 10 Pitch"><FONT SIZE=2>tar
--xzf fingerprint-gui-x.y-&lt;arch&gt;.tar.gz</FONT></FONT>). Then
-change to this directory and become “root”. The command for
-installation is “<FONT FACE="Courier 10 Pitch"><FONT SIZE=2>./install.sh
-[--uninstall]</FONT></FONT>”. If you have a device from UPEK Inc.
-or SGS Thomson you will need the proprietary driver library
-“libbsapi.so” from UPEK Inc. In this case you will be prompted
-for installing this library. If you chose “Yes” the “libbsapi.so”
-file (for your architecture) will be copied to “/usr/lib/” and
-“ldconfig” will be called then. If you have a device from other
-vendors you will not be prompted for installing “libbsapi.so”.
-Please have a look at the libfprint homepage
-(<A CLASS="western" HREF="http://reactivated.net/fprint/wiki/Main_Page">http://reactivated.net/fprint/wiki/Main_Page</A>)
-for a list of supported devices.
-</P>
-<OL>
- <OL>
- <LI><H2 CLASS="western">Installing required Libraries</H2>
- </OL>
-</OL>
-<P CLASS="western">When executing “./install.sh” as root it will
-probably print a list of missing libraries. Use your package manager
-to install the required packages and their dependencies. Below is a
-list of packages to install:</P>
-<P CLASS="western"><U>Ubuntu 10.04 Desktop:</U></P>
-<UL>
- <LI><P CLASS="western">libfakekey0
- </P>
- <LI><P CLASS="western">libfprint0 (<U><B>IMPORTANT</B></U>: Since
- version 0.14 fingerprint-gui requires libfprint0 version
- 0.1.0~pre2-1 that is <U>not</U> part of the Ubuntu repository yet.
- Please install this version from
- <A CLASS="western" HREF="https://launchpad.net/~fingerprint/+archive/fprint">https://launchpad.net/~fingerprint/+archive/fprint</A>
- .</P>
- <LI><P CLASS="western">libqca2</P>
- <LI><P CLASS="western">libqca2-plugin-ossl</P>
- <LI><P CLASS="western">libqt4-xml</P>
-</UL>
-<P CLASS="western"><U>Fedora 12:</U></P>
-<UL>
- <LI><P CLASS="western">libfakekey-0.1.3
- </P>
- <LI><P CLASS="western">libfprint-0.1.0-14.pre2</P>
- <LI><P CLASS="western">qt-x11-1:4.6.2-16</P>
- <LI><P CLASS="western">qca2-2.0.2-2
- </P>
-</UL>
-<UL>
- <LI><P CLASS="western">qca-ossl-2.0.0-0.8.beta3</P>
-</UL>
-<OL>
- <OL START=2>
- <LI><H2 CLASS="western">Installing executables</H2>
- </OL>
-</OL>
-<P CLASS="western">If all required libraries are installed the
-“./install.sh” script will copy the executables and some other
-files to the following locations:</P>
-<UL>
- <LI><P CLASS="western">“fingerprint-gui” and
- “fingerprint-identifier” to /usr/local/bin/,</P>
- <LI><P CLASS="western">“fingerprint-suid”, “fingerprint-helper”
- and “fingerprint-plugin” to /usr/local/lib/fingerprint-gui/,</P>
- <LI><P CLASS="western">A “Fingerprint GUI” entry in the “System
- Settings” menu,</P>
- <LI><P CLASS="western">The plugin “pam_fingerprint-gui.so” to
- /lib/security/ (/lib64/security/ in Fedora 64bit),</P>
- <LI><P CLASS="western">In case of a detected device from UPEK Inc.
- or SGS Thomson your choice of “Yes” to the appropriate prompt
- the library “libbsapi.so” to “/usr/lib”, a configuration
- file “upek.cfg” to “/etc”, an udev-rules file
- “91-fingerprint-gui-upek.rules” to “/etc/udev/rules.d” and
- create a directory “/var/upek_data”.</P>
-</UL>
-<OL>
- <OL START=3>
- <LI><H2 CLASS="western">Creating a “plugdev” group</H2>
- </OL>
-</OL>
-<P CLASS="western">While installation <SPAN STYLE="background: transparent">the</SPAN>
- “./install.sh” script will check your “/etc/group” file for
-the existence of a group named “plugdev”. If it doesn't exist
-you'll get a warning. In this case please create this group and make
-all desktop users being members of this group or make sure all users
-have r/w access to the fingerprint scanner device by a proper setup
-of your “udev” configuration.</P>
-<OL>
- <OL START=4>
- <LI><H2 CLASS="western">Uninstalling other Fingerprint Solutions</H2>
- </OL>
-</OL>
-<P CLASS="western">Because fingerprint-gui can conflict with other
-fingerprint PAM modules these must be uninstalled. Please make sure
-there is no “libpam-fprint”, “libpam-fprintd” or
-”libpam-thinkfinger” installed.</P>
-<P CLASS="western"><U><B>IMPORTANT:</B></U> On Fedora 12 you need to
-<U>uninstall</U> “gdm-plugin-fingerprint” and disable the
-fingerprint authentication in “system | administration |
-authentication”.</P>
-<OL>
- <OL START=5>
- <LI><H2 CLASS="western">Special preparations for Lubuntu</H2>
- </OL>
-</OL>
-<P CLASS="western">The default display manager (lxdm) of Lubuntu
-doesn't work with fingerprint login. Please install “gdm” and
-make it the default display manager. If you want to use the default
-screensaver (xscreensaver) of Lubuntu please change settings of file
-“/etc/pam.d/xscreensaver” instead of
-“/etc/pam.d/gnome-screensaver” below. The setup for an embedded
-keyboard command is <U>not</U> required in this case.</P>
-<OL START=2>
- <LI><H1 CLASS="western" STYLE="page-break-after: avoid"><FONT FACE="Arial, sans-serif">Acquiring
- Fingerprints</FONT></H1>
-</OL>
-<P CLASS="western">Now you should be able to call “fingerprint-gui”
-from the command line or use the “Fingerprint GUI” entry in the
-“System Settings” menu. Acquiring fingerprints should be
-self-explanatory in the “fingerprint-gui” program. Your
-fingerprints are stored in a
-“/var/lib/fingerprint-gui/&lt;your_username&gt;/” directory,
-where only you have access to. If you give the “--debug” argument
-to “fingerprint-gui” a lot of debug output is given to syslog (or
-/var/log/auth.log).</P>
-<P CLASS="western">After some users have registered their
-fingerprints you can test the fingerprint identification by calling
-“fingerprint-identifier” <U>as root</U> (execute “sudo
-fingerprint.identifier –debug”). This application can identify
-your users and print their login names to stdout.</P>
-<OL START=3>
- <LI><H1 CLASS="western" STYLE="page-break-after: avoid">Setting up
- Fingerprint Authentication</H1>
-</OL>
-<P CLASS="western">You need root permissions to make changes to your
-PAM configuration. First of all make a copy of your
-“/etc/pam.d/common-auth” file and name it
-“/etc/pam.d/common-auth.fingerprint”. Edit this file like
-follows:</P>
-<UL>
- <LI><P CLASS="western">insert a line <FONT FACE="Courier New, monospace"><FONT SIZE=2><SPAN STYLE="text-decoration: none">“auth
- sufficient pam_fingerprint-gui.so --debug”</SPAN></FONT></FONT>
- <B>as the first </B><B>line</B>;</P>
- <LI><P CLASS="western">find the line containing “pam_unix.so”
- and add the argument “try_first_pass” to the call of
- “pam_unix.so”;</P>
-</UL>
-<P CLASS="western">The distributions differ slightly with regard to
-the filenames and their contents:</P>
-<P CLASS="western"><U>Ubuntu 10.04 Desktop:</U></P>
-<P CLASS="western">“/etc/pam.d/common-auth.fingerprint” is a copy
-of “/etc/pam.d/common-auth”. The changed lines in question read:</P>
-<P CLASS="western" STYLE="text-decoration: none">“<FONT FACE="Courier New, monospace"><FONT SIZE=2>auth sufficient pam_fingerprint-gui.so --debug”</FONT></FONT></P>
-<P CLASS="western" STYLE="text-decoration: none">“<FONT FACE="Courier New, monospace"><FONT SIZE=2>auth [success=1
-default=ignore] pam_unix.so try_first_pass nullok_secure”</FONT></FONT></P>
-<P CLASS="western"><U>Fedora 12:</U></P>
-<P CLASS="western">“/etc/pam.d/common-auth.fingerprint” is a copy
-of “/etc/pam.d/system-auth-ac”. The changed lines in question
-read:</P>
-<P CLASS="western" STYLE="text-decoration: none">“<FONT FACE="Courier New, monospace"><FONT SIZE=2>auth sufficient pam_fingerprint-gui.so
---debug”</FONT></FONT></P>
-<P CLASS="western" STYLE="text-decoration: none">“<FONT FACE="Courier New, monospace"><FONT SIZE=2>auth sufficient pam_unix.so
-nullok try_first_pass”</FONT></FONT></P>
-<P CLASS="western">If you're finished setting up your
-“common-auth.fingerprint” file you can setup the services for
-fingerprint authentication now. It is assumed you have at least one
-fingerprint registered for your user account and one for root. Also
-make sure there is set a password for root (sudo passwd root).</P>
-<P CLASS="western">The following settings will change the existing
-reference to “common-auth” (“system-auth” in Fedora) to the
-new “common-auth.fingerprint” for the PAM services.</P>
-<P CLASS="western"><U><B>IMPORTANT NOTE:</B></U><SPAN STYLE="text-decoration: none"><SPAN STYLE="font-weight: normal">
-The following settings can lock access to your system completely if
-</SPAN></SPAN><SPAN STYLE="text-decoration: none"><SPAN STYLE="font-weight: normal">something
-goes wrong. So please open a secure tty (ctrl-alt-F2) and login as
-root there. This way you're able to undo the changes made in
-“/etc/pam.d/”.</SPAN></SPAN></P>
-<OL>
- <OL>
- <LI><H2 CLASS="western">Configuring “su”</H2>
- </OL>
-</OL>
-<P CLASS="western">Edit the file “/etc/pam.d/su” and change the
-line “@include common-auth” to “@include
-common-auth.fingerprint” (on Ubuntu) or “auth include
-system-auth” to “auth include common-auth.fingerprint” (on
-Fedora).</P>
-<OL>
- <OL>
- <P CLASS="western"><U>Ubuntu:</U></P>
- </OL>
-</OL>
-<P CLASS="western" STYLE="margin-left: 1.25cm; margin-bottom: 0cm">...</P>
-<P CLASS="western" STYLE="margin-left: 1.25cm; margin-bottom: 0cm">#@include
-common-auth
-</P>
-<P CLASS="western" STYLE="margin-left: 1.25cm; margin-bottom: 0cm">@include
-common-auth.fingerprint
-</P>
-<P CLASS="western" STYLE="margin-left: 1.25cm; margin-bottom: 0cm">@include
-common-account
-</P>
-<P CLASS="western" STYLE="margin-left: 1.25cm; margin-bottom: 0cm">@include
-common-session
-</P>
-<OL>
- <OL>
- <P CLASS="western" STYLE="margin-bottom: 0cm"></P>
- </OL>
-</OL>
-<P CLASS="western" STYLE="margin-left: 1.25cm"><U>Fedora:</U></P>
-<P CLASS="western" STYLE="margin-left: 1.25cm; margin-bottom: 0cm">...</P>
-<P CLASS="western" STYLE="margin-left: 1.25cm; margin-bottom: 0cm">#auth
- required pam_wheel.so use_uid
-</P>
-<P CLASS="western" STYLE="margin-left: 1.25cm; margin-bottom: 0cm">auth
- include common-auth.fingerprint
-</P>
-<P CLASS="western" STYLE="margin-left: 1.25cm; margin-bottom: 0cm">#auth
- include system-auth
-</P>
-<P CLASS="western" STYLE="margin-left: 1.25cm; margin-bottom: 0cm">account
- sufficient pam_succeed_if.so uid = 0 use_uid quiet</P>
-<P CLASS="western" STYLE="margin-left: 1.25cm; margin-bottom: 0cm">...
-</P>
-<P CLASS="western" STYLE="margin-left: 1.25cm; margin-bottom: 0cm"><BR>
-</P>
-<P CLASS="western">Then open a terminal window and call “su”. A
-password prompt should appear in the terminal <U><B>and</B></U><SPAN STYLE="text-decoration: none"><SPAN STYLE="font-weight: normal">
-the system should open a GUI widget requesting a finger swipe with
-the message “Authenticating </SPAN></SPAN><SPAN STYLE="text-decoration: none"><SPAN STYLE="font-weight: normal">root”
-in it's status bar. If you can become root by swiping the finger
-registered for root it works. You </SPAN></SPAN><SPAN STYLE="text-decoration: none"><SPAN STYLE="font-weight: normal">should
-also be able to become root by ignoring this GUI widget and typing
-root's password at the prompt.</SPAN></SPAN></P>
-<OL>
- <OL START=2>
- <LI><H2 CLASS="western">Configuring “login”</H2>
- </OL>
-</OL>
-<P CLASS="western"><U><B>IMPORTANT:</B></U> On Fedora 12 SELinux
-denies access to the user's fingerprint data in
-“/var/lib/fingerprint-gui/...” while login. Currently I'm not
-able to setup a SELinux policy for fingerprint-gui. If you can be of
-assistance about this please contact me. If not, set your SELinux
-mode to “permissive” at least while testing login.</P>
-<P CLASS="western">Edit the file “/etc/pam.d/login” and change
-the line “@include common-auth” to “@include
-common-auth.fingerprint” (on Ubuntu) or “auth include
-system-auth” to “auth include common-auth.fingerprint” (on
-Fedora). Then change to a secure tty (e.g. ctrl-alt-F3), type the
-username and press enter. The password prompt should appear along
-with a message “Type your password or swipe your finger”. You
-should be able to login with a finger swipe and with typing the
-password as well.</P>
-<OL>
- <OL START=3>
- <LI><H2 CLASS="western">Configuring “sudo”</H2>
- </OL>
-</OL>
-<P CLASS="western">Edit the file “/etc/pam.d/sudo” and change the
-line “@common-auth” to “@common-auth.fingerprint” (on Ubuntu)
-or “auth include system-auth” to “auth include
-common-auth.fingerprint” (on Fedora). Make sure your login name is
-in the sudoers file. Then open a terminal window and call “sudo
-gnome-terminal”. After swiping your finger the gnome-terminal
-should open with root permissions.</P>
-<OL>
- <OL START=4>
- <LI><H2 CLASS="western">Configuring “gdm”</H2>
- </OL>
-</OL>
-<P CLASS="western">In order to be able to login into a desktop
-session you need to configure your gdm (probably with gdmsetup).
-Disable “autologin”, “timed login” and “userlist”. Use
-the command (this is one line!) to disable the userlist:</P>
-<P CLASS="western"><FONT FACE="Courier 10 Pitch"><FONT SIZE=2>sudo
-gconftool-2 --direct --config-source
-xml:readwrite:/etc/gconf/gconf.xml.defaults --type bool --set
-/apps/gdm/simple-greeter/disable_user_list true</FONT></FONT></P>
-<P CLASS="western">Then double check you have a root session on a
-secure tty open (for undoing the changes if something goes wrong).
-</P>
-<P CLASS="western"><U>On Ubuntu</U> edit the file “/etc/pam.d/gdm”
-and change the line “@include common-auth” to “@include
-common-auth.fingerprint”.</P>
-<P CLASS="western"><U>On Kubuntu</U> edit the file “/etc/pam.d/kdm”
-and change the line “@include common-auth” to “@include
-common-auth.fingerprint” and move this line to the beginning of the
-file. Then start “System settings | Advanced&quot; and open the
-“Convenience” tab. Disable “Enable Auto-login” and “Focus
-password” and set “Previous” as the default user for login. You
-can then login with your fingerprint after pressing &lt;enter&gt; in
-the kdm greeter.</P>
-<P CLASS="western"><U>On Fedora</U> edit the file
-“/etc/pam.d/gdm-password” and change the line “auth substack
-system-auth” to “auth substack common-auth.fingerprint”.
-</P>
-<P CLASS="western">If there is a line reading “auth requisite
-pam_nologin.so” <B>comment this line out or remove it</B>. Now
-logout from your gnome session. The gdm greeter should show a login
-prompt <B>and</B> the GUI widget requesting a finger swipe below. You
-should be able to login with fingerprint and with name/password as
-well.</P>
-<OL>
- <OL START=5>
- <LI><H2 CLASS="western">Configuring “gnome-screensaver”</H2>
- </OL>
-</OL>
-<P CLASS="western">Gnome-screensaver needs a plugin to display the
-fingerprint GUI widget to the user while unlocking. To start this
-plugin with the gnome-screensaver-dialog open the gconf-editor, find
-the “apps | gnome-screensaver” entry and <B>enable</B> the
-“embedded_keyboard_enabled” item. Then invoke the string
-“/usr/local/lib/fingerprint-gui/fingerprint-plugin -d” as the
-“/apps/gnome-screensaver/embedded_keyboard_command” and close
-gconf-editor. <B>This step needs to be taken by every user who wants
-to unlock his/her gnome-screensaver by fingerprint on that machine!</B></P>
-<P CLASS="western">Then edit the file “/etc/pam.d/gnome-screensaver”
-change the line “@include common-auth” to “@include
-common-auth.fingerprint” (on Ubuntu) or “auth include
-system-auth” to “auth include common-auth.fingerprint” (on
-Fedora). Double check you have a root session on a secure tty open
-(for undoing the changes if something goes wrong) before testing. You
-can now lock your screen and should be able to unlock it with a
-fingerswipe or with your password.</P>
-<P CLASS="western">For setting up the screensaver in Lubuntu please
-refer to “Special preparations for Lubuntu” above.</P>
-<OL START=4>
- <LI><H1 CLASS="western" STYLE="page-break-after: avoid">Exporting
- Fingerprint Data and Testing PAM Settings</H1>
-</OL>
-<P CLASS="western">With “fingerprint-gui” (“Settings” Tab)
-users can export their fingerprint data (bir files) and test the PAM
-settings of the current machine for proper setup for fingerprint
-authentication.</P>
-<P CLASS="western">With the “Export now” button all data stored
-for this user (in /var/lib/fingerprint-gui/&lt;username&gt;/) are
-exported to a file “Fingerprints.tar.gz” in the user's home
-directory.</P>
-<P CLASS="western">To test for proper PAM settings the “Test”
-button can be used. First chose the PAM service to be tested then
-click the “Test” button. In case of proper settings the
-fingerprint-helper widget will appear and after a finger swipe the
-message “Authentication successful” will appear in the text field
-below. If nothing happens the PAM settings might be invalid. You can
-press &lt;enter&gt; to abort the test in this case.</P>
-<OL START=5>
- <LI><H1 CLASS="western">Password Store</H1>
-</OL>
-<P CLASS="western">There are applications that need a password for
-encrypting or decrypting something on your system. Probably
-gnome-keyring is the most widespread of such applications. Also an
-<B>encrypted home directory</B> needs a password to decrypt when a
-user logs in. These applications sometimes get their key for
-decrypting (e.g. for the password safe) by querying the PAM session
-environment for the password given by the user at login. But when the
-user was logged in with a fingerprint there is no password stored in
-the PAM session environment. So the application will prompt the user
-for a password when needed (e.g. if a wireless WPA connection has to
-be established by the Gnome Network Manager or if you want to access
-your email account with Evolution) even if the user was logged in
-already.</P>
-<P CLASS="western" STYLE="margin-top: 0.42cm"><SPAN STYLE="text-decoration: none"><B>Since
-version 0.11 of Fingerprint GUI there is a solution:</B></SPAN> You
-can use some removable media (USB stick) to save your (encrypted)
-password there. If the media is connected to your machine while you
-login with your fingerprint the “pam_fingerprint-gui.so” module
-can decrypt the password and send it to the PAM session environment.
-</P>
-<P CLASS="western" STYLE="margin-top: 0.42cm"><B>PLEASE READ
-CAREFULLY NOW AND USE THIS FEATURE ONLY IF YOU UNDESTAND HOW IT
-WORKS!</B></P>
-<P CLASS="western" STYLE="margin-top: 0.42cm">If you use the
-“Password” tab of “fingerprint-gui” you can chose a directory
-on some removable media, then type your login password twice and
-click the “Save” button. The removable media must be mounted and
-you must have write permission there. This is where “fingerprint-gui”
-creates a subdirectory “.fingerprints” and writes a file
-“&lt;<A CLASS="western" HREF="mailto:username@machinename.xml">username&gt;@&lt;machinename&gt;.xml</A>”
-containing the encrypted password. The key for decrypting this
-password, the path for the “&lt;<A CLASS="western" HREF="mailto:username@machinename.xml">username&gt;@&lt;machinename&gt;.xml</A>”
-file and the UUID of the removable media are saved in a file
-“/var/lib/fingerprint-gui/&lt;username&gt;/config.xml” (probably
-on your local HDD).</P>
-<P CLASS="western" STYLE="margin-top: 0.42cm">When you login using
-your fingerprint the “pam_fingerprint-gui.so” module reads the
-“/var/lib/fingerprint-gui/&lt;username&gt;/config.xml” file,
-finds the “&lt;<A CLASS="western" HREF="mailto:username@machinename.xml">username&gt;@&lt;machinename&gt;.xml</A>”
-file on the removable media (if it is connected and has the given
-UUID), mounts it, decrypts the password and saves it to the PAM
-session environment where gnome-keyring or other permitted
-applications can read it. This avoids your system asking for the
-password again.
-</P>
-<P CLASS="western" STYLE="margin-top: 0.42cm">In case of a
-fingerprint login to a session with an encrypted user home a message
-“!!!ERROR: FOUND ENCRYPTED HOMEDIR BUT NO PASSWORD!!!&quot; will
-appear in the gdm greeter and the login by fingerprint will fail,
-when the external media keeping the encrypted password could not be
-found.</P>
-<P CLASS="western" STYLE="margin-top: 0.42cm"><B>PLEASE NOTE THE
-FOLLOWING RESTRICTIONS:</B></P>
-<UL>
- <LI><P CLASS="western" STYLE="margin-top: 0.42cm">Do <U>not</U> use
- this feature if someone other then you has root permissions on this
- machine. This is because root can connect to the machine via telnet,
- ssh or something like this, mount the external media, find the
- “&lt;<A CLASS="western" HREF="mailto:username@machinename.xml">username&gt;@&lt;machinename&gt;.xml</A>”
- file, read the “/var/lib/fingerprint-gui/&lt;username&gt;/config.xml”
- file and decrypt your password.</P>
- <LI><P CLASS="western" STYLE="margin-top: 0.42cm">Do <U>not</U>
- connect the removable media if it isn't needed. The
- “pam_fingerprint-gui.so” module only needs it while login is in
- progress. It mounts the partition with the given UUID containing the
- “&lt;<A CLASS="western" HREF="mailto:username@machinename.xml">username&gt;@&lt;machinename&gt;.xml</A>”
- file and unmounts it immediately after it has read the file.</P>
- <LI><P CLASS="western" STYLE="margin-top: 0.42cm">Do <U>never</U>
- leave the removable media and the computer at the same location
- unattended. Someone could copy both files and decrypt your password
- later.</P>
- <LI><P CLASS="western" STYLE="margin-top: 0.42cm">You don't need to
- type your password any more so you can use a very long and strong
- password now. But do <U>not</U> forget your password! You would not
- be able to unlock your login-keyring any more if your removable
- media gets lost or corrupted.</P>
- <LI><P CLASS="western" STYLE="margin-top: 0.42cm">If you change your
- login password on this machine you need to use “fingerprint-gui”
- again and save the new password to the removable media.</P>
-</UL>
-<P CLASS="western" STYLE="margin-top: 0.42cm"><U>This is how I use
-this feature for myself:</U></P>
-<P CLASS="western" STYLE="margin-top: 0.42cm">My USB stick has 3
-partitions: One “vfat” (/dev/sdb1) to keep files to be
-transferred to other machines, one “luks_crypto” (/dev/sdb2)
-partition to keep my secret data and a very small (3MB) “ext2”
-(/dev/sdb3) partition to hold the “&lt;<A CLASS="western" HREF="mailto:username@machinename.xml">username&gt;@&lt;machinename&gt;.xml</A>”
-file. Corresponding entries in /etc/fstab ensure that the partitions
-sdb2 and sdb3 are not automatic mounted. Needless to say that I'm the
-only person who has root access to my notebook.</P>
-<P CLASS="western" STYLE="margin-top: 0.42cm">While booting my
-notebook I connect the USB stick until I'm logged in with my
-fingerprint, then remove the stick immediately and reconnect it only
-(and only as long as needed!) if I want to copy something from or to
-it. Because I don't need to invoke my password any more I use a very
-strong and cryptic login password.</P>
-<OL START=6>
- <LI><H1 CLASS="western">Troubleshooting</H1>
- <OL>
- <LI><H2 CLASS="western"><FONT FACE="Arial, sans-serif">Gdm Greeter
- doesn't show the Fingerprint GUI Widget or needs a long time (up to
- 20 seconds) to show it</FONT></H2>
- </OL>
-</OL>
-<P CLASS="western" STYLE="margin-top: 0.42cm">This behavior was seen
-on Fedora 12 with SELinux set to “enforcing”. Please set the
-system default of SELinux to “permissive” (or help me setting up
-SELinux rules that can be installed with Fingerprint GUI).</P>
-<OL>
- <OL START=2>
- <LI><H2 CLASS="western"><FONT FACE="Arial, sans-serif">Fingerprint-gui
- Error “Could not open fingerprint device”</FONT></H2>
- </OL>
-</OL>
-<P CLASS="western">On some systems the file
-“/etc/udev/rules.d/40-libfprint0.rules” (or something like this
-in “/lib/udev/rules.d”) installed by the “libfprint” package
-doesn't work properly. It should help to rename this file so it is
-invoked at a later time. In all known cases renaming it to
-“91-libfprint0.rules” solved the problem. <B>You should also make
-sure your fingerprint scanner hardware has an entry in this file</B>.</P>
-<OL>
- <OL START=3>
- <LI><H2 CLASS="western"><A NAME="DDE_LINK"></A><FONT FACE="Arial, sans-serif">Login
- </FONT>on a secure tty hangs with “OK” Message</H2>
- </OL>
-</OL>
-<P CLASS="western">If you try to login on a secure tty the prompt
-“Swipe your finger or type your password” appears. If you swipe
-the finger the message “OK” appears and then nothing happens. In
-this case the “uinput” device doesn't work. Make sure the
-“uinput” module is loaded (“lsmod | grep uinput”), the device
-exists in “/dev/input/uinput”, “/dev/misc/uinput” or
-“/dev/uinput” and you have write permission to it. On Ubuntu add
-a line “uinput” to the file “/etc/modules” and restart.</P>
-<OL>
- <OL START=4>
- <LI><H2 CLASS="western">You have a fingerprint device from UPEK/SGS
- Thomson and get some <FONT FACE="Courier New, monospace"><FONT SIZE=2>“ABSOpen()
- failed...”</FONT></FONT> error message in /var/log/auth.log</H2>
- </OL>
-</OL>
-<P CLASS="western">This is probably a problem with the proprietary
-UPEK driver (libbsapi.so). Maybe your device needs the &quot;NVM
-emulation&quot;. Please have a look into this document:
-<BR><A CLASS="western" HREF="http://www.n-view.net/Appliance//fingerprint/BSAPIUsageonLinux.pdf">http://www.n-view.net/Appliance//fingerprint/BSAPIUsageonLinux.pdf</A>
-<BR>and try to setup the emulation for your device.
-</P>
-<OL>
- <OL START=5>
- <LI><H2 CLASS="western"><A NAME="DDE_LINK2"></A><FONT FACE="Arial, sans-serif">P</FONT><FONT FACE="Arial, sans-serif">assword
- can not be saved to removable media</FONT></H2>
- </OL>
-</OL>
-<P CLASS="western">If you find an entry reading:</P>
-<P CLASS="western" STYLE="margin-top: 0.42cm"><FONT FACE="Courier New, monospace"><FONT SIZE=2>&quot;AES128-CBC
-not supported! Provider (libqca-ossl.so) not installed?&quot;</FONT></FONT></P>
-<P CLASS="western">in the log files, the plugin library for
-encryption is missing. Install the “libqca2-plugin-ossl” package
-(Ubuntu) or a similar encryption plugin.</P>
-<P CLASS="western">In other cases make sure the media is removable,
-contains a valid partition and is mounted with read/write permission.</P>
-<OL START=7>
- <LI><H1 CLASS="western">Known Limitations</H1>
- <OL>
- <LI><H2 CLASS="western">Applications that don't use PAM for
- prompting a password</H2>
- </OL>
-</OL>
-<P CLASS="western">The normal way to use PAM for authentication is to
-let the PAM system prompt the user for a username and/or a password.
-PAM uses then a callback function of the calling application for
-prompting something in it's own style. If called back by PAM the
-application can decide how it wants to prompt for name or password;
-if not called back, PAM has performed the authentication in another
-way (fingerprint, smart card, iris scanner or whatever). Maybe they
-didn't understand that or had another reason not to use that
-mechanism, the developers of some applications decided to prompt for
-password or username <U>before</U> calling PAM. In this case the
-“pam_fingerprint-gui.so” plugin is called at a time where the
-password is already known by the PAM stack and therefore exits
-immediately. Fingerprint authentication is not possible then.</P>
-<OL>
- <OL START=2>
- <LI><H2 CLASS="western">Missing XAUTHORITY environment variable</H2>
- </OL>
-</OL>
-<P CLASS="western">When calling PAM some applications don't have a
-XAUTHORITY variable in their environment. “pam_fingerprint-gui.so”
-tries hard to find the “MIT Magic Cookie” to be used to connect
-to the current display but in some cases it fails. I guess this is in
-several KDE applications the reason for not being able to show the
-fingerprint widget. Maybe I'll find some better solution in a later
-version.</P>
-<OL>
- <OL START=3>
- <LI><H2 CLASS="western" STYLE="page-break-after: avoid">Other <FONT FACE="Arial, sans-serif">Linux</FONT>
- distributions</H2>
- </OL>
-</OL>
-<H3 CLASS="western">Debian 4.0</H3>
-<P CLASS="western">I didn't find any way to install libfprint. There
-is neither a package available nor do the sources compile without
-errors. Didn't want to waste more time with it.</P>
-<H3 CLASS="western">SuSE 11.1 (gnome edition)</H3>
-<P CLASS="western">The gdm used in SuSE behaves totally strange. It
-doesn't allow to show the fingerprint widget. Maybe it's only some
-setting to be changed or the original source installation of gdm to
-be used. Neither found any useful documentation about it nor had the
-time to try a fresh compiled gdm from sources. I gave up!</P>
-<H3 CLASS="western">Slackware</H3>
-<P CLASS="western">Slackware might need someone who has enough spare
-time to make it “PAM aware”. Not me!</P>
-<P CLASS="western"><BR><BR>
-</P>
-<P CLASS="western"><B>So if you are interested to bring Fingerprint
-GUI to work on some other distributions first read the “Hacking”
-document of this project for hints about how it works. If you need
-further information about it contact me. If you managed to make it up
-and running write a HowTo and let me know.</B></P>
-<P CLASS="western"><BR><BR>
-</P>
-<P CLASS="western" STYLE="border-top: none; border-bottom: 1.00pt solid #000000; border-left: none; border-right: none; padding-top: 0cm; padding-bottom: 0.07cm; padding-left: 0cm; padding-right: 0cm">
-<B>Ubuntu and Fedora users should have no serious problems; so have
-fun with it!</B></P>
-<P CLASS="western"><BR><BR>
-</P>
-</BODY>
-</HTML> \ No newline at end of file
diff --git a/sys-auth/fingerprint-gui/fingerprint-gui-1.00.ebuild b/sys-auth/fingerprint-gui/fingerprint-gui-1.00.ebuild
deleted file mode 100644
index 4fd6c06..0000000
--- a/sys-auth/fingerprint-gui/fingerprint-gui-1.00.ebuild
+++ /dev/null
@@ -1,60 +0,0 @@
-# Copyright 1999-2010 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: $
-
-EAPI="3"
-
-inherit qt4-r2 versionator multilib
-#pam
-
-MY_PV=$(replace_version_separator 2 -)
-DESCRIPTION="Use Fingerprint Devices with Linux"
-HOMEPAGE="http://www.n-view.net/Appliance/fingerprint/"
-SRC_URI="http://www.n-view.net/Appliance/fingerprint/download/${PN}-${MY_PV}.tar.gz"
-
-LICENSE="GPL-3"
-SLOT="0"
-KEYWORDS="~x86 ~amd64"
-IUSE="upekbsapi"
-
-DEPEND="
- !sys-auth/pam_fprint
- !sys-auth/fprintd
- !sys-auth/thinkfinger
- >=sys-auth/libfprint-0.1.0_pre2
- x11-libs/libfakekey
- >=app-crypt/qca-2.0.0
- >=app-crypt/qca-ossl-2.0.0_beta3
- sys-auth/upekbsapi-bin[headers]
- x11-libs/qt-core:4
- x11-libs/qt-gui:4
-"
-RDEPEND="${DEPEND}"
-
-S="${WORKDIR}/${PN}-${MY_PV}"
-
-src_configure() {
- eqmake4 \
- PREFIX="$EROOT/usr" \
- LIB="$(get_libdir)" \
- LIBEXEC=libexec \
- LIBPOLKIT_QT=LIBPOLKIT_QT_1_1 || die "qmake4 failed"
-}
-
-src_install() {
- emake INSTALL_ROOT="${D}" DESTDIR="${D}" install || die "emake install failed"
- domenu bin/fingerprint-gui/fingerprint-gui.desktop
- dodoc CHANGELOG README IMPORTANT-UPGRADE-INFORMATION.txt \
- "${FILESDIR}/Install-step-by-step.html"
-}
-
-pkg_postinst() {
- elog "1) You may want to add the followingline to the first of /etc/pam.d/system-auth"
- elog " auth sufficient pam_fingerprint-gui.so"
- elog "2) You must be in the plugdev group to use fingerprint"
- if use upekbsapi; then
- elog "3) You select to install upeks bsapi library, it's not open-sourced."
- elog " Use it in your own risk."
- fi
- elog "*) Please see /usr/share/doc/${P}/Install-step-by-step.* to configure your device"
-}
diff --git a/sys-auth/fingerprint-gui/fingerprint-gui-1.04.ebuild b/sys-auth/fingerprint-gui/fingerprint-gui-1.04.ebuild
deleted file mode 100644
index 744934f..0000000
--- a/sys-auth/fingerprint-gui/fingerprint-gui-1.04.ebuild
+++ /dev/null
@@ -1,60 +0,0 @@
-# Copyright 1999-2010 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: $
-
-EAPI="3"
-
-inherit qt4-r2 versionator multilib
-#pam
-
-MY_PV=$(replace_version_separator 2 -)
-DESCRIPTION="Use Fingerprint Devices with Linux"
-HOMEPAGE="http://www.n-view.net/Appliance/fingerprint/"
-SRC_URI="http://www.n-view.net/Appliance/fingerprint/download/${PN}-${MY_PV}.tar.gz"
-
-LICENSE="GPL-3"
-SLOT="0"
-KEYWORDS="~x86 ~amd64"
-IUSE="upekbsapi"
-
-DEPEND="
- !sys-auth/pam_fprint
- !sys-auth/fprintd
- !sys-auth/thinkfinger
- >=sys-auth/libfprint-0.1.0_pre2
- x11-libs/libfakekey
- >=app-crypt/qca-2.0.0
- >=app-crypt/qca-ossl-2.0.0_beta3
- upekbsapi? ( sys-auth/upekbsapi-bin[headers] )
- x11-libs/qt-core:4
- x11-libs/qt-gui:4
-"
-RDEPEND="${DEPEND}"
-
-S="${WORKDIR}/${PN}-${MY_PV}"
-
-src_configure() {
- eqmake4 \
- PREFIX="$EROOT/usr" \
- LIB="$(get_libdir)" \
- LIBEXEC=libexec \
- LIBPOLKIT_QT=LIBPOLKIT_QT_1_1 || die "qmake4 failed"
-}
-
-src_install() {
- emake INSTALL_ROOT="${D}" DESTDIR="${D}" install || die "emake install failed"
- domenu bin/fingerprint-gui/fingerprint-gui.desktop
- dodoc CHANGELOG README IMPORTANT-UPGRADE-INFORMATION.txt \
- "${FILESDIR}/Install-step-by-step.html"
-}
-
-pkg_postinst() {
- elog "1) You may want to add the followingline to the first of /etc/pam.d/system-auth"
- elog " auth sufficient pam_fingerprint-gui.so"
- elog "2) You must be in the plugdev group to use fingerprint"
- if use upekbsapi; then
- elog "3) You select to install upeks bsapi library, it's not open-sourced."
- elog " Use it in your own risk."
- fi
- elog "*) Please see /usr/share/doc/${P}/Install-step-by-step.* to configure your device"
-}
diff --git a/sys-auth/fingerprint-gui/metadata.xml b/sys-auth/fingerprint-gui/metadata.xml
deleted file mode 100644
index c3bb234..0000000
--- a/sys-auth/fingerprint-gui/metadata.xml
+++ /dev/null
@@ -1,11 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
-<pkgmetadata>
- <maintainer>
- <email>alexxy@gentoo.org</email>
- <name>Alexey Shvetsov</name>
- </maintainer>
- <use>
- <flag name='upekbsapi'>Use upek binary drivers</flag>
- </use>
-</pkgmetadata>