Heya,
On Thu, 2007-10-25 at 10:06 -0400, Jeremy Katz wrote:
On Thu, 2007-10-25 at 08:55 -0400, Bryan Clark wrote:
Pushing off from Ben's email on new user creation [1] I wanted to get some setup for the think finger support that david mentioned [2].
I'd actually like to make it a teensy bit more general and think about the non-Thinkfinger readers also. From my Pile Of Laptops, the Authentec readers are pretty common. And davidz has already done some prodding with them based on his blog ;)
The plan for the F9 feature[1] was to not use pam_thinkfinger (it's real crap, and has some gross hacks, such as sending line feeds to accept password auth), and switch to a dbus service instead (so that we don't do threading in pam_thinkfinger).
The dbus service would be a HAL singleton, and we could obviously use a different implementation that could drive Authentec readers, or any other, given a sane API.
While not very relevant to the interaction, it's mostly important so that we don't make assumptions of hardware capabilities that may or may not be present.
Can it's presence be detected automatically? And it's (pam) authentication be added automatically?
They're all usb devices, so pretty detectable. Adding the pam config is just a matter of deciding we're doing it and then adding to the stacks written out by authconfig
And for which PAM services we'd want to enable this.
Cheers