Difference between revisions of "Script for enabling the fingerprint reader with BioAPI"
| (8 intermediate revisions by 7 users not shown) | |||
| Line 1: | Line 1: | ||
| − | Using the [[Integrated Fingerprint Reader|integrated fingerprint reader]] under Linux is currently a fairly complicated | + | Using the [[Integrated Fingerprint Reader|integrated fingerprint reader]] under Linux is currently a fairly complicated process. The following script automates the installation of the fingerprint software, for some Linux distributions. It covers most components (bioapi framework, driver, pam_bioapi, PAM setup, USB device permissions pamtester and enrolling), and handles all the downloading, patching and installation. |
Usage: just copy into a file and run as root. | Usage: just copy into a file and run as root. | ||
| Line 11: | Line 11: | ||
Everything is intalled into {{path|/opt/bioapi}}, so it doesn't pollute your filesystem. The only effects outside {{path|/opt/bioapi}} are one-line changes to the ldconfig configuration, PAM configuration and {{path|/etc/rc.local}}, and a few symlinks in {{path|/lib/security}}. | Everything is intalled into {{path|/opt/bioapi}}, so it doesn't pollute your filesystem. The only effects outside {{path|/opt/bioapi}} are one-line changes to the ldconfig configuration, PAM configuration and {{path|/etc/rc.local}}, and a few symlinks in {{path|/lib/security}}. | ||
| − | |||
| − | |||
===Distributions supported by this script=== | ===Distributions supported by this script=== | ||
| − | * {{Fedora}} 4 | + | * {{Fedora}} 4, 5, 6 |
| − | |||
* Red Hat Enterprise Linux 4 | * Red Hat Enterprise Linux 4 | ||
If you add support for additional distributions, please update this script (using conditionals where necessary) instead of branching it. | If you add support for additional distributions, please update this script (using conditionals where necessary) instead of branching it. | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
==The script== | ==The script== | ||
{{CodeRef|enable-fingerprint-reader}} | {{CodeRef|enable-fingerprint-reader}} | ||
| + | |||
| + | The patch has been moved to http://cvs.pld-linux.org/cgi-bin/cvsweb/SOURCES/Attic/bioapi-c++.patch?rev=1.3. However in CVS it has been marked as obsolete. | ||
==Ideas for improvement== | ==Ideas for improvement== | ||
| Line 40: | Line 29: | ||
* Install and configure a patched xscreensaver (as explained in [[How_to_enable_the_fingerprint_reader]]). | * Install and configure a patched xscreensaver (as explained in [[How_to_enable_the_fingerprint_reader]]). | ||
* Add "<tt>OnResume 10 /opt/bioapi/bin/set_fingerprint_perms</tt>" to [[Software Suspend 2|suspend2]]'s {{path|/etc/hibernate/hibernate.conf}}? | * Add "<tt>OnResume 10 /opt/bioapi/bin/set_fingerprint_perms</tt>" to [[Software Suspend 2|suspend2]]'s {{path|/etc/hibernate/hibernate.conf}}? | ||
| + | |||
| + | * The script ends with: | ||
| + | + wget -N http://badcode.de/downloads/fingerprint.patch | ||
| + | --13:03:23-- http://badcode.de/downloads/fingerprint.patch | ||
| + | => `fingerprint.patch' | ||
| + | Connecting to XXX.XXX.XXX.XXX:80... connected. | ||
| + | Proxy request sent, awaiting response... 401 Authorization Required | ||
| + | Authorization failed. | ||
| + | |||
| + | (proxy don't need authorization) | ||
| + | the file is under authorization | ||
[[Category:Scripts]] | [[Category:Scripts]] | ||
Latest revision as of 18:25, 5 August 2011
Using the integrated fingerprint reader under Linux is currently a fairly complicated process. The following script automates the installation of the fingerprint software, for some Linux distributions. It covers most components (bioapi framework, driver, pam_bioapi, PAM setup, USB device permissions pamtester and enrolling), and handles all the downloading, patching and installation.
Usage: just copy into a file and run as root.
After installation, all PAM-enabled system functions will use the fingerprint reader (and if it fails, default to the usual password entry). This includes:
- KDE's KDM login (enter an empty password, then swipe finger)
- KDE's screensaver (enter an empty password, then swipe finger)
- Gnome's GDM login
- su
- sudo
Everything is intalled into /opt/bioapi, so it doesn't pollute your filesystem. The only effects outside /opt/bioapi are one-line changes to the ldconfig configuration, PAM configuration and /etc/rc.local, and a few symlinks in /lib/security.
Distributions supported by this script
- Fedora 4, 5, 6
- Red Hat Enterprise Linux 4
If you add support for additional distributions, please update this script (using conditionals where necessary) instead of branching it.
The script
enable-fingerprint-reader (download)
The patch has been moved to http://cvs.pld-linux.org/cgi-bin/cvsweb/SOURCES/Attic/bioapi-c++.patch?rev=1.3. However in CVS it has been marked as obsolete.
Ideas for improvement
- Support more distributions
- Minimize changes to /etc/pam.d/system-auth by creating a separate file (e.g., /etc/pam.d/bioapi-auth) and @include-ing it.
- Do something about /etc/pam.d/sshd - it invokes /etc/pam.d/system-auth by stacking, so remote SSH logins now invoke the fingerprint reader... See related discussion in How_to_enable_the_fingerprint_reader.
- Install and configure a patched xscreensaver (as explained in How_to_enable_the_fingerprint_reader).
- Add "OnResume 10 /opt/bioapi/bin/set_fingerprint_perms" to suspend2's /etc/hibernate/hibernate.conf?
- The script ends with:
+ wget -N http://badcode.de/downloads/fingerprint.patch --13:03:23-- http://badcode.de/downloads/fingerprint.patch
=> `fingerprint.patch'
Connecting to XXX.XXX.XXX.XXX:80... connected. Proxy request sent, awaiting response... 401 Authorization Required Authorization failed.
(proxy don't need authorization) the file is under authorization
