Browse Source

Pamusb -> pam_usb

Andrea Luzzardi 18 years ago
parent
commit
3eaaf65c7f
10 changed files with 48 additions and 28 deletions
  1. +1
    -1
      ChangeLog
  2. +2
    -1
      Makefile
  3. +10
    -6
      doc/CONFIGURATION
  4. +21
    -10
      doc/INSTALLATION
  5. +12
    -8
      doc/UPGRADING
  6. +1
    -1
      doc/pusb.conf-dist
  7. BIN
      doc/pusb_check.1.gz
  8. BIN
      doc/pusb_conf.1.gz
  9. BIN
      doc/pusb_hotplug.1.gz
  10. +1
    -1
      utils/fetch_doc.rb

+ 1
- 1
ChangeLog View File

@ -5,7 +5,7 @@
interface over kernel changes.
- Certificates have been replaced by one time pads. That will prevent
copies of the USB device to be used for authentication.
- Device's manufacturer properties verification. Pamusb now verifies
- Device's manufacturer properties verification. pam_usb now verifies
device informations (vendor, product, serial number, UUID) in the
authentication process.
- Configuration is now handled in a central place, the pusb.conf


+ 2
- 1
Makefile View File

@ -42,7 +42,7 @@ CONFS_DEST := $(DESTDIR)/etc/pusb
# Doc
DOCS := doc/INSTALLATION doc/CONFIGURATION doc/UPGRADING doc/FAQ
DOCS_DEST := $(DESTDIR)/usr/share/doc/pamusb
DOCS_DEST := $(DESTDIR)/usr/share/doc/pam_usb
# Man
MANS := doc/pusb_conf.1.gz doc/pusb_hotplug.1.gz doc/pusb_check.1.gz
@ -66,6 +66,7 @@ $(PUSB_CHECK) : $(OBJS) $(PUSB_CHECK_OBJS)
$(CC) -o $(PUSB_CHECK) $(LDFLAGS) $(OBJS) $(PUSB_CHECK_OBJS) $(LIBS)
%.o : %.c
sleep 1
${CC} -c ${CFLAGS} $< -o $@
clean :


+ 10
- 6
doc/CONFIGURATION View File

@ -1,5 +1,6 @@
====== Configuration ======
===== Introduction =====
* The configuration file is formatted in XML and subdivided in 4 sections:
@ -37,14 +38,16 @@ using the -c option:
auth sufficient pam_usb.so -c /some/other/path.conf
auth required pam_unix.so nullok_secure
You will also have to use the -c option when calling pamusb's tools. For
You will also have to use the -c option when calling pam_usb's tools. For
instance, when calling pusb_hotplug:
pusb_hotplug -c /some/other/path.conf
===== Options =====
^ Name ^ Type ^ Default value ^ Description ^
| enable | Boolean | true | Enable pamusb
| enable | Boolean | true | Enable pam_usb
|
| debug | Boolean | false | Enable debug messages
|
@ -90,7 +93,7 @@ device to be detected -->
</devices>
<services>
<service id="su">
<!-- Disable pamusb for "su" ("su" will ask for a password as usual) -->
<!-- Disable pam_usb for "su" ("su" will ask for a password as usual) -->
<option name="enable">false<option>
</service>
</services>
@ -159,9 +162,10 @@ beep-media-player -->
-->
</service>
===== Full example =====
This example demonstrates how to write a pamusb configuration file and how to
This example demonstrates how to write a pam_usb configuration file and how to
combine and override options.
<configuration>
@ -211,7 +215,7 @@ enabled.
<user id="scox">
<device>MyDevice</device>
<!-- We want pamusb to work in quiet mode when authenticating "scox", so we
<!-- We want pam_usb to work in quiet mode when authenticating "scox", so we
override the "quiet" option -->
<option name="quiet">true</option>
@ -224,7 +228,7 @@ override the "quiet" option -->
<!-- Services settings (e.g. gdm, su, sudo...) -->
<services>
<!-- Disable pamusb for gdm (a password will be asked as usual) -->
<!-- Disable pam_usb for gdm (a password will be asked as usual) -->
<service id="gdm">
<option name="enable">false</option>
</service>


+ 21
- 10
doc/INSTALLATION View File

@ -1,7 +1,7 @@
====== Installation ======
Before going ahead, be sure to follow the upgrading instructions if you're using
an older version of pamusb.
an older version of pam_usb.
===== Requirements =====
* Requirements for pam_usb and pusb_check:
@ -118,17 +118,24 @@ automatically execute commands upon locking and unlocking events. Those events
are generated when you insert or remove your authentication device.
For instance, you could automatically start your screensaver as soon as you
remove the device, and deactivate it when you plug the device back:
remove the device, and deactivate it when you plug the device back.
* GNOME (gnome-screensaver):
<user id="scox">
<device>MyDevice</device>
<hotplug event="lock">gnome-screensaver-command --lock</hotplug>
<hotplug event="unlock">gnome-screensaver-command --deactivate</hotplug>
</user>
Replace gnome-screensaver-command --lock and gnome-screensaver-command --unlock
with any command you want to execute. You can also execute more commands by
adding extra <hotplug> entries.
* KDE (kscreensaver):
<user id="scox">
<device>MyDevice</device>
<hotplug event="lock">dcop kdesktop KScreensaverIface lock</hotplug>
<hotplug event="unlock">dcop kdesktop KScreensaverIface quit</hotplug>
</user>
You can also execute more commands by adding extra <hotplug> entries.
$ pusb_hotplug
@ -148,12 +155,16 @@ pusb_hotplug[18329]: Unlocked.
Depending on your desktop environment, you have to add pusb_hotplug to the list
of autostarted applications so it will be started automatically.
For instance, with GNOME:
- Open System -> Preferences -> Sessions
- Select Startup Programs and press Add
- Enter pusb_hotplug and press OK
- Press Close
* GNOME:
- Open System -> Preferences -> Sessions
- Select Startup Programs and press Add
- Enter pusb_hotplug and press OK
- Press Close
* KDE:
- cd ~/.kde/Autostart
- ln -s /usr/bin/pusb_hotplug pusb_hotplug
====== Troubleshooting ======


+ 12
- 8
doc/UPGRADING View File

@ -1,7 +1,7 @@
====== Upgrading ======
If you're already using a pamusb version prior to 0.4.0, you will have to remove
the older version before installing.
If you're already using a pam_usb version prior to 0.4.0, you will have to
remove the older version before installing.
You do not have to do this if you're already using >=0.4.0 or Subversion.
@ -19,26 +19,30 @@ to pam_usb.so:
$ grep -r pam_usb /etc/pam.d
$
===== Remove .auth directories =====
Older versions of pamusb used to create .auth directories in both the device and
the user's home directory. Those directories aren't used anymore, so feel free
to remove them:
Older versions of pam_usb used to create .auth directories in both the device
and the user's home directory. Those directories aren't used anymore, so feel
free to remove them:
# rm -rf /root/.auth
# rm -rf /home/scox/.auth
# rm -rf /media/usbdisk/.auth
===== Remove configuration files =====
As configuration files of pamusb 0.4.0 aren't backward compatible and are
As configuration files of pam_usb 0.4.0 aren't backward compatible and are
located under /etc/pusb, the old /etc/pam_usb is no more needed.
# rm -rf /etc/pam_usb
===== Deinstall pamusb =====
If you installed the old pamusb version using your operating system's package
===== Deinstall pam_usb =====
If you installed the old pam_usb version using your operating system's package
manager, then remove it by the same mean.
Otherwise, you can remove it by hand by performing the following instructions:


+ 1
- 1
doc/pusb.conf-dist View File

@ -1,5 +1,5 @@
<!--
pusb.conf-dist: Default configuration file for pamusb.
pusb.conf-dist: Default configuration file for pam_usb.
Copy this file to /etc/pusb/pusb.conf if you don't already have one.
See http://www.pamusb.org/doc/configuring


BIN
doc/pusb_check.1.gz View File


BIN
doc/pusb_conf.1.gz View File


BIN
doc/pusb_hotplug.1.gz View File


+ 1
- 1
utils/fetch_doc.rb View File

@ -67,7 +67,7 @@ MANS.each do |man|
STDOUT.flush
doc = fetch_doc("man/#{man}")
cmd = "txt2man -v \"PAMUSB\" -s1 -t#{man}"
cmd = "txt2man -v \"PAM_USB\" -s1 -t#{man}"
cmd += ' | sed "s/\\\\\\\\\\\\\\\\/\\\\\\/g"'
File.popen("#{cmd} > #{File.join(DOC_PATH, man)}.1", 'w') do |f|
f.write(doc)


Loading…
Cancel
Save