Browse Source

Pamusb -> pam_usb

Andrea Luzzardi 18 years ago
parent
commit
3eaaf65c7f
10 changed files with 48 additions and 28 deletions
  1. +1
    -1
      ChangeLog
  2. +2
    -1
      Makefile
  3. +10
    -6
      doc/CONFIGURATION
  4. +21
    -10
      doc/INSTALLATION
  5. +12
    -8
      doc/UPGRADING
  6. +1
    -1
      doc/pusb.conf-dist
  7. BIN
      doc/pusb_check.1.gz
  8. BIN
      doc/pusb_conf.1.gz
  9. BIN
      doc/pusb_hotplug.1.gz
  10. +1
    -1
      utils/fetch_doc.rb

+ 1
- 1
ChangeLog View File

@ -5,7 +5,7 @@
interface over kernel changes. interface over kernel changes.
- Certificates have been replaced by one time pads. That will prevent - Certificates have been replaced by one time pads. That will prevent
copies of the USB device to be used for authentication. copies of the USB device to be used for authentication.
- Device's manufacturer properties verification. Pamusb now verifies
- Device's manufacturer properties verification. pam_usb now verifies
device informations (vendor, product, serial number, UUID) in the device informations (vendor, product, serial number, UUID) in the
authentication process. authentication process.
- Configuration is now handled in a central place, the pusb.conf - Configuration is now handled in a central place, the pusb.conf


+ 2
- 1
Makefile View File

@ -42,7 +42,7 @@ CONFS_DEST := $(DESTDIR)/etc/pusb
# Doc # Doc
DOCS := doc/INSTALLATION doc/CONFIGURATION doc/UPGRADING doc/FAQ DOCS := doc/INSTALLATION doc/CONFIGURATION doc/UPGRADING doc/FAQ
DOCS_DEST := $(DESTDIR)/usr/share/doc/pamusb
DOCS_DEST := $(DESTDIR)/usr/share/doc/pam_usb
# Man # Man
MANS := doc/pusb_conf.1.gz doc/pusb_hotplug.1.gz doc/pusb_check.1.gz MANS := doc/pusb_conf.1.gz doc/pusb_hotplug.1.gz doc/pusb_check.1.gz
@ -66,6 +66,7 @@ $(PUSB_CHECK) : $(OBJS) $(PUSB_CHECK_OBJS)
$(CC) -o $(PUSB_CHECK) $(LDFLAGS) $(OBJS) $(PUSB_CHECK_OBJS) $(LIBS) $(CC) -o $(PUSB_CHECK) $(LDFLAGS) $(OBJS) $(PUSB_CHECK_OBJS) $(LIBS)
%.o : %.c %.o : %.c
sleep 1
${CC} -c ${CFLAGS} $< -o $@ ${CC} -c ${CFLAGS} $< -o $@
clean : clean :


+ 10
- 6
doc/CONFIGURATION View File

@ -1,5 +1,6 @@
====== Configuration ====== ====== Configuration ======
===== Introduction ===== ===== Introduction =====
* The configuration file is formatted in XML and subdivided in 4 sections: * The configuration file is formatted in XML and subdivided in 4 sections:
@ -37,14 +38,16 @@ using the -c option:
auth sufficient pam_usb.so -c /some/other/path.conf auth sufficient pam_usb.so -c /some/other/path.conf
auth required pam_unix.so nullok_secure auth required pam_unix.so nullok_secure
You will also have to use the -c option when calling pamusb's tools. For
You will also have to use the -c option when calling pam_usb's tools. For
instance, when calling pusb_hotplug: instance, when calling pusb_hotplug:
pusb_hotplug -c /some/other/path.conf pusb_hotplug -c /some/other/path.conf
===== Options ===== ===== Options =====
^ Name ^ Type ^ Default value ^ Description ^ ^ Name ^ Type ^ Default value ^ Description ^
| enable | Boolean | true | Enable pamusb
| enable | Boolean | true | Enable pam_usb
| |
| debug | Boolean | false | Enable debug messages | debug | Boolean | false | Enable debug messages
| |
@ -90,7 +93,7 @@ device to be detected -->
</devices> </devices>
<services> <services>
<service id="su"> <service id="su">
<!-- Disable pamusb for "su" ("su" will ask for a password as usual) -->
<!-- Disable pam_usb for "su" ("su" will ask for a password as usual) -->
<option name="enable">false<option> <option name="enable">false<option>
</service> </service>
</services> </services>
@ -159,9 +162,10 @@ beep-media-player -->
--> -->
</service> </service>
===== Full example ===== ===== Full example =====
This example demonstrates how to write a pamusb configuration file and how to
This example demonstrates how to write a pam_usb configuration file and how to
combine and override options. combine and override options.
<configuration> <configuration>
@ -211,7 +215,7 @@ enabled.
<user id="scox"> <user id="scox">
<device>MyDevice</device> <device>MyDevice</device>
<!-- We want pamusb to work in quiet mode when authenticating "scox", so we
<!-- We want pam_usb to work in quiet mode when authenticating "scox", so we
override the "quiet" option --> override the "quiet" option -->
<option name="quiet">true</option> <option name="quiet">true</option>
@ -224,7 +228,7 @@ override the "quiet" option -->
<!-- Services settings (e.g. gdm, su, sudo...) --> <!-- Services settings (e.g. gdm, su, sudo...) -->
<services> <services>
<!-- Disable pamusb for gdm (a password will be asked as usual) -->
<!-- Disable pam_usb for gdm (a password will be asked as usual) -->
<service id="gdm"> <service id="gdm">
<option name="enable">false</option> <option name="enable">false</option>
</service> </service>


+ 21
- 10
doc/INSTALLATION View File

@ -1,7 +1,7 @@
====== Installation ====== ====== Installation ======
Before going ahead, be sure to follow the upgrading instructions if you're using Before going ahead, be sure to follow the upgrading instructions if you're using
an older version of pamusb.
an older version of pam_usb.
===== Requirements ===== ===== Requirements =====
* Requirements for pam_usb and pusb_check: * Requirements for pam_usb and pusb_check:
@ -118,17 +118,24 @@ automatically execute commands upon locking and unlocking events. Those events
are generated when you insert or remove your authentication device. are generated when you insert or remove your authentication device.
For instance, you could automatically start your screensaver as soon as you For instance, you could automatically start your screensaver as soon as you
remove the device, and deactivate it when you plug the device back:
remove the device, and deactivate it when you plug the device back.
* GNOME (gnome-screensaver):
<user id="scox"> <user id="scox">
<device>MyDevice</device> <device>MyDevice</device>
<hotplug event="lock">gnome-screensaver-command --lock</hotplug> <hotplug event="lock">gnome-screensaver-command --lock</hotplug>
<hotplug event="unlock">gnome-screensaver-command --deactivate</hotplug> <hotplug event="unlock">gnome-screensaver-command --deactivate</hotplug>
</user> </user>
Replace gnome-screensaver-command --lock and gnome-screensaver-command --unlock
with any command you want to execute. You can also execute more commands by
adding extra <hotplug> entries.
* KDE (kscreensaver):
<user id="scox">
<device>MyDevice</device>
<hotplug event="lock">dcop kdesktop KScreensaverIface lock</hotplug>
<hotplug event="unlock">dcop kdesktop KScreensaverIface quit</hotplug>
</user>
You can also execute more commands by adding extra <hotplug> entries.
$ pusb_hotplug $ pusb_hotplug
@ -148,12 +155,16 @@ pusb_hotplug[18329]: Unlocked.
Depending on your desktop environment, you have to add pusb_hotplug to the list Depending on your desktop environment, you have to add pusb_hotplug to the list
of autostarted applications so it will be started automatically. of autostarted applications so it will be started automatically.
For instance, with GNOME:
- Open System -> Preferences -> Sessions
- Select Startup Programs and press Add
- Enter pusb_hotplug and press OK
- Press Close
* GNOME:
- Open System -> Preferences -> Sessions
- Select Startup Programs and press Add
- Enter pusb_hotplug and press OK
- Press Close
* KDE:
- cd ~/.kde/Autostart
- ln -s /usr/bin/pusb_hotplug pusb_hotplug
====== Troubleshooting ====== ====== Troubleshooting ======


+ 12
- 8
doc/UPGRADING View File

@ -1,7 +1,7 @@
====== Upgrading ====== ====== Upgrading ======
If you're already using a pamusb version prior to 0.4.0, you will have to remove
the older version before installing.
If you're already using a pam_usb version prior to 0.4.0, you will have to
remove the older version before installing.
You do not have to do this if you're already using >=0.4.0 or Subversion. You do not have to do this if you're already using >=0.4.0 or Subversion.
@ -19,26 +19,30 @@ to pam_usb.so:
$ grep -r pam_usb /etc/pam.d $ grep -r pam_usb /etc/pam.d
$ $
===== Remove .auth directories ===== ===== Remove .auth directories =====
Older versions of pamusb used to create .auth directories in both the device and
the user's home directory. Those directories aren't used anymore, so feel free
to remove them:
Older versions of pam_usb used to create .auth directories in both the device
and the user's home directory. Those directories aren't used anymore, so feel
free to remove them:
# rm -rf /root/.auth # rm -rf /root/.auth
# rm -rf /home/scox/.auth # rm -rf /home/scox/.auth
# rm -rf /media/usbdisk/.auth # rm -rf /media/usbdisk/.auth
===== Remove configuration files ===== ===== Remove configuration files =====
As configuration files of pamusb 0.4.0 aren't backward compatible and are
As configuration files of pam_usb 0.4.0 aren't backward compatible and are
located under /etc/pusb, the old /etc/pam_usb is no more needed. located under /etc/pusb, the old /etc/pam_usb is no more needed.
# rm -rf /etc/pam_usb # rm -rf /etc/pam_usb
===== Deinstall pamusb =====
If you installed the old pamusb version using your operating system's package
===== Deinstall pam_usb =====
If you installed the old pam_usb version using your operating system's package
manager, then remove it by the same mean. manager, then remove it by the same mean.
Otherwise, you can remove it by hand by performing the following instructions: Otherwise, you can remove it by hand by performing the following instructions:


+ 1
- 1
doc/pusb.conf-dist View File

@ -1,5 +1,5 @@
<!-- <!--
pusb.conf-dist: Default configuration file for pamusb.
pusb.conf-dist: Default configuration file for pam_usb.
Copy this file to /etc/pusb/pusb.conf if you don't already have one. Copy this file to /etc/pusb/pusb.conf if you don't already have one.
See http://www.pamusb.org/doc/configuring See http://www.pamusb.org/doc/configuring


BIN
doc/pusb_check.1.gz View File


BIN
doc/pusb_conf.1.gz View File


BIN
doc/pusb_hotplug.1.gz View File


+ 1
- 1
utils/fetch_doc.rb View File

@ -67,7 +67,7 @@ MANS.each do |man|
STDOUT.flush STDOUT.flush
doc = fetch_doc("man/#{man}") doc = fetch_doc("man/#{man}")
cmd = "txt2man -v \"PAMUSB\" -s1 -t#{man}"
cmd = "txt2man -v \"PAM_USB\" -s1 -t#{man}"
cmd += ' | sed "s/\\\\\\\\\\\\\\\\/\\\\\\/g"' cmd += ' | sed "s/\\\\\\\\\\\\\\\\/\\\\\\/g"'
File.popen("#{cmd} > #{File.join(DOC_PATH, man)}.1", 'w') do |f| File.popen("#{cmd} > #{File.join(DOC_PATH, man)}.1", 'w') do |f|
f.write(doc) f.write(doc)


Loading…
Cancel
Save