Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
libfprint: configure pam to only (and exclusively) use for xscreensaver
134 views
Skip to first unread message
Johannes Graumann
Mar 18, 2012, 2:10:01 PM3/18/12
to
Hi,
Below you find my (testing stock) /etc/pam.d/common-auth & xscreensaver
files. I have endlessly played around but this eludes me, so any help would
be appreciated ...
I'm trying to configure pam such that normal password authentication is used
UNLESS we are unlocking xscreensaver, when it should fall bak on the
fingerprint reader. Any ideas on how to achieve that?
Thanks for any hints. Sincerely, Joh
> #
> # /etc/pam.d/xscreensaver - PAM behavior for xscreensaver
> #
> @include common-auth
> @include common-account
> #
> # /etc/pam.d/common-auth - authentication settings common to all services
> #
> # This file is included from other service-specific PAM config files,
> # and should contain a list of the authentication modules that define
> # the central authentication scheme for use on the system
> # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the
> # traditional Unix authentication mechanisms.
> #
> # As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
> # To take advantage of this, it is recommended that you configure any
> # local modules either before or after the default block, and use
> # pam-auth-update to manage selection of other modules. See
> # pam-auth-update(8) for details.
>
> # here are the per-package modules (the "Primary" block)
> auth [success=2 default=ignore] pam_fprint.so
> auth [success=1 default=ignore] pam_unix.so nullok_secure
try_first_pass
> # here's the fallback if no module succeeds
> auth requisite pam_deny.so
> # prime the stack with a positive return value if there isn't one already;
> # this avoids us returning an error just because nothing sets a success
code
> # since the modules above will each just jump around
> auth required pam_permit.so
> # and here are more per-package modules (the "Additional" block)
> auth optional pam_cap.so
> # end of pam-auth-update config
--
To UNSUBSCRIBE, email to debian-us...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listm...@lists.debian.org
Archive: http://lists.debian.org/jk589j$pbg$1...@dough.gmane.org
Below you find my (testing stock) /etc/pam.d/common-auth & xscreensaver
files. I have endlessly played around but this eludes me, so any help would
be appreciated ...
I'm trying to configure pam such that normal password authentication is used
UNLESS we are unlocking xscreensaver, when it should fall bak on the
fingerprint reader. Any ideas on how to achieve that?
Thanks for any hints. Sincerely, Joh
> #
> # /etc/pam.d/xscreensaver - PAM behavior for xscreensaver
> #
> @include common-auth
> @include common-account
> #
> # /etc/pam.d/common-auth - authentication settings common to all services
> #
> # This file is included from other service-specific PAM config files,
> # and should contain a list of the authentication modules that define
> # the central authentication scheme for use on the system
> # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the
> # traditional Unix authentication mechanisms.
> #
> # As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
> # To take advantage of this, it is recommended that you configure any
> # local modules either before or after the default block, and use
> # pam-auth-update to manage selection of other modules. See
> # pam-auth-update(8) for details.
>
> # here are the per-package modules (the "Primary" block)
> auth [success=2 default=ignore] pam_fprint.so
> auth [success=1 default=ignore] pam_unix.so nullok_secure
try_first_pass
> # here's the fallback if no module succeeds
> auth requisite pam_deny.so
> # prime the stack with a positive return value if there isn't one already;
> # this avoids us returning an error just because nothing sets a success
code
> # since the modules above will each just jump around
> auth required pam_permit.so
> # and here are more per-package modules (the "Additional" block)
> auth optional pam_cap.so
> # end of pam-auth-update config
--
To UNSUBSCRIBE, email to debian-us...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listm...@lists.debian.org
Archive: http://lists.debian.org/jk589j$pbg$1...@dough.gmane.org
Camaleón
Mar 19, 2012, 10:50:01 AM3/19/12
to
On Sun, 18 Mar 2012 21:07:46 +0300, Johannes Graumann wrote:
> Below you find my (testing stock) /etc/pam.d/common-auth & xscreensaver
> files. I have endlessly played around but this eludes me, so any help
> would be appreciated ...
> I'm trying to configure pam such that normal password authentication is
> used UNLESS we are unlocking xscreensaver, when it should fall bak on
> the fingerprint reader. Any ideas on how to achieve that?
(...)
> Below you find my (testing stock) /etc/pam.d/common-auth & xscreensaver
> files. I have endlessly played around but this eludes me, so any help
> would be appreciated ...
> I'm trying to configure pam such that normal password authentication is
> used UNLESS we are unlocking xscreensaver, when it should fall bak on
> the fingerprint reader. Any ideas on how to achieve that?
No idea, sorry :-(
But Google found a forum post that it may help with your issue:
http://www.debian-fr.org/x220-install-configuration-t36152.html
Greetings,
--
Camaleón
--
To UNSUBSCRIBE, email to debian-us...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listm...@lists.debian.org
0 new messages