Features/Fingerprint

From FedoraProject

< Features(Difference between revisions)
Jump to: navigation, search
(Owner)
(update for latest changes)
Line 3: Line 3:
 
== Summary ==
 
== Summary ==
  
The goal of the project is making fingerprint readers as easy as possible to use for authentication (primary or secondary).
+
The goal of the project is making fingerprint readers as easy as possible to use for secondary authentication.
  
 
See the use cases in the [[Desktop/Whiteboards/FingerprintAuthentication|whiteboard]].
 
See the use cases in the [[Desktop/Whiteboards/FingerprintAuthentication|whiteboard]].
Line 12: Line 12:
 
== Current status ==
 
== Current status ==
 
* Targeted release:   
 
* Targeted release:   
* Last updated: 2008-06-01
+
* Last updated: 2008-11-27
* Percentage of completion: 50% (some code available)
+
* Percentage of completion: 80% (some code available)
  
The fprint package was [https://bugzilla.redhat.com/show_bug.cgi?id=398081 added to Fedora CVS]  (and [http://koji.fedoraproject.org/koji/packageinfo?packageID=5407 built] ). It is now available for Fedora 7, Fedora 8 and later.
+
libusb1, and the required libfprint are available in rawhide (F-11). The authconfig patch to enable pam_fprintd
  
The pam_fprint package has been [https://bugzilla.redhat.com/show_bug.cgi?id=409011 added to Fedora CVS] (and [http://koji.fedoraproject.org/koji/packageinfo?packageID=5436 built] ). It is now available for Fedora 7, Fedora 8 and later.
+
fprintd is being [https://bugzilla.redhat.com/show_bug.cgi?id=469955 reviewed]. It includes a pam plugin to not require a password for login. The [https://bugzilla.redhat.com/show_bug.cgi?id=469418 authconfig patch to add fingerprint reader authentication] is also in rawhide.
  
The fprint_demo has been [https://bugzilla.redhat.com/show_bug.cgi?id=427699 added to Fedora CVS]  (and
+
Enrollment support is being added to [http://bugzilla.gnome.org/show_bug.cgi?id=561881 gnome-about-me].
[http://koji.fedoraproject.org/koji/packageinfo?packageID=5582 built] ). It is now available for Fedora 7, Fedora 8 and later.
+
 
+
More details on the current status (as of writing, 2008-06-01) are available in Daniel Drake's [http://www.reactivated.net/fprint/academic-project/fprint_report.pdf project report] .
+
 
+
Most of the applications of fprint would need fprintd, which requires: libusb-1.0 (async design, not compatible with 0.1, packaged as <code>libusb1</code> in Rawhide), and the async branch of libfprint.
+
  
 
== Detailed Description ==
 
== Detailed Description ==
Line 38: Line 33:
 
Better integration would mean
 
Better integration would mean
  
* Having a D-Bus service that's a HAL singleton for handling reading/using the fingerprint reader. Potential API (BastienNocera, API needs loads of work). (snipped)
+
* Having a D-Bus service for handling reading/using the fingerprint reader.
* Most of the API is already implemented in fprintd, the D-Bus daemon. It uses service activation instead of being a HAL singleton. Identification parts of the API are missing.
+
  
* The PAM module would use the Verify method provided over D-Bus to authenticate users, and will be added to the default configuration.
+
* The PAM module uses the VerifyStart method provided over D-Bus to authenticate users, and will be added to the default configuration.
  
* gnome-about-me would use the Acquire method to write a new fingerprint data file for the specified user.
+
* gnome-about-me would use the EnrollStart method to write a new fingerprint data file for the specified user.
  
 
* gnome-screensaver would be able to use finger scans to unlock the desktop
 
* gnome-screensaver would be able to use finger scans to unlock the desktop
Line 54: Line 48:
  
 
* Person installs a laptop/desktop system with a fingerprint-reader that's supported by [http://www.reactivated.net/fprint/ fprint]  
 
* Person installs a laptop/desktop system with a fingerprint-reader that's supported by [http://www.reactivated.net/fprint/ fprint]  
* Person sets their fingerprint in gnome-about-me or in the user creation firstboot module
+
* Person sets their fingerprint in gnome-about-me
 
* Person can log in using their fingerprint
 
* Person can log in using their fingerprint
  
Line 65: Line 59:
 
== Dependencies ==
 
== Dependencies ==
  
* Changed backend library from thinkfinger to [http://www.reactivated.net/fprint/ fprint] , after discussion with the maintainers of those two modules.
+
* libfprint and libusb1
* libusb 1.0 (async design, not libusb 0.1 already available in the distribution)
+
* async support in libfprint (see above)
+
 
* [https://bugzilla.redhat.com/show_bug.cgi?id=469418 authconfig support]
 
* [https://bugzilla.redhat.com/show_bug.cgi?id=469418 authconfig support]
 +
* fprintd with pam module
  
 
== Contingency Plan ==
 
== Contingency Plan ==

Revision as of 15:04, 27 November 2008

Contents

Fingerprint Readers

Summary

The goal of the project is making fingerprint readers as easy as possible to use for secondary authentication.

See the use cases in the whiteboard.

Owner

Current status

  • Targeted release:
  • Last updated: 2008-11-27
  • Percentage of completion: 80% (some code available)

libusb1, and the required libfprint are available in rawhide (F-11). The authconfig patch to enable pam_fprintd

fprintd is being reviewed. It includes a pam plugin to not require a password for login. The authconfig patch to add fingerprint reader authentication is also in rawhide.

Enrollment support is being added to gnome-about-me.

Detailed Description

Currently, using Fingerprint readers is a bit of a pain, and installing/using fprint and its pam module take more time than should ever be necessary.

Benefit to Fedora

Better Out-of-the-box experience for systems with fingerprint readers.

Scope

Better integration would mean

  • Having a D-Bus service for handling reading/using the fingerprint reader.
  • The PAM module uses the VerifyStart method provided over D-Bus to authenticate users, and will be added to the default configuration.
  • gnome-about-me would use the EnrollStart method to write a new fingerprint data file for the specified user.
  • gnome-screensaver would be able to use finger scans to unlock the desktop
  • Any other dialog presented to the user for authentication would be able to use finger scans
  • The create-user dialog in firstboot or its replacement could offer to enroll the new user

Test Plan

  • Person installs a laptop/desktop system with a fingerprint-reader that's supported by fprint
  • Person sets their fingerprint in gnome-about-me
  • Person can log in using their fingerprint

Documentation

Dependencies

Contingency Plan

Not installing the packages by default.

Release Notes

FIXME

Comments and Discussion

See Talk:Features/Fingerprint

Retrieved from "https://fedoraproject.org/w/index.php?title=Features/Fingerprint&oldid=61846"