Merge pull request #5550 from abbradar/fprintd

add fprintd support
2015-01-08 14:58:22 +01:00 · 2015-01-08 14:58:22 +01:00 · 908c47b281
parent 1e46e8a964 30cd59667b
commit 908c47b281
10 changed files with 7553 additions and 0 deletions
--- a/nixos/modules/module-list.nix
+++ b/nixos/modules/module-list.nix
@ -307,6 +307,7 @@
  ./services/search/solr.nix
  ./services/security/clamav.nix
  ./services/security/fail2ban.nix
+  ./services/security/fprintd.nix
  ./services/security/fprot.nix
  ./services/security/frandom.nix
  ./services/security/haveged.nix
--- a/nixos/modules/security/pam.nix
+++ b/nixos/modules/security/pam.nix
@ -54,6 +54,15 @@ let
        '';
      };

+      fprintAuth = mkOption {
+        default = config.services.fprintd.enable;
+        type = types.bool;
+        description = ''
+          If set, fingerprint reader will be used (if exists and
+          your fingerprints are enrolled).
+        '';
+      };
+
      sshAgentAuth = mkOption {
        default = false;
        type = types.bool;
@ -179,6 +188,8 @@ let
              "auth required pam_tally.so"}
          ${optionalString (config.security.pam.enableSSHAgentAuth && cfg.sshAgentAuth)
              "auth sufficient ${pkgs.pam_ssh_agent_auth}/libexec/pam_ssh_agent_auth.so file=~/.ssh/authorized_keys:~/.ssh/authorized_keys2:/etc/ssh/authorized_keys.d/%u"}
+          ${optionalString cfg.fprintAuth
+              "auth sufficient ${pkgs.fprintd}/lib/security/pam_fprintd.so"}
          ${optionalString cfg.usbAuth
              "auth sufficient ${pkgs.pam_usb}/lib/security/pam_usb.so"}
          ${optionalString cfg.unixAuth
--- a/nixos/modules/services/security/fprintd.nix
+++ b/nixos/modules/services/security/fprintd.nix
@ -0,0 +1,53 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+let
+
+  cfg = config.services.fprintd;
+
+in
+
+
+{
+
+  ###### interface
+
+  options = {
+
+    services.fprintd = {
+
+      enable = mkOption {
+        type = types.bool;
+        default = false;
+        description = ''
+          Whether to enable fprintd daemon and PAM module for fingerprint readers handling.
+        '';
+      };
+
+    };
+    
+  };
+  
+  
+  ###### implementation
+  
+  config = mkIf cfg.enable {
+
+    services.dbus.packages = [ pkgs.fprintd ];
+
+    environment.systemPackages = [ pkgs.fprintd ];
+
+    systemd.services.fprintd = {
+      description = "Fingerprint Authentication Daemon";
+
+      serviceConfig = {
+        Type = "dbus";
+        BusName = "net.reactivated.Fprint";
+        ExecStart = "${pkgs.fprintd}/libexec/fprintd";
+      };
+    };
+
+  };
+  
+}
--- a/pkgs/development/libraries/libfprint/0001-lib-Add-VFS5011-driver.patch
+++ b/pkgs/development/libraries/libfprint/0001-lib-Add-VFS5011-driver.patch
--- a/pkgs/development/libraries/libfprint/default.nix
+++ b/pkgs/development/libraries/libfprint/default.nix
@ -0,0 +1,23 @@
+{ stdenv, fetchurl, pkgconfig, libusb, glib, nss, nspr, gdk_pixbuf }:
+
+stdenv.mkDerivation rec {
+  name = "libfprint-0.5.1";
+
+  src = fetchurl {
+    url = "http://people.freedesktop.org/~hadess/${name}.tar.xz";
+    sha256 = "1cwgaswqcvvbclahk2m2qr09k7lf7l8jwvgf3svq92w8j4xmc4kd";
+  };
+
+  buildInputs = [ libusb glib nss nspr gdk_pixbuf ];
+  nativeBuildInputs = [ pkgconfig ];
+
+  configureFlags = [ "--with-udev-rules-dir=$(out)/lib/udev/rules.d" ];
+
+  meta = with stdenv.lib; {
+    homepage = "http://www.freedesktop.org/wiki/Software/fprint/libfprint/";
+    description = "A library designed to make it easy to add support for consumer fingerprint readers";
+    license = licenses.lgpl2;
+    platforms = platforms.linux;
+    maintainers = with maintainers; [ abbradar ];
+  };
+}
--- a/pkgs/development/libraries/libfprint/master.nix
+++ b/pkgs/development/libraries/libfprint/master.nix
@ -0,0 +1,28 @@
+{ stdenv, fetchgit, libtool, autoconf, automake113x, pkgconfig, libusb, glib, nss, nspr, pixman }:
+
+stdenv.mkDerivation rec {
+  name = "libfprint";
+
+  src = fetchgit {
+    url = "git://anongit.freedesktop.org/libfprint/libfprint";
+    rev = "35e356f625d254f44c14f720c0eb9216297d35c2";
+    sha256 = "b7fd74a914d7c4e2999ac20432a7f2af5d6c7af5e75a367bc3babe03e4576c86";
+  };
+
+  patches = [ ./0001-lib-Add-VFS5011-driver.patch ];
+
+  buildInputs = [ libusb glib nss nspr pixman ];
+  nativeBuildInputs = [ libtool autoconf automake113x pkgconfig ];
+
+  configureScript = "./autogen.sh";
+
+  configureFlags = [ "--prefix=$(out)" "--disable-examples-build" "--disable-x11-examples-build" "--with-udev-rules-dir=$(out)/lib/udev/rules.d" ];
+
+  meta = with stdenv.lib; {
+    homepage = "http://www.freedesktop.org/wiki/Software/fprint/libfprint/";
+    description = "A library designed to make it easy to add support for consumer fingerprint readers";
+    license = licenses.lgpl2;
+    platforms = platforms.linux;
+    maintainers = with maintainers; [ abbradar ];
+  };
+}
--- a/pkgs/tools/security/fprint_demo/default.nix
+++ b/pkgs/tools/security/fprint_demo/default.nix
@ -0,0 +1,22 @@
+{ stdenv, fetchgit, autoreconfHook, pkgconfig, libfprint, gtk2 }:
+
+stdenv.mkDerivation rec {
+  name = "fprint_demo";
+
+  src = fetchgit {
+    url = "git://github.com/dsd/fprint_demo";
+    rev = "5d86c3f778bf97a29b73bdafbebd1970e560bfb0";
+    sha256 = "fe5bbf8d062fedd6fa796e50c5bd95fef49580eb0a890f78d6f55bd51cc94234";
+  };
+
+  buildInputs = [ libfprint gtk2 ];
+  nativeBuildInputs = [ pkgconfig autoreconfHook ];
+
+  meta = with stdenv.lib; {
+    homepage = "http://www.freedesktop.org/wiki/Software/fprint/fprint_demo/";
+    description = "A simple GTK+ application to demonstrate and test libfprint's capabilities";
+    license = licenses.gpl2;
+    platforms = platforms.linux;
+    maintainers = with maintainers; [ abbradar ];
+  };
+}
--- a/pkgs/tools/security/fprintd/default.nix
+++ b/pkgs/tools/security/fprintd/default.nix
@ -0,0 +1,25 @@
+{ stdenv, fetchurl, pkgconfig, libfprint, intltool, glib, dbus_glib, polkit, nss, pam, systemd }:
+
+stdenv.mkDerivation rec {
+  name = "fprintd-0.5.1";
+
+  src = fetchurl {
+    url = "http://people.freedesktop.org/~hadess/${name}.tar.xz";
+    sha256 = "0n3fh28cvqrhjig30lz1p075g0wd7jnhvz1j34n37c0cwc7rfmlj";
+  };
+
+  patches = [ ./pod.patch ];
+
+  buildInputs = [ libfprint glib dbus_glib polkit nss pam systemd ];
+  nativeBuildInputs = [ pkgconfig intltool ];
+
+  configureFlags = [ "--with-systemdsystemunitdir=$(out)/lib/systemd/system" ];
+
+  meta = with stdenv.lib; {
+    homepage = "http://www.freedesktop.org/wiki/Software/fprint/fprintd/";
+    description = "D-Bus daemon that offers libfprint functionality over the D-Bus interprocess communication bus";
+    license = licenses.gpl2;
+    platforms = platforms.linux;
+    maintainers = with maintainers; [ abbradar ];
+  };
+}
--- a/pkgs/tools/security/fprintd/pod.patch
+++ b/pkgs/tools/security/fprintd/pod.patch
@ -0,0 +1,9 @@
+diff -u -r fprintd-0.5.1/data/fprintd.pod fprintd-0.5.1-pod/data/fprintd.pod
+--- fprintd-0.5.1/data/fprintd.pod	2013-06-26 13:10:17.000000000 +0200
+++ fprintd-0.5.1-pod/data/fprintd.pod	2013-08-17 12:17:36.330332635 +0200
+@@ -100,3 +100,5 @@
+ =over 8
+ 
+ =item B<dbus-daemon>, B<gnome-about-me>
+
+=back
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@ -1226,6 +1226,10 @@ let

  fprot = callPackage ../tools/security/fprot { };

+  fprintd = callPackage ../tools/security/fprintd { };
+
+  fprint_demo = callPackage ../tools/security/fprint_demo { };
+
  freeipmi = callPackage ../tools/system/freeipmi {};

  freetalk = callPackage ../applications/networking/instant-messengers/freetalk {
@ -5871,6 +5875,8 @@ let
    extraOnly = true;
  };

+  libfprint = callPackage ../development/libraries/libfprint/master.nix { };
+
  libgadu = callPackage ../development/libraries/libgadu { };

  libgdata = gnome3.libgdata;