Summary: | [ebuild] sys-auth/poldi-0.2 - authentication through OpenPGP smartcards | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Sandro Bonazzola (RETIRED) <sanchan> |
Component: | New packages | Assignee: | Default Assignee for New Packages <maintainer-wanted> |
Status: | CONFIRMED --- | ||
Severity: | normal | CC: | andrewammerlaan, bertrand, mzielenkiewicz, sandro.bonazzola |
Priority: | Normal | Keywords: | EBUILD |
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.kernel.org/pub/linux/libs/pam/modules.html | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Attachments: |
initial proposed ebuild for poldi-0.2
poldi.conf example Ebuild for version 0.4.1 poldi 0.4.2_p20201120 ebuild |
Description
Sandro Bonazzola (RETIRED)
2005-10-09 10:23:56 UTC
Created attachment 70237 [details]
initial proposed ebuild for poldi-0.2
Proposed location sys-auth.
Created attachment 70239 [details]
poldi.conf example
Created using 'info poldi' as source of information.
Put this on sys-auth/poldi/files. It will be installed by the ebuild in the
correct location. Maybe a more detailed version could be provided with a
default /etc/pam.d/poldi file.
Created attachment 192535 [details]
Ebuild for version 0.4.1
Updated to version 0.4.1.
Also fixed source location to new one and made ebuild work with newer portage.
It builds and runs (or at least seems to) without problem on PPC. I'd recommend adding the ~ppc keyword. Thanks for this Ebuild! Created attachment 764720 [details] poldi 0.4.2_p20201120 ebuild Here's an updated ebuild for the latest snapshot from GitHub. Configuration is non-trivial though and is poorly documented. The guide from Nitrokey[1] is nice, but is missing a step that is required in the latest version: "auth-method localdb" in /etc/poldi/poldi.conf. It works as expected. However, due to scdaemon locking the card to the process card based login will fail if there is an instance already running (e.g. logging in on tty if you have scdaemon running in X11 won't work). As I understand it, it should be possible to disable this behaviour in ~/.gnupg/scdaemon.conf by enabling pcsc-shared. Overall I'm not yet convinced this package should be added to ::gentoo (mainly because after using it for a bit, I find it less useful than I thought it would be). However, it might be a good candidate for adding to the ::guru repository [2] if there are users actually wanting to use this. [1] https://www.nitrokey.com/documentation/applications#p:nitrokey-pro&os:linux&a:computer-login [2] https://wiki.gentoo.org/wiki/Project:GURU |