Alon Bar-Lev wrote: > Hello Daniel, > > Great work! I was not aware of it.
Thanks for the feedback. > I have some comments regarding the PAM module. Yeah, it has a lot of deficiencies. I hacked it up really quickly as a proof of concept. I'm working on solving other problems before revisiting creating a properly ironed out login system. > Although it is working correctly, I think a few configuration options > should be added. > > 1. Allow getting password if provided, this is taken from pam-pkcs11. > For example, user enter his username and password at kdm, the pam > module can detect this and use this password. You mean to offer both the option of fingerprint OR password login at the same time? Thinkfinger does this too but the code is really ugly.. will have to look at how pkcs11 does it. > 2. Scan timeout, stop scan request after X seconds. This may be good > for screen saver unblock, so it won't stuck for ever. > 3. Scan timeout action, fail or continue to next PAM provider. Not really possible due to design problems with the library. Being worked on, but it's a lot of work to stabilise: http://www.reactivated.net/weblog/archives/2008/03/asynchronous-fingerprint-scanning > 4. Allow disable the PAM messaging, currently it prompt the user with > some message and then he has to enter OK before scanning. Patches accepted :) > pam-pkcs11 provides all these settings at the pam configuration file > as arguments. Will keep that in mind when I get back to working at this high level. Thanks! Daniel _______________________________________________ fprint mailing list [email protected] http://lists.reactivated.net/mailman/listinfo/fprint
