How to enable integrated fingerprint reader with BioAPI
Contents |
This page describes the process of getting the fingerprint reader to work. It is based on experiences in Ubuntu on a T43. The same works on Fedora 4.
Basic driver installationGetting required libs and toolsInstalling the bioapi source
Installing the driver
Testing the driverGo to the folder where you extracted TFMESS_BSP_LIN_1.0beta2.zip and do:
If it doesn't work, ask for help at: t43fingerprint (at) badcode.de GDM Login via pam_bioapiGetting required libs & toolsInstalling pam_bioapi
The patch comes from this thread.
<username> must be the username you want to login with, gdm will probably break for any login name that has no .bir file.
Configuring pamThe following part is distribution specific. On Ubuntu you can modify /etc/pam.d/common-auth (on Gentoo and Fedora it is /etc/pam.d/system-auth) to look like this: # # /etc/pam.d/common-auth - authentication settings common to all services # # This file is included from other service-specific PAM config files, # and should contain a list of the authentication modules that define # the central authentication scheme for use on the system # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the # traditional Unix authentication mechanisms. # auth sufficient pam_bioapi.so {5550454b-2054-464d-2f45-535320425350} /etc/bioapi1.10/pam/ password sufficient pam_bioapi.so {5550454b-2054-464d-2f45-535320425350} /etc/bioapi1.10/pam/ auth required pam_unix.so nullok_secure With this modification pam immediatelly starts to use the fingerprint reader to do local authorization (e.g. sudo/gdm use the fingerprint reader). NOTE!
This was discovered through trial and success, if it is plain wrong, wikorrect it, please.
On Fedora, you may need to add /usr/local/lib to your LD_LIBRARY path so that the libraries referenced from pam_bioapi.so get picked up properly. Now gdm should pop up an (ugly) image to swipe your finger and... magic - you can login without a password. Make xscreensaver use the scanner
After reviewing the patch (it's small and straightforward), do
The patch should apply with some offset, don't mind that. If it says something about rejected though, then there's a problem. This patch prevents xscreensaver from opening an authentification window and dispatches the authentification request to another program, in our case pam and pam_bioapi. Compile with
and then install as root with
Make sure that the newly compiled xscreensaver is used
In case it doesn't, try
and retry.
kills your running instance of xscreensaver. Make sure you have the following line in your ~/.xscreensaver: alternativeAuth: True now look at /etc/pam.d/xscreensaver. If you're on Ubuntu Breezy and you have already changed /etc/pam.d/common-auth you should be good to go. Otherwise check that the following line is at the top of the file: auth sufficient pam_bioapi.so {5550454b-2054-464d-2f45-535320425350} /etc/bioapi1.10/pam start the new xscreensaver
There should be a splash screen with version 4.23. Now try with:
If you have questions or problems with this procedure, ask: t43fingerprint (at) badcode.de . |