FreeBSD Bugzilla – Attachment 188644 Details for
Bug 224199
[NEW PORT] security/u2f-devd: devd hotplug rules for Universal 2nd Factor (U2F) tokens
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
u2f.diff
u2f.diff (text/plain), 10.21 KB, created by
Val Packett
on 2017-12-09 10:49:03 UTC
(
hide
)
Description:
u2f.diff
Filename:
MIME Type:
Creator:
Val Packett
Created:
2017-12-09 10:49:03 UTC
Size:
10.21 KB
patch
obsolete
>Index: security/Makefile >=================================================================== >--- security/Makefile (revision 455781) >+++ security/Makefile (working copy) >@@ -1237,6 +1237,7 @@ > SUBDIR += truecrypt > SUBDIR += tsshbatch > SUBDIR += tthsum >+ SUBDIR += u2f-devd > SUBDIR += umit > SUBDIR += unhide > SUBDIR += unicornscan >Index: security/libu2f-host/Makefile >=================================================================== >--- security/libu2f-host/Makefile (revision 455781) >+++ security/libu2f-host/Makefile (working copy) >@@ -3,6 +3,7 @@ > PORTNAME= libu2f-host > PORTVERSION= 1.1.4 > DISTVERSIONPREFIX= ${PORTNAME}- >+PORTREVISION= 1 > CATEGORIES= security devel > > MAINTAINER= cpm@FreeBSD.org >@@ -15,6 +16,7 @@ > help2man:misc/help2man > LIB_DEPENDS= libhidapi.so:comms/hidapi \ > libjson-c.so:devel/json-c >+RUN_DEPENDS= ${LOCALBASE}/etc/devd/u2f.conf:security/u2f-devd > > USES= autoreconf pkgconfig gmake libtool > GNU_CONFIGURE= yes >@@ -26,12 +28,4 @@ > CONFIGURE_ARGS= --disable-gtk-doc > INSTALL_TARGET= install-strip > >-SUB_FILES= pkg-message >- >-GROUPS= u2f >- >-post-install: >- ${INSTALL_DATA} ${WRKSRC}/u2f.conf.sample \ >- ${STAGEDIR}${PREFIX}/etc/devd >- > .include <bsd.port.mk> >Index: security/libu2f-host/files/pkg-message.in >=================================================================== >--- security/libu2f-host/files/pkg-message.in (revision 455781) >+++ security/libu2f-host/files/pkg-message.in (nonexistent) >@@ -1,13 +0,0 @@ >-====================================================================== >- >-The package requires read/write access to USB devices. To facilitate >-such access it comes with a devd.conf(5) file, but you still need to >-restart devd(8), add the desired users to "u2f" group and log those >-out of the current session. For example: >- >-$ pw group mod u2f -m <user> >-$ shutdown -r now >- >-For details, see %%PREFIX%%/etc/devd/u2f.conf >- >-====================================================================== > >Property changes on: security/libu2f-host/files/pkg-message.in >___________________________________________________________________ >Deleted: fbsd:nokeywords >## -1 +0,0 ## >-yes >\ No newline at end of property >Deleted: svn:eol-style >## -1 +0,0 ## >-native >\ No newline at end of property >Deleted: svn:mime-type >## -1 +0,0 ## >-text/plain >\ No newline at end of property >Index: security/libu2f-host/pkg-plist >=================================================================== >--- security/libu2f-host/pkg-plist (revision 455781) >+++ security/libu2f-host/pkg-plist (working copy) >@@ -1,5 +1,4 @@ > bin/u2f-host >-@sample etc/devd/u2f.conf.sample > include/u2f-host/u2f-host-types.h > include/u2f-host/u2f-host-version.h > include/u2f-host/u2f-host.h >Index: security/u2f-devd/Makefile >=================================================================== >--- security/u2f-devd/Makefile (nonexistent) >+++ security/u2f-devd/Makefile (working copy) >@@ -0,0 +1,24 @@ >+# $FreeBSD$ >+ >+PORTNAME= u2f-devd >+PORTVERSION= 1.0.0 >+CATEGORIES= security >+MASTER_SITES= # >+DISTFILES= # >+ >+MAINTAINER= greg@unrelenting.technology >+COMMENT= Devd hotplug rules for Universal 2nd Factor (U2F) tokens >+ >+LICENSE= BSD2CLAUSE >+ >+NO_BUILD= yes >+SUB_FILES= pkg-message >+ >+GROUPS= u2f >+ >+PLIST_FILES= etc/devd/u2f.conf >+ >+do-install: >+ ${INSTALL_DATA} ${FILESDIR}/u2f.conf ${STAGEDIR}${PREFIX}/etc/devd >+ >+.include <bsd.port.mk> > >Property changes on: security/u2f-devd/Makefile >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:keywords >## -0,0 +1 ## >+FreeBSD=%H >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/u2f-devd/files/pkg-message.in >=================================================================== >--- security/u2f-devd/files/pkg-message.in (nonexistent) >+++ security/u2f-devd/files/pkg-message.in (working copy) >@@ -0,0 +1,14 @@ >+====================================================================== >+ >+U2F authentication requires read/write access to USB devices. To >+facilitate such access it comes with a devd.conf(5) file, but you >+still need to restart devd(8), add the desired users to "u2f" group >+and log those out of the current session. For example: >+ >+# service devd restart >+# pw group mod u2f -m <user> >+$ exit >+ >+For details, see %%PREFIX%%/etc/devd/u2f.conf >+ >+====================================================================== > >Property changes on: security/u2f-devd/files/pkg-message.in >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:keywords >## -0,0 +1 ## >+FreeBSD=%H >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/u2f-devd/files/u2f.conf >=================================================================== >--- security/u2f-devd/files/u2f.conf (nonexistent) >+++ security/u2f-devd/files/u2f.conf (working copy) >@@ -0,0 +1,163 @@ >+# Allow members of group u2f to access U2F authentication tokens. >+# 'notify' rules work on /dev/usb/* (used by libu2f-host), >+# 'attach' rules work on /dev/uhid* (used by web browsers) >+ >+# Yubico Yubikey >+notify 100 { >+ match "system" "USB"; >+ match "subsystem" "DEVICE"; >+ match "type" "ATTACH"; >+ match "vendor" "0x1050"; >+ match "product" "(0x0113|0x0114|0x0115|0x0116|0x0120|0x0200|0x0420|0x0403|0x0406|0x0407|0x0410)"; >+ action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev"; >+}; >+ >+attach 100 { >+ match "vendor" "0x1050"; >+ match "product" "(0x0113|0x0114|0x0115|0x0116|0x0120|0x0200|0x0420|0x0403|0x0406|0x0407|0x0410)"; >+ action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name"; >+}; >+ >+# Happlink (formerly Plug-Up) Security KEY >+notify 100 { >+ match "system" "USB"; >+ match "subsystem" "DEVICE"; >+ match "type" "ATTACH"; >+ match "vendor" "0x2581"; >+ match "product" "0xf1d0"; >+ action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev"; >+}; >+ >+attach 100 { >+ match "vendor" "0x2581"; >+ match "product" "0xf1d0"; >+ action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name"; >+}; >+ >+# Neowave Keydo and Keydo AES >+notify 100 { >+ match "system" "USB"; >+ match "subsystem" "DEVICE"; >+ match "type" "ATTACH"; >+ match "vendor" "0x1e0d"; >+ match "product" "(0xf1d0|0xf1ae)"; >+ action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev"; >+}; >+ >+attach 100 { >+ match "vendor" "0x1e0d"; >+ match "product" "(0xf1d0|0xf1ae)"; >+ action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name"; >+}; >+ >+# HyperSecu HyperFIDO >+notify 100 { >+ match "system" "USB"; >+ match "subsystem" "DEVICE"; >+ match "type" "ATTACH"; >+ match "vendor" "(0x096e|0x2ccf)"; >+ match "product" "0x0880"; >+ action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev"; >+}; >+ >+attach 100 { >+ match "vendor" "(0x096e|0x2ccf)"; >+ match "product" "0x0880"; >+ action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name"; >+}; >+ >+# Feitian ePass FIDO >+notify 100 { >+ match "system" "USB"; >+ match "subsystem" "DEVICE"; >+ match "type" "ATTACH"; >+ match "vendor" "0x096e"; >+ match "product" "(0x0850|0x0852|0x0853|0x0854|0x0856|0x0858|0x085a|0x085b)"; >+ action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev"; >+}; >+ >+attach 100 { >+ match "vendor" "0x096e"; >+ match "product" "(0x0850|0x0852|0x0853|0x0854|0x0856|0x0858|0x085a|0x085b)"; >+ action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name"; >+}; >+ >+# JaCarta U2F >+notify 100 { >+ match "system" "USB"; >+ match "subsystem" "DEVICE"; >+ match "type" "ATTACH"; >+ match "vendor" "0x24dc"; >+ match "product" "0x0101"; >+ action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev"; >+}; >+ >+attach 100 { >+ match "vendor" "0x24dc"; >+ match "product" "0x0101"; >+ action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name"; >+}; >+ >+# U2F Zero >+notify 100 { >+ match "system" "USB"; >+ match "subsystem" "DEVICE"; >+ match "type" "ATTACH"; >+ match "vendor" "0x10c4"; >+ match "product" "0x8acf"; >+ action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev"; >+}; >+ >+attach 100 { >+ match "vendor" "0x10c4"; >+ match "product" "0x8acf"; >+ action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name"; >+}; >+ >+# VASCO SeccureClick >+notify 100 { >+ match "system" "USB"; >+ match "subsystem" "DEVICE"; >+ match "type" "ATTACH"; >+ match "vendor" "0x1a44"; >+ match "product" "0x00bb"; >+ action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev"; >+}; >+ >+attach 100 { >+ match "vendor" "0x1a44"; >+ match "product" "0x00bb"; >+ action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name"; >+}; >+ >+# Bluink Key >+notify 100 { >+ match "system" "USB"; >+ match "subsystem" "DEVICE"; >+ match "type" "ATTACH"; >+ match "vendor" "0x2abe"; >+ match "product" "0x1002"; >+ action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev"; >+}; >+ >+attach 100 { >+ match "vendor" "0x2abe"; >+ match "product" "0x1002"; >+ action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name"; >+}; >+ >+# Thetis Key >+notify 100 { >+ match "system" "USB"; >+ match "subsystem" "DEVICE"; >+ match "type" "ATTACH"; >+ match "vendor" "0x1ea8"; >+ match "product" "0xf025"; >+ action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev"; >+}; >+ >+attach 100 { >+ match "vendor" "0x1ea8"; >+ match "product" "0xf025"; >+ action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name"; >+}; > >Property changes on: security/u2f-devd/files/u2f.conf >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:keywords >## -0,0 +1 ## >+FreeBSD=%H >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/u2f-devd/pkg-descr >=================================================================== >--- security/u2f-devd/pkg-descr (nonexistent) >+++ security/u2f-devd/pkg-descr (working copy) >@@ -0,0 +1,2 @@ >+Automatic device permission handling for Universal 2nd Factor (U2F) USB >+authentication tokens. > >Property changes on: security/u2f-devd/pkg-descr >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=188644">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 224199
: 188644