-
Notifications
You must be signed in to change notification settings - Fork 76
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
setup individual prompt message for interactive mode #48
setup individual prompt message for interactive mode #48
Conversation
@@ -127,6 +127,10 @@ interactive:: | |||
Set to prompt a message and wait before testing the presence of a U2F device. | |||
Recommended if your device doesn't have a tactile trigger. | |||
|
|||
[prompt=your prompt here without newline]:: | |||
Set individual prompt message for interactive mode. Watch the square brackets | |||
around this parameter to get spaces correct recognized by PAM. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: correct
-> correctly
Also, why do you need brackets to ensure proper spacing? Is that a PAM thing?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
an ok, native gerrman speaking so sometimes I miss the right syntax.
Yes, thats a pam thing: (last answer references the man page of it:
http://stackoverflow.com/questions/17731555/allow-escape-spaces-in-linux-pam-modules
From the useful documentation available by typing
man pam.d
: (emphasis added)module-arguments are a space separated list of tokens that can be used to modify the specific behavior of the given PAM. Such arguments will be documented for each individual module. Note, if you wish to include spaces in an argument, you should surround that argument with square brackets.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Great, thanks for the pointer.
One last thing. I'd like the same information to be added to man/pam_u2f.8.txt for the manpage creation. Should I add that, or do you want to?
|
||
DBG(("Using default prompt %s", buf)); | ||
|
||
cfg->prompt = strdup(buf); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why don't you directly strdup
DEFAULT_PROMPT? Sounds easier to me than having two allocations and to copies.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I setup it "copy&paste" same way as found for authfile parameter.
But if it can done easier faster than feel free to improve it. I had several years not programmed C anymore.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not a big deal by any stretch. Sounds like other parts need a thorough check :)
Closing in favour of #60 |
Would be nice to get in common an individual prompt for e.g. mention a key hint.
Feel free to enhance /modify it if didn't fit your module standard.
In my case there is the idea to have a quick solution for using 2 U2F keys to get 4-eyes principle / like PGP key sharing/splitting to require 2 developers signing in together on production servers with e.g. this lines: