Skip to content

Releases: archledger/irlume

irlume v0.1.1

Choose a tag to compare

@archledger archledger released this 04 Jul 04:34
v0.1.1

Packaging patch release: the Fedora Copr pipeline now works end-to-end, and native packages for all three families are attached. No functional changes to the daemon, CLI, or PAM module.

Install

Fedora (Copr, auto-updates with dnf upgrade):

sudo dnf copr enable archledger/irlume
sudo dnf install irlume

Arch:

sudo pacman -U irlume-0.1.1-1-x86_64.pkg.tar.zst

Debian/Ubuntu:

sudo apt install ./irlume_0.1.1_amd64.deb

Fixed

  • Packit Copr builds request build-time networking (enable_net) so cargo can reach crates.io.
  • Cargo.lock is now committed, so cargo build --locked works from release tarballs.
  • Fedora spec: added missing clang-devel, kernel-headers, pkgconf-pkg-config BuildRequires (bindgen for V4L2 bindings; pkg-config for tss-esapi).
  • Fedora spec: the SELinux policy module is compiled from its committed .te source during the build.

Full changelog: https://github.com/archledger/irlume/blob/main/CHANGELOG.md

irlume v0.1.0

Choose a tag to compare

@archledger archledger released this 04 Jul 01:03
v0.1.0

irlume v0.1.0

Local infrared face authentication for Linux — clean-BOM, TPM-sealed, meant to meet or beat Windows Hello.

First public release. irlume logs you in by your face using the IR (Windows Hello) camera, with the password always available as a fallback — no lockout, ever.

✨ What you get

  • Privilege-separated by design — a thin pam_irlume.so and irlume CLI are untrusted clients of a privileged irlumed daemon (the only thing that touches the camera, IR emitter, models, templates, or TPM), over a SO_PEERCRED-authenticated Unix socket.
  • Clean model bill-of-materials — every weight is permissive and GPLv3-compatible, so the whole stack ships bundled:
    Stage Model License
    Detection YuNet MIT
    Recognition AuraFace (512-D ArcFace) Apache-2.0
    Liveness — IR gate self-built, algorithmic
    Liveness — passive blink (opt-in) MediaPipe FaceMesh → EAR Apache-2.0
  • Your face never leaves as an image — only 512-D embeddings (a one-way projection), AES-256-GCM encrypted under a key the TPM seals to your boot state. Disk-theft tested: the sealed data is undecryptable on another machine.
  • Tiers by hardware — IR camera → Secure (login, sudo, lock screen, keyring unlock); RGB-only → Convenience (screen unlock only); optional fingerprint companion.
  • Smart PAM wiringirlume login enable wires the greeter + lock screen correctly for your login manager (GDM/SDDM/plasmalogin), method, and tier. Opt-in; never auto-wired on install.

📦 Install

Fedora

sudo dnf copr enable archledger/irlume
sudo dnf install irlume

Arch (from the Release assets)

sudo pacman -U ./irlume-*.pkg.tar.zst
# fresh install prompts for an onnxruntime provider — choose onnxruntime-cpu

Debian / Ubuntu (from the Release assets)

sudo apt install ./irlume_*.deb

onnxruntime is bundled on Fedora and Debian/Ubuntu; Arch uses the system package. Nothing else to install.

Then, once:

irlume ir-setup                    # enable the 850 nm IR emitter (IR cameras)
irlume tui                         # enroll your face + configure, guided
sudo irlume login enable --apply   # opt-in: wire the greeter + lock screen

✅ Validated

Working end-to-end on real hardware across Fedora, Arch, and Debian/Ubuntu — IR Secure tier, RGB Convenience tier, and fingerprint. Packaged and install-tested for all three families.

⚖️ Honest limitations

  • Passive blink liveness is a deterrent, not a guarantee. It closes casual and typical print/screen attacks, but a determined life-size glossy print can still slip through occasionally, and it doesn't cover glasses-wearers. Every miss falls safely to the password. Beating a determined glossy print needs a trained PAD model or true depth hardware.
  • RGB-only laptops get the Convenience tier — face unlocks the screen only, never sudo/login/keyring. By design.
  • Not lab-certified. Self-tested against ISO/IEC 30107-3; no paid iBeta pass. Demographic FMR tuning is ongoing.

Interfaces may still shift before 1.0.

🔏 Verify the release

This tag is GPG-signed (C10B8492BD7F30C6, archledger236@gmail.com):

git verify-tag v0.1.0

📄 License

GPL-3.0-or-later — fully open, copyleft.