Thinkfinger cleanup

The tarball can be regenerated from svn using the 'get-orig-source' target.

Dear Tom,
I am new with ubuntu. Can you explain me what should I do with these files?
I have jaunty and a thinkpad x300. thinkfinger is woking great, no delay, no need for carrier return and it works after resuming from the screensaver.
The only problem I have is with the multiple keyboard option. I am using english and french keyboards. They switch ok but the indicator on the panel becomes corrupted after using thinkfinger. Instead of showing Fra for french it shows '??'
Do you know how to solve this bug?
Thanks
herman

These are the package files to build a new version of thinkfinger for Karmic. Official MOTU will take these files, review them and upload them to be built on LaunchPad for Karmic. When it's done, the new package will be available in Karmic. If you're new to Ubuntu it might be best to wait for the fix to land in Karmic.

In any case, your comment isn't relevant to this specific bug. Please consider opening a new bug against thinkfinger regarding your problem.

Actually, this is just a cleanup of the package, the fixes are already in karmic.

Sorry, the .diff.gz I posted earlier discarded some history, so here's an updated version that takes into account 0.3+r118-0ubuntu4. Note that I bumped the orig.tar.gz to 0.3+r118.3 in order to avoid clashes with debian, which has 0.3+r118.2 (which is not a proper svn export).

Tom, thanks for your work on this. However, it's generally not a good idea to rework orig.tar.gz files and diverge from Debian. Sticking as close to Debian as possible means less work for us in the future (allowing syncs and the like).

So I would normally close this bug and suggest that you file a bug with Debian to get them to change how they find/generate their orig.tar.gz files. Except, I notice that in Debian, thinkfinger has been removed from the archive in favor of FingerForce. So I'm just going to close this. But again, thanks for your work.

Er, FingerForce wasn't the right name. I meant fprint I guess. See http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=546005 for details.

This makes no sense. If the package is dropped from debian, we should
be free to do whatever we want with the package.

fprint is not an acceptable replacement for thinkfinger, as it allows
password login only after fingerprint authentication has timed out (i.e.
after 30 seconds!).

Michael Terry wrote:
> Tom, thanks for your work on this. However, it's generally not a good
> idea to rework orig.tar.gz files and diverge from Debian. Sticking as
> close to Debian as possible means less work for us in the future
> (allowing syncs and the like).
>
> So I would normally close this bug and suggest that you file a bug with
> Debian to get them to change how they find/generate their orig.tar.gz
> files. Except, I notice that in Debian, thinkfinger has been removed
> from the archive in favor of FingerForce. So I'm just going to close
> this. But again, thanks for your work.
>
> ** Changed in: thinkfinger (Ubuntu)
> Status: New => Won't Fix
>
> ** Bug watch added: Debian Bug tracker #546005
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=546005
>

Tom, thinkfinger is dead upstream. At this point, if you want to continue the thinkfinger project you should consider adopting it upstream. Hiding your patches in a bug tracker and in a debian dir is the equivalent of three week's notice behind the sign that says "Beware of Tiger," and is not going to achieve the level of quality a security system requires.

While I agree that the Ubuntu developer who prepared this package against svn make substantial errors that should be corrected if thinkfinger continues, I don't think it's a forgone conclusion that it should. You mention fprint is doesn't accept passwords, but it should be relatively simple to change libpam-fprint to accept a password and pass the results down the pam stack.

It might be worth considering dropping thinkfinger for ubuntu+2 entirely, if we can get eyeballs looking for regressions.

I have neither the time nor enough knowledge about its internals to even consider taking over the project. I just want things to work smoothly: Thinkfinger is stable enough that it only takes minimal effort to keep up with minor kernel or X changes that happen over time. But one thing is for sure: Having a basically unmaintainable package is not going to help improve the quality or the security of the system and we don't lose anything by replacing the current mess by something more manageable.

It really doesn't make any sense to shove fprint down people's throats before it has reached feature parity with thinkfinger. If fprint developers feel that thinkfinger's solution to the password problem is not acceptable to them, they need to push for improvements in pam. If they can't do that, I consider the project just as dead as thinkfinger. I'm certainly not going to spend my time writing a patch that upstream won't accept and then try getting it into ubuntu, I'd rather fight for thinkfinger to stay until they (fprint) get this basic usability issue sorted out.

hi Tom,
I upgraded to ubuntu 9.10.
Thinkfinger is working great as in 9.04, except for the login screen.
Is there already a solution for this?
I tried to update from the repository http://ppa.launchpad.net/jon-oberheide/ppa/ubuntu karmic
but I obtain the following error
GPG error: http://ppa.launchpad.net karmic Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 5A9A06AEF9CB8DB0Failed to fetch http://ppa.launchpad.net/jon-oberheide/ppa/ubuntu/dists/karmic/main/binary-i386/Packages.gz 404 Not Found
Some index files failed to download, they have been ignored, or old ones used instead.

thanks
Herman

@herman, the current karmic repository appears to have the correct code, so you don't need that PPA for Karmic. I just did a clean install of Karmic, and checked.

hi Noel,
did you manage to use finger print to log in from the log in screen?
It works fine when I have to enter my password after logging in, but I don't have the fingerprint option in the log in screen.
thanks

Yes, I can login, sudo, and unlock with thinkfinger. To perform the latter (gdm unlock) requires a udev rule:

#
# udev rules file for the thinkfinger fingerprint scanner
#
# Taken from: https://bugs.launchpad.net/ubuntu/+source/gnome-screensaver/+bug/138957

# uinput device
KERNEL=="uinput", MODE="0660", GROUP="plugdev"

Another udev rule that I use sets the power to auto, which is documented to help keep the reader from getting hot:

ACTION!="add", GOTO="fingerprint_end"
SYSFS{idVendor}=="0483", SYSFS{idProduct}=="2016", RUN+="/bin/sh -c 'echo auto > /sys/$devpath/power/level'"
LABEL="fingerprint_end"

After copying my udev rules:

  $ sudo apt-get install libpam-thinkfinger thinkfinger-tools
  $ sudo /usr/lib/pam-thinkfinger/pam-thinkfinger-enable
  $ tf-tool --acquire
  $ tf-tool --verify (to check)
  $ sudo reboot

Nothing fancy.

Noel,
I have already both udev rules. I can unlock from screensaver, resuming after hibernation, sudo, etc. However, the login screen after turning on the computer or rebooting does not have the fingerprint option and I can only type my password in.
It was working fine in ubuntu 9.04 but it doesn't in 9.10.

Do you think i have to uninstall and reinstall thinkfinger for the udev rules to be recognized?

Thanks

No, the installation order and setting up of the udev rules are independent. Not sure why you're having a problem. As I said, I did a clean install just the past week, went through the steps, and it is working just fine.

Why is this marked as WON'T FIX instead of FIX RELEASED? The fixed version is in Karmic.

This bug is about cleaning up the (totally screwed-up) package that is currently in ubuntu, not about any functional change. This could make everybody's life easier that's going to work on the package in the future, but apparently, killing off the package is a higher priority. Not exactly the way you encourage people to contribute to ubuntu, but I can't say I'm not used to it.