New version

[Xiretza]

Hi! Please create a new release tag and push it to crates.io. The latest version at this time, 0.7.0, is ancient and bears little resemblance to git master, which has received a ton of improvements and new features over the last 2.5 years.

[lechner]

Hi @1wilkens,

Not sure if this error is still relevant, but I wrote a very similar module definition . It was originally separate but now works with your version 0.7.0 (I discovered your crate yesterday) if you would like to have a look before cutting a new release.

Kind regards Felix Lechner

[1wilkens]

@Xiretza Hey I'm sorry I haven't gotten around to making a new release. I was planning to merge or address the pending PRs before doing that, but haven't had much time recently.

I'll try to review pending changes and push a new release next week!

@lechner I am also not sure if this is still relevant :sweat_smile: The module part hasn't gotten enough love, as I personally don't have a use-case for it yet. I'll gladly take a look at your approach :)

[lechner]

@1wilkens Hi, that's are a good match. I only work on modules.

As a first step, could you perhaps update pam-sys (and make any changes needed here)?

I found an incongruence (PR coming) that is possibly related to this pending change over there. You may also need this. Credit for both changes goes to SpaceManiac on ##rust.

I would then submit my other changes to this repo over time, or I could create a new crate pam-modules (your choice). Besides the module code, I would like to suggest a few modest changes to the "Rustified" function bindings.

[VuiMuich]

Hi, please excuse my ignorance, but do I get the idea of modules right as it would allow to use configs in /etc/pam.d/? One of my projects is a screenlocker for x11 seesions. At the moment it is basically a refactored and extended fork of SilverSoldier/rlock and I'd love to have PAM supporting biometric authentication.

So I would be quite excited for the service module support, as my Rust abilities are yet to novice to get it done by foot at this point, I guess.

[lechner]

@VuiMuich Programs seeking authentication—like your screen locker—can always be configured to use installed service modules. You would use the module feature here to support a new authentication method or session facilities that can then be used by programs.

Hope that helps!

[VuiMuich]

Ok, thanks. So I would I just nee pam-sys? Or would I still use pam but implement my on conversation handler? Sorry for asking stupid questions..

Edit: in order to keep this issue clean, I opened my issue No.1 . If you would be so kind to help me figuring this one out, would be greatly appreciated!

[lechner]

I am not sure what you would like to achieve, but any Rust program would benefit from the Rustified API in pam (vs. pam-sys). Your system's authentication methods, on the other hand, are configured in /etc/pam.d (or in Debian, also in /usr/share/pam-configs). They have little to do with this Git repo. You can read up on everything here.

[VuiMuich]

Well my final goal is to use whatever the "default" authentication method of the system is, to unlock the screen. Be it a password (and by entering a password I actually can unlock the screen), be it a fingerprint reader (which e.g. can unlock i3lock but in my case does not work), or be it anything else like a chipcard or whatever. And I believe slowly I start to get what the problem might be: the fingerprint-service needs to either return PAM_SUCCESS or the decrypted password, I guess.

[lechner]

You won't be writing any modules.

Fingerprint setups vary, but PAM is often configured as (password OR fingerprint). The fingerprint may or may not yield the token needed to decrypt a drive, or similar.

[1wilkens]

Sorry for the late reply, I am finally getting around to review some more changes (yay for vacation time).

@1wilkens Hi, that's are a good match. I only work on modules.

Great, some more eyes (and hands) are always appreciated!

As a first step, could you perhaps update pam-sys (and make any changes needed here)?

For pam-sys the 1.0.0 alphas are published and we are just sorting out some issues related to correctly handling non-Linux platforms.

I found an incongruence (PR coming) that is possibly related to this pending change over there. You may also need this. Credit for both changes goes to SpaceManiac on ##rust.

Yeah that should be related to the changed in pam-sys you mentioned. However, the changes for FreeBSD and other OS might also affect signedness so I am slightly hesitant to merge the change right away before pam-sys settles. Please do open the PR, so we can merge when this is done.

I would then submit my other changes to this repo over time, or I could create a new crate pam-modules (your choice). Besides the module code, I would like to suggest a few modest changes to the "Rustified" function bindings.

I appreciate any ideas regarding the API design in general as well as module-specific changes. Regarding the client API there is already some discussion in #14 that are quite stale (I should get around to change that). Regarding the module API I looked at some other crates that also but didn't get to a satisfying solution, so any ideas (and PRs!) are welcome! Tl;dr: I'd like for pam to be the one-stop-shop for all things PAM so I'd happily include your changes!

[1wilkens]

Also @Xiretza sorry for another delay, but I'd like to wait for the pending changes in pam-sys before cutting a new release, so it'll take some more time. In the meantime you could probably use a git dependency to use the current state?

[Xiretza]

No worries, I just opened the issue to get a discussion going, I'm not in a hurry.

[Will-Shanks]

@1wilkens any update on a new version? There hasn't been one in 4 years so the crate appears dead, but it looks like there is still work going on in this repo.

[Decodetalkers]

0.7.0 on crate do not have features "client", seems need a new version

[ariel-miculas]

@1wilkens I'm also wondering whether this crate is dead or if you're planning on maintaining it.

[Goorzhel]

I've emailed him so nobody else in the thread has to.

[1wilkens]

Hey there, sorry for the complete radio silence. Daylife got the better of me! I finished my degree and changed jobs.

Anyway, I want to come back to this crate (and pam-sys which I've just release a small patch release) but might add a co-maintainer to prevent such a situation in the future.

Regarding the new release I was always hesitant as pam-sys was (and still is to some degree) in-flux. However, the situation is obviously not great right now with the last release from 4(!) years ago.. I'll cut a release right now (as current master is building with the bumped pam-sys) and try to catch up on the list of open PRs and discussions.

Ideally, I'd like to bring pam-sys to a 1.0 release this year and figure our a sensible path forward with this crate.

Sorry again for the huge delay!