Index: GIDs =================================================================== --- GIDs +++ GIDs @@ -57,7 +57,7 @@ amavis:*:113: dhis:*:114: _symon:*:115: -# free: 116 +u2f:*:116: smokeping:*:117: ircproxyd:*:118: mythtv:*:119: Index: security/libu2f-host/Makefile =================================================================== --- security/libu2f-host/Makefile +++ security/libu2f-host/Makefile @@ -5,10 +5,10 @@ DISTVERSIONPREFIX= ${PORTNAME}- CATEGORIES= security devel -MAINTAINER= bapt@FreeBSD.org +MAINTAINER= cpm@FreeBSD.org COMMENT= Yubico Universal 2nd Factor (U2F) Host C Library -LICENSE= LGPL21 GPLv3 +LICENSE= LGPL21+ GPLv3+ LICENSE_COMB= multi BUILD_DEPENDS= gengetopt:devel/gengetopt \ @@ -26,4 +26,12 @@ CONFIGRUE_ARGS= --disable-gtk-doc INSTALL_TARGET= install-strip +SUB_FILES= pkg-message + +GROUPS= u2f + +post-install: + ${INSTALL_DATA} ${FILESDIR}/u2f.conf.sample \ + ${STAGEDIR}${PREFIX}/etc/devd + .include Index: security/libu2f-host/files/pkg-message.in =================================================================== --- security/libu2f-host/files/pkg-message.in +++ security/libu2f-host/files/pkg-message.in @@ -0,0 +1,13 @@ +====================================================================== + +The package requires read/write access to USB devices. To facilitate +such access it comes with a devd.conf(5) file, but you still need to +restart devd(8), add the desired users to "u2f" group and log those +out of the current session. For example: + +$ pw group mod u2f -m +$ shutdown -r now + +For details, see %%PREFIX%%/etc/devd/u2f.conf + +====================================================================== Index: security/libu2f-host/files/u2f.conf.sample =================================================================== --- security/libu2f-host/files/u2f.conf.sample +++ security/libu2f-host/files/u2f.conf.sample @@ -0,0 +1,91 @@ +# Allow members of group u2f to access U2F devices + +# Yubico Yubikey +notify 100 { + match "system" "USB"; + match "subsystem" "DEVICE"; + match "type" "ATTACH"; + match "vendor" "0x1050"; + match "product" "(0x0113|0x0114|0x0115|0x0116|0x0120|0x0420|0x0403|0x0406|0x0407|0x0410)"; + action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev"; +}; + +# Happlink (formerly Plug-Up) Security KEY +notify 100 { + match "system" "USB"; + match "subsystem" "DEVICE"; + match "type" "ATTACH"; + match "vendor" "0x2581"; + match "product" "0xf1d0"; + action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev"; +}; + +# Neowave Keydo and Keydo AES +notify 100 { + match "system" "USB"; + match "subsystem" "DEVICE"; + match "type" "ATTACH"; + match "vendor" "0x1e0d"; + match "product" "(0xf1d0|0xf1ae)"; + action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev"; +}; + +# HyperSecu HyperFIDO +notify 100 { + match "system" "USB"; + match "subsystem" "DEVICE"; + match "type" "ATTACH"; + match "vendor" "(0x096e|0x2ccf)"; + match "product" "0x0880"; + action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev"; +}; + +# Feitian ePass FIDO +notify 100 { + match "system" "USB"; + match "subsystem" "DEVICE"; + match "type" "ATTACH"; + match "vendor" "0x096e"; + match "product" "(0x0850|0x0852|0x0853|0x0854|0x0856|0x0858|0x085a|0x085b)"; + action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev"; +}; + +# JaCarta U2F +notify 100 { + match "system" "USB"; + match "subsystem" "DEVICE"; + match "type" "ATTACH"; + match "vendor" "0x24dc"; + match "product" "0x0101"; + action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev"; +}; + +# U2F Zero +notify 100 { + match "system" "USB"; + match "subsystem" "DEVICE"; + match "type" "ATTACH"; + match "vendor" "0x10c4"; + match "product" "0x8acf"; + action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev"; +}; + +# VASCO SeccureClick +notify 100 { + match "system" "USB"; + match "subsystem" "DEVICE"; + match "type" "ATTACH"; + match "vendor" "0x1a44"; + match "product" "0x00bb"; + action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev"; +}; + +# Bluink Key +notify 100 { + match "system" "USB"; + match "subsystem" "DEVICE"; + match "type" "ATTACH"; + match "vendor" "0x2abe"; + match "product" "0x1002"; + action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev"; +}; Index: security/libu2f-host/pkg-plist =================================================================== --- security/libu2f-host/pkg-plist +++ security/libu2f-host/pkg-plist @@ -1,4 +1,5 @@ bin/u2f-host +@sample etc/devd/u2f.conf.sample include/u2f-host/u2f-host-types.h include/u2f-host/u2f-host-version.h include/u2f-host/u2f-host.h