D11328.id30834.diff
No OneTemporary
Actions

Size

6 KB

Referenced Files

None

Subscribers

None

D11328.id30834.diff
View Options

	Index: GIDs
	===================================================================
	--- GIDs
	+++ GIDs
	@@ -169,7 +169,7 @@
	postgrey:*:225:
	sqlgrey:*:226:
	_hfm:*:227:
	-# free: 228
	+u2f:*:228:
	kismet:*:229:
	# free: 230
	# free: 231
	Index: UIDs
	===================================================================
	--- UIDs
	+++ UIDs
	@@ -174,7 +174,7 @@
	postgrey:*:225:225::0:0:Postgrey Owner:/nonexistent:/usr/sbin/nologin
	sqlgrey:*:226:226::0:0:SQLgrey Owner:/nonexistent:/usr/sbin/nologin
	_hfm:*:227:227::0:0:hfm daemon:/nonexistent:/usr/sbin/nologin
	-# free: 228
	+u2f:*:228:228::0:0:u2f user:/nonexistent:/usr/sbin/nologin
	# free: 229
	# free: 230
	# free: 231
	Index: security/libu2f-host/Makefile
	===================================================================
	--- security/libu2f-host/Makefile
	+++ security/libu2f-host/Makefile
	@@ -5,7 +5,7 @@
	DISTVERSIONPREFIX= ${PORTNAME}-
	CATEGORIES= security devel

	-MAINTAINER= bapt@FreeBSD.org
	+MAINTAINER= cpm@FreeBSD.org
	COMMENT= Yubico Universal 2nd Factor (U2F) Host C Library

	LICENSE= LGPL21 GPLv3
	@@ -26,4 +26,13 @@
	CONFIGRUE_ARGS= --disable-gtk-doc
	INSTALL_TARGET= install-strip

	+SUB_FILES= pkg-message
	+
	+USERS= u2f
	+GROUPS= u2f
	+
	+post-install:
	+ ${INSTALL_DATA} ${FILESDIR}/u2f.conf.sample \
	+ ${STAGEDIR}${PREFIX}/etc/devd
	+
	.include <bsd.port.mk>
	Index: security/libu2f-host/files/pkg-message.in
	===================================================================
	--- security/libu2f-host/files/pkg-message.in
	+++ security/libu2f-host/files/pkg-message.in
	@@ -0,0 +1,100 @@
	+===================================================================
	+You should create %%PREFIX%%/etc/devd/u2f.conf to allow u2f access
	+permissions.
	+
	+Here is an example u2f.conf for supported devices.
	+
	+# Yubico Yubikey
	+notify 100 {
	+ match "system" "USB";
	+ match "subsystem" "DEVICE";
	+ match "type" "ATTACH";
	+ match "vendor" "0x1050";
	+ match "product" "(0x0113\|0x0114\|0x0115\|0x0116\|0x0120\|0x0420\|0x0403\|0x0406\|0x0407\|0x0410)";
	+ action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
	+};
	+
	+# Happlink (formerly Plug-Up) Security KEY
	+notify 100 {
	+ match "system" "USB";
	+ match "subsystem" "DEVICE";
	+ match "type" "ATTACH";
	+ match "vendor" "0x2581";
	+ match "product" "0xf1d0";
	+ action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
	+};
	+
	+# Neowave Keydo and Keydo AES
	+notify 100 {
	+ match "system" "USB";
	+ match "subsystem" "DEVICE";
	+ match "type" "ATTACH";
	+ match "vendor" "0x1e0d";
	+ match "product" "(0xf1d0\|0xf1ae)";
	+ action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
	+};
	+
	+# HyperSecu HyperFIDO
	+notify 100 {
	+ match "system" "USB";
	+ match "subsystem" "DEVICE";
	+ match "type" "ATTACH";
	+ match "vendor" "(0x096e\|0x2ccf)";
	+ match "product" "0x0880";
	+ action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
	+};
	+
	+# Feitian ePass FIDO
	+notify 100 {
	+ match "system" "USB";
	+ match "subsystem" "DEVICE";
	+ match "type" "ATTACH";
	+ match "vendor" "0x096e";
	+ match "product" "(0x0850\|0x0852\|0x0853\|0x0854\|0x0856\|0x0858\|0x085a\|0x085b)";
	+ action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
	+};
	+
	+# JaCarta U2F
	+notify 100 {
	+ match "system" "USB";
	+ match "subsystem" "DEVICE";
	+ match "type" "ATTACH";
	+ match "vendor" "0x24dc";
	+ match "product" "0x0101";
	+ action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
	+};
	+
	+# U2F Zero
	+notify 100 {
	+ match "system" "USB";
	+ match "subsystem" "DEVICE";
	+ match "type" "ATTACH";
	+ match "vendor" "0x10c4";
	+ match "product" "0x8acf";
	+ action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
	+};
	+
	+# VASCO SeccureClick
	+notify 100 {
	+ match "system" "USB";
	+ match "subsystem" "DEVICE";
	+ match "type" "ATTACH";
	+ match "vendor" "0x1a44";
	+ match "product" "0x00bb";
	+ action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
	+};
	+
	+# Bluink Key
	+notify 100 {
	+ match "system" "USB";
	+ match "subsystem" "DEVICE";
	+ match "type" "ATTACH";
	+ match "vendor" "0x2abe";
	+ match "product" "0x1002";
	+ action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
	+};
	+
	+Finally, restart devd with the command:
	+# service devd restart
	+
	+===================================================================
	Index: security/libu2f-host/files/u2f.conf.sample
	===================================================================
	--- security/libu2f-host/files/u2f.conf.sample
	+++ security/libu2f-host/files/u2f.conf.sample
	@@ -0,0 +1,91 @@
	+# Allow members of group u2f to access U2F devices
	+
	+# Yubico Yubikey
	+notify 100 {
	+ match "system" "USB";
	+ match "subsystem" "DEVICE";
	+ match "type" "ATTACH";
	+ match "vendor" "0x1050";
	+ match "product" "(0x0113\|0x0114\|0x0115\|0x0116\|0x0120\|0x0420\|0x0403\|0x0406\|0x0407\|0x0410)";
	+ action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
	+};
	+
	+# Happlink (formerly Plug-Up) Security KEY
	+notify 100 {
	+ match "system" "USB";
	+ match "subsystem" "DEVICE";
	+ match "type" "ATTACH";
	+ match "vendor" "0x2581";
	+ match "product" "0xf1d0";
	+ action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
	+};
	+
	+# Neowave Keydo and Keydo AES
	+notify 100 {
	+ match "system" "USB";
	+ match "subsystem" "DEVICE";
	+ match "type" "ATTACH";
	+ match "vendor" "0x1e0d";
	+ match "product" "(0xf1d0\|0xf1ae)";
	+ action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
	+};
	+
	+# HyperSecu HyperFIDO
	+notify 100 {
	+ match "system" "USB";
	+ match "subsystem" "DEVICE";
	+ match "type" "ATTACH";
	+ match "vendor" "(0x096e\|0x2ccf)";
	+ match "product" "0x0880";
	+ action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
	+};
	+
	+# Feitian ePass FIDO
	+notify 100 {
	+ match "system" "USB";
	+ match "subsystem" "DEVICE";
	+ match "type" "ATTACH";
	+ match "vendor" "0x096e";
	+ match "product" "(0x0850\|0x0852\|0x0853\|0x0854\|0x0856\|0x0858\|0x085a\|0x085b)";
	+ action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
	+};
	+
	+# JaCarta U2F
	+notify 100 {
	+ match "system" "USB";
	+ match "subsystem" "DEVICE";
	+ match "type" "ATTACH";
	+ match "vendor" "0x24dc";
	+ match "product" "0x0101";
	+ action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
	+};
	+
	+# U2F Zero
	+notify 100 {
	+ match "system" "USB";
	+ match "subsystem" "DEVICE";
	+ match "type" "ATTACH";
	+ match "vendor" "0x10c4";
	+ match "product" "0x8acf";
	+ action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
	+};
	+
	+# VASCO SeccureClick
	+notify 100 {
	+ match "system" "USB";
	+ match "subsystem" "DEVICE";
	+ match "type" "ATTACH";
	+ match "vendor" "0x1a44";
	+ match "product" "0x00bb";
	+ action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
	+};
	+
	+# Bluink Key
	+notify 100 {
	+ match "system" "USB";
	+ match "subsystem" "DEVICE";
	+ match "type" "ATTACH";
	+ match "vendor" "0x2abe";
	+ match "product" "0x1002";
	+ action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
	+};
	Index: security/libu2f-host/pkg-plist
	===================================================================
	--- security/libu2f-host/pkg-plist
	+++ security/libu2f-host/pkg-plist
	@@ -8,3 +8,4 @@
	lib/libu2f-host.so.0.1.3
	libdata/pkgconfig/u2f-host.pc
	man/man1/u2f-host.1.gz
	+@sample etc/devd/u2f.conf.sample

File Metadata

Mime Type: text/plain
Expires: Mon, Nov 10, 7:03 AM (6 h, 16 m)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 25100376
Default Alt Text: D11328.id30834.diff (6 KB)

D11328.id30834.diffNo OneTemporaryActions

D11328.id30834.diffView Options

File Metadata

Event Timeline

D11328.id30834.diff
No OneTemporary
Actions

D11328.id30834.diff
View Options