From 658de16649626643cc06b1106470b77c1d95fe51 Mon Sep 17 00:00:00 2001 From: boltgolt Date: Sat, 9 Jan 2021 18:43:10 +0100 Subject: [PATCH] Fixed capture on by default, removed setup in debian package --- debian/control | 2 +- debian/postinst | 42 +++++++--------- debian/preinst | 125 ------------------------------------------------ debian/prerm | 8 ++-- src/config.ini | 4 +- 5 files changed, 23 insertions(+), 158 deletions(-) diff --git a/debian/control b/debian/control index 76bb599..e4dbbd9 100644 --- a/debian/control +++ b/debian/control @@ -10,7 +10,7 @@ Package: howdy Homepage: https://github.com/boltgolt/howdy Architecture: all Depends: ${misc:Depends}, curl|wget, python3, python3-pip, python3-dev, python3-setuptools, libpam-python, libopencv-dev, cmake -Recommends: libatlas-base-dev | libopenblas-dev | liblapack-dev, streamer, howdy-gtk +Recommends: libatlas-base-dev | libopenblas-dev | liblapack-dev, howdy-gtk Suggests: nvidia-cuda-dev (>= 7.5) Description: Howdy: Windows Hello style authentication for Linux. Use your built-in IR emitters and camera in combination with face recognition diff --git a/debian/postinst b/debian/postinst index 7ed436f..705fab4 100755 --- a/debian/postinst +++ b/debian/postinst @@ -2,15 +2,6 @@ # Installation script to install howdy # Executed after primary apt install - -def col(id): - """Add color escape sequences""" - if id == 1: return "\033[32m" - if id == 2: return "\033[33m" - if id == 3: return "\033[31m" - return "\033[0m" - - # Import required modules import fileinput import subprocess @@ -38,6 +29,14 @@ def handleStatus(status): sys.exit(1) +def col(id): + """Add color escape sequences""" + if id == 1: return "\033[32m" + if id == 2: return "\033[33m" + if id == 3: return "\033[31m" + return "\033[0m" + + # Create shorthand for subprocess creation sc = subprocess.call @@ -74,7 +73,14 @@ if not os.path.exists("/tmp/howdy_picked_device"): # Remove unsafe automatic dismissal of lock screen if key == "dismiss_lockscreen": if value == "true": - print("DEPRECATION: Config falue dismiss_lockscreen is no longer supported because of login loop issues.") + print("DEPRECATION: Config value dismiss_lockscreen is no longer supported because of login loop issues.") + continue + + # MIGRATION 2.6.1 -> 3.0.0 + # Fix capture being enabled by default + if key == "capture_failed" or key == "capture_successful": + if value == "true": + print("NOTICE: Howdy login image captures have been disabled by default, change the config to enable them again") continue try: @@ -95,21 +101,11 @@ if not os.path.exists("/tmp/howdy_picked_device"): sys.exit(0) -# Open the temporary file containing the device ID -in_file = open("/tmp/howdy_picked_device", "r") -# Load it in, it should be a string -picked = in_file.read() -in_file.close() - -# Remove the temporary file -os.unlink("/tmp/howdy_picked_device") - log("Upgrading pip to the latest version") # Update pip handleStatus(sc(["pip3", "install", "--upgrade", "pip"])) - log("Upgrading numpy to the latest version") # Update numpy @@ -196,15 +192,9 @@ handleStatus(subprocess.call(["pip3", "install", "--no-cache-dir", "opencv-pytho log("Configuring howdy") -campath = picked.split(";")[0] -cert = picked.split(";")[1] - # Manually change the camera id to the one picked for line in fileinput.input(["/lib/security/howdy/config.ini"], inplace=1): - line = line.replace("device_path = none", "device_path = " + campath) line = line.replace("use_cnn = false", "use_cnn = " + str(cuda_used).lower()) - line = line.replace("certainty = 3.5", "certainty = " + cert) - print(line, end="") print("Camera ID saved") diff --git a/debian/preinst b/debian/preinst index dbc699a..329438c 100755 --- a/debian/preinst +++ b/debian/preinst @@ -2,21 +2,8 @@ # Used to check cameras before commiting to install # Executed before primary apt install of files -def col(id): - """Add color escape sequences""" - if id == 1: return "\033[32m" - if id == 2: return "\033[33m" - if id == 3: return "\033[31m" - if id == 4: return "\033[1m" - return "\033[0m" - - import subprocess -import time import sys -import os -import re -import signal # Backup the config file if we're upgrading if "upgrade" in sys.argv: @@ -35,115 +22,3 @@ if "upgrade" in sys.argv: # Don't run if we're not trying to install fresh if "install" not in sys.argv: sys.exit(0) - -# The default picked video device id -picked = "none" - - -# If prompting has been disabled, skip camera check -if "HOWDY_NO_PROMPT" in os.environ: - print(col(2) + "AUTOMATED INSTALL, YOU WILL NOT BE ASKED FOR INPUT AND CHECKS WILL BE SKIPPED" + col(0)) - - # Write the default device to disk and exit - with open("/tmp/howdy_picked_device", "w") as out_file: - out_file.write("none;3.5") - - sys.exit(0) - -fscheck = subprocess.call(["which", "streamer"], stdout=subprocess.PIPE) - -if fscheck == 1: - print(col(2) + "\nWARNING: Could not automatically find the right webcam, manual configuration after installation required\n" + col(0)) -else: - print(col(1) + "Starting IR camera check...\n" + col(0)) - - # Get all devices - devices = os.listdir("/dev/v4l/by-path") - - # Loop though all devices - for dev in devices: - time.sleep(.5) - - # The full path to the device is the default name - device_name = "/dev/v4l/by-path/" + dev - # Get the udevadm details to try to get a better name - udevadm = subprocess.check_output(["udevadm info -r --query=all -n " + device_name], shell=True).decode("utf-8") - - # Loop though udevadm to search for a better name - for line in udevadm.split("\n"): - # Match it and encase it in quotes - re_name = re.search('product.*=(.*)$', line, re.IGNORECASE) - if re_name: - device_name = '"' + re_name.group(1) + '"' - - # Show what device we're using - print("Trying " + device_name) - - # Let fswebcam keep the camera open in the background - sub = subprocess.Popen( - ["streamer -t 1:0:0 -c /dev/v4l/by-path/" + dev + " -b 16 -f rgb24 -o /dev/null 1>/dev/null 2>/dev/null"], - shell=True, - preexec_fn=os.setsid, - stdout=subprocess.PIPE, - stdin=subprocess.PIPE) - - try: - # Ask the user if this is the right one - print(col(2) + "One of your cameras should now be on." + col(0)) - ans = input("Did your IR emitters turn on? [y/N]: ") - except KeyboardInterrupt: - # Kill fswebcam if the user aborts - os.killpg(os.getpgid(sub.pid), signal.SIGTERM) - raise - - # The user has answered, kill fswebcam - os.killpg(os.getpgid(sub.pid), signal.SIGTERM) - - # Set this camera as picked if the answer was yes, go to the next one if no - if ans.lower().strip() == "y" or ans.lower().strip() == "yes": - picked = dev - break - else: - print("Interpreting as a " + col(3) + "\"NO\"\n" + col(0)) - - # Abort if no camera was picked - if picked == "none": - print(col(3) + "No suitable IR camera found, aborting install." + col(0)) - sys.exit(23) - -cert = 3.5 - -# Give time to read -time.sleep(.5) - -print(col(1) + "\nStarting certainty auto config..." + col(0)) - -# Give more time to read -time.sleep(.5) - -print("\n\nAfter detection, Howdy knows how certain it is that the match is correct.") -print("How certain Howdy needs to be before authenticating you can be customized.") - -print(col(4) + "\nF: Fast." + col(0)) -print("Allows more fuzzy matches, but speeds up the scanning process greatly.") -print(col(4) + "\nB: Balanced." + col(0)) -print("Still relatively quick detection, but might not log you in when further away.") -print(col(4) + "\nS: Secure." + col(0)) -print("The safest option, but will take much longer to authenticate you.") - -print("\nYou can always change this setting in the config.") -prof = input("What profile would you like to use? [f/b/s]: ") - -if prof.lower().strip() == "f" or prof.lower().strip() == "fast": - cert = 4.2 -elif prof.lower().strip() == "b" or prof.lower().strip() == "balanced": - cert = 2.8 -elif prof.lower().strip() == "s" or prof.lower().strip() == "secure": - cert = 2 - -# Write the result to disk so postinst can have a look at it -with open("/tmp/howdy_picked_device", "w") as out_file: - out_file.write("/dev/v4l/by-path/" + picked + ";" + str(cert)) - -# Add a line break -print("") diff --git a/debian/prerm b/debian/prerm index e7c2469..f545bef 100755 --- a/debian/prerm +++ b/debian/prerm @@ -18,11 +18,11 @@ if not os.path.exists("/lib/security/howdy/cli"): # Remove files and symlinks try: - os.unlink('/usr/local/bin/howdy') + os.unlink("/usr/local/bin/howdy") except Exception: print("Can't remove executable") try: - os.unlink('/usr/share/bash-completion/completions/howdy') + os.unlink("/usr/share/bash-completion/completions/howdy") except Exception: print("Can't remove autocompletion script") @@ -36,10 +36,10 @@ except Exception: # Remove full installation folder, just to be sure try: - rmtree('/lib/security/howdy') + rmtree("/lib/security/howdy") except Exception: # This error is normal pass # Remove dlib -subprocess.call(['pip3', 'uninstall', 'dlib', '-y', '--no-cache-dir']) +subprocess.call(["pip3", "uninstall", "dlib", "-y", "--no-cache-dir"]) diff --git a/src/config.ini b/src/config.ini index 1819090..a4f69c8 100644 --- a/src/config.ini +++ b/src/config.ini @@ -80,10 +80,10 @@ exposure = -1 [snapshots] # Capture snapshots of failed login attempts and save them to disk with metadata # Snapshots are saved to the "snapshots" folder -capture_failed = true +save_failed = false # Do the same as the option above but for successful attempts -capture_successful = true +save_successful = false [rubberstamps] # Enable specific extra checks after the user has been recognised