aboutsummaryrefslogtreecommitdiff
path: root/fprintd_tk_lib.py
diff options
context:
space:
mode:
Diffstat (limited to 'fprintd_tk_lib.py')
-rw-r--r--fprintd_tk_lib.py66
1 files changed, 61 insertions, 5 deletions
diff --git a/fprintd_tk_lib.py b/fprintd_tk_lib.py
index bc97448..18470cb 100644
--- a/fprintd_tk_lib.py
+++ b/fprintd_tk_lib.py
@@ -1,9 +1,20 @@
#!/usr/bin/env python3
+# File: fprintd_tk_lib.py
+# Location: https://bgstack15.cgit/fprintd-tk
+# Author: bgstack15
# Startdate: 2024-09-22-1 15:33
-# Purpose: backend for fprintd_tk that uses fprintd-* binaries, in case I ever rewrite this to use dbus directly?
+# SPDX-License-Identifier: GPL-3.0-only
+# Title: Backend for fprintd_tk that uses fprintd binaries
+# Purpose: In case this gets rewritten to use dbus directly or something
+# Project: fprintd-tk
+# History:
+# Usage:
+# Reference:
+# Improve:
# Dependencies:
# /usr/bin/fprintd-*
-# Improve:
+# Documentation:
+# README.md
import os, subprocess, re
@@ -17,11 +28,14 @@ prevent_success_messages = [
]
def get_enrolled_fingers(user = None, verbose = False):
- # return list of full strings of fingers that are enrolled.
+ """
+ Returns list of full strings of fingers that are enrolled for the listed user.
+ """
enrolled_fingers = []
if user is None:
user = _user
- print(f"DEBUG (get_enrolled_fingers): user {user}")
+ if verbose:
+ print(f"DEBUG (get_enrolled_fingers): user {user}")
proc = subprocess.Popen(
["fprintd-list",user],
stdout = subprocess.PIPE,
@@ -29,12 +43,16 @@ def get_enrolled_fingers(user = None, verbose = False):
)
while True:
line = proc.stdout.readline()
+ if verbose:
+ print(f"DEBUG (get_enrolled_fingers): line {line}")
if not line:
break
if fre.match(line):
enrolled_fingers.append(fre.match(line).groups()[0].strip())
elif re.match("^.*No devices available.*", line):
return []
+ elif re.match("^.*has no fingers enrolled.*", line):
+ return ["none"]
else:
pass
return enrolled_fingers
@@ -52,7 +70,8 @@ def fprintd_action(action, finger, status_function = None, user = None, verbose
if status_function:
status_function(f"Invalid action {action}")
return False
- print(f"DEBUG (fprintd_action): command {command}")
+ if verbose:
+ print(f"DEBUG (fprintd_action): command {command}")
proc = subprocess.Popen(
command,
stdout = subprocess.PIPE,
@@ -88,3 +107,40 @@ def fprintd_action(action, finger, status_function = None, user = None, verbose
break
if display:
status_function(f"Succeeded! {display_line}")
+
+def check_setusername_permission(status_function = None, verbose = False):
+ """
+ This permission depends on a rule like this in /etc/polkit-1/rules.d/80-fprintd.rules:
+
+ polkit.addRule(function(action, subject) {
+ if (
+ (
+ action.id.match("net.reactivated.fprint.device.setusername")
+ ) && subject.active && subject.isInGroup("admins")) {
+ polkit.log("action=" + action);
+ polkit.log("subject=" + subject);
+ return polkit.Result.YES;
+ }
+ });
+
+ We need to check for the ability to run `fprintd-list root` and if it does not print "not authorized", we can allow the advanced actions.
+ """
+ proc = subprocess.Popen(
+ ["fprintd-list","root"],
+ stdout = subprocess.PIPE,
+ universal_newlines = True # or maybe text=True
+ )
+ has_setusername = True
+ while True:
+ line = proc.stdout.readline()
+ if verbose:
+ print(f"DEBUG (check_setusername_permission): line {line}")
+ if not line:
+ break
+ if re.match(".*Not Authorized.*",line):
+ if verbose:
+ print(f"DEBUG (check_setusername_permission): setting has_setusername to false...")
+ has_setusername = False
+ if status_function:
+ status_function(f"Have advanced permissions: {has_setusername}")
+ return has_setusername
bgstack15