[PATCH] Don't add --enablefingerprint unless fprintd-pam is installed (#656434).

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



---
 pyanaconda/security.py |   11 ++++++++++-
 1 files changed, 10 insertions(+), 1 deletions(-)

diff --git a/pyanaconda/security.py b/pyanaconda/security.py
index 219d465..198e4d9 100644
--- a/pyanaconda/security.py
+++ b/pyanaconda/security.py
@@ -32,7 +32,7 @@ selinux_states = { SELINUX_DISABLED: "disabled",
 
 class Security:
     def __init__(self):
-        self.auth = "--enableshadow --passalgo=sha512 --enablefingerprint"
+        self.auth = "--enableshadow --passalgo=sha512"
 
         if flags.selinux == 1:
             self.selinux = SELINUX_ENFORCING
@@ -59,6 +59,13 @@ class Security:
         if self.auth.strip() != "":
             f.write("authconfig %s\n" % self.auth)
 
+    def _addFingerprint(self, instPath):
+        import rpm
+
+        iutil.resetRpmDb(rootPath)
+        ts = rpm.TransactionSet(rootPath)
+        return ts.dbMatch('provides', 'fprintd-pam').count()
+
     def write(self, instPath):
         args = []
 
@@ -78,6 +85,8 @@ class Security:
             log.error ("lokkit run failed: %s" % e.strerror)
 
         args = ["--update", "--nostart"] + shlex.split(self.auth)
+        if self._addFingerprint(instPath):
+            args += ["--enablefingerprint"]
 
         try:
             iutil.execWithRedirect("/usr/sbin/authconfig", args,
-- 
1.7.1.1

_______________________________________________
Anaconda-devel-list mailing list
Anaconda-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/anaconda-devel-list


[Index of Archives]     [Kickstart]     [Fedora Users]     [Fedora Legacy List]     [Fedora Maintainers]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]
  Powered by Linux