1. Home
  2. frsoftware
  3. howdy
  4. Overview
  • 0

frsoftware/howdy

Project ID: 53819

Description

Howdy is a free facial recognition package that makes GNU/Linux systems capable of "Windows Helo" style authentication by showing your face to a web camera. Howdy provides a PAM module for the Linux PAM authentication system. That allows it to be used with common login managers like SDDM for KDE Plasma and LightDM for Xfce and others. It can also be used for things like sudo and anything else using PAM authentication.

Howdy can not be used for anything that is not PAM aware. You can not use it to unlock your system on boot if you use full disk encryption and there is currently no way of using it with things like the KDE Kwallet password manager, the GNOME keyring, GnuPG or other things of that nature.

For CentOS 8 and 9, Inspired by COPR Repository principis/howdy with help from Remi Repository.

Installation Instructions

Enable repository

sudo dnf copr enable frsoftware/howdy

Install howdy

sudo dnf --refresh install howdy

Configure your camera

Find all video devices:

ls /dev/video*

or use v4l-utils package from this repository:

sudo dnf install v4l-utils -y
v4l2-ctl --list-devices
Integrated_Webcam_HD: Integrate (usb-0000:00:1d.0-1.6):
	/dev/video0
	/dev/video1

To make sure you are using the right device, check the capabilities of each camera device:

sudo v4l2-ctl --device=/dev/video0 --all
...
        Device Caps      : 0x04200001
                Video Capture 
...
sudo v4l2-ctl --device=/dev/video1 --all
...
        Device Caps      : 0x04a00000
                Metadata Capture
...

Use the Video Capture capable device.

Another way is to use ffmpeg (ffplay actually, from our sibling repository) to display the live feed from your camera directly:

sudo dnf enable frsoftware/ffmpeg -y
sudo def install -y ffmpeg

Then:

ffplay /dev/video0

That's all folks!

Configure howdy

sudo howdy config

or use your favorite text editor

sudo vi /lib64/security/howdy/config.ini

Change device_path to your camera.

[video]
device_path = /dev/video0

You can test if you've chosen the correct camera by running howdy test and see if the IR emitters turn on.

Configure PAM

Configure howdy for sudo

Add the following line to the top of /etc/pam.d/sudo

auth       sufficient   pam_python.so /lib64/security/howdy/pam.py

Configure howdy for kde lockscreen

Modify /etc/pam.d/kde so it looks like this:

$ cat /etc/pam.d/kde
auth     [success=done ignore=ignore default=bad] pam_selinux_permit.so
auth        sufficient      pam_python.so /lib64/security/howdy/pam.py
auth        substack      password-auth
...

Your lockscreen might not be running Howdy as root, which prevents Howdy from running. Setting the execution bit so every user can run Howdy might be the solution

chmod o+x /lib64/security/howdy/dlib-data

Configure howdy for login (sddm)

Modify /etc/pam.d/sddm so it looks like this:

$ cat sddm
auth     [success=done ignore=ignore default=bad] pam_selinux_permit.so
auth        sufficient   pam_python.so /lib64/security/howdy/pam.py
auth        substack      password-auth
...

See below to apply SELinux and permission fixes.

Configure howdy for login (gdm)

Modify /etc/pam.d/gdm-password so it looks like this:

$ cat gdm-password
auth     [success=done ignore=ignore default=bad] pam_selinux_permit.so
auth        sufficient    pam_python.so /lib64/security/howdy/pam.py
auth        substack      password-auth

See below to apply SELinux and permission fixes.

Permission issues

Your lockscreen might not be running Howdy as root, which prevents Howdy from running. Setting the execution bit so every user can run access dlib-data should solve this:

sudo chmod o+x /lib64/security/howdy/dlib-data

SELinux issues

If login gets stuck and selinux is in enforcing mode, you probably need to allow python3 to access /dev/video*

Create a file howdy.te for the policy module:

module howdy 1.0;

require {
    type lib_t;
    type xdm_t;
    type v4l_device_t;
    type sysctl_vm_t;
    class chr_file map;
    class file { create getattr open read write };
    class dir add_name;
}

#============= xdm_t ==============
allow xdm_t lib_t:dir add_name;
allow xdm_t lib_t:file { create write };
allow xdm_t sysctl_vm_t:file { getattr open read };
allow xdm_t v4l_device_t:chr_file map;

Then you can compile and insert it

sudo checkmodule -M -m -o howdy.mod howdy.te
sudo semodule_package -o howdy.pp -m howdy.mod
sudo semodule -i howdy.pp

Active Releases

The following unofficial repositories are provided as-is by owner of this project. Contact the owner directly for bugs or issues (IE: not bugzilla).

Release Architectures Repo Download
Centos-stream 8 x86_64 (556)* Centos-stream 8 (36 downloads)
Centos-stream 9 x86_64 (1204)* Centos-stream 9 (51 downloads)
EPEL 8 x86_64 (792)* EPEL 8 (46 downloads)
EPEL 9 x86_64 (377)* EPEL 9 (42 downloads)

* Total number of downloaded packages.


Contact

Last Build

v4l-utils

Build: 3121908

State: succeeded

Finished: 2 years ago

Quick Enable

#> dnf copr enable frsoftware/howdy
More info about enabling Copr repositories

Other Actions

Report Abuse