Changed to generalized dotfiles repo; got config.org somewhat stable

1 files changed, 97 insertions, 0 deletions

diff --git a/pam_usb.conf b/pam_usb.conf
new file mode 100644
index 0000000..0ad4f67
--- /dev/null
+++ b/pam_usb.conf
@@ -0,0 +1,97 @@
+<?xml version="1.0" ?><!--
+pam_usb.conf: Configuration file for pam_usb.
+
+See https://github.com/mcdope/pam_usb/wiki/Configuration
+--><configuration>
+		<!-- Default options -->
+		<defaults>
+				<!-- Example:
+						<option name="debug">true</option>
+						<option name="deny_remote">true</option>
+				-->
+				<!-- <option name="quiet">true</option> -->
+		</defaults>
+
+		<!-- Device settings -->
+		<devices>
+				<!-- Example:
+				Note: You should use pamusb-conf to add devices automatically.
+				<device id="MyDevice">
+						<vendor>SanDisk Corp.</vendor>
+						<model>Cruzer Titanium</model>
+						<serial>SNDKXXXXXXXXXXXXXXXX</serial>
+						<volume_uuid>6F6B-42FC</volume_uuid>
+						<option name="probe_timeout">10</option>
+				</device>
+				-->
+<device id="secrets-userauth">
+	<vendor>SanDisk</vendor>
+	<model>Ultra USB 3.0</model>
+	<serial>0101d8fb9229fee00501eaa0ec26e7148f771e8fda8c1fa162378e9cbd975560dc4c00000000000000000000282bf233009120009155810741a77293</serial>
+	<volume_uuid>4b11a4e4-140f-4d98-92a4-28219fc7eb63</volume_uuid>
+</device></devices>
+
+
+		<!-- User settings -->
+		<users>
+				<!-- Note: Use pamusb-conf to add a user, then you can tweak
+						manually the configuration here if needed.
+				-->
+
+				<!-- Example:
+						Authenticate user scox using "MyDevice", and configure pamusb-agent
+						to automatically start/stop gnome-screensaver on key insertion and
+						removal:
+						<user id="scox">
+								<device>MyDevice</device>
+								<option name="quiet">true</option>
+								<agent event="lock">
+									<cmd>gnome-screensaver-command -\-lock</cmd>
+									<env>DISPLAY=:1</env>
+									<env>DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1000/bus</env>
+									<env>XAUTHORITY=/run/user/1000/gdm/Xauthority</env>
+								</agent>
+								<agent event="unlock">
+									<cmd>gnome-screensaver-command -\-deactivate</cmd>
+									<env>DISPLAY=:1</env>
+									<env>DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1000/bus</env>
+									<env>XAUTHORITY=/run/user/1000/gdm/Xauthority</env>
+								</Agent>
+						</user>
+
+						Configure user root to authenticate using MyDevice, but update one
+						time pads at every login (default is 1 hour):
+						<user id="root">
+								<device>MyDevice</device>
+								<option name="pad_expiration">0</option>
+						</user>
+				-->
+	<user id="dnw">
+	  <device>secrets-userauth</device>
+	  <agent event="lock">
+	    <env>XSECURELOCK_AUTHPROTO=authproto_pam</env>
+	    <env>XSECURELOCK_PAM_SERVICE=system-auth</env>
+	    <env>XSECURELOCK_PASSWORD_PROMPT=time_hex</env>
+	    <env>DISPLAY=:0.0</env> <!-- Possibly flaky. -->
+	    <env>XAUTHORITY=/home/dnw/.Xauthority</env>
+	    <cmd>xsecurelock</cmd>
+	  </agent>
+</user></users>
+
+		<!-- Services settings (e.g. gdm, su, sudo...) -->
+		<services>
+				<!-- Example: Speed up hotplugging by disabling one time pads -->
+				<!--
+				<service id="pamusb-agent">
+						<option name="one_time_pad">false</option>
+				</service>
+				-->
+
+				<!-- Disable output for 'su' (needed for gksu) -->
+				<!--
+				<service id="su">
+						<option name="quiet">true</option>
+				</service>
+				-->
+		</services>
+</configuration>