feat: add YubiKey pam_u2f setup #1159
Draft
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
adamperkowski
changed the title
adamperkowski
requested changes
Oct 31, 2025
Collaborator
adamperkowski
left a comment
adamperkowski
left a comment
There was a problem hiding this comment.
i'm sorry but there is no way i'm ever approving something like this...
- this doesn't adhere our code style at all
- it's clearly all ai
- what even are those comments supposed to be
- a LOT of unnecessary code, practically unmaintainable
not closing this just in case you want to rewrite it all by hand and make it make sense
Author
Sorry, this was my first PR. I'll work on it. |
Co-authored-by: TuxLux40 <122551310+TuxLux40@users.noreply.github.com>
Co-authored-by: TuxLux40 <122551310+TuxLux40@users.noreply.github.com>
[WIP] Integrate dotfiles repository into linutil framework
- Create Ghostty configuration file for terminal emulator settings. - Add Starship prompt configuration for enhanced shell experience. - Establish system.yaml for package management and system configuration. - Introduce tab_data.toml for organizing dotfiles and personalization tasks. - Implement tl40-dotfiles-restore.sh script for cloning and installing dotfiles.
…s in start.sh to point to TuxLux40 repository
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Type of Change
YubiKey PAM Setup Utility
YubiKey PAM Setuptocore/tabs/utils/tab_data.toml, enabling selection from the utility tab.core/tabs/utils/yubikey-pam-setup.shto automate configuration of PAM files for YubiKey authentication, including interactive target selection, backup of relevant files, deduplication of PAM config entries, secure enrollment, and rollback guidance.Documentation
docs/userguide.mdto describe the new YubiKey PAM Setup utility and its purpose.] New featureDescription
This pull request adds a new utility for "YubiKey PAM setup", allowing users to configure sudo and other PAM targets to require YubiKey (U2F) touch authentication with password fallback. The main changes include introducing the setup script, updating configuration files to register the new utility, and documenting its usage.
Testing
Tested on Arch (CachyOS to be specific). Sudo and system-auth were tested and are working. Debian and Fedora not yet tested.
Impact
A new YubiKey PAM setup option now appears in Utilities, PAM configs/backups get touched when run.
Issues / other PRs related
system-auth: The script does not yet handle avoiding duplication of lines in the system-auth file correctly like it does for
sudoAdditional Information
Checklist
cargo xtask docgen).