From Gentoo Linux Wiki

[edit] Drivers

[edit] fprint

The fprint Project offers a unified driver for many fingerprint readers. Under early development.

[edit] thinkfinger

The thinkfinger project supports the fingerprint reader found in most IBM and Lenovo laptops

[edit] bioapi

UPEK offers a large number of different fingerprint sensors, both embedded solutions and stand-alone USB-readers. Their fingerprint sensors can be found in many devices such as IBM Thinkpad notebooks, ASUS notebooks, NEC Versa notebooks and some Samsung notebooks. A full list is available at http://www.upek.com/customer/pcnetworking/default.asp (link currently broken)

The following howto was composed from [ this howto on ThinkWiki].

All the required packages are in portage, but currently you need to unmask them. To unmask the three packages, do the following:

sys-auth/pam_bioapi
sys-auth/bioapi
sys-auth/tfm-fingerprint

To have a working setup GUI use the qt3 useflag to add Qt support to the bioapi package by doing the following:

sys-auth/bioapi qt3

Emerge the needed packages:

emerge -av bioapi tfm-fingerprint pam_bioapi

NB this does not work - there is a bug that causes a sandbox violation when emerging bioapi(#154776). Rather emerge bioapi first and then the others. Also if you have to do an emerge -e world unmerge all three of these packages first otherwise the emerge -e world will fail when re-emerging bioapi. - Paul Hewlett

Add the users who can use the fingerprint reader to the usb and bioapi groups

gpasswd -a user usb
gpasswd -a user bioapi

Use the QSample program to create a fingerprint.

• Run: /opt/bioapi/bin/QSample, this should open a window that looks like the following:

• Select the "TouchChip TFM/ESS Fingerprint BSP" in the drop down
• Enter your username as your "User Id"
• Click "Enroll" button

You should now see a small window:

and after successfully swiping your finger three times you should briefly see the check mark:

The QSample program will create a <username>.bir file in the current directory. The user name should match your user name on the system. If not, rename the file.

Now we have to create a PAM directory to store the bir files, but the directory name needs to include a slightly modified Module ID of the fingerprint reader that is output when running the /opt/bioapi/bin/BioAPITest command.

Here, we will save the Module ID to a variable that we can use later:

SERIAL=`/opt/bioapi/bin/BioAPITest | sed -ne "/Fingerprint/{n;n;s/^.*: \(.\{9\}\)\(.\{4\}\)\(.\{4\}\)\(.\{4\}\)\(.*\)/\1-\2-\3-\4-\5/gp}"`

As root, create the directory and move the bir file to it:

mkdir -p /etc/bioapi/pam/$SERIAL
cp <username>.bir /etc/bioapi/pam/$SERIAL

The last action needed is to tell PAM to use the fingerprint reader. This is done to replace the standard PAM auth file. (You should backup your existing file first. You should also open a root terminal so that you can revert your changes if you mess up, otherwise you might end up locking yourself out of your system.)

account    required     pam_unix.so
auth       sufficient   pam_bioapi.so {5550454b-2054-464d-2f45-535320425350} /etc/bioapi/pam/
password   sufficient   pam_bioapi.so {5550454b-2054-464d-2f45-535320425350} /etc/bioapi/pam/
auth       required     pam_unix.so nullok_secure
session    required     pam_limits.so
session    required     pam_unix.so 

PS. The ThinkWiki site shows you more configurations for PAM and the reader. You can enable and disable the reader for lots of different services and programs.

Troubleshooting:

If you own a DELL Latitude D620 and the fingerprint-reader is not or only sporadically detected switch the internal USB-HUB to USB2.0 support. It seems that the USB1.1 support does not properly work with the linux kernel. You may notice that you can find the device in /proc/bus/usb/devices but not in the lsusb list and you may notice some curious kernel errors.

[edit] Software

[edit] Links

• http://www.thinkwiki.org/wiki/How_to_enable_the_fingerprint_reader