Description of problem:
Mageia 6 now has a quantum-based version of Firefox, which ships with native U2F support (but disabled, set security.webauth.u2f to true in about:config to use it), however when trying to test a U2F dongle in Firefox (with U2F enabled) at https://demo.yubico.com/u2f I got an error.
I had previously seen bug reports about u2f on other distros, e.g. https://bugzilla.redhat.com/show_bug.cgi?id=1513968 , which recommended installing u2f-hidraw-policy, which was not available in Mageia cauldron. I have adapted the Fedora spec file (by the author of the software) to Mageia and submitted to cauldron, and backports_testing for 6.
I think it would be useful to have this package available to all users of Mageia 6.
Version-Release number of selected component (if applicable):
How reproducible: Always
Steps to Reproduce:
1. Source a U2F dongle and plug it in. I bought the cheapest one I could find that would ship to my address (Key-ID: https://www.amazon.com/dp/B01N6XNC01 , but u2fzero may be more appropriate if it ships to you: https://www.amazon.com/dp/B01L9DUPK6 or https://solokeys.com/ after they ship the kickstarter orders, though Yubikeys seem quite popular)
2. Ensure you are running Firefox 60 or higher, visit about:config, and toggle security.webauth.u2f to true
3. Go to https://demo.yubico.com/u2f and try and register. Firefox should show a finger-print-like notification near the URL bar, and the site will tell you to push the button on the U2F dongle whose light should be flashing. However, your U2F dongle's light won't be flashing, and the website will show the following error:
Make sure your U2F device has been correctly registered and is plugged in!"
4. Now install u2f-hidraw-policy from backports_testing
5. Unplug the u2f dongle, and plug it in again (the package has some udev rules that may need to be re-triggered.
6. Return to the firefox window+tab where you had visited https://demo.yubico.com/u2f and try the same actions again. This time, when prompted to push the button on the u2f dongle, it will be flashing as indicated, and pushing it allows the enrolment (and or authentication test) to succeed.
(The behaviour with Chrome is very similar, the only real difference is that U2F is enabled with Chrome by default, but the dongle doesn't work unless u2f-hidraw-policy is installed. I haven't tested with Chromium, but I expect it to behave the same as Chrome, and other browsers such as Konqueror and Qupzilla etc. do not yet seem to support U2F).
If necessary, I would also be able to test on i586 (with a bit more effort).
MGA6-32 MATE on IBM Thinkpad R50e
No installation issues
I don't have such device, I just checked that this package does not have any adverse effect on internet browsing and plugging in and out USB memory sticks.