noah/dotfiles
1
0
Fork 0
mirror of https://github.com/nmasur/dotfiles synced 2024-11-22 18:05:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

manage touchid sudo with nix-darwin

Browse Source
This commit is contained in:
Noah Masur 2022-09-25 14:47:04 +00:00
parent ba14638a8a
commit 1addb7ec21
1 changed files with 2 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
modules/darwin/system.nix
View File

@ -2,6 +2,8 @@
services.nix-daemon.enable = true;
security.pam.enableSudoTouchIdAuth = true;
system = {
keyboard = {
@ -161,16 +163,6 @@
"$(__dock_item /Applications/Alacritty.app)" \
"$(__dock_item /System/Applications/System\ Preferences.app)"
echo "Enable sudo Touch ID"
echo "# sudo: auth account password session" > /tmp/sudofile
echo "auth sufficient pam_smartcard.so" >> /tmp/sudofile
echo "auth sufficient pam_tid.so " >> /tmp/sudofile
echo "auth required pam_opendirectory.so" >> /tmp/sudofile
echo "account required pam_permit.so" >> /tmp/sudofile
echo "password required pam_deny.so" >> /tmp/sudofile
echo "session required pam_permit.so" >> /tmp/sudofile
sudo mv /tmp/sudofile /etc/pam.d/sudo
echo "Allow apps from anywhere"
SPCTL=$(spctl --status)
if ! [ "$SPCTL" = "assessments disabled" ]; then