mirror of
https://github.com/nmasur/dotfiles
synced 2024-11-09 23:22:57 +00:00
manage touchid sudo with nix-darwin
This commit is contained in:
parent
ba14638a8a
commit
1addb7ec21
@ -2,6 +2,8 @@
|
||||
|
||||
services.nix-daemon.enable = true;
|
||||
|
||||
security.pam.enableSudoTouchIdAuth = true;
|
||||
|
||||
system = {
|
||||
|
||||
keyboard = {
|
||||
@ -161,16 +163,6 @@
|
||||
"$(__dock_item /Applications/Alacritty.app)" \
|
||||
"$(__dock_item /System/Applications/System\ Preferences.app)"
|
||||
|
||||
echo "Enable sudo Touch ID"
|
||||
echo "# sudo: auth account password session" > /tmp/sudofile
|
||||
echo "auth sufficient pam_smartcard.so" >> /tmp/sudofile
|
||||
echo "auth sufficient pam_tid.so " >> /tmp/sudofile
|
||||
echo "auth required pam_opendirectory.so" >> /tmp/sudofile
|
||||
echo "account required pam_permit.so" >> /tmp/sudofile
|
||||
echo "password required pam_deny.so" >> /tmp/sudofile
|
||||
echo "session required pam_permit.so" >> /tmp/sudofile
|
||||
sudo mv /tmp/sudofile /etc/pam.d/sudo
|
||||
|
||||
echo "Allow apps from anywhere"
|
||||
SPCTL=$(spctl --status)
|
||||
if ! [ "$SPCTL" = "assessments disabled" ]; then
|
||||
|
Loading…
Reference in New Issue
Block a user