mirror of
https://github.com/nmasur/dotfiles
synced 2024-11-22 22:45:37 +00:00
manage touchid sudo with nix-darwin
This commit is contained in:
parent
ba14638a8a
commit
1addb7ec21
@ -2,6 +2,8 @@
|
|||||||
|
|
||||||
services.nix-daemon.enable = true;
|
services.nix-daemon.enable = true;
|
||||||
|
|
||||||
|
security.pam.enableSudoTouchIdAuth = true;
|
||||||
|
|
||||||
system = {
|
system = {
|
||||||
|
|
||||||
keyboard = {
|
keyboard = {
|
||||||
@ -161,16 +163,6 @@
|
|||||||
"$(__dock_item /Applications/Alacritty.app)" \
|
"$(__dock_item /Applications/Alacritty.app)" \
|
||||||
"$(__dock_item /System/Applications/System\ Preferences.app)"
|
"$(__dock_item /System/Applications/System\ Preferences.app)"
|
||||||
|
|
||||||
echo "Enable sudo Touch ID"
|
|
||||||
echo "# sudo: auth account password session" > /tmp/sudofile
|
|
||||||
echo "auth sufficient pam_smartcard.so" >> /tmp/sudofile
|
|
||||||
echo "auth sufficient pam_tid.so " >> /tmp/sudofile
|
|
||||||
echo "auth required pam_opendirectory.so" >> /tmp/sudofile
|
|
||||||
echo "account required pam_permit.so" >> /tmp/sudofile
|
|
||||||
echo "password required pam_deny.so" >> /tmp/sudofile
|
|
||||||
echo "session required pam_permit.so" >> /tmp/sudofile
|
|
||||||
sudo mv /tmp/sudofile /etc/pam.d/sudo
|
|
||||||
|
|
||||||
echo "Allow apps from anywhere"
|
echo "Allow apps from anywhere"
|
||||||
SPCTL=$(spctl --status)
|
SPCTL=$(spctl --status)
|
||||||
if ! [ "$SPCTL" = "assessments disabled" ]; then
|
if ! [ "$SPCTL" = "assessments disabled" ]; then
|
||||||
|
Loading…
Reference in New Issue
Block a user