gnome/laveridge: moved fingerprint login hack to gnome modules

This commit is contained in:
Aly Raffauf 2024-03-21 12:56:37 -04:00
parent 6185c59cde
commit c353eb38b4
2 changed files with 27 additions and 23 deletions

View file

@ -14,6 +14,7 @@
../../users/aly.nix ../../users/aly.nix
./hardware-configuration.nix # Include the results of the hardware scan. ./hardware-configuration.nix # Include the results of the hardware scan.
# ../../modules/gnome # ../../modules/gnome
# ../../modules/gnome/fingerprint.nix
# ../../modules/gnome/fractional_scaling.nix # ../../modules/gnome/fractional_scaling.nix
]; ];
@ -26,29 +27,6 @@
networking.hostName = "lavaridge"; # Define your hostname. networking.hostName = "lavaridge"; # Define your hostname.
# Need to change the order pam loads its modules
# to get proper fingerprint behavior on GDM and the lockscreen.
security.pam.services.login.fprintAuth = false;
security.pam.services.gdm-fingerprint = lib.mkIf (config.services.fprintd.enable) {
text = ''
auth required pam_shells.so
auth requisite pam_nologin.so
auth requisite pam_faillock.so preauth
auth required ${pkgs.fprintd}/lib/security/pam_fprintd.so
auth optional pam_permit.so
auth required pam_env.so
auth [success=ok default=1] ${pkgs.gnome.gdm}/lib/security/pam_gdm.so
auth optional ${pkgs.gnome.gnome-keyring}/lib/security/pam_gnome_keyring.so
account include login
password required pam_deny.so
session include login
session optional ${pkgs.gnome.gnome-keyring}/lib/security/pam_gnome_keyring.so auto_start
'';
};
services.fwupd.enable = true; services.fwupd.enable = true;
# # we need fwupd 1.9.7 to downgrade the fingerprint sensor firmware # # we need fwupd 1.9.7 to downgrade the fingerprint sensor firmware
# services.fwupd.package = (import (builtins.fetchTarball { # services.fwupd.package = (import (builtins.fetchTarball {

View file

@ -0,0 +1,26 @@
{ config, pkgs, ... }:
{
# Need to change the order pam loads its modules
# to get proper fingerprint behavior on GDM and the lockscreen.
security.pam.services.login.fprintAuth = false;
security.pam.services.gdm-fingerprint = lib.mkIf (config.services.fprintd.enable) {
text = ''
auth required pam_shells.so
auth requisite pam_nologin.so
auth requisite pam_faillock.so preauth
auth required ${pkgs.fprintd}/lib/security/pam_fprintd.so
auth optional pam_permit.so
auth required pam_env.so
auth [success=ok default=1] ${pkgs.gnome.gdm}/lib/security/pam_gdm.so
auth optional ${pkgs.gnome.gnome-keyring}/lib/security/pam_gnome_keyring.so
account include login
password required pam_deny.so
session include login
session optional ${pkgs.gnome.gnome-keyring}/lib/security/pam_gnome_keyring.so auto_start
'';
};
}