programs/niri: add PAM strategy for swaylock with fprintd
This commit is contained in:
parent
c7c8108bc4
commit
7b22fd5ca7
1 changed files with 22 additions and 1 deletions
|
@ -1,4 +1,10 @@
|
||||||
{inputs, ...}: {
|
{
|
||||||
|
inputs,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
config,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
imports = [
|
imports = [
|
||||||
inputs.niri.nixosModules.niri
|
inputs.niri.nixosModules.niri
|
||||||
];
|
];
|
||||||
|
@ -6,4 +12,19 @@
|
||||||
programs.niri = {
|
programs.niri = {
|
||||||
enable = true;
|
enable = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# copied from https://github.com/linyinfeng/dotfiles/blob/91b0363b093303f57885cbae9da7f8a99bbb4432/nixos/profiles/graphical/niri/default.nix#L17-L29
|
||||||
|
security.pam.services.swaylock.text = lib.mkIf config.services.fprintd.enable ''
|
||||||
|
account required pam_unix.so
|
||||||
|
|
||||||
|
# check passwork before fprintd
|
||||||
|
auth sufficient pam_unix.so try_first_pass likeauth
|
||||||
|
auth sufficient ${pkgs.fprintd}/lib/security/pam_fprintd.so
|
||||||
|
auth required pam_deny.so
|
||||||
|
|
||||||
|
password sufficient pam_unix.so nullok yescrypt
|
||||||
|
|
||||||
|
session required pam_env.so conffile=/etc/pam/environment readenv=0
|
||||||
|
session required pam_unix.so
|
||||||
|
'';
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue