programs/niri: add PAM strategy for swaylock with fprintd
This commit is contained in:
parent
c7c8108bc4
commit
7b22fd5ca7
1 changed files with 22 additions and 1 deletions
|
@ -1,4 +1,10 @@
|
|||
{inputs, ...}: {
|
||||
{
|
||||
inputs,
|
||||
lib,
|
||||
pkgs,
|
||||
config,
|
||||
...
|
||||
}: {
|
||||
imports = [
|
||||
inputs.niri.nixosModules.niri
|
||||
];
|
||||
|
@ -6,4 +12,19 @@
|
|||
programs.niri = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
# copied from https://github.com/linyinfeng/dotfiles/blob/91b0363b093303f57885cbae9da7f8a99bbb4432/nixos/profiles/graphical/niri/default.nix#L17-L29
|
||||
security.pam.services.swaylock.text = lib.mkIf config.services.fprintd.enable ''
|
||||
account required pam_unix.so
|
||||
|
||||
# check passwork before fprintd
|
||||
auth sufficient pam_unix.so try_first_pass likeauth
|
||||
auth sufficient ${pkgs.fprintd}/lib/security/pam_fprintd.so
|
||||
auth required pam_deny.so
|
||||
|
||||
password sufficient pam_unix.so nullok yescrypt
|
||||
|
||||
session required pam_env.so conffile=/etc/pam/environment readenv=0
|
||||
session required pam_unix.so
|
||||
'';
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue