> Keep in mind that this file is somewhat protected by macOS so after each OS update you will need to add the line to the file. Other than that, it works perfectly!
TIL, I wondered why every time I did this it would reset after a while. Thanks!
if ! grep -q "pam_tid.so" /etc/pam.d/sudo ; then
echo "touch ID no longer enabled for sudo. Insert the following line as line 2 in /etc/pam.d/sudo:"
echo " auth sufficient pam_tid.so # enables touch id auth for sudo"
fi
I've been wanting to write a simple script or app that just runs on startup to check for and fix this, but I've been so lazy. It is just too easy to edit the file and move on...
nix-darwin currently does not support that directly, but there is an open PR to fix that. For my dotfiles, I added the module from the PR with some slight modifications. You can find the code below.
TIL, I wondered why every time I did this it would reset after a while. Thanks!