diff --git a/README.md b/README.md index cb0444a..e327899 100644 --- a/README.md +++ b/README.md @@ -44,7 +44,7 @@ $ fprintd-enroll On Fedora Linux ``` -$ sudo dnf copr enable tigro/python-validity +$ sudo dnf copr enable sneexy/python-validity $ sudo dnf install open-fprintd fprintd-clients fprintd-clients-pam python3-validity ...wait a bit... $ fprintd-enroll @@ -54,7 +54,7 @@ $ fprintd-enroll #### List devices failed -If `fprintd-enroll` returns with `list_devices failed:`, you can check +If `fprintd-enroll` returns with `list_devices failed:` or `GDBus.Error:net.reactivated.Fprint.error.NoSuchDevice`, you can check the logs of the `python3-validity` daemon using `$ sudo systemctl status python3-validity`. If it's not running, you can enable and/or start it by substituting `status` with `enable` or `start`. @@ -86,25 +86,37 @@ $ sudo systemctl enable open-fprintd-resume open-fprintd-suspend For even more error procedures, check [this Arch comment thread](https://aur.archlinux.org/packages/python-validity/#comment-755904) or [this python-validity bug comment thread](https://github.com/uunicorn/python-validity/issues/3). ## Enabling fingerprint for system authentication -To enable fingerprint login, if it doesn't come automatically, run -``` -$ sudo pam-auth-update -``` -and use the space-bar to enable fingerprint authentication. -The change will take effect immediately. At this point, the fingerprint -will be tried first, and only if that fails or times out will you see -a password prompt. Take note of the led-stripe above the fingerprint -sensor to see whether it is active. -### The actual change from pam-auth-update -The above mentioned command `$ sudo pam-auth-update` simply makes a small modification to /etc/pam.d/common-auth: +if it doesn't come automatically, you might need to make changes to files in `/etc/pam.d` to enable fingerprint login (depending on your distro). -``` -# In /etc/pam.d/common-auth, the following line is added, and the next line changed. -# The end result (apart from other things that may be in the file) is this: -auth [success=2 default=ignore] pam_fprintd.so max_tries=1 timeout=10 # debug -auth [success=1 default=ignore] pam_unix.so nullok_secure try_first_pass -``` +- On Fedora, use `authselect`[^1]: + ``` + $ sudo authselect current + $ sudo authselect enable-feature with-fingerprint + $ sudo authselect apply-changes + ``` + +- On other distros, run + ``` + $ sudo pam-auth-update + ``` + and use the space-bar to enable fingerprint authentication. + The change will take effect immediately. At this point, the fingerprint + will be tried first, and only if that fails or times out will you see + a password prompt. Take note of the led-stripe above the fingerprint + sensor to see whether it is active. + + You can also take a look at [Configuration: fprint](https://wiki.archlinux.org/title/Fprint#Configuration) on the Arch Wiki for an idea how the file should be modified. + + ### The actual change from pam-auth-update + The above mentioned command `$ sudo pam-auth-update` simply makes a small modification to /etc/pam.d/common-auth: + + ``` + # In /etc/pam.d/common-auth, the following line is added, and the next line changed. + # The end result (apart from other things that may be in the file) is this: + auth [success=2 default=ignore] pam_fprintd.so max_tries=1 timeout=10 # debug + auth [success=1 default=ignore] pam_unix.so nullok_secure try_first_pass + ``` ## Windows interoperability @@ -227,3 +239,5 @@ If you are curious you can enable tracing to see what flows in and out of device 10: User S-1-5-21-394619333-3876782012-1672975908-3333 with 0 fingers: >>> ``` + +[^1]: Credit to u/trollpunny: [https://old.reddit.com/r/Fedora/comments/oik8sq/comment/h4xvrqv/?utm_source=share&utm_medium=web2x&context=3](https://old.reddit.com/r/Fedora/comments/oik8sq/comment/h4xvrqv/?utm_source=share&utm_medium=web2x&context=3)