From b73ee361fb890b46db40dd83bba07987de5d02b9 Mon Sep 17 00:00:00 2001
From: Gregor Kleen <gkleen@yggdrasil.li>
Date: Thu, 23 Aug 2018 10:15:07 +0200
Subject: gdm-fingerprint

---
 hel.nix | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/hel.nix b/hel.nix
index 7b94e48e..3f2772fc 100644
--- a/hel.nix
+++ b/hel.nix
@@ -623,6 +623,26 @@
     '';
   };
 
+  security.pam.services = {
+    gdm-fingerprint.text = ''
+      auth     requisite      pam_nologin.so
+      auth     required       pam_env.so envfile=${config.system.build.pamEnvironment}
+
+      auth     required       pam_succeed_if.so uid >= 1000 quiet
+      auth     required       ${pkgs.fprintd}/lib/security/pam_fprintd.so
+      auth     optional       ${pkgs.gnome3.gnome-keyring}/lib/security/pam_gnome_keyring.so
+
+      account  sufficient     pam_unix.so   
+      password required       ${pkgs.fprintd}/lib/security/pam_fprintd.so
+
+      session  required       pam_env.so envfile=${config.system.build.pamEnvironment}
+      session  required       pam_unix.so
+      session  required       pam_loginuid.so
+      session  optional       ${pkgs.systemd}/lib/security/pam_systemd.so
+      session  optional       ${pkgs.gnome3.gnome-keyring}/lib/security/pam_gnome_keyring.so auto_start
+    '';
+  };
+
   system = {
     stateVersion = "16.09";
   };
-- 
cgit v1.2.3