I'm on 18.04 and have successfully enabled fingerprint login. I would like to use my fingerprint not only to login but if possible also to:
- Authenticate in the terminal when I do a
sudo
command - Authenticate in Gnome (i.e. when installing an application etc)
- Unlocking keyring items (this is the only point I could find info about and apparently this one is not possible)
Output of grep print /etc/pam.d -R
:
/etc/pam.d/gdm-fingerprint:auth required pam_fprintd.so
/etc/pam.d/gdm-fingerprint:password required pam_fprintd.so
Content of /etc/pam.d/gdm-fingerprint
#%PAM-1.0
auth requisite pam_nologin.so
auth required pam_succeed_if.so user != root quiet_success
auth required pam_fprintd.so
auth optional pam_gnome_keyring.so
@include common-account
# SELinux needs to be the first session rule. This ensures that any
# lingering context has been cleared. Without this it is possible
# that a module could execute code in the wrong domain.
session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
session required pam_loginuid.so
# SELinux needs to intervene at login time to ensure that the process
# starts in the proper default security context. Only sessions which are
# intended to run in the user's context should be run after this.
session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
session optional pam_keyinit.so force revoke
session required pam_limits.so
session required pam_env.so readenv=1
session required pam_env.so readenv=1 user_readenv=1 envfile=/etc/default/locale
@include common-session
session optional pam_gnome_keyring.so auto_start
password required pam_fprintd.so
Content of /etc/pam.d/sudo
#%PAM-1.0
session required pam_env.so readenv=1 user_readenv=0
session required pam_env.so readenv=1 envfile=/etc/default/locale user_readenv=0
@include common-auth
@include common-account
@include common-session-noninteractive