diff options
Diffstat (limited to 'modules/security')
| -rw-r--r-- | modules/security/pam.nix | 23 |
1 files changed, 15 insertions, 8 deletions
diff --git a/modules/security/pam.nix b/modules/security/pam.nix index 0061fba..f0c77dc 100644 --- a/modules/security/pam.nix +++ b/modules/security/pam.nix @@ -39,17 +39,24 @@ in { options = { - security.pam.enableSudoTouchIdAuth = mkEnableOption (lib.mdDoc '' - Enable sudo authentication with Touch ID + security.pam.enableSudoTouchIdAuth = mkEnableOption "" // { + description = lib.mdDoc '' + Enable sudo authentication with Touch ID. - When enabled, this option adds the following line to /etc/pam.d/sudo: + When enabled, this option adds the following line to + {file}`/etc/pam.d/sudo`: - auth sufficient pam_tid.so + ``` + auth sufficient pam_tid.so + ``` - (Note that macOS resets this file when doing a system update. As such, sudo - authentication with Touch ID won't work after a system update until the nix-darwin - configuration is reapplied.) - ''); + ::: {.note} + macOS resets this file when doing a system update. As such, sudo + authentication with Touch ID won't work after a system update + until the nix-darwin configuration is reapplied. + ::: + ''; + }; }; config = { |