23 lines
711 B
Bash
Executable file
23 lines
711 B
Bash
Executable file
#!/bin/zsh
|
|
#
|
|
# enable-sudo-touch-id - Enable Touch ID authentication for sudo commands
|
|
#
|
|
# Configures PAM to allow Touch ID for sudo authentication on macOS.
|
|
# Creates /etc/pam.d/sudo_local from template and enables the auth module.
|
|
#
|
|
# Usage: enable-sudo-touch-id
|
|
|
|
if [ "$1" = "-h" ] || [ "$1" = "--help" ]; then
|
|
echo "Usage: $(basename "$0")"
|
|
echo "Enable Touch ID authentication for sudo commands"
|
|
echo "Requires macOS with Touch ID support"
|
|
exit 0
|
|
fi
|
|
|
|
if [[ -e /etc/pam.d/sudo_local ]]; then
|
|
echo "TouchID unlock already in place"
|
|
else
|
|
sudo cp /etc/pam.d/sudo_local.template /etc/pam.d/sudo_local
|
|
sudo sed -i '' 's/#auth/auth/' /etc/pam.d/sudo_local
|
|
echo "TouchID unlock enabled"
|
|
fi
|