about summary refs log tree commit diff
path: root/nixos/modules/services/x11/display-managers/gdm.nix
diff options
context:
space:
mode:
Diffstat (limited to 'nixos/modules/services/x11/display-managers/gdm.nix')
-rw-r--r--nixos/modules/services/x11/display-managers/gdm.nix4
1 files changed, 3 insertions, 1 deletions
diff --git a/nixos/modules/services/x11/display-managers/gdm.nix b/nixos/modules/services/x11/display-managers/gdm.nix
index 82cc80417fa14..d4f0de2c3bfab 100644
--- a/nixos/modules/services/x11/display-managers/gdm.nix
+++ b/nixos/modules/services/x11/display-managers/gdm.nix
@@ -321,13 +321,15 @@ in
         session   include       login
       '';
 
+      # This would block password prompt when included by gdm-password.
+      # GDM will instead run gdm-fingerprint in parallel.
       login.fprintAuth = mkIf config.services.fprintd.enable false;
+
       gdm-fingerprint.text = mkIf config.services.fprintd.enable ''
         auth       required                    pam_shells.so
         auth       requisite                   pam_nologin.so
         auth       requisite                   pam_faillock.so      preauth
         auth       required                    ${pkgs.fprintd}/lib/security/pam_fprintd.so
-        auth       optional                    pam_permit.so
         auth       required                    pam_env.so
         auth       [success=ok default=1]      ${pkgs.gnome.gdm}/lib/security/pam_gdm.so
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-09-13 10:18:30 +0000