Open NicolasHov opened 1 year ago
I also opened an issue in NixOS/nixpkgs/ https://github.com/NixOS/nixpkgs/issues/207116
This issue has been mentioned on NixOS Discourse. There might be relevant details there:
https://discourse.nixos.org/t/thinkpad-x270-fingerprint-reader-support/24177/1
I also need python-validity for my T480. I managed to create some nix packages based on the AUR packages and it works for me now. In total, three packages are needed to get it to work: open-fprintd, fprintd-clients, and python-validity.
However, I am completely new to NixOS and Nix. Hence, I wrote those packages by copying and adapting existing Nix package definitions and applying some guesswork.
Hence, someone more experienced with this than me probably needs to review these packages. Also, I currently load them manually with callPackage
from local files. I still need to create a nixpkgs fork or a flake git repository to load them properly.
In any case, to get it to work, put the files in the following repository in a folder packages
relative to your configuration.nix
: https://github.com/ahbnr/nixos-06cb-009a-fingerprint-sensor/tree/da6f2a898da918796d4e8cfde5fe0688e963e8e2
(Edit: I have now converted my repository to a Nix flake for which integration works a bit differently. The link above points to an old commit which is compatible with the setup described in this comment. For up-to-date instructions, see https://github.com/ahbnr/nixos-06cb-009a-fingerprint-sensor)
You can then load them in your configuration.nix
like this:
...
let
# load custom packages for driving the fingerprint sensor.
# This probably conflicts with the default fprintd service, so do not enable services.fprintd
open-fprintd = (pkgs.callPackage ./packages/open-fprintd/default.nix {});
fprintd-clients = (pkgs.callPackage ./packages/fprintd-clients/default.nix {});
python-validity = (pkgs.callPackage ./packages/python-validity/default.nix {});
in
...
environment.systemPackages = with pkgs; [
...
open-fprintd
fprintd-clients
python-validity
...
];
...
# Enable services from custom packages
systemd.packages = [ open-fprintd python-validity ];
systemd.services.open-fprintd.enable = true;
systemd.services.python3-validity.enable = true;
# enable fingerprint scanning for sudo
security.pam.services.sudo.text = ''
# Account management.
account required pam_unix.so
# Authentication management.
auth sufficient pam_unix.so likeauth try_first_pass nullok
auth sufficient ${fprintd-clients}/lib/security/pam_fprintd.so
auth required pam_deny.so
# Password management.
password sufficient pam_unix.so nullok sha512
# Session management.
session required pam_env.so conffile=/etc/pam/environment readenv=0
session required pam_unix.so
'';
...
}
Then run
nixos-rebuild test
systemctl start open-fprintd
systemctl start python-validity
Now, fprintd-enroll
, fprintd-verify
etc. should work. Furthermore, if you do not enter a password in your sudo prompt (just press enter), sudo will authenticate you with your fingerprint instead.
It is a bit worrying, that open-fprintd and fprintd-clients have not received a commit/update in two years. Hence, is there even a chance that they might become official packages?
@ahbnr it would be best to just add those python packages to nixpkgs. You already did most of the work already. Than the nixos hardware profile in this repository can be extended as well.
This issue has been mentioned on NixOS Discourse. There might be relevant details there:
https://discourse.nixos.org/t/thinkpad-x270-fingerprint-reader-support/24177/3
Hello everyone,
TL;DR The built-in fingerprint reader of the ThinkPad x270 seems to works with the driver
python-validity
package, but it's not available innixpkgs
yet.I tried to list my devices with:
I understand that the fingerprint reader is
Bus 001 Device 013: ID 138a:0097 Validity Sensors, Inc.
And when running
fprint-enroll
it fails with:I tried different options but get the same result:
I read this thread: https://discourse.nixos.org/t/how-to-use-fingerprint-unlocking-how-to-set-up-fprintd-english/21901/2 I enabled
fprint
in my configuration.nix file and first triedvfs0090
driver thengoodix
driver but without success in both cases.I read this other thread (for ThinkPad T480): https://discourse.nixos.org/t/thinkpad-t480-fingerprint-reader-support/17448/3 which confirms that there were no
python-validity
package for NixOs.I then write a nix script for python-validity to add to my configuration:
but getting the same error as before.
I also looked on Validity official support, where someone already asked about a Nix driver in 2019 for my device: https://gitter.im/Validity90/Lobby?at=5caf58edf851ee043d9d85d3
Thanks if you have any idea to help me :)