Open pinarruiz opened 6 days ago
Please let me know if more feedback is required. Thanks.
It seems that the aur package libfprint-fpcmoh-git makes it work acording to: This thread.
Not so sure but it seems updating the version on https://github.com/NixOS/nixpkgs/blob/435020cb46c2c7d88b3e6ffbbbd1086ce11ce0fa/pkgs/development/libraries/libfprint-tod/default.nix to at least v1.94.6+tod1
(same as aur), latest version available being v1.94.7+tod1
.
Hello I also have Lenovo E16 Maybe you need add firmware section? hardware.enableRedistributableFirmware = true; hardware.enableAllFirmware = true; Here is my full config
{ config, pkgs, ... }:
{
# Hardware
imports =
[
./hardware-configuration.nix
<home-manager/nixos>
];
hardware.bluetooth.enable = false;
hardware.pulseaudio.enable = false;
hardware.enableRedistributableFirmware = true;
hardware.enableAllFirmware = true;
# System version
system.stateVersion = "24.11";
system.copySystemConfiguration = true;
system.autoUpgrade = {
enable = true;
flags = [ "--update-input" "nixpkgs" "-L" ];
dates = "02:00";
randomizedDelaySec = "45min";
};
# Bootloader with plymouth
boot = {
# Enable "Silent Boot"
consoleLogLevel = 0;
initrd.verbose = false;
initrd.systemd.enable = true;
kernelParams = [
"quiet"
"splash"
"boot.shell_on_fail"
"loglevel=3"
"rd.systemd.show_status=false"
"rd.udev.log_level=3"
"udev.log_priority=3"
];
loader = {
timeout = 0;
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
# Hardening
kernel.sysctl = {
"kernel.exec-shield" = "2";
"fs.protected_hardlinks" = "1";
"fs.protected_symlinks" = "1";
"kernel.randomize_va_space" = "2";
"fs.file-max" = "65535";
"kernel.pid_max" = "65536";
"net.ipv4.ip_local_port_range" = "2000 65000";
"net.ipv4.tcp_rfc1337" = "1";
"net.ipv4.icmp_ignore_bogus_error_responses" = "1";
"net.ipv4.tcp_rmem" = "4096 87380 8388608";
"net.ipv4.tcp_wmem" = "4096 87380 8388608";
"net.core.netdev_max_backlog" = "5000";
"net.ipv4.tcp_window_scaling" = "1";
"net.ipv4.ip_forward" = "0";
"net.ipv4.conf.all.rp_filter" = "1";
"net.ipv4.conf.default.rp_filter" = "1";
"kernel.core_uses_pid" = "1";
"kernel.yama.ptrace_scope" = "2";
"net.ipv4.tcp_syncookies" = "1";
"net.ipv4.tcp_synack_retries" = "5";
"net.ipv4.conf.all.send_redirects" = "0";
"net.ipv4.conf.default.send_redirects" = "0";
"net.ipv4.conf.all.accept_redirects" = "0";
"net.ipv4.conf.all.secure_redirects" = "0";
"net.ipv4.conf.all.log_martians" = "1";
"net.ipv4.conf.default.accept_source_route" = "0";
"net.ipv4.conf.default.accept_redirects" = "0";
"net.ipv4.conf.default.secure_redirects" = "0";
"net.ipv4.icmp_echo_ignore_broadcasts" = "1";
"net.ipv6.conf.all.disable_ipv6" = "1";
"net.ipv6.conf.default.disable_ipv6" = "1";
"net.ipv6.conf.all.accept_ra" = "0";
"net.ipv6.conf.default.accept_ra" = "0";
"net.ipv4.tcp_sack" = "0";
"net.ipv4.tcp_dsack" = "0";
"net.ipv4.tcp_fack" = "0";
"vm.swappiness" = "0";
"vm.mmap_rnd_bits" = "32";
"vm.mmap_rnd_compat_bits" = "16";
};
plymouth = {
enable = true;
theme = "breeze";
};
};
virtualisation.libvirtd.enable = true;
virtualisation.libvirtd.qemu.package = pkgs.qemu_kvm;
virtualisation.libvirtd.qemu.runAsRoot = true;
virtualisation.libvirtd.qemu.swtpm.enable = true;
virtualisation.libvirtd.qemu.ovmf.enable = true;
virtualisation.libvirtd.qemu.ovmf.packages = [(pkgs.OVMF.override {
secureBoot = true;
tpmSupport = true;
}).fd];
networking.hostName = "87a9f8f3b6a231";
networking.networkmanager.enable = true;
networking.firewall.enable = true;
networking.firewall.allowPing = false;
time.timeZone = "Europe/Warsaw";
console.keyMap = "pl2";
i18n.defaultLocale = "en_GB.UTF-8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "pl_PL.UTF-8";
LC_IDENTIFICATION = "pl_PL.UTF-8";
LC_MEASUREMENT = "pl_PL.UTF-8";
LC_MONETARY = "pl_PL.UTF-8";
LC_NAME = "pl_PL.UTF-8";
LC_NUMERIC = "pl_PL.UTF-8";
LC_PAPER = "pl_PL.UTF-8";
LC_TELEPHONE = "pl_PL.UTF-8";
LC_TIME = "pl_PL.UTF-8";
};
services.displayManager.autoLogin.enable = true;
services.displayManager.autoLogin.user = "nix";
services.gnome.core-utilities.enable = false;
services.pipewire.alsa.enable = true;
services.pipewire.alsa.support32Bit = true;
services.pipewire.enable = true;
services.pipewire.pulse.enable = true;
services.power-profiles-daemon.enable = true;
services.printing.enable = false;
services.thermald.enable = true;
services.xserver.desktopManager.gnome.enable = true;
services.xserver.desktopManager.xterm.enable = false;
services.xserver.displayManager.gdm.enable = true;
services.xserver.enable = true;
services.xserver.excludePackages = with pkgs; [ xterm ];
services.xserver.xkb.layout = "pl";
services.xserver.xkb.variant = "";
services.fprintd.enable = true;
services.fprintd.tod.enable = true;
services.fprintd.tod.driver = pkgs.libfprint-2-tod1-goodix-550a; # Goodix 550a driver (from Lenovo)
systemd.services."autovt@tty1".enable = false;
systemd.services."getty@tty1".enable = false;
systemd.services.fprintd = {
wantedBy = [ "multi-user.target" ];
serviceConfig.Type = "simple";
};
security.rtkit.enable = true;
# security.apparmor.enable = true;
users.users.nix = {
isNormalUser = true;
description = "admin";
extraGroups = [ "networkmanager" "wheel" "libvirtd" "docker" ];
};
home-manager.users.nix = { pkgs, ... }: {
home.stateVersion = "24.11";
home.packages = [ ];
};
nix.settings.experimental-features = "nix-command flakes";
nix.settings.auto-optimise-store = true;
nix.optimise.automatic = true;
nix.optimise.dates = [ "20:00" ];
nix.gc.automatic = true;
nix.gc.dates = "weekly";
nix.gc.options = "--delete-older-than 7d";
programs.firefox.enable = true;
programs.neovim.enable = true;
programs.neovim.defaultEditor = true;
programs.dconf.enable = true;
programs.bash.promptInit = ''
PS1="[\u@\h:\w] "
'';
nixpkgs.config.allowUnfree = true;
# Problems with 'graphane-hardened' and "scudo" option any browser can't be initized
# environment.memoryAllocator.provider = "scudo";
environment.sessionVariables = {
CALIBRE_USE_SYSTEM_THEME = "true";
QT_STYLE_OVERRIDE = "adwaita";
QT_WAYLAND_DECORATION = "adwaita";
QT_QPA_PLATFORM = "wayland";
};
qt.enable = true;
qt.platformTheme = "gnome";
qt.style = "adwaita";
environment.gnome.excludePackages = with pkgs; [
nixos-render-docs
gnome.yelp
gnome-tour
gnome-extension-manager
gnome-extensions-cli
gnome.gnome-backgrounds
xterm
nano
cups
];
environment.systemPackages = with pkgs; [
gnome.nautilus
gnome-console
loupe
gnome.gnome-tweaks
gnome.gnome-themes-extra
gnome.gnome-calendar
gnomeExtensions.just-perfection
nixos-bgrt-plymouth
nix-bash-completions
bash-completion
keepassxc
cherrytree
ticktick
protonvpn-gui
ibm-plex
virt-manager
cloud-init
calibre
xorriso
usbutils
krita
evince
git
home-manager
qgnomeplatform
];
}
Hi @KCynk I just tried that, did not work sadly.
I however tried @andrevmatos nix file on the comment on this issue https://gitlab.freedesktop.org/libfprint/libfprint/-/merge_requests/396 and it worked, although it feels like a workaraound. I wonder if you and i have the exact same hardware as from what I have, mine is the intel one, i believe there is an amd one, but dont know if the fingerprint scanner changes tho.
Anyways i left both firmware options you suggested on, it cannot hurt. for the time being i will use that nix snippet, that i will also add to this reply in case someone stumbles upon this issue and finds it useful, all credit for that goes to @andrevmatos:
{pkgs, ...}: let
fpcbep = pkgs.fetchzip {
url = "https://download.lenovo.com/pccbbs/mobiles/r1slm01w.zip";
hash = "sha256-/buXlp/WwL16dsdgrmNRxyudmdo9m1HWX0eeaARbI3Q=";
stripRoot = false;
};
libfprint = pkgs.libfprint.overrideAttrs (attrs: {
patches = attrs.patches or [] ++ [
(pkgs.fetchpatch {
url = "https://gitlab.freedesktop.org/libfprint/libfprint/-/merge_requests/396.patch";
sha256 = "sha256-+5B5TPrl0ZCuuLvKNsGtpiU0OiJO7+Q/iz1+/2U4Taw=";
})
];
postPatch = (attrs.postPatch or "") + ''
substituteInPlace meson.build \
--replace "find_library('fpcbep', required: true)" "find_library('fpcbep', required: true, dirs: '$out/lib')"
'';
preConfigure = (attrs.preConfigure or "") + ''
install -D "${fpcbep}/FPC_driver_linux_27.26.23.39/install_fpc/libfpcbep.so" "$out/lib/libfpcbep.so"
'';
postInstall = (attrs.postInstall or "") + ''
install -Dm644 "${fpcbep}/FPC_driver_linux_libfprint/install_libfprint/lib/udev/rules.d/60-libfprint-2-device-fpc.rules" "$out/lib/udev/rules.d/60-libfprint-2-device-fpc.rules"
substituteInPlace "$out/lib/udev/rules.d/70-libfprint-2.rules" --replace "/bin/sh" "${pkgs.runtimeShell}"
'';
});
fprintd = pkgs.fprintd.override {inherit libfprint;};
in {
services.fprintd = {
enable = true;
package = fprintd;
};
services.udev.packages = [libfprint];
}
Describe the bug
Upon following Fingerprint Scanner, I try to enroll and I get the following error:
Steps To Reproduce
Steps to reproduce the behavior:
Then rebuild and switch (I rebooted just in case), then run:
This is probably related to missing libraries or drivers.
Expected behavior
The fingreprint enroll process starts.
Additional context
This is a Lenovo Thinkpad E16 (
LENOVO 21JN00D3SP
). Onlsusb
th device looks like:Notify maintainers
Based on https://github.com/NixOS/nixpkgs/blob/nixos-24.05/pkgs/development/libraries/libfprint-2-tod1-goodix-550a/default.nix#L43: @utkarshgupta137
Metadata
Please run
nix-shell -p nix-info --run "nix-info -m"
and paste the result.Add a :+1: reaction to issues you find important.