Fixed SDDM fingerprint not working.

- Added a new custom flake input of pam_fprintd_grosshack so it accepts either password or fingerprint

flake.lock

@@ -465,6 +465,43 @@
         "type": "github"
       }
     },
+    "pam-fprint-grosshack": {
+      "inputs": {
+        "nixpkgs": [
+          "nixpkgs"
+        ],
+        "pam-fprint-src": "pam-fprint-src"
+      },
+      "locked": {
+        "lastModified": 1774432303,
+        "narHash": "sha256-IdsKBu1HV1mYJMVuAL0GJiWeEkMrdW691aW8D6Zr15I=",
+        "ref": "refs/heads/main",
+        "rev": "7ad351f85a92fee40806cb81777430c33499be41",
+        "revCount": 1,
+        "type": "git",
+        "url": "https://gitea.iateyourcookies.com/cookiez/nix-fprint-grosshack-flake.git"
+      },
+      "original": {
+        "type": "git",
+        "url": "https://gitea.iateyourcookies.com/cookiez/nix-fprint-grosshack-flake.git"
+      }
+    },
+    "pam-fprint-src": {
+      "flake": false,
+      "locked": {
+        "lastModified": 1658952526,
+        "narHash": "sha256-obczZbf/oH4xGaVvp3y3ZyDdYhZnxlCWvL0irgEYIi0=",
+        "owner": "mishakmak",
+        "repo": "pam-fprint-grosshack",
+        "rev": "45b42524fb5783e1e555067743d7e0f70d27888a",
+        "type": "gitlab"
+      },
+      "original": {
+        "owner": "mishakmak",
+        "repo": "pam-fprint-grosshack",
+        "type": "gitlab"
+      }
+    },
     "plasma-manager": {
       "inputs": {
         "home-manager": [
@@ -518,6 +555,7 @@
         "nixos-hardware": "nixos-hardware",
         "nixpkgs": "nixpkgs_2",
         "nixvim": "nixvim",
+        "pam-fprint-grosshack": "pam-fprint-grosshack",
         "plasma-manager": "plasma-manager",
         "quickshell": "quickshell",
         "stylix": "stylix",

flake.nix

@@ -42,6 +42,11 @@
       inputs.nixpkgs.follows = "nixpkgs";
     };
 
+    pam-fprint-grosshack = {
+      url = "git+https://gitea.iateyourcookies.com/cookiez/nix-fprint-grosshack-flake.git";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+
     nix-flatpak.url = "github:gmodena/nix-flatpak";
 
     grub2-themes.url = "github:vinceliuice/grub2-themes";
@@ -50,6 +55,7 @@
   outputs = inputs @ {
     nixpkgs,
     alejandra,
+    pam-fprint-grosshack,
     home-manager,
     plasma-manager,
     nixos-hardware,
@@ -81,6 +87,7 @@
           inherit system;
           inherit project;
           inherit alejandra;
+          pam-fprint-grosshack-pkg = pam-fprint-grosshack.packages.${system}.default;
           host = hostname;
         };
         modules =

modules/configuration.nix

@@ -13,6 +13,7 @@
   host,
   version,
   system,
+  pam-fprint-grosshack-pkg,
   ...
 }: {
   #Assign Swap to the PC
@@ -313,14 +314,28 @@
     sudo.wheelNeedsPassword = false;
 
     pam.services = {
-      sddm.fprintAuth = false; #Because of the bug with 30 seconds on sddm login
-      sddm-autologin.fprintAuth = false; #Same as above
       login.fprintAuth = false;
       sudo.fprintAuth = false; #Disabled because of security risk: https://nvd.nist.gov/vuln/detail/cve-2024-37408
       kscreenlocker.fprintAuth = true;
       polkit-1.fprintAuth = false; #Disabled because of security risk: https://nvd.nist.gov/vuln/detail/cve-2024-37408
       kde.fprintAuth = false;
       hyprlock = {};
+
+      sddm = {
+        fprintAuth = false; # prevent NixOS from adding its own pam_fprintd block
+
+        text = lib.mkForce ''
+          auth sufficient ${pam-fprint-grosshack-pkg}/lib/security/pam_fprintd_grosshack.so
+          auth sufficient pam_unix.so try_first_pass nullok
+          auth sufficient ${pkgs.fprintd}/lib/security/pam_fprintd.so
+
+          account required pam_unix.so
+          password required pam_deny.so
+
+          session required pam_unix.so
+          session optional ${pkgs.systemd}/lib/security/pam_systemd.so
+        '';
+      };
     };
   };