Setting up fprintd for swaylock

To enable swaylock to unlock like so: <enter password> <hit enter> or <hit enter> <touch fingerprint sensor>

To install fprintd: doas apk add fprintd

Upon installation a standard user was not authorized to add prints. The below was used to allow members of the 'input' group to add prints:

sudo tee /etc/polkit-1/rules.d/50-fingerprint.rules << 'EOF' polkit.addRule(function (action, subject) { if (action.id.indexOf("net.reactivated.fprint.") == 0) { if (subject.isInGroup("input")) { return polkit.Result.YES; } } }); EOF

doas adduser $USER input

(reboot)

I previously enrolled a print for root accidentally, needed to delete it (as well as for my user for good measure):

fprintd-delete $(whoami) fprintd-delete root

Then enroll fresh print(s):

fprintd-enroll fprintd-verify

Then, to set the swaylock config:

sudo tee /etc/pam.d/swaylock << 'EOF'

1. Try password authentication first

auth sufficient pam_unix.so nullok

1. If no password provided, try fingerprint

auth sufficient pam_fprintd.so ignore-empty-password auth required pam_deny.so # Keep the wallet stuff -auth optional pam_kwallet.so -auth optional pam_kwallet5.so -session optional pam_kwallet.so auto_start -session optional pam_kwallet5.so auto_start EOF