First, install the required dependencies:
sudo pacman -S base-devel git cmake libusb glib2-devNext, use yay or another AUR helper to install python-validity, open-fprintd, and fprintd-clients-git:
yay -S python-validity open-fprintd fprintd-clients-gitIf you encounter issues during the build of fprintd-clients-git, make sure glib2-dev is installed properly, as it provides necessary files like glib-genmarshal and glib-mkenums.
Create a new udev rule to ensure the fingerprint device's permissions are set correctly. This avoids permission issues when users try to access the fingerprint device.
sudo nano /etc/udev/rules.d/99-validity.rulesAdd the following content to the file:
SUBSYSTEM=="usb", ATTR{idVendor}=="06cb", ATTR{idProduct}=="009a", MODE="0666", GROUP="plugdev", SYMLINK+="validity_fp"Then reload the udev rules:
sudo udevadm control --reload-rules
sudo udevadm triggerModify the following PAM configuration files to integrate fingerprint authentication into your system, specifically for SDDM.
Edit the file to include fingerprint authentication:
sudo nano /etc/pam.d/sddmContents of the file:
#%PAM-1.0
# Fingerprint authentication as a sufficient method
auth sufficient pam_fprintd.so
# If fingerprint fails, fall back to password
auth [success=1 default=bad] pam_unix.so try_first_pass nullok
auth include system-login
# Account management
account include system-login
# Password management
password include system-login
# Session management
session optional pam_keyinit.so force revoke
session include system-login
-session optional pam_gnome_keyring.so auto_start
-session optional pam_kwallet5.so auto_startThis file needs to be updated to ensure fingerprint authentication is applied system-wide:
sudo nano /etc/pam.d/system-authContents of the file:
#%PAM-1.0
# Fingerprint authentication as a sufficient method
auth sufficient pam_fprintd.so
# If fingerprint fails, fall back to password
auth [success=1 default=bad] pam_unix.so try_first_pass nullok
auth required pam_faillock.so preauth
auth optional pam_permit.so
auth required pam_env.so
auth required pam_faillock.so authfail
# Account management
account required pam_unix.so
account optional pam_permit.so
account required pam_time.so
# Password management
password required pam_unix.so try_first_pass nullok shadow
password optional pam_permit.so
# Session management
session required pam_limits.so
session required pam_unix.so
session optional pam_permit.soEnsure this file is updated as well for login processes:
sudo nano /etc/pam.d/system-loginContents of the file:
#%PAM-1.0
auth required pam_shells.so
auth requisite pam_nologin.so
auth include system-auth
account required pam_access.so
account required pam_nologin.so
account include system-auth
password include system-auth
session optional pam_loginuid.so
session optional pam_keyinit.so force revoke
session include system-auth
session optional pam_motd.so
session optional pam_mail.so dir=/var/spool/mail standard quiet
session optional pam_umask.so
-session optional pam_systemd.so
session required pam_env.soAfter making these changes, restart the SDDM service:
sudo systemctl restart sddmIf everything is configured correctly, the system should prompt for fingerprint authentication during login.
If you encounter issues with fingerprint authentication in sddm, check the system logs for errors:
journalctl -xe | grep sddm