Skip to main content
MrC
October 3, 2023
Question

PSA: macOS Sonoma and sudo biometrics

  • October 3, 2023
  • 0 replies
  • 334 views

FYI: macOS Sonoma makes it easier to retain enabled sudo biometrics across software updates. In previous versions, users were required to re-add an auth line to /etc/pam.d/sudo after every update.

The /etc/pam.d/sudo file now includes the file sudo_local:


auth include sudo_local

and a template file /etc/pam.d/sudo_local.template:

```

sudo_local: local config file which survives system update and is included for sudo

uncomment following line to enable Touch ID for sudo

auth sufficient pam_tid.so

```

Simply copy that file to /etc/pam.d/sudo_local and uncomment the auth line. This should survive system updates.