-
Notifications
You must be signed in to change notification settings - Fork 2
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Not working for me #1
Comments
hi frank - thank you for reporting the issue, i have updated README accordingly. could you provide:
|
and check these two log files |
Will do with the next update. I am under the impression that this also happens after restart / reboot (not system update). |
I have some trouble re-producing the issue currently. It seems to survive restart, which was not the case before, as far as I recall. I plan to test with next macOS software update. |
After system upgrade macOS 12.1 (21C51): ls -l /Library/LaunchDaemons/me.birkhoff.persistent_pam_tid.plist
-rw-r--r-- 1 root wheel 672 Dec 7 20:09 /Library/LaunchDaemons/me.birkhoff.persistent_pam_tid.plist
ls -l /usr/local/bin/pam-tid-installer
-rwxr-xr-x 1 root admin 282 Dec 7 20:09 /usr/local/bin/pam-tid-installer
Then I re-installed the The line I restarted the computer. Thanks for creating the tool one more time! |
My best guess is that macOS Monterey has introduced new changes that breaks the standard way of modifying |
So apparently the kernel is preventing sed from modifying Update: it's TCC that is blocking write access to the file:
|
Thanks for the updates. That correlates with my observations. sudo mode removed after simple restart again. On the other side, a fingerprint is pretty easy to fork and probably not as secure as a secure password. But having a secure sudo password is also a hustle when to be typed often. Hm. |
Yes, after some investigation it seems Apple has restricted access to |
Wanted to use this tool and saw this issue, is this only for sed? I have an ansible playbook to setup my dev machine and in there I add the I have M1 Max if interested and Monterey (the VM is also Monterey)... |
After debugging and trying to solve this for the past 4 hours and I found something that may help but I couldn't apply it to our case - macOS processes — What to do when your daemon gets blocked by permissions dialogues. The problem I found out is that like it says in the article, we run it as root and there is no GUI session* so the user is not prompt for the TCC GUI, even when I tried to add the binary to the Full Disk Access in the privacy settings it didn't work.
A possible solution is to add the I've also tried to set And also I've tried to change the file |
Thanks for the nice tool and the blog post. It's unfortunately not working on my computer. Not sure what you would require as debugging info?
I followed the install guides. No errors there. After restart / upgrade the line
auth sufficient pam_tid.so
in/etc/pam.d/sudo
was missing and it didn't asked for touchID.Random other ideas
The text was updated successfully, but these errors were encountered: