Skip to content

Instantly share code, notes, and snippets.

@ChristopherA

ChristopherA/touchidforsudo.md

Last active December 2, 2023 03:27
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save ChristopherA/a0f6612b1a0491b8a80e0e0a1e58318e to your computer and use it in GitHub Desktop.
Save ChristopherA/a0f6612b1a0491b8a80e0e0a1e58318e to your computer and use it in GitHub Desktop.
Download ZIP
TouchID for sudo (updated for Sonoma 14.0)
Raw
touchidforsudo.md

TouchID for sudo

This capability would be have to be renabled ever each system update, but starting with macOS Sonoma 14.0 there is a file that survives system updates to enable it permanently.

(from post in https://sixcolors.com/post/2023/08/in-macos-sonoma-touch-id-for-sudo-can-survive-updates/)

Open the Terminal app. Navigate to the directory that stores the authentication files by typing the following:

cd /etc/pam.d

Next, copy Apple’s provided template to the actual file that the system will read. You’ll need to use sudo and enter your administrator password to get permission:

sudo cp sudo_local.template sudo_local

Finally, open up the file you just made using your text editor of choice; I prefer pico. You’ll need to use sudo again here.

sudo pico sudo_local

In that file, navigate to the line that contains with pam_tid.so and delete the hashtag (#) at the beginning. Save the file out by pressing Control-X, typing ‘Y’ to save your changes, and hitting Return.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment