Verify that TouchId hardware is present on the mac before actually ap…

…proving it for sudo commands (#15)
vraravam · Dec 25, 2024 · d22f823 · d22f823
1 parent f1209b3
commit d22f823
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 1 deletion.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -2,6 +2,10 @@ As documented in the README's [adopting](README.md#how-to-adoptcustomize-the-scr
 
 For those who follow this repo, here's the changelog for ease of adoption:
 
+### 1.0-31
+
+* *[approve-fingerprint-sudo.sh]* Handled case to execute `approve-fingerprint-sudo.sh` based on touchId hardware.
+
 ### 1.0-30
 
 * *[resurrect-repositories.rb]* Handled the case where git wouldn't allow cloning a repo into a pre-existing, non-empty folder.

diff --git a/scripts/approve-fingerprint-sudo.sh b/scripts/approve-fingerprint-sudo.sh
@@ -5,10 +5,14 @@
 # To be able to use the mac touchbar for authorizing the 'sudo' command in terminal
 # This will persist through software updates unlike changes directly made to '/etc/pam.d/sudo'
 # Copied from: https://apple.stackexchange.com/a/466029
-# TODO: Need to ensure that TouchId hardware is present before running this script
 
 type is_file &> /dev/null 2>&1 || source "${HOME}/.shellrc"
 
+if ! ioreg -c AppleBiometricSensor | grep -q "AppleBiometricSensor"; then
+  warn "Touch ID hardware is not detected. Skipping configuration."
+  return
+fi
+
 if ! is_file /etc/pam.d/sudo_local; then
   sudo sh -c 'sed "s/^#auth/auth/" /etc/pam.d/sudo_local.template > /etc/pam.d/sudo_local'
   success "Created new file: /etc/pam.d/sudo_local"