Make sudo authenticate with Touch ID in a tmux session
After the recent switch to https://github.com/samoshkin/tmux-config, I have been fully working under tmux sessions. Recently I found that the Touch ID authentication for sudo haven’t been working. I searched over the Internet and found out
pam_tid.so itself is kinda incompatible with tmux.
To solve this, I had to use a simple hack (someone made the solution for us, thanks!). I use https://github.com/fabianishere/pam_reattach, a PAM module for reattaching to the authenticating user’s per-session bootstrap namespace on macOS, and it’s updated just 18 days ago as the time of writing!
$ brew install fabianishere/personal/pam_reattach
Ultimately, make sure
/etc/pam.d/sudo looks like this in the beginning of file:
auth optional pam_reattach.so auth sufficient pam_tid.so ...
Equivalent command line:
$ sudo sed -i '' -e '/^#/a\'$'\n''auth sufficient pam_tid.so' /etc/pam.d/sudo
(Note that on major macOS updates you need to re-do this again.)