If you're running Arch Linux on a laptop with a supported finerprint reader, you might like to be able to use your fingerprint to unlock after suspend. At first glance of the Arch Wiki
fprint page, it would appear you can simply add some config into
/etc/pam.d/i3lock and you'd be good to go. However, the common approach of using a Systemd unit file with
Before=sleep.target to start a lock application (
i3lock, in my case) won't work, and you'll find the lock application rejecting your fingerprint every time.
This is due to the fact that
sleep.target is for system services, as opposed to user services. Further, there's no direct equivalent for
systemd-user. So when the suspend hook runs, it might run with some knowledge of an active session (if you're passing through a
DISPLAY environment variable, for example), but it won't have a full user session to work with, which means no fingerprint reading.
Fortunately, this is pretty easily fixed. The
xss-lock application allows you to run a locker application as a screensaver, which means full user session availability to the locker. To integrate this with your existing locker, the steps are:
- Disable any systemd lock-on-suspend services you might have previously been trying to use.
xss-lockwith your X11 session. For example, with i3, something like
exec --no-startup-id xss-lock -l /bin/my-locker-script &would do the trick
- Restart your Window Manger (or X11 entirely, depending on how you've configured
xss-lockto be executed)