Recently I’ve found out that currently it’s not possible to unlock gnome-keyring automatically with fingerprint login.
I use greetd & tuigreet to login in Plasma 6.
So, I’d like to know how to disable fingerprint login (for greetd), but I’d like to keep the functionality for sudo, polkit, the screen locker, etc.
I’m not familiar with greetd, but if it uses PAM like most services do, it is probably as simple as removing (or commenting out) the line(s) containing pam_fprintd.so in the corresponding file under /etc/pam.d.
I see. In that case, I’m guessing the greetd file contains something like auth include system-auth and the system-auth file has the pam_fprintd.so line? If that is the case, then you could probably work around the problem by making a copy of system-auth (e.g. cp system-auth my-system-auth) and then changing the auth line in your greetd file to auth include my-system-auth.
Be sure to have a root session open somewhere while you are editing and testing because you could lock yourself out if you misconfigure these files. (Also, it is a good idea to make sure they don’t work when they are not supposed to.)
Edit: authselect probably just does an all-or-nothing configuration. Since you want something more complex (works with sudo, but not with greetd) you will probably have to edit the PAM conf files manually to achieve that.
Don’t edit system-auth manually. Make a copy of system-auth, edit the copy, and then edit greetd to reference the copy. (But making backup copies of the files you are going to edit is certainly a good idea.)
The auth substack system-auth line is roughly equivalent. The difference is that “jump” lines in a substack cannot skip over lines in the calling stack (whereas that is possible with “included” stacks). There are some other differences about how the state of the stack can be manipulated, but none of that is important for what you are trying to do. Just change the auth substack system-auth line in your copy to auth substack my-system-auth (or whatever you choose to call it).
Edit: For consistency, I would also change the other lines that reference system-auth to my-system-auth, but you don’t have to.
Beware that when you update your system, you may occasionally get a new file under /etc/pam.d named greetd.rpmnew. The package manager will know that you have customized the greetd file and it will create that greetd.rpmnew file instead of overwriting your changes. You will need to compare the updated file with your customized file to make sure there are no changes besides the one you’ve intentionally made (referencing my-system-auth). If there are other changes, you should merge those changes into your custom greetd file. Unfortunately, you’ll have to merge the changes manually. There are tools to help with managing those kind of merges (rpmconf and vimdiff), but they are somewhat complicated to learn to use.