Tommy Skaug
805a34f937
All checks were successful
Export / Explore-GitHub-Actions (push) Successful in 2m19s
56 lines
1.6 KiB
Markdown
56 lines
1.6 KiB
Markdown
I have used OpenBSD for some time now and one of the things that I
|
|
have had to work a bit on to get the way I like it, is locking the
|
|
terminal upon apmd suspend. In other words locking the terminals
|
|
when I close the lid.
|
|
|
|
Since it is a bit of code and that I reuse it other places, I
|
|
created this as a separate helper script. Thus, my
|
|
``/etc/apm/suspend``-reference is:
|
|
|
|
```
|
|
#!/bin/ksh
|
|
|
|
lock.sh&
|
|
sleep 3
|
|
```
|
|
|
|
The suspend file executes every time the lid is closed.
|
|
|
|
Once upon a time I probably used different sources for this, but
|
|
anyways the script that I currently use are two-fold. The first
|
|
part locks all xenodm sessions with xlock:
|
|
|
|
```
|
|
CMD_LOCK="xlock"
|
|
|
|
# get all currently running xenodm sessions
|
|
XSESSION=$(ps -axo user,ppid,args|awk '/xenodm\/Xsession/ { print
|
|
$1,$2}')
|
|
|
|
# lock all logged in X sessions
|
|
for SESSION in "$XSESSION"; do
|
|
_USER=$(echo $SESSION | cut -f1 -d' ')
|
|
_PPID=$(echo $SESSION | cut -f2 -d' ')
|
|
_DISPLAY=$(ps -p $_PPID -o args=|cut -d' ' -f2)
|
|
su - $_USER -c "export DISPLAY=\"$_DISPLAY\" && $CMD_LOCK" &
|
|
done
|
|
```
|
|
|
|
The second part of the script kills all active consoles. This is
|
|
the most important part for me, since I most often lock the
|
|
screen, but forget to log off the consoles.
|
|
|
|
```
|
|
# kill open console TTYs
|
|
OPEN_TTYS=$(who|awk '{print $2}'|fgrep ttyC)
|
|
for _TTY in $OPEN_TTYS; do
|
|
T=$(echo $_TTY|sed 's/tty//');
|
|
TTY_PID=$(ps -t $T|fgrep -v COMMAND|fgrep "ksh (ksh)"|awk '{print $1}');
|
|
kill -9 $TTY_PID;
|
|
done
|
|
```
|
|
|
|
Please also be aware that suspending the laptop will leave things
|
|
in plaintext, in memory, so to truly be resistant to an evil maid
|
|
vector you would need to power off the laptop when out of a
|
|
controlled area.
|