- Copy
99-u2f_lock_screen.rulesto/etc/udev/rules.d. - Copy
gnome_lock_all_sessionsto/usr/local/bin. - Mark
gnome_lock_all_sessionsas executable:chmod +x /usr/local/bin/gnome_lock_all_sessions - Reload udev:
udevadm control -R
Last active
June 12, 2024 09:16
-
-
Save jhass/070207e9d22b314d9992 to your computer and use it in GitHub Desktop.
Lock (Gnome) session when removing Yubico U2F key
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ACTION=="remove", SUBSYSTEM=="usb", ENV{ID_MODEL_FROM_DATABASE}=="Yubikey Touch U2F Security Key", RUN+="/usr/local/bin/gnome_lock_all_sessions" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # List available names | |
| # dbus-send --session --dest=org.freedesktop.DBus --type=method_call --print-reply /org/freedesktop/DBus org.freedesktop.DBus.ListNames | |
| # Lock session (Gnome) | |
| # dbus-send --session --type=method_call --dest=org.gnome.ScreenSaver /org/gnome/ScreenSaver org.gnome.ScreenSaver.Lock | |
| # Unlock session (Gnome) | |
| #dbus-send --session --type=method_call --dest=org.gnome.ScreenSaver /org/gnome/ScreenSaver org.gnome.ScreenSaver.SetActive boolean:false | |
| # Lock session (freedesktop) (no effect?) | |
| # dbus-send --session --type=method_call --dest=org.freedesktop.ScreenSaver /org/freedesktop/ScreenSaver org.freedesktop.ScreenSaver.Lock | |
| for bus in /run/user/*/bus; do | |
| uid=$(basename $(dirname $bus)) | |
| if [ $uid -ge 1000 ]; then | |
| user=$(id -un $uid) | |
| export DBUS_SESSION_BUS_ADDRESS=unix:path=$bus | |
| if su -c 'dbus-send --session --dest=org.freedesktop.DBus --type=method_call --print-reply /org/freedesktop/DBus org.freedesktop.DBus.ListNames' $user | grep org.gnome.ScreenSaver; then | |
| su -c 'dbus-send --session --type=method_call --dest=org.gnome.ScreenSaver /org/gnome/ScreenSaver org.gnome.ScreenSaver.Lock' $user | |
| fi | |
| fi | |
| done |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Any idea why running this would cause gnome to lock every time I run sudo? I've used it in combination with a challenge-response as sufficient on /etc/pam.d/sudo. Works like a breeze but gnome locks each time I run sudo now.
love the script btw thanks!