detach (1278B)
1 #!/bin/sh 2 # yubilock (c) zakaria wtfpl 3 # DESCRIPTION: 4 # yubikey detach script for OpenBSD hotplugd(8). 5 # runs xlock(1) on $DISPLAY as $xuser when a fido device is detached. 6 # REQUIREMENTS: 7 # - hotplugd(8) enabled: 8 # $ rcctl enable hotplugd 9 # - $xuser variable in this script is changed to be the 10 # user of the primary X11 session. 11 # - a doas rule allowing root to run xlock as $xuser. 12 # INSTALLATION: 13 # - place this script in: /etc/hotplug/detach 14 # - start/reload hotplugd: 15 # $ rcctl start hotplugd # or 16 # $ rcctl reload hotplugd 17 18 # user to run xlock command as ((change this)) 19 xuser=zzz 20 # lock command to run 21 lock_cmd=/usr/X11R6/bin/xlock 22 lock_cmd_args="-bg darkred -info DETACHED" 23 # primary X11 display 24 export DISPLAY=:0 25 26 # event = {attach, detach} 27 # class = device class [0-5] 28 # name = device name 29 event="${0##*/}" 30 class="$1" 31 name="$2" 32 33 # uncomment to log all detach events to syslog 34 #logger -t "$event" "${class}:${name}" 35 36 # if event is a 'fido' device being detached... 37 if [ "$event" = "detach" ]; then 38 case "$name" in 39 fido[0-9]) 40 # log to syslog 41 logger -t "$event" "fido key detached - locking" 42 43 # actually lock display now 44 export DISPLAY=$DISPLAY 45 doas -n -u "$xuser" "$lock_cmd" ${lock_cmd_args} 46 ;; 47 esac 48 fi 49