⬆️ ⬇️

Automatic screen lock in GNU / Linux

Do you often go for a regular cup of coffee or go out of the office / office to make a personal call, do you find yourself thinking that you forgot to lock the screen of your computer? And on the computer at this time there was an open correspondence in Skype / mail or worse - a root session in the console? As a result, you try to return to your computer as quickly as possible, so that good colleagues do not have time to set the wallpaper with the Black Lord to the background of the desktop.

In this article I will give an example of solving this problem with screen lock, which will help to close access to the desktop at the moment when you move away from the computer.





Introduction



I will describe briefly the proposed solution, in order to understand what we will do now. We will do so that the operating system will itself, using Bluetooth, check how far the user is located, and in the event of "inaccessibility" will automatically block the screen. The process of unlocking will remain on the user's conscience, and will consist in entering the password that is used in his account. Automatically removing the lock is quite a risky undertaking, so we will not consider this scenario. In terms of complexity, this article is aimed at advanced Linux users, because Some stages of the setup will be described without unnecessary details, relying on the obvious, so as not to go away from the main illuminated topic.



Training



First you need to make sure that our computer and mobile phone support Bluetooth technology. If there is no problem with a mobile phone, because Most modern devices have support for the "blue tooth", then with a computer may well be. I will not tell you in detail how to set up Bluetooth in different Linux distributions, but simply describe the main stages of setting up support for it, provided that the hardware includes the necessary components, using the example of Gentoo.

')

The main stages of setting up Bluetooth support in Linux


  1. Turn on Bluetooth support for BIOS if it is controlled by a separate parameter, such as on Lenovo laptops
  2. Determine which Bluetooth controller is used in the computer configuration:
    ~ $ lsusb | grep -i bluetooth Bus 001 Device 003: ID 0a5c:217f Broadcom Corp. Bluetooth Controller 
  3. Include in the kernel support for the Bluetooth subsystem and the necessary driver for your controller:
     Kernel Configuration ---> Bluetooth subsystem support ---> Bluetooth device drivers ---> <*> HCI USB driver 
  4. Save the configuration, install the updated kernel and its modules, and then restart the system to boot with the new kernel
  5. Install the Bluez package (with test-programs support) that will do the work at the program level. In the Gentoo package base, it looks like this:
     * net-wireless/bluez Latest version available: 4.101-r5 Latest version installed: [ Not Installed ] Size of files: 866 kB Homepage: http://www.bluez.org/ Description: Bluetooth Tools and System Daemons for Linux License: GPL-2 LGPL-2.1 
  6. Under a user with root privileges, start the bluetooth daemon and add it to the system autoload:
     ~ # /etc/init.d/bluetooth start ~ # rc-update add bluetooth default 
  7. Check that the bluetooth device is determined and ready to go:
     ~ # hcitool dev Devices: hci0 CC:52:AF:E3:FB:67 ~ # hciconfig list hci0: Type: BR/EDR Bus: USB BD Address: CC:52:AF:E3:FB:67 ACL MTU: 1021:8 SCO MTU: 64:1 UP RUNNING PSCAN ... 


This preparation is completed, proceed to the next stage.



Customization



In this section there will be the whole essence of the solution, namely, we will configure the pairing between the mobile phone and the computer. After that, in the operating system we will prepare a script for checking the availability of the phone via the Bluetooth channel, which will be called every minute by means of the Cron daemon-scheduler. Let's get started

  1. Enable bluetooth on the phone and configure its visibility for the rest of the network:

  2. On the computer side, start scanning the bluetooth network, as a result of which we will determine the address of our mobile phone (you can spy on the phone itself):
     ~ # hcitool scan Scanning ... 00:AA:70:31:9A:19 LG-E400 
  3. Configure the pairing, on the phone to accept the incoming connection:
     ~ # simple-agent hci0 00:AA:70:31:9A:19 RequestConfirmation (/org/bluez/3522/hci0/dev_00_AA_70_31_9A_19, 724215) Confirm passkey (yes/no): yes Release New device (/org/bluez/3522/hci0/dev_00_AA_70_31_9A_19) 


  4. Add mobile address to the list of trusted devices:
     ~ # bluez-test-device trusted 00:AA:70:31:9A:19 yes 
  5. Check the availability of the phone from a computer via bluetooth:
     ~ # l2ping -c 10 00:AA:70:31:9A:19 
  6. Disable the visibility in the bluetooth settings of the mobile phone, if this does not happen automatically:

  7. Prepare a script that will check the availability of the phone and in case of inaccessibility block the screen:
     ~ # if ! /usr/bin/l2ping -c 1 <%ADDR%> ; then su <%USERNAME%> -c '<%SCREENLOCKER%>' ; fi 


    In my case:

    <% ADDR%> = 00: AA: 70: 31: 9A: 19

    <% USERNAME%> = not a root user, under which X runs and all the rest of the main work in the system

    <% SCREENLOCKER%> = I use the gnome-extra / gnome-screensaver package from the Gnome environment without the rest of the environment, so the screen lock command looks like this - gnome-screensaver-command --lock
  8. Run a test check as root when bluetooth is enabled on the phone
  9. Disable bluetooth on the phone and re-run the test, also with root privileges
  10. Add a minute rule to crontab:
     ~ # crontab -l #minute (0-59), #| hour (0-23), #| | day of the month (1-31), #| | | month of the year (1-12), #| | | | day of the week (0-6 with 0=Sunday). #| | | | | commands * * * * * export DISPLAY=:0 && if ! /usr/bin/l2ping -c 1 <%ADDR%> >/dev/null 2>/dev/null ; then su <%USERNAME%> -c '<%SCREENLOCKER%>' ; fi 
    If such rules in crontab scare you, you can put the check in a separate script in the / usr / local / sbin directory, with more tricky checks, which you then specify in the crontab rule.


This completes the configuration and verification.



Result



We received a tool that will monitor our mobile phone and will lock the screen if it is removed from the computer. In real conditions, this distance is not more than 10-20 meters and bluetooth on the phone should work stably. The daily life of a mobile phone battery is somewhat reduced, since we use short connections of 2-3 seconds.

Source: https://habr.com/ru/post/169819/



All Articles