#!/bin/bash # Filename: grml-lock # Purpose: lock console # Authors: grml-team (grml.org), (c) Michael Prokop # Bug-Reports: see http://grml.org/bugs/ # License: This file is licensed under the GPL v2. ################################################################################ PN="$(basename "$0")" [ -n "$USER" ] || USER=grml if [ "$1" = "-h" ] || [ "$1" = "--help" ] ; then echo "${PN}: wrapper script to lock desktop This script is a wrapper to lock your desktop session through the physlock application. Usage: just execute $PN without any further options." exit 0 fi if [ -r /etc/grml/script-functions ] ; then # shellcheck disable=SC1091 . /etc/grml/script-functions check4progs physlock sudo chpasswd dialog || { echo "Sorry, necessary tools missing - can not continue. Exiting.">&2 ; exit 1 ; } fi PWD_TEXT1="Set password (hidden typing):" PWD_TEXT2="Retype new password:" # by default use console frontend DIALOG='dialog' PWD_CMD="dialog --stdout --title $PN --passwordbox" GUI=false # only when using X and zenity is available use graphical frontend if [ -n "${DISPLAY}" ] && [ -x "$(command -v zenity)" ] ; then DIALOG='zenity' PWD_CMD="zenity --title $PN --entry --hide-text" GUI=true fi if ! [ -r /etc/grml_version ] ; then if [ "${GUI}" = true ] ; then $DIALOG --no-wrap --title "$PN" --warning --text "Warning: this system does not look like a Grml (based) system,\n and therefore might not work as intended." else $DIALOG --title "$PN" --msgbox "Warning: this system does not look like a Grml (based) system and therefore might not work as intended." 7 70 fi fi lock_desktop() { # be backwards compatible, see https://github.com/grml/grml/issues/87 if physlock --help 2>&1 | grep -q -- '-u user' ; then sudo physlock -u "$USER" else sudo physlock fi } is_passwd_set() { if sudo grep -q "$USER:\*:" /etc/shadow ; then return 1 else return 0 fi } set_passwd() { if [ "${GUI}" = true ] ; then PASSWD1="$($PWD_CMD --text="$PWD_TEXT1")" PASSWD2="$($PWD_CMD --text="$PWD_TEXT2")" else PASSWD1="$($PWD_CMD "$PWD_TEXT1" 0 0)" PASSWD2="$($PWD_CMD "$PWD_TEXT2" 0 0)" fi if [ -z "$PASSWD1" ] ; then if [ -n "${GUI}" ] ; then $DIALOG --title "$PN" --error --text "Error retrieving password. Exiting." else $DIALOG --title "$PN" --msgbox "Error retrieving password. Exiting." 0 0 fi exit 1 fi if [ "$PASSWD1" = "$PASSWD2" ] ; then echo "$USER:$PASSWD2" | sudo chpasswd else if [ "${GUI}" = true ] ; then $DIALOG --no-wrap --title "$PN" --error --text "Error: passwords do not match.\nExiting." else $DIALOG --title "$PN" --msgbox "Error: passwords do not match. Exiting." 0 0 fi exit 1 fi } askpwd() { if [ "${GUI}" = true ] ; then $DIALOG --no-wrap --title="$PN" --question --cancel-label='Exit' --ok-label='Set password' --text="User $USER has no password set yet.\nWithout a password you will not be able to log in again.\nSet password for user $USER?" RC=$? else $DIALOG --title "$PN" --no-label Exit --yes-label Continue --yesno "User $USER has no password set yet. Without a password you will not be able to log in again. Set password for user $USER?" 0 0 RC=$? fi if [ "$RC" = "0" ] ; then set_passwd else exit 1 fi } if ! isgrmlcd ; then lock_desktop else if is_passwd_set || askpwd ; then lock_desktop else exit 1 fi fi ## END OF FILE #################################################################