From 88a10f1a6e2ea172ff985f64bfcf82e26425530a Mon Sep 17 00:00:00 2001 From: aszlig Date: Wed, 5 Nov 2014 18:24:10 +0100 Subject: modules: Add "fancy" vlock-based lock screen. Unfortunately it's only "fancy" in quotes because the way it's activated is using a dummy socket file with the user "aszlig" hardcoded at the moment. In terms of security it isn't a problem, because vlock is using PAM for authentication and it falls back to authenticating against the root user. Signed-off-by: aszlig --- modules/module-list.nix | 1 + modules/vlock/default.nix | 51 ++++++++++++++++++++++++++++++++++++++++++++ modules/vlock/message.cat | 18 ++++++++++++++++ modules/vlock/message.colmap | 18 ++++++++++++++++ 4 files changed, 88 insertions(+) create mode 100644 modules/vlock/default.nix create mode 100644 modules/vlock/message.cat create mode 100644 modules/vlock/message.colmap (limited to 'modules') diff --git a/modules/module-list.nix b/modules/module-list.nix index c04fc681..ced9f900 100644 --- a/modules/module-list.nix +++ b/modules/module-list.nix @@ -1,4 +1,5 @@ [ ./i3 ./slim + ./vlock ] diff --git a/modules/vlock/default.nix b/modules/vlock/default.nix new file mode 100644 index 00000000..11e9a475 --- /dev/null +++ b/modules/vlock/default.nix @@ -0,0 +1,51 @@ +{ pkgs, config, lib, ... }: + +let + messageFile = pkgs.runCommand "message.cat" {} '' + echo -en '\e[H\e[2J\e[?25l' > "$out" + "${pkgs.aacolorize}/bin/aacolorize" \ + "${./message.cat}" "${./message.colmap}" \ + >> "$out" + ''; + + esc = "\\\\033"; + unlockCSI = "${esc}[16;39H${esc}[?25h${esc}[K"; + + vlock = lib.overrideDerivation pkgs.vlock (o: { + postPatch = (o.postPatch or "") + '' + echo -n '"' > src/message.h + sed -e ':nl;N;$!bnl;s/[\\"]/\\&/g;s/\n/\\n/g' "${messageFile}" \ + >> src/message.h + sed -i -e '$s/$/"/' src/message.h + sed -i -e 's!getenv("VLOCK_MESSAGE")!\n#include "message.h"\n!' \ + src/vlock-main.c + sed -i -re 's/(fprintf[^"]*")(.*user)/\1${unlockCSI}\2/' \ + src/auth-pam.c + ''; + }); +in { + options.vuizvui.vlock.enable = lib.mkEnableOption "console lock"; + + config.systemd.sockets.vlock = { + description = "Console Lock Socket"; + wantedBy = [ "sockets.target" ]; + socketConfig.ListenStream = "/run/console-lock.sock"; + socketConfig.Accept = true; + }; + + config.systemd.services."vlock@" = lib.mkIf config.vuizvui.vlock.enable { + description = "Lock All Consoles"; + serviceConfig.Type = "oneshot"; + + #environment.USER = "%i"; XXX + environment.USER = "aszlig"; + + script = '' + retval=0 + oldvt="$("${pkgs.kbd}/bin/fgconsole")" + "${vlock}/bin/vlock" -asn || retval=$? + if [ $retval -ne 0 ]; then "${pkgs.kbd}/bin/chvt" "$oldvt"; fi + exit $retval + ''; + }; +} diff --git a/modules/vlock/message.cat b/modules/vlock/message.cat new file mode 100644 index 00000000..f079e829 --- /dev/null +++ b/modules/vlock/message.cat @@ -0,0 +1,18 @@ + + . + | + -_ | . .-. .-. .. ,.--., ,===. + `-_ | | '||\.||' `' , , || || ;___ + -_ >:_ | _- ||`\|| || `\/' || || ; + `-_ _-' `-_ | _-' .' `| ;' /'`\ ``=='' ,===' + >:' `:' + _-' | | _- .. .. .. + -' | | _-' || || || + .|. _:< || ,---. .---. ||,-. .--. .--|| + _-' | `-_ _-' `-_ || ||"|| ||''' |.,'' |"/' |,";| + -' | `:< `- ||_ ||_|| ||__ |,\\. ||__ ||_,| + | | `-_ `--'`---' `---' '' `' `---' `---' + ' | `- + | press ENTER to unlock + ` + diff --git a/modules/vlock/message.colmap b/modules/vlock/message.colmap new file mode 100644 index 00000000..d7e42fb6 --- /dev/null +++ b/modules/vlock/message.colmap @@ -0,0 +1,18 @@ + + c + c + cc c b WWW WWW WW BccccB cBBBc + ccc c b WWWWWWWW WW W W Bc cB cccc + bb ccc b bb WWWWWW WW WWWW Bc cB c + bbb bbb ccc b bbb WW WW WW WWWW BcBBcB cBBBc + bbb cbb + bbb c b cc rr rr rr + bb c b ccc rr rr rr + ccb ccc rr rrrrr rrrrr rrrrr rrrr rrrrr + ccc c bbb ccc ccc rr rrRrr rrRRR rrrrr rRrr rrRrr + cc c bbb cc rrr rrrrr rrrr rrrrr rrrr rrrrr + c b bbb rrrrrrrrr rrrrr rr rr rrrrr rrrrr + c b bb + b ppppp PPPPP pp pppppp + b + -- cgit 1.4.1