[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: locking all [virtual] terminals w/ a single command?

From: Jeff Bachtel <sebastion_(_at_)_irelandmail_(_dot_)_com>
Subject: Re: locking all terminals w/ a single command?
Date: Sun, 5 Nov 2000 16:02:01 -0600
Message-ID: <20001105160201_(_dot_)_J23249_(_at_)_cepheid_(_dot_)_nu>

> What he's talking about (from linux, vlock -a) is a utility similar to
> the normal console lock(1), that locks all VT's the user is logged
> into (so you don't have to check 1 through whatever and run lock
> seperately).
> Since the same user "owns" them, its not out of the unix permissions
> paradigm, the main problem is writing an app that takes control of a
> VT controlled by another pid.

i wouldn't mind at all having the restriction of having to be root to
lock all virtual terminals -- that would be fine by me, as i'm just
concerned about quickly locking all virtual terminals when leaving my
desk (having the locking run after x minutes of idle time would be
nice too...i was thinking that making use of the kernel console screen
saving mechanism might be nice [e.g. admin specifies some program to
be executed instead of the screen saving occuring via some configuration

for the moment, i've written a hack that disables the alt key, and
then locks the current virtual terminal using lock.  once a user exits
lock (e.g. by typing in a passphrase), the alt key is re-enabled.  not
pretty, but, imho, an improvement for my local situation.

i looked through the vlock source to see how it was done there and it
looks like the relevant lines are:

/* This is called by a signal whenever a user tries to change the VC
   with a ALT-Fn key */
void release_vt(int signo) {
  if (!o_lock_all)
    ioctl(vfd, VT_RELDISP, 1); /* kernel is allowed to switch */
    ioctl(vfd, VT_RELDISP, 0); /* kernel is not allowed to switch */

i take it that virtual terminals work quite differently under openbsd
and i haven't looked into seeing whether something similar can be done
in lock yet (may be that's not the place to do it?).

Visit your host, monkey.org