Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[Solved] xautolock on laptop lid close
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Desktop Environments
View previous topic :: View next topic  
Author Message
abduct
Apprentice
Apprentice


Joined: 19 Mar 2015
Posts: 203

PostPosted: Sat Mar 17, 2018 12:34 am    Post subject: [Solved] xautolock on laptop lid close Reply with quote

I am trying to apply my lock to my laptop when the laptops lid is closed before it goes into hibernation to ram.

Currently I can only achieve hibernation to ram via s2ram which is good, but any calls to xautolock fail presumably because of a lack of a X session. Likewise if I remove the -detectsleep from my `.xinitrc' the locker will trigger after the timeout period while the laptop is sleeping, but if anyone opens the laptop during this time out period they won't have to enter in the users credentials.

Is there a way to bypass this limitation and get xautolock to lock the desktop before s2ram is called? I was thinking perhaps of creating some kind of daemon that runs as my user waiting for a signal to lock the screen as my user, but that seems overly complicated. I was also thinking perhaps I could somehow use the `.serverauth.*' files to give acpid access to my users X session, but that solution also seems like it could break quite easily.

Is there any way to solve this in a secure and sane matter?

My config files are currently setup as:

Code:
/etc/acpi # cat events/lid_sleep
event=button[ /]lid.*
action=/etc/acpi/actions/lid_sleep.sh %e


Code:
/etc/acpi # cat actions/lid_sleep.sh
#!/bin/sh

set $*
group=${1%/*}
action=${1#*/}
device=$2
id=$3
value=$4

case $group in
        button)
                case $action in
                  lid)
                        case "$id" in
                                close)
                                        xautolock -locknow
                                        s2ram
                                        ;;
                                open) :;;
                        esac
                        ;;
                esac
                ;;
esac


Code:
 # cat ~/.xinitrc
[[snip]]
exec xautolock -secure -detectsleep -time 5 -locker "lock" &
[[snip]]


Last edited by abduct on Sun Mar 18, 2018 5:36 pm; edited 1 time in total
Back to top
View user's profile Send private message
khayyam
Watchman
Watchman


Joined: 07 Jun 2012
Posts: 6228
Location: Room 101

PostPosted: Sat Mar 17, 2018 8:13 am    Post subject: Re: xautolock on laptop lid close Reply with quote

abduct wrote:
Currently I can only achieve hibernation to ram via s2ram which is good, but any calls to xautolock fail presumably because of a lack of a X session. Likewise if I remove the -detectsleep from my `.xinitrc' the locker will trigger after the timeout period while the laptop is sleeping, but if anyone opens the laptop during this time out period they won't have to enter in the users credentials.

abduct ... acpid will need to be provided the $DISPLAY and $USER for the call to 'xautolock -locknow' to function, something like the following (untested):

/etc/acpid/default.sh:
case "$group" in
    button)
        case "$action" in
            lid) case "$id" in
                close) /etc/acpi/actions/lid_sleep.sh ;;
                *) log_unhandled $* ;;
        esac ;;

/etc/acpi/actions/lid_sleep.sh:
#!/bin/sh
set -e
xpid="$(pgrep -n X)"
xuser="$(ps -o user --no-headers $xpid)"
display="$(egrep -aoz ':[0-9](.[0-9])?' /proc/$xpid/cmdline)"
export XAUTHORITY="/home/$xuser/.Xauthority"
export DISPLAY="$display"

su - "$xuser" -c "/usr/bin/xautolock -locknow"
/usr/sbin/s2ram

HTH & best ... khay
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 13493

PostPosted: Sat Mar 17, 2018 3:37 pm    Post subject: Re: xautolock on laptop lid close Reply with quote

khayyam wrote:
/etc/acpi/actions/lid_sleep.sh:
xpid="$(pgrep -n X)"
xuser="$(ps -o user --no-headers $xpid)"
This will grab the current user for the X server. If the system has not migrated to rootless X, then the result will be root, not the logged in user.
Back to top
View user's profile Send private message
abduct
Apprentice
Apprentice


Joined: 19 Mar 2015
Posts: 203

PostPosted: Sat Mar 17, 2018 4:41 pm    Post subject: Re: xautolock on laptop lid close Reply with quote

Hu wrote:
khayyam wrote:
/etc/acpi/actions/lid_sleep.sh:
xpid="$(pgrep -n X)"
xuser="$(ps -o user --no-headers $xpid)"
This will grab the current user for the X server. If the system has not migrated to rootless X, then the result will be root, not the logged in user.


I specifically downgraded back to the SUID version of X. So I guess this wont work very well. Although it does give me a good place to start. I believe I can simply exchange some variables to hardcoded ones regaurding users and .Xauthority file locations since this is a single user install.

I remember doing something similar with a firefox install once in which firefox was installed as it's own user, then I made a wrapper script to allow the UI instance to run in my X session to try to separate privileges and attack surfaces.

I'll try to see what I can come up with to get it working.

If anyone else has any suggestions let me know.

Thanks.
Back to top
View user's profile Send private message
abduct
Apprentice
Apprentice


Joined: 19 Mar 2015
Posts: 203

PostPosted: Sat Mar 17, 2018 4:56 pm    Post subject: Reply with quote

So I made the modifications required, but the result is a bit unexpected...

When the laptops lid is closed and I watch the power status on my USB wifi card (which turns red and flashes when the laptop is suspended to ram) I can tell the laptop was put into suspension... or at least assume it has. My SSH connection also dies.

But when I open the lid the the laptops screen appears, then goes into suspension AGAIN this time requiring me to press the enter key to wake it up. Furthermore it is not until it is woken up that xautolock activates locking the screen. There is a 3-6 second delay from when it exits suspension and the lock screen appears.

I preferably want the xautolock to happen before it goes into suspension, so that when it wakes up it is already locked.

Did I missedit one of the configs?

EDIT:: I found that if I add a sleep between the su xautolock and the s2ram of 5 seconds that when the lid is opened the screen resumes locked. The only problem is

1) Why is the laptop double suspending, once when lid is closed (requiring just opening the lid to unsuspend) and once when the lid is opened (requiring keyboard input to wake up)
2) The sleep command seems kind of klunky. I am not sure yet if it requires less than 5 seconds, but there definitiatly needs to be a delay of some kind to give xautolock a chance to lock before sleeping

Anyways to resolve these two issues? Or at least the first issue.

Code:
# cat events/default
event=.*
action=/etc/acpi/default %e


Code:

# cat default.sh
#!/bin/sh

set $*
group=${1%/*}
action=${1#*/}
device=$2
id=$3
value=$4

case $group in
        button)
                case $action in
                  lid)
                        case "$id" in
                                close)
                                        /etc/acpi/actions/lid_sleep.sh
                                        ;;
                                open) :;;
                        esac
                        ;;
                esac
                ;;
esac


Code:
# cat actions/lid_sleep.sh
#!/bin/sh
set -e
xpid="$(pgrep -n X)"
#xuser="$(ps -o user --no-headers $xpid)"
xuser="abduct"
display="$(egrep -aoz ':[0-9](.[0-9])?' /proc/$xpid/cmdline)"
export XAUTHORITY="/home/$xuser/.Xauthority"
export DISPLAY="$display"

su - "$xuser" -c "/usr/bin/xautolock -locknow"
#sleep 5        # This needs to be here or else xautolock will not lock until the laptop is fully woken up.
                     # With this delay the screen locks fully, then is put to suspension.
/usr/sbin/s2ram
Back to top
View user's profile Send private message
khayyam
Watchman
Watchman


Joined: 07 Jun 2012
Posts: 6228
Location: Room 101

PostPosted: Sat Mar 17, 2018 6:55 pm    Post subject: Re: xautolock on laptop lid close Reply with quote

Hu wrote:
khayyam wrote:
/etc/acpi/actions/lid_sleep.sh:
xpid="$(pgrep -n X)"
xuser="$(ps -o user --no-headers $xpid)"

This will grab the current user for the X server. If the system has not migrated to rootless X, then the result will be root, not the logged in user.

Hu ... good catch, I've been runing X as user, and with USE="-suid", for a long time prior to the recent change ... and so the above would return the user, and not root, in my case.

abduct wrote:
1) Why is the laptop double suspending, once when lid is closed (requiring just opening the lid to unsuspend) and once when the lid is opened (requiring keyboard input to wake up)

@abduct ... I suspect because the state of the "lid" is "close" on suspend, and remains so on wakeup, and so its triggered again. I'm using a similar acpid script to 'hibernate', and this doesn't occur.

abduct wrote:
2) The sleep command seems kind of klunky. I am not sure yet if it requires less than 5 seconds, but there definitiatly needs to be a delay of some kind to give xautolock a chance to lock before sleeping

Probably a '&&' between xautolock and s2ram. Also, I wouldn't expect a "3-6 second delay", it should happen almost simultaniously (though that said I'm not using xautolock. I hibernate to a dmcrypt swap and so have no need to lock the display).

HTH & best ... khay
Back to top
View user's profile Send private message
abduct
Apprentice
Apprentice


Joined: 19 Mar 2015
Posts: 203

PostPosted: Sat Mar 17, 2018 8:05 pm    Post subject: Reply with quote

Thanks khayyam, I'll try the suggestions a bit later today. I can probably add a check to see if the previous condition was a closed state to prevent it from thinking it was closed again. Also && makes a lot of sense and I should of tried it sooner.

As for hibernation to encrypted swap... how did you set this up? Is your swap partition using a preshared key or is the swap created at boot each startup?

Every time I have attempted encrypted swap I would nuke the swap partition and re-encrypt it with a random key at boot so hibernation was not possible. Although I guess since the swap was encrypted anyways there would be no need to destroy it every time unless you were being paranoid. I'd enjoy hearing your solution, because I eventually would like to get hibernation functioning in a safe and secure way.
Back to top
View user's profile Send private message
khayyam
Watchman
Watchman


Joined: 07 Jun 2012
Posts: 6228
Location: Room 101

PostPosted: Sat Mar 17, 2018 10:48 pm    Post subject: Reply with quote

abduct wrote:
As for hibernation to encrypted swap... how did you set this up? Is your swap partition using a preshared key or is the swap created at boot each startup?

abduct ... swap is an LVM volume within a dmcrypt root, so it's unlocked via initramfs on boot, or after a hibernation cycle. I'm using better-initramfs, a tuxonice patched ck-sources, and sys-power/hibernate-script. Its worked flawlessly for as long as I can remember with that combination, and though the tuxonice patch does run behind on stable releases it will generally apply cleanly (you might look at pf-sources which would save you some trouble ITR).

If you want more detailed instructions just ask.

best ... khay
Back to top
View user's profile Send private message
abduct
Apprentice
Apprentice


Joined: 19 Mar 2015
Posts: 203

PostPosted: Sun Mar 18, 2018 12:11 am    Post subject: Reply with quote

So something bizarre is happening...

It appears if I leave my `action' named as `lid_sleep.sh' it will get executed every time there is a button/lid event ever if no event was specified for it.

Furthermore, commenting out all references to the script in the default.sh event handler does not stop it from running on lid open/close.

Additionally renaming the script to `suspend-to-ram.sh' and adjusting the `default.sh' handler to reflect the name change does not actually run the script at all...

Is there some kind of built in file name event functionality where if a button/lid event is found it will execute all bash scripts in `actions' with `lid' in the name? It would explain why the script would execute twice suspending the laptop twice when opening/closing the lid...

Anyways I can't see anything wrong in any of my scripts and `suspend-to-ram.sh' is not being called at all now. All files are chmod +x and I have also restarted the acpi service just in case and it had no effect.

Code:
 # acpi_listen
button/lid LID close
button/lid LID open


Code:
# ls events/
default
 # cat events/default
event=.*
action=/etc/acpi/default.sh %e


Code:
# ls
actions  default.sh  events
 # cat default.sh
#!/bin/sh

set $*
group=${1%/*}
action=${1#*/}
device=$2
id=$3
value=$4

case $group in
        button)
                case $action in
                  lid)
                        case "$id" in
                                close) /etc/acpi/actions/suspend-to-ram.sh ;;
                                open) :;;
                        esac
                        ;;
                esac
                ;;
esac


Code:
 # ls actions/
powerbtn.sh  suspend-to-ram.sh
# cat actions/suspend-to-ram.sh
#!/bin/sh
set -e
xpid="$(pgrep -n X)"
#xuser="$(ps -o user --no-headers $xpid)"
xuser="abduct"
display="$(egrep -aoz ':[0-9](.[0-9])?' /proc/$xpid/cmdline)"
export XAUTHORITY="/home/$xuser/.Xauthority"
export DISPLAY="$display"

su - "$xuser" -c "/usr/bin/xautolock -locknow"
sleep 5
/usr/sbin/s2ram
Back to top
View user's profile Send private message
abduct
Apprentice
Apprentice


Joined: 19 Mar 2015
Posts: 203

PostPosted: Sun Mar 18, 2018 12:39 am    Post subject: Reply with quote

Figured it out kind of...

These are the following assumptions I am making:

1) Any `actions' that contain a ACPI event name are triggered automatically even without any handler being set. For instance Creating a `lid_sleep.sh' in `/etc/acpi/actions' will get triggered when ever a `button/lid' event is captured by ACPI even without a `/etc/acpi/events' being created for it
2) `default' is a reserved name of some kind. Having `default' as the event file name will not work and will never be executed.

My solution was to

1) Rename my `/etc/acpi/actions/lid_sleep.sh' to `/etc/acpi/actions/suspend-to-ram.sh'
2) Rename `/etc/acpi/default.sh' to `/etc/acpi/handler.sh'
3) Rename `/etc/acpi/events/default' to `/etc/acpi/events/handler'
4) Repair all file name conflicts within the scripts to point at the right files

That is if I am not completely bat shit crazy. Either way these are either undocumented quirks or for some reason ACPI doesn't like my laptop. Either way the following issues are resolved

1) The laptop only suspends once, on lid close.
2) Adding the `sleep 5' inbetween the su and s2ram fixes the screen not locking before suspension happens.

Thanks for the help guys.
Back to top
View user's profile Send private message
khayyam
Watchman
Watchman


Joined: 07 Jun 2012
Posts: 6228
Location: Room 101

PostPosted: Sun Mar 18, 2018 8:38 am    Post subject: Reply with quote

abduct ...

the 'default' event triggers default.sh, but note that event contains a wildcard (so, it's run for every event). That is the extent of it being "a reserved name". What I expect happened in your case is you had both a default event (with a wildcard), and a lid_sleep event, both of which trigger the same 'action'.

You can of course change/rename the default event, but personally I find it easier to have the default wildcard triggered, and default.sh run, so that everything (excluding the actions) is located in one file. Additionally, default.sh will log those "unhandled" events when wildcards are used within the 'case'. For example, my default.sh contains the following:

/etc/acpid/default.sh:
log_unhandled() {
  logger "ACPI event unhandled: $*"
}

case "$group" in
  button)
    case "$action" in
      power) /etc/acpi/actions/powerbtn.sh ;;
      mute) /usr/bin/amixer -q set Master toggle ;;
      volumeup) /usr/bin/amixer -q set Master 5%+ ;;
      volumedown) /usr/bin/amixer -q set Master 5%- ;;
      switchmode) /etc/acpi/actions/xrandr.sh ;;
      lid)
          case "$id" in
            close) /etc/acpi/actions/hibernate.sh ;;
            *) log_unhandled $* ;;
          esac ;;
      *) log_unhandled $* ;;
    esac ;;
  video)
    case "$action" in
      brightnessup) /etc/acpi/actions/backlight.sh up ;;
      brightnessdown) /etc/acpi/actions/backlight.sh down ;;
      *) log_unhandled $* ;;
    esac ;;

I could split that all out into seperate events, but I see no reason to do that.

HTH & best ... khay
Back to top
View user's profile Send private message
abduct
Apprentice
Apprentice


Joined: 19 Mar 2015
Posts: 203

PostPosted: Sun Mar 18, 2018 5:36 pm    Post subject: Reply with quote

Perhaps you're right. I can't seem to reproduce this behavior any more. Although all files I have used have been added to this post and especially when I started to comment references to the scripts out and they were still firing it started to confuse me.

Either way this is solved, thanks for the help!
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Desktop Environments All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum