My Ubuntu-mate 18.04 has quite convenient lock screen. I would like to lock my gnome-keyring and unmount ~/Private (ecryptfs partition) while screen is locked. The idea is to get a protection against "cold boot" in case computer gets stolen while in locked/suspend state.
So far I have made a script that monitors screensaver to lock/unmount
#!/bin/bash
dbus-monitor --session "type='signal',interface='org.mate.ScreenSaver'" |
while read x; do
case "$x" in
*"boolean true"*)
echo SCREEN_LOCKED, umounting private
ecryptfs-umount-private
kill -9 $(pgrep gnome-keyring-d)
kill -9 $(pgrep ssh-agent)
;;
*"boolean false"*) echo SCREEN_UNLOCKED;;
esac
done
and a simple shell script that enables them back
#!/bin/bash
# Read Password
echo -n Password for keyring:
read -s password
echo
# Run Command
echo -n $password | gnome-keyring-daemon -r --unlock --components=secrets,ssh
#--components=pkcs11,secrets,ssh
if mount |grep /home/kouzne/Private >/dev/null; then
echo /home/kouzne/Private already mounted!
else
printf "%s" "$password" | ecryptfs-insert-wrapped-passphrase-into-keyring
/sbin/mount.ecryptfs_private
fi
It works somewhat, but I need to run the unlock script manually, and sometimes keyring ends-up in unresponsive position (with 100% cpu usage by gnome-keyring-d).
Is there any way to feed the password I enter to unlock the screen to external programs and/or add custom hooks to screen lock-unlock?
Also any hint on possible reason for gnome-keyring-d misbehaving would be appreciated.
