wymiller/nur
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
a81f667f946b6d91bf212d91ed1e9fa491340f5b
nur/pkgs/linux/yubilock/yubilock.sh

34 lines
1.0 KiB
Bash
Raw Normal View History

add: yubilock nix package
2026-05-29 15:44:32 -04:00
#!/bin/bash
SESSIONS=($(loginctl list-sessions --no-legend | awk '{ print $1 }'))
for SESSION_ID in "${SESSIONS[@]}"
do
USERNAME=$(loginctl show-session ${SESSION_ID} -p Name --value)
SESSION_TYPE=$(loginctl show-session ${SESSION_ID} -p Type --value) # should be x11 or wayland
SESSION_LOCKED=$(loginctl show-session ${SESSION_ID} -p LockedHint --value) # yes/no
USER_DIR=$(getent passwd "$USERNAME" | cut -d: -f6)
KEY_FILE="$USER_DIR/.yubikeys"
if ! [[ "$SESSION_TYPE" == "x11" || "$SESSION_TYPE" == "wayland" ]]; then
continue
fi
if ! [ -e "$KEY_FILE" ]; then
continue
fi
MATCHING_KEYS=$(comm -12 <(ykman list --serials | sort) <(sort $KEY_FILE))
if [[ $MATCHING_KEYS == "" ]]; then
if [[ $SESSION_LOCKED == "no" ]]; then
logger "All YubiKeys Removed ($USERNAME)"
loginctl lock-session ${SESSION_ID}
fi
else
if [[ $SESSION_LOCKED == "yes" ]]; then
logger "YubiKey Found, Unlocking ($USERNAME)"
loginctl activate ${SESSION_ID}
loginctl unlock-session ${SESSION_ID}
fi
fi
done
Reference in New Issue Copy Permalink