You are not logged in.
Hi! I'd like to know what is the best way to lock luks device after certain time of inactivity. I do nothing about scripting but I think I need somehow with lsof or similar app make sure that no file in that disk is used. The script would then send luksClose signal to the specific disk and then no one is able to use that disk without prompting a passphrase. I would really appreciate your help.
kmh
Offline
Here's a dirty way to do it;
#!/bin/bash
LUKS=/mnt/luks
while [ 1 ]; do
if [ $(lsof $LUKS | wc -l) -eq 0 ]; then
# Insert "cryptsetup luksClose /dev/mapper/..." here.
exit
else
sleep 30
fi
doneMy initial thought was to check the block device's access / modification times. However on my system, these are only updated when the device is mounted, so it's not useful to kmh. Hope this helps.
Edit: I think lsof will stay open if you have open sockets or pipes in your directory, so that could be an issue.
Last edited by vkumar (2014-03-13 19:54:10)
div curl F = 0
Offline
The above checks lsof every 30 seconds;
-) if it's been only inactive for half a second at exactly that point, it'll close it.
-) You can `while sleep 30;`
Systemd doesn't seem to have this exact behavior. Autofs does though, it has a timeout option. (Systemd's StopWhenUnneeded is for when services don't need it, and its timeout option is for how long to wait before giving up trying to mount it.)
Now I wonder if autofs can also trigger a command after unmounting...
Edit:
You can use the intofiy-tool's package's inotifywait to wait for an unmount event.
Last edited by Blµb (2014-03-14 09:52:59)
You know you're paranoid when you start thinking random letters while typing a password.
A good post about vim
Python has no multithreading.
Offline