How can I run a script in linux that can access kwallet, before the system goes to sleep?
Here I give more details: I'm looking for a mechanism to execute a (user) script that runs before sleep/hibernate.
I initially tried a systemd
(system) service, WantedBy suspend.target
, hibernate.target
, and hybrid-sleep.target
.
The problem is that this service does not have access to kwallet
since it is a system service (actually kwallet requires the user dbus context).
The next idea was to run a systemd
user service. An user service has access to kwallet
, but cannot be tied to suspend.target
or any of the others mentioned before.
I've been later advised to use a logind
inhibitor hook. From what I read, this mechanism can be used by programs for inhibiting or delaying the transition to sleep mode, until some code is executed. Much like a lock. However, I do not find a tutorial or example that does this kind of hook with a simple bash script. I would appreciate if somebody, could point me to some article, or give an example of how could I do this.
CodePudding user response:
I've found a plausible solution for this problem, as suggested in the answer to this post.
The idea is to create systemd --user targets that are rised by listening to system events for sleep or lock, though dbus messages, and then use this targets to create another user service wanted by these targets. This has been implemented in this repository.
Initially, I was somewhat surprised by the absence of a systemd's native way to create user services wanted by system targets. But then, I realized my surprise was due to my ignorance of how systemd works. Systemd system services are executed by a single root process, while systemd user services run in separate user processes, and there is no straightforward way to link them together. With this understanding, the solution I found seams like a reasonable one.
I thank the people that read this post and gave a thought.
CodePudding user response:
Suggesting to read this manual page:
https://www.man7.org/linux/man-pages/man8/systemd-sleep.8.html
Especially this section:
Immediately before entering system suspend and/or hibernation
systemd-suspend.service (and the other mentioned units,
respectively) will run all executables in/usr/lib/systemd/system-sleep/
and pass two arguments to them. The first argument will be "pre", the second either "suspend", "hibernate", "hybrid-sleep", or "suspend-then-hibernate" depending on the chosen action. An environment variable called "SYSTEMD_SLEEP_ACTION" will be set and contain the sleep action that is processing. This is primarily helpful for "suspend-then-hibernate" where the value of the variable will be "suspend", "hibernate", or "suspend-after-failed-hibernate" in cases where hibernation has failed. Immediately after leaving system suspend and/or hibernation the same executables are run, but the first argument is now "post".All executables in this directory are executed in parallel, and execution of the action is not continued until all executables have finished.
root can runs scripts as other users
/tmp/test.sh
#!/bin/bash
echo "id: $(id)"
echo "home: $HOME"
echo "path: $PATH"
echo "logname: $(logname)"
echo "date: $(date)"
root runs /tmp/test.sh
as user u24
sudo -u u24 /tmp/test.sh
output:
id: uid=1000(u24) gid=1000(u24) groups=1000(u24),4(adm),190(systemd-journal) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
home: /home/u24
path: /sbin:/bin:/usr/sbin:/usr/bin
logname: root
date: Mon Jun 6 08:28:08 UTC 2022