yubikey-lock

#!/bin/bash

# #This script requires the screenlock_yubikey service:
#
# mkdir -p ~/.config/systemd/user/ ~/.config/systemd/user/multi-user.target.wants
# cat << EOF >> ~/.config/systemd/user/screenlock_yubikey.service
# [Unit]
# Description=Run screenlock after a Yubikey is unplugged.
# After=graphical.target
#
# [Service]
# Type=simple
# Environment=DISPLAY=:0
# ExecStartPre=/data/git/alex/scripts/backgroundchooser --dir /data/backgrounds --link /tmp/background.png
# ExecStart=/usr/bin/i3lock -n -t -i /tmp/background.png -c 000000
#
# [Install]
# WantedBy=multi-user.target
# EOF
# systemctl --user enable screenlock_yubikey

# Test: systemctl --user start screenlock_yubikey

# #And:
# cat << EOF |sudo tee /etc/udev/rules.d/99-yubikey-autolock.rules
# ACTION=="remove", ENV{ID_VENDOR}=="Yubico", RUN+="/data/git/alex/scripts/yubikey-lock"
# EOF
# sudo udevadm control --reload && sleep 1 && sudo /etc/init.d/udev restart

USER="alex"
HOTKEY="KEY_LEFTSHIFT"

kbd_devices=`egrep '^H:.* kbd ' /proc/bus/input/devices | sed 's/.*event\([0-9]\+\).*/event\1/'`
for event_dev in $kbd_devices; do
  evtest --query /dev/input/$event_dev EV_KEY $HOTKEY
  if [[ "$?" != "0" ]]; then
	  exit 0
  fi
done

if [ -z "$(/bin/pidof Xorg)" ]
then
  /usr/bin/systemd-cat -t "yubikey-screen_lock-trigger" /bin/echo "YUBIKEY REMOVED - LOCK NOT ACTIVATED (X session absent)"
elif [ -z "$(/usr/bin/lsusb | /bin/grep Yubikey)" ]; then
  /usr/bin/systemd-cat -t "yubikey-screen_lock-trigger" /bin/echo "YUBIKEY REMOVED - SCREEN LOCK ACTIVATED"
  /bin/su -c 'systemctl --user start screenlock_yubikey' $USER
fi