Git-Mirrors/security-misc
1
0
Fork 0
mirror of https://github.com/Kicksecure/security-misc.git synced 2025-11-25 23:27:27 -05:00
Code Issues Projects Releases Packages Wiki Activity

emerg-shutdown: fix the hang-on-shutdown bug, add autodetection of new keyboards, shutdown key configuration, and instant shutdown option

Browse source
This commit is contained in:
Aaron Rainbolt 2025-07-28 20:42:14 -05:00
parent a1d1c56033
commit e42078e90d
No known key found for this signature in database
GPG key ID: A709160D73C79109
5 changed files with 153 additions and 20 deletions
Download patch file Download diff file Expand all files Collapse all files

58
usr/libexec/security-misc/emerg-shutdown
View file

@ -3,25 +3,49 @@
# Copyright (C) 2025 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
# See the file COPYING for copying conditions.
gcc \
-o \
/run/emerg-shutdown \
-static \
/usr/src/security-misc/emerg-shutdown.c \
|| {
printf "%s\n" 'Could not compile force-shutdown executable!'
exit 1;
}
set -o errexit
set -o nounset
set -o errtrace
set -o pipefail
readarray -t root_devices < <(/usr/libexec/helper-scripts/get-backing-devices-for-mountpoint '/');
## Make sure globs sort in a predictable, reproducible fashion
export LC_ALL=C
## memlockd daemonizes itself, so no need to background it
memlockd -c /usr/share/security-misc/security-misc-memlockd.cfg
## Read emergency shutdown key configuration
for config_file in /etc/security-misc/emerg-shutdown/*.conf; do
source "${config_file}"
done
if [ -z "${EMERG_SHUTDOWN_KEYS}" ]; then
## Default to Ctrl+Alt+Delete if nothing else is set
EMERG_SHUTDOWN_KEYS="KEY_LEFTCTRL|KEY_RIGHTCTRL,KEY_LEFTALT|KEY_RIGHTALT,KEY_DELETE"
fi
## Find the devices that make up the root device
readarray -t root_devices < <(/usr/libexec/helper-scripts/get-backing-devices-for-mountpoint '/') || true;
if [ "${#root_devices[@]}" = '0' ] \
|| [ "${root_devices[0]}" == '' ]; then
## /dev/sda1 might be the right one...
root_devices[0]='/dev/sda1'
fi
## Build the actual emerg-shutdown executable
if [ ! -f '/run/emerg-shutdown' ]; then
gcc \
-o \
/run/emerg-shutdown \
-static \
/usr/src/security-misc/emerg-shutdown.c \
|| {
printf "%s\n" 'Could not compile force-shutdown executable!'
exit 1;
}
fi
## memlockd daemonizes itself, so no need to background it.
memlockd -c /usr/share/security-misc/security-misc-memlockd.cfg || true
## Launch emerg-shutdown
OLDIFS="$IFS"
IFS=','
/run/emerg-shutdown "--devices=${root_devices[*]}" '--keys=KEY_LEFTCTRL|KEY_RIGHTCTRL,KEY_LEFTALT|KEY_RIGHTALT,KEY_DELETE' &
IFS="$OLDIFS"
sleep 1
disown
exit 0
/run/emerg-shutdown "--devices=${root_devices[*]}" "--keys=${EMERG_SHUTDOWN_KEYS}"