On Fri, 2005-09-16 at 23:30 +0200, Maciej Jan Broniarz wrote:
> I would like to make my laptop more secure if someone would eventaully
> steal it. I have an encrypted filesystem where i store my files.
I have a dm-crypt homedir for my data, and a dm-crypt swap area that I
suspend into via suspend2. Works great. Via an initramfs I decrypt the
swap area and resume from it, no confidential data is ever stored
unencrypted on that machine.
> My second bright idea was to use pmud/pbbuttonsd, but i have no idea
> where to put my script. I've tried resume.d/my_script but it does not
> work.
I have a script hibernate in /etc/power/scripts.d/ that contains:
#!/bin/sh
# name : hibernate
# author : Johannes Berg <johannes@sipsolutions.net>
# description : hibernate using suspend2
# requirements: hibernate script in $PATH
# limitations : -
#
# --- end of public part -- don't change below this line ---
# source configuration
. pmcs-config
case "$1" in
suspend)
sync
hibernate
;;
esac
This script is symlinked to /etc/power/event.d/zz-hibernate (to ensure
it is called last). Additionally, I needed to set
CmdTimeout = 30
in pbbuttonsd.conf to make this work reliably.
I don't use vlock since a password is required to unencrypt the resume
area. You can find many many howtos on how to make an initrd to decrypt
at resume time, and the same usually works with initramfs. Beware that
usb has issues, so on a powerbook you need the usb modules in the
initramfs/initrd because it has a usb keyboard :)
johannes
Attachment:
signature.asc
Description: This is a digitally signed message part