#!/bin/bash # DISCLAIMER : It is recomended to test this script on a test machine. # ManageEngine will not be responsible for any # damage/loss to the data/setup based on the behavior of the script. # # DESCRIPTION : Script to lock idle screen # # ARGUMENT(S): # # 1) To lock idle screen # # ARGUMENT FORMAT: # EXAMPLE : 5 # # # RETURN VALUE MEANING # # 0 Lock rule added sucessfully. # 1 Error while adding Lock rule. # 2 Invalid arguments. # # IMPORTANT NOTE: # The changes will be in affect after next login or reboot. # This script requires the dconf package installed in the machine. # If dconf package is not installed , Kindly install dconf and proceed with the script. # To see the script output, Kindly enable the option Enable logging in Troubleshooting while deploying configuration. errorCode=2 errorFunc() { exit $errorCode } for ip in 1; do euid=$(id -u) #check root access if [ $euid -ne 0 ]; then echo "This script must be run as root" break fi if [ $# -ne 1 ]; then echo "Incorrect Usage : Arguments mismatch." echo "Refer ARGUMENT(S) section in the script." break fi t=$1 if [ $t -lt 1 ]; then echo "Idle time should be greater then 0" break fi time=$(($t * 60)) rule="" errorCode=0 policy_file="/etc/dconf/db/local.d/99_dcpolicy" user_file="/etc/dconf/profile/user" locks_file="/etc/dconf/db/local.d/locks/99_dcpolicy" if [ ! -e /etc/dconf/profile ]; then mkdir -p /etc/dconf/profile fi if [ ! -e $user_file ]; then touch $user_file fi if [ ! -e /etc/dconf/db/local.d ]; then mkdir -p /etc/dconf/db/local.d fi if [ ! -e $policy_file ]; then touch $policy_file fi if [ ! -e /etc/dconf/db/local.d/locks ]; then mkdir -p /etc/dconf/db/local.d/locks fi if [ ! -e $locks_file ]; then touch $locks_file fi cat $policy_file | grep -v '^\s*#' | grep org/gnome/desktop/screensaver >/dev/null 2>&1 if [ $? -ne 0 ]; then echo "[org/gnome/desktop/screensaver] " >>$policy_file fi cat $policy_file | grep -v '^\s*#' | grep lock-enabled >/dev/null 2>&1 if [ $? -ne 0 ]; then rule="lock-enabled=true" line=$(grep -nv '^\s*#' $policy_file | grep org/gnome/desktop/screensaver | head -n 1) num=$(echo $line | sed 's/:.*//') n=$(($num + 1)) echo "Line:$n" sed -i "$n i $rule" "$policy_file" if [ $? -eq 0 ]; then echo "Screen lock enable rule added to file" else echo "Error while adding rule" errorCode=1 break fi fi cat $policy_file | grep -v '^\s*#' | grep org/gnome/desktop/session >/dev/null 2>&1 if [ $? -ne 0 ]; then echo "[org/gnome/desktop/session] " >>$policy_file fi cat $policy_file | grep -v '^\s*#' | grep idle-delay >/dev/null 2>&1 if [ $? -ne 0 ]; then rule="idle-delay=uint32 $time" line=$(grep -nv '^\s*#' $policy_file | grep org/gnome/desktop/session | head -n 1) num=$(echo $line | sed 's/:.*//') n=$(($num + 1)) echo "Line:$n" sed -i "$n i $rule" "$policy_file" if [ $? -eq 0 ]; then echo "Idle time rule added to file" else echo "Error while adding rule" errorCode=1 break fi else rule="idle-delay=uint32 $time" line=$(grep -nv '^\s*#' $policy_file | grep idle-delay | head -n 1) num=$(echo $line | sed 's/:.*//') echo "Line:$num" sed -i "$num s/idle-delay.*/$rule/" "$policy_file" if [ $? -eq 0 ]; then echo "Idle time rule added to file" else echo "Error while adding rule" errorCode=1 break fi fi cat $locks_file | grep -v '^\s*#' | grep /org/gnome/desktop/screensaver/lock-enabled >/dev/null 2>&1 if [ $? -ne 0 ]; then echo "/org/gnome/desktop/screensaver/lock-enabled" >>$locks_file fi cat $locks_file | grep -v '^\s*#' | grep /org/gnome/desktop/session/idle-delay >/dev/null 2>&1 if [ $? -ne 0 ]; then echo "/org/gnome/desktop/session/idle-delay" >>$locks_file fi cat $user_file | grep "user-db:user" >/dev/null 2>&1 if [ $? -ne 0 ]; then echo "user-db:user" >>$user_file fi cat $user_file | grep "system-db:local" >/dev/null 2>&1 if [ $? -ne 0 ]; then echo "system-db:local" >>$user_file fi dconf update if [ $? -eq 0 ]; then echo "Idle lock screen rule added successfully" else echo "Error while adding Idle lock screen rule" errorCode=1 break fi done errorFunc