| # Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
| # Use of this source code is governed by a BSD-style license that can be |
| # found in the LICENSE file. |
| |
| description "Determine whether to allow certain keyboard hotkey sequences" |
| author "chromium-os-dev@chromium.org" |
| |
| # This job determines whether to enable the console hotkeys for VT |
| # switching and for 'sysrq'. |
| # |
| # The start conditions below means that in normal operation, this |
| # job runs twice at boot: once when starting the session manager, |
| # and once more after the failsafe delay. Additionally, the job |
| # runs every time the login screen is presented after logging out. |
| # The job as written is safe to run as often as needed. |
| # |
| # The start conditions are necessary as written: The initialization |
| # for the 'ui' job clobbers /var/run/state, so this job must re-run |
| # every time we restart the user session. Additionally, if the |
| # session fails to start, we need the failsafe behavior so we can |
| # have access to the VT console for debugging. |
| # |
| start on login-prompt-visible or starting failsafe |
| |
| script |
| # The X server for Chromium OS recognizes this file path as |
| # indicating whether VT console switching key sequences are |
| # to be honored or ignored. |
| STATE_DIR=/var/run/state |
| ALLOW_VT_SWITCHING=${STATE_DIR}/allow-vt-switching |
| |
| # Disallow the key sequence for VT console switching and only |
| # allow the 'x' sysrq key, unless this is a "developer system". |
| # We define "developer system" as either a) a system with the |
| # developer hardware switch set on, or b) a system with a shared |
| # user password set (meaning it's possible to log in on a VT |
| # console). |
| if crossystem "cros_debug?1" || |
| grep -q '^chronos:[^*]' /etc/shadow; then |
| # developer end-user - allow the keys |
| mkdir -p $STATE_DIR |
| touch $ALLOW_VT_SWITCHING |
| echo 1 > /proc/sys/kernel/sysrq |
| else |
| # consumer end-user - disallow VT switching and only allow |
| # the sysrq 'x' key. |
| rm -f $ALLOW_VT_SWITCHING |
| echo 0x1000 > /proc/sys/kernel/sysrq |
| fi |
| end script |