BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Power Management and Encryption

Subject: Power Management and Encryption
From: me-5yx05kfkO/aqeI1yJSURBw at public.gmane.org (Matthew Gillen)
Date: Tue, 18 May 2010 08:40:14 -0400
In-reply-to: <AANLkTikAL3turYvzTI5m9JEWlO5SrTf72sNEge2M1SCk-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
References: <Pine.GSO.4.64.1005171643250.5854@nber6.nber.org> <4BF1E900.3060908@mattgillen.net> <AANLkTikAL3turYvzTI5m9JEWlO5SrTf72sNEge2M1SCk@mail.gmail.com>

On 05/17/2010 11:57 PM, Bill Bogstad wrote:
> On Mon, May 17, 2010 at 9:10 PM, Matthew Gillen <me-5yx05kfkO/aqeI1yJSURBw at public.gmane.org> wrote:
>> On 5/17/2010 4:50 PM, Daniel Feenberg wrote:
>>>
>>> We have a desktop Fedora 12 box with encrypted disks. This satisfies a
>>> government agency worried about confidential data on the machine, but I
>>> would like the data to revert to encrypted after X minutes of idle time.
>>> The gnome-power-management GUI only provides for "sleeping" on idle and I
>>> can't find the appropriate configuration files to improve on that, such as
>>> by shutting down. I did test and found that one only needs input the Linux
>>> password to gain access to the disk after sleeping, although if sleeping
>>> could suitably unmount the encrypted disks, that would be fine also. (It
>>> might be hard since it is full disk encryption, including the OS).
>>
>> To unmount your root fs, you'd essentially need to shutdown.  To do
>> that, you'll have to tweak gconf2.  Note, I haven't tried this myself,
>> but it looks like it should work ;-)
>>  Use either gconftool-2 or the gui editor to change the value of the key
>>  /apps/gnome-power-manager/actions/sleep_type_ac
>>  from 'suspend' to 'shutdown'.
> 
> On my Ubuntu 9.10 system, the description for that key only mentions
> hibernate, suspend, and nothing as possible values.
> This is using gconf-editor.   The critical_* keys add shutdown as a
> legal value.   Is the schema incomplete for the sleep_type_* keys or
> was shutdown added with more recent versions of gnome-power-manager?

No, I just didn't look at the schema.  I assumed since other keys in that
directory allowed 'shutdown' as a value, the sleep_type_ac would too.  Alas:
    <schema>
      <key>/schemas/apps/gnome-power-manager/actions/sleep_type_ac</key>
      <applyto>/apps/gnome-power-manager/actions/sleep_type_ac</applyto>
      <type>string</type>
      <default>suspend</default>
      <gettext_domain>gnome-power-manager</gettext_domain>
      <locale name="C">
        <short>Whether to hibernate, suspend or do nothing when inactive</short>
        <long>The type of sleeping that should be performed when the computer
is inactive. Possible values are "hibernate", "suspend" and "nothing".</long>
      </locale>
    </schema>

So my original suggestion won't work.  You could try setting the
 /schemas/apps/gnome-power-manager/buttons/suspend
key's value to 'shutdown' (that is a legal value for that key, the question is
whether it treats all suspend events as 'suspend button' pushes).

If all else fails, this page might help you to customize HAL's actions when it
gets told to suspend:
 http://chkno.net/hal-power-button.html

HTH,
Matt

References:
- Power Management and Encryption
  - From: feenberg-fCu/yNAGv6M at public.gmane.org (Daniel Feenberg)
- Power Management and Encryption
  - From: me-5yx05kfkO/aqeI1yJSURBw at public.gmane.org (Matthew Gillen)
- Power Management and Encryption
  - From: bogstad-e+AXbWqSrlAAvxtiuMwx3w at public.gmane.org (Bill Bogstad)

Prev by Date: Comcast encrypts extended basic channels
Next by Date: Asynchronous File I/O on Linux
Previous by thread: Power Management and Encryption
Next by thread: Power Management and Encryption
Index(es):
- Date
- Thread


BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Boston Linux & Unix / webmaster@blu.org