Taking a picture with a laptop webcam after entering an incorrect password
Copied this post on ask Ubuntu by gertvdijk, pointed out by mazs in the comments. In the effort of closing this question.
Based on this post on the Ubuntuforums by BkkBonanza.
This is an approach using PAM and will work for all failed login attempts. Using SSH, a virtual terminal or via the regular login screen, it doesn't matter as everything is handled by PAM in the end.
Install ffmpeg, we're going to use this as a command line way of grabbing the webcam images. Update: ffmpeg is removed when you upgrade to Ubuntu 14.04. We can use avconv in place of ffmpeg in the below script. No need to install anything separately.
-
Create a small script somewhere, e.g.
/usr/local/bin/grabpicture
with the following content#!/bin/bash ts=`date +%s` ffmpeg -f video4linux2 -s vga -i /dev/video0 -vframes 3 /tmp/vid-$ts.%01d.jpg exit 0 #important - has to exit with status 0
Change the /dev/video0 with the actual video device of your webcam and choose a path where the pictures are being saved - I just choose
/tmp
. In the newer version of Ubuntu useavconv
instead offfmpeg
(sudo apt-get install libav-tools
). Make it executable, e.g.
chmod +x /usr/local/bin/grabpicture
.Test it, by just calling it:
/usr/local/bin/grabpicture
. Check if you see files appearing in/tmp/vid....jpg
.-
Configure PAM to call this on every failed attempt.
Note: do this carefully - if this fails you'll not be able to gain access to your system again in a regular way.
- Open a terminal window with root access (sudo -i) and leave it open - just in case you screw up in the next steps.
Open
/etc/pam.d/common-auth
in your favourite editor, e.g. by doinggksudo gedit /etc/pam.d/common-auth
. Keep in mind for the following steps that order of lines in this file matters.-
Locate the line below. By default there's one line before the one with
pam_deny.so
. On my 12.04 system it looks like this:auth [success=1 default=ignore] pam_unix.so nullok_secure
In this line change the success=1 to success=2 to have it skip our script on succes. This is an important step.
-
Right below there, add a new one to call the actual script:
auth [default=ignore] pam_exec.so seteuid /usr/local/bin/grabpicture
Save and close the file. No need to restart anything.
-
Test it.
- In a new terminal window, as regular user, try
su -l username
to log in as another user with usernameusername
(change with an actual one of course). Deliberately enter the wrong password. Check if this result in a new picture. - The same as above, but now enter the correct password. Check if you log in and it doesn't result in a picture being taken.
- In a new terminal window, as regular user, try
If the tests have succeeded you can log out from your DE (Unity/KDE/...) and you should see the same when entering a wrong password from the login screen.
Related videos on Youtube
Petr
Updated on September 18, 2022Comments
-
Petr over 1 year
I'd like to set up my laptop so that if a wrong password is entered when the screen is locked, a picture is taken using the laptop's webcam. I examined
xlock
(from xlockmore package), but there is no option to run a customized action when a wrong password is entered.There is a similar question on SuperUser, but only targets Windows: Taking a picture after entering wrong password.
(For those who like funny cat photos: My laptop is set up to take a picture after 3 incorrect password attempts.)
-
Admin almost 8 yearsHave you checked this github.com/jeroennijhof/pam_script
-
Admin almost 8 yearsyou might have an answer here as well askubuntu.com/questions/253189/…
-
Admin almost 8 years@mazs Thanks, that's more or less what I was looking for.
-
Admin about 4 yearsNow I understand why all those hacker guys are working in hoodies in a dark room.
-