Close tombs on hibernation / suspend #34
Comments
|
i agree. on my own system i do 'tomb close' in my hybernate/suspend wrapper already. preventing hibernation might be dangerous for overheating of batteries: imagine users slamming their laptop close and, assuming it hibernates, store it into a backpack.... |
|
there is a function for this in cryptsetup luksSuspend and luksRestore, see man cryptsetup |
|
In addition to a script in |
|
Any tip for examples or templates or existing scripts in distributions? I'd go for something already tested rather than reinvent the wheel here. |
|
An example for a systemd unit got posted in #310 |
Hibernating while a tomb is open is bad: it means that your key is written to disk.
We should close every tomb before hibernating.
This can be done using /etc/pm/sleep.d/99-tomb script which does this.
Also, if closing fails (because of pid locking it) we should choose between slamming and preventing hibernation.
Slamming is easier, but could be unintuitive for the user to "hibernate" and not finding his applications open on reboot.
Preventing hibernation seems to be possible, according to this post: http://askubuntu.com/questions/28328/how-can-i-disable-hibernate-completely-in-kubuntu
The text was updated successfully, but these errors were encountered: