Can I make the webcam take a picture when an incorrect password is entered?
I am using a laptop . I was thinking to have a support in my Ubuntu machine. When an incorrect password is entered, a picture is taken later revealing who has been trying to gain access.
I have searched around and the only thing I have found is stuff to do this on Macs. Is It possible to write a script for Ubuntu to do same .
If possible then what is a script or Software to make this happen.
Solution 1:
Based on this post on the Ubuntuforums by BkkBonanza.
This is an approach using PAM and will work for all failed login attempts. Using SSH, a virtual terminal or via the regular login screen, it doesn't matter as everything is handled by PAM in the end.
-
Install ffmpeg , we're going to use this as a command line way of grabbing the webcam images. Update: ffmpeg is removed when you upgrade to Ubuntu 14.04. We can use avconv in place of ffmpeg in the below script. No need to install anything separately.
-
Create a small script somewhere, e.g.
/usr/local/bin/grabpicture
with the following content:#!/bin/bash ts=`date +%s` ffmpeg -f video4linux2 -s vga -i /dev/video0 -vframes 3 /tmp/vid-$ts.%01d.jpg exit 0 #important - has to exit with status 0
Change the
/dev/video0
with the actual video device of your webcam and choose a path where the pictures are being saved - I just choose/tmp
. In the newer version of Ubuntu useavconv
instead offfmpeg
(sudo apt-get install libav-tools
). -
Make it executable, e.g.
chmod +x /usr/local/bin/grabpicture
. -
Test it, by just calling it:
/usr/local/bin/grabpicture
. Check if you see files appearing in/tmp/vid....jpg
. -
Configure PAM to call this on every failed attempt.
Note: do this carefully - if this fails you'll not be able to gain access to your system again in a regular way.
-
Open a terminal window with root access (
sudo -i
) and leave it open - just in case you screw up in the next steps. -
Open
/etc/pam.d/common-auth
in your favourite editor, e.g. by doinggksudo gedit /etc/pam.d/common-auth
. Keep in mind for the following steps that order of lines in this file matters. -
Locate the line below. By default there's one line before the one with
pam_deny.so
. On my 12.04 system it looks like this:auth [success=1 default=ignore] pam_unix.so nullok_secure
-
In this line change the
success=1
tosuccess=2
to have it skip our script on success. This is an important step If you failed this step see below how to recover (***). -
Right below there, add a new one to call the actual script:
auth [default=ignore] pam_exec.so seteuid /usr/local/bin/grabpicture
-
Save and close the file. No need to restart anything.
-
-
Test it.
- In a new terminal window, as regular user, try
su -l username
to log in as another user with usernameusername
(change with an actual one of course). Deliberately enter the wrong password. Check if this result in a new picture. - The same as above, but now enter the correct password. Check if you log in and it doesn't result in a picture being taken.
- In a new terminal window, as regular user, try
-
If the tests have succeeded you can log out from your DE (Unity/KDE/...) and you should see the same when entering a wrong password from the login screen.
(***) How to recover the system if you messed with /etc/pam.d/common-auth file:
- Reboot the computer
- At grub boot press "e" to edit
- Add
init=/bin/sh
to the line starting by "linux"
Mount the system with write access
mount -o remount,rw /
Edit the file and fix
vi /etc/pam.d/common-auth