I am using a laptop . I was thinking to have a support in my Ubuntu machine. When an incorrect password is entered, a picture is taken later revealing who has been trying to gain access.
I have searched around and the only thing I have found is stuff to do this on Macs. Is It possible to write a script for Ubuntu to do same .
If possible then what is a script or Software to make this happen.
Best Answer
Based on this post on the Ubuntuforums by BkkBonanza.
This is an approach using PAM and will work for all failed login attempts. Using SSH, a virtual terminal or via the regular login screen, it doesn't matter as everything is handled by PAM in the end.
Install ffmpeg , we're going to use this as a command line way of grabbing the webcam images. Update: ffmpeg is removed when you upgrade to Ubuntu 14.04. We can use avconv in place of ffmpeg in the below script. No need to install anything separately.
Create a small script somewhere, e.g.
/usr/local/bin/grabpicture
with the following content:Change the
/dev/video0
with the actual video device of your webcam and choose a path where the pictures are being saved - I just choose/tmp
. In the newer version of Ubuntu useavconv
instead offfmpeg
(sudo apt-get install libav-tools
).Make it executable, e.g.
chmod +x /usr/local/bin/grabpicture
.Test it, by just calling it:
/usr/local/bin/grabpicture
. Check if you see files appearing in/tmp/vid....jpg
.Configure PAM to call this on every failed attempt.
Note: do this carefully - if this fails you'll not be able to gain access to your system again in a regular way.
Open a terminal window with root access (
sudo -i
) and leave it open - just in case you screw up in the next steps.Open
/etc/pam.d/common-auth
in your favourite editor, e.g. by doinggksudo gedit /etc/pam.d/common-auth
. Keep in mind for the following steps that order of lines in this file matters.Locate the line below. By default there's one line before the one with
pam_deny.so
. On my 12.04 system it looks like this:In this line change the
success=1
tosuccess=2
to have it skip our script on success. This is an important step If you failed this step see below how to recover (***).Right below there, add a new one to call the actual script:
Save and close the file. No need to restart anything.
Test it.
su -l username
to log in as another user with usernameusername
(change with an actual one of course). Deliberately enter the wrong password. Check if this result in a new picture.If the tests have succeeded you can log out from your DE (Unity/KDE/...) and you should see the same when entering a wrong password from the login screen.
(***) How to recover the system if you messed with /etc/pam.d/common-auth file:
to the line starting by "linux"
Mount the system with write access
Edit the file and fix