When using cinnamon-screensaver-command --deactivate, the program shuts down the screensaver directly without prompting for a password. This is somewhat unexpected behaviour when compared to the help output, which states the following:
usage: cinnamon-screensaver-command [-h] [--exit] [--query] [--time] [--lock]
[--activate] [--deactivate] [--version]
[--away-message MESSAGE]
Cinnamon Screensaver Command
options:
-h, --help show this help message and exit
--exit, -e Causes the screensaver to exit gracefully
--query, -q Query the state of the screensaver
--time, -t Query the length of time the screensaver has been
active
--lock, -l Tells the running screensaver process to lock the
screen immediately
--activate, -a Turn the screensaver on (blank the screen)
--deactivate, -d If the screensaver is active then deactivate it (un-
blank the screen)
--version, -V Version of this application
--away-message MESSAGE, -m MESSAGE
Message to be displayed in lock screen
In particular, note that --deactivate is explained and clarified as intended to un-blank the screen, not exit the screensaver itself.
The current conflicting information and behaviour is rather confusing and can lead to security issues if the system administrator is unaware of the difference in expected behaviour.
Steps to reproduce
Lock your screen, either via hotkey or cinnamon-screensaver-command --lock
Go to another console (CTRL+ALT+F1)
Run cinnamon-screensaver-command --deactivate
Return to the graphical console (CTRL+ALT+F7)
Observe that the session is unlocked
Expected behavior
Based on the help output, I would expect --deactivate to merely unblank the screen and prompt the user for a password. I do not see any meaningful difference between calling --exit and --deactivate in the current behaviour, which suggests that this behaviour from --deactivate is not intentional.
Furthermore, the description in the command's help output is also consistent with other common similar commands, such as xscreensaver-command, where the actual behaviour is just an unblanking and not a full unlock.
Additional information
The main reason for wanting a way to explicitly deblank the screen in my case is that of smartcard authentication. It is desirable to wake up the screen on smartcard insertion without additional user input, and as it is, there is currently no way of doing this with Cinnamon.
I do realize that this behaviour has been around for a while now, and it may not be possible to change or correct it without breaking other assumptions. Adding an option to unblank the screen should, however, be considered in any case in order to properly support use cases like the one above.
Distribution
Mint 21.1
Package version
5.4.5
Graphics hardware in use
NVIDIA Corporation GK107GL [Quadro K2000]
Frequency
Always
Bug description
When using
cinnamon-screensaver-command --deactivate
, the program shuts down the screensaver directly without prompting for a password. This is somewhat unexpected behaviour when compared to the help output, which states the following:In particular, note that
--deactivate
is explained and clarified as intended to un-blank the screen, not exit the screensaver itself.The current conflicting information and behaviour is rather confusing and can lead to security issues if the system administrator is unaware of the difference in expected behaviour.
Steps to reproduce
cinnamon-screensaver-command --lock
cinnamon-screensaver-command --deactivate
Expected behavior
Based on the help output, I would expect
--deactivate
to merely unblank the screen and prompt the user for a password. I do not see any meaningful difference between calling--exit
and--deactivate
in the current behaviour, which suggests that this behaviour from--deactivate
is not intentional.Furthermore, the description in the command's help output is also consistent with other common similar commands, such as
xscreensaver-command
, where the actual behaviour is just an unblanking and not a full unlock.Additional information
The main reason for wanting a way to explicitly deblank the screen in my case is that of smartcard authentication. It is desirable to wake up the screen on smartcard insertion without additional user input, and as it is, there is currently no way of doing this with Cinnamon.
I do realize that this behaviour has been around for a while now, and it may not be possible to change or correct it without breaking other assumptions. Adding an option to unblank the screen should, however, be considered in any case in order to properly support use cases like the one above.