Hack 27. Make Applications Trigger On-Screen Alerts

Many applications can run a program when an event occurs. Use XOSD to make these alerts really grab your attention.

Many of the applications you use daily might give you the option of executing a program when an event occurs. The KMail email client, Jpilot personal information manager, and Swatch log-monitor program are three examples. Each hack in this section takes advantage of XOSD [Hack #26] .

4.7.1. KMail

If you use the KDE KMail email client, you can have KMail execute a program when new mail arrives. Here's how you can have KMail display the on-screen new-mail notification "You've got mail!" with XOSD.

First, you need to create a script that displays the on-screen alert "You've got mail!". KMail doesn't allow you to insert the entire echo and osd_cat command line, but it will execute a script that displays the message. Fire up your favorite editor, and enter this script into a file called ~/youhavemail. (This script executes from your home directory, so you don't need any special privileges for it to work.)

#!/bin/bash

# figure out which display we're currently using
# then export the DISPLAY environment variable

HOST="$(xrdb -symbols | grep SERVERHOST | cut -d= -f2)"
DISPLAYNUM="$(xrdb -symbols | grep DISPLAY_NUM | cut -d= -f2)"
THISDISPLAY=$HOST:$DISPLAYNUM.0

export DISPLAY=$THISDISPLAY

echo "You've got mail"'!' | osd_cat -s 2 -c yellow -p middle \
 -f -adobe-helvetica-bold-r-normal-*-*-240-*-*-p-*-*-* -d 30

The placement of various quotes in the text for the echo command looks a bit odd, doesn't it? Here's why. The bash shell interpreter will allow you to embed only a single quote in a string that is enclosed by double quotes. If the string "You've" wasn't isolated within double quotes, the echo command would report an error. In addition, the exclamation point (!) has a special meaning in bash. It refers to the command history (a recording of your most recent commands). In this case, you can display the exclamation point only if you surround it with single quotes. This creates a dilemma in the first part of our message because it requires double quotes, yet we have to surround the exclamation point with single quotes. The answer is simple. Break up the message into two parts, the main part surrounded by double quotes followed by the single exclamation point surrounded by single quotes. The echo command handles both strings as part of a single message.

Save your work and change the script to be executable:

$ chmod +x ~/youhavemail

Now follow these steps to configure KMail to execute the script when new mail arrives:

4.7.2. Jpilot

You can configure the Jpilot personal information manager (PIM) to run a script that displays an on-screen message when a scheduled event occurs. Fire up your favorite editor, and enter this script into a file called ~/jpilotalert. (This script executes from your home directory, so you don't need any special privileges for it to work.)

#!/bin/bash

# figure out which display we're currently using
# then export the DISPLAY environment variable

HOST="$(xrdb -symbols | grep SERVERHOST | cut -d= -f2)"
DISPLAYNUM="$(xrdb -symbols | grep DISPLAY_NUM | cut -d= -f2)"
THISDISPLAY=$HOST:$DISPLAYNUM.0

export DISPLAY=$THISDISPLAY

echo "You have an appointment scheduled for $1 $2"'!' | osd_cat -s 2 -c yellow 
-p middle \
 -f -adobe-helvetica-bold-r-normal-*-*-240-*-*-p-*-*-* -d 30

Here is how to set up Jpilot to execute this script and enter the date and time as part of the alert:

4.7.3. Swatch

Swatch is a program that monitors your system logs to watch for certain important keywords in one or more log files. If Swatch finds a keyword, perhaps a word or pattern that indicates someone might be trying to guess passwords and break into your network, Swatch will do whatever you tell it to do to issue the alert.

Normally, when Swatch issues an alert, it simply prints it to the screen where Swatch is running. Swatch can also send you an email alert, but if Swatch detected an attempted break-in, your network could be compromised by the time you check your email. This hack exploits the power of XOSD to give Swatch a better chance of grabbing your attention when something potentially serious is afoot.

Here is an example of how to set up Swatch to tell you when someone tries to log in, but fails (a possible indication that someone is trying to guess a password). Assume that the Swatch configuration file you are using is /root/.swatchrc, and the log file to be monitored is /var/log/auth.log, which, for some Linux distributions, is the file that records all login attempts. Here is just one section of a larger file called /root/.swatchrc, which looks for the word "failure" in /var/log/auth.log:

# Bad login attempts
watchfor  /failure/
  pipe "osd_cat -c magenta -p middle \
-f \"-*-arial black-*-*-*-*-48-*-*-*-*-*-*-*\" -d 60"

When Swatch finds a new log entry with the word "failure" in /var/log/auth.log, it prints the suspicious log entry on-screen by piping it through osd_cat, which makes the event almost impossible to miss if you're working at the computer. Note that we're using a smaller font than we used for the previous hacks. That's because Swatch messages can sometimes be lengthy, and you don't want to have the most important information hidden off-screen.