FreeBSD Desktop – Part 10 – Key Components – Locking Solution

In the Part 10 of the FreeBSD Desktop series I would like to describe key components of self made custom desktop environment such as:

  • Window Manager
  • Status Bar
  • Task Bar
  • Wallpaper Handling
  • Application Launcher
  • Keyboard/Mouse Shortcuts
  • Locking Solution
  • Blue Light Spectrum Suppress

Today we will focus on the sixth part – the Locking Solution. In the next series each of these components configuration would also be described along with eventual needed scripts.

You may want to check other articles in the FreeBSD Desktop series on the FreeBSD Desktop – Global Page where you will find links to all episodes of the series along with table of contents for each episode’s contents.

While screen locking feature is obvious for popular operating systems like Mac OS X (macOS) and Windows (or complete desktop environments such as KDE Plasma) its not when you build your desktop environment from the ground up. Similarly like in Part 9 about Keyboard/Mouse Shortcuts I will describe what light solutions will work here instead of focusing on all available solutions and choosing the best ones from them.

The tools we will embrace in this process are:

  • mate-screensaver
  • xlock
  • xautolock

The roles of mate-screensaver and xlock are redundant but we will keep xlock as fallback when mate-screensaver will fail for some reason. For example after upgrade some library may not be available (or will be present but in different version or filename) so mate-screensaver will fail and then xlock will take the role to securely lock the screen.

The xautolock will be used to automatically lock the screen (invoke mate-screensaver or xlock command) after defined period of inactivity time, for example when You would forgot to lock the screen and left the laptop ‘open’ to the World. πŸ™‚


From all the nice looking solutions providing screen lock on the X11 I found mate-screensaver the best choice for this task. By default it does not display any fancy screensaver, just plain old blank screen, which is good for laptops, saves battery time.


The mate-screensaver has to be started and run in the background with, well mate-screensaver command – placed somewhere in the ~/.xinitrc or ~/.xsession file. Then we would be able to invoke mate-screensaver-command --lock command to make the actual screen lock.


When mate-screensaver will not be available or functional we will use xlock as failover solution.

Its not very pretty and does not support FreeType fonts, but with clean or fixed font face its not that bad either, as they are quite nice and usable bitmap fonts.

The xlock tool appearance can be configured by specifying arguments. Below you will find example configuration with gray background and clean bitmap font.

% xlock \
    -mode blank \
    -planfont '-*-clean-*-*-*-*-*-*-*-*-*-*-iso8859-2' \
    -font     '-*-clean-*-*-*-*-*-*-*-*-*-*-iso8859-2' \
    -username 'USERNAME: ' \
    -password 'PASSWORD: ' \
    -background gray30 \
    -dpmsoff 1 \
    -message ' ' \
    -info ' '

Here is how it looks after configuration.



We have addressed the on demand screen locking case but now we also need to make sure, that our screen will automatically lock after some period of time while we are away from the computer. Small utility called xautolock does exactly that and does it very efficiently.

Example invocation is presented below.

% xautolock \
    -time 1 \
    -locker \
    ~/bin/ \

The xautolock also has to be started and run in the background using the ~/.xinitrc or ~/.xsession file.

UPDATE 1 – Nice Looking xlock Configuration

After messing with xlock(1) little more I found a way to make it look a lot better. One of the reasons to use xlock(1) may be the mate-screensaver(1) memory footprint. While xlock(1) uses about 8 MB RAM the mate-screensaver(1) uses more them 5 times more which can be seen in the FreeBSD’s top(1) command output below.

55861 vermaden      4  33    0    65M    48M select   0   0:01   0.00% mate-screensaver
33761 vermaden      1  32   10    18M  8256K select   1   0:00   0.00% xlock

This 48 MB of RAM is more then entire openbox(1) and tint2(1) desktop ‘stack’.

42629 root          3  21    0    88M    56M select   0   1:34   0.00% Xorg
55861 vermaden      4  33    0    65M    48M select   0   0:01   0.00% mate-screensaver
70890 vermaden      1  20    0    53M    26M select   0   0:03   0.00% openbox
82040 vermaden      1  20    0    37M    21M select   1   0:01   0.00% tint2
89833 vermaden      1  20    0    18M  8908K select   0   0:00   0.00% dzen2
33761 vermaden      1  32   10    18M  8256K select   1   0:00   0.00% xlock
43585 root          1  28    0    17M  7700K wait     0   0:00   0.00% xdm
24399 vermaden      1  20    0    17M  6900K nanslp   1   0:03   0.00% redshift
42014 root          1  35    0    14M  4560K pause    0   0:00   0.00% xdm
74897 vermaden      1  20    0    13M  3720K select   1   0:01   0.00% xbindkeys

The new locking script is available on GitHub page – – here.

Here is the new xlock(1) config along with new more readable fixed font.

  xlock \
    -mode image \
    -planfont "${FONT}" \
    -font     "${FONT}" \
    -username 'user: ' \
    -password 'pass:' \
    -info ' ' \
    -validate 'Checking.' \
    -invalid 'Nope. ' \
    -background gray20 \
    -foreground gray60 \
    -dpmsoff 1 \
    -icongeometry 64x64 \
    -echokeys \
    -echokey '*' \
    -bitmap /home/vermaden/.icons/vermaden/xlock.xpm \
    -count 1 \
    -delay 10000000 \
    -erasemode no_fade \
    +showdate \

The used above bitmap is also available on GitHub page – xlock.xpm – here.

Its just my logo on the black background, but You may of course use your own image/logo on black (#000000) background.


Now when screen is locked with xlock(1) it looks like that image below. It also quite fast does into DPMS off mode which means turned off screen for more battery life.


When you will want to enter the password to unlock the screen it will look like that.


I liked it so much that I have disabled mate-screensaver(1) entirely πŸ™‚


28 thoughts on “FreeBSD Desktop – Part 10 – Key Components – Locking Solution

  1. Pingback: FreeBSD Desktop – Part 11 – Key Components – Blue Light Spectrum Suppress | vermaden

  2. Pingback: FreeBSD Desktop – Part 12 – Configuration – Openbox | vermaden

  3. Pingback: FreeBSD Desktop – Part 13 – Configuration – Dzen2 | vermaden

  4. Pingback: FreeBSD desktop (10) | 0ddn1x: tricks with *nix

  5. Pingback: FreeBSD Desktop – Part 14 – Configuration – Tint2 | vermaden

  6. Pingback: FreeBSD Desktop – Part 9 – Key Components – Keyboard/Mouse Shortcuts | vermaden

  7. Pingback: FreeBSD Desktop – Part 7 – Key Components – Wallpaper Handling | vermaden

  8. Pingback: FreeBSD Desktop – Part 8 – Key Components – Application Launcher | vermaden

  9. Pingback: FreeBSD Desktop – Part 6 – Key Components – Task Bar | vermaden

  10. Pingback: FreeBSD Desktop – Part 5 – Key Components – Status Bar | vermaden

  11. Pingback: FreeBSD Desktop – Part 4 – Key Components – Window Manager | vermaden

  12. Pingback: FreeBSD Desktop – Part 15 – Configuration – Fonts & Frameworks | vermaden

  13. Pingback: FreeBSD Desktop – Part 1 – Simplified Boot | vermaden

  14. Pingback: FreeBSD Desktop – Part 2 – Install | vermaden

  15. Pingback: FreeBSD Desktop – Part 3 – X11 Window System | vermaden

  16. Pingback: FreeBSD Desktop – Part 16 – Configuration – Pause Any Application | vermaden

  17. Pingback: FreeBSD Desktop – Part 17 – Automount Removable Media | πŸ†…πŸ…΄πŸ†πŸ„ΌπŸ„°πŸ„³πŸ…”πŸ…

  18. Pingback: FreeBSD Desktop – Part 2.1 – Install FreeBSD 12 | πšŸπšŽπš›πš–πšŠπšπšŽπš—

  19. Pingback: FreeBSD Desktop – Part 18 – Global Dashboard | πšŸπšŽπš›πš–πšŠπšπšŽπš—

  20. Friso Gorter

    I have a little mod for your XDM write-up, for those of us who having the comfort of a “Reboot” / “Shutdown” buttons on the XDM login screen.

    Add to Xsetup_0:

    xsetroot -solid black
    xmessage -buttons Shutdown:20,Reboot:21 "" -geometry 228x36-10-10 '' -bg black -fg white ;
    case $? in
     exec /sbin/poweroff;;
     exec /sbin/reboot;;
     #echo "Xmessage closed on `date` or add some other babble if you like";;

    This results in two ‘buttons’ at the bottom right of the screen, as per the geometry provided. These buttons have an oval shape. If one is neurotic about the rounded shapes, you can have rectangular ‘buttons’, by adding to (in /usr/local/etc/X11/xdm/) Xresources:

    Add to Xresources:

    .Xmessage.form.Command.shapeStyle:	rectangle 




  21. DF

    I know this post has been here for quite some time and you might not see this comment, but what is your solution to waking up the laptop from standby/hibernate with the screen locked?
    Currently if I
    – close the lid
    – use zzz/ZZZ command
    my system’s unlocked screen is preserved. So when someone wakes it up, they have access to my user’s session.
    Any ideas?


    1. vermaden Post author


      I have notifications for all comments that are new so do not worry πŸ™‚

      I have quite different ‘lock’ scenarios because I do not like if laptop goes to sleep/suspend when I close the laptop lid – so when I close it – nothing happens.

      I sleep/suspend my laptop with [CTRL]+[SUPER]+[ALT]+[L] shortcut and then close the lid.

      That means everytime I open the lid and laptop wakes up it has screen locked with xlock(1) command.

      It is taken care of by this script:

      But … if you want to have your system locked when you just close the lid – then I would try using the /etc/rc.suspend script and add there something like that:

        env DISPLAY=:0.0 \
          xlock \
          -mode image \
          -planfontset "${FONT}" \
          -fontset     "${FONT}" \
          -username 'user: ' \
          -password 'pass:' \
          -info ' ' \
          -validate 'Checking.' \
          -invalid 'Nope. ' \
          -background gray20 \
          -foreground gray60 \
          -dpmsoff 1 \
          -icongeometry 64x64 \
          -echokeys \
          -echokey '*' \
          -bitmap /home/vermaden/.icons/vermaden/xlock.xpm \
          -count 1 \
          -delay 10000000 \
          -erasemode no_fade \
          +showdate \

      Maybe it would require additional su(1) before the env(1) command but that should lock your system after you have close the lid and when you open the lid to resume then it should be locked.

      Let me know how it went.

      Hope that helps.



      1. DF

        Thanks for your quick response. Unfortunately it didn’t help. I tried editing rc.suspend and rc.resume. Also tried modifying zzz(8) to execute my locking program – /usr/local/bin/slock.

        There are not many information on this in the internet. I also tried my luck with /etc/apmd.conf – I didn’t have this file so I had to create it.

        Also tried experimenting with devd.conf.

        I was using tips from those two sites:


      2. DF

        I did it! πŸ™‚

        I had to add “permit nopass root as myusername” to doas.conf and then in rc.suspend I used the following line:

        env DISPLAY=:0.0 /usr/local/bin/doas -u myusername /usr/local/bin/slock

        Many thanks for your help.


      3. DF

        Posted on the forums, just awaiting moderator approval:

        BTW, in your post, instead of using xautolock, you can achieve the same thing with xidle – I think it’s already in the system, so you don’t need to install additional software. Just add this line to your .xsession:

        xidle -program ~/bin/screenlock -timeout 300 &

        After 5 minutes of inactivity, I am executing my own script which shows me a warning dialog before locking my screen. I do it this way, because very often I am staring at my screen for a few minutes while thinking about something, and in the meantime my screen will lock. Then I have to enter my password to unlock it. So this behavior gives me 15 seconds to react before my screen gets locked. I quite like it πŸ™‚ It uses rofi to display a dialog box. Here’s the script:

        timeout 15 rofi -config $DOTFILES/rofi/message.rasi -width 320 -e "$(printf '\r The screen is about to lock...\r')" -markup || slock
        exit 0

        So if the timeout command kills rofi and it exits with non-zero status – slock is executed. If I manage to press escape or click anywhere outside the rofi dialog box, rofi exits with 0 status and slock is not executed.


      4. vermaden Post author

        Thanks for sharing those.

        The xidle is available from x11/xidle package – so the same as with xautolock – you need to install it πŸ™‚

        I do not know which one is better – but good to know that both of them work properly.



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s