FreeBSD Desktop – Part 10 – Key Components – Locking Solution

In the Part 10 of the FreeBSD Desktop series I would like to describe key components of self made custom desktop environment such as:

• Window Manager
• Status Bar
• Task Bar
• Wallpaper Handling
• Application Launcher
• Keyboard/Mouse Shortcuts
• Locking Solution
• Blue Light Spectrum Suppress

Today we will focus on the sixth part – the Locking Solution. In the next series each of these components configuration would also be described along with eventual needed scripts.

You may want to check other articles in the FreeBSD Desktop series on the FreeBSD Desktop – Global Page where you will find links to all episodes of the series along with table of contents for each episode’s contents.

While screen locking feature is obvious for popular operating systems like Mac OS X (macOS) and Windows (or complete desktop environments such as KDE Plasma) its not when you build your desktop environment from the ground up. Similarly like in Part 9 about Keyboard/Mouse Shortcuts I will describe what light solutions will work here instead of focusing on all available solutions and choosing the best ones from them.

The tools we will embrace in this process are:

• mate-screensaver
• xlock
• xautolock

The roles of mate-screensaver and xlock are redundant but we will keep xlock as fallback when mate-screensaver will fail for some reason. For example after upgrade some library may not be available (or will be present but in different version or filename) so mate-screensaver will fail and then xlock will take the role to securely lock the screen.

The xautolock will be used to automatically lock the screen (invoke mate-screensaver or xlock command) after defined period of inactivity time, for example when You would forgot to lock the screen and left the laptop ‘open’ to the World. 🙂

mate-screensaver

From all the nice looking solutions providing screen lock on the X11 I found mate-screensaver the best choice for this task. By default it does not display any fancy screensaver, just plain old blank screen, which is good for laptops, saves battery time.

The mate-screensaver has to be started and run in the background with, well mate-screensaver command – placed somewhere in the ~/.xinitrc or ~/.xsession file. Then we would be able to invoke mate-screensaver-command --lock command to make the actual screen lock.

xlock

When mate-screensaver will not be available or functional we will use xlock as failover solution.

Its not very pretty and does not support FreeType fonts, but with clean or fixed font face its not that bad either, as they are quite nice and usable bitmap fonts.

The xlock tool appearance can be configured by specifying arguments. Below you will find example configuration with gray background and clean bitmap font.

% xlock \
    -mode blank \
    -planfont '-*-clean-*-*-*-*-*-*-*-*-*-*-iso8859-2' \
    -font     '-*-clean-*-*-*-*-*-*-*-*-*-*-iso8859-2' \
    -username 'USERNAME: ' \
    -password 'PASSWORD: ' \
    -background gray30 \
    -dpmsoff 1 \
    -message ' ' \
    -info ' '

Here is how it looks after configuration.

xautolock

We have addressed the on demand screen locking case but now we also need to make sure, that our screen will automatically lock after some period of time while we are away from the computer. Small utility called xautolock does exactly that and does it very efficiently.

Example invocation is presented below.

% xautolock \
    -time 1 \
    -locker \
    ~/bin/example-lock-handler.sh \
    -resetsaver

The xautolock also has to be started and run in the background using the ~/.xinitrc or ~/.xsession file.

UPDATE 1 – Nice Looking xlock Configuration

After messing with xlock(1) little more I found a way to make it look a lot better. One of the reasons to use xlock(1) may be the mate-screensaver(1) memory footprint. While xlock(1) uses about 8 MB RAM the mate-screensaver(1) uses more them 5 times more which can be seen in the FreeBSD’s top(1) command output below.

  PID USERNAME    THR PRI NICE   SIZE    RES STATE    C   TIME    WCPU COMMAND
55861 vermaden      4  33    0    65M    48M select   0   0:01   0.00% mate-screensaver
33761 vermaden      1  32   10    18M  8256K select   1   0:00   0.00% xlock

This 48 MB of RAM is more then entire openbox(1) and tint2(1) desktop ‘stack’.

  PID USERNAME    THR PRI NICE   SIZE    RES STATE    C   TIME    WCPU COMMAND
42629 root          3  21    0    88M    56M select   0   1:34   0.00% Xorg
55861 vermaden      4  33    0    65M    48M select   0   0:01   0.00% mate-screensaver
70890 vermaden      1  20    0    53M    26M select   0   0:03   0.00% openbox
82040 vermaden      1  20    0    37M    21M select   1   0:01   0.00% tint2
89833 vermaden      1  20    0    18M  8908K select   0   0:00   0.00% dzen2
33761 vermaden      1  32   10    18M  8256K select   1   0:00   0.00% xlock
43585 root          1  28    0    17M  7700K wait     0   0:00   0.00% xdm
24399 vermaden      1  20    0    17M  6900K nanslp   1   0:03   0.00% redshift
42014 root          1  35    0    14M  4560K pause    0   0:00   0.00% xdm
74897 vermaden      1  20    0    13M  3720K select   1   0:01   0.00% xbindkeys

The new locking script is available on GitHub page – __openbox_lock.sh – here.

Here is the new xlock(1) config along with new more readable fixed font.

  FONT='-*-fixed-*-*-*-*-10-*-*-*-*-*-iso8859-2'
  xlock \
    -mode image \
    -planfont "${FONT}" \
    -font     "${FONT}" \
    -username 'user: ' \
    -password 'pass:' \
    -info ' ' \
    -validate 'Checking.' \
    -invalid 'Nope. ' \
    -background gray20 \
    -foreground gray60 \
    -dpmsoff 1 \
    -icongeometry 64x64 \
    -echokeys \
    -echokey '*' \
    -bitmap /home/vermaden/.icons/vermaden/xlock.xpm \
    -count 1 \
    -delay 10000000 \
    -erasemode no_fade \
    +showdate \
    +description

The used above bitmap is also available on GitHub page – xlock.xpm – here.

Its just my logo on the black background, but You may of course use your own image/logo on black (#000000) background.

Now when screen is locked with xlock(1) it looks like that image below. It also quite fast does into DPMS off mode which means turned off screen for more battery life.

When you will want to enter the password to unlock the screen it will look like that.

I liked it so much that I have disabled mate-screensaver(1) entirely 🙂

EOF