2014-09-25 14:45:17 -07:00
|
|
|
# slock - a fork of the suckless screenlocker for the _extremely_ paranoid
|
2014-08-19 14:25:51 -07:00
|
|
|
|
2014-09-25 14:45:17 -07:00
|
|
|
This is my personal fork of slock. It is the only screenlocker secure enough
|
|
|
|
for me to use.
|
|
|
|
|
|
|
|
## Changes from the original Slock
|
2014-08-19 14:25:51 -07:00
|
|
|
|
|
|
|
- Custom Password: You can provide a custom password so you don't have to enter
|
|
|
|
your user password on the X server. Simply create a ~/.slock_passwd file with
|
|
|
|
your separate password in it.
|
|
|
|
|
|
|
|
- Alarms: A siren will play if a user enters an incorrect password. It must
|
|
|
|
reside in ~/slock.
|
|
|
|
|
|
|
|
- Automatic Shutdown: Your machine will immediately shutdown if:
|
|
|
|
|
|
|
|
1. The wrong password is entered more than 5 times.
|
|
|
|
|
|
|
|
2. ALT/CTRL/F1-F13 is pressed to switch VTs or to try to kill the X server.
|
|
|
|
Also, if ALT+SYSRQ is attempted to be used.
|
|
|
|
|
|
|
|
- Automatic shutdown requires a sudoers option to be set in /etc/sudoers:
|
|
|
|
|
2014-08-19 20:10:34 -07:00
|
|
|
- systemd: `[username] [hostname] =NOPASSWD: /usr/bin/systemctl poweroff`
|
|
|
|
- sysvinit: `[username] [hostname] =NOPASSWD: /usr/bin/shutdown -h now`
|
2014-08-19 14:25:51 -07:00
|
|
|
|
2014-08-19 20:10:34 -07:00
|
|
|
You must change [username] and [hostname] to your username and the hostname
|
|
|
|
of the machine.
|
2014-08-19 14:25:51 -07:00
|
|
|
|
2014-09-27 00:30:29 -07:00
|
|
|
NOTE: It is wise to combine this feature with a bios password as well as an
|
|
|
|
encrypted home+swap partition. Once your machine is powered off. Your data
|
|
|
|
is no longer accessible in any manner.
|
|
|
|
|
2014-09-25 14:41:12 -07:00
|
|
|
- Webcam Support (requires ffmpeg): This will take a webcam shot of whoever may
|
|
|
|
be tampering with your machine before poweroff.
|
|
|
|
|
2014-08-19 14:25:51 -07:00
|
|
|
- Twilio Support: You will receive an SMS to your phone when someone inputs a
|
|
|
|
wrong password or pressed ALT/CTRL/F1-13/SYSRQ. See twilio_example.h to create a
|
|
|
|
twilio.h file. You will need a twilio account to set this up.
|
2006-10-11 12:35:21 +02:00
|
|
|
|
2014-09-25 14:41:12 -07:00
|
|
|
These SMS's can optionally be MMS's containing a webcam shot of whoever is
|
|
|
|
potentially tampering with your machine.
|
|
|
|
|
2014-09-19 02:15:38 -07:00
|
|
|
- Disabling alt+sysrq and ctrl+alt+backspace before shutting down: This
|
|
|
|
prevents an attacker from killing the screenlock quickly before the shutdown.
|
2014-09-18 14:38:54 -07:00
|
|
|
|
|
|
|
- This requires a sudoers option to be set in /etc/sudoers:
|
|
|
|
|
2014-09-27 00:30:29 -07:00
|
|
|
- `[username] [hostname] =NOPASSWD: /usr/bin/tee /proc/sys/kernel/sysrq`
|
2014-09-18 14:38:54 -07:00
|
|
|
|
|
|
|
You must change [username] and [hostname] to your username and the hostname
|
|
|
|
of the machine.
|
2006-10-11 12:35:21 +02:00
|
|
|
|
2015-01-26 19:26:37 -08:00
|
|
|
- Transparent Lock Screen
|
|
|
|
|
|
|
|
- The lock screen is now an ARGB window. The screen will dim on lock (or turn
|
|
|
|
black with no compositor).
|
|
|
|
|
2014-09-25 14:45:17 -07:00
|
|
|
## Requirements
|
|
|
|
|
2006-10-11 12:35:21 +02:00
|
|
|
In order to build slock you need the Xlib header files.
|
|
|
|
|
2014-09-25 14:45:17 -07:00
|
|
|
- Potential runtime deps: sudo, ffmpeg, setxkbmap, curl, aplay
|
|
|
|
- Other potential requirements: a twilio account, an imgur account
|
|
|
|
|
|
|
|
## Installation
|
2006-10-11 12:35:21 +02:00
|
|
|
|
|
|
|
Edit config.mk to match your local setup (slock is installed into
|
|
|
|
the /usr/local namespace by default).
|
|
|
|
|
2008-07-29 19:08:18 +01:00
|
|
|
Afterwards enter the following command to build and install slock
|
|
|
|
(if necessary as root):
|
2006-10-11 12:35:21 +02:00
|
|
|
|
2014-09-25 14:45:17 -07:00
|
|
|
``` bash
|
|
|
|
$ make clean install
|
|
|
|
```
|
2006-10-11 12:35:21 +02:00
|
|
|
|
2014-09-25 14:45:17 -07:00
|
|
|
## Running slock
|
2006-10-11 12:35:21 +02:00
|
|
|
|
2007-11-24 21:17:32 +01:00
|
|
|
Simply invoke the 'slock' command. To get out of it, enter your password.
|