nevaforget/moonlock
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: nevaforget:59c509dcbb7def1338fe9702b537e17abdc419e6
Branches Tags
nevaforget:main
nevaforget:v0.6.12
nevaforget:v0.6.11
nevaforget:v0.6.10
nevaforget:v0.6.9
nevaforget:v0.6.8
nevaforget:v0.6.7
nevaforget:v0.6.4
nevaforget:v0.6.1
nevaforget:v0.5.0
nevaforget:v0.4.1
nevaforget:v0.3.0
nevaforget:v0.2.2
nevaforget:v0.2.1
nevaforget:v0.2.0
nevaforget:v0.1.1
nevaforget:v0.1.0
..
compare: nevaforget:2a9cc522235e2eb483c27ec90135676596931f88
Branches Tags
nevaforget:main
nevaforget:v0.6.12
nevaforget:v0.6.11
nevaforget:v0.6.10
nevaforget:v0.6.9
nevaforget:v0.6.8
nevaforget:v0.6.7
nevaforget:v0.6.4
nevaforget:v0.6.1
nevaforget:v0.5.0
nevaforget:v0.4.1
nevaforget:v0.3.0
nevaforget:v0.2.2
nevaforget:v0.2.1
nevaforget:v0.2.0
nevaforget:v0.1.1
nevaforget:v0.1.0

2 Commits
59c509dcbb ... 2a9cc52223

Author SHA1 Message Date
nevaforget
2a9cc52223 fix: audit fixes — peek icon, blur limit, GResource compression, sync markers (v0.6.8)
All checks were successful
Update PKGBUILD version / update-pkgver (push) Successful in 2s
Details 
- Enable peek icon on password entry (consistent with moongreet)
- Raise blur limit from 100 to 200 (consistent with moongreet/moonset)
- Add compressed="true" to GResource CSS/SVG entries
- Add SYNC comments to duplicated blur/background functions
 2026-03-31 11:08:36 +02:00
nevaforget
102520d15f docs: update README features and fix build.rs comment 
README was missing features added since v0.6.1 (GPU blur, journal
logging, lock-first architecture, PAM timeout, fprintd sender
validation, progressive faillock). build.rs comment still referenced
removed wallpaper.jpg.
 2026-03-31 09:34:06 +02:00
9 changed files with 30 additions and 15 deletions
Show Stats Expand all files Collapse all files

2
CLAUDE.md
View File

@ -60,5 +60,5 @@ LD_PRELOAD=/usr/lib/libgtk4-layer-shell.so ./target/release/moonlock
- Root-Check: Exit mit Fehler wenn als root gestartet
- Faillock: UI-Warnung nach 3 Fehlversuchen, aber PAM entscheidet über Lockout (Entry bleibt aktiv)
- Kein Schließen per Escape/Alt-F4 — nur durch erfolgreiche PAM-Auth oder Fingerprint
- Kein Peek-Icon am Passwortfeld (Shoulder-Surfing-Schutz)
- Peek-Icon am Passwortfeld aktiv (UX-Entscheidung, konsistent mit moongreet)
- GResource-Bundle: CSS/Assets in der Binary kompiliert

2
Cargo.lock generated
View File

@ -575,7 +575,7 @@ dependencies = [
[[package]]
name = "moonlock"
version = "0.6.7"
version = "0.6.8"
dependencies = [
"gdk-pixbuf",
"gdk4",

2
Cargo.toml
View File

@ -1,6 +1,6 @@
[package]
name = "moonlock"
version = "0.6.7"
version = "0.6.8"
edition = "2024"
description = "A secure Wayland lockscreen with GTK4, PAM and fingerprint support"
license = "MIT"

7
DECISIONS.md
View File

@ -2,6 +2,13 @@
Architectural and design decisions for Moonlock, in reverse chronological order.
## 2026-03-31 Fourth audit: peek icon, blur limit, GResource compression, sync markers
- **Who**: Ragnar, Dom
- **Why**: Fourth triple audit found blur limit inconsistency (moonlock 0100 vs moongreet/moonset 0200), missing GResource compression, peek icon inconsistency, and duplicated code without sync markers.
- **Tradeoffs**: Peek icon enabled in lockscreen — user decision favoring UX consistency over shoulder-surfing protection. Acceptable for single-user desktop. Blur limit raised to 200 for ecosystem consistency.
- **How**: (1) `show_peek_icon(true)` in lockscreen password entry. (2) `clamp(0.0, 200.0)` for blur in config.rs. (3) `compressed="true"` on CSS/SVG GResource entries. (4) SYNC comments on duplicated blur/background functions pointing to moongreet and moonset.
## 2026-03-30 Third audit: blur offset, lock-before-IO, FP signal lifecycle, TOCTOU
- **Who**: Nyx, Dom

18
README.md
View File

@ -5,14 +5,17 @@ Part of the Moonarch ecosystem.
## Features
- **ext-session-lock-v1** — Protocol-guaranteed screen locking (compositor keeps screen locked on crash)
- **PAM authentication** — Uses system PAM stack (`/etc/pam.d/moonlock`)
- **Fingerprint unlock** — fprintd D-Bus integration, async init (optional, window appears instantly)
- **Multi-monitor** — Lockscreen on every monitor, single shared fingerprint listener
- **ext-session-lock-v1** — Protocol-guaranteed screen locking (compositor keeps screen locked on crash, `exit(1)` in release if unsupported)
- **PAM authentication** — Uses system PAM stack (`/etc/pam.d/moonlock`) with 30s timeout and generation counter
- **Fingerprint unlock** — fprintd D-Bus integration with sender validation, async init (window appears instantly), `pam_acct_mgmt` check after verify, auto-resume on transient errors
- **Multi-monitor** — Lockscreen on every monitor with shared blur and avatar caches
- **GPU blur** — Background blur via GskBlurNode (downscale to max 1920px, configurable 0100)
- **i18n** — German and English (auto-detected)
- **Faillock warning** — UI counter + system pam_faillock
- **Panic safety** — Panic hook logs but never unlocks
- **Password wiping** — Zeroize on drop
- **Faillock warning** — Progressive UI warning after failed attempts, PAM decides lockout
- **Panic safety** — Panic hook logs but never unlocks (installed before logging)
- **Password wiping**`Zeroize` on drop from GTK entry through PAM FFI layer
- **Journal logging**`journalctl -t moonlock`, debug level via `MOONLOCK_DEBUG` env var
- **Lock-first architecture** — Wallpaper loaded after `lock()` so disk I/O never delays lock acquisition
## Requirements
@ -46,6 +49,7 @@ Create `/etc/moonlock/moonlock.toml` or `~/.config/moonlock/moonlock.toml`:
```toml
background_path = "/usr/share/wallpapers/moon.jpg"
background_blur = 40.0 # 0.0100.0, optional
fingerprint_enabled = true
```

2
build.rs
View File

@ -1,5 +1,5 @@
// ABOUTME: Build script for compiling GResource bundle.
// ABOUTME: Bundles style.css, wallpaper.jpg, and default-avatar.svg into the binary.
// ABOUTME: Bundles style.css and default-avatar.svg into the binary.
fn main() {
glib_build_tools::compile_resources(

4
resources/resources.gresource.xml
View File

@ -1,7 +1,7 @@
<?xml version="1.0" encoding="UTF-8"?>
<gresources>
<gresource prefix="/dev/moonarch/moonlock">
<file>style.css</file>
<file>default-avatar.svg</file>
<file compressed="true">style.css</file>
<file compressed="true">default-avatar.svg</file>
</gresource>
</gresources>

2
src/config.rs
View File

@ -52,7 +52,7 @@ pub fn load_config(config_paths: Option<&[PathBuf]>) -> Config {
Ok(parsed) => {
if parsed.background_path.is_some() { merged.background_path = parsed.background_path; }
if let Some(blur) = parsed.background_blur {
merged.background_blur = Some(blur.clamp(0.0, 100.0));
merged.background_blur = Some(blur.clamp(0.0, 200.0));
}
if let Some(fp) = parsed.fingerprint_enabled { merged.fingerprint_enabled = fp; }
}

6
src/lockscreen.rs
View File

@ -137,7 +137,7 @@ pub fn create_lockscreen_window(
// Password entry
let password_entry = gtk::PasswordEntry::builder()
.placeholder_text(strings.password_placeholder)
.show_peek_icon(false)
.show_peek_icon(true)
.hexpand(true)
.build();
password_entry.add_css_class("password-entry");
@ -566,6 +566,10 @@ fn create_background_picture(
}
/// Maximum texture dimension for blur input. Textures larger than this are
// SYNC: MAX_BLUR_DIMENSION, render_blurred_texture, and create_background_picture
// are duplicated in moongreet/src/greeter.rs and moonset/src/panel.rs.
// Changes here must be mirrored to the other two projects.
/// downscaled before blurring — the blur destroys detail anyway, so there is
/// no visible quality loss, but GPU work is reduced significantly.
const MAX_BLUR_DIMENSION: f32 = 1920.0;