nevaforget/moonlock
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
moonlock/README.md
nevaforget 102520d15f docs: update README features and fix build.rs comment 
README was missing features added since v0.6.1 (GPU blur, journal
logging, lock-first architecture, PAM timeout, fprintd sender
validation, progressive faillock). build.rs comment still referenced
removed wallpaper.jpg.
2026-03-31 09:34:06 +02:00

78 lines
2.3 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Moonlock
A secure Wayland lockscreen with GTK4, PAM authentication and fingerprint support.
Part of the Moonarch ecosystem.
## Features
- **ext-session-lock-v1** — Protocol-guaranteed screen locking (compositor keeps screen locked on crash, `exit(1)` in release if unsupported)
- **PAM authentication** — Uses system PAM stack (`/etc/pam.d/moonlock`) with 30s timeout and generation counter
- **Fingerprint unlock** — fprintd D-Bus integration with sender validation, async init (window appears instantly), `pam_acct_mgmt` check after verify, auto-resume on transient errors
- **Multi-monitor** — Lockscreen on every monitor with shared blur and avatar caches
- **GPU blur** — Background blur via GskBlurNode (downscale to max 1920px, configurable 0100)
- **i18n** — German and English (auto-detected)
- **Faillock warning** — Progressive UI warning after failed attempts, PAM decides lockout
- **Panic safety** — Panic hook logs but never unlocks (installed before logging)
- **Password wiping** — `Zeroize` on drop from GTK entry through PAM FFI layer
- **Journal logging** — `journalctl -t moonlock`, debug level via `MOONLOCK_DEBUG` env var
- **Lock-first architecture** — Wallpaper loaded after `lock()` so disk I/O never delays lock acquisition
## Requirements
- GTK 4
- gtk4-session-lock (ext-session-lock-v1 support)
- PAM (`/etc/pam.d/moonlock`)
- Optional: fprintd for fingerprint support
## Building
```bash
cargo build --release
```
## Installation
```bash
# Install binary
sudo install -Dm755 target/release/moonlock /usr/bin/moonlock
# Install PAM config
sudo install -Dm644 config/moonlock-pam /etc/pam.d/moonlock
# Optional: Install example config
sudo install -Dm644 config/moonlock.toml.example /etc/moonlock/moonlock.toml.example
```
## Configuration
Create `/etc/moonlock/moonlock.toml` or `~/.config/moonlock/moonlock.toml`:
```toml
background_path = "/usr/share/wallpapers/moon.jpg"
background_blur = 40.0 # 0.0100.0, optional
fingerprint_enabled = true
```
## Usage
Typically launched via keybind in your Wayland compositor:
```
# Niri keybind example
binds {
Mod+L { spawn "moonlock"; }
}
```
## Development
```bash
cargo test
cargo build --release
LD_PRELOAD=/usr/lib/libgtk4-layer-shell.so ./target/release/moonlock
```
## License
MIT
Reference in New Issue View Git Blame Copy Permalink