~anjan/peanutbutter

build: fix the docs path
release 0.5.1

clone

read-only
https://git.sr.ht/~anjan/peanutbutter
read/write
git@git.sr.ht:~anjan/peanutbutter

You can also use your local clone with git send-email.

#Peanutbutter

A wayland screen locker for touch-based Linux mobile devices

#Usage

Install peanutbutter from the Alpine Linux repos:

doas apk add peanutbutter

If you are using another distro, compile this repo via cargo build and move peanutbutter into your $PATH.

Add peanutbutter to your sxmo_hook_screenoff.sh hook.

For example, my sxmo_hook_screenoff.sh looks like:

#!/bin/sh
# configversion: 63228ca431ea6d18709d2b3ad80aabf6
# SPDX-License-Identifier: AGPL-3.0-only
# Copyright 2022 Sxmo Contributors
#
# See man 7 sxmo.states.
#
# This will:
# - turn screen off
# - turn input off
# - launch a demon to blink purple led every 2s
# - check wakelocks and if none suspend after 3s hold

# include common definitions
# shellcheck source=scripts/core/sxmo_common.sh
. sxmo_common.sh

# This hook is called when the system reaches a off state (screen off)

sxmo_led.sh blink red blue &

[ "$SXMO_WM" = "sway" ] && swaymsg mode default
sxmo_wm.sh dpms on
sxmo_wm.sh inputevent touchscreen off

sxmo_jobs.sh start periodic_blink sxmo_run_periodically.sh - 2 sxmo_led.sh blink red blue

case "$SXMO_WM" in
	dwm)
		# dmenu will grab input focus (i.e. power button) so kill it before going to
		# screenoff unless proximity lock is running (i.e. there's a phone call).
		if ! sxmo_jobs.sh running proximity_lock -q; then
			sxmo_dmenu.sh close
		fi
		;;
esac

wait

peanutbutter &

#Controls

By default, the screen is segregated into 4 quadrants (resolution 2):

  1. Top left
  2. Top right
  3. Bottom left
  4. Bottom right

The passcode consists of any combination of these and is configured through the environment variable PEANUTBUTTER_PASSCODE which takes a sequence of digits to represent the quadrants, e.g. 1132 for TOP_LEFT, TOP_LEFT, BOTTOM_LEFT, TOP_RIGHT. This happens to also be the default passcode if the environment variable is not set.

There is no confirm or clear option. The passcode is checked after each touch and stored in a stack with the exact length of the passcode. If you make a mistake, simply start tapping the sequence anew.

A touch will be acknowledged by flipping the background, this provides only provides a indication whether the touch was registered, not whether it is a valid touch in the passcode sequence. The feedback will be over the entire screen and will not specifically highlight the quadrant you tapped (as a security measure).

#Security

For extra security, visual feedback can be disabled entirely by passing the -F or --nofeedback option.

Another way to increase security, is to set the parameter -3 to change the resolution to 3 (3x3 = 9 quadrants). Which takes the following configuration:

1 2 3 
4 5 6
7 8 9

You can even go up to -4, which will give you this next configuration (4x4 = 16 quadrants):

0 1 2 3 
4 5 6 7
8 9 a b
c d e f

By default, if a certain number of touches (10 by default) did not lead to a successful unlock, then the locker will go into a deeper lock state and show a red background. This is a time-out state during which the device can not be unlocked, it will time out after a number of seconds (20 by default) and go back to normal lock mode. This is a security measure to prevent brute-force attacks.

The number of tries is configured via --tries, the timeout (in seconds) via --deeplock. You can set --paranoid to make the timeout double each time the deep lock state is reached, which may lead to the timeout being so long that you need to force a hard reboot.

This program implements the ext-session-lock-v1 protocol. If peanutbutter inadvertently crashes, your information is not exposed.

#Debugging

If peanutbutter crashes, it will display a red screen. To debug, run the following command in your terminal (on the phone):

peanutbutter --debug 2> /tmp/peanutbutter.log

When peanutbutter crashes, ssh into your phone and check the /tmp/peanutbutter.log file for the error message.

#TODO

FAQ: https://lists.sr.ht/~anjan/public-inbox/%3CD08OUBZEXWSQ.3M648R47PDJC1@matfyz.cz%3E#%3CD2UYYQ6C2LQG.1KYZEAJ0X2Z2N@momi.ca%3E

  • Show an incoming call and pickup easily via lock screen