only use mlock() on Linux, FreeBSD (for example) requires root

author: Michael Stapelberg <michael@stapelberg.de> 2012-08-22 20:49:10 +0200
committer: Michael Stapelberg <michael@stapelberg.de> 2012-08-22 20:49:10 +0200
commit: 1e55f0dc6ffd3e5f7a867d5e3b2456afb19378d8 (patch)
tree: 8359f0f09134b06bbe92437329ffff8c65168cbc /i3lock.c
parent: 65795be0a9a0cafaecd69229244693c0d77984d5 (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/i3lock.c b/i3lock.c
index 35eaca6..e11bfe6 100644
--- a/i3lock.c
+++ b/i3lock.c
@@ -645,11 +645,16 @@ int main(int argc, char *argv[]) {
     if (ret != PAM_SUCCESS)
         errx(EXIT_FAILURE, "PAM: %s", pam_strerror(pam_handle, ret));
 
+/* Using mlock() as non-super-user seems only possible in Linux. Users of other
+ * operating systems should use encrypted swap/no swap (or remove the ifdef and
+ * run i3lock as super-user). */
+#if defined(__linux__)
     /* Lock the area where we store the password in memory, we don’t want it to
      * be swapped to disk. Since Linux 2.6.9, this does not require any
      * privileges, just enough bytes in the RLIMIT_MEMLOCK limit. */
     if (mlock(password, sizeof(password)) != 0)
         err(EXIT_FAILURE, "Could not lock page in memory, check RLIMIT_MEMLOCK");
+#endif
 
     /* Initialize connection to X11 */
     if ((conn = xcb_connect(NULL, &nscreen)) == NULL ||
author	Michael Stapelberg <michael@stapelberg.de>	2012-08-22 20:49:10 +0200
committer	Michael Stapelberg <michael@stapelberg.de>	2012-08-22 20:49:10 +0200
commit	1e55f0dc6ffd3e5f7a867d5e3b2456afb19378d8 (patch)
tree	8359f0f09134b06bbe92437329ffff8c65168cbc /i3lock.c
parent	65795be0a9a0cafaecd69229244693c0d77984d5 (diff)