ScreenLocker now composes gatelock.GateRoot + gatelock.LockWindow for the
actual lock window instead of the inline WindowSetupMixin mechanics; the
verify/relaxed-day auxiliary windows (never the lock itself) stay as
plain Tk windows. The hand-copied _log_integrity.py is deleted in favor
of gatelock.log_integrity (the canonical, non-duplicated module). This
is the second of three migrations (diet_guard done, wake_alarm next).
Two deliberate behavior changes, both confirmed:
- dependencies = [] (pure stdlib) now includes gatelock, a documented
departure from the prior zero-deps stance.
- production grab upgraded from single-attempt-then-local-fallback to
diet_guard's retry-forever (robust to e.g. a fullscreen game holding
the grab).
Net hardening as a side effect: run()/close() now go through gatelock's
signal-safe lifecycle, so SIGTERM/SIGINT restore VT switching on every
exit path -- previously only a clean close() did, leaving VT switching
disabled if the service was killed mid-lock.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01XCdT46zV8hESDvbgYMGDLt
- Screen locker: disable VT switching (Ctrl+Alt+Fn) via setxkbmap
srvrkeys:none on startup; restore on close (production mode only).
Gracefully skips if setxkbmap is not installed (shutil.which).
Tests: 7 new tests, 100% branch coverage maintained.
- Midnight shutdown: restore real schedule values (Mon-Wed 21:00,
Thu-Sun 22:00, morning end 05:00); re-enable the three commented-out
leniency checks in check_schedule_protection(); self-lock script with
chattr +i at end of enable_midnight_shutdown().
- Hosts install: add UNBLOCK_STATE_FILE tracking for whitelisted domains;
check_unblock_entries_protection() blocks installation if the unblock
list grows; save state after install; self-lock install.sh and
generate_hosts_file.sh with chattr +i.