However, the problem of killing X including the screen lock on the way back still persists.
Try locking the console with
security/vlock immediate after the initialization of the X server, putting
startx(1) (
xinit(1)) in the background (instead of trying to automatic exit or lock if X is killed during resume, as suggested in my previous posting). You could try putting
startx in the background only, but locking the console would put an extra security layer.
To avoid X server and in X running programs polluting the console with messages, redirect them somewhere else (the command can be abbreviated with an alias).
startx &> /dev/null & vlock
Alternatively redirect into a log file:
startx &> /tmp/xorg.log & vlock
suspend/resume/Ctrl-C repeatedly
This should make it impossible to SIGINT the X server (as
startx is running as job in the background) and
security/vlock doesn't catch SIGINT .
In case the above works out, and you prefer a log file, you might want to enable
clear_tmp_enable="YES"
in
/etc/rc.conf or create a
tmpfs(5) /tmp (see
/etc/defaults/rc.conf) to avoid filling up
/tmp.
Or as an alternative a login manager, eg.
x11/xdm, should also prevent exposing a logged in, password free,
startx initializing virtual console user shell.