diff options
Diffstat (limited to 'x11vnc/help.c')
-rw-r--r-- | x11vnc/help.c | 46 |
1 files changed, 32 insertions, 14 deletions
diff --git a/x11vnc/help.c b/x11vnc/help.c index 63cbafb..5f8aa10 100644 --- a/x11vnc/help.c +++ b/x11vnc/help.c @@ -574,20 +574,31 @@ void print_help(int mode) { "\n" "-unixpw_nis [list] As -unixpw above, however do not use su(1) but rather\n" " use the traditional getpwnam(3) + crypt(3) method to\n" -" verify passwords instead. This requires that the\n" -" encrypted passwords be readable. Passwords stored\n" -" in /etc/shadow will be inaccessible unless x11vnc\n" -" is run as root.\n" +" verify passwords. All of the above -unixpw options and\n" +" contraints apply.\n" +"\n" +" This mode requires that the encrypted passwords be\n" +" readable. Encrypted passwords stored in /etc/shadow\n" +" will be inaccessible unless x11vnc is run as root.\n" "\n" " This is called \"NIS\" mode simply because in most\n" -" NIS setups the user encrypted passwords are accessible\n" -" (e.g. \"ypcat passwd\"). NIS is not required for this\n" -" mode to work (only that getpwnam(3) return the encrypted\n" -" password is required), but it is unlikely it will work\n" -" for any other modern environment unless x11vnc is run\n" -" as root (which, btw, is often done when running x11vnc\n" -" from inetd and xdm/gdm/kdm). All of the -unixpw options\n" -" and contraints apply.\n" +" NIS setups user encrypted passwords are accessible\n" +" (e.g. \"ypcat passwd\") by an ordinary user and so that\n" +" user can authenticate ANY user.\n" +"\n" +" NIS is not required for this mode to work (only that\n" +" getpwnam(3) return the encrypted password is required),\n" +" but it is unlikely it will work for any most modern\n" +" environments unless x11vnc is run as root to be able\n" +" to access /etc/shadow (note running as root is often\n" +" done when running x11vnc from inetd and xdm/gdm/kdm).\n" +"\n" +" Looked at another way, if you do not want to use the\n" +" su(1) method provided by -unixpw, you can run x11vnc\n" +" as root and use -unixpw_nis. Any users with passwords\n" +" in /etc/shadow can then be authenticated. You may want\n" +" to use -users unixpw= to switch the process user after\n" +" the user logs in.\n" "\n" #endif "-display WAIT:... A special usage mode for the normal -display option.\n" @@ -2374,8 +2385,15 @@ void print_help(int mode) { " \"ignore\" or \"exit\". For \"ignore\" libvncserver\n" " will handle the abrupt loss of a client and continue,\n" " for \"exit\" x11vnc will cleanup and exit at the 1st\n" -" broken connection. Default: \"ignore\". This option\n" -" is obsolete.\n" +" broken connection.\n" +"\n" +" This option is not really needed since libvncserver\n" +" is doing the correct thing now for quite some time.\n" +" However, for convenience you can use it to ignore other\n" +" signals, e.g. \"-sigpipe ignore:HUP,INT,TERM\" in case\n" +" that would be useful for some sort of application.\n" +" You can also put \"exit:..\" in there.\n" +"\n" "-threads Whether or not to use the threaded libvncserver\n" "-nothreads algorithm [rfbRunEventLoop] if libpthread is available\n" " Default: %s\n" |