From b81e43465b14836b17e4fe2dea91c78a2bdd29b3 Mon Sep 17 00:00:00 2001 From: Timothy Pearson Date: Sun, 22 Jan 2012 01:02:36 -0600 Subject: Part 2 of prior commit --- doc/kcontrol/kdm/CMakeLists.txt | 12 - doc/kcontrol/kdm/Makefile.am | 2 - doc/kcontrol/kdm/index.docbook | 518 --------- doc/kcontrol/tdm/CMakeLists.txt | 12 + doc/kcontrol/tdm/Makefile.am | 2 + doc/kcontrol/tdm/index.docbook | 518 +++++++++ doc/kdm/CMakeLists.txt | 12 - doc/kdm/Makefile.am | 6 - doc/kdm/index.docbook | 1472 ------------------------- doc/kdm/kdmrc-ref.docbook | 2316 --------------------------------------- doc/tdm/CMakeLists.txt | 12 + doc/tdm/Makefile.am | 6 + doc/tdm/index.docbook | 1472 +++++++++++++++++++++++++ doc/tdm/tdmrc-ref.docbook | 2316 +++++++++++++++++++++++++++++++++++++++ 14 files changed, 4338 insertions(+), 4338 deletions(-) delete mode 100644 doc/kcontrol/kdm/CMakeLists.txt delete mode 100644 doc/kcontrol/kdm/Makefile.am delete mode 100644 doc/kcontrol/kdm/index.docbook create mode 100644 doc/kcontrol/tdm/CMakeLists.txt create mode 100644 doc/kcontrol/tdm/Makefile.am create mode 100644 doc/kcontrol/tdm/index.docbook delete mode 100644 doc/kdm/CMakeLists.txt delete mode 100644 doc/kdm/Makefile.am delete mode 100644 doc/kdm/index.docbook delete mode 100644 doc/kdm/kdmrc-ref.docbook create mode 100644 doc/tdm/CMakeLists.txt create mode 100644 doc/tdm/Makefile.am create mode 100644 doc/tdm/index.docbook create mode 100644 doc/tdm/tdmrc-ref.docbook (limited to 'doc') diff --git a/doc/kcontrol/kdm/CMakeLists.txt b/doc/kcontrol/kdm/CMakeLists.txt deleted file mode 100644 index 4bdd0a66d..000000000 --- a/doc/kcontrol/kdm/CMakeLists.txt +++ /dev/null @@ -1,12 +0,0 @@ -################################################# -# -# (C) 2010-2011 Serghei Amelian -# serghei (DOT) amelian (AT) gmail.com -# -# Improvements and feedback are welcome -# -# This file is released under GPL >= 2 -# -################################################# - -tde_create_handbook( DESTINATION kcontrol/tdm ) diff --git a/doc/kcontrol/kdm/Makefile.am b/doc/kcontrol/kdm/Makefile.am deleted file mode 100644 index c81f42bd9..000000000 --- a/doc/kcontrol/kdm/Makefile.am +++ /dev/null @@ -1,2 +0,0 @@ -KDE_LANG = en -KDE_DOCS = kcontrol/tdm diff --git a/doc/kcontrol/kdm/index.docbook b/doc/kcontrol/kdm/index.docbook deleted file mode 100644 index ef1d0b7d4..000000000 --- a/doc/kcontrol/kdm/index.docbook +++ /dev/null @@ -1,518 +0,0 @@ - - - -]> - -
- - - -&Thomas.Tanghus; &Thomas.Tanghus.mail; -&Steffen.Hansen; &Steffen.Hansen.mail; -&Mike.McBride; &Mike.McBride.mail; - - - -2002-02-13 -3.00.00 - - -KDE -KControl -TDM configuration -login manager -login - - - - -Login Manager - -Using this module, you can configure the &kde; graphical login -manager, &tdm;. You can change how the login screen looks, who has -access using the login manager and who can shutdown the -computer. - -In order to organize all of these options, this module is -divided into six sections: Appearance, -Font, Background, -Sessions, -Users and -Convenience. - -You can switch between the sections using the tabs at the top of -the window. - -If you are not currently logged in as a superuser, you -will need to click the Administrator Mode -Button. You will then be asked for a superuser password. Entering a -correct password will allow you to modify the settings of this -module. - - -Appearance - -From this page you can change the visual appearance of &tdm;, -&kde;'s graphical login manager. - -The greeting string is the title of the login screen. If the -string contains the word HOSTNAME it -will be translated to the domainless name of the machine &tdm; is -installed on. - -You can then choose to show either the current system time, a logo -or nothing special in the login box. Make your choice in the radio -buttons labeled Logo area. Using the -Positions setting, you can choose to either center -the content of the logo area or to position it using fixed -coordinates. - -If you chose Show logo you can now choose a -logo: - - - -Drop an image file on the image button. - - -Click on the image button and select a new image from the image chooser -dialog. - - - -If you do not specify a logo the default -$TDEDIR/share/apps/tdm/pics/kdelogo.png -will be displayed. - -While &kde;'s style depends on the settings of the user logged in, -the style used by &tdm; can be configured using the GUI -Style option. - -Below that, you have two dropdown boxes to choose the language and the -country for your login box. - - - - -Font - -From this section of the module you can change the fonts used in -the login window. - -You can select three different font styles from the drop down box -(Greeting, Fail, -Standard). When you click on the Change -font button a dialog appears from which you can select the -new characteristics for the font style. - - - -The Greeting font is the font used for the title -(Greeting String). - - -The Fail font is used when a login fails. - - -The Standard font is used in all other places in the -login window. - - - -An example of each font can be seen in the -Example Box. - - - - -Background - -Here you can change the desktop background which will be displayed -when a user logs in. You can have a single color or an image as a -background. If you have an image as the background and select center, the -selected background color will be used around the image if it isn't -large enough to cover the entire desktop. - -The background colors and effects are controlled by the options on -the tab labeled Background and you select a -background image and its placement from the options on the tab labeled -Wallpaper. - -To change the default background color(s) simply click either of -the color buttons and select a new color. - -The dropdown box above the color buttons provides you with several -different blend effects. Choose one from the list, and it will be -previewed on the small monitor at the top of the window. Your choices -are: - - - -Flat -By choosing this mode, you select one color (using the color -button labeled Color 1), and the entire background is -covered with this one color. - - -Pattern -By choosing this mode, you select two colors (using both color -buttons). You then select a pattern by clicking -Setup. This opens a new dialog window, which gives you -the opportunity to select a pattern. Simply click once on the pattern of your -choice, then click on OK, and &kde; will render the pattern -you selected using the two colors you selected. For more on patterns, see the -section Background: Adding, Removing and Modifying -Patterns. - - -Background Program -By selecting this option, you can have &kde; use an external -program to determine the background. This can be any program of your choosing. -For more information on this option, see the section entitled Background: Using an external program. - - -Horizontal Gradient -By choosing this mode, you select two colors (using both color -buttons). &kde; will then start with the color selected by Color -1 on the left edge of the screen, and slowly transform into the -color selected by Color 2 by the time it gets to the -right edge of the screen. - - -Vertical Gradient -By choosing this mode, you select two colors (using both color -buttons). &kde; will then start with the color selected by Color -1 on the top edge of the screen, and slowly transform into the color -selected by Color 2 as it moves to the bottom of the -screen. - - -Pyramid Gradient -By choosing this mode, you select two colors (using both color -buttons). &kde; will then start with the color selected by Color -1 in each corner of the screen, and slowly transform into the color -selected by Color 2 as it moves to the center of the -screen. - - -Pipecross Gradient -By choosing this mode, you select two colors (using both color -buttons). &kde; will then start with the color selected by Color -1 in each corner of the screen, and slowly transform into the color -selected by Color 2 as it moves to the center of the -screen. The shape of this gradient is different then the pyramid -gradient. - - -Elliptic Gradient -By choosing this mode, you select two colors (using both color -buttons). &kde; will then start with the color selected by Color -2 in the center of the screen, and slowly transform into the color -selected by Color 1 as it moves to the edges, in an -elliptical pattern. - - - -The setup button is only needed for if you select Background -program or Patterns. In these instances, -another window will appear to configure the specifics. -Wallpaper -To select a new background image first, click on the -Wallpapers tab, then you can either select an image from the -drop-down list labeled Wallpaper or select -Browse... and select an image file from a file -selector. - -The image can be displayed in six different ways: - - -No wallpaper -No image is displayed. Just the background colors. - - -Centered -The image will be centered on the screen. The background colors -will be present anywhere the image does not cover. - - -Tiled -The image will be duplicated until it fills the entire -desktop. The first image will be placed in the upper left corner of the screen, -and duplicated downward and to the right. - - -Center Tiled -The image will be duplicated until it fills the entire -desktop. The first image will be placed in the center of the screen, and -duplicated upward, downward to the right, and to the left. - - -Centered Maxpect -The image will be placed in the center of the screen. It will -be scaled to fit the desktop, but it will not change the aspect ratio of the -original image. This will provide you with an image that is not distorted. - - - -Scaled -The image will be scaled to fit the desktop. It will be -stretched to fit all four corners. - - - - - - -Sessions - -Allow to shutdown -Use this dropdown box to choose who is allowed to shut down: - - -None: No one can shutdown the computer using &tdm;. -You must be logged in, and execute a command. - - -All: Everyone can shutdown the computer using -&tdm;. - -Root only: &tdm; requires that the -root password be entered before shutting down the -computer. -Console only: The user must be at this -console, to shut down the computer. - - -Commands -Use these 3 blanks to define the exact shutdown command. -The shutdown command defaults to: - -/sbin/shutdown - -The restart command defaults to: - -/sbin/reboot - -The Console mode (which restarts the computer as a console only terminal) -defaults to: - -/sbin/init - -When Show boot options is enabled, &tdm; will on reboot -offer you options for the lilo boot manager. For this feature to work, you will -need to supply the correct paths to your lilo command and to -lilo's map file. - - - -Session types - -Define which session types should be accessible from the login -window. - - For more information on this subject, look at /etc/X11/xdm/Xsession to find your -xdm setup files. Also review the xdm man pages, especially under the SESSION -PROGRAM section. - -To add a session, type its name in the -blank entitled New types, and click -Add new. - -To remove a session, select the session from the list and click -Remove. - - - - - - - -Users - -From here you can change the way users are represented in the -login window. - -As you look on this window, you will see three lists (All users, -selected users, and no-show users). You also see an image box, and a -set of options along the right side of the window. - -The first thing you must decide, is if you are going to show users -or not. - - -If you choose to show users, then the login window will show -images (which you select), of a list of users. When someone is ready to -login, they select their user name/image, enter their password, and they -are granted access. - -If you choose not to show users, then the login window will be -more traditional. Users will need to type their username, and password -to gain entrance. This is the preferred way if you have many users on -this terminal. - - -To show (and sort) or not to show users - -Along the right edge of the window are two check boxes: - -If Show users is selected, you have chosen to -show images of users, instead of making them type their login -name. - -If Sort users is selected, then the list of -users will be sorted alphabetically in the login window. If unchecked, -users will be listed in the same order as they are on this page. If -Show users is not checked, this has no -effect. - - - - -How to determine which users to show and which users to hide - -Below the user image box, and above the Show -users check box, is a set of two radio buttions: - - -Show only selected users: If this option is selected, only the -users contained in the list labelled Selected Users, will -be displayed in the login window. If Show users is not -checked, this has no effect. -Show all users but no-show users: If this option is selected, -all users will be listed, except those users contained in -the list entitled No show users. If Show -users is not checked, this has no effect. - - - - - -Select users - -This page contains three listboxes. The large listbox on the left -shows all the users on the system which might be a genuine user. - -The top rightmost listbox shows the selected users and the bottom -rightmost listbox shows the users we don't want displayed in the login -window. - -To move a user from one listbox to another you click on the -username in the listbox and click >> to -move the user from the leftmost box the the rightmost box or -<< to move the user from the rightmost box -to the leftmost box. - - - - -Images - -This section of the manual only applies if Show -users is selected. If it is not, this image box has no -effect. - -Every user on the system can be represented by a image. The image -for the user is kept in a file called -$TDEDIR/share/apps/tdm/pics/users/$USER.xpm. -If the user doesn't have such a file the file -$TDEDIR/share/apps/tdm/pics/users/default.xpm -will be used instead. - -To assign a new image to a user just select the user in one of the -listboxes and either drop an imagefile on the image button to the right -or click on the image button and select a new image from the image -selector. - -If no user is currently selected you will be asked if you want to change -the default image. - -The replacement is performed by a &konqueror; process so if the -image file already exists you will be prompted by &konqueror; if you -want to replace it. If you confirm the image will be replaced - you will -not have to press the Apply -button. - - - - - - -Convenience - -In the convenience tab you can configure some -options that make life easier for lazy people, like auto login or -disabling passwords. - -Please think more than twice before using these -options. Every option in the convenience tab is -well-suited to seriously compromise your system security. Practically, -these options are only to be used in a completely non-critical -environment, ⪚ a private computer at home. - - -Automatic Login - -Automatic login will give anyone access to a certain account on -your system without doing any authentication. You can enable it using -the option Enable auto-login. - -Automatic login comes in two flavors: truly automatic -login acts like you would expect automatic login to, &ie; -&tdm; will automatically login without expecting any input from the -user. Enable this using the Truly automatic login -option. If this option is not enabled, &tdm; will start normally, -enabling you to login as any user, and will only perform automatic login -if you kill the X server, ⪚ by pressing &Ctrl;&Alt;Backspace. - -You can choose the account to be used for automatic login in the -list below. - - - - -Password-less Login - -Using this feature, you can allow certain users to login without -having to provide their password. Enable this feature using the -Enable password-less logins option. - -Below this option you will see a list of users for which a password -is required, as well as a (by default, empty) list of users that do not -need to provide a password. When Enable password-less -logins is enabled, you can move users from one list into the -other, by selecting them and then clicking the ->> and << -buttons. - -Again, this option should only be used in a safe -environment. If you enable it on a rather public system you should take -care that only users with heavy access restrictions are granted -password-less login, ⪚ -guest. - -The Automatically login after X server crash -option allows you to skip the authentication procedure when your X -server accidentally crashed. Show previous user -will show the name of the last login already entered into the login -field in &tdm;. Some site administrators would consider even this a -possible security weakness, because potential attackers then know at -least one valid login. - - - - - - - - -
diff --git a/doc/kcontrol/tdm/CMakeLists.txt b/doc/kcontrol/tdm/CMakeLists.txt new file mode 100644 index 000000000..4bdd0a66d --- /dev/null +++ b/doc/kcontrol/tdm/CMakeLists.txt @@ -0,0 +1,12 @@ +################################################# +# +# (C) 2010-2011 Serghei Amelian +# serghei (DOT) amelian (AT) gmail.com +# +# Improvements and feedback are welcome +# +# This file is released under GPL >= 2 +# +################################################# + +tde_create_handbook( DESTINATION kcontrol/tdm ) diff --git a/doc/kcontrol/tdm/Makefile.am b/doc/kcontrol/tdm/Makefile.am new file mode 100644 index 000000000..c81f42bd9 --- /dev/null +++ b/doc/kcontrol/tdm/Makefile.am @@ -0,0 +1,2 @@ +KDE_LANG = en +KDE_DOCS = kcontrol/tdm diff --git a/doc/kcontrol/tdm/index.docbook b/doc/kcontrol/tdm/index.docbook new file mode 100644 index 000000000..ef1d0b7d4 --- /dev/null +++ b/doc/kcontrol/tdm/index.docbook @@ -0,0 +1,518 @@ + + + +]> + +
+ + + +&Thomas.Tanghus; &Thomas.Tanghus.mail; +&Steffen.Hansen; &Steffen.Hansen.mail; +&Mike.McBride; &Mike.McBride.mail; + + + +2002-02-13 +3.00.00 + + +KDE +KControl +TDM configuration +login manager +login + + + + +Login Manager + +Using this module, you can configure the &kde; graphical login +manager, &tdm;. You can change how the login screen looks, who has +access using the login manager and who can shutdown the +computer. + +In order to organize all of these options, this module is +divided into six sections: Appearance, +Font, Background, +Sessions, +Users and +Convenience. + +You can switch between the sections using the tabs at the top of +the window. + +If you are not currently logged in as a superuser, you +will need to click the Administrator Mode +Button. You will then be asked for a superuser password. Entering a +correct password will allow you to modify the settings of this +module. + + +Appearance + +From this page you can change the visual appearance of &tdm;, +&kde;'s graphical login manager. + +The greeting string is the title of the login screen. If the +string contains the word HOSTNAME it +will be translated to the domainless name of the machine &tdm; is +installed on. + +You can then choose to show either the current system time, a logo +or nothing special in the login box. Make your choice in the radio +buttons labeled Logo area. Using the +Positions setting, you can choose to either center +the content of the logo area or to position it using fixed +coordinates. + +If you chose Show logo you can now choose a +logo: + + + +Drop an image file on the image button. + + +Click on the image button and select a new image from the image chooser +dialog. + + + +If you do not specify a logo the default +$TDEDIR/share/apps/tdm/pics/kdelogo.png +will be displayed. + +While &kde;'s style depends on the settings of the user logged in, +the style used by &tdm; can be configured using the GUI +Style option. + +Below that, you have two dropdown boxes to choose the language and the +country for your login box. + + + + +Font + +From this section of the module you can change the fonts used in +the login window. + +You can select three different font styles from the drop down box +(Greeting, Fail, +Standard). When you click on the Change +font button a dialog appears from which you can select the +new characteristics for the font style. + + + +The Greeting font is the font used for the title +(Greeting String). + + +The Fail font is used when a login fails. + + +The Standard font is used in all other places in the +login window. + + + +An example of each font can be seen in the +Example Box. + + + + +Background + +Here you can change the desktop background which will be displayed +when a user logs in. You can have a single color or an image as a +background. If you have an image as the background and select center, the +selected background color will be used around the image if it isn't +large enough to cover the entire desktop. + +The background colors and effects are controlled by the options on +the tab labeled Background and you select a +background image and its placement from the options on the tab labeled +Wallpaper. + +To change the default background color(s) simply click either of +the color buttons and select a new color. + +The dropdown box above the color buttons provides you with several +different blend effects. Choose one from the list, and it will be +previewed on the small monitor at the top of the window. Your choices +are: + + + +Flat +By choosing this mode, you select one color (using the color +button labeled Color 1), and the entire background is +covered with this one color. + + +Pattern +By choosing this mode, you select two colors (using both color +buttons). You then select a pattern by clicking +Setup. This opens a new dialog window, which gives you +the opportunity to select a pattern. Simply click once on the pattern of your +choice, then click on OK, and &kde; will render the pattern +you selected using the two colors you selected. For more on patterns, see the +section Background: Adding, Removing and Modifying +Patterns. + + +Background Program +By selecting this option, you can have &kde; use an external +program to determine the background. This can be any program of your choosing. +For more information on this option, see the section entitled Background: Using an external program. + + +Horizontal Gradient +By choosing this mode, you select two colors (using both color +buttons). &kde; will then start with the color selected by Color +1 on the left edge of the screen, and slowly transform into the +color selected by Color 2 by the time it gets to the +right edge of the screen. + + +Vertical Gradient +By choosing this mode, you select two colors (using both color +buttons). &kde; will then start with the color selected by Color +1 on the top edge of the screen, and slowly transform into the color +selected by Color 2 as it moves to the bottom of the +screen. + + +Pyramid Gradient +By choosing this mode, you select two colors (using both color +buttons). &kde; will then start with the color selected by Color +1 in each corner of the screen, and slowly transform into the color +selected by Color 2 as it moves to the center of the +screen. + + +Pipecross Gradient +By choosing this mode, you select two colors (using both color +buttons). &kde; will then start with the color selected by Color +1 in each corner of the screen, and slowly transform into the color +selected by Color 2 as it moves to the center of the +screen. The shape of this gradient is different then the pyramid +gradient. + + +Elliptic Gradient +By choosing this mode, you select two colors (using both color +buttons). &kde; will then start with the color selected by Color +2 in the center of the screen, and slowly transform into the color +selected by Color 1 as it moves to the edges, in an +elliptical pattern. + + + +The setup button is only needed for if you select Background +program or Patterns. In these instances, +another window will appear to configure the specifics. +Wallpaper +To select a new background image first, click on the +Wallpapers tab, then you can either select an image from the +drop-down list labeled Wallpaper or select +Browse... and select an image file from a file +selector. + +The image can be displayed in six different ways: + + +No wallpaper +No image is displayed. Just the background colors. + + +Centered +The image will be centered on the screen. The background colors +will be present anywhere the image does not cover. + + +Tiled +The image will be duplicated until it fills the entire +desktop. The first image will be placed in the upper left corner of the screen, +and duplicated downward and to the right. + + +Center Tiled +The image will be duplicated until it fills the entire +desktop. The first image will be placed in the center of the screen, and +duplicated upward, downward to the right, and to the left. + + +Centered Maxpect +The image will be placed in the center of the screen. It will +be scaled to fit the desktop, but it will not change the aspect ratio of the +original image. This will provide you with an image that is not distorted. + + + +Scaled +The image will be scaled to fit the desktop. It will be +stretched to fit all four corners. + + + + + + +Sessions + +Allow to shutdown +Use this dropdown box to choose who is allowed to shut down: + + +None: No one can shutdown the computer using &tdm;. +You must be logged in, and execute a command. + + +All: Everyone can shutdown the computer using +&tdm;. + +Root only: &tdm; requires that the +root password be entered before shutting down the +computer. +Console only: The user must be at this +console, to shut down the computer. + + +Commands +Use these 3 blanks to define the exact shutdown command. +The shutdown command defaults to: + +/sbin/shutdown + +The restart command defaults to: + +/sbin/reboot + +The Console mode (which restarts the computer as a console only terminal) +defaults to: + +/sbin/init + +When Show boot options is enabled, &tdm; will on reboot +offer you options for the lilo boot manager. For this feature to work, you will +need to supply the correct paths to your lilo command and to +lilo's map file. + + + +Session types + +Define which session types should be accessible from the login +window. + + For more information on this subject, look at /etc/X11/xdm/Xsession to find your +xdm setup files. Also review the xdm man pages, especially under the SESSION +PROGRAM section. + +To add a session, type its name in the +blank entitled New types, and click +Add new. + +To remove a session, select the session from the list and click +Remove. + + + + + + + +Users + +From here you can change the way users are represented in the +login window. + +As you look on this window, you will see three lists (All users, +selected users, and no-show users). You also see an image box, and a +set of options along the right side of the window. + +The first thing you must decide, is if you are going to show users +or not. + + +If you choose to show users, then the login window will show +images (which you select), of a list of users. When someone is ready to +login, they select their user name/image, enter their password, and they +are granted access. + +If you choose not to show users, then the login window will be +more traditional. Users will need to type their username, and password +to gain entrance. This is the preferred way if you have many users on +this terminal. + + +To show (and sort) or not to show users + +Along the right edge of the window are two check boxes: + +If Show users is selected, you have chosen to +show images of users, instead of making them type their login +name. + +If Sort users is selected, then the list of +users will be sorted alphabetically in the login window. If unchecked, +users will be listed in the same order as they are on this page. If +Show users is not checked, this has no +effect. + + + + +How to determine which users to show and which users to hide + +Below the user image box, and above the Show +users check box, is a set of two radio buttions: + + +Show only selected users: If this option is selected, only the +users contained in the list labelled Selected Users, will +be displayed in the login window. If Show users is not +checked, this has no effect. +Show all users but no-show users: If this option is selected, +all users will be listed, except those users contained in +the list entitled No show users. If Show +users is not checked, this has no effect. + + + + + +Select users + +This page contains three listboxes. The large listbox on the left +shows all the users on the system which might be a genuine user. + +The top rightmost listbox shows the selected users and the bottom +rightmost listbox shows the users we don't want displayed in the login +window. + +To move a user from one listbox to another you click on the +username in the listbox and click >> to +move the user from the leftmost box the the rightmost box or +<< to move the user from the rightmost box +to the leftmost box. + + + + +Images + +This section of the manual only applies if Show +users is selected. If it is not, this image box has no +effect. + +Every user on the system can be represented by a image. The image +for the user is kept in a file called +$TDEDIR/share/apps/tdm/pics/users/$USER.xpm. +If the user doesn't have such a file the file +$TDEDIR/share/apps/tdm/pics/users/default.xpm +will be used instead. + +To assign a new image to a user just select the user in one of the +listboxes and either drop an imagefile on the image button to the right +or click on the image button and select a new image from the image +selector. + +If no user is currently selected you will be asked if you want to change +the default image. + +The replacement is performed by a &konqueror; process so if the +image file already exists you will be prompted by &konqueror; if you +want to replace it. If you confirm the image will be replaced - you will +not have to press the Apply +button. + + + + + + +Convenience + +In the convenience tab you can configure some +options that make life easier for lazy people, like auto login or +disabling passwords. + +Please think more than twice before using these +options. Every option in the convenience tab is +well-suited to seriously compromise your system security. Practically, +these options are only to be used in a completely non-critical +environment, ⪚ a private computer at home. + + +Automatic Login + +Automatic login will give anyone access to a certain account on +your system without doing any authentication. You can enable it using +the option Enable auto-login. + +Automatic login comes in two flavors: truly automatic +login acts like you would expect automatic login to, &ie; +&tdm; will automatically login without expecting any input from the +user. Enable this using the Truly automatic login +option. If this option is not enabled, &tdm; will start normally, +enabling you to login as any user, and will only perform automatic login +if you kill the X server, ⪚ by pressing &Ctrl;&Alt;Backspace. + +You can choose the account to be used for automatic login in the +list below. + + + + +Password-less Login + +Using this feature, you can allow certain users to login without +having to provide their password. Enable this feature using the +Enable password-less logins option. + +Below this option you will see a list of users for which a password +is required, as well as a (by default, empty) list of users that do not +need to provide a password. When Enable password-less +logins is enabled, you can move users from one list into the +other, by selecting them and then clicking the +>> and << +buttons. + +Again, this option should only be used in a safe +environment. If you enable it on a rather public system you should take +care that only users with heavy access restrictions are granted +password-less login, ⪚ +guest. + +The Automatically login after X server crash +option allows you to skip the authentication procedure when your X +server accidentally crashed. Show previous user +will show the name of the last login already entered into the login +field in &tdm;. Some site administrators would consider even this a +possible security weakness, because potential attackers then know at +least one valid login. + + + + + + + + +
diff --git a/doc/kdm/CMakeLists.txt b/doc/kdm/CMakeLists.txt deleted file mode 100644 index 9a29fa8f8..000000000 --- a/doc/kdm/CMakeLists.txt +++ /dev/null @@ -1,12 +0,0 @@ -################################################# -# -# (C) 2010-2011 Serghei Amelian -# serghei (DOT) amelian (AT) gmail.com -# -# Improvements and feedback are welcome -# -# This file is released under GPL >= 2 -# -################################################# - -tde_create_handbook( DESTINATION tdm ) diff --git a/doc/kdm/Makefile.am b/doc/kdm/Makefile.am deleted file mode 100644 index 3db537e3f..000000000 --- a/doc/kdm/Makefile.am +++ /dev/null @@ -1,6 +0,0 @@ -conf_def = $(top_srcdir)/tdm/config.def -ref: $(conf_def) $(top_srcdir)/tdm/confproc.pl - $(PERL) -w $(top_srcdir)/tdm/confproc.pl --doc $(conf_def) tdmrc-ref.docbook - -KDE_LANG = en -KDE_DOCS = AUTO diff --git a/doc/kdm/index.docbook b/doc/kdm/index.docbook deleted file mode 100644 index dde535328..000000000 --- a/doc/kdm/index.docbook +++ /dev/null @@ -1,1472 +0,0 @@ - - - - tdmrc"> - ksmserver"> - kdesktop"> - XDMCP"> - xdm"> - - - -]> - - - -The &tdm; Handbook - - - -&Oswald.Buddenhagen; &Oswald.Buddenhagen.mail; - - - - - - - -2000 -&Neal.Crook; - - - -2002 -&Oswald.Buddenhagen; - - - -2003 -&Lauri.Watts; - - -2003-03-01 -0.05.02 - - -This document describes &tdm; the &kde; Display Manager. &tdm; -is also known as the Login Manager. - - - -KDE -tdm -xdm -display manager -login manager - - - - - -Introduction - -&tdm; provides a graphical interface that allows you to log in to a -system. It prompts for login (username) and password, authenticates the user -and starts a session. &tdm; is superior to &xdm;, the X -Display Manager, in a number of ways. - - - - - - - -Quick Start Guide - -This is a quick start guide for users who fit the following -pattern: - - - -X is configured and works with the command -startx from the commandline. - - -Each user will generally only use a single window manager or -desktop environment, and does not change this choice very -often, or is comfortable editing a single text file in order to change -their choice. - - - -This scenario will be sufficient for many environments where a single -user or several users normally boot the computer and log into their -preferred environment. - - -Setting up a Default Session - -Create or open the file ~/.xinitrc -If you already have a working ~/.xinitrc, go to -the next step - - -If one does not already exist, add a line to the -~/.xinitrc to start your preferred window manager -or desktop environment. -For &kde; you should enter: -starttde -For other window managers or desktop environments, you should -look in their documentation for the correct command. - -Make a link as follows: -ln ~/.xinitrc ~/.xsession - - - -At this point, typing startx -on the commandline should start X, with a &kde; session. The next task is -to try &tdm;. - -As root, type -tdm at the prompt. - -You should see a login window, which is described more fully in . - -Typing your normal username and password in the fields provided, and -leaving selected as the session type should now -open a &kde; session for your user. - -If you have other users to configure, you should repeat the procedure -above for each of them. - - -This is a quick guide to getting up and running only. You probably -will want to customize &tdm; further, for example, to hide the names of the -system accounts, to allow further sessions, and much more. Please read -through the rest of this manual to find out how to do these things. - - - - - -The Login Window - - The user interface to &tdm; consists of two dialog boxes. The main -dialog box has these controls: - - - -A Username: field for you to enter your -username. - - - -A Password: field for you to enter your -password. - - - -(Optionally) a graphical image of each user (for example, a digitized -photograph). Clicking on an image is equivalent to typing the associated -username into the Username: field. (This feature is an -imitation of the login box on &IRIX;). - - - -A Menu drop down box that allows &tdm; to be used -to start sessions with various different window managers or desktop -environments installed on the system. - - - -(Optionally) a region to the right of the -Username:, Password: and -Session Type: fields which can be used to display -either a static image or an analog clock. - - - -A Login button that validates the -username/password combination and attempts to start a session of the -selected type. - - - -A Clear button that clears the text from -the Login and Pass -fields. - - - -A Menu button that opens an action menu -with the following items: - - - -(On local displays) A Restart X Server item -that terminates the currently running &X-Server;, starts a new one and -displays the login dialog again. You can use this if the display content -seems to be broken somehow. - - - -(On remote displays) A Close Connection -item that closes the connection to the &XDMCP; server you are currently -connected to. If you got to this server through a host chooser, this will -bring you back to the chooser, otherwise it will only reset the &X-Server; -and bring up the login dialog again. - - - -(Optionally on local displays) A Console -Mode item that terminates the currently running &X-Server; and -leaves you alone with a console login. &tdm; will resume the graphical login -if nobody is logged in at the console for some time. - - - - - -(Optionally) A Shutdown button that displays -the Shutdown dialog box. - - - -The Shutdown dialog box presents a set of -radio buttons that allow one of these options to be selected: - - - -Shutdown - -Shut the system down in a controlled manner, ready for -power-down. - - - -Restart - -Shut the system down and reboot. For systems that use -Lilo, an optional drop down box allows you to -select a particular operating-system kernel to be used for the -reboot. - - - -Restart X Server - -Stop and then restart the X-server. Typically, you might need to use -this option if you have changed your X11 configuration in some way. - - - -Console Mode - -Stop the &X-Server; and return the system to console mode. This is -achieved by bringing the system down to runlevel 3. Typically, the system -manager might need to use this option before upgrading or re-configuring X11 -software. - - - - -Pressing the OK button initiates the selected -action; pressing the Cancel button returns to the -main &tdm; dialog box. - - - - - -Configuring &tdm; - -This chapter assumes that &tdm; is already up and running on your -system, and that you simply want to change its behavior in some way. - -When &tdm; starts up, it reads its configuration from the folder -$TDEDIR/share/config/tdm/ (this may -be /etc/trinity/tdm/ or something else -on your system). - -The main configuration file is &tdmrc;; all other files are -referenced from there and could be stored under any name anywhere on -the system - but usually that would not make much sense for obvious -reasons (one particular exception is referencing configuration files -of an already installed &xdm; - however when a new &tdm; is installed, -it will import settings from those files if it finds an already installed -&xdm;). - -Since &tdm; must run before any user is logged in, it is not -associated with any particular user. Therefore, it is not possible to have -user-specific configuration files; all users share the common &tdmrc;. It -follows from this that the configuration of &tdm; can only be altered by -those users that have write access to -$TDEDIR/share/config/tdm/tdmrc (normally -restricted to system administrators logged in as root). - -You can view the &tdmrc; file currently in use on your system, and you -can configure &tdm; by editing this file. Alternatively, you can use the -graphical configuration tool provided by the &kcontrolcenter; (under -System AdministrationLogin -Manager), which is described in the &kcontrolcenter; help files. - - -The remainder of this chapter describes configuration of &tdm; -via the &kcontrolcenter; module, and the next -chapter describes the options available in &tdmrc; itself. If -you only need to configure for local users, the &kcontrolcenter; module -should be sufficient for your needs. If you need to configure remote -logins, or have multiple &tdm; sessions running, you will need to read -on. - - - - -&Thomas.Tanghus; &Thomas.Tanghus.mail; -&Steffen.Hansen; &Steffen.Hansen.mail; -&Mike.McBride; &Mike.McBride.mail; - - - -The Login Manager &kcontrolcenter; Module - -Using this module, you can configure the &kde; graphical login -manager, &tdm;. You can change how the login screen looks, who has -access using the login manager and who can shutdown the -computer. - -All settings will be written to the configuration file -&tdmrc;, which in its original state has many comments to help you -configure &tdm;. Using this &kcontrolcenter; module will strip these -comments from the file. All available options in &tdmrc; are covered -in . - -The options listed in this chapter are cross referenced with -their equivalents in &tdmrc;. All options available in the &kcontrol; -module are also available directly in &tdmrc; but the reverse is not -true. - -In order to organize all of these options, this module is -divided into several sections: Appearance, -Font, Background, -Shutdown, -Users and -Convenience. - -You can switch between the sections using the tabs at the top of -the window. - -If you are not currently logged in as a superuser, you -will need to click the Administrator Mode... -Button. You will then be asked for a superuser password. Entering a -correct password will allow you to modify the settings of this -module. - - -Appearance - -From this page you can change the visual appearance of &tdm;, -&kde;'s graphical login manager. - -The Greeting: is the title of the login - screen. Setting this is especially useful if you have many servers users - may log in to. You may use various placeholders, which are described - along with the corresponding key - - in &tdmrc;. - - -You can then choose to show either the current system time, a logo or -nothing special in the login box. Make your choice in the radio buttons -labeled Logo area:. This corresponds to in &tdmrc; - -If you chose Show logo you can now choose a -logo: - - - -Drop an image file on the image button. - - -Click on the image button and select a new image from the image chooser -dialog. - - - -If you do not specify a logo the default -$TDEDIR/share/apps/tdm/pics/kdelogo.xpm -will be displayed. - -Normally the login box is centered on the screen. Use the -Position: options if you want it to appear -elsewhere on the screen. You can specify the relative position -(percentage of the screen size) for the center of the login window, -relative to the top left of the display, in the fields labeled -X: and Y: respectively. -These correspond to the key - -in &tdmrc;. - -While &kde;'s style depends on the settings of the user logged -in, the style used by &tdm; can be configured using the GUI -Style: and Color Scheme: options. -These correspond to the keys and in -&tdmrc; respectively. - -Below that, you have a drop down box to choose the language for -your login box, corresponding to setting in -&tdmrc;. - - - - -Font - -From this section of the module you can change the fonts used in the -login window. Only fonts available to all users are available here, not -fonts you have installed on a per user basis. - -You can select three different font styles from the drop down box -(General:, Failures:, -Greeting:). When you click on the -Choose... button a dialog appears from which you can -select the new characteristics for the font style. - - - -The General: font is used in all other places in the -login window. - - -The Failures: font is used when a login -fails. - - -The Greeting: font is the font used for the title -(Greeting String). - - - -You can also check the box labeled Use anti-aliasing for -fonts if you want smoothed fonts in the login dialog. - - - - -Background - -Here you can change the desktop background which will be displayed -before a user logs in. You can have a single color or an image as a -background. If you have an image as the background and select center, the -selected background color will be used around the image if it is not -large enough to cover the entire desktop. - -The background colors and effects are controlled by the options on -the tab labeled Background and you select a -background image and its placement from the options on the tab labeled -Wallpaper. - -To change the default background color(s) simply click either of -the color buttons and select a new color. - -The drop down box above the color buttons provides you with several -different blend effects. Choose one from the list, and it will be -previewed on the small monitor at the top of the window. Your choices -are: - - - -Flat -By choosing this mode, you select one color (using the color -button labeled Color 1), and the entire background is -covered with this one color. - - -Pattern -By choosing this mode, you select two colors (using both color -buttons). You then select a pattern by clicking -Setup. This opens a new dialog window, which gives you -the opportunity to select a pattern. Simply click once on the pattern of your -choice, then click on OK, and &kde; will render the pattern -you selected using the two colors you selected. For more on patterns, see the -section Background: Adding, Removing and Modifying -Patterns. - - -Background Program -By selecting this option, you can have &kde; use an external -program to determine the background. This can be any program of your choosing. -For more information on this option, see the section entitled Background: Using an external program. - - -Horizontal Gradient -By choosing this mode, you select two colors (using both color -buttons). &kde; will then start with the color selected by Color -1 on the left edge of the screen, and slowly transform into the -color selected by Color 2 by the time it gets to the -right edge of the screen. - - -Vertical Gradient -By choosing this mode, you select two colors (using both color -buttons). &kde; will then start with the color selected by Color -1 on the top edge of the screen, and slowly transform into the color -selected by Color 2 as it moves to the bottom of the -screen. - - -Pyramid Gradient -By choosing this mode, you select two colors (using both color -buttons). &kde; will then start with the color selected by Color -1 in each corner of the screen, and slowly transform into the color -selected by Color 2 as it moves to the center of the -screen. - - -Pipecross Gradient -By choosing this mode, you select two colors (using both color -buttons). &kde; will then start with the color selected by Color -1 in each corner of the screen, and slowly transform into the color -selected by Color 2 as it moves to the center of the -screen. The shape of this gradient is different then the pyramid -gradient. - - -Elliptic Gradient -By choosing this mode, you select two colors (using both color -buttons). &kde; will then start with the color selected by Color -2 in the center of the screen, and slowly transform into the color -selected by Color 1 as it moves to the edges, in an -elliptical pattern. - - - -The setup button is only needed for if you select Background -program or Patterns. In these instances, -another window will appear to configure the specifics. -Wallpaper -To select a new background image first, click on the -Wallpapers tab, then you can either select an image from the drop down list labeled Wallpaper or select -Browse... and select an image file from a file -selector. - -The image can be displayed in six different ways: - - -No wallpaper -No image is displayed. Just the background colors. - - -Centered -The image will be centered on the screen. The background colors -will be present anywhere the image does not cover. - - -Tiled -The image will be duplicated until it fills the entire -desktop. The first image will be placed in the upper left corner of the screen, -and duplicated downward and to the right. - - -Center Tiled -The image will be duplicated until it fills the entire -desktop. The first image will be placed in the center of the screen, and -duplicated upward, downward to the right, and to the left. - - -Centered Maxpect -The image will be placed in the center of the screen. It will -be scaled to fit the desktop, but it will not change the aspect ratio of the -original image. This will provide you with an image that is not distorted. - - - -Scaled -The image will be scaled to fit the desktop. It will be -stretched to fit all four corners. - - - - - - -<guilabel>Shutdown</guilabel> - -Allow Shutdown -Use this drop down box to choose who is allowed to shut down: - - -Nobody: No one can shutdown the computer using -&tdm;. You must be logged in, and execute a command. - - -Everybody: Everyone can shutdown the computer using -&tdm;. - -Only Root: &tdm; requires that the -root password be entered before shutting down the -computer. - - -You can independently configure who is allowed to issue a -shutdown command for the Local: and -Remote: users. - -Commands Use these text fields to -define the exact shutdown command. The -Halt: command defaults to -/sbin/halt. The Restart: command -defaults to -/sbin/reboot. - -When Show boot options is enabled, &tdm; -will on reboot offer you options for the lilo boot manager. For this -feature to work, you will need to supply the correct paths to your -lilo command and to lilo's map file. Note that this -option is not available on all operating systems. - - - - -Users - -From here you can change the way users are represented in the -login window. - -You may disable the user list in &tdm; entirely in the -Show Users section. You can choose from: - - - -Show List - -Only show users you have specifically enabled in the list -alongside -If you do not check this box, no list will be shown. This is the most secure setting, since an -attacker would then have to guess a valid login name as well as a -password. It's also the preferred option if you have more than a -handful of users to list, or the list itself would become -unwieldy. - - - -Inverse selection - -Allows you to intead select a list of users that should -not be shown, and all other users will be -listed. - - - - -Independently of the users you specify by name, you can use the -System UIDs to specify a range of valid -UIDs that are shown in the list. By default user -id's under 1000, which are often system or daemon users, and user id's -over 65000, are not shown. - -You can also enable the Sort users -checkbox, to have the user list sorted alphabetically. If this is -disabled, users will appear in the order they are listed in the -password file. &tdm; will also autocomplete user names if you enable the -Autocompletion option. - -If you choose to show users, then the login window will show -images (which you select), of a list of users. When someone is ready -to login, they may select their user name/image, enter their password, -and they are granted access. - -If you permit a user image, then you can configure the source -for those images. - -You can configure the admin picture here, for each user on the -system. Depending on the order selected above, users may be able to -override your selection. - -If you choose not to show users, then the login window will be -more traditional. Users will need to type their username and password -to gain entrance. This is the preferred way if you have many users on -this terminal. - - - - -Convenience - -In the convenience tab you can configure -some options that make life easier for lazy people, like automatic -login or disabling passwords. - -Please think more than twice before using these -options. Every option in the Convenience tab is -well-suited to seriously compromise your system security. Practically, -these options are only to be used in a completely non-critical -environment, ⪚ a private computer at home. - - -Automatic Login - -Automatic login will give anyone access to a certain account on -your system without doing any authentication. You can enable it using -the option Enable Auto-login. - -You can choose the account to be used for automatic login from -the list labeled User:. - - - - -<guilabel>Password-Less Login</guilabel> - -Using this feature, you can allow certain users to login without -having to provide their password. Enable this feature using the -Enable Password-less logins option. - -Below this option you'll see a list of users on the system. -Enable password-less login for specific users by checking the checkbox -next to the login names. By default, this feature is disabled for -all users. - -Again, this option should only be used in a safe -environment. If you enable it on a rather public system you should -take care that only users with heavy access restrictions are granted -password-less login, ⪚ -guest. - -You can also choose which user is preselected -when &tdm; starts. The default is None, but you -can choose Previous to have &tdm; default to the -last successfully logged in user, or you can -Specify a particular user to always be selected -from the list. You can also have &tdm; set the focus to the password -field, so that when you reach the &tdm; login screen, you can type the -password immediately. - -The Automatically login after X server crash -option allows you to skip the authentication procedure when your X -server accidentally crashed. - - - - - - - - - -&tdmrc-ref; - - - -Configuring your system to use &tdm; - -This chapter assumes that your system is already configured to -run the &X-Window;, and that you only need to reconfigure it to -allow graphical login. - - -Setting up &tdm; - -The fundamental thing that controls whether your computer boots to a -terminal prompt (console mode) or a graphical login prompt is the default -runlevel. The runlevel is set by the program /sbin/init under the control of the -configuration file /etc/inittab. The default runlevels -used by different &UNIX; systems (and different &Linux; distributions) vary, -but if you look at /etc/inittab the start of it should -be something like this: - -# Default runlevel. The runlevels used by RHS are: -# 0 - halt (Do NOT set initdefault to this) -# 1 - Single user mode -# 2 - Multiuser, without NFS -# 3 - Full multiuser mode -# 4 - unused -# 5 - X11 -# 6 - reboot (Do NOT set initdefault to this) - -id:3:initdefault: - - -All but the last line of this extract are comments. The comments -show that runlevel 5 is used for X11 and that runlevel 3 is used for -multi-user mode without X11 (console mode). The final line specifies -that the default runlevel of the system is 3 (console mode). If your -system currently uses graphical login (for example, using &xdm;) its -default runlevel will match the runlevel specified for X11. - -The runlevel with graphical login (&xdm;) for some common &Linux; -distributions is: - - -5 for &RedHat; 3.x and later, and for &Mandrake; -4 for Slackware -3 for &SuSE;. 4.x and 5.x - - -The first step in configuring your system is to ensure that you -can start &tdm; from the command line. Once this is working, you can -change your system configuration so that &tdm; starts automatically -each time you reboot your system. - -To test &tdm;, you must first bring your system to a runlevel -that does not run &xdm;. To do so, issue a command like this: - -/sbin/init - -Instead of the number you should specify the -appropriate runlevel for console mode on your system. - -If your system uses Pluggable Authentication Modules -(PAM), which is normal with recent &Linux; and &Solaris; -systems, you should check that your PAM configuration permits -login through the service named kde. If you previously used -&xdm; successfully, you should not need to make any -changes to your PAM configuration in order to use -&tdm;. /etc/pam.conf or -/etc/pam.d/kde. Information on configuring -PAM is beyond the scope of this handbook, but -PAM comes with comprehensive documentation (try looking in -/usr/share/doc/*pam*/html/). - -Now it's time for you to test &tdm; by issuing the following -command: - -tdm - - -If you get a &tdm; login dialog and you are able to log in, -things are going well. The main thing that can go wrong here is that -the run-time linker might not find the shared &Qt; or &kde; libraries. -If you have a binary distribution of the &kde; libraries, make sure -&tdm; is installed where the libraries believe &kde; is installed and -try setting some environment variables to point to your &kde; and &Qt; -libraries. - -For example: - -export - -export - -export - -export - - - -If you are still unsuccessful, try starting &xdm; instead, to -make sure that you are not suffering from a more serious X -configuration problem. - -When you are able to start &tdm; successfully, you can start to -replace &xdm; by &tdm;. Again, this is distribution-dependent. - - - -For &RedHat;, edit /etc/inittab, look for this - line: -x:5:respawn:/usr/X11/bin/xdm -nodaemon -and replace with: -x:5:respawn:/opt/kde/bin/tdm -This tells init(8) to respawn &tdm; when the -system is in run level 5. Note that &tdm; does not need the - option. - - -For &Mandrake;, the X11 runlevel in -/etc/inittab invokes the shell script -/etc/X11/prefdm, which is set up to select from -amongst several display managers, including &tdm;. Make sure that all -the paths are correct for your installation. - - -For &SuSE;, edit /sbin/init.d/xdm to add a -first line: - -. /etc/rc.config -DISPLAYMANAGER=tdm -export DISPLAYMANAGER - -For FreeBSD, edit /etc/ttys and find -the line like this: -ttyv8 "/usr/X11R6/bin/xdm -nodaemon" xterm off secure -and edit it to this: -ttyv8 "/usr/local/bin/tdm" xterm on secure - - -Most other distributions are a variation of one of -these. - - -At this stage, you can test &tdm; again by bringing your system -to the runlevel that should now run &tdm;. To do so, issue a command -like this: - -/sbin/init - - -Instead of the number you should specify the -appropriate runlevel for running X11 on your system. - -The final step is to edit the initdefault -entry in /etc/inittab to specify the appropriate -runlevel for X11. - -Before you make this change, ensure that you have a way -to reboot your system if a problem occurs. This might be a -rescue floppy-disk provided by your operating system -distribution or a specially-designed rescue -floppy-disk, such as tomsrtbt. Ignore this advice -at your peril. - -This usually involves changing the line: -id:3:initdefault: -to -id:5:initdefault: - -When you reboot your system, you should end up with the -graphical &tdm; login dialog. - -If this step is unsuccessful the most likely problem is that the -environment used at boot time differs from the environment that you used for -testing at the command line. If you are trying to get two versions of &kde; -to co-exist, be particularly careful that the settings you use for your -PATH and LD_LIBRARY_PATH environment variables -are consistent, and that the startup scripts are not over-riding them in -some way. - - - - - - -Supporting multiple window managers - -&tdm; detects most available window manager and desktop environments when -it is run. Installing a new one should make it automatically available in -the &tdm; main dialog Session Type:. - -If you have a very new window manager, or something that &tdm; does -not support, the first thing you should check is that the application to be -run is in the PATH and has not been renamed during the -install into something unexpected. - -If the case is that the application is too new and not yet supported -by &tdm;, you can quite simply add a new session. - -The sessions are defined in .desktop files in -$TDEDIR/share/apps/tdm/sessions. -You can simply add an appropriately named .desktop file in this directory. The fields -are: - -[Desktop Entry] -Encoding=UTF-8 This is fixed to and -may be omitted -Type=XSession This is fixed to and -may be omitted -Exec=executable name Passed to -eval exec in a Bourne shell -TryExec=executable name Supported -but not required -Name=name to show in the &tdm; session list - -There are also three magic: - - - -default - - -The default session for &tdm; is normally &kde; but can be configured by the -system administrator. - - - - -custom - - -The Custom session will run the users ~/.xsession if it exists. - - - - -failsafe - - -Failsafe will run a very plain session, and is useful only for debugging -purposes. - - - - - -To override a session type, copy the .desktop file from the data dir -to the config dir and edit it at will. Removing the shipped session types -can be accomplished by shadowing them with .desktop files -containing Hidden=true. For the magic session types no .desktop files exist -by default, but &tdm; pretends they would, so you can override them like any -other type. I guess you already know how to add a new session type by -now. ;-) - - - - -Using &tdm; for Remote Logins (&XDMCP;) - -&XDMCP; is the Open Group standard, the X Display Manager -Control Protocol. This is used to set up connections between -remote systems over the network. - -&XDMCP; is useful in multiuser situations where there are users -with workstations and a more powerful server that can provide the -resources to run multiple X sessions. For example, &XDMCP; is a good -way to reuse old computers - a Pentium or even 486 computer with 16 Mb -RAM is sufficient to run X itself, and using &XDMCP; such a computer can -run a full modern &kde; session from a server. For the server part, -once a single &kde; (or other environment) session is running, running -another one requires very few extra resources. - -However, allowing another method of login to your machine -obviously has security implications. You should run this service only -if you need to allow remote X Servers to start login sessions on your -system. Users with a single &UNIX; computer should not need to run -this. - - - - -Advanced Topics - - -Command Sockets - -This is a feature you can use to remote-control &tdm;. It's mostly -intended for use by &ksmserver; and &kdesktop; from a running session, but -other applications are possible as well. - -The sockets are &UNIX; domain sockets which live in subdirectories of the -directory specified by =. The subdir is the key to -addressing and security; the sockets all have the file name -socket and file permissions -rw-rw-rw- (0666). This is because some systems don't care -for the file permission of the socket files. - -There are two types of sockets: the global one (dmctl) and the -per-display ones (dmctl-<display>). - -The global one's subdir is owned by root, the subdirs of the per-display -ones' are owned by the user currently owning the session (root or the -logged in user). Group ownership of the subdirs can be set via FifoGroup=, -otherwise it is root. The file permissions of the subdirs are rwxr-x--- -(0750). - -The fields of a command are separated by tabs (\t), the -fields of a list are separated by spaces, literal spaces in list fields are -denoted by \s. - -The command is terminated by a newline (\n). - -The same applies to replies. The reply on success is -ok, possibly followed by the requested -information. The reply on error is an errno-style word (⪚ -perm, noent, &etc;) -followed by a longer explanation. - - -Global commands: - -login -(now | schedule) user password -[session_arguments] - -login user at specified display. if now is -specified, a possibly running session is killed, otherwise the login is done -after the session exits. session_arguments are printf-like escaped contents -for .dmrc. Unlisted keys will default to previously saved values. - - - - - -Per-display commands: - -lock - -The display is marked as locked. If the &X-Server; crashes in this -state, no auto-relogin will be performed even if the option is on. - - - -unlock - -Reverse the effect of lock, and re-enable -auto-relogin. - - - -suicide - -The currently running session is forcibly terminated. No auto-relogin -is attempted, but a scheduled "login" command will be executed. - - - - - -Commands for all sockets - -caps - -Returns a list of this socket's capabilities: - - - -&tdm; - -identifies &tdm;, in case some other DM implements this protocol, -too - - - -list, lock, -suicide, login - -The respective command is supported - - - -bootoptions - -The listbootoptions command and the - to shutdown are supported - - - -shutdown <list> - -shutdown is supported and allowed for the listed -users (a comma separated list.) * means all -authenticated users. - - - -nuke <list> - -Forced shutdown may be performed by the listed users. - - - -nuke - -Forced shutdown may be performed by everybody - - - -reserve <number> - -Reserve displays are configured, and number -are available at this time - - - - -list [all | -alllocal] - -Return a list of running sessions. By default all active sessions are -listed. if all is specified, passive sessions are -listed as well. If alllocal is specified, passive -sessions are listed as well, but all incoming remote sessions are -skipped. -Each session entry is a comma separated tuple of: - -Display or TTY name -VT name for local sessions -Logged in user's name, empty for passive sessions and -outgoing remote sessions (local chooser mode) -Session type or <remote> for outgoing -remote sessions, empty for passive sessions. -A Flag field: -* for the display belonging -to the requesting socket. -! for sessions that cannot be killed by the -reqeusting socket. - - - -New fields may be added in the future. - - - - -reserve [timeout in -seconds] - -Start a reserve login screen. If nobody logs in within the specified -amount of time (one minute by default), the display is removed again. When -the session on the display exits, the display is removed, too. -Permitted only on sockets of local displays and the global -socket. - - - - -activate -(vt|display) - -Switch to a particular VT (virtual terminal). The VT may be specified -either directly (⪚ vt3) or by a display using it -(eg; :2). -Permitted only on sockets of local displays and the global -socket. - - - - -listbootoptions - -List available boot options. - - - - - -shutdown (reboot | -halt) -[=bootchoice] -(ask|trynow|forcenow|schedule|start -(-1|end -(force|forcemy|cancel)))) - -Request a system shutdown, either a reboot or a halt/poweroff. -An OS choice for the next boot may be specified from the list returned -by listbootoptions -Shutdowns requested from per-display sockets are executed when the -current sessino on that display exits. Such a request may pop up a dialog -asking for confirmation and/or authentication -start is the time for which the shutdown is -scheduled. If it starts with a plus-sign, the current time is added. Zero -means immediately. -end is the latest time at which the shutdown -should be performed if active sessions are still running. If it starts with -a plus-sign, the start time is added. -1 means wait infinitely. If end is -through and active sessions are still running, &tdm; can do one of the -following: - -cancel - give up the -shutdown -force - shut down -nonetheless -forcemy - shut down nonetheless if -all active sessions belong to the requesting user. Only for per-display sockets. - -start and end are -specified in seconds since the &UNIX; epoch. -trynow is a synonym for 0 0 -cancel, forcenow for 0 0 -force and schedule for 0 --1. -ask attempts an immediate shutdown and -interacts with the user if active sessions are still running. Only for -per-display sockets. - - - - -shutdown cancel -[local|global} - -Cancel a scheduled shutdown. The global socket always cancels the -currently pending shutdown, while per-display sockets default to cancelling -their queued request. - - - - -shutdown status - -Return a list with information about shutdowns. -The entries are a comma-separated tuples of: - - -(global|local) - -pending vs. queued shutdown. A local entry can be returned only by a -per-display socket. - -(halt|reboot) -start -end -("ask"|"force"|"forcemy"|"cancel") -Numeric user ID of the requesting user, -1 for the global -socket. -The next boot OS choice or "-" for none. - -New fields might be added later - - - - - - -There are two ways of using the sockets: - - -Connecting them directly. FifoDir is exported as -$DM_CONTROL; the name of per-display sockets can be derived -from $DISPLAY. - - -By using the tdmctl command (⪚ from within a -shell script). Try tdmctl to find out -more. - - - -Here is an example bash script reboot into FreeBSD: - -if tdmctl | grep -q shutdown; then - IFS=$'\t' - set -- `tdmctl listbootoptions` - if [ "$1" = ok ]; then - fbsd=$(echo "$2" | tr ' ' '\n' | sed -ne 's,\\s, ,g;/freebsd/I{p;q}') - if [ -n "$fbsd" ]; then - tdmctl shutdown reboot "=$fbsd" ask > /dev/null - else - echo "FreeBSD boot unavailable." - fi - else - echo "Boot options unavailable." - fi -else - echo "Cannot reboot system." -fi - - - - - - -Other sources of information - -Since &tdm; is descended from &xdm;, the &xdm; man page may provide useful background -information. For X-related problems try the man pages X and startx. If you have -questions about &tdm; that are not answered by this handbook, take advantage of -the fact the &tdm; is provided under the terms of the &GNU; -General Public License: look at the source code. - - - - - -Credits and License - -&tdm; is derived from, and includes code from, -&xdm; (C) Keith Packard, MIT X Consortium. - -&tdm; 0.1 was written by &Matthias.Ettrich;. Later versions till &kde; -2.0.x were written by &Steffen.Hansen;. Some new features for &kde; 2.1.x and -a major rewrite for &kde; 2.2.x made by &Oswald.Buddenhagen;. - -Other parts of the &tdm; code are copyright by the authors, and -licensed under the terms of the &GNU; -GPL. Anyone is allowed to change &tdm; and redistribute the result -as long as the names of the authors are mentioned. - -&tdm; requires the &Qt; library, which is copyright Troll Tech AS. - -Documentation contributors: - - -Documentation written by &Steffen.Hansen; -stefh@dit.ou.dk - -Documentation extended by Gregor -Zumsteinzumstein@ssd.ethz.ch. Last update August 9, -1998 - -Documentation revised for &kde; 2 by &Neal.Crook; &Neal.Crook.mail;. Last update August 6, 2000 - -Documentation extended and revised for &kde; 2.2 by &Oswald.Buddenhagen; &Oswald.Buddenhagen.mail;. Last update August, -2001 - - - -Documentation copyright &Steffen.Hansen;, Gregor Zumstein, &Neal.Crook; -and &Oswald.Buddenhagen;. This document also includes large parts of the &xdm; -man page, which is © Keith Packard. - - - -&underFDL; -&underGPL; - - - - -Glossary - - -greeter -The greeter is the login dialog, &ie; the part of &tdm; -which the user sees. - - - - -entropy -The entropy of a system is the measure of its -unpredictability. This is used during the generation of random numbers. - - - - - - diff --git a/doc/kdm/kdmrc-ref.docbook b/doc/kdm/kdmrc-ref.docbook deleted file mode 100644 index f2cfd2f0e..000000000 --- a/doc/kdm/kdmrc-ref.docbook +++ /dev/null @@ -1,2316 +0,0 @@ - - - -The Files &tdm; Uses for Configuration - -This chapter documents the files that control &tdm;'s behavior. -Some of this can be also controlled from the &kcontrol; module, but -not all. - - -&tdmrc; - The &tdm; master configuration file - -The basic format of the file is INI-like. -Options are key/value pairs, placed in sections. -Everything in the file is case sensitive. -Syntactic errors and unrecognized key/section identifiers cause &tdm; to -issue non-fatal error messages. - -Lines beginning with # are comments; empty lines -are ignored as well. - -Sections are denoted by -[Name of Section]. - - -You can configure every X-display individually. -Every display has a display name, which consists of a host name -(which is empty for local displays specified in -or ), a colon, and a display number. -Additionally, a display belongs to a -display class (which can be ignored in most cases). - -Sections with display-specific settings have the formal syntax -[X- host [ : number [ _ class ] ] - sub-section ] - -All sections with the same sub-section -make up a section class. - -You can use the wildcard * (match any) for -host, number, -and class. You may omit trailing components; -they are assumed to be * then. The host part may be a -domain specification like .inf.tu-dresden.de -or the wildcard + (match non-empty). - -From which section a setting is actually taken is determined by -these rules: - - - -An exact match takes precedence over a partial match (for the -host part), which in turn takes precedence over a wildcard -(+ taking precendence over *). - - - -Precedence decreases from left to right for equally exact matches. - - - - - -Example: display name myhost.foo:0, class dpy - - - -[X-myhost.foo:0_dpy] precedes - - -[X-myhost.foo:0_*] (same as [X-myhost.foo:0]) precedes - - -[X-myhost.foo:*_dpy] precedes - - -[X-myhost.foo:*_*] (same as [X-myhost.foo]) precedes - - -[X-.foo:*_*] (same as [X-.foo]) precedes - - -[X-+:0_dpy] precedes - - -[X-*:0_dpy] precedes - - -[X-*:0_*] (same as [X-*:0]) precedes - - -[X-*:*_*] (same as [X-*]). - - -These sections do not match this display: -[X-hishost], [X-myhost.foo:0_dec], [X-*:1], [X-:*] - - - - - - - -Common sections are [X-*] (all displays), [X-:*] (all local displays) -and [X-:0] (the first local display). - -The format for all keys is - = value. -Keys are only valid in the section class they are defined for. -Some keys do not apply to particular displays, in which case they are ignored. - - -If a setting is not found in any matching section, the default -is used. - -Special characters need to be backslash-escaped (leading and trailing -spaces (\s), tab (\t), linefeed -(\n), carriage return (\r) and the -backslash itself (\\)). -In lists, fields are separated with commas without whitespace in between. - -Some command strings are subject to simplified sh-style word splitting: -single quotes (') and double quotes (") -have the usual meaning; the backslash quotes everything (not only special -characters). Note that the backslashes need to be doubled because of the -two levels of quoting. - -A pristine &tdmrc; is very thoroughly commented. -All comments will be lost if you change this file with the -kcontrol frontend. - - - -The [General] section of &tdmrc; - - -This section contains global options that do not fit into any specific section. - - - - - - - - -This option exists solely for the purpose of clean automatic upgrades. -Do not change it, you may interfere with future -upgrades and this could result in &tdm; failing to run. - - - - - - - - -List of displays (&X-Server;s) permanently managed by &tdm;. Displays with a -hostname are foreign displays which are expected to be already running, -the others are local displays for which &tdm; starts an own &X-Server;; -see . Each display may belong to a display class; -append it to the display name separated by an underscore. -See for the details. - -The default is :0. - - - - - - - -List of on-demand displays. See for syntax. - -Empty by default. - - - - - - - -List of Virtual Terminals to allocate to &X-Server;s. For negative numbers the -absolute value is used, and the VT will be allocated only -if the kernel says it is free. If &tdm; exhausts this list, it will allocate -free VTs greater than the absolute value of the last entry -in this list. -Currently Linux only. - -Empty by default. - - - - - - - -This option is for operating systems (OSs) with support -for virtual terminals (VTs), by both &tdm; and the -OSs itself. -Currently this applies only to Linux. - -When &tdm; switches to console mode, it starts monitoring all -TTY lines listed here (without the leading -/dev/). -If none of them is active for some time, &tdm; switches back to the X login. - -Empty by default. - - - - - - - -The filename specified will be created to contain an ASCII representation -of the process ID of the main &tdm; process; the PID will not be stored -if the filename is empty. - -Empty by default. - - - - - - - -This option controls whether &tdm; uses file locking to keep multiple -display managers from running onto each other. - -The default is true. - - - - - - - -This names a directory under which &tdm; stores &X-Server; authorization -files while initializing the session. &tdm; expects the system to clean up -this directory from stale files on reboot. - -The authorization file to be used for a particular display can be -specified with the option in [X-*-Core]. - -The default is /var/run/xauth. - - - - - - - -This boolean controls whether &tdm; automatically re-reads its -configuration files if it finds them to have changed. - -The default is true. - - - - - - - -Additional environment variables &tdm; should pass on to all programs it runs. -LD_LIBRARY_PATH and XCURSOR_THEME are good candidates; -otherwise, it should not be necessary very often. - -Empty by default. - - - - - - - -If the system has no native entropy source like /dev/urandom (see -) and no entropy daemon like EGD (see - and ) is running, -&tdm; will fall back to its own pseudo-random number generator -that will, among other things, successively checksum parts of this file -(which, obviously, should change frequently). - -This option does not exist on Linux and various BSDs. - -The default is /dev/mem. - - - - - - - -If the system has no native entropy source like /dev/urandom (see -), read random data from a Pseudo-Random -Number Generator Daemon, -like EGD (http://egd.sourceforge.net) via this UNIX domain socket. - -This option does not exist on Linux and various BSDs. - -Empty by default. - - - - - - - -Same as , only use a TCP socket on localhost. - - - - - - - - -The path to a character device which &tdm; should read random data from. -Empty means to use the system's preferred entropy device if there is one. - -This option does not exist on OpenBSD, as it uses the arc4_random -function instead. - -Empty by default. - - - - - - - -The directory in which the command FiFos should -be created; make it empty to disable them. - -The default is /var/run/xdmctl. - - - - - - - -The group to which the global command FiFo should belong; -can be either a name or a numerical ID. - - - - - - - - -The directory in which &tdm; should store persistent working data; such data -is, for example, the previous user that logged in on a particular display. - -The default is /var/lib/tdm. - - - - - - - -The directory in which &tdm; should store users' .dmrc files. This is only -needed if the home directories are not readable before actually logging in -(like with AFS). - -Empty by default. - - - - - - - - -The [Xdmcp] section of &tdmrc; - - -This section contains options that control &tdm;'s handling of -&XDMCP; requests. - - - - - - - - -Whether &tdm; should listen to incoming &XDMCP; requests. - -The default is true. - - - - - - - -This indicates the UDP port number which &tdm; uses to listen for incoming -&XDMCP; requests. Unless you need to debug the system, leave this with its -default value. - -The default is 177. - - - - - - - -XDM-AUTHENTICATION-1 style &XDMCP; authentication requires a private -key to be shared between &tdm; and the terminal. This option specifies -the file containing those values. Each entry in the file consists of a -display name and the shared key. - -Empty by default. - - - - - - - -To prevent unauthorized &XDMCP; service and to allow forwarding of &XDMCP; -IndirectQuery requests, this file contains a database of hostnames which -are either allowed direct access to this machine, or have a list of hosts -to which queries should be forwarded to. The format of this file is -described in . - -The default is ${kde_confdir}/tdm/Xaccess. - - - - - - - -Number of seconds to wait for the display to respond after the user has -selected a host from the chooser. If the display sends an &XDMCP; -IndirectQuery within this time, the request is forwarded to the chosen -host; otherwise, it is assumed to be from a new session and the chooser -is offered again. - -The default is 15. - - - - - - - -When computing the display name for &XDMCP; clients, the name resolver will -typically create a fully qualified host name for the terminal. As this is -sometimes confusing, &tdm; will remove the domain name portion of the host -name if it is the same as the domain name of the local host when this option -is enabled. - -The default is true. - - - - - - - -Use the numeric IP address of the incoming connection on multihomed hosts -instead of the host name. This is to avoid trying to connect on the wrong -interface which might be down at this time. - -The default is false. - - - - - - - -This specifies a program which is run (as -root) when an &XDMCP; -DirectQuery or BroadcastQuery is received and this host is configured -to offer &XDMCP; display management. The output of this program may be -displayed in a chooser window. If no program is specified, the string -Willing to manage is sent. - -Empty by default. - - - - - - - - -The [Shutdown] section of &tdmrc; - - -This section contains global options concerning system shutdown. - - - - - - - - -The command (subject to word splitting) to run to halt/poweroff the system. - -The default is something reasonable for the system on which &tdm; was built, like -/sbin/shutdown  now. - - - - - - - - -The command (subject to word splitting) to run to reboot the system. - -The default is something reasonable for the system &tdm; on which was built, like -/sbin/shutdown  now. - - - - - - - - -Whether it is allowed to shut down the system via the global command FiFo. - -The default is false. - - - - - - - -Whether it is allowed to abort active sessions when shutting down the -system via the global command FiFo. - -This will have no effect unless is enabled. - -The default is true. - - - - - - - -The boot manager &tdm; should use for offering boot options in the -shutdown dialog. - - - -None -no boot manager - - -Grub -Grub boot manager - - -Lilo -Lilo boot manager (Linux on i386 & x86-64 only) - - -The default is None. - - - - - - - - -The [X-*-Core] section class of &tdmrc; - - -This section class contains options concerning the configuration -of the &tdm; backend (core). - - - - - - - - -See . - -The default is 15. - - - - - - - -See . - -The default is 120. - - - - - - - -These options control the behavior of &tdm; when attempting to open a -connection to an &X-Server;. is the length -of the pause (in seconds) between successive attempts, - is the number of attempts to make and - is the amount of time to spend on a -connection attempt. After attempts have been -made, or if seconds elapse in any particular -connection attempt, the start attempt is considered failed. - -The default is 5. - - - - - - - -How many times &tdm; should attempt to start a foreign -display listed in before giving up -and disabling it. -Local displays are attempted only once, and &XDMCP; displays are retried -indefinitely by the client (unless the option -was given to the &X-Server;). - -The default is 4. - - - - - - - -How many times &tdm; should attempt to start up a local &X-Server;. -Starting up includes executing it and waiting for it to come up. - -The default is 1. - - - - - - - -How many seconds &tdm; should wait for a local &X-Server; to come up. - -The default is 15. - - - - - - - -The command line to start the &X-Server;, without display number and VT spec. -This string is subject to word splitting. - -The default is something reasonable for the system on which &tdm; was built, -like /usr/X11R6/bin/X. - - - - - - - - -Additional arguments for the &X-Server;s for local sessions. -This string is subject to word splitting. - -Empty by default. - - - - - - - -Additional arguments for the &X-Server;s for remote sessions. -This string is subject to word splitting. - -Empty by default. - - - - - - - -The VT the &X-Server; should run on. - should be used instead of this option. -Leave it zero to let &tdm; assign a VT automatically. -Set it to -1 to avoid assigning a VT -alltogether - this is required for setups with multiple physical consoles. -Currently Linux only. - - - - - - - - -This option is for OSs without support for -VTs, either by &tdm; or the OS itself. -Currently this applies to all OSs but Linux. - -When &tdm; switches to console mode, it starts monitoring this -TTY line (specified without the leading -/dev/) for activity. If the line is not used for some time, -&tdm; switches back to the X login. - -Empty by default. - - - - - - - -See . - -The default is 5. - - - - - - - -To discover when remote displays disappear, &tdm; -regularly pings them. - specifies the time (in minutes) between the -pings and specifies the maximum amount of -time (in minutes) to wait for the terminal to respond to the request. If -the terminal does not respond, the session is declared dead and terminated. - -If you frequently use X terminals which can become isolated from -the managing host, you may wish to increase the timeout. The only worry -is that sessions will continue to exist after the terminal has been -accidentally disabled. - -The default is 5. - - - - - - - -Whether &tdm; should restart the local &X-Server; after session exit instead -of resetting it. Use this if the &X-Server; leaks memory or crashes the system -on reset attempts. - -The default is false. - - - - - - - -The signal number to use to reset the local &X-Server;. - -The default is 1 (SIGHUP). - - - - - - - -The signal number to use to terminate the local &X-Server;. - -The default is 15 (SIGTERM). - - - - - - - -Controls whether &tdm; generates and uses authorization for -local &X-Server; connections. -For &XDMCP; displays the authorization requested by the display is used; -foreign non-&XDMCP; displays do not support authorization at all. - -The default is true. - - - - - - - -If is true, use the authorization mechanisms -listed herein. The MIT-MAGIC-COOKIE-1 authorization is always available; -XDM-AUTHORIZATION-1, SUN-DES-1 and MIT-KERBEROS-5 might be available as well, -depending on the build configuration. - -The default is DEF_AUTH_NAME. - - - - - - - -Some old &X-Server;s re-read the authorization file -at &X-Server; reset time, instead of when checking the initial connection. -As &tdm; generates the authorization information just before connecting to -the display, an old &X-Server; would not get up-to-date authorization -information. This option causes &tdm; to send SIGHUP to the &X-Server; -after setting up the file, causing an additional &X-Server; reset to occur, -during which time the new authorization information will be read. - -The default is false. - - - - - - - -This file is used to communicate the authorization data from &tdm; to -the &X-Server;, using the &X-Server; command line -option. It should be kept in a directory which is not world-writable -as it could easily be removed, disabling the authorization mechanism in -the &X-Server;. If not specified, a random name is generated from - and the name of the display. - -Empty by default. - - - - - - - -This option specifies the name of the file to be loaded by -xrdb as the resource database onto the root window -of screen 0 of the display. KDE programs generally do not use -X-resources, so this option is only needed if the -program needs some X-resources. - -Empty by default. - - - - - - - -The xrdb program to use to read the X-resources file -specified in . -The command is subject to word splitting. - -The default is ${x_bindir}/xrdb. - - - - - - - -This string is subject to word splitting. -It specifies a program which is run (as -root) before offering the -greeter window. This may be used to change the appearance of the screen -around the greeter window or to put up other windows (e.g., you may want -to run xconsole here). -The conventional name for a program used here is Xsetup. -See . - -Empty by default. - - - - - - - -This string is subject to word splitting. -It specifies a program which is run (as -root) after the user -authentication process succeeds. -The conventional name for a program used here is Xstartup. -See . - -Empty by default. - - - - - - - -This string is subject to word splitting. -It specifies a program which is run (as -root) after the session -terminates. -The conventional name for a program used here is Xreset. -See . - -Empty by default. - - - - - - - -This string is subject to word splitting. -It specifies the session program to be executed (as the user owning -the session). -The conventional name for a program used here is Xsession. -See . - -The default is ${x_bindir}/xterm -ls -T. - - - - - - - -If the program fails to execute, &tdm; will -fall back to this program. This program is executed with no arguments, -but executes using the same environment variables as the session would -have had (see ). - -The default is ${x_bindir}/xterm. - - - - - - - -The PATH environment variable for -non-root s. - -The default depends on the system &tdm; was built on. - - - - - - - - -The PATH environment variable for all programs but -non-root -s. Note that it is good practice not to include -. (the current directory) into this entry. - -The default depends on the system &tdm; was built on. - - - - - - - - -The SHELL environment variable for all programs but the -. - -The default is /bin/sh. - - - - - - - -When &tdm; is unable to write to the usual user authorization file -($HOME/.Xauthority), it creates a unique file name in this -directory and points the environment variable XAUTHORITY -at the created file. - -The default is /tmp. - - - - - - - -If enabled, &tdm; will automatically restart a session after an &X-Server; -crash (or if it is killed by Alt-Ctrl-BackSpace). Note that enabling this -feature opens a security hole: a secured display lock can be circumvented -(unless &kde;'s built-in screen locker is used). - -The default is false. - - - - - - - -If disabled, do not allow root -(and any other user with UID = 0) to log in directly. - -The default is true. - - - - - - - -If disabled, only users that have passwords assigned can log in. - -The default is true. - - - - - - - -Who is allowed to shut down the system. This applies both to the -greeter and to the command FiFo. - - - -None -no Shutdown... menu entry is shown at all - - -Root -the root password must be entered to shut down - - -All -everybody can shut down the machine - - -The default is All. - - - - - - - -Who is allowed to abort active sessions when shutting down. - - - -None -no forced shutdown is allowed at all - - -Root -the root password must be entered to shut down forcibly - - -All -everybody can shut down the machine forcibly - - -The default is All. - - - - - - - -The default choice for the shutdown condition/timing. - - - -Schedule -shut down after all active sessions exit (possibly at once) - - -TryNow -shut down, if no active sessions are open; otherwise, do nothing - - -ForceNow -shut down unconditionally - - -The default is Schedule. - - - - - - - -How to offer shutdown scheduling options: - - - -Never -not at all - - -Optional -as a button in the simple shutdown dialogs - - -Always -instead of the simple shutdown dialogs - - -The default is Never. - - - - - - - -Enable password-less logins on this display. Use with extreme care! - -The default is false. - - - - - - - -The users that do not need to provide a password to log in. -Items which are prefixed with @ represent all users in the -user group named by that item. -* means all users but -root -(and any other user with UID = 0). -Never list root. - -Empty by default. - - - - - - - -Enable automatic login. Use with extreme care! - -The default is false. - - - - - - - -If true, auto-login after logout. If false, auto-login is performed only -when a display session starts up. - -The default is false. - - - - - - - -The delay in seconds before automatic login kicks in. This is also known as -Timed Login. - - - - - - - - -The user to log in automatically. Never specify root! - -Empty by default. - - - - - - - -The password for the user to log in automatically. This is not required -unless the user is logged into a NIS or Kerberos domain. If you use this -option, you should chmod  tdmrc for obvious reasons. - -Empty by default. - - - - - - - -Immediately lock the automatically started session. This works only with -KDE sessions. - -The default is false. - - - - - - - -A list of directories containing session type definitions. - -The default is ${kde_datadir}/tdm/sessions. - - - - - - - -The file (relative to the user's home directory) to redirect the session -output to. One occurrence of %s in this string will be -substituted with the display name. Use %% to obtain a -literal %. - -The default is .xsession-errors. - - - - - - - -Specify whether &tdm;'s built-in utmp/wtmp/lastlog registration should -be used. If it is not, the tool sessreg should be used -in the and scripts, or, -alternatively, the pam_lastlog module should be used on -PAM-enabled systems. - -The default is true. - - - - - - - - -The [X-*-Greeter] section class of &tdmrc; - - -This section class contains options concerning the configuration -of the &tdm; frontend (greeter). - - - - - - - - -Specify the widget style for the greeter. Empty means to use the -built-in default which currently is Plastik. - -Empty by default. - - - - - - - -Specify the widget color scheme for the greeter. Empty means to use -the built-in default which currently is yellowish grey with some light -blue and yellow elements. - -Empty by default. - - - - - - - -What should be shown in the greeter righthand of the input lines (if - is disabled) or above them (if - is enabled): - - - -None -nothing - - -Logo -the image specified by - - -Clock -a neat analog clock - - -The default is Clock. - - - - - - - -The image to show in the greeter if is -Logo. - -Empty by default. - - - - - - - -The relative coordinates (percentages of the screen size; X,Y) at which -the center of the greeter is put. &tdm; aligns the greeter to the edges -of the screen it would cross otherwise. - -The default is 50,50. - - - - - - - -The screen the greeter should be displayed on in multi-headed and Xinerama -setups. The numbering starts with 0. For Xinerama, it corresponds to the -listing order in the active ServerLayout section of XF86Config; -1 means -to use the upper-left screen, -2 means to use the upper-right screen. - - - - - - - - -The headline in the greeter. An empty greeting means none at all. - -The following character pairs are replaced by their value: - - -%d -name of the current display - - -%h -local host name, possibly with the - domain name - - -%n -local node name, most probably the host name without the - domain name - - -%s -operating system - - -%r -operating system version - - -%m -machine (hardware) type - - -%% -a single % - - - -The default is Welcome to %s at %n. - - - - - - - -Whether the fonts used in the greeter should be antialiased. - -The default is false. - - - - - - - -The font for the greeter headline. - -The default is Serif,20,bold. - - - - - - - -The normal font used in the greeter. - -The default is Sans Serif,10. - - - - - - - -The font used for the Login Failed message. - -The default is Sans Serif,10,bold. - - - - - - - -What to do with the Num Lock modifier for the time the greeter is running: - - - -Off -turn off - - -On -turn on - - -Keep -do not change the state - - -The default is Keep. - - - - - - - -Language and locale to use in the greeter, encoded like $LC_LANG. - -The default is en_US. - - - - - - - -Enable autocompletion in the username line edit. - -The default is false. - - - - - - - -Show a user list with unix login names, real names, and images in the greeter. - -The default is true. - - - - - - - -This option controls which users will be shown in the user view -() and/or offered for autocompletion -(). -If it is Selected, contains -the final list of users. -If it is NotHidden, the initial user list contains all users -found on the system. Users contained in are -removed from the list, just like all users with a UID greater than specified -in and users with a non-zero UID less than -specified in . -Items in and -which are prefixed with @ represent all users in the -user group named by that item. -Finally, the user list will be sorted alphabetically, if - is enabled. - -The default is NotHidden. - - - - - - - -See . - -Empty by default. - - - - - - - -See . - -Empty by default. - - - - - - - -See . - - - - - - - - -See . - -The default is 65535. - - - - - - - -See . - -The default is true. - - - - - - - -If is enabled, this specifies where &tdm; gets the -images from: - - - -AdminOnly -from <>/$USER.face[.icon] - - -PreferAdmin -prefer <>, fallback on $HOME - - -PreferUser -... and the other way round - - -UserOnly -from the user's $HOME/.face[.icon] - - - - -The images can be in any format Qt recognizes, but the filename -must match &tdm;'s expectations: .face.icon should be a -48x48 icon, while .face should be a 300x300 image. -Currently the big image is used only as a fallback and is scaled down, -but in the future it might be displayed full-size in the logo area or a -tooltip. - -The default is AdminOnly. - - - - - - - -See . - -The default is ${kde_datadir}/tdm/faces. - - - - - - - -Specify, if/which user should be preselected for log in: - - - -None -do not preselect any user - - -Previous -the user which successfully logged in last time - - -Default -the user specified in the option - - - - -If is enabled and a user was preselected, -the cursor is placed in the password input field automatically. - -Enabling user preselection can be considered a security hole, -as it presents a valid login name to a potential attacker, so he -only needs to guess the password. On the other hand, -one could set to a fake login name. - - -The default is None. - - - - - - - -See . - -Empty by default. - - - - - - - -See . - -The default is false. - - - - - - - -The password input fields cloak the typed in text. Specify, how to do it: - - - -OneStar -* is shown for every typed -character - - -ThreeStars -*** is shown for every typed -character - - -NoEcho -nothing is shown at all, the cursor does not move - - -The default is OneStar. - - - - - - - -If enabled, &tdm; will automatically start the krootimage -program to set up the background; otherwise, the -program is responsible for the background. - -The default is true. - - - - - - - -The configuration file to be used by krootimage. -It contains a section named [Desktop0] like -kdesktoprc does. Its options are not described -herein; guess their meanings or use the control center. - -The default is ${kde_confdir}/tdm/backgroundrc. - - - - - - - -To improve security, the greeter grabs the &X-Server; and then the keyboard -when it starts up. This option specifies if the &X-Server; grab should be held -for the duration of the name/password reading. When disabled, the &X-Server; -is ungrabbed after the keyboard grab succeeds; otherwise, the &X-Server; is -grabbed until just before the session begins. - -Enabling this option disables and -. - - -The default is false. - - - - - - - -This option specifies the maximum time &tdm; will wait for the grabs to -succeed. A grab may fail if some other X-client has the &X-Server; or the -keyboard grabbed, or possibly if the network latencies are very high. You -should be cautious when raising the timeout, as a user can be spoofed by -a look-alike window on the display. If a grab fails, &tdm; kills and -restarts the &X-Server; (if possible) and the session. - -The default is 3. - - - - - - - -Warn, if a display has no X-authorization. This will be the case if - - - the authorization file for a local &X-Server; could not be created, - - - a remote display from &XDMCP; did not request any authorization or - - - the display is a foreign display specified in - . - - - -The default is true. - - - - - - - -Specify whether the greeter of local displays should start up in host chooser -(remote) or login (local) mode and whether it is allowed to switch to the -other mode. - - - -LocalOnly -only local login possible - - -DefaultLocal -start up in local mode, but allow switching to remote mode - - -DefaultRemote -... and the other way round - - -RemoteOnly -only choice of remote host possible - - -The default is LocalOnly. - - - - - - - -A list of hosts to be automatically added to the remote login menu. -The special name * means broadcast. -Has no effect if is LocalOnly. - -The default is *. - - - - - - - -Use this number as a random seed when forging saved session types, etc. of -unknown users. This is used to avoid telling an attacker about existing users -by reverse conclusion. This value should be random but constant across the -login domain. - - - - - - - - -Enable &tdm;'s built-in xconsole. -Note that this can be enabled for only one display at a time. -This option is available only if &tdm; was configured -with . - -The default is false. - - - - - - - -The data source for &tdm;'s built-in xconsole. -If empty, a console log redirection is requested from -/dev/console. -Has no effect if is disabled. - -Empty by default. - - - - - - - -Specify conversation plugins for the login dialog; the first in the list -is selected initially. -Each plugin can be specified as a base name (which expands to -$kde_modulesdir/kgreet_base) -or as a full pathname. - -Conversation plugins are modules for the greeter which obtain authentication -data from the user. Currently only the classic plugin is -shipped with &kde;; it presents the well-known username and password form. - -The default is classic. - - - - - - - -Same as , but for the shutdown dialog. - -The default is classic. - - - - - - - -A list of options of the form -Key=Value. -The conversation plugins can query these settings; it is up to them what -possible keys are. - -Empty by default. - - - - - - - -Show the Console Login action in the greeter (if / -is configured). - -The default is true. - - - - - - - -Show the Restart X Server/Close Connection action in the greeter. - -The default is true. - - - - - - - -A program to run while the greeter is visible. It is supposed to preload -as much as possible of the session that is going to be started (most -probably). - -Empty by default. - - - - - - - -Whether the greeter should be themed. - -The default is false. - - - - - - - -The theme to use for the greeter. Can point to either a directory or an XML -file. - -Empty by default. - - - - - - - - - - - -Specifying permanent &X-Server;s - -Each entry in the list indicates a -display which should constantly be -managed and which is not using &XDMCP;. This method is typically used only for -local &X-Server;s that are started by &tdm;, but &tdm; can manage externally -started (foreign) &X-Server;s as well, may they run on the -local machine or rather remotely. - -The formal syntax of a specification is - -display name [_display class] - -for all &X-Server;s. Foreign displays differ in having -a host name in the display name, may it be localhost. - -The display name must be something that can -be passed in the option to an X program. This string -is used to generate the display-specific section names, so be careful to match -the names. -The display name of &XDMCP; displays is derived from the display's address by -reverse host name resolution. For configuration purposes, the -localhost prefix from locally running &XDMCP; displays is -not stripped to make them distinguishable from local -&X-Server;s started by &tdm;. - -The display class portion is also used in the -display-specific sections. This is useful if you have a large collection of -similar displays (such as a corral of X terminals) and would like to set -options for groups of them. -When using &XDMCP;, the display is required to specify the display class, -so the manual for your particular X terminal should document the display -class string for your device. If it does not, you can run &tdm; in debug -mode and grep the log for class. - -The displays specified in will not be -started when &tdm; starts up, but when it is explicitly requested via -the command socket (or FiFo). -If reserve displays are specified, the &kde; menu will have a -Start New Session item near the bottom; use that to -activate a reserve display with a new login session. The monitor will switch -to the new display, and you will have a minute to login. If there are no more -reserve displays available, the menu item will be disabled. - -When &tdm; starts a session, it sets up authorization data for the -&X-Server;. For local servers, &tdm; passes - filename -on the &X-Server;'s command line to point it at its authorization data. -For &XDMCP; displays, &tdm; passes the authorization data to the &X-Server; -via the Accept &XDMCP; message. - - - - -&XDMCP; access control - -The file specified by the option provides -information which &tdm; uses to control access from displays requesting service -via &XDMCP;. -The file contains four types of entries: entries which control the response -to Direct and Broadcast queries, entries which -control the response to Indirect queries, macro definitions for -Indirect entries, and entries which control on which network -interfaces &tdm; listens for &XDMCP; queries. -Blank lines are ignored, # is treated as a comment -delimiter causing the rest of that line to be ignored, and \ -causes an immediately following newline to be ignored, allowing indirect host -lists to span multiple lines. - - -The format of the Direct entries is simple, either a -host name or a pattern, which is compared against the host name of the display -device. -Patterns are distinguished from host names by the inclusion of one or more -meta characters; * matches any sequence of 0 or more -characters, and ? matches any single character. -If the entry is a host name, all comparisons are done using network addresses, -so any name which converts to the correct network address may be used. Note -that only the first network address returned for a host name is used. -For patterns, only canonical host names are used in the comparison, so ensure -that you do not attempt to match aliases. -Host names from &XDMCP; queries always contain the local domain name -even if the reverse lookup returns a short name, so you can use -patterns for the local domain. -Preceding the entry with a ! character causes hosts which -match that entry to be excluded. -To only respond to Direct queries for a host or pattern, -it can be followed by the optional NOBROADCAST keyword. -This can be used to prevent a &tdm; server from appearing on menus based on -Broadcast queries. - -An Indirect entry also contains a host name or pattern, -but follows it with a list of host names or macros to which the queries -should be forwarded. Indirect entries can be excluding as well, -in which case a (valid) dummy host name must be supplied to make the entry -distinguishable from a Direct entry. -If compiled with IPv6 support, multicast address groups may also be included -in the list of addresses the queries are forwarded to. - -If the indirect host list contains the keyword CHOOSER, -Indirect queries are not forwarded, but instead a host chooser -dialog is displayed by &tdm;. The chooser will send a Direct -query to each of the remaining host names in the list and offer a menu of -all the hosts that respond. The host list may contain the keyword -BROADCAST, to make the chooser send a -Broadcast query as well; note that on some operating systems, -UDP packets cannot be broadcast, so this feature will not work. - - -When checking access for a particular display host, each entry is scanned -in turn and the first matching entry determines the response. -Direct and Broadcast entries are ignored when -scanning for an Indirect entry and vice-versa. - -A macro definition contains a macro name and a list of host names and -other macros that the macro expands to. To distinguish macros from hostnames, -macro names start with a % character. - -The last entry type is the LISTEN directive. -The formal syntax is - - LISTEN [interface [multicast list]] - -If one or more LISTEN lines are specified, &tdm; listens -for &XDMCP; requests only on the specified interfaces. -interface may be a hostname or IP address -representing a network interface on this machine, or the wildcard -* to represent all available network interfaces. -If multicast group addresses are listed on a LISTEN line, -&tdm; joins the multicast groups on the given interface. For IPv6 multicasts, -the IANA has assigned ff0X:0:0:0:0:0:0:12b as the -permanently assigned range of multicast addresses for &XDMCP;. The -X in the prefix may be replaced by any valid scope -identifier, such as 1 for Node-Local, 2 for Link-Local, 5 for Site-Local, and -so on (see IETF RFC 2373 or its replacement for further details and scope -definitions). &tdm; defaults to listening on the Link-Local scope address -ff02:0:0:0:0:0:0:12b to most closely match the IPv4 subnet broadcast behavior. -If no LISTEN lines are given, &tdm; listens on all -interfaces and joins the default &XDMCP; IPv6 multicast group (when -compiled with IPv6 support). -To disable listening for &XDMCP; requests altogether, a -LISTEN line with no addresses may be specified, but using -the [Xdmcp] option is preferred. - - - - - -Supplementary programs - - -The following programs are run by &tdm; at various stages of a session. -They typically are shell scripts. - - - -The Setup, Startup and Reset programs are run as -root, so they should be careful -about security. -Their first argument is auto if the session results -from an automatic login; otherwise, no arguments are passed to them. - - - -Setup program - - -The Xsetup program is run after the &X-Server; is -started or reset, but before the greeter is offered. -This is the place to change the root background (if - is disabled) or bring up other windows that -should appear on the screen along with the greeter. - - - -In addition to any specified by , -the following environment variables are passed: - - - DISPLAY - the associated display name - - - PATH - the value of - - - SHELL - the value of - - - XAUTHORITY - may be set to an authority file - - - DM_CONTROL - the value of - - - - Note that since &tdm; grabs the keyboard, any other windows will not be -able to receive keyboard input. They will be able to interact with the mouse, -however; beware of potential security holes here. If -is set, Xsetup will not be able to connect to the display -at all. Resources for this program can be put into the file named by -. - - - - - -Startup program - -The Xstartup program is run as -root when the user logs in. -This is the place to put commands which add entries to -utmp (the sessreg program -may be useful here), mount users' home directories from file servers, -or abort the session if some requirements are not met (but note that on -modern systems, many of these tasks are already taken care of by -PAM modules). - -In addition to any specified by , -the following environment variables are passed: - - - DISPLAY - the associated display name - - - HOME - the initial working directory of the user - - - LOGNAME - the username - - - USER - the username - - - PATH - the value of - - - SHELL - the value of - - - XAUTHORITY - may be set to an authority file - - - DM_CONTROL - the value of - - - -&tdm; waits until this program exits before starting the user session. -If the exit value of this program is non-zero, &tdm; discontinues the session -and starts another authentication cycle. - - - - -Session program - -The Xsession program is the command which is run -as the user's session. It is run with the permissions of the authorized user. -One of the keywords failsafe, default -or custom, or a string to eval by a -Bourne-compatible shell is passed as the first argument. - -In addition to any specified by , -the following environment variables are passed: - - - DISPLAY - the associated display name - - - HOME - the initial working directory of the user - - - LOGNAME - the username - - - USER - the username - - - PATH - the value of - (or for - root user sessions) - - - - SHELL - the user's default shell - - - XAUTHORITY - may be set to a non-standard authority file - - - KRBTKFILE - may be set to a Kerberos4 credentials cache name - - - - KRB5CCNAME - may be set to a Kerberos5 credentials cache name - - - - DM_CONTROL - the value of - - - XDM_MANAGED - will contain a comma-separated list of parameters the - session might find interesting, like the location of the command - FiFo and its capabilities, and which conversation - plugin was used for the login - - - - DESKTOP_SESSION - the name of the session the user has chosen to run - - - - - - - -Reset program - -Symmetrical with Xstartup, the -Xreset program is run after the user session has -terminated. Run as root, it should -contain commands that undo the effects of commands in -Xstartup, removing entries from utmp -or unmounting directories from file servers. - -The environment variables that were passed to -Xstartup are also passed to Xreset. - - - - - - - diff --git a/doc/tdm/CMakeLists.txt b/doc/tdm/CMakeLists.txt new file mode 100644 index 000000000..9a29fa8f8 --- /dev/null +++ b/doc/tdm/CMakeLists.txt @@ -0,0 +1,12 @@ +################################################# +# +# (C) 2010-2011 Serghei Amelian +# serghei (DOT) amelian (AT) gmail.com +# +# Improvements and feedback are welcome +# +# This file is released under GPL >= 2 +# +################################################# + +tde_create_handbook( DESTINATION tdm ) diff --git a/doc/tdm/Makefile.am b/doc/tdm/Makefile.am new file mode 100644 index 000000000..3db537e3f --- /dev/null +++ b/doc/tdm/Makefile.am @@ -0,0 +1,6 @@ +conf_def = $(top_srcdir)/tdm/config.def +ref: $(conf_def) $(top_srcdir)/tdm/confproc.pl + $(PERL) -w $(top_srcdir)/tdm/confproc.pl --doc $(conf_def) tdmrc-ref.docbook + +KDE_LANG = en +KDE_DOCS = AUTO diff --git a/doc/tdm/index.docbook b/doc/tdm/index.docbook new file mode 100644 index 000000000..dde535328 --- /dev/null +++ b/doc/tdm/index.docbook @@ -0,0 +1,1472 @@ + + + + tdmrc"> + ksmserver"> + kdesktop"> + XDMCP"> + xdm"> + + + +]> + + + +The &tdm; Handbook + + + +&Oswald.Buddenhagen; &Oswald.Buddenhagen.mail; + + + + + + + +2000 +&Neal.Crook; + + + +2002 +&Oswald.Buddenhagen; + + + +2003 +&Lauri.Watts; + + +2003-03-01 +0.05.02 + + +This document describes &tdm; the &kde; Display Manager. &tdm; +is also known as the Login Manager. + + + +KDE +tdm +xdm +display manager +login manager + + + + + +Introduction + +&tdm; provides a graphical interface that allows you to log in to a +system. It prompts for login (username) and password, authenticates the user +and starts a session. &tdm; is superior to &xdm;, the X +Display Manager, in a number of ways. + + + + + + + +Quick Start Guide + +This is a quick start guide for users who fit the following +pattern: + + + +X is configured and works with the command +startx from the commandline. + + +Each user will generally only use a single window manager or +desktop environment, and does not change this choice very +often, or is comfortable editing a single text file in order to change +their choice. + + + +This scenario will be sufficient for many environments where a single +user or several users normally boot the computer and log into their +preferred environment. + + +Setting up a Default Session + +Create or open the file ~/.xinitrc +If you already have a working ~/.xinitrc, go to +the next step + + +If one does not already exist, add a line to the +~/.xinitrc to start your preferred window manager +or desktop environment. +For &kde; you should enter: +starttde +For other window managers or desktop environments, you should +look in their documentation for the correct command. + +Make a link as follows: +ln ~/.xinitrc ~/.xsession + + + +At this point, typing startx +on the commandline should start X, with a &kde; session. The next task is +to try &tdm;. + +As root, type +tdm at the prompt. + +You should see a login window, which is described more fully in . + +Typing your normal username and password in the fields provided, and +leaving selected as the session type should now +open a &kde; session for your user. + +If you have other users to configure, you should repeat the procedure +above for each of them. + + +This is a quick guide to getting up and running only. You probably +will want to customize &tdm; further, for example, to hide the names of the +system accounts, to allow further sessions, and much more. Please read +through the rest of this manual to find out how to do these things. + + + + + +The Login Window + + The user interface to &tdm; consists of two dialog boxes. The main +dialog box has these controls: + + + +A Username: field for you to enter your +username. + + + +A Password: field for you to enter your +password. + + + +(Optionally) a graphical image of each user (for example, a digitized +photograph). Clicking on an image is equivalent to typing the associated +username into the Username: field. (This feature is an +imitation of the login box on &IRIX;). + + + +A Menu drop down box that allows &tdm; to be used +to start sessions with various different window managers or desktop +environments installed on the system. + + + +(Optionally) a region to the right of the +Username:, Password: and +Session Type: fields which can be used to display +either a static image or an analog clock. + + + +A Login button that validates the +username/password combination and attempts to start a session of the +selected type. + + + +A Clear button that clears the text from +the Login and Pass +fields. + + + +A Menu button that opens an action menu +with the following items: + + + +(On local displays) A Restart X Server item +that terminates the currently running &X-Server;, starts a new one and +displays the login dialog again. You can use this if the display content +seems to be broken somehow. + + + +(On remote displays) A Close Connection +item that closes the connection to the &XDMCP; server you are currently +connected to. If you got to this server through a host chooser, this will +bring you back to the chooser, otherwise it will only reset the &X-Server; +and bring up the login dialog again. + + + +(Optionally on local displays) A Console +Mode item that terminates the currently running &X-Server; and +leaves you alone with a console login. &tdm; will resume the graphical login +if nobody is logged in at the console for some time. + + + + + +(Optionally) A Shutdown button that displays +the Shutdown dialog box. + + + +The Shutdown dialog box presents a set of +radio buttons that allow one of these options to be selected: + + + +Shutdown + +Shut the system down in a controlled manner, ready for +power-down. + + + +Restart + +Shut the system down and reboot. For systems that use +Lilo, an optional drop down box allows you to +select a particular operating-system kernel to be used for the +reboot. + + + +Restart X Server + +Stop and then restart the X-server. Typically, you might need to use +this option if you have changed your X11 configuration in some way. + + + +Console Mode + +Stop the &X-Server; and return the system to console mode. This is +achieved by bringing the system down to runlevel 3. Typically, the system +manager might need to use this option before upgrading or re-configuring X11 +software. + + + + +Pressing the OK button initiates the selected +action; pressing the Cancel button returns to the +main &tdm; dialog box. + + + + + +Configuring &tdm; + +This chapter assumes that &tdm; is already up and running on your +system, and that you simply want to change its behavior in some way. + +When &tdm; starts up, it reads its configuration from the folder +$TDEDIR/share/config/tdm/ (this may +be /etc/trinity/tdm/ or something else +on your system). + +The main configuration file is &tdmrc;; all other files are +referenced from there and could be stored under any name anywhere on +the system - but usually that would not make much sense for obvious +reasons (one particular exception is referencing configuration files +of an already installed &xdm; - however when a new &tdm; is installed, +it will import settings from those files if it finds an already installed +&xdm;). + +Since &tdm; must run before any user is logged in, it is not +associated with any particular user. Therefore, it is not possible to have +user-specific configuration files; all users share the common &tdmrc;. It +follows from this that the configuration of &tdm; can only be altered by +those users that have write access to +$TDEDIR/share/config/tdm/tdmrc (normally +restricted to system administrators logged in as root). + +You can view the &tdmrc; file currently in use on your system, and you +can configure &tdm; by editing this file. Alternatively, you can use the +graphical configuration tool provided by the &kcontrolcenter; (under +System AdministrationLogin +Manager), which is described in the &kcontrolcenter; help files. + + +The remainder of this chapter describes configuration of &tdm; +via the &kcontrolcenter; module, and the next +chapter describes the options available in &tdmrc; itself. If +you only need to configure for local users, the &kcontrolcenter; module +should be sufficient for your needs. If you need to configure remote +logins, or have multiple &tdm; sessions running, you will need to read +on. + + + + +&Thomas.Tanghus; &Thomas.Tanghus.mail; +&Steffen.Hansen; &Steffen.Hansen.mail; +&Mike.McBride; &Mike.McBride.mail; + + + +The Login Manager &kcontrolcenter; Module + +Using this module, you can configure the &kde; graphical login +manager, &tdm;. You can change how the login screen looks, who has +access using the login manager and who can shutdown the +computer. + +All settings will be written to the configuration file +&tdmrc;, which in its original state has many comments to help you +configure &tdm;. Using this &kcontrolcenter; module will strip these +comments from the file. All available options in &tdmrc; are covered +in . + +The options listed in this chapter are cross referenced with +their equivalents in &tdmrc;. All options available in the &kcontrol; +module are also available directly in &tdmrc; but the reverse is not +true. + +In order to organize all of these options, this module is +divided into several sections: Appearance, +Font, Background, +Shutdown, +Users and +Convenience. + +You can switch between the sections using the tabs at the top of +the window. + +If you are not currently logged in as a superuser, you +will need to click the Administrator Mode... +Button. You will then be asked for a superuser password. Entering a +correct password will allow you to modify the settings of this +module. + + +Appearance + +From this page you can change the visual appearance of &tdm;, +&kde;'s graphical login manager. + +The Greeting: is the title of the login + screen. Setting this is especially useful if you have many servers users + may log in to. You may use various placeholders, which are described + along with the corresponding key + + in &tdmrc;. + + +You can then choose to show either the current system time, a logo or +nothing special in the login box. Make your choice in the radio buttons +labeled Logo area:. This corresponds to in &tdmrc; + +If you chose Show logo you can now choose a +logo: + + + +Drop an image file on the image button. + + +Click on the image button and select a new image from the image chooser +dialog. + + + +If you do not specify a logo the default +$TDEDIR/share/apps/tdm/pics/kdelogo.xpm +will be displayed. + +Normally the login box is centered on the screen. Use the +Position: options if you want it to appear +elsewhere on the screen. You can specify the relative position +(percentage of the screen size) for the center of the login window, +relative to the top left of the display, in the fields labeled +X: and Y: respectively. +These correspond to the key + +in &tdmrc;. + +While &kde;'s style depends on the settings of the user logged +in, the style used by &tdm; can be configured using the GUI +Style: and Color Scheme: options. +These correspond to the keys and in +&tdmrc; respectively. + +Below that, you have a drop down box to choose the language for +your login box, corresponding to setting in +&tdmrc;. + + + + +Font + +From this section of the module you can change the fonts used in the +login window. Only fonts available to all users are available here, not +fonts you have installed on a per user basis. + +You can select three different font styles from the drop down box +(General:, Failures:, +Greeting:). When you click on the +Choose... button a dialog appears from which you can +select the new characteristics for the font style. + + + +The General: font is used in all other places in the +login window. + + +The Failures: font is used when a login +fails. + + +The Greeting: font is the font used for the title +(Greeting String). + + + +You can also check the box labeled Use anti-aliasing for +fonts if you want smoothed fonts in the login dialog. + + + + +Background + +Here you can change the desktop background which will be displayed +before a user logs in. You can have a single color or an image as a +background. If you have an image as the background and select center, the +selected background color will be used around the image if it is not +large enough to cover the entire desktop. + +The background colors and effects are controlled by the options on +the tab labeled Background and you select a +background image and its placement from the options on the tab labeled +Wallpaper. + +To change the default background color(s) simply click either of +the color buttons and select a new color. + +The drop down box above the color buttons provides you with several +different blend effects. Choose one from the list, and it will be +previewed on the small monitor at the top of the window. Your choices +are: + + + +Flat +By choosing this mode, you select one color (using the color +button labeled Color 1), and the entire background is +covered with this one color. + + +Pattern +By choosing this mode, you select two colors (using both color +buttons). You then select a pattern by clicking +Setup. This opens a new dialog window, which gives you +the opportunity to select a pattern. Simply click once on the pattern of your +choice, then click on OK, and &kde; will render the pattern +you selected using the two colors you selected. For more on patterns, see the +section Background: Adding, Removing and Modifying +Patterns. + + +Background Program +By selecting this option, you can have &kde; use an external +program to determine the background. This can be any program of your choosing. +For more information on this option, see the section entitled Background: Using an external program. + + +Horizontal Gradient +By choosing this mode, you select two colors (using both color +buttons). &kde; will then start with the color selected by Color +1 on the left edge of the screen, and slowly transform into the +color selected by Color 2 by the time it gets to the +right edge of the screen. + + +Vertical Gradient +By choosing this mode, you select two colors (using both color +buttons). &kde; will then start with the color selected by Color +1 on the top edge of the screen, and slowly transform into the color +selected by Color 2 as it moves to the bottom of the +screen. + + +Pyramid Gradient +By choosing this mode, you select two colors (using both color +buttons). &kde; will then start with the color selected by Color +1 in each corner of the screen, and slowly transform into the color +selected by Color 2 as it moves to the center of the +screen. + + +Pipecross Gradient +By choosing this mode, you select two colors (using both color +buttons). &kde; will then start with the color selected by Color +1 in each corner of the screen, and slowly transform into the color +selected by Color 2 as it moves to the center of the +screen. The shape of this gradient is different then the pyramid +gradient. + + +Elliptic Gradient +By choosing this mode, you select two colors (using both color +buttons). &kde; will then start with the color selected by Color +2 in the center of the screen, and slowly transform into the color +selected by Color 1 as it moves to the edges, in an +elliptical pattern. + + + +The setup button is only needed for if you select Background +program or Patterns. In these instances, +another window will appear to configure the specifics. +Wallpaper +To select a new background image first, click on the +Wallpapers tab, then you can either select an image from the drop down list labeled Wallpaper or select +Browse... and select an image file from a file +selector. + +The image can be displayed in six different ways: + + +No wallpaper +No image is displayed. Just the background colors. + + +Centered +The image will be centered on the screen. The background colors +will be present anywhere the image does not cover. + + +Tiled +The image will be duplicated until it fills the entire +desktop. The first image will be placed in the upper left corner of the screen, +and duplicated downward and to the right. + + +Center Tiled +The image will be duplicated until it fills the entire +desktop. The first image will be placed in the center of the screen, and +duplicated upward, downward to the right, and to the left. + + +Centered Maxpect +The image will be placed in the center of the screen. It will +be scaled to fit the desktop, but it will not change the aspect ratio of the +original image. This will provide you with an image that is not distorted. + + + +Scaled +The image will be scaled to fit the desktop. It will be +stretched to fit all four corners. + + + + + + +<guilabel>Shutdown</guilabel> + +Allow Shutdown +Use this drop down box to choose who is allowed to shut down: + + +Nobody: No one can shutdown the computer using +&tdm;. You must be logged in, and execute a command. + + +Everybody: Everyone can shutdown the computer using +&tdm;. + +Only Root: &tdm; requires that the +root password be entered before shutting down the +computer. + + +You can independently configure who is allowed to issue a +shutdown command for the Local: and +Remote: users. + +Commands Use these text fields to +define the exact shutdown command. The +Halt: command defaults to +/sbin/halt. The Restart: command +defaults to +/sbin/reboot. + +When Show boot options is enabled, &tdm; +will on reboot offer you options for the lilo boot manager. For this +feature to work, you will need to supply the correct paths to your +lilo command and to lilo's map file. Note that this +option is not available on all operating systems. + + + + +Users + +From here you can change the way users are represented in the +login window. + +You may disable the user list in &tdm; entirely in the +Show Users section. You can choose from: + + + +Show List + +Only show users you have specifically enabled in the list +alongside +If you do not check this box, no list will be shown. This is the most secure setting, since an +attacker would then have to guess a valid login name as well as a +password. It's also the preferred option if you have more than a +handful of users to list, or the list itself would become +unwieldy. + + + +Inverse selection + +Allows you to intead select a list of users that should +not be shown, and all other users will be +listed. + + + + +Independently of the users you specify by name, you can use the +System UIDs to specify a range of valid +UIDs that are shown in the list. By default user +id's under 1000, which are often system or daemon users, and user id's +over 65000, are not shown. + +You can also enable the Sort users +checkbox, to have the user list sorted alphabetically. If this is +disabled, users will appear in the order they are listed in the +password file. &tdm; will also autocomplete user names if you enable the +Autocompletion option. + +If you choose to show users, then the login window will show +images (which you select), of a list of users. When someone is ready +to login, they may select their user name/image, enter their password, +and they are granted access. + +If you permit a user image, then you can configure the source +for those images. + +You can configure the admin picture here, for each user on the +system. Depending on the order selected above, users may be able to +override your selection. + +If you choose not to show users, then the login window will be +more traditional. Users will need to type their username and password +to gain entrance. This is the preferred way if you have many users on +this terminal. + + + + +Convenience + +In the convenience tab you can configure +some options that make life easier for lazy people, like automatic +login or disabling passwords. + +Please think more than twice before using these +options. Every option in the Convenience tab is +well-suited to seriously compromise your system security. Practically, +these options are only to be used in a completely non-critical +environment, ⪚ a private computer at home. + + +Automatic Login + +Automatic login will give anyone access to a certain account on +your system without doing any authentication. You can enable it using +the option Enable Auto-login. + +You can choose the account to be used for automatic login from +the list labeled User:. + + + + +<guilabel>Password-Less Login</guilabel> + +Using this feature, you can allow certain users to login without +having to provide their password. Enable this feature using the +Enable Password-less logins option. + +Below this option you'll see a list of users on the system. +Enable password-less login for specific users by checking the checkbox +next to the login names. By default, this feature is disabled for +all users. + +Again, this option should only be used in a safe +environment. If you enable it on a rather public system you should +take care that only users with heavy access restrictions are granted +password-less login, ⪚ +guest. + +You can also choose which user is preselected +when &tdm; starts. The default is None, but you +can choose Previous to have &tdm; default to the +last successfully logged in user, or you can +Specify a particular user to always be selected +from the list. You can also have &tdm; set the focus to the password +field, so that when you reach the &tdm; login screen, you can type the +password immediately. + +The Automatically login after X server crash +option allows you to skip the authentication procedure when your X +server accidentally crashed. + + + + + + + + + +&tdmrc-ref; + + + +Configuring your system to use &tdm; + +This chapter assumes that your system is already configured to +run the &X-Window;, and that you only need to reconfigure it to +allow graphical login. + + +Setting up &tdm; + +The fundamental thing that controls whether your computer boots to a +terminal prompt (console mode) or a graphical login prompt is the default +runlevel. The runlevel is set by the program /sbin/init under the control of the +configuration file /etc/inittab. The default runlevels +used by different &UNIX; systems (and different &Linux; distributions) vary, +but if you look at /etc/inittab the start of it should +be something like this: + +# Default runlevel. The runlevels used by RHS are: +# 0 - halt (Do NOT set initdefault to this) +# 1 - Single user mode +# 2 - Multiuser, without NFS +# 3 - Full multiuser mode +# 4 - unused +# 5 - X11 +# 6 - reboot (Do NOT set initdefault to this) + +id:3:initdefault: + + +All but the last line of this extract are comments. The comments +show that runlevel 5 is used for X11 and that runlevel 3 is used for +multi-user mode without X11 (console mode). The final line specifies +that the default runlevel of the system is 3 (console mode). If your +system currently uses graphical login (for example, using &xdm;) its +default runlevel will match the runlevel specified for X11. + +The runlevel with graphical login (&xdm;) for some common &Linux; +distributions is: + + +5 for &RedHat; 3.x and later, and for &Mandrake; +4 for Slackware +3 for &SuSE;. 4.x and 5.x + + +The first step in configuring your system is to ensure that you +can start &tdm; from the command line. Once this is working, you can +change your system configuration so that &tdm; starts automatically +each time you reboot your system. + +To test &tdm;, you must first bring your system to a runlevel +that does not run &xdm;. To do so, issue a command like this: + +/sbin/init + +Instead of the number you should specify the +appropriate runlevel for console mode on your system. + +If your system uses Pluggable Authentication Modules +(PAM), which is normal with recent &Linux; and &Solaris; +systems, you should check that your PAM configuration permits +login through the service named kde. If you previously used +&xdm; successfully, you should not need to make any +changes to your PAM configuration in order to use +&tdm;. /etc/pam.conf or +/etc/pam.d/kde. Information on configuring +PAM is beyond the scope of this handbook, but +PAM comes with comprehensive documentation (try looking in +/usr/share/doc/*pam*/html/). + +Now it's time for you to test &tdm; by issuing the following +command: + +tdm + + +If you get a &tdm; login dialog and you are able to log in, +things are going well. The main thing that can go wrong here is that +the run-time linker might not find the shared &Qt; or &kde; libraries. +If you have a binary distribution of the &kde; libraries, make sure +&tdm; is installed where the libraries believe &kde; is installed and +try setting some environment variables to point to your &kde; and &Qt; +libraries. + +For example: + +export + +export + +export + +export + + + +If you are still unsuccessful, try starting &xdm; instead, to +make sure that you are not suffering from a more serious X +configuration problem. + +When you are able to start &tdm; successfully, you can start to +replace &xdm; by &tdm;. Again, this is distribution-dependent. + + + +For &RedHat;, edit /etc/inittab, look for this + line: +x:5:respawn:/usr/X11/bin/xdm -nodaemon +and replace with: +x:5:respawn:/opt/kde/bin/tdm +This tells init(8) to respawn &tdm; when the +system is in run level 5. Note that &tdm; does not need the + option. + + +For &Mandrake;, the X11 runlevel in +/etc/inittab invokes the shell script +/etc/X11/prefdm, which is set up to select from +amongst several display managers, including &tdm;. Make sure that all +the paths are correct for your installation. + + +For &SuSE;, edit /sbin/init.d/xdm to add a +first line: + +. /etc/rc.config +DISPLAYMANAGER=tdm +export DISPLAYMANAGER + +For FreeBSD, edit /etc/ttys and find +the line like this: +ttyv8 "/usr/X11R6/bin/xdm -nodaemon" xterm off secure +and edit it to this: +ttyv8 "/usr/local/bin/tdm" xterm on secure + + +Most other distributions are a variation of one of +these. + + +At this stage, you can test &tdm; again by bringing your system +to the runlevel that should now run &tdm;. To do so, issue a command +like this: + +/sbin/init + + +Instead of the number you should specify the +appropriate runlevel for running X11 on your system. + +The final step is to edit the initdefault +entry in /etc/inittab to specify the appropriate +runlevel for X11. + +Before you make this change, ensure that you have a way +to reboot your system if a problem occurs. This might be a +rescue floppy-disk provided by your operating system +distribution or a specially-designed rescue +floppy-disk, such as tomsrtbt. Ignore this advice +at your peril. + +This usually involves changing the line: +id:3:initdefault: +to +id:5:initdefault: + +When you reboot your system, you should end up with the +graphical &tdm; login dialog. + +If this step is unsuccessful the most likely problem is that the +environment used at boot time differs from the environment that you used for +testing at the command line. If you are trying to get two versions of &kde; +to co-exist, be particularly careful that the settings you use for your +PATH and LD_LIBRARY_PATH environment variables +are consistent, and that the startup scripts are not over-riding them in +some way. + + + + + + +Supporting multiple window managers + +&tdm; detects most available window manager and desktop environments when +it is run. Installing a new one should make it automatically available in +the &tdm; main dialog Session Type:. + +If you have a very new window manager, or something that &tdm; does +not support, the first thing you should check is that the application to be +run is in the PATH and has not been renamed during the +install into something unexpected. + +If the case is that the application is too new and not yet supported +by &tdm;, you can quite simply add a new session. + +The sessions are defined in .desktop files in +$TDEDIR/share/apps/tdm/sessions. +You can simply add an appropriately named .desktop file in this directory. The fields +are: + +[Desktop Entry] +Encoding=UTF-8 This is fixed to and +may be omitted +Type=XSession This is fixed to and +may be omitted +Exec=executable name Passed to +eval exec in a Bourne shell +TryExec=executable name Supported +but not required +Name=name to show in the &tdm; session list + +There are also three magic: + + + +default + + +The default session for &tdm; is normally &kde; but can be configured by the +system administrator. + + + + +custom + + +The Custom session will run the users ~/.xsession if it exists. + + + + +failsafe + + +Failsafe will run a very plain session, and is useful only for debugging +purposes. + + + + + +To override a session type, copy the .desktop file from the data dir +to the config dir and edit it at will. Removing the shipped session types +can be accomplished by shadowing them with .desktop files +containing Hidden=true. For the magic session types no .desktop files exist +by default, but &tdm; pretends they would, so you can override them like any +other type. I guess you already know how to add a new session type by +now. ;-) + + + + +Using &tdm; for Remote Logins (&XDMCP;) + +&XDMCP; is the Open Group standard, the X Display Manager +Control Protocol. This is used to set up connections between +remote systems over the network. + +&XDMCP; is useful in multiuser situations where there are users +with workstations and a more powerful server that can provide the +resources to run multiple X sessions. For example, &XDMCP; is a good +way to reuse old computers - a Pentium or even 486 computer with 16 Mb +RAM is sufficient to run X itself, and using &XDMCP; such a computer can +run a full modern &kde; session from a server. For the server part, +once a single &kde; (or other environment) session is running, running +another one requires very few extra resources. + +However, allowing another method of login to your machine +obviously has security implications. You should run this service only +if you need to allow remote X Servers to start login sessions on your +system. Users with a single &UNIX; computer should not need to run +this. + + + + +Advanced Topics + + +Command Sockets + +This is a feature you can use to remote-control &tdm;. It's mostly +intended for use by &ksmserver; and &kdesktop; from a running session, but +other applications are possible as well. + +The sockets are &UNIX; domain sockets which live in subdirectories of the +directory specified by =. The subdir is the key to +addressing and security; the sockets all have the file name +socket and file permissions +rw-rw-rw- (0666). This is because some systems don't care +for the file permission of the socket files. + +There are two types of sockets: the global one (dmctl) and the +per-display ones (dmctl-<display>). + +The global one's subdir is owned by root, the subdirs of the per-display +ones' are owned by the user currently owning the session (root or the +logged in user). Group ownership of the subdirs can be set via FifoGroup=, +otherwise it is root. The file permissions of the subdirs are rwxr-x--- +(0750). + +The fields of a command are separated by tabs (\t), the +fields of a list are separated by spaces, literal spaces in list fields are +denoted by \s. + +The command is terminated by a newline (\n). + +The same applies to replies. The reply on success is +ok, possibly followed by the requested +information. The reply on error is an errno-style word (⪚ +perm, noent, &etc;) +followed by a longer explanation. + + +Global commands: + +login +(now | schedule) user password +[session_arguments] + +login user at specified display. if now is +specified, a possibly running session is killed, otherwise the login is done +after the session exits. session_arguments are printf-like escaped contents +for .dmrc. Unlisted keys will default to previously saved values. + + + + + +Per-display commands: + +lock + +The display is marked as locked. If the &X-Server; crashes in this +state, no auto-relogin will be performed even if the option is on. + + + +unlock + +Reverse the effect of lock, and re-enable +auto-relogin. + + + +suicide + +The currently running session is forcibly terminated. No auto-relogin +is attempted, but a scheduled "login" command will be executed. + + + + + +Commands for all sockets + +caps + +Returns a list of this socket's capabilities: + + + +&tdm; + +identifies &tdm;, in case some other DM implements this protocol, +too + + + +list, lock, +suicide, login + +The respective command is supported + + + +bootoptions + +The listbootoptions command and the + to shutdown are supported + + + +shutdown <list> + +shutdown is supported and allowed for the listed +users (a comma separated list.) * means all +authenticated users. + + + +nuke <list> + +Forced shutdown may be performed by the listed users. + + + +nuke + +Forced shutdown may be performed by everybody + + + +reserve <number> + +Reserve displays are configured, and number +are available at this time + + + + +list [all | +alllocal] + +Return a list of running sessions. By default all active sessions are +listed. if all is specified, passive sessions are +listed as well. If alllocal is specified, passive +sessions are listed as well, but all incoming remote sessions are +skipped. +Each session entry is a comma separated tuple of: + +Display or TTY name +VT name for local sessions +Logged in user's name, empty for passive sessions and +outgoing remote sessions (local chooser mode) +Session type or <remote> for outgoing +remote sessions, empty for passive sessions. +A Flag field: +* for the display belonging +to the requesting socket. +! for sessions that cannot be killed by the +reqeusting socket. + + + +New fields may be added in the future. + + + + +reserve [timeout in +seconds] + +Start a reserve login screen. If nobody logs in within the specified +amount of time (one minute by default), the display is removed again. When +the session on the display exits, the display is removed, too. +Permitted only on sockets of local displays and the global +socket. + + + + +activate +(vt|display) + +Switch to a particular VT (virtual terminal). The VT may be specified +either directly (⪚ vt3) or by a display using it +(eg; :2). +Permitted only on sockets of local displays and the global +socket. + + + + +listbootoptions + +List available boot options. + + + + + +shutdown (reboot | +halt) +[=bootchoice] +(ask|trynow|forcenow|schedule|start +(-1|end +(force|forcemy|cancel)))) + +Request a system shutdown, either a reboot or a halt/poweroff. +An OS choice for the next boot may be specified from the list returned +by listbootoptions +Shutdowns requested from per-display sockets are executed when the +current sessino on that display exits. Such a request may pop up a dialog +asking for confirmation and/or authentication +start is the time for which the shutdown is +scheduled. If it starts with a plus-sign, the current time is added. Zero +means immediately. +end is the latest time at which the shutdown +should be performed if active sessions are still running. If it starts with +a plus-sign, the start time is added. -1 means wait infinitely. If end is +through and active sessions are still running, &tdm; can do one of the +following: + +cancel - give up the +shutdown +force - shut down +nonetheless +forcemy - shut down nonetheless if +all active sessions belong to the requesting user. Only for per-display sockets. + +start and end are +specified in seconds since the &UNIX; epoch. +trynow is a synonym for 0 0 +cancel, forcenow for 0 0 +force and schedule for 0 +-1. +ask attempts an immediate shutdown and +interacts with the user if active sessions are still running. Only for +per-display sockets. + + + + +shutdown cancel +[local|global} + +Cancel a scheduled shutdown. The global socket always cancels the +currently pending shutdown, while per-display sockets default to cancelling +their queued request. + + + + +shutdown status + +Return a list with information about shutdowns. +The entries are a comma-separated tuples of: + + +(global|local) - +pending vs. queued shutdown. A local entry can be returned only by a +per-display socket. + +(halt|reboot) +start +end +("ask"|"force"|"forcemy"|"cancel") +Numeric user ID of the requesting user, -1 for the global +socket. +The next boot OS choice or "-" for none. + +New fields might be added later + + + + + + +There are two ways of using the sockets: + + +Connecting them directly. FifoDir is exported as +$DM_CONTROL; the name of per-display sockets can be derived +from $DISPLAY. + + +By using the tdmctl command (⪚ from within a +shell script). Try tdmctl to find out +more. + + + +Here is an example bash script reboot into FreeBSD: + +if tdmctl | grep -q shutdown; then + IFS=$'\t' + set -- `tdmctl listbootoptions` + if [ "$1" = ok ]; then + fbsd=$(echo "$2" | tr ' ' '\n' | sed -ne 's,\\s, ,g;/freebsd/I{p;q}') + if [ -n "$fbsd" ]; then + tdmctl shutdown reboot "=$fbsd" ask > /dev/null + else + echo "FreeBSD boot unavailable." + fi + else + echo "Boot options unavailable." + fi +else + echo "Cannot reboot system." +fi + + + + + + +Other sources of information + +Since &tdm; is descended from &xdm;, the &xdm; man page may provide useful background +information. For X-related problems try the man pages X and startx. If you have +questions about &tdm; that are not answered by this handbook, take advantage of +the fact the &tdm; is provided under the terms of the &GNU; +General Public License: look at the source code. + + + + + +Credits and License + +&tdm; is derived from, and includes code from, +&xdm; (C) Keith Packard, MIT X Consortium. + +&tdm; 0.1 was written by &Matthias.Ettrich;. Later versions till &kde; +2.0.x were written by &Steffen.Hansen;. Some new features for &kde; 2.1.x and +a major rewrite for &kde; 2.2.x made by &Oswald.Buddenhagen;. + +Other parts of the &tdm; code are copyright by the authors, and +licensed under the terms of the &GNU; +GPL. Anyone is allowed to change &tdm; and redistribute the result +as long as the names of the authors are mentioned. + +&tdm; requires the &Qt; library, which is copyright Troll Tech AS. + +Documentation contributors: + + +Documentation written by &Steffen.Hansen; +stefh@dit.ou.dk + +Documentation extended by Gregor +Zumsteinzumstein@ssd.ethz.ch. Last update August 9, +1998 + +Documentation revised for &kde; 2 by &Neal.Crook; &Neal.Crook.mail;. Last update August 6, 2000 + +Documentation extended and revised for &kde; 2.2 by &Oswald.Buddenhagen; &Oswald.Buddenhagen.mail;. Last update August, +2001 + + + +Documentation copyright &Steffen.Hansen;, Gregor Zumstein, &Neal.Crook; +and &Oswald.Buddenhagen;. This document also includes large parts of the &xdm; +man page, which is © Keith Packard. + + + +&underFDL; +&underGPL; + + + + +Glossary + + +greeter +The greeter is the login dialog, &ie; the part of &tdm; +which the user sees. + + + + +entropy +The entropy of a system is the measure of its +unpredictability. This is used during the generation of random numbers. + + + + + + diff --git a/doc/tdm/tdmrc-ref.docbook b/doc/tdm/tdmrc-ref.docbook new file mode 100644 index 000000000..f2cfd2f0e --- /dev/null +++ b/doc/tdm/tdmrc-ref.docbook @@ -0,0 +1,2316 @@ + + + +The Files &tdm; Uses for Configuration + +This chapter documents the files that control &tdm;'s behavior. +Some of this can be also controlled from the &kcontrol; module, but +not all. + + +&tdmrc; - The &tdm; master configuration file + +The basic format of the file is INI-like. +Options are key/value pairs, placed in sections. +Everything in the file is case sensitive. +Syntactic errors and unrecognized key/section identifiers cause &tdm; to +issue non-fatal error messages. + +Lines beginning with # are comments; empty lines +are ignored as well. + +Sections are denoted by +[Name of Section]. + + +You can configure every X-display individually. +Every display has a display name, which consists of a host name +(which is empty for local displays specified in +or ), a colon, and a display number. +Additionally, a display belongs to a +display class (which can be ignored in most cases). + +Sections with display-specific settings have the formal syntax +[X- host [ : number [ _ class ] ] - sub-section ] + +All sections with the same sub-section +make up a section class. + +You can use the wildcard * (match any) for +host, number, +and class. You may omit trailing components; +they are assumed to be * then. The host part may be a +domain specification like .inf.tu-dresden.de +or the wildcard + (match non-empty). + +From which section a setting is actually taken is determined by +these rules: + + + +An exact match takes precedence over a partial match (for the +host part), which in turn takes precedence over a wildcard +(+ taking precendence over *). + + + +Precedence decreases from left to right for equally exact matches. + + + + + +Example: display name myhost.foo:0, class dpy + + + +[X-myhost.foo:0_dpy] precedes + + +[X-myhost.foo:0_*] (same as [X-myhost.foo:0]) precedes + + +[X-myhost.foo:*_dpy] precedes + + +[X-myhost.foo:*_*] (same as [X-myhost.foo]) precedes + + +[X-.foo:*_*] (same as [X-.foo]) precedes + + +[X-+:0_dpy] precedes + + +[X-*:0_dpy] precedes + + +[X-*:0_*] (same as [X-*:0]) precedes + + +[X-*:*_*] (same as [X-*]). + + +These sections do not match this display: +[X-hishost], [X-myhost.foo:0_dec], [X-*:1], [X-:*] + + + + + + + +Common sections are [X-*] (all displays), [X-:*] (all local displays) +and [X-:0] (the first local display). + +The format for all keys is + = value. +Keys are only valid in the section class they are defined for. +Some keys do not apply to particular displays, in which case they are ignored. + + +If a setting is not found in any matching section, the default +is used. + +Special characters need to be backslash-escaped (leading and trailing +spaces (\s), tab (\t), linefeed +(\n), carriage return (\r) and the +backslash itself (\\)). +In lists, fields are separated with commas without whitespace in between. + +Some command strings are subject to simplified sh-style word splitting: +single quotes (') and double quotes (") +have the usual meaning; the backslash quotes everything (not only special +characters). Note that the backslashes need to be doubled because of the +two levels of quoting. + +A pristine &tdmrc; is very thoroughly commented. +All comments will be lost if you change this file with the +kcontrol frontend. + + + +The [General] section of &tdmrc; + + +This section contains global options that do not fit into any specific section. + + + + + + + + +This option exists solely for the purpose of clean automatic upgrades. +Do not change it, you may interfere with future +upgrades and this could result in &tdm; failing to run. + + + + + + + + +List of displays (&X-Server;s) permanently managed by &tdm;. Displays with a +hostname are foreign displays which are expected to be already running, +the others are local displays for which &tdm; starts an own &X-Server;; +see . Each display may belong to a display class; +append it to the display name separated by an underscore. +See for the details. + +The default is :0. + + + + + + + +List of on-demand displays. See for syntax. + +Empty by default. + + + + + + + +List of Virtual Terminals to allocate to &X-Server;s. For negative numbers the +absolute value is used, and the VT will be allocated only +if the kernel says it is free. If &tdm; exhausts this list, it will allocate +free VTs greater than the absolute value of the last entry +in this list. +Currently Linux only. + +Empty by default. + + + + + + + +This option is for operating systems (OSs) with support +for virtual terminals (VTs), by both &tdm; and the +OSs itself. +Currently this applies only to Linux. + +When &tdm; switches to console mode, it starts monitoring all +TTY lines listed here (without the leading +/dev/). +If none of them is active for some time, &tdm; switches back to the X login. + +Empty by default. + + + + + + + +The filename specified will be created to contain an ASCII representation +of the process ID of the main &tdm; process; the PID will not be stored +if the filename is empty. + +Empty by default. + + + + + + + +This option controls whether &tdm; uses file locking to keep multiple +display managers from running onto each other. + +The default is true. + + + + + + + +This names a directory under which &tdm; stores &X-Server; authorization +files while initializing the session. &tdm; expects the system to clean up +this directory from stale files on reboot. + +The authorization file to be used for a particular display can be +specified with the option in [X-*-Core]. + +The default is /var/run/xauth. + + + + + + + +This boolean controls whether &tdm; automatically re-reads its +configuration files if it finds them to have changed. + +The default is true. + + + + + + + +Additional environment variables &tdm; should pass on to all programs it runs. +LD_LIBRARY_PATH and XCURSOR_THEME are good candidates; +otherwise, it should not be necessary very often. + +Empty by default. + + + + + + + +If the system has no native entropy source like /dev/urandom (see +) and no entropy daemon like EGD (see + and ) is running, +&tdm; will fall back to its own pseudo-random number generator +that will, among other things, successively checksum parts of this file +(which, obviously, should change frequently). + +This option does not exist on Linux and various BSDs. + +The default is /dev/mem. + + + + + + + +If the system has no native entropy source like /dev/urandom (see +), read random data from a Pseudo-Random +Number Generator Daemon, +like EGD (http://egd.sourceforge.net) via this UNIX domain socket. + +This option does not exist on Linux and various BSDs. + +Empty by default. + + + + + + + +Same as , only use a TCP socket on localhost. + + + + + + + + +The path to a character device which &tdm; should read random data from. +Empty means to use the system's preferred entropy device if there is one. + +This option does not exist on OpenBSD, as it uses the arc4_random +function instead. + +Empty by default. + + + + + + + +The directory in which the command FiFos should +be created; make it empty to disable them. + +The default is /var/run/xdmctl. + + + + + + + +The group to which the global command FiFo should belong; +can be either a name or a numerical ID. + + + + + + + + +The directory in which &tdm; should store persistent working data; such data +is, for example, the previous user that logged in on a particular display. + +The default is /var/lib/tdm. + + + + + + + +The directory in which &tdm; should store users' .dmrc files. This is only +needed if the home directories are not readable before actually logging in +(like with AFS). + +Empty by default. + + + + + + + + +The [Xdmcp] section of &tdmrc; + + +This section contains options that control &tdm;'s handling of +&XDMCP; requests. + + + + + + + + +Whether &tdm; should listen to incoming &XDMCP; requests. + +The default is true. + + + + + + + +This indicates the UDP port number which &tdm; uses to listen for incoming +&XDMCP; requests. Unless you need to debug the system, leave this with its +default value. + +The default is 177. + + + + + + + +XDM-AUTHENTICATION-1 style &XDMCP; authentication requires a private +key to be shared between &tdm; and the terminal. This option specifies +the file containing those values. Each entry in the file consists of a +display name and the shared key. + +Empty by default. + + + + + + + +To prevent unauthorized &XDMCP; service and to allow forwarding of &XDMCP; +IndirectQuery requests, this file contains a database of hostnames which +are either allowed direct access to this machine, or have a list of hosts +to which queries should be forwarded to. The format of this file is +described in . + +The default is ${kde_confdir}/tdm/Xaccess. + + + + + + + +Number of seconds to wait for the display to respond after the user has +selected a host from the chooser. If the display sends an &XDMCP; +IndirectQuery within this time, the request is forwarded to the chosen +host; otherwise, it is assumed to be from a new session and the chooser +is offered again. + +The default is 15. + + + + + + + +When computing the display name for &XDMCP; clients, the name resolver will +typically create a fully qualified host name for the terminal. As this is +sometimes confusing, &tdm; will remove the domain name portion of the host +name if it is the same as the domain name of the local host when this option +is enabled. + +The default is true. + + + + + + + +Use the numeric IP address of the incoming connection on multihomed hosts +instead of the host name. This is to avoid trying to connect on the wrong +interface which might be down at this time. + +The default is false. + + + + + + + +This specifies a program which is run (as +root) when an &XDMCP; +DirectQuery or BroadcastQuery is received and this host is configured +to offer &XDMCP; display management. The output of this program may be +displayed in a chooser window. If no program is specified, the string +Willing to manage is sent. + +Empty by default. + + + + + + + + +The [Shutdown] section of &tdmrc; + + +This section contains global options concerning system shutdown. + + + + + + + + +The command (subject to word splitting) to run to halt/poweroff the system. + +The default is something reasonable for the system on which &tdm; was built, like +/sbin/shutdown  now. + + + + + + + + +The command (subject to word splitting) to run to reboot the system. + +The default is something reasonable for the system &tdm; on which was built, like +/sbin/shutdown  now. + + + + + + + + +Whether it is allowed to shut down the system via the global command FiFo. + +The default is false. + + + + + + + +Whether it is allowed to abort active sessions when shutting down the +system via the global command FiFo. + +This will have no effect unless is enabled. + +The default is true. + + + + + + + +The boot manager &tdm; should use for offering boot options in the +shutdown dialog. + + + +None +no boot manager + + +Grub +Grub boot manager + + +Lilo +Lilo boot manager (Linux on i386 & x86-64 only) + + +The default is None. + + + + + + + + +The [X-*-Core] section class of &tdmrc; + + +This section class contains options concerning the configuration +of the &tdm; backend (core). + + + + + + + + +See . + +The default is 15. + + + + + + + +See . + +The default is 120. + + + + + + + +These options control the behavior of &tdm; when attempting to open a +connection to an &X-Server;. is the length +of the pause (in seconds) between successive attempts, + is the number of attempts to make and + is the amount of time to spend on a +connection attempt. After attempts have been +made, or if seconds elapse in any particular +connection attempt, the start attempt is considered failed. + +The default is 5. + + + + + + + +How many times &tdm; should attempt to start a foreign +display listed in before giving up +and disabling it. +Local displays are attempted only once, and &XDMCP; displays are retried +indefinitely by the client (unless the option +was given to the &X-Server;). + +The default is 4. + + + + + + + +How many times &tdm; should attempt to start up a local &X-Server;. +Starting up includes executing it and waiting for it to come up. + +The default is 1. + + + + + + + +How many seconds &tdm; should wait for a local &X-Server; to come up. + +The default is 15. + + + + + + + +The command line to start the &X-Server;, without display number and VT spec. +This string is subject to word splitting. + +The default is something reasonable for the system on which &tdm; was built, +like /usr/X11R6/bin/X. + + + + + + + + +Additional arguments for the &X-Server;s for local sessions. +This string is subject to word splitting. + +Empty by default. + + + + + + + +Additional arguments for the &X-Server;s for remote sessions. +This string is subject to word splitting. + +Empty by default. + + + + + + + +The VT the &X-Server; should run on. + should be used instead of this option. +Leave it zero to let &tdm; assign a VT automatically. +Set it to -1 to avoid assigning a VT +alltogether - this is required for setups with multiple physical consoles. +Currently Linux only. + + + + + + + + +This option is for OSs without support for +VTs, either by &tdm; or the OS itself. +Currently this applies to all OSs but Linux. + +When &tdm; switches to console mode, it starts monitoring this +TTY line (specified without the leading +/dev/) for activity. If the line is not used for some time, +&tdm; switches back to the X login. + +Empty by default. + + + + + + + +See . + +The default is 5. + + + + + + + +To discover when remote displays disappear, &tdm; +regularly pings them. + specifies the time (in minutes) between the +pings and specifies the maximum amount of +time (in minutes) to wait for the terminal to respond to the request. If +the terminal does not respond, the session is declared dead and terminated. + +If you frequently use X terminals which can become isolated from +the managing host, you may wish to increase the timeout. The only worry +is that sessions will continue to exist after the terminal has been +accidentally disabled. + +The default is 5. + + + + + + + +Whether &tdm; should restart the local &X-Server; after session exit instead +of resetting it. Use this if the &X-Server; leaks memory or crashes the system +on reset attempts. + +The default is false. + + + + + + + +The signal number to use to reset the local &X-Server;. + +The default is 1 (SIGHUP). + + + + + + + +The signal number to use to terminate the local &X-Server;. + +The default is 15 (SIGTERM). + + + + + + + +Controls whether &tdm; generates and uses authorization for +local &X-Server; connections. +For &XDMCP; displays the authorization requested by the display is used; +foreign non-&XDMCP; displays do not support authorization at all. + +The default is true. + + + + + + + +If is true, use the authorization mechanisms +listed herein. The MIT-MAGIC-COOKIE-1 authorization is always available; +XDM-AUTHORIZATION-1, SUN-DES-1 and MIT-KERBEROS-5 might be available as well, +depending on the build configuration. + +The default is DEF_AUTH_NAME. + + + + + + + +Some old &X-Server;s re-read the authorization file +at &X-Server; reset time, instead of when checking the initial connection. +As &tdm; generates the authorization information just before connecting to +the display, an old &X-Server; would not get up-to-date authorization +information. This option causes &tdm; to send SIGHUP to the &X-Server; +after setting up the file, causing an additional &X-Server; reset to occur, +during which time the new authorization information will be read. + +The default is false. + + + + + + + +This file is used to communicate the authorization data from &tdm; to +the &X-Server;, using the &X-Server; command line +option. It should be kept in a directory which is not world-writable +as it could easily be removed, disabling the authorization mechanism in +the &X-Server;. If not specified, a random name is generated from + and the name of the display. + +Empty by default. + + + + + + + +This option specifies the name of the file to be loaded by +xrdb as the resource database onto the root window +of screen 0 of the display. KDE programs generally do not use +X-resources, so this option is only needed if the +program needs some X-resources. + +Empty by default. + + + + + + + +The xrdb program to use to read the X-resources file +specified in . +The command is subject to word splitting. + +The default is ${x_bindir}/xrdb. + + + + + + + +This string is subject to word splitting. +It specifies a program which is run (as +root) before offering the +greeter window. This may be used to change the appearance of the screen +around the greeter window or to put up other windows (e.g., you may want +to run xconsole here). +The conventional name for a program used here is Xsetup. +See . + +Empty by default. + + + + + + + +This string is subject to word splitting. +It specifies a program which is run (as +root) after the user +authentication process succeeds. +The conventional name for a program used here is Xstartup. +See . + +Empty by default. + + + + + + + +This string is subject to word splitting. +It specifies a program which is run (as +root) after the session +terminates. +The conventional name for a program used here is Xreset. +See . + +Empty by default. + + + + + + + +This string is subject to word splitting. +It specifies the session program to be executed (as the user owning +the session). +The conventional name for a program used here is Xsession. +See . + +The default is ${x_bindir}/xterm -ls -T. + + + + + + + +If the program fails to execute, &tdm; will +fall back to this program. This program is executed with no arguments, +but executes using the same environment variables as the session would +have had (see ). + +The default is ${x_bindir}/xterm. + + + + + + + +The PATH environment variable for +non-root s. + +The default depends on the system &tdm; was built on. + + + + + + + + +The PATH environment variable for all programs but +non-root +s. Note that it is good practice not to include +. (the current directory) into this entry. + +The default depends on the system &tdm; was built on. + + + + + + + + +The SHELL environment variable for all programs but the +. + +The default is /bin/sh. + + + + + + + +When &tdm; is unable to write to the usual user authorization file +($HOME/.Xauthority), it creates a unique file name in this +directory and points the environment variable XAUTHORITY +at the created file. + +The default is /tmp. + + + + + + + +If enabled, &tdm; will automatically restart a session after an &X-Server; +crash (or if it is killed by Alt-Ctrl-BackSpace). Note that enabling this +feature opens a security hole: a secured display lock can be circumvented +(unless &kde;'s built-in screen locker is used). + +The default is false. + + + + + + + +If disabled, do not allow root +(and any other user with UID = 0) to log in directly. + +The default is true. + + + + + + + +If disabled, only users that have passwords assigned can log in. + +The default is true. + + + + + + + +Who is allowed to shut down the system. This applies both to the +greeter and to the command FiFo. + + + +None +no Shutdown... menu entry is shown at all + + +Root +the root password must be entered to shut down + + +All +everybody can shut down the machine + + +The default is All. + + + + + + + +Who is allowed to abort active sessions when shutting down. + + + +None +no forced shutdown is allowed at all + + +Root +the root password must be entered to shut down forcibly + + +All +everybody can shut down the machine forcibly + + +The default is All. + + + + + + + +The default choice for the shutdown condition/timing. + + + +Schedule +shut down after all active sessions exit (possibly at once) + + +TryNow +shut down, if no active sessions are open; otherwise, do nothing + + +ForceNow +shut down unconditionally + + +The default is Schedule. + + + + + + + +How to offer shutdown scheduling options: + + + +Never +not at all + + +Optional +as a button in the simple shutdown dialogs + + +Always +instead of the simple shutdown dialogs + + +The default is Never. + + + + + + + +Enable password-less logins on this display. Use with extreme care! + +The default is false. + + + + + + + +The users that do not need to provide a password to log in. +Items which are prefixed with @ represent all users in the +user group named by that item. +* means all users but +root +(and any other user with UID = 0). +Never list root. + +Empty by default. + + + + + + + +Enable automatic login. Use with extreme care! + +The default is false. + + + + + + + +If true, auto-login after logout. If false, auto-login is performed only +when a display session starts up. + +The default is false. + + + + + + + +The delay in seconds before automatic login kicks in. This is also known as +Timed Login. + + + + + + + + +The user to log in automatically. Never specify root! + +Empty by default. + + + + + + + +The password for the user to log in automatically. This is not required +unless the user is logged into a NIS or Kerberos domain. If you use this +option, you should chmod  tdmrc for obvious reasons. + +Empty by default. + + + + + + + +Immediately lock the automatically started session. This works only with +KDE sessions. + +The default is false. + + + + + + + +A list of directories containing session type definitions. + +The default is ${kde_datadir}/tdm/sessions. + + + + + + + +The file (relative to the user's home directory) to redirect the session +output to. One occurrence of %s in this string will be +substituted with the display name. Use %% to obtain a +literal %. + +The default is .xsession-errors. + + + + + + + +Specify whether &tdm;'s built-in utmp/wtmp/lastlog registration should +be used. If it is not, the tool sessreg should be used +in the and scripts, or, +alternatively, the pam_lastlog module should be used on +PAM-enabled systems. + +The default is true. + + + + + + + + +The [X-*-Greeter] section class of &tdmrc; + + +This section class contains options concerning the configuration +of the &tdm; frontend (greeter). + + + + + + + + +Specify the widget style for the greeter. Empty means to use the +built-in default which currently is Plastik. + +Empty by default. + + + + + + + +Specify the widget color scheme for the greeter. Empty means to use +the built-in default which currently is yellowish grey with some light +blue and yellow elements. + +Empty by default. + + + + + + + +What should be shown in the greeter righthand of the input lines (if + is disabled) or above them (if + is enabled): + + + +None +nothing + + +Logo +the image specified by + + +Clock +a neat analog clock + + +The default is Clock. + + + + + + + +The image to show in the greeter if is +Logo. + +Empty by default. + + + + + + + +The relative coordinates (percentages of the screen size; X,Y) at which +the center of the greeter is put. &tdm; aligns the greeter to the edges +of the screen it would cross otherwise. + +The default is 50,50. + + + + + + + +The screen the greeter should be displayed on in multi-headed and Xinerama +setups. The numbering starts with 0. For Xinerama, it corresponds to the +listing order in the active ServerLayout section of XF86Config; -1 means +to use the upper-left screen, -2 means to use the upper-right screen. + + + + + + + + +The headline in the greeter. An empty greeting means none at all. + +The following character pairs are replaced by their value: + + +%d +name of the current display + + +%h +local host name, possibly with the + domain name + + +%n +local node name, most probably the host name without the + domain name + + +%s +operating system + + +%r +operating system version + + +%m +machine (hardware) type + + +%% +a single % + + + +The default is Welcome to %s at %n. + + + + + + + +Whether the fonts used in the greeter should be antialiased. + +The default is false. + + + + + + + +The font for the greeter headline. + +The default is Serif,20,bold. + + + + + + + +The normal font used in the greeter. + +The default is Sans Serif,10. + + + + + + + +The font used for the Login Failed message. + +The default is Sans Serif,10,bold. + + + + + + + +What to do with the Num Lock modifier for the time the greeter is running: + + + +Off +turn off + + +On +turn on + + +Keep +do not change the state + + +The default is Keep. + + + + + + + +Language and locale to use in the greeter, encoded like $LC_LANG. + +The default is en_US. + + + + + + + +Enable autocompletion in the username line edit. + +The default is false. + + + + + + + +Show a user list with unix login names, real names, and images in the greeter. + +The default is true. + + + + + + + +This option controls which users will be shown in the user view +() and/or offered for autocompletion +(). +If it is Selected, contains +the final list of users. +If it is NotHidden, the initial user list contains all users +found on the system. Users contained in are +removed from the list, just like all users with a UID greater than specified +in and users with a non-zero UID less than +specified in . +Items in and +which are prefixed with @ represent all users in the +user group named by that item. +Finally, the user list will be sorted alphabetically, if + is enabled. + +The default is NotHidden. + + + + + + + +See . + +Empty by default. + + + + + + + +See . + +Empty by default. + + + + + + + +See . + + + + + + + + +See . + +The default is 65535. + + + + + + + +See . + +The default is true. + + + + + + + +If is enabled, this specifies where &tdm; gets the +images from: + + + +AdminOnly +from <>/$USER.face[.icon] + + +PreferAdmin +prefer <>, fallback on $HOME + + +PreferUser +... and the other way round + + +UserOnly +from the user's $HOME/.face[.icon] + + + + +The images can be in any format Qt recognizes, but the filename +must match &tdm;'s expectations: .face.icon should be a +48x48 icon, while .face should be a 300x300 image. +Currently the big image is used only as a fallback and is scaled down, +but in the future it might be displayed full-size in the logo area or a +tooltip. + +The default is AdminOnly. + + + + + + + +See . + +The default is ${kde_datadir}/tdm/faces. + + + + + + + +Specify, if/which user should be preselected for log in: + + + +None +do not preselect any user + + +Previous +the user which successfully logged in last time + + +Default +the user specified in the option + + + + +If is enabled and a user was preselected, +the cursor is placed in the password input field automatically. + +Enabling user preselection can be considered a security hole, +as it presents a valid login name to a potential attacker, so he +only needs to guess the password. On the other hand, +one could set to a fake login name. + + +The default is None. + + + + + + + +See . + +Empty by default. + + + + + + + +See . + +The default is false. + + + + + + + +The password input fields cloak the typed in text. Specify, how to do it: + + + +OneStar +* is shown for every typed +character + + +ThreeStars +*** is shown for every typed +character + + +NoEcho +nothing is shown at all, the cursor does not move + + +The default is OneStar. + + + + + + + +If enabled, &tdm; will automatically start the krootimage +program to set up the background; otherwise, the +program is responsible for the background. + +The default is true. + + + + + + + +The configuration file to be used by krootimage. +It contains a section named [Desktop0] like +kdesktoprc does. Its options are not described +herein; guess their meanings or use the control center. + +The default is ${kde_confdir}/tdm/backgroundrc. + + + + + + + +To improve security, the greeter grabs the &X-Server; and then the keyboard +when it starts up. This option specifies if the &X-Server; grab should be held +for the duration of the name/password reading. When disabled, the &X-Server; +is ungrabbed after the keyboard grab succeeds; otherwise, the &X-Server; is +grabbed until just before the session begins. + +Enabling this option disables and +. + + +The default is false. + + + + + + + +This option specifies the maximum time &tdm; will wait for the grabs to +succeed. A grab may fail if some other X-client has the &X-Server; or the +keyboard grabbed, or possibly if the network latencies are very high. You +should be cautious when raising the timeout, as a user can be spoofed by +a look-alike window on the display. If a grab fails, &tdm; kills and +restarts the &X-Server; (if possible) and the session. + +The default is 3. + + + + + + + +Warn, if a display has no X-authorization. This will be the case if + + + the authorization file for a local &X-Server; could not be created, + + + a remote display from &XDMCP; did not request any authorization or + + + the display is a foreign display specified in + . + + + +The default is true. + + + + + + + +Specify whether the greeter of local displays should start up in host chooser +(remote) or login (local) mode and whether it is allowed to switch to the +other mode. + + + +LocalOnly +only local login possible + + +DefaultLocal +start up in local mode, but allow switching to remote mode + + +DefaultRemote +... and the other way round + + +RemoteOnly +only choice of remote host possible + + +The default is LocalOnly. + + + + + + + +A list of hosts to be automatically added to the remote login menu. +The special name * means broadcast. +Has no effect if is LocalOnly. + +The default is *. + + + + + + + +Use this number as a random seed when forging saved session types, etc. of +unknown users. This is used to avoid telling an attacker about existing users +by reverse conclusion. This value should be random but constant across the +login domain. + + + + + + + + +Enable &tdm;'s built-in xconsole. +Note that this can be enabled for only one display at a time. +This option is available only if &tdm; was configured +with . + +The default is false. + + + + + + + +The data source for &tdm;'s built-in xconsole. +If empty, a console log redirection is requested from +/dev/console. +Has no effect if is disabled. + +Empty by default. + + + + + + + +Specify conversation plugins for the login dialog; the first in the list +is selected initially. +Each plugin can be specified as a base name (which expands to +$kde_modulesdir/kgreet_base) +or as a full pathname. + +Conversation plugins are modules for the greeter which obtain authentication +data from the user. Currently only the classic plugin is +shipped with &kde;; it presents the well-known username and password form. + +The default is classic. + + + + + + + +Same as , but for the shutdown dialog. + +The default is classic. + + + + + + + +A list of options of the form +Key=Value. +The conversation plugins can query these settings; it is up to them what +possible keys are. + +Empty by default. + + + + + + + +Show the Console Login action in the greeter (if / +is configured). + +The default is true. + + + + + + + +Show the Restart X Server/Close Connection action in the greeter. + +The default is true. + + + + + + + +A program to run while the greeter is visible. It is supposed to preload +as much as possible of the session that is going to be started (most +probably). + +Empty by default. + + + + + + + +Whether the greeter should be themed. + +The default is false. + + + + + + + +The theme to use for the greeter. Can point to either a directory or an XML +file. + +Empty by default. + + + + + + + + + + + +Specifying permanent &X-Server;s + +Each entry in the list indicates a +display which should constantly be +managed and which is not using &XDMCP;. This method is typically used only for +local &X-Server;s that are started by &tdm;, but &tdm; can manage externally +started (foreign) &X-Server;s as well, may they run on the +local machine or rather remotely. + +The formal syntax of a specification is + +display name [_display class] + +for all &X-Server;s. Foreign displays differ in having +a host name in the display name, may it be localhost. + +The display name must be something that can +be passed in the option to an X program. This string +is used to generate the display-specific section names, so be careful to match +the names. +The display name of &XDMCP; displays is derived from the display's address by +reverse host name resolution. For configuration purposes, the +localhost prefix from locally running &XDMCP; displays is +not stripped to make them distinguishable from local +&X-Server;s started by &tdm;. + +The display class portion is also used in the +display-specific sections. This is useful if you have a large collection of +similar displays (such as a corral of X terminals) and would like to set +options for groups of them. +When using &XDMCP;, the display is required to specify the display class, +so the manual for your particular X terminal should document the display +class string for your device. If it does not, you can run &tdm; in debug +mode and grep the log for class. + +The displays specified in will not be +started when &tdm; starts up, but when it is explicitly requested via +the command socket (or FiFo). +If reserve displays are specified, the &kde; menu will have a +Start New Session item near the bottom; use that to +activate a reserve display with a new login session. The monitor will switch +to the new display, and you will have a minute to login. If there are no more +reserve displays available, the menu item will be disabled. + +When &tdm; starts a session, it sets up authorization data for the +&X-Server;. For local servers, &tdm; passes + filename +on the &X-Server;'s command line to point it at its authorization data. +For &XDMCP; displays, &tdm; passes the authorization data to the &X-Server; +via the Accept &XDMCP; message. + + + + +&XDMCP; access control + +The file specified by the option provides +information which &tdm; uses to control access from displays requesting service +via &XDMCP;. +The file contains four types of entries: entries which control the response +to Direct and Broadcast queries, entries which +control the response to Indirect queries, macro definitions for +Indirect entries, and entries which control on which network +interfaces &tdm; listens for &XDMCP; queries. +Blank lines are ignored, # is treated as a comment +delimiter causing the rest of that line to be ignored, and \ +causes an immediately following newline to be ignored, allowing indirect host +lists to span multiple lines. + + +The format of the Direct entries is simple, either a +host name or a pattern, which is compared against the host name of the display +device. +Patterns are distinguished from host names by the inclusion of one or more +meta characters; * matches any sequence of 0 or more +characters, and ? matches any single character. +If the entry is a host name, all comparisons are done using network addresses, +so any name which converts to the correct network address may be used. Note +that only the first network address returned for a host name is used. +For patterns, only canonical host names are used in the comparison, so ensure +that you do not attempt to match aliases. +Host names from &XDMCP; queries always contain the local domain name +even if the reverse lookup returns a short name, so you can use +patterns for the local domain. +Preceding the entry with a ! character causes hosts which +match that entry to be excluded. +To only respond to Direct queries for a host or pattern, +it can be followed by the optional NOBROADCAST keyword. +This can be used to prevent a &tdm; server from appearing on menus based on +Broadcast queries. + +An Indirect entry also contains a host name or pattern, +but follows it with a list of host names or macros to which the queries +should be forwarded. Indirect entries can be excluding as well, +in which case a (valid) dummy host name must be supplied to make the entry +distinguishable from a Direct entry. +If compiled with IPv6 support, multicast address groups may also be included +in the list of addresses the queries are forwarded to. + +If the indirect host list contains the keyword CHOOSER, +Indirect queries are not forwarded, but instead a host chooser +dialog is displayed by &tdm;. The chooser will send a Direct +query to each of the remaining host names in the list and offer a menu of +all the hosts that respond. The host list may contain the keyword +BROADCAST, to make the chooser send a +Broadcast query as well; note that on some operating systems, +UDP packets cannot be broadcast, so this feature will not work. + + +When checking access for a particular display host, each entry is scanned +in turn and the first matching entry determines the response. +Direct and Broadcast entries are ignored when +scanning for an Indirect entry and vice-versa. + +A macro definition contains a macro name and a list of host names and +other macros that the macro expands to. To distinguish macros from hostnames, +macro names start with a % character. + +The last entry type is the LISTEN directive. +The formal syntax is + + LISTEN [interface [multicast list]] + +If one or more LISTEN lines are specified, &tdm; listens +for &XDMCP; requests only on the specified interfaces. +interface may be a hostname or IP address +representing a network interface on this machine, or the wildcard +* to represent all available network interfaces. +If multicast group addresses are listed on a LISTEN line, +&tdm; joins the multicast groups on the given interface. For IPv6 multicasts, +the IANA has assigned ff0X:0:0:0:0:0:0:12b as the +permanently assigned range of multicast addresses for &XDMCP;. The +X in the prefix may be replaced by any valid scope +identifier, such as 1 for Node-Local, 2 for Link-Local, 5 for Site-Local, and +so on (see IETF RFC 2373 or its replacement for further details and scope +definitions). &tdm; defaults to listening on the Link-Local scope address +ff02:0:0:0:0:0:0:12b to most closely match the IPv4 subnet broadcast behavior. +If no LISTEN lines are given, &tdm; listens on all +interfaces and joins the default &XDMCP; IPv6 multicast group (when +compiled with IPv6 support). +To disable listening for &XDMCP; requests altogether, a +LISTEN line with no addresses may be specified, but using +the [Xdmcp] option is preferred. + + + + + +Supplementary programs + + +The following programs are run by &tdm; at various stages of a session. +They typically are shell scripts. + + + +The Setup, Startup and Reset programs are run as +root, so they should be careful +about security. +Their first argument is auto if the session results +from an automatic login; otherwise, no arguments are passed to them. + + + +Setup program + + +The Xsetup program is run after the &X-Server; is +started or reset, but before the greeter is offered. +This is the place to change the root background (if + is disabled) or bring up other windows that +should appear on the screen along with the greeter. + + + +In addition to any specified by , +the following environment variables are passed: + + + DISPLAY + the associated display name + + + PATH + the value of + + + SHELL + the value of + + + XAUTHORITY + may be set to an authority file + + + DM_CONTROL + the value of + + + + Note that since &tdm; grabs the keyboard, any other windows will not be +able to receive keyboard input. They will be able to interact with the mouse, +however; beware of potential security holes here. If +is set, Xsetup will not be able to connect to the display +at all. Resources for this program can be put into the file named by +. + + + + + +Startup program + +The Xstartup program is run as +root when the user logs in. +This is the place to put commands which add entries to +utmp (the sessreg program +may be useful here), mount users' home directories from file servers, +or abort the session if some requirements are not met (but note that on +modern systems, many of these tasks are already taken care of by +PAM modules). + +In addition to any specified by , +the following environment variables are passed: + + + DISPLAY + the associated display name + + + HOME + the initial working directory of the user + + + LOGNAME + the username + + + USER + the username + + + PATH + the value of + + + SHELL + the value of + + + XAUTHORITY + may be set to an authority file + + + DM_CONTROL + the value of + + + +&tdm; waits until this program exits before starting the user session. +If the exit value of this program is non-zero, &tdm; discontinues the session +and starts another authentication cycle. + + + + +Session program + +The Xsession program is the command which is run +as the user's session. It is run with the permissions of the authorized user. +One of the keywords failsafe, default +or custom, or a string to eval by a +Bourne-compatible shell is passed as the first argument. + +In addition to any specified by , +the following environment variables are passed: + + + DISPLAY + the associated display name + + + HOME + the initial working directory of the user + + + LOGNAME + the username + + + USER + the username + + + PATH + the value of + (or for + root user sessions) + + + + SHELL + the user's default shell + + + XAUTHORITY + may be set to a non-standard authority file + + + KRBTKFILE + may be set to a Kerberos4 credentials cache name + + + + KRB5CCNAME + may be set to a Kerberos5 credentials cache name + + + + DM_CONTROL + the value of + + + XDM_MANAGED + will contain a comma-separated list of parameters the + session might find interesting, like the location of the command + FiFo and its capabilities, and which conversation + plugin was used for the login + + + + DESKTOP_SESSION + the name of the session the user has chosen to run + + + + + + + +Reset program + +Symmetrical with Xstartup, the +Xreset program is run after the user session has +terminated. Run as root, it should +contain commands that undo the effects of commands in +Xstartup, removing entries from utmp +or unmounting directories from file servers. + +The environment variables that were passed to +Xstartup are also passed to Xreset. + + + + + + + -- cgit v1.2.1