diff options
Diffstat (limited to 'docs/man/sesman.ini.5.in')
| -rw-r--r-- | docs/man/sesman.ini.5.in | 225 |
1 files changed, 225 insertions, 0 deletions
diff --git a/docs/man/sesman.ini.5.in b/docs/man/sesman.ini.5.in new file mode 100644 index 00000000..747bd15e --- /dev/null +++ b/docs/man/sesman.ini.5.in @@ -0,0 +1,225 @@ +.\" +.TH "sesman.ini" "5" "@PACKAGE_VERSION@" "xrdp team" "" +.SH "NAME" +\fBsesman.ini\fR \- Configuration file for \fBxrdp-sesman\fR(8) + +.SH "DESCRIPTION" +\fBsesman.ini\fR consists of several sections. Each section starts with +the section name in square brackets, followed by a list of +\fIparameter\fR=\fIvalue\fR lines. Following sections are recognized: + +.TP +\fB[Globals]\fR +Global configuration + +.TP +\fB[Logging]\fR +Logging subsystem + +.TP +\fB[Sessions]\fR +Session management + +.TP +\fB[Security]\fR +Access control + +.TP +\fB[X11rdp]\fR, \fB[Xvnc]\fR, \fB[Xorg]\fR +X11 server settings for supported servers + +.TP +\fB[Chansrv]\fR +Settings for xrdp-chansrv(8) + +.TP +\fB[SessionVariables]\fR +Environment variables for the session + +.LP +All parameters and values (except for file names and paths) are case +insensitive, and are described in detail below. If any parameter is +specified more than once, the last entry will be used. Options specified +outside their proper section will be \fIignored\fR. + +.SH "GLOBALS" +Following parameters can be used in the \fB[Globals]\fR section. + +.TP +\fBListenAddress\fR=\fIip address\fR +xrdp-sesman listening address. If not specified, defaults to \fI0.0.0.0\fR +(all interfaces). + +.TP +\fBListenPort\fR=\fIport number\fR +xrdp-sesman listening port. If not specified, defaults to \fI3350\fR. + +.TP +\fBEnableUserWindowManager\fR=\fI[true|false]\fR +If set to \fB1\fR, \fBtrue\fR or \fByes\fR, this option enables user +specific startup script. That is, xrdp-sesman will execute the script +specified by \fBUserWindowManager\fR if it exists. + +.TP +\fBUserWindowManager\fR=\fIfilename\fR +Name of the startup script relative to the user's home directory. If +present and enabled by \fBEnableUserWindowManager\fR, that script is +executed instead of \fBDefaultWindowManager\fR. + +.TP +\fBDefaultWindowManager\fR=\fIfilename\fR +Full path to the default startup script used by xrdp-sesman to start a +session if the user script is disabled or missing. + +.SH "LOGGING" +Following parameters can be used in the \fB[Logging]\fR section. + +.TP +\fBLogFile\fR=\fIfilename\fR +Log file path. It can be either absolute or relative. If not specified, +defaults to \fI./sesman.log\fR + +.TP +\fBLogLevel\fR=\fIlevel\fR +This option can have one of the following values: + +\fBCORE\fR or \fB0\fR \- Log only core messages. Those messages are +logged \fIregardless\fR of the selected logging level. + +\fBERROR\fR or \fB1\fR \- Log only error messages. + +\fBWARNING\fR, \fBWARN\fR or \fB2\fR \- Logs warnings and error messages. + +\fBINFO\fR or \fB3\fR \- Log errors, warnings and informational messages. + +\fBDEBUG\fR or \fB4\fR \- Log everything. If xrdp-sesman is compiled in +debug mode, this options will output many more low\-level messages. + +.TP +\fBEnableSyslog\fR=\fI[true|false]\fR +If set to \fB1\fR, \fBtrue\fR or \fByes\fR, this option enables logging to +syslog. + +.TP +\fBSyslogLevel\fR=\fIlevel\fR +Logging level for syslog. It can have the same values as \fBLogLevel\fR. +If \fBSyslogLevel\fR and \fBLogLevel\fR differ, the least verbose setting +takes effect for syslog. + +.SH "SESSIONS" +Following parameters can be used in the \fB[Sessions]\fR section. + +.TP +\fBX11DisplayOffset\fR=\fInumber\fR +The first X display number available for xrdp-sesman. This prevents +xrdp-sesman from interfering with real X11 servers. If not specified, +defaults to \fI10\fR. + +.TP +\fBMaxSessions\fR=\fInumber\fR +Sets the maximum number of simultaneous sessions. If not set or set to +\fI0\fR, unlimited session are allowed. + +.TP +\fBKillDisconnected\fR=\fI[true|false]\fR +If set to \fB1\fR, \fBtrue\fR or \fByes\fR, every session will be killed +within 60 seconds after the user disconnects. + +.TP +\fBIdleTimeLimit\fR=\fInumber\fR +\fI\This option is currently ignored!\fR Time limit before an idle +session is disconnected. If set to \fI0\fR, automatic disconnection is +disabled. + +.TP +\fBDisconnectedTimeLimit\fR=\fInumber\fR +Sets the time limit (in seconds) before a disconnected session is killed. +If set to \fI0\fR, automatic killing is disabled. + +.TP +\fBPolicy\fR=\fI[Default|UBD|UBI|UBC|UBDI|UBDC]\fR +Session allocation policy. By default, a new session is created +for the combination <User,BitPerPixel> when using Xrdp, and +for the combination <User,BitPerPixel,DisplaySize> when using Xvnc. +This behavior can be changed by setting session policy to: +.br + +.br +\fBUBD\fR - session per <User,BitPerPixel,DisplaySize> +.br +\fBUBI\fR - session per <User,BitPerPixel,IPAddr> +.br +\fBUBC\fR - session per <User,BitPerPixel,Connection> +.br +\fBUBDI\fR - session per <User,BitPerPixel,DisplaySize,IPAddr> +.br +\fBUBDC\fR - session per <User,BitPerPixel,DisplaySize,Connection> +.br + +.br +Note that the \fBUser\fR and \fBBitPerPixel\fR criteria cannot be turned +off. For Xvnc connections, \fBDisplaySize\fR is always enabled as well. +.br + +.SH "SECURITY" +Following parameters can be used in the \fB[Security]\fR section. + +.TP +\fBAllowRootLogin\fR=\fI[true|false]\fR +If set to \fB1\fR, \fBtrue\fR or \fByes\fR, enables root login on the +terminal server. + +.TP +\fBMaxLoginRetry\fR=\fInumber\fR +The number of login attempts that are allowed on terminal server. If set +to \fI0\fR, unlimited attempts are allowed. If not specified, defaults to +\fI3\fR. + +.TP +\fBTerminalServerUsers\fR=\fIgroup\fR +Only the users belonging to the specified group are allowed to login on +terminal server. If unset or set to an invalid or non\-existent group, +login for all users is enabled. + +.TP +\fBTerminalServerAdmins\fR=\fIgroup\fR +\fIThis option is currently ignored!\fR Only members of this group can +have session management rights. + +.TP +\fBAlwaysGroupCheck\fR=\fI[true|false]\fR +If set to \fB1\fR, \fBtrue\fR or \fByes\fR, require group membership even +if the group specified in \fBTerminalServerUsers\fR doesn't exist. + +.SH "X11 SERVER" +Following parameters can be used in the \fB[X11rdp]\fR, \fB[Xvnc]\fR and +\fB[Xorg]\fR sections. + +.TP +\fBparam\fR=\fIstring\fR +Multiple \fIparam\fR lines are supported. This first line specifies the +path to the X11 server executable. Following lines specify command line +arguments passed to the X11 server. + +.SH "CHANSRV" +Following parameters can be used in the \fB[Chansrv]\fR section. + +.TP +\fBFuseMountName\fR=\fIstring\fR +Directory for drive redirection, relative to the user home directory. +Created if it doesn't exist. If not specified, defaults to \fIxrdp_client\fR. + +.SH "SESSIONS VARIABLES" +All entries in the \fB[SessionVariables]\fR section are set as +environment variables in the user's session. + +.SH "FILES" +/etc/xrdp/sesman.ini + +.SH "SEE ALSO" +.BR xrdp-sesman (8), +.BR xrdp-sesrun (8), +.BR xrdp (8), +.BR xrdp.ini (5) + +For more info on \fBxrdp\fR see http://www.xrdp.org/ |