~darkxst/ubuntu/saucy/gdm/lp1212408 : revision 1.4.19

1

<?xml version="1.0" encoding="utf-8"?>

2

<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN" "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd" [

3

<!ENTITY legal SYSTEM "legal.xml">

4

<!ENTITY version "2.19.7">

5

<!ENTITY date "07/09/2007">

6

<!ENTITY mdash "—">

7

<!ENTITY percnt "%">

8

]>

9

10

11

<title>Gnome Display Manager Reference Manual</title>

12

13

14

15

16

17

</revision>

18

</revhistory>

19

20

21

<para>

22

GDM is the GNOME Display Manager, a graphical login program.

23

</para>

24

</abstract>

25

26

27

28

<firstname>Martin</firstname><othername>K.</othername>

29

<surname>Petersen</surname>

30

31

32

</affiliation>

33

</author>

34

35

<firstname>George</firstname><surname>Lebl</surname>

36

37

<address><email>jirka@5z.com</email></address>

38

</affiliation>

39

</author>

40

41

<firstname>Brian</firstname><surname>Cameron</surname>

42

43

<address><email>Brian.Cameron@Sun.COM</email></address>

44

</affiliation>

45

</author>

46

47

<firstname>Bill</firstname><surname>Haneman</surname>

48

49

<address><email>Bill.Haneman@Sun.COM</email></address>

50

</affiliation>

51

</author>

52

</authorgroup>

53

54

<year>1998</year><year>1999</year><holder>Martin K. Petersen</holder>

55

</copyright>

56

57

58

<holder>George Lebl</holder>

59

</copyright>

60

61

62

</copyright>

63

64

<year>2003</year><year>2004</year><holder>Sun Microsystems, Inc.</holder>

65

</copyright>

66

67

68

<para>

69

Permission is granted to copy, distribute and/or modify this

70

document under the terms of the GNU Free Documentation

71

License (GFDL), Version 1.1 or any later version published

72

by the Free Software Foundation with no Invariant Sections,

73

no Front-Cover Texts, and no Back-Cover Texts. You can find

74

a copy of the GFDL at this <ulink type="help" url="ghelp:fdl">link</ulink> or in the file COPYING-DOCS

75

distributed with this manual.

76

</para>

77

<para> This manual is part of a collection of GNOME manuals

78

distributed under the GFDL. If you want to distribute this

79

manual separately from the collection, you can do so by

80

adding a copy of the license to the manual, as described in

81

section 6 of the license.

82

</para>

83

84

<para>

85

Many of the names used by companies to distinguish their

86

products and services are claimed as trademarks. Where those

87

names appear in any GNOME documentation, and the members of

88

the GNOME Documentation Project are made aware of those

89

trademarks, then the names are in capital letters or initial

90

capital letters.

91

</para>

92

93

<para>

94

DOCUMENT AND MODIFIED VERSIONS OF THE DOCUMENT ARE PROVIDED

95

UNDER THE TERMS OF THE GNU FREE DOCUMENTATION LICENSE

96

WITH THE FURTHER UNDERSTANDING THAT:

97

98

99

100

<para>DOCUMENT IS PROVIDED ON AN "AS IS" BASIS,

101

WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR

102

IMPLIED, INCLUDING, WITHOUT LIMITATION, WARRANTIES

103

THAT THE DOCUMENT OR MODIFIED VERSION OF THE

104

DOCUMENT IS FREE OF DEFECTS MERCHANTABLE, FIT FOR

105

A PARTICULAR PURPOSE OR NON-INFRINGING. THE ENTIRE

106

RISK AS TO THE QUALITY, ACCURACY, AND PERFORMANCE

107

OF THE DOCUMENT OR MODIFIED VERSION OF THE

108

DOCUMENT IS WITH YOU. SHOULD ANY DOCUMENT OR

109

MODIFIED VERSION PROVE DEFECTIVE IN ANY RESPECT,

110

YOU (NOT THE INITIAL WRITER, AUTHOR OR ANY

111

CONTRIBUTOR) ASSUME THE COST OF ANY NECESSARY

112

SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER

113

OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS

114

LICENSE. NO USE OF ANY DOCUMENT OR MODIFIED

115

VERSION OF THE DOCUMENT IS AUTHORIZED HEREUNDER

116

EXCEPT UNDER THIS DISCLAIMER; AND

117

</para>

118

</listitem>

119

120

<para>UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL

121

THEORY, WHETHER IN TORT (INCLUDING NEGLIGENCE),

122

CONTRACT, OR OTHERWISE, SHALL THE AUTHOR,

123

INITIAL WRITER, ANY CONTRIBUTOR, OR ANY

124

DISTRIBUTOR OF THE DOCUMENT OR MODIFIED VERSION

125

OF THE DOCUMENT, OR ANY SUPPLIER OF ANY OF SUCH

126

PARTIES, BE LIABLE TO ANY PERSON FOR ANY

127

DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR

128

CONSEQUENTIAL DAMAGES OF ANY CHARACTER

129

INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS

130

OF GOODWILL, WORK STOPPAGE, COMPUTER FAILURE OR

131

MALFUNCTION, OR ANY AND ALL OTHER DAMAGES OR

132

LOSSES ARISING OUT OF OR RELATING TO USE OF THE

133

DOCUMENT AND MODIFIED VERSIONS OF THE DOCUMENT,

134

EVEN IF SUCH PARTY SHALL HAVE BEEN INFORMED OF

135

THE POSSIBILITY OF SUCH DAMAGES.

136

</para>

137

</listitem>

138

</orderedlist>

139

</para>

140

</legalnotice>

141

142

143

144

145

This manual describes version 2.19.7 of the GNOME Display Manager.

146

It was last updated on 07/09/2007.

147

</releaseinfo>

148

</articleinfo>

149

150

151

<title>Terms and Conventions Used in This Manual</title>

152

153

<para>

154

This manual describes version 2.19.7 of the GNOME Display Manager.

155

It was last updated on 07/09/2007.

156

</para>

157

158

<para>

159

Chooser - A program used to select a remote host for managing a

160

display remotely on the attached display (<command>gdmchooser</command>).

161

</para>

162

163

<para>

164

Configurator - The configuration application

165

(<command>gdmsetup</command>).

166

</para>

167

168

<para>

169

GDM - Gnome Display Manager. Used to describe the software package as a

170

whole. Sometimes also referred to as GDM2.

171

</para>

172

173

<para>

174

gdm - The Gnome Display Manager daemon (<command>gdm</command>).

175

</para>

176

177

<para>

178

Greeter - The graphical login window (<command>gdmlogin</command> or

179

<command>gdmgreeter</command>).

180

</para>

181

182

<para>

183

GTK+ Greeter - The standard login window (<command>gdmlogin</command>).

184

</para>

185

186

<para>

187

PAM - Pluggable Authentication Mechanism

188

</para>

189

190

<para>

191

Themed Greeter - The themable login window (

192

<command>gdmgreeter</command>).

193

</para>

194

195

<para>

196

XDMCP - X Display Manage Protocol

197

</para>

198

199

<para>

200

Paths that start with a word in angle brackets are relative to the

201

installation prefix. I.e. <filename><share>/pixmaps/</filename>

202

refers to <filename><share>/pixmaps</filename> if GDM was configured

203

with <command>--prefix=/usr</command>. Normally also note that

204

GDM is installed with <command>--sysconfigdir=<etc>/X11</command>,

205

meaning any path to which we refer to as

206

<filename><etc>/gdm/PreSession</filename> usually means

207

<filename><etc/X11>/gdm/PreSession</filename>. Note that for

208

interoperability it is recommended that you use a --prefix of

209

<filename>/usr</filename> and a --sysconfdir of

210

<filename><etc>/X11</filename>.

211

</para>

212

</sect1>

213

214

215

<title>Overview</title>

216

217

218

<title>

219

Introduction

220

</title>

221

222

<para>

223

The Gnome Display Manager (GDM) is a display manager that

224

implements all significant features required for managing

225

attached and remote displays. GDM was written from scratch and

226

does not contain any XDM / X Consortium code.

227

</para>

228

229

<para>

230

Note that GDM is highly configurable, and many configuration

231

settings can affect security. Issues to be aware of are highlighted

232

in this document and in the GDM Configuration files.

233

</para>

234

235

<para>

236

For further information about GDM, see the

237

238

the GDM project website</ulink>. Please submit any bug reports or

239

enhancement requests to the "gdm" category in

240

<ulink type="http" url="http://bugzilla.gnome.org/">bugzilla.gnome.org</ulink>.

241

You can also send a message to the

242

<address><email>gdm-list@gnome.org</email></address> mail list to

243

discuss any issues or concerns with the GDM program.

244

</para>

245

</sect2>

246

247

248

<title>

249

Interface Stability

250

</title>

251

252

<para>

253

The key/value pairs defined in the GDM configuration files and

254

the location of these files are considered "stable" interfaces

255

should only change in ways that are backwards compatible. Note that

256

this includes functionality like the GDM scripts (Init, PreSession,

257

PostSession, PostLogin, XKeepsCrashing, etc.); directory locations

258

(ServAuthDir, etc.), system applications (SoundProgram), etc.

259

Some configuration values depend on OS interfaces may need to be

260

modified to work on a given OS. Typical examples are HaltCommand,

261

RebootCommand, CustomCommands, SuspendCommand, StandardXServer, Xnest,

262

SoundProgram, and the "command" value for each

263

<filename>server-foo</filename>.

264

</para>

265

266

<para>

267

Command-line interfaces for GDM programs installed to

268

269

are considered stable. Refer to your distribution documentation to see

270

if there are any distribution-specific changes to these GDM interfaces

271

and what support exists for them.

272

</para>

273

274

<para>

275

As of the GDM 2.15 development series, some one-dash arguments are no

276

longer supported. This includes the "-xdmaddress",

277

"-clientaddress", and "-connectionType" arguments

278

used by <command>gdmchooser</command>. These arguments have been

279

changed to now use two dashes.

280

</para>

281

282

<para>

283

If issues are discovered that break compatibility, please file a bug

284

with an "urgent" priority.

285

</para>

286

</sect2>

287

288

289

<title>The GDM Daemon</title>

290

291

<para>

292

The GDM daemon is responsible for managing displays on the system.

293

This includes authenticating users, starting the user session, and

294

terminating the user session. GDM is configurable and the ways it can

295

be configured are described in the "Configuring GDM" section

296

of this document. The <filename>Init</filename>,

297

<filename>PostLogin</filename>, <filename>PreSession</filename>,

298

and <filename>PostSession</filename> scripts discussed below are

299

discussed in this "Configuring GDM section".

300

</para>

301

302

<para>

303

The GDM daemon supports a UNIX domain socket protocol which can be used

304

to control aspects of its behavior and to query information. This

305

protocol is described in the "Controlling GDM" section of

306

this document.

307

</para>

308

309

<para>

310

GDM can be asked to manage a display a number of ways. Attached

311

displays are always managed when GDM starts and will be restarted when

312

a user's session is finished. Remote displays can be requested via

313

XDMCP, flexible displays via the <command>gdmflexiserver</command>

314

command, and dynamic displays via the <command>gdmdynamic</command>

315

command. Displays that are started on request are not restarted on

316

session exit.

317

</para>

318

319

<para>

320

When the GDM daemon is asked to manage a display, it will fork an

321

X server process, then run the <filename>Init</filename> script as the

322

root user, and start the login GUI dialog as a slave process on the

323

display. GDM can be configured to use either

324

<command>gdmgreeter</command> (the default) or

325

<command>gdmlogin</command> as the GUI dialog program. The

326

<command>gdmlogin</command> program supports accessibility while the

327

<command>gdmgreeter</command> program supports greater themeability.

328

The GUI dialog is run as the unpriviledged "gdm" user/group

329

which is described in the "Security" section below. The GUI

330

dialog communicates with the daemon via a sockets protocol and via

331

standard input/output. The slave, for example passes the username and

332

password information to the GDM daemon via standard input/output so

333

the daemon can handle the actual authentication.

334

</para>

335

336

<para>

337

The login GUI dialog screen allows the user to select which session

338

they wish to start and which language they wish to use. Sessions are

339

defined by files that end in the .desktop extension and more

340

information about these files can be found in the

341

"Configuration" section. The user enters their name and

342

password and if these successfully authenticate, GDM will start the

343

requested session for the user. It is possible to configure GDM to

344

avoid the authentication process by turning on the Automatic or Timed

345

Login features in the GDM configuration. The login GUI can also be

346

configured to provide additional features to the user, such as the

347

Face Browser; the ability to halt, restart, or suspend the system;

348

and/or edit the login configuration (after entering the root password).

349

</para>

350

351

<para>

352

GDM, by default, will use Pluggable Authentication Modules (PAM) for

353

authentication, but can also support regular crypt and shadow passwords

354

on legacy systems. After authenticating a user, the daemon runs the

355

<filename>PostLogin</filename> script as root, and forks a slave

356

process to start the requested session. This slave process runs the

357

<filename>PreSession</filename> script as root, sets up the user's

358

environment, and starts the requested session. GDM keeps track of the

359

user's default session and language in the user's

360

<filename>~/.dmrc</filename> and will use these defaults if the user

361

did not pick a session or language in the login GUI. On Solaris, GDM

362

(since version 2.8.0.3) uses the SDTLOGIN interface after user

363

authentication to tell the X server to be restarted as the user instead

364

of as root for added security. When the user's session exits, the GDM

365

daemon will run the <filename>PostSession</filename> script as root.

366

</para>

367

368

<para>

369

Note that, by default, GDM uses the "gdm" service name for

370

normal login and the "gdm-autologin" service name for

371

automatic login. The <filename>PamStack</filename> configuration

372

option can be used to specify a different service name. For example,

373

if "foo" is specified, then GDM will use the "foo"

374

service name for normal login and "foo-autologin" for

375

automatic login.

376

</para>

377

378

<para>

379

For those looking at the code, the gdm_verify_user function in

380

<filename>daemon/verify-pam.c</filename> is used for normal login

381

and the gdm_verify_setup_user function is used for automatic login.

382

</para>

383

</sect2>

384

385

386

<title>Different Display Types</title>

387

388

<para>

389

GDM supports three different display types: attached displays,

390

flexible displays, and XDMCP remote displays. The

391

"X Server Definitions" subsection of the

392

"Configuration" section explains how the X server is

393

configured for different displays.

394

</para>

395

396

<para>

397

Attached (also known as local or static) displays are always started by

398

the daemon, and when they die or are killed, they are restarted. GDM

399

can run as many of these as needed. GDM can also manage displays on

400

which it does not manage a GUI login, thus GDM can be used for

401

supporting X terminals. The "Attached DISPLAY Configuration"

402

subsection of the "Configuration" section describes how

403

attached displays are defined.

404

</para>

405

406

<para>

407

Flexible (also known as on-demand) displays are only available to users

408

logged on the console. Starting a flexible display will lock the

409

current user session and will show a new login screen over the current

410

running session. If at least one flexible display is already running,

411

and the user requests another, then a dialog will display showing

412

existing flexible displays. The user can choose to switch back to a

413

previous display or start a new flexible display. If the user switches

414

back to a previous display, they will need to enter the password in the

415

lock screen program to return to their session. The GDM configuration

416

file specifies the maximum number of flexible displays allowed on the

417

system.

418

</para>

419

420

<para>

421

Flexible displays may be started by running the

422

<command>gdmflexiserver</command> command, or via calling the GDM

423

socket protocol directly. Some lock screen programs provide a button

424

to start a new flexible session. This allows a user to start a new

425

session even if the screen was left locked. The GNOME Fast User

426

Switch applet also uses the socket protocol to provide an applet

427

interface on the GNOME panel for managing user displays quickly.

428

Flexible displays are not restarted when the user session ends.

429

Flexible displays require virtual terminal (VT) support in the kernel,

430

and will not be available if not supported (such as on Solaris).

431

</para>

432

433

<para>

434

The <filename>FlexibleXServers</filename>,

435

<filename>FirstVT=7</filename>, <filename>VTAllocation</filename>,

436

and <filename>FlexiReapDelayMinutes</filename> configuration settings

437

are used to configure how flexible displays operate.

438

</para>

439

440

<para>

441

Nested displays are available to users even if not logged in on the

442

console. Nested displays launch a login screen in a window in the

443

user's current session. This can be useful if the user has more

444

than one account on a machine and wishes to login to the other

445

account without disrupting their current session. Nested displays

446

may be started by running the <command>gdmflexiserver -n</command>

447

command or via calling the GDM socket protocol directly. Nested

448

displays require that the X server supports a nested X server command

449

like Xnest or Xephyr. The <filename>Xnest</filename> configuration

450

option is used to configure how nested displays are started.

451

</para>

452

453

<para>

454

The <command>gdmdynamic</command> is similar to

455

<command>gdmflexiserver</command> in the sense that it allows the

456

user to manage displays dynamically. However displays started with

457

<command>gdmdynamic</command> are treated as attached displays, so

458

they are restarted automatically when the session exits. This

459

command is intended to be used in multi-user server environments

460

(many displays connected to a single server). In other words,

461

this command allows the displays to be managed without hardcoding

462

the display information in the "Attached DISPLAY

463

Configuration" section of the configuration file. This

464

is useful to support the ability of adding new displays to the

465

server without needing to restart GDM, for example.

466

</para>

467

468

<para>

469

The last display type is the XDMCP remote displays which are described

470

in the next section. Remote hosts can connect to GDM and present the

471

login screen if this is enabled. Some things are different for

472

remote sessions. For example, the Actions menu which allows you to

473

shut down, restart, suspend, or configure GDM are not shown.

474

</para>

475

476

</sect2>

477

478

479

<title>

480

XDMCP

481

</title>

482

483

<para>

484

The GDM daemon can be configured to listen for and manage X Display

485

Manage Protocol (XDMCP) requests from remote displays. By default

486

XDMCP support is turned off, but can be enabled if desired. If GDM is

487

built with TCP Wrapper support, then the daemon will only grant access

488

to hosts specified in the GDM service section in the TCP Wrappers

489

configuration file.

490

</para>

491

492

<para>

493

GDM includes several measures making it more resistant to denial of

494

service attacks on the XDMCP service. A lot of the protocol

495

parameters, handshaking timeouts etc. can be fine tuned. The defaults

496

should work for most systems, however. Do not change them unless you

497

know what you are doing.

498

</para>

499

500

<para>

501

GDM listens to UDP port 177 and will respond to QUERY and

502

BROADCAST_QUERY requests by sending a WILLING packet to the originator.

503

</para>

504

505

<para>

506

GDM can also be configured to honor INDIRECT queries and present a

507

host chooser to the remote display. GDM will remember the user's

508

choice and forward subsequent requests to the chosen manager. GDM

509

also supports an extension to the protocol which will make it forget

510

the redirection once the user's connection succeeds. This extension

511

is only supported if both daemons are GDM. It is transparent and

512

will be ignored by XDM or other daemons that implement XDMCP.

513

</para>

514

515

<para>

516

If XDMCP seems to not be working, make sure that all machines are

517

specified in <filename>/etc/hosts</filename>.

518

</para>

519

520

<para>

521

Refer to the "Security" section for information about

522

security concerns when using XDMCP.

523

</para>

524

</sect2>

525

526

527

<title>

528

Securing Remote Connection Through SSH

529

</title>

530

<para>

531

As explained in the "Security" section, XDMCP does not use

532

any kind of encryption and as such is inherently insecure. As XDMCP

533

uses UDP as a network transport layer, it is not possible to simply

534

secure it through an SSH tunnel.

535

</para>

536

537

<para>

538

To remedy this problem, GDM can be configured at compilation-time with

539

the option --enable-secureremote, in which case GDM proposes as a

540

built-in session a session called "Secure Remote Connection".

541

Starting such a session allows the user to enter the name or the

542

address of the host on which to connect; provided the said host runs an

543

SSH server, the user then gets connected to the server on which the

544

default X session is started and displayed on the local host.

545

</para>

546

547

<para>

548

Using this session allows a much more secure network connection and

549

only necessitates to have an SSH server running on the remote host.

550

</para>

551

</sect2>

552

553

554

<title>The GTK+ Greeter</title>

555

556

<para>

557

The GTK+ Greeter is the default graphical user interface that is

558

presented to the user. The greeter contains a menu at the top, an

559

optional face browser, an optional logo and a text entry widget.

560

This greeter has full accessibility support, and should be used

561

by users with accessibility needs.

562

</para>

563

564

<para>

565

The text entry field is used for entering logins, passwords,

566

passphrases etc. <command>gdmlogin</command> is controlled by the

567

underlying daemon and is basically stateless. The daemon controls the

568

greeter through a simple protocol where it can ask the greeter for a

569

text string with echo turned on or off. Similarly, the daemon can

570

change the label above the text entry widget to correspond to the

571

value the authentication system wants the user to enter.

572

</para>

573

574

<para>

575

The menu bar in the top of the greeter enables the user to select the

576

requested session type/desktop environment, select an appropriate

577

locale/language, halt/restart/suspend the computer, configure GDM

578

(given the user knows the root password), change the GTK+ theme, or

579

start an XDMCP chooser.

580

</para>

581

582

<para>

583

The greeter can optionally display a logo in the login window. The

584

image must be in a format readable to the gdk-pixbuf library (GIF,

585

JPG, PNG, TIFF, XPM and possibly others), and it must be readable to

586

the GDM user. See the <filename>Logo</filename> option in the

587

reference section below for details.

588

</para>

589

</sect2>

590

591

592

<title>The Themed Greeter</title>

593

594

<para>

595

The Themed Greeter is a greeter interface that takes up the whole

596

screen and is very themable. Themes can be selected and new themes

597

can be installed by the configuration application or by setting the

598

<filename>GraphicalTheme</filename> configuration key. The Themed

599

Greeter is much like the GTK+ Greeter in that it is controlled by

600

the underlying daemon, is stateless, and is controlled by the

601

daemon using the same simple protocol.

602

</para>

603

604

<para>

605

The look and feel of this greeter is really controlled by the theme and

606

so the user interface elements that are present may be different. The

607

only thing that must always be present is the text entry field as

608

described above in the GTK+ Greeter. The theme can include buttons

609

that allow the user to select an appropriate locale/language,

610

halt/restart/suspend the computer, configure GDM (given the user

611

knows the root password), or start an XDMCP chooser.

612

</para>

613

614

<para>

615

You can always get a menu of available actions by pressing the F10 key.

616

This can be useful if the theme doesn't provide certain buttons when

617

you wish to do some action allowed by the GDM configuration.

618

</para>

619

</sect2>

620

621

622

<title>The GDM Face Browser</title>

623

624

<para>

625

GDM supports a face browser which will display a list of users who

626

can login and an icon for each user. Starting with version 2.18.1

627

the <filename>Browser</filename> configuration option must be set

628

to "true" for this function to be available. In previous

629

versions it was only required when using the GTK+ Greeter. When

630

using the Themed Greeter, the Face Browser is only available if the

631

GDM theme includes a "userlist" item type.

632

</para>

633

634

<para>

635

By default, the face browser is disabled since revealing usernames on

636

the login screen is not appropriate on many systems for security

637

reasons. Also GDM requires some setup to specify which users should

638

be visible. Setup can be done on the "Users" tab in

639

<command>gdmsetup</command>. This feature is most practical to use

640

on a system with a smaller number of users.

641

</para>

642

643

<para>

644

The icons used by GDM can be installed globally by the sysadmin or can

645

be located in the users' home directories. If installed globally

646

they should be in the <filename><share>/pixmaps/faces/</filename>

647

directory (though this can be configured with the

648

<filename>GlobalFaceDir</filename> configuration option) and the

649

filename should be the name of the user, optionally with a

650

<filename>.png</filename> appended. Face icons placed in the global

651

face directory must be readable to the GDM user. However, the daemon,

652

proxies user pictures to the greeter and thus those do not have be be

653

readable by the "gdm" user, but root.

654

</para>

655

656

<para>

657

Users may run the <command>gdmphotosetup</command> command to

658

configure the image to use for their userid. This program properly

659

scales the file down if it is larger than the

660

<filename>MaxIconWidth</filename> or

661

<filename>MaxIconHeight</filename> configuration options and places the

662

icon in a file called <filename>~/.face</filename>. Although

663

<command>gdmphotosetup</command> scales user images automatically,

664

this does not guarantee that user images are properly scaled since

665

a user may create their <filename>~/.face</filename> file by hand.

666

</para>

667

668

<para>

669

GDM will first look for the user's face image in

670

<filename>~/.face</filename>. If not found, it will try

671

<filename>~/.face.icon</filename>. If still not found, it will

672

use the value defined for "face/picture=" in the

673

<filename>~/.gnome2/gdm</filename> file. Lastly, it will try

674

<filename>~/.gnome2/photo</filename> and

675

<filename>~/.gnome/photo</filename> which are deprecated and

676

supported for backwards compatibility.

677

</para>

678

679

<para>

680

If a user has no defined face image, GDM will use the

681

"stock_person" icon defined in the current GTK+ theme. If no

682

such image is defined, it will fallback to the image specified in the

683

<filename>DefaultFace</filename> configuration option, normally

684

<filename><share>/pixmaps/nobody.png</filename>.

685

</para>

686

687

<para>

688

Please note that loading and scaling face icons located in user home

689

directories can be a very time-consuming task. Since it not

690

practical to load images over NIS or NFS, GDM does not attempt to

691

load face images from remote home directories. Furthermore, GDM will

692

give up loading face images after 5 seconds of activity and will

693

only display the users whose pictures it has gotten so far. The

694

<filename>Include</filename> configuration option can be used to

695

specify a set of users who should appear on the face browser. As

696

long as the users to include is of a reasonable size, there should

697

not be a problem with GDM being unable to access the face images.

698

To work around such problems, it is recommended to place face images

699

in the directory specified by the <filename>GlobalFaceDir</filename>

700

configuration option.

701

</para>

702

703

<para>

704

To control the users who get displayed in the face browser, there are

705

a number of configuration options that can be used. If the

706

<filename>IncludeAll</filename> option is set to true, then the

707

password file will be scanned and all users will be displayed. If

708

<filename>IncludeAll</filename> option is set to false, then the

709

<filename>Include</filename> option should contain a list of users

710

separated by commas. Only the users specified will be displayed.

711

Any user listed in the <filename>Exclude</filename> option and users

712

whose UID's is lower than <filename>MinimalUID</filename> will be

713

filtered out regardless of the <filename>IncludeAll</filename>

714

setting. <filename>IncludeAll</filename> is not recommended

715

for systems where the passwords are loaded over a network (such as

716

when NIS is used), since it can be very slow to load more than a

717

small number of users over the network..

718

</para>

719

720

<para>

721

When the browser is turned on, valid usernames on the computer are

722

inherently exposed to a potential intruder. This may be a bad idea if

723

you do not know who can get to a login screen. This is especially

724

true if you run XDMCP (turned off by default).

725

</para>

726

</sect2>

727

728

729

<title>Logging</title>

730

731

<para>

732

GDM itself will use syslog to log errors or status. It can also log

733

debugging information, which can be useful for tracking down problems

734

if GDM is not working properly. This can be enabled in the

735

configuration file.

736

</para>

737

738

<para>

739

Output from the various X servers is stored in the GDM log directory,

740

which is configurable, but is usually

741

<filename><var>/log/gdm/</filename>. The output from the

742

session can be found in a file called

743

<filename><display>.log</filename>. Four older files are also

744

stored with <filename>.1</filename> through

745

<filename>.4</filename> appended. These will be rotated as new

746

sessions on that display are started. You can use these logs to view

747

what the X server said when it started up.

748

</para>

749

750

<para>

751

The output from the user session is redirected to

752

<filename>~/.xsession-errors</filename>

753

before even the <filename>PreSession</filename> script is started. So

754

it is not really necessary to redirect this again in the session setup

755

script. As is usually done. If the user session lasted less then

756

10 seconds, GDM assumes that the session crashed and allows the user to

757

view this file in a dialog before returning to the login screen.

758

This way the user can view the session errors from the last session

759

and correct the problem this way.

760

</para>

761

762

<para>

763

You can suppress the 10 second warning by returning code 66 from the

764

<filename>Xsession</filename>script or from your session binary (the

765

default <filename>Xsession</filename> script propagates those codes

766

back). This is useful if you have some sort of special logins for

767

which it is not an error to return less then 10 seconds later, or if

768

you setup the session to already display some error message and the

769

GDM message would be confusing and redundant.

770

</para>

771

772

<para>

773

The session output is piped through the GDM daemon and so the

774

<filename>~/.xsession-errors</filename> file is capped at about

775

200 kilobytes by GDM to prevent a possible denial of service attack

776

on the session. An application could perhaps on reading some wrong

777

data print out warnings or errors on the stderr or stdout. This could

778

perhaps fill up the user's home directory making it necessary to log

779

out and back into their session to clear this. This could be

780

especially nasty if quotas are set. GDM also correctly traps the XFSZ

781

signal and stops writing the file, which would lead to killed sessions

782

if the file was redirected in the old fashioned way from the script.

783

</para>

784

785

<para>

786

Note that some distributors seem to override the

787

<filename>~/.xsession-errors</filename> redirection and do it

788

themselves in their own Xsession script (set by the

789

<filename>BaseXsession</filename> configuration key) which means that

790

GDM will not be able to trap the output and cap this file. You also

791

lose output from the <filename>PreSession</filename> script which can

792

make debugging things harder to figure out as perhaps useful output

793

of what is wrong will not be printed out. See the description of the

794

<filename>BaseXsession</filename> configuration key for more

795

information, especially on how to handle multiple display managers

796

using the same script.

797

</para>

798

799

<para>

800

Note that if the session is a failsafe session, or if GDM can't open

801

this file for some reason, then a fallback file will be created in the

802

<filename>/tmp</filename> directory named

803

<filename>/tmp/xses-<user>.XXXXXX</filename> where the

804

<filename>XXXXXX</filename> are some random characters.

805

</para>

806

807

<para>

808

If you run a system with quotas set, it would be good to delete the

809

<filename>~/.xsession-errors</filename> in the

810

<filename>PostSession</filename> script. Such that this log file

811

doesn't unnecessarily stay around.

812

</para>

813

</sect2>

814

815

816

<title>Accessing Files</title>

817

818

<para>

819

In general GDM is very reluctant regarding reading/writing of user

820

files (such as the <filename>~/.dmrc</filename>,

821

<filename>~/.face</filename>,

822

<filename>~/.xsession-errors</filename>, and

823

<filename>~/.Xauthority</filename> files). For instance it refuses to

824

access anything but regular files. Links, sockets and devices are

825

ignored. The value of the <filename>RelaxPermissions</filename>

826

parameter determines whether GDM should accept files writable by the

827

user's group or others. These are ignored by default.

828

</para>

829

830

<para>

831

All operations on user files are done with the effective user id of the

832

user. If the sanity check fails on the user's

833

<filename>.Xauthority</filename> file, a fallback cookie is created in

834

the directory specified by the <filename>UserAuthFBDir</filename>

835

configuration setting (<filename>/tmp</filename> by default).

836

</para>

837

838

<para>

839

Finally, the sysadmin can specify the maximum file size GDM should

840

accept, and, if the face browser is enabled, a tunable maximum icon

841

size is also enforced. On large systems it is still advised to turn

842

off the face browser for performance reasons. Looking up icons in

843

home directories, scaling and rendering face icons can take a long

844

time.

845

</para>

846

</sect2>

847

848

849

<title>GDM Performance</title>

850

851

<para>

852

To speed performance it is possible to build GDM so that it will

853

preload libraries when GDM first displays a greeter program. This

854

has been shown to speed first time login since these libraries can

855

be loaded into memory while the user types in their username and

856

password.

857

</para>

858

859

<para>

860

To use this feature, configure GDM with the

861

<command>--with-prefetch</command> option. This will cause GDM to

862

install the <command>gdmprefetch</command> program to the

863

<filename>libexecdir</filename> directory, install the

864

<filename>gdmprefetchlist</filename> to the

865

<filename><etc>/gdm</filename> directory, and set the

866

<filename>PreFetchProgram</filename> configuration variable so that the

867

<command>gdmprefetch</command> program is called with the default

868

<filename>gdmprefetchlist</filename> file. The default

869

<filename>gdmprefetchlist</filename> file was optimized

870

for a GNOME desktop running on Solaris, so may need fine-tuning on

871

other systems. Alternative prefetchlist files can be contributed

872

to the "gdm" category in

873

<ulink type="http" url="http://bugzilla.gnome.org/">bugzilla.gnome.org</ulink>,

874

so that they can be included in future GDM releases.

875

</para>

876

</sect2>

877

</sect1>

878

879

880

<title>Security</title>

881

882

883

<title>

884

PAM

885

</title>

886

887

<para>

888

GDM uses PAM for login authentication, though if your machine does not

889

support PAM you can build GDM to work with the password database and

890

the crypt library function.

891

</para>

892

893

<para>

894

PAM stands for Pluggable Authentication Module, and is used by most

895

programs that request authentication on your computer. It allows the

896

administrator to configure different authentication behavior for

897

different programs.

898

</para>

899

900

<para>

901

Some GDM features (like turning on automatic login) may require that

902

you update your PAM configuration. PAM configuration has different,

903

but similar, interfaces on different operating systems, so check your

904

pam.d or pam.conf man page for details. Be sure that you read the

905

PAM documentation (e.g. pam.d/pam.conf man page) and are comfortable

906

with the security implications of any changes you intend to make to

907

your configuration.

908

</para>

909

910

<para>

911

If there is no entry for GDM in your system's PAM configuration file,

912

then features like automatic login may not work. Not having an entry

913

will cause GDM to use default behavior, conservative settings are

914

recommended and probably shipped with your distribution.

915

</para>

916

917

<para>

918

If you wish to make GDM work with other types of authentication

919

mechanisms (such as a SmartCard), then you should implement this by

920

using a PAM service module for the desired authentication type rather

921

than by trying to modify the GDM code directly. Refer to the PAM

922

documentation on your system. This issue has been discussed on the

923

<address><email>gdm-list@gnome.org</email></address> mail list,

924

so you can refer to the list archives for more information.

925

</para>

926

927

<para>

928

For example, an effective way to implement such an exotic

929

authentication mechanism would be to have a daemon running

930

on the server listening to the authentication device (e.g.

931

USB key, fingerprint reader, etc.). When the device

932

announces that it has received input, then the daemon can

933

set the <filename>PamStack</filename> configuration value

934

using per-display configuration, and restart the greeter

935

with the PAM stack that works with this device. This avoids

936

needing to hack the display manager code directly to support

937

the feature.

938

</para>

939

</sect2>

940

941

942

<title>

943

utmp/wtmp

944

</title>

945

946

<para>

947

GDM generates utmp and wtmp User Accounting Database entries upon

948

session login and logout. The utmp database contains user access

949

and accounting information that is accessed by commands such as

950

<command>finger</command>, <command>last</command>,

951

<command>login</command>, and <command>who</command>. The wtmp

952

database contains the history of user access and accounting

953

information for the utmp database.

954

</para>

955

956

<para>

957

GDM 2.18 and earlier would run the X server <command>sessreg</command>

958

program from the default GDM <command>PreSession</command> and

959

<command>PostSession</command> scripts. Starting with GDM 2.20, GDM

960

interacts with the UTMP and WTMP databases directly and supports the

961

following configuration options.

962

</para>

963

964

<para>

965

When doing utmp processing, GDM supports configurability on how the

966

ut_line value is set. Programs that access the database assume that

967

this value is an actual device, so GDM will set the device as follows.

968

If the display is attached and has an associated Virtual Terminal (VT)

969

device, then this device will be used. Otherwise, if an attached

970

display in the <command>[servers]</command> specifies a device name,

971

then this value will be used. Otherwise attached displays will default

972

to the <filename>UtmpLineAttached</filename> value in the GDM

973

configuration. Remote displays will default to the

974

<filename>UtmpLineRemote</filename> value in the GDM configuration.

975

Device values must begin with "/dev/".

976

</para>

977

978

<para>

979

GDM also supports the <filename>UtmpPseudoDevice</filename>

980

configuration option. If this configuration setting is true, then GDM

981

will ensure that the specified device exists and will create a pseudo

982

device if the device does not exist. A pseudo device is a symlink to

983

<filename>/dev/null</filename>. If

984

<filename>UtmpPseudoDevice</filename> is true, and the device does

985

already exist, GDM checks to see if the device is a symlink to

986

<filename>/dev/null</filename>. If so, then GDM will update the access

987

time of the symlink. This ensures that programs that check the access

988

time of the device will get a reasonable value for the last time the

989

device was accessed. If the <filename>UtmpPseudoDevice</filename>

990

configuration option is false, then GDM will only set the ut_line

991

value as specified regardless of whether the device exists or not.

992

</para>

993

</sect2>

994

995

996

997

998

<para>

999

For security reasons a dedicated user and group id are required for

1000

proper operation! The need to be able to write Xauth files is why user

1001

"nobody" is not appropriate for gdm.

1002

</para>

1003

1004

<para>

1005

The GDM daemon normally runs as root, as does the slave. However GDM

1006

should also have a dedicated user id and a group id which it uses for

1007

its graphical interfaces such as <command>gdmgreeter</command> and

1008

<command>gdmlogin</command>. These are configured via the

1009

<filename>User</filename> and <filename>Group</filename>

1010

configuration options in the GDM configuration files. The user and

1011

group should be created before running "make install". By

1012

default GDM assumes the user and the group are called "gdm".

1013

</para>

1014

1015

<para>

1016

This userid is used to run the GDM GUI programs required for login.

1017

All functionality that requires root authority is done by the GDM

1018

daemon process. This design ensures that if the GUI programs are

1019

somehow exploited, only the dedicated user privileges are available.

1020

</para>

1021

1022

<para>

1023

It should however be noted that the GDM user and group have some

1024

privileges that make them somewhat dangerous. For one, they have

1025

access to the X server authorization directory. It must be able to

1026

read and write Xauth keys to <filename><var>/lib/gdm</filename>.

1027

This directory should have root:gdm ownership and 1770 permissions.

1028

Running "make install" will set this directory to these

1029

values. The GDM daemon process will reset this directory to proper

1030

ownership/permissions if it is somehow not set properly.

1031

</para>

1032

1033

<para>

1034

The danger is that someone who gains the GDM user/group privileges can

1035

then connect to any session. So you should not, under any

1036

circumstances, make this some user/group which may be easy to get

1037

access to, such as the user <filename>nobody</filename>. Users who

1038

gain access to the "gdm" user could also modify the Xauth

1039

keys causing Denial-Of-Service attacks. Also if a person gains the

1040

ability to run programs as the user "gdm", it would be

1041

possible to snoop on running GDM processes, including usernames and

1042

passwords as they are being typed in.

1043

</para>

1044

1045

<para>

1046

Distributions and system administrators using GDM are expected to setup

1047

the dedicated user properly. It is recommended that this userid be

1048

configured to disallow login and to not have a default shell.

1049

Distributions and system administrators should set up the filesystem to

1050

ensure that the GDM user does not have read or write access to

1051

sensitive files.

1052

</para>

1053

</sect2>

1054

1055

1056

<title>X Server Authentication Scheme</title>

1057

1058

<para>

1059

The X server authorization directory (the

1060

<filename>ServAuthDir</filename>) is used for a host of random

1061

internal data in addition to the X server authorization files, and the

1062

naming is really a relic of history. GDM daemon enforces this

1063

directory to be owned by <filename>root.gdm</filename> with the

1064

permissions of 1770. This way, only root and the GDM group have write

1065

access to this directory, but the GDM group cannot remove the root

1066

owned files from this directory, such as the X server authorization

1067

files.

1068

</para>

1069

1070

<para>

1071

GDM by default doesn't trust the X server authorization directory and

1072

treats it in the same way as the temporary directory with respect to

1073

creating files. This way someone breaking the GDM user cannot mount

1074

attacks by creating links in this directory. Similarly the X server

1075

log directory is treated safely, but that directory should really be

1076

owned and writable only by root.

1077

</para>

1078

1079

<para>

1080

GDM only supports the MIT-MAGIC-COOKIE-1 X server authentication

1081

scheme. Normally little is gained from the other schemes, and no

1082

effort has been made to implement them so far. Be especially

1083

careful about using XDMCP because the X server authentication cookie

1084

goes over the wire as clear text. If snooping is possible, then an

1085

attacker could simply snoop your authentication password as you log in,

1086

regardless of the authentication scheme being used. If snooping is

1087

possible and undesirable, then you should use ssh for tunneling an X

1088

connection rather then using XDMCP. You could think of XDMCP as a sort

1089

of graphical telnet, having the same security issues.

1090

</para>

1091

1092

<para>

1093

On the upside, GDM's random number generation is very conservative and

1094

GDM goes to extraordinary measures to truly get a 128 bit random

1095

number, using hardware random number generators (if available), plus

1096

the current time (in microsecond precision), a 20 byte array of

1097

pseudorandom numbers, process pid's, and other random information

1098

(possibly using <filename>/dev/audio</filename> or

1099

<filename>/dev/mem</filename> if hardware random generators are not

1100

available) to create a large buffer and then run MD5 digest on this.

1101

Obviously, all this work is wasted if you send this cookie over an open

1102

network or store it on an NFS directory (see

1103

<filename>UserAuthDir</filename> configuration key). So be careful

1104

about where you use remote X display.

1105

</para>

1106

</sect2>

1107

1108

1109

<title>Firewall Security</title>

1110

1111

<para>

1112

Even though GDM tries to outsmart potential attackers trying to take

1113

advantage of XDMCP, it is still advised that you block the XDMCP port

1114

(normally UDP port 177) on your firewall unless you really need it.

1115

GDM guards against DoS (Denial of Service) attacks, but the X protocol

1116

is still inherently insecure and should only be used in controlled

1117

environments. Also each remote connection takes up lots of resources,

1118

so it is much easier to DoS via XDMCP then a webserver.

1119

</para>

1120

1121

<para>

1122

It is also wise to block all of the X Server ports. These are TCP

1123

ports 6000 + the display number of course) on your firewall. Note that

1124

GDM will use display numbers 20 and higher for flexible on-demand

1125

servers.

1126

</para>

1127

1128

<para>

1129

X is not a very safe protocol for leaving on the net, and XDMCP is

1130

even less safe.

1131

</para>

1132

</sect2>

1133

1134

1135

<title>GDM Security With NFS</title>

1136

1137

<para>

1138

Note that NFS traffic really goes "over the wire" and thus

1139

can be snooped. When accessing the user's X authorization file

1140

(<filename>~/.Xauthority</filename>), GDM will try to open the file

1141

for reading as root. If it fails, GDM will conclude that it is on an

1142

NFS mount and it will automatically use

1143

<filename>UserAuthFBDir</filename>, which by default is set to

1144

<filename>/tmp</filename>. This behavior can be changed by setting the

1145

<filename>NeverPlaceCookiesOnNFS</filename> in the

1146

<filename>[security]</filename> section to false.

1147

</para>

1148

</sect2>

1149

1150

1151

<title>XDMCP Security</title>

1152

1153

<para>

1154

Even though your display is protected by cookies, XEvents and thus

1155

keystrokes typed when entering passwords will still go over the wire in

1156

clear text. It is trivial to capture these.

1157

</para>

1158

1159

<para>

1160

XDMCP is primarily useful for running thin clients such as in terminal

1161

labs. Those thin clients will only ever need the network to access

1162

the server, and so it seems like the best security policy to have

1163

those thin clients on a separate network that cannot be accessed by

1164

the outside world, and can only connect to the server. The only point

1165

from which you need to access outside is the server.

1166

</para>

1167

1168

<para>

1169

The above sections "X Server Authentication Scheme" and

1170

"Firewall Security" also contain important information about

1171

using XDMCP securely. The next section also discusses how to set up

1172

XDMCP access control.

1173

</para>

1174

1175

<para>

1176

To workaround the inherent insecurity of XDMCP, gdm proposes a default

1177

built-in session that uses SSH to encrypt the remote connection. See

1178

the section "Securing remote connection through SSH" above.

1179

</para>

1180

</sect2>

1181

1182

1183

<title>XDMCP Access Control</title>

1184

1185

<para>

1186

XDMCP access control is done using TCP wrappers. It is possible to

1187

compile GDM without TCP wrappers however, so you should test your

1188

configuration and verify that they work.

1189

</para>

1190

1191

<para>

1192

You should use the daemon name <command>gdm</command> in the

1193

<filename><etc>/hosts.allow</filename> and

1194

<filename><etc>/hosts.deny</filename> files. For example to

1195

deny computers from <filename>.evil.domain</filename> from logging in,

1196

then add

1197

</para>

1198

1199

gdm: .evil.domain

1200

</screen>

1201

<para>

1202

to <filename><etc>/hosts.deny</filename>. You may also need

1203

to add

1204

</para>

1205

1206

gdm: .your.domain

1207

</screen>

1208

<para>

1209

to your <filename><etc>/hosts.allow</filename> if you normally

1210

disallow all services from all hosts. See the

1211

<ulink type="help" url="man:hosts.allow">hosts.allow(5)</ulink> man

1212

page for details.

1213

</para>

1214

</sect2>

1215

1216

1217

<title>RBAC (Role Based Access Control)</title>

1218

1219

<para>

1220

If GDM is compiled with RBAC support, then the

1221

<filename>RBACSystemCommandKeys</filename> configuration option can be

1222

used to specify the RBAC key to be used to determine if the user has

1223

authority to use commands. This is supported for the Shutdown,

1224

Reboot, Suspend, and Custom Commands that appear in the GDM greeter

1225

and via the <command>gdmflexiserver</command> QUERY_LOGOUT_ACTION,

1226

SET_LOGOUT_ACTION, and SET_SAFE_LOGOUT_ACTION commands. The greeter

1227

will only display the option if the gdm user (specified by the

1228

<filename>User</filename> configuration option) has permission

1229

via RBAC. Users will only be able to use the

1230

<command>gdmflexiserver</command> commands if the user has

1231

permission via RBAC.

1232

</para>

1233

</sect2>

1234

</sect1>

1235

1236

1237

<title>Support for ConsoleKit</title>

1238

1239

<para>

1240

GDM includes support for publishing user login information with the user

1241

and login session accounting framework known as ConsoleKit. ConsoleKit

1242

is able to keep track of all the users currently logged in. In this

1243

respect, it can be used as a replacement for the utmp or utmpx files that

1244

are available on most Unix-like operating systems.

1245

</para>

1246

1247

<para>

1248

When GDM is about to create a new login process for a user it will call

1249

a privileged method of ConsoleKit in order to open a new session for this

1250

user. At this time GDM also provides ConsoleKit with information about

1251

this user session such as: the user ID, the X11 Display name that will be

1252

associated with the session, the host-name from which the session

1253

originates (useful in the case of an XDMCP session), whether or not this

1254

session is attached, etc. As the entity that initiates the user process,

1255

GDM is in a unique position know and to be trusted to provide these bits

1256

of information about the user session. The use of this privileged method

1257

is restricted by the use of D-Bus system message bus security policy.

1258

</para>

1259

1260

<para>

1261

In the case where a user with an existing session and has authenticated

1262

at GDM and requests to resume that existing session GDM calls a

1263

privileged method of ConsoleKit to unlock that session. The exact

1264

details of what happens when the session receives this unlock signal is

1265

undefined and session-specific. However, most sessions will unlock a

1266

screensaver in response.

1267

</para>

1268

1269

<para>

1270

When the user chooses to log out, or if GDM or the session quit

1271

unexpectedly the user session will be unregistered from ConsoleKit.

1272

</para>

1273

1274

<para>

1275

If support for ConsoleKit is not desired it can be disabled at build

1276

time using the "--with-console-kit=no" option when running

1277

configure.

1278

</para>

1279

1280

</sect1>

1281

1282

1283

<title>Using gdmsetup To Configure GDM</title>

1284

1285

<para>

1286

The <command>gdmsetup</command> application can be used to configure GDM.

1287

If you believe running root-owned GUI's causes security risk, then you

1288

would want to always edit the files by hand and not use

1289

<command>gdmsetup</command>. Editing the files by hand is explained in

1290

the "Configuration" section of this document. Note that

1291

<command>gdmsetup</command> does not support changing of all

1292

configuration variables, so it may be necessary to edit the files by

1293

hand for some configurations.

1294

</para>

1295

1296

<para>

1297

The <command>gdmsetup</command> program has five tabs: Local, Remote,

1298

Accessibility, Security, and Users, described below. In parenthesis is

1299

information about which GDM configuration key is affected by each GUI

1300

choice. Refer to the "Configuration" section of this manual

1301

and the comments in the GDM System Defaults Configuration File for

1302

additional details about each key.

1303

</para>

1304

1305

1306

<title>Local Tab</title>

1307

1308

<para>

1309

The Local tab is used for controlling the appearance of GDM for

1310

attached (also known as local or static) displays. Attached displays

1311

are non-XDMCP remote connections, for example. The choices available

1312

in this tab depend on the setting of the "Style" combobox.

1313

This combobox is used to determine whether the "Plain" or

1314

"Themed" greeter GUI is used. The differences between these

1315

greeter programs are explained in the "Overview" section of

1316

this document.

1317

</para>

1318

1319

<para>

1320

If the "Style" choice is "Plain", then GDM will

1321

use the <command>gdmlogin</command> program as the GUI

1322

(daemon/Greeter). When this choice is selected,

1323

<command>gdmsetup</command> allows the user to select whether the

1324

background is an image or solid color (greeter/BackgroundType). If

1325

image is selected, there is a file selection button to pick the image

1326

file (greeter/BackgroundImage) and a checkbox to scale the image to fit

1327

the screen (greeter/BackgroundImageScaleToFit). If solid color is

1328

selected, there is a button available to allow the color selection

1329

(greeter/BackgroundColor). Also, the user may select the logo image

1330

that appears in gdmlogin (greeter/Logo).

1331

</para>

1332

1333

<para>

1334

If the "Style" choice is "Plain with face browser",

1335

then the <command>gdmlogin</command> program is used as the GUI

1336

(daemon/Greeter) and the face browser is turned on (greeter/Browser).

1337

The Face Browser is explained in the "Overview" section.

1338

Otherwise, the choices are the same as when the "Style"

1339

choice is "Plain". Additional setup in the Users tab may be

1340

necessary to choose which users appear in the Face Browser.

1341

</para>

1342

1343

<para>

1344

If the "Style" choice is "Themed", then the

1345

<command>gdmgreeter</command> program is used as the GUI

1346

(daemon/Greeter). When this choice is selected,

1347

<command>gdmsetup</command> allows the user to select the theme to be

1348

used (greeter/GraphicalTheme). Note that the checkbox to the left

1349

of the theme's name must be checked for a theme to be selected.

1350

Information about the theme's author and copyright are shown for the

1351

highlighted theme. The "Remove" button can be used to delete

1352

the highlighted theme. The "Add" button can be used to add

1353

new themes to the system. For a new theme to be added it must be

1354

in tar or compressed tar format. The "Background color"

1355

displayed when GDM starts (and if the theme has transparent elements)

1356

can be selected (greeter/GraphicalThemedColor). The "Theme"

1357

combo box may be set to "Random from selected" to display a

1358

random theme for each login (greeter/GraphicalThemeRand and

1359

greeter/GraphicalThemes). To use random themes, select each theme that

1360

you wish to be displayed. By default this combobox is set to

1361

"Selected only", so that only a single theme may be selected

1362

and be used.

1363

</para>

1364

1365

<para>

1366

If the "Style" choice is "Themed with face

1367

browser", then the <command>gdmgreeter</command> program is used

1368

as the GUI (daemon/Greeter) and the face browser is turned on

1369

(greeter/Browser) if supported by the theme. The Face Browser is

1370

explained in the Overview section. Otherwise, the choices are the

1371

same as when the "Style" choice is "Themed".

1372

Additional setup in the Users tab may be necessary to choose which

1373

users appear in the Face Browser.

1374

</para>

1375

1376

<para>

1377

Regardless of the "Style" choice, the user may also select

1378

whether the Actions menu is visible (greeter/SystemMenu), whether the

1379

Actions menu includes the choice to start <command>gdmsetup</command>

1380

(greeter/ConfigAvailable), and whether the Action menu includes the

1381

choice to start <command>gdmchooser</command> to run a remote XDMCP

1382

login session (greeter/ChooserButton). The welcome message for

1383

attached DISPLAYS may be specified (greeter/DefaultWelcome and

1384

greeter/Welcome). The welcome message may contain the character

1385

sequences described in the "Text Node" subsection of the

1386

"Themed Greeter" section of this manual. These character

1387

sequences allow the welcome message to contain things like the display

1388

or host name.

1389

</para>

1390

</sect2>

1391

1392

1393

<title>Remote Tab</title>

1394

1395

<para>

1396

The Remote tab controls the appearance of the GDM for users logging

1397

in via XDMCP. By default XDMCP is disabled, and users should be

1398

comfortable with the XDMCP-related sections of the Security section

1399

of this document before enabling it. This tab includes a

1400

"Style" combobox which can be used to turn on XDMCP and

1401

control the appearance of GDM for remote users (gui/RemoteGreeter

1402

and xdmcp/Enable). The user may specify to use either the same

1403

greeter as used on the Local tab, or the other Greeter program. If

1404

the Face Browser setting is true on the Local tab, then it will also

1405

be true for the Remote tab. If the Face Browser setting is

1406

false on the Local tab, then it will also be false for the Remote

1407

tab. It is recommended that the "Plain" GUI be used for

1408

remote connections since it is more lightweight and tends to have

1409

better performance across a network.

1410

</para>

1411

1412

<para>

1413

If Remote login is enabled, then the welcome message for

1414

remote DISPLAYs may be specified (greeter/DefaultRemoteWelcome and

1415

greeter/RemoteWelcome). This welcome message is separate from the

1416

one shown for attached displays defined in the Local tab and can have

1417

a different value. The welcome message may contain the character

1418

sequences described in the "Text Node" subsection of the

1419

"Themed Greeter" section of this manual. These character

1420

sequences allow the welcome message to contain things like the

1421

display or host name.

1422

</para>

1423

1424

<para>

1425

If the "Style" choice is "Same as Local" and the

1426

local selection is "Plain" or "Plain with face

1427

browser", then the user may select whether background images

1428

should be displayed for remote logins

1429

(greeter/BackgroundRemoteOnlyColor).

1430

</para>

1431

1432

<para>

1433

If the "Style" choice is enabled and set to a different

1434

value than the Local tab, then the user has the same configuration

1435

choices as found on the Local tab except that the System Menu

1436

choices are not available since this is never available for remote

1437

logins for security purposes.

1438

</para>

1439

1440

<para>

1441

If Remote login is enabled, there is a "Configure XDMCP"

1442

button which displays a dialog allowing the user to set XDMCP

1443

configuration, including whether indirect requests are honored

1444

(xdmcp/HonorIndirect), UDP port (xdmcp/Port), maximum pending requests

1445

(xdmcp/MaxPending), maximum pending indirect requests

1446

(xmdcp/MaxPendingIndirect), maximum remote sessions

1447

(xdmcp/MaxSessions), maximum wait time (xdmcp/MaxWait), maximum

1448

indirect wait time (xdmcp/MaxWaitIndirect), displays per host

1449

(xdmcp/DisplaysPerHost), and ping interval (xdmcp/PingIntervalSeconds).

1450

The default settings are standard settings and should only be changed

1451

by someone who understands the ramifications of the change.

1452

</para>

1453

</sect2>

1454

1455

1456

<title>Accessibility Tab</title>

1457

1458

<para>

1459

The Accessibility tab is used to turn on Accessibility features in GDM.

1460

"Enable accessible login" (daemon/AddGtkModules and

1461

daemon/GtkModulesList) turns on GDM's gesture listeners which are

1462

explained in the "Accessibility" section of this document.

1463

There is also a checkbox to allow users to change the theme when using

1464

the Plain greeter (gui/AllowGtkThemeChange). This feature allows GDM

1465

users to switch the theme to the HighContrast or LowContrast themes if

1466

needed. The user may also select whether GDM should play a sound when

1467

the login screen is ready, when login is successful and when login has

1468

failed. File chooser buttons are used to select the sound file to be

1469

played, and the "Play" button can be used to sample the

1470

sound.

1471

</para>

1472

</sect2>

1473

1474

1475

<title>Security Tab</title>

1476

1477

<para>

1478

The Security tab allows the user to turn on Automatic and Timed login,

1479

which user is logged in via an automatic or timed login, and the

1480

timed login delay (daemon/AutomaticLoginEnable, daemon/AutomaticLogin,

1481

daemon/TimedLoginEnable, daemon/TimedLogin, and daemon/TimedLoginDelay).

1482

If automatic login is turned on, then the specified user will

1483

immediately log in on reboot without GDM asking for username/password.

1484

If the user logs out of their session, GDM will start and ask for

1485

username and password to log back in. If TimedLogin is turned on, then

1486

GDM will log into the specified user after a specified number of

1487

seconds. The user may enable Timed Login for remote (XDMCP)

1488

connections by checking the "Allow remote timed logins"

1489

checkbox.

1490

</para>

1491

1492

<para>

1493

On this tab, the user may select whether the system administrator user

1494

can log in, and whether the system administrator user can log in

1495

via remote (XDMCP) connections (security/AllowRoot and

1496

security/AllowRemoteRoot). The user may turn on GDM debug

1497

(debug/Enable) which causes debug messages to be sent to the system

1498

log. Debug should only be used when diagnosing a problem and not be

1499

left on when not needed. The "Deny TCP connections to

1500

X server" choice will disable X forwarding if selected

1501

(security/DisallowTCP). A login retry delay (security/RetryDelay) can

1502

be set to cause GDM to wait a number of seconds after a failed login.

1503

</para>

1504

1505

<para>

1506

The "Configure X Server" button can be used to specify how

1507

GDM manages each display. The "Servers" combobox shows what

1508

server definitions are available (Standard, Terminal, and Chooser by

1509

default). Refer to the "X Server Definitions" section of

1510

the "Configuration" section for more information about how

1511

to create new Server Definitions.

1512

</para>

1513

1514

<para>

1515

For any server type, the user may modify the "Server Name"

1516

(server/name), the "Command" (server/command) to be used to

1517

launch the X server, whether the server type will "Launch"

1518

(server/chooser) the greeter or chooser GUI after starting the

1519

X server, whether GDM handles this type (normally only set to false

1520

when logging into a Terminal session type), and whether the session

1521

type supports "Flexible" (server/flexible) sessions.

1522

</para>

1523

1524

<para>

1525

The "Servers To Start" section shows what server type is

1526

displayed for each display on the machine. Users may click on the

1527

"Add/Modify" button to add a new display to the list or to

1528

modify a selected display. This simply corresponds each physical

1529

display with the Server Definition to be used for managing that

1530

display. The "Remove" button may be used to remove a

1531

display from the list.

1532

</para>

1533

</sect2>

1534

1535

1536

<title>Users Tab</title>

1537

1538

<para>

1539

The Users tab controls which users appear in the Face Browser. If the

1540

"Include all users from /etc/password" checkbox is selected,

1541

then all users (with a userid above greeter/MinimalUID and not in the

1542

Exclude list) are displayed. If this checkbox is not selected, then

1543

users must be added to the "Include" list. Users in the

1544

"Exclude" list are never displayed. The "Add" and

1545

"Remove" buttons are used to add a new user to the list or

1546

remove a selected user from the list. The "Apply User

1547

Changes" button must be pressed after the "Include" and

1548

"Exclude" lists have been modified. The left and right

1549

arrow buttons between the "Include" and "Exclude"

1550

lists can be used to move a selected user from one list to the other.

1551

</para>

1552

</sect2>

1553

</sect1>

1554

1555

1556

<title>Configuration</title>

1557

1558

<para>

1559

GDM has powerful configuration management. System default configuration

1560

is stored in the GDM System Defaults Configuration File and user changes

1561

to the default configuration are stored in the GDM Custom Configuration

1562

File. This allows sysadmins to store the GDM System Defaults

1563

Configuration File on a shared filesystem, so a single file can be used

1564

to control configuration for multiple machines. GDM also supports

1565

per-display configuration for GUI-related keys.

1566

</para>

1567

1568

<para>

1569

The <command>gdmsetup</command> is a GUI program you can use to edit the

1570

GDM configuration. This program may also be launched directly from the

1571

login screen if the greeter/ConfigAvailable key is set to "true"

1572

Not all keys in the GDM configuration file are supported in the GUI, so

1573

you may need to edit the configuration files by hand to edit these keys.

1574

If you believe running root-owned GUI's causes security risk, then you

1575

would want to always edit the files by hand. This program does not

1576

support setting per-display configuration, so per-display configuration

1577

files must be set up by hand.

1578

</para>

1579

1580

<para>

1581

Aside from the GDM System Defaults Configuration File, the other GDM

1582

configuration files are located, by default, in the

1583

<filename><etc>/gdm/</filename> folder or its subdirectories.

1584

Note that the location of many configuration files are defined in the

1585

GDM configuration files, so check the GDM System Defaults Configuration

1586

File and the GDM Custom Configuration File if the files are not in the

1587

locations specified in this document.

1588

</para>

1589

1590

<para>

1591

Listing of the config directory contents:

1592

</para>

1593

1594

1595

custom.conf

1596

locale.alias

1597

Xsession

1598

XKeepsCrashing

1599

modules/

1600

Init/

1601

PostLogin/

1602

PreSession/

1603

PostSession/

1604

</screen>

1605

1606

<para>

1607

<filename>locale.alias</filename> is a file which looks much like the

1608

system locale alias but, in fact, is not the same. This is a list

1609

of all languages that may be on your system. All languages are

1610

checked to see if they exist before displaying them in the Language

1611

Selection dialog in the login GUI. Only those that exist are displayed.

1612

</para>

1613

1614

<para>

1615

<filename>Xsession</filename> is a script which sets up a user session

1616

and then executes the user's choice of session. Note that the session

1617

script is typically started via the <filename>desktop</filename>

1618

file associated with the session the user has picked. Some

1619

sessions may start the user's session via a different mechanism than

1620

the <filename>Xsession</filename> script, so please check the

1621

appropriate <filename>desktop</filename> before assuming a session

1622

startup issue is being caused by this file.

1623

</para>

1624

1625

<para>

1626

<filename>XKeepsCrashing</filename> is a script which gets run when the

1627

X server keeps crashing and we cannot recover. The shipped default

1628

script will work with most Linux distributions and can run the X

1629

configuration application provided the person on the console knows the

1630

root password.

1631

</para>

1632

1633

<para>

1634

Accessibility modules are configured in the <filename>modules/</filename>

1635

subdirectory, and are a separate topic. Read the default files provided,

1636

they have adequate documentation. Again normally the default install

1637

is given in the files with <filename>factory</filename> in their name,

1638

and those files are not read, they are just there for you so you can

1639

always revert to default config.

1640

</para>

1641

1642

<para>

1643

Files describing available GDM session follow the freedesktop.org

1644

desktop file specification. The <filename>.desktop</filename>-style

1645

files are installed to <filename><etc>/X11/sessions/</filename>.

1646

This directory is also read by the KDE desktop manager (KDM) for common

1647

configuration. Next the directory

1648

<filename><share>/gdm/BuiltInSessions/</filename> is read for

1649

GDM specific built-in sessions (KDM hardcodes these at time of

1650

this writing). Lastly the default setup will also read

1651

<filename><share>/xsessions/</filename> (which should be

1652

<filename><share>/xsessions/</filename> if you really wish to

1653

cooperate with KDM) where desktop packages can install their session

1654

files. The directories under the <filename><etc></filename> should

1655

be reserved for configuration. The desktop file specification approach

1656

makes it easy for package management systems to install window managers

1657

and different session types without requiring the sysadmin to edit files.

1658

See the <filename>SessionDesktopDir</filename> configuration key for

1659

changing the paths. It used to be that GDM stored its built in

1660

sessions in <filename><etc>/dm/Sessions/</filename> but this is

1661

deprecated as of 2.5.90.0. Note that prior to version 2.4.4.2 only the

1662

<filename><etc>/dm/Sessions/</filename> was being read.

1663

</para>

1664

1665

<para>

1666

A session can be disabled (if it was installed in

1667

<filename><share>/xsessions/</filename>) by adding an identically

1668

named <filename>.desktop</filename> to one of the directories earlier in

1669

the path (likely <filename><etc>/X11/sessions</filename>) and using

1670

<filename>Hidden=true</filename> in that file.

1671

</para>

1672

1673

<para>

1674

GDM uses the optional key <filename>X-Gdm-XserverArgs</filename> in

1675

session files to specify additional arguments to be passed to the

1676

X server. For example, the entry

1677

<filename>X-Gdm-XserverArgs=-depth 16</filename> will start the

1678

X server with a color depth of 16 bits. Any such additional arguments

1679

are ignored when using a Nested display (when GDM is launched in a

1680

window).

1681

</para>

1682

1683

1684

<title>The Script Directories</title>

1685

1686

<para>

1687

In this section we will explain the <filename>Init</filename>,

1688

<filename>PostLogin</filename>, <filename>PreSession</filename> and

1689

<filename>PostSession</filename> directories as they are very similar.

1690

</para>

1691

1692

<para>

1693

When the X server has been successfully started, GDM will try to run

1694

the script called <filename>Init/<displayname></filename>. I.e.

1695

<filename>Init/:0</filename> for the first attached display. If this

1696

file is not found, GDM will attempt to to run

1697

<filename>Init/<hostname></filename>. I.e.

1698

<filename>Init/somehost</filename>.

1699

If this still is not found, GDM will try

1700

<filename>Init/XDMCP</filename> for all XDMCP logins or

1701

<filename>Init/Flexi</filename> for all on demand flexible

1702

displays. If none of the above were found, GDM will run

1703

<filename>Init/Default</filename>. The script will be run as root and

1704

GDM blocks until it terminates. Use the <filename>Init/*</filename>

1705

script for applications that are supposed to run alongside with the GDM

1706

login window. xconsole for instance. Commands to set the background

1707

etc. go in this file too.

1708

</para>

1709

1710

<para>

1711

It is up to the sysadmin to decide whether clients started by the Init

1712

script should be killed before starting the user session. This is

1713

controlled with the <filename>KillInitClients</filename> configuration

1714

option.

1715

</para>

1716

1717

<para>

1718

When the user has been successfully authenticated GDM tries the

1719

scripts in the <filename>PostLogin</filename> directory in the same

1720

manner as for the <filename>Init</filename> directory. This is done

1721

before any session setup is done, and so this would be the script where

1722

you might setup the home directory if you need to (though you should

1723

use the <filename>pam_mount</filename> module if you can for this).

1724

You have the <filename>$USER</filename> and

1725

<filename>$DISPLAY</filename> environment variables set for this

1726

script, and again it is run as root. The script should return 0 on

1727

success as otherwise the user won't be logged in. This is not true for

1728

failsafe session however.

1729

</para>

1730

1731

<para>

1732

After the user session has been setup from the GDM side of things, GDM

1733

will run the scripts in the <filename>PreSession</filename> directory,

1734

again in the same manner as the <filename>Init</filename> directory.

1735

This script can be used for session management or accounting, for

1736

example. The <filename>$USER</filename> environment variable contains

1737

the login of the authenticated user and <filename>$DISPLAY</filename>

1738

is set to the current display. The script should return 0 on success.

1739

Any other value will cause GDM to terminate the current login process.

1740

This is not true for failsafe sessions however. Also

1741

<filename>$X_SERVERS</filename> environmental variable is set and this

1742

points to a fake generated X servers file for use with the sessreg

1743

accounting application.

1744

</para>

1745

1746

<para>

1747

After this the base <filename>Xsession</filename> script is run with

1748

the selected session executable as the first argument. This is run as

1749

the user, and really this is the user session. The available session

1750

executables are taken from the <filename>Exec=</filename> line in the

1751

<filename>.desktop</filename> files in the path specified by

1752

<filename>SessionDesktopDir</filename>. Usually this path is

1753

<filename><etc>/X11/sessions/:<etc>/dm/Sessions:/usr/share/xsessions/</filename>.

1754

The first found file is used. The user either picks from these

1755

sessions or GDM will look inside the file <filename>~/.dmrc</filename>

1756

for the stored preference.

1757

</para>

1758

1759

<para>

1760

This script should really load the user's profile and generally do all

1761

the voodoo that is needed to launch a session. Since many systems

1762

reset the language selections done by GDM, GDM will also set the

1763

<filename>$GDM_LANG</filename> variable to the selected language. You

1764

can use this to reset the language environmental variables after you

1765

run the user's profile. If the user elected to use the system language,

1766

then <filename>$GDM_LANG</filename> is not set.

1767

</para>

1768

1769

<para>

1770

When the user terminates his session, the

1771

<filename>PostSession</filename> script will be run. Again operation

1772

is similar to <filename>Init</filename>, <filename>PostLogin</filename>

1773

and <filename>PreSession</filename>. Again the script will be run with

1774

root privileges, the slave daemon will block and the

1775

<filename>$USER</filename> environment variable will contain the name

1776

of the user who just logged out and <filename>$DISPLAY</filename> will

1777

be set to the display the user used, however note that the X server for

1778

this display may already be dead and so you shouldn't try to access it.

1779

Also <filename>$X_SERVERS</filename> environmental variable is set and

1780

this points to a fake generated X servers file for use with the sessreg

1781

accounting application.

1782

</para>

1783

1784

<para>

1785

Note that the <filename>PostSession</filename> script will be run

1786

even when the display fails to respond due to an I/O error or

1787

similar. Thus, there is no guarantee that X applications will work

1788

during script execution.

1789

</para>

1790

1791

<para>

1792

Except for the <filename>Xsession</filename> script all of these

1793

scripts will also have the environment variable

1794

<filename>$RUNNING_UNDER_GDM</filename> set to

1795

<filename>yes</filename>, so that you could perhaps use similar

1796

scripts for different display managers. The

1797

<filename>Xsession</filename> will always have the

1798

<filename>$GDMSESSION</filename> set to the basename of the

1799

session that the user chose to run without the

1800

<filename>.desktop</filename> extension. In addition

1801

<filename>$DESKTOP_SESSION</filename> is also set to the same value

1802

and in fact this will also be set by KDM in future versions.

1803

</para>

1804

1805

<para>

1806

Neither of the <filename>Init</filename>,

1807

<filename>PostLogin</filename>, <filename>PreSession</filename> or

1808

<filename>PostSession</filename> scripts are necessary and can be left

1809

out. The <filename>Xsession</filename> script is however required as

1810

well as at least one session <filename>.desktop</filename> file.

1811

</para>

1812

</sect2>

1813

1814

1815

<title>The Configuration Files - GDM System Defaults Configuration File

1816

and GDM Custom Configuraiton File</title>

1817

1818

<para>

1819

GDM uses two configuration files: the GDM System Defaults Configuration

1820

File (<filename><share>/gdm/defaults.conf</filename>) and the

1821

GDM Custom Configuration File

1822

(<filename><etc>/gdm/custom.conf</filename>). The GDM System

1823

Defaults File contains the default configuration choices for GDM, and

1824

should not be modified by the user. The GDM Custom Configuration File

1825

is where users may specify their custom configuration choices.

1826

If a configuration option is not defined in either file, GDM will

1827

default to the value described in the comments in the GDM System

1828

Defaults Configuration File.

1829

</para>

1830

1831

<para>

1832

Both configuration files are divided into sections each containing

1833

variables that define the behavior for a specific part of the GDM

1834

suite. Refer to the comments in the GDM System Defaults Configuration

1835

File for additional information about each configuration setting.

1836

</para>

1837

1838

<para>

1839

GDM also supports per-display configuration for parameters in the

1840

"gui", "greeter" sections of the configuration file

1841

Also the security/PamStack key may be customized per-display.

1842

Per-display configuration is specified by creating a file named

1843

<filename><etc>/gdm/custom.conf<display num></filename>.

1844

In this file the section and keys to use on this display can be

1845

specified. For example, configuration overrides for display

1846

":103" would be stored in the file

1847

<filename><etc>/gdm/custom.conf:0</filename>. Per-display

1848

configuration is supported in GDM 2.14.6 and later.

1849

</para>

1850

1851

<para>

1852

To change configuration by hand, edit the GDM Custom Configuration File

1853

or per-display configuration file and make sure the keyname=value

1854

pair you want is included in the appropriate section. For example,

1855

to change the value for the "Greeter" key in the

1856

"daemon" section, make sure the daemon section of the GDM

1857

Custom Configuration File or per-display configuration file includes

1858

the "[daemon]" section followed by the key and value

1859

change desired. As in this example:

1860

</para>

1861

1862

1863

[daemon]

1864

Greeter=/usr/lib/gdmgreeter

1865

</screen>

1866

1867

<para>

1868

The <command>gdmsetup</command> command can be used to modify the GDM

1869

Custom Configuration File. Note the <command>gdmsetup</command> is

1870

intended to be run as root, so users who feel it is insecure to run

1871

GUI programs as root should edit the configuration files by hand.

1872

</para>

1873

1874

<para>

1875

The GDM daemon <command>--config</command> argument may instead be used

1876

to specify a different configuration file location. The GDM daemon

1877

must be restarted to change the configuration file being used. Also

1878

when building GDM, the location of the configuration files may be

1879

specified via the <command>--with-defaults-conf</command> and

1880

<command>--with-custom-conf</command> configuration options.

1881

</para>

1882

1883

<para>

1884

Previous to GDM 2.13.0.4 only the

1885

<filename><etc>/gdm/gdm.conf</filename> existed. For best

1886

backwards compatibility, this file will be used instead of the GDM

1887

Custom Configuration File if it exists on your system. If upgrading

1888

to the new version of GDM, "make install" will check to see

1889

if the <filename><etc>/gdm/gdm.conf</filename> file is different

1890

than the <filename><etc>/gdm/factory-gdm.conf</filename> file.

1891

If so, the <filename><etc>/gdm/gdm.conf</filename> file will be

1892

automatically copied to

1893

<filename><etc>/gdm/custom.conf</filename> to preserve any

1894

configuration changes.

1895

</para>

1896

1897

<para>

1898

Distributions should edit the GDM System Defaults Configuration File to

1899

establish default configuration values, so that they are preserved as

1900

defaults and not modified by users modifying the GDM Custom

1901

Configuration File. Note that distributions may modify the GDM System

1902

Defaults Configuration File on update to improve usability, security,

1903

etc. So any changes made to this file may be lost.

1904

</para>

1905

1906

<para>

1907

The GDM System Defaults Configuration File and the GDM Custom

1908

Configuration File follow the standard <filename>.ini</filename> style

1909

configuration file syntax. Keywords in brackets define sections,

1910

strings before an equal sign (=) are variables and the data after

1911

equal sign represents their value. Empty lines or lines starting with

1912

the hash mark (#) are ignored. The graphical configurator will try to

1913

preserve both comments (lines with a hash mark) and the overall

1914

structure of the file so you can intermix using the GUI or hand

1915

editing the configuration file.

1916

</para>

1917

1918

<para>

1919

The following configuration keys are supported in GDM:

1920

</para>

1921

1922

1923

<title>Daemon Configuration</title>

1924

1925

1926

<title>[daemon]</title>

1927

1928

1929

<term>AddGtkModules</term>

1930

1931

<synopsis>AddGtkModules=false</synopsis>

1932

<para>

1933

If true, then enables <command>gdmgreeter</command> or

1934

<command>gdmlogin</command> to be launched with additional

1935

Gtk+ modules. This is useful when extra features are required

1936

such as accessible login. Note that only "trusted"

1937

modules should be used to minimize security issues.

1938

</para>

1939

<para>

1940

If true, then the registry daemon

1941

<command>at-spi-registryd</command>

1942

will be launched by <command>gdmgreeter</command> or

1943

<command>gdmlogin</command> starting with version GDM 2.17.

1944

</para>

1945

<para>

1946

Usually this is used for accessibility modules. The modules

1947

which are loaded are specified with the

1948

<filename>GtkModulesList</filename> key.

1949

</para>

1950

</listitem>

1951

</varlistentry>

1952

1953

1954

<term>AllowLogoutActions</term>

1955

1956

<synopsis>AllowLogoutActions=HALT;REBOOT;SHUTDOWN;SUSPEND;CUSTOM_CMD</synopsis>

1957

<para>

1958

Specify which actions are supported by the QUERY_LOGOUT_ACTION,

1959

SET_LOGOUT_ACTION, and SET_SAFE_LOGOUT_ACTION

1960

<command>gdmflexiserver</command> commands. Valid values are

1961

HALT, REBOOT, SHUTDOWN, SUSPEND, and CUSTOM_CMD and these

1962

should be separated by semicolons. This allows certain

1963

options to be disabled if desired. Refer to the related

1964

<filename>SystemCommandsInMenu</filename> and

1965

<filename>RBACSystemCommandKeys</filename> configuration

1966

options.

1967

</para>

1968

</listitem>

1969

</varlistentry>

1970

1971

1972

<term>AlwaysLoginCurrentSession</term>

1973

1974

<synopsis>AlwaysLoginCurrentSession=true</synopsis>

1975

<para>

1976

If true, then when the user logs in and already has an

1977

existing session, then they are connected to that session

1978

rather than starting a new session. This only works for

1979

sessions running on VTs (Virtual Terminals) started with

1980

gdmflexiserver, and not with XDMCP. Note that VTs are not

1981

supported on all operating systems.

1982

</para>

1983

</listitem>

1984

</varlistentry>

1985

1986

1987

<term>AutomaticLoginEnable</term>

1988

1989

<synopsis>AutomaticLoginEnable=false</synopsis>

1990

<para>

1991

If the user given in AutomaticLogin should be logged in upon

1992

first bootup. No password will be asked. This is useful

1993

for single user workstations where console security is not an

1994

issue and also could be useful for public terminals. Refer

1995

also to <filename>TimedLogin</filename>.

1996

</para>

1997

</listitem>

1998

</varlistentry>

1999

2000

2001

<term>AutomaticLogin</term>

2002

2003

<synopsis>AutomaticLogin=</synopsis>

2004

<para>

2005

This user should be automatically logged in on first bootup.

2006

AutomaticLoginEnable must be true and this must be

2007

a valid user for this to happen. "root" can never be

2008

autologged in however and gdm will just refuse to do it even

2009

if you set it up.

2010

</para>

2011

2012

<para>

2013

The following control chars are recognized within the

2014

specified name:

2015

</para>

2016

2017

<para>

2018

%% — the `%' character

2019

</para>

2020

2021

<para>

2022

%d — display's name

2023

</para>

2024

2025

<para>

2026

%h — display's hostname

2027

</para>

2028

2029

<para>

2030

Alternatively, the name may end with a vertical bar |, the

2031

pipe symbol. The name is then used as a application to execute

2032

which returns the desired username on standard output. If an

2033

empty or otherwise invalid username is returned, automatic

2034

login is not performed. This feature is typically used when

2035

several remote displays are used as internet kiosks, with a

2036

specific user to automatically login for each display.

2037

</para>

2038

</listitem>

2039

</varlistentry>

2040

2041

2042

<term>BaseXsession</term>

2043

2044

<synopsis>BaseXsession=<etc>/gdm/Xsession</synopsis>

2045

<para>

2046

This is the base X session file. When a user logs in, this

2047

script will be run with the selected session as the first

2048

argument. The selected session will be the

2049

<filename>Exec=</filename> from the

2050

<filename>.desktop</filename> file of the session.

2051

</para>

2052

2053

<para>

2054

If you wish to use the same script for several different

2055

display managers, and wish to have some of the script run only

2056

for GDM, then you can check the presence of the

2057

<filename>GDMSESSION</filename> environmental variable. This

2058

will always be set to the basename of

2059

<filename>.desktop</filename> (without the extension) file that

2060

is being used for this session, and will only be set for GDM

2061

sessions. Previously some scripts were checking for

2062

<filename>GDM_LANG</filename>, but that is only set when the

2063

user picks a non-system default language.

2064

</para>

2065

2066

<para>

2067

This script should take care of doing the "login" for

2068

the user and so it should source the

2069

<filename><etc>/profile</filename> and friends. The

2070

standard script shipped with GDM sources the files in this

2071

order: <filename><etc>/profile</filename> then

2072

<filename>~/.profile</filename> then

2073

<filename><etc>/xprofile</filename> and finally

2074

<filename>~/.xprofile</filename>. Note that different

2075

distributions may change this however. Sometimes users

2076

personal setup will be in <filename>~/.bash_profile</filename>,

2077

however broken that is.

2078

</para>

2079

</listitem>

2080

</varlistentry>

2081

2082

2083

<term>Chooser</term>

2084

2085

<synopsis>Chooser=<bin>/gdmchooser</synopsis>

2086

<para>

2087

Full path and name of the chooser executable followed by

2088

optional arguments.

2089

</para>

2090

</listitem>

2091

</varlistentry>

2092

2093

2094

<term>Configurator</term>

2095

2096

<synopsis>Configurator=<bin>/gdmsetup --disable-sound --disable-crash-dialog</synopsis>

2097

<para>

2098

The pathname to the configurator binary. If the greeter

2099

<filename>ConfigAvailable</filename> option is set to true then

2100

run this binary when somebody chooses Configuration from the

2101

Actions menu. Of course GDM will first ask for root password

2102

however. And it will never allow this to happen from a remote

2103

display.

2104

</para>

2105

</listitem>

2106

</varlistentry>

2107

2108

2109

<term>ConsoleCannotHandle</term>

2110

2111

<synopsis>ConsoleCannotHandle=am,ar,az,bn,el,fa,gu,hi,ja,ko,ml,mr,pa,ta,zh</synopsis>

2112

<para>

2113

These are the languages that the console cannot handle because

2114

of font issues. Here we mean the text console, not X. This

2115

is only used when there are errors to report and we cannot

2116

start X.

2117

</para>

2118

</listitem>

2119

</varlistentry>

2120

2121

2122

<term>ConsoleNotify</term>

2123

2124

<synopsis>ConsoleNotify=true</synopsis>

2125

<para>

2126

If false, gdm will not display a message dialog on the

2127

console when an error happens.

2128

</para>

2129

</listitem>

2130

</varlistentry>

2131

2132

2133

<term>DefaultPath</term>

2134

2135

<synopsis>DefaultPath=defaultpath (value set by configure)</synopsis>

2136

<para>

2137

Specifies the path which will be set in the user's session.

2138

This value will be overridden with the value from

2139

<filename>/etc/default/login</filename> if it contains

2140

"ROOT=<pathname>". If the

2141

<filename>/etc/default/login</filename> file exists, but

2142

contains no value for ROOT, the value as defined in the GDM

2143

configuration will be be used.

2144

</para>

2145

</listitem>

2146

</varlistentry>

2147

2148

2149

<term>DefaultSession</term>

2150

2151

<synopsis>DefaultSession=gnome.desktop</synopsis>

2152

<para>

2153

The session that is used by default if the user does not have

2154

a saved preference and has picked 'Last' from the list of

2155

sessions. Note that 'Last' need not be displayed, see

2156

the <filename>ShowLastSession</filename> key.

2157

</para>

2158

</listitem>

2159

</varlistentry>

2160

2161

2162

2163

<term>DisplayInitDir</term>

2164

2165

<synopsis>DisplayInitDir=<etc>/gdm/Init</synopsis>

2166

<para>

2167

Directory containing the display init scripts. See the

2168

``The Script Directories'' section for more info.

2169

</para>

2170

</listitem>

2171

</varlistentry>

2172

2173

2174

<term>DisplayLastLogin</term>

2175

2176

<synopsis>DisplayLastLogin=true</synopsis>

2177

<para>

2178

If true then the last login information is printed to the user

2179

before being prompted for password. While this gives away some

2180

info on what users are on a system, it on the other hand should

2181

give the user an idea of when they logged in and if it doesn't

2182

seem kosher to them, they can just abort the login and contact

2183

the sysadmin (avoids running malicious startup scripts).

2184

This was added in version 2.5.90.0.

2185

</para>

2186

<para>

2187

This is for making GDM conformant to CSC-STD-002-85, although

2188

that is purely theoretical now. Someone should read that spec

2189

and ensure that this actually conforms (in addition to other

2190

places in GDM). See

2191

<filename>http://www.radium.ncsc.mil/tpep/library/rainbow/CSC-STD-002-85.html</filename>

2192

for more info.

2193

</para>

2194

</listitem>

2195

</varlistentry>

2196

2197

2198

<term>DoubleLoginWarning</term>

2199

2200

<synopsis>DoubleLoginWarning=true</synopsis>

2201

<para>

2202

If true, GDM will warn the user if they are already logged in

2203

on another virtual terminal. On systems where GDM supports

2204

checking the X virtual terminals, GDM will let the user switch

2205

to the previous login virtual terminal instead of logging in.

2206

</para>

2207

</listitem>

2208

</varlistentry>

2209

2210

2211

<term>DynamicXServers</term>

2212

2213

<synopsis>DynamicXServers=false</synopsis>

2214

<para>

2215

If true, the GDM daemon will honor requests to manage

2216

displays via the <filename>/tmp/.gdm_socket</filename>

2217

socket connection. Displays can be created, started,

2218

and deleted with the appropriate commands. The

2219

<filename>gdmdynamic</filename> command is a convenient

2220

method to send these messages.

2221

</para>

2222

</listitem>

2223

</varlistentry>

2224

2225

2226

<term>FailsafeXServer</term>

2227

2228

<synopsis>FailsafeXServer=</synopsis>

2229

<para>

2230

An X command line in case we can't start the normal X server.

2231

should probably be some sort of a script that runs an

2232

appropriate low resolution X server that will just work.

2233

This is tried before the <filename>XKeepsCrashing</filename>

2234

script is run.

2235

</para>

2236

</listitem>

2237

</varlistentry>

2238

2239

2240

<term>FirstVT</term>

2241

2242

<synopsis>FirstVT=7</synopsis>

2243

<para>

2244

On systems where GDM supports automatic VT (virtual terminal)

2245

allocation, this is the first vt to try. Usually standard text

2246

logins are run on the lower vts. See also

2247

<filename>VTAllocation</filename>.

2248

</para>

2249

</listitem>

2250

</varlistentry>

2251

2252

2253

<term>FlexibleXServers</term>

2254

2255

<synopsis>FlexibleXServers=5</synopsis>

2256

<para>

2257

The maximum number of allowed flexible displays. These are

2258

displays that can be run using the

2259

<filename>/tmp/.gdm_socket</filename> socket connection.

2260

This is used for both full flexible displays and for nested

2261

displays (refer to the <filename>Xnest</filename> configuration

2262

option).

2263

</para>

2264

</listitem>

2265

</varlistentry>

2266

2267

2268

<term>FlexiReapDelayMinutes</term>

2269

2270

<synopsis>FlexiReapDelayMinutes=5</synopsis>

2271

<para>

2272

After how many minutes of inactivity at the login screen

2273

should a flexi display be reaped. This is only in effect

2274

before a user logs in. Also it does not affect nested displays

2275

(refer to the <filename>Xnest</filename> configuration

2276

option). To turn off this behavior set this value to 0. This

2277

was added in version 2.5.90.0.

2278

</para>

2279

</listitem>

2280

</varlistentry>

2281

2282

2283

<term>Greeter</term>

2284

2285

<synopsis>Greeter=<bin>/gdmlogin</synopsis>

2286

<para>

2287

Full path and name of the greeter executable followed by

2288

optional arguments. This is the greeter used for all displays

2289

except for the XDMCP remote displays. See also

2290

<filename>RemoteGreeter</filename>

2291

</para>

2292

</listitem>

2293

</varlistentry>

2294

2295

2296

<term>Group</term>

2297

2298

<synopsis>Group=gdm</synopsis>

2299

<para>

2300

The group name under which <command>gdmlogin</command>,

2301

<command>gdmgreeter</command>,

2302

<command>gdmchooser</command> and the internal

2303

failsafe GTK+ dialogs are run. Also see

2304

<filename>User</filename>. This user will have access to all

2305

the X authorization files, and perhaps to other internal GDM

2306

data and it should not therefore be a user such as nobody, but

2307

rather a dedicated user. The <filename>ServAuthDir</filename>

2308

is owned by this group. The ownership and permissions of

2309

<filename>ServAuthDir</filename> should be

2310

<filename>root.gdm</filename> and 1770.

2311

</para>

2312

</listitem>

2313

</varlistentry>

2314

2315

2316

<term>GtkModulesList</term>

2317

2318

<synopsis>GtkModulesList=module-1:module-2:...</synopsis>

2319

<para>

2320

A colon separated list of Gtk+ modules that

2321

<command>gdmgreeter</command> or <command>gdmlogin</command>

2322

will be invoked with if <filename>AddGtkModules</filename> is

2323

true. The format is the same as the standard Gtk+ module

2324

interface.

2325

</para>

2326

</listitem>

2327

</varlistentry>

2328

2329

2330

<term>HaltCommand</term>

2331

2332

<synopsis>HaltCommand=<sbin>/shutdown -h now</synopsis>

2333

<para>

2334

Full path and arguments to command to be executed when user

2335

selects "Shut Down" from the Actions menu. This can

2336

be a ';' separated list of commands to try. If a value is

2337

missing, the shut down command is not available. Note that the

2338

default for this value is not empty, so to disable

2339

"Shut Down" it must be

2340

set to an empty value.

2341

</para>

2342

</listitem>

2343

</varlistentry>

2344

2345

2346

<term>KillInitClients</term>

2347

2348

<synopsis>KillInitClients=true</synopsis>

2349

<para>

2350

Determines whether GDM should kill X clients started by the

2351

init scripts when the user logs in.

2352

</para>

2353

</listitem>

2354

</varlistentry>

2355

2356

2357

<term>LogDir</term>

2358

2359

<synopsis>LogDir=<var>/log/gdm</synopsis>

2360

<para>

2361

Directory containing the log files for the individual displays.

2362

By default this is the same as the ServAuthDir.

2363

</para>

2364

</listitem>

2365

</varlistentry>

2366

2367

2368

<term>PreFetchProgram</term>

2369

2370

<synopsis>PreFetchProgram=command</synopsis>

2371

<para>

2372

Program to be run by the GDM greeter/login program when the

2373

initial screen is displayed. The purpose is to provide a hook

2374

where files which will be used after login can be preloaded to

2375

speed performance for the user. The program will be called

2376

once only, the first time a greeter is displayed. The

2377

gdmprefetch command may be used. This utility will load any

2378

libraries passed in on the command line, or if the argument

2379

starts with a "@" character, it will process the file

2380

assuming it is an ASCII file containing a list of libraries,

2381

one per line, and load each library in the file.

2382

</para>

2383

</listitem>

2384

</varlistentry>

2385

2386

2387

<term>PostLoginScriptDir</term>

2388

2389

<synopsis>PostLoginScriptDir=<etc>/gdm/PostLogin</synopsis>

2390

<para>

2391

Directory containing the scripts run right after the user logs

2392

in, but before any session setup is done. See the

2393

``The Script Directories'' section for more info.

2394

</para>

2395

</listitem>

2396

</varlistentry>

2397

2398

2399

<term>PostSessionScriptDir</term>

2400

2401

<synopsis>PostSessionScriptDir=<etc>/gdm/PostSession</synopsis>

2402

<para>

2403

Directory containing the scripts run after the user logs out.

2404

See the ``The Script Directories'' section for more info.

2405

</para>

2406

</listitem>

2407

</varlistentry>

2408

2409

2410

<term>PreSessionScriptDir</term>

2411

2412

<synopsis>PreSessionScriptDir=<etc>/gdm/PreSession</synopsis>

2413

<para>

2414

Directory containing the scripts run before the user logs in.

2415

See the ``The Script Directories'' section for more info.

2416

</para>

2417

</listitem>

2418

</varlistentry>

2419

2420

2421

<term>RBACSystemCommandKeys</term>

2422

2423

<synopsis>RBACSystemCommandKeys</synopsis>

2424

<para>

2425

Support RBAC (Role Based Access Control) for system commands

2426

(Shutdown, Reboot, Suspend, etc.). This feature is only

2427

functional if GDM is compiled with RBAC support. Specify the

2428

RBAC key used to determine if the user has permission to use

2429

the action via the QUERY_LOGOUT_ACTION, SET_LOGOUT_ACTION, and

2430

SET_SAFE_LOGOUT_ACTION <command>gdmflexiserver</command>

2431

commands. Valid actions are HALT, REBOOT, SUSPEND, and

2432

CUSTOM_CMD. The greeter will only display the command if the

2433

gdm user (<filename>User</filename> configuration key) has

2434

RBAC permissions to use the action. RBAC keys for multiple

2435

actions can be specified by separating them with semicolons.

2436

The format for each is "Action:RBAC key". If an action is not

2437

specified, it is assumed that all users have permission to use

2438

this action. For example, a valid value for this

2439

configuration option would be

2440

"HALT:key.for.halt;REBOOT:key.for.reboot". Refer to

2441

the related <filename>AllowLogoutActions</filename> and

2442

<filename>SystemCommandsInMenu</filename> configuration

2443

options.

2444

</para>

2445

</listitem>

2446

</varlistentry>

2447

2448

<term>RebootCommand</term>

2449

2450

<synopsis>RebootCommand=<sbin>/shutdown -r now</synopsis>

2451

<para>

2452

Full path and optional arguments to the command to be

2453

executed when user selects Restart from the Actions menu. This

2454

can be a ';' separated list of commands to try. If missing,

2455

the restart command is not available. Note that the default

2456

for this value is not empty so to disable restart you must set

2457

this explicitly to an empty value.

2458

</para>

2459

</listitem>

2460

</varlistentry>

2461

2462

2463

<term>RemoteGreeter</term>

2464

2465

<synopsis>RemoteGreeter=<bin>/gdmlogin</synopsis>

2466

<para>

2467

Full path and name of the greeter executable followed by

2468

optional arguments. This is used for all remote XDMCP

2469

sessions. It is useful to have the less graphically demanding

2470

greeter here if you use the Themed Greeter for your main

2471

greeter. See also the <filename>Greeter</filename> key.

2472

</para>

2473

</listitem>

2474

</varlistentry>

2475

2476

2477

<term>RootPath</term>

2478

2479

<synopsis>RootPath=defaultpath (value set by configure)</synopsis>

2480

<para>

2481

Specifies the path which will be set in the root's

2482

session and the {Init,PostLogin,PreSession,PostSession} scripts

2483

executed by GDM. This value will be overridden with the value

2484

from <filename>/etc/default/login</filename> if it

2485

contains "SUROOT=<pathname>". If the

2486

<filename>/etc/default/login</filename> file exists, but

2487

contains no value for SUROOT, the value as defined in the GDM

2488

configuration will be used.

2489

</para>

2490

</listitem>

2491

</varlistentry>

2492

2493

2494

<term>ServAuthDir</term>

2495

2496

<synopsis>ServAuthDir=<var>/gdm</synopsis>

2497

<para>

2498

Directory containing the X authentication files for the

2499

individual displays. Should be owned by

2500

<filename>root.gdm</filename> with permissions 1770, where

2501

<filename>gdm</filename> is the GDM group as defined by the

2502

<filename>Group</filename> option. That is should be owned by

2503

root, with <filename>gdm</filename> group having full write

2504

permissions and the directory should be sticky and others

2505

should have no permission to the directory. This way the GDM

2506

user can't remove files owned by root in that directory, while

2507

still being able to write its own files there. GDM will

2508

attempt to change permissions for you when it's first run if

2509

the permissions are not the above. This directory is also used

2510

for other private files that the daemon needs to store. Other

2511

users should not have any way to get into this directory and

2512

read/change it's contents. Anybody who can read this directory

2513

can connect to any display on this computer.

2514

</para>

2515

</listitem>

2516

</varlistentry>

2517

2518

2519

<term>SessionDesktopDir</term>

2520

2521

<synopsis>SessionDesktopDir=<etc>/X11/sessions/:<etc>/dm/Sessions/:<share>/xsessions/</synopsis>

2522

<para>

2523

Directory containing the <filename>.desktop</filename> files

2524

which are the available sessions on the system. Since 2.4.4.2

2525

this is treated like a PATH type variable and the first file

2526

found is used.

2527

</para>

2528

</listitem>

2529

</varlistentry>

2530

2531

2532

<term>SoundProgram</term>

2533

2534

<synopsis>SoundProgram=<filename><bin>/play</filename> (or <filename><bin>/audioplay</filename> on Solaris)</synopsis>

2535

<para>

2536

Application to use when playing a sound. Currently used for

2537

playing the login sound, see the

2538

<filename>SoundOnLoginFile</filename> key. Supported since

2539

2.5.90.0.

2540

</para>

2541

</listitem>

2542

</varlistentry>

2543

2544

2545

<term>StandardXServer</term>

2546

2547

<synopsis>StandardXServer=/dir/to/X (value assigned by configuration file)</synopsis>

2548

<para>

2549

Full path and arguments to the standard X server command.

2550

This is used when gdm cannot find any other definition,

2551

and it's used as the default and failsafe fallback in a

2552

number of places. This should be able to run some sort

2553

of X server.

2554

</para>

2555

</listitem>

2556

</varlistentry>

2557

2558

2559

<term>SuspendCommand</term>

2560

2561

<synopsis>SuspendCommand=</synopsis>

2562

<para>

2563

Full path and arguments to command to be executed when

2564

user selects Suspend from the Actions menu. If empty

2565

there is no such menu item. Note that the default for this

2566

value is not empty so to disable suspend you must set this

2567

explicitly to an empty value.

2568

</para>

2569

</listitem>

2570

</varlistentry>

2571

2572

2573

<term>SystemCommandsInMenu</term>

2574

2575

<synopsis>SuspendCommand=HALT;REBOOT;SHUTDOWN;SUSPEND;CUSTOM_CMD</synopsis>

2576

<para>

2577

Specify which system commands are available in the greeter

2578

menu. Valid values are HALT, REBOOT, SHUTDOWN, SUSPEND, and

2579

CUSTOM_CMD and these should be separated by semicolons. This

2580

can be useful if you want to disable some options in the menu,

2581

but still have them available to authenticated users via the

2582

SET_LOGOUT_ACTION or SET_SAFE_LOGOUT_ACTION

2583

<command>gdmflexiserver</command> commands. For example, the

2584

GNOME panel uses these commands to provide Shutdown, Reboot,

2585

and Suspend in the application menu. Therefore if you turn

2586

off these options in the greeter, these options can still be

2587

available to users who have authenticated via the GNOME panel.

2588

Refer to the related

2589

<filename>AllowLogoutActions</filename> and

2590

<filename>RBACSystemCommandKeys</filename> configuration

2591

options.

2592

</para>

2593

</listitem>

2594

</varlistentry>

2595

2596

2597

<term>TimedLoginEnable</term>

2598

2599

<synopsis>TimedLoginEnable=false</synopsis>

2600

<para>

2601

If the user given in <filename>TimedLogin</filename> should be

2602

logged in after a number of seconds (set with

2603

<filename>TimedLoginDelay</filename>) of inactivity on the

2604

login screen. This is useful for public access terminals or

2605

perhaps even home use. If the user uses the keyboard or

2606

browses the menus, the timeout will be reset to

2607

<filename>TimedLoginDelay</filename> or 30 seconds, whichever

2608

is higher. If the user does not enter a username but just

2609

hits the ENTER key while the login program is requesting the

2610

username, then GDM will assume the user wants to login

2611

immediately as the timed user. Note that no password will be

2612

asked for this user so you should be careful, although if using

2613

PAM it can be configured to require password entry before

2614

allowing login.

2615

</para>

2616

</listitem>

2617

</varlistentry>

2618

2619

2620

<term>TimedLogin</term>

2621

2622

<synopsis>TimedLogin=</synopsis>

2623

<para>

2624

This is the user that should be logged in after a specified

2625

number of seconds of inactivity. This can never be

2626

"root" and gdm will refuse to log in root this way.

2627

The same features as for <filename>AutomaticLogin</filename>

2628

are supported. The same control chars and piping to a

2629

application are supported.

2630

</para>

2631

</listitem>

2632

</varlistentry>

2633

2634

2635

<term>TimedLoginDelay</term>

2636

2637

<synopsis>TimedLoginDelay=30</synopsis>

2638

<para>

2639

Delay in seconds before the <filename>TimedLogin</filename>

2640

user will be logged in. It must be greater then or equal to 10.

2641

</para>

2642

</listitem>

2643

</varlistentry>

2644

2645

2646

2647

2648

2649

<para>

2650

The username under which <command>gdmlogin</command>,

2651

<command>gdmgreeter</command>,

2652

<command>gdmchooser</command> and the internal

2653

failsafe GTK+ dialogs are run. Also see

2654

<filename>Group</filename>. This user will have access to all

2655

the X authorization files, and perhaps to other internal GDM

2656

data and it should not therefore be a user such as nobody, but

2657

rather a dedicated user.

2658

</para>

2659

</listitem>

2660

</varlistentry>

2661

2662

2663

<term>UserAuthDir</term>

2664

2665

<synopsis>UserAuthDir=</synopsis>

2666

<para>

2667

The directory where user's <filename>.Xauthority</filename>

2668

file should be saved. When nothing is specified the user's

2669

home directory is used. This is tilde expanded so you

2670

can set it to things like: <filename>~/authdir/</filename>.

2671

</para>

2672

2673

<para>

2674

If you do not use the tilde expansion, then the filename

2675

created will be random, like in

2676

<filename>UserAuthFBDir</filename>. This way many users can

2677

have the same authentication directory. For example you might

2678

want to set this to <filename>/tmp</filename> when user has the

2679

home directory on NFS, since you really don't want cookie files

2680

to go over the wire. The users should really have write

2681

privileges to this directory, and this directory should really

2682

be sticky and all that, just like the <filename>/tmp</filename>

2683

directory.

2684

</para>

2685

2686

<para>

2687

Normally if this is the user's home directory GDM will still

2688

refuse to put cookies there if it thinks it is NFS (by testing

2689

root-squashing). This can be changed by setting

2690

<filename>NeverPlaceCookiesOnNFS</filename> in the

2691

<filename>[security]</filename> section to false.

2692

</para>

2693

</listitem>

2694

</varlistentry>

2695

2696

2697

<term>UserAuthFBDir</term>

2698

2699

<synopsis>UserAuthFBDir=/tmp</synopsis>

2700

<para>

2701

If GDM fails to update the user's

2702

<filename>.Xauthority</filename> file a fallback cookie is

2703

created in this directory.

2704

</para>

2705

</listitem>

2706

</varlistentry>

2707

2708

2709

<term>UserAuthFile</term>

2710

2711

<synopsis>UserAuthFile=.Xauthority</synopsis>

2712

<para>

2713

Name of the file used for storing user cookies.

2714

</para>

2715

</listitem>

2716

</varlistentry>

2717

2718

2719

<term>VTAllocation</term>

2720

2721

<synopsis>VTAllocation=true</synopsis>

2722

<para>

2723

On systems where GDM supports automatic VT (virtual terminal)

2724

allocation (currently Linux and FreeBSD only), you can have

2725

GDM automatically append the vt argument to the X server

2726

executable. This way races that come up from each X server

2727

managing it's own vt allocation can be avoided. See also

2728

<filename>FirstVT</filename>.

2729

</para>

2730

</listitem>

2731

</varlistentry>

2732

2733

2734

<term>XKeepsCrashing</term>

2735

2736

<synopsis>XKeepsCrashing=<etc>/gdm/XKeepsCrashing</synopsis>

2737

<para>

2738

A script to run in case X keeps crashing. This is for running

2739

An X configuration or whatever else to make the X configuration

2740

work. See the script that came with the distribution for an

2741

example. The distributed <filename>XKeepsCrashing</filename>

2742

script is tested on Red Hat, but may work elsewhere. Your

2743

system integrator should make sure this script is up to date

2744

for your particular system.

2745

</para>

2746

<para>

2747

In case <filename>FailsafeXServer</filename> is setup, that

2748

will be tried first. and this only used as a backup if even

2749

that X server keeps crashing.

2750

</para>

2751

</listitem>

2752

</varlistentry>

2753

2754

2755

<term>Xnest</term>

2756

2757

<synopsis>Xnest=<bin>/X11/Xephyr -audit 0</synopsis>

2758

<para>

2759

The full path and arguments to the nested X server command,

2760

which can be Xephyr, Xnest, or similar program. This command

2761

is used for starting nested displays allowing the user

2762

to start new login screens in a nested window. Xephyr is

2763

recommended since it works best and better supports modern

2764

X server extensions. Therefore GDM will set the default

2765

configuration to use Xephyr if available. If Xephyr is not

2766

available, then Xnest will be used if it is available.

2767

</para>

2768

</listitem>

2769

</varlistentry>

2770

2771

2772

<term>XnestUnscaledFontPath</term>

2773

2774

<synopsis>XnestUnscaledFontPath=true</synopsis>

2775

<para>

2776

Set to true if the nested X server command program supports the

2777

":unscaled" suffix in the FontPath (passed to nested X server

2778

command via the -fp argument). Some Xnest (e.g. Xsun Xnest)

2779

programs do not, and it is necessary to set this to false for

2780

such nested X server commands to work with GDM. Refer to the

2781

<filename>Xnest</filename> configuration option.

2782

</para>

2783

</listitem>

2784

</varlistentry>

2785

</variablelist>

2786

</sect3>

2787

2788

2789

<title>Security Options</title>

2790

2791

2792

<title>[security]</title>

2793

2794

2795

<term>AllowRoot</term>

2796

2797

<synopsis>AllowRoot=true</synopsis>

2798

<para>

2799

Allow root (privileged user) to log in through GDM. Set this

2800

to false if you want to disallow such logins.

2801

</para>

2802

<para>

2803

On systems that support PAM, this parameter is not as useful

2804

as you can use PAM to do the same thing, and in fact do even

2805

more. However it is still followed, so you should probably

2806

leave it true for PAM systems.

2807

</para>

2808

</listitem>

2809

</varlistentry>

2810

2811

2812

<term>AllowRemoteRoot</term>

2813

2814

<synopsis>AllowRemoteRoot=false</synopsis>

2815

<para>

2816

Allow root (privileged user) to log in remotely through GDM.

2817

This value should be set to true to allow such logins.

2818

Remote logins are any logins that come in through the XDMCP.

2819

</para>

2820

<para>

2821

On systems that support PAM, this parameter is not as useful

2822

since you can use PAM to do the same thing, and do even

2823

more.

2824

</para>

2825

<para>

2826

This value will be overridden and set to false if the

2827

<filename>/etc/default/login</filename> file exists and

2828

contains "CONSOLE=/dev/login", and set to true if the

2829

<filename>/etc/default/login</filename> file exists and

2830

contains any other value or no value for CONSOLE.

2831

</para>

2832

</listitem>

2833

</varlistentry>

2834

2835

2836

<term>AllowRemoteAutoLogin</term>

2837

2838

<synopsis>AllowRemoteAutoLogin=false</synopsis>

2839

<para>

2840

Allow the timed login feature to work for remote displays.

2841

In other words, remote connections via XDMCP will be allowed to

2842

log into the "TimedLogin" user after the delay

2843

defined by <filename>TimedLoginDelay</filename>.

2844

</para>

2845

<para>

2846

Note that this can make a system quite insecure, and thus is

2847

off by default.

2848

</para>

2849

</listitem>

2850

</varlistentry>

2851

2852

2853

<term>CheckDirOwner</term>

2854

2855

<synopsis>CheckDirOwner=true</synopsis>

2856

<para>

2857

By default GDM checks the ownership of the home directories

2858

before writing to them, this prevents security issues in case

2859

of bad setup. However in some instances home directories will

2860

be owned by a different user and in this case it is necessary

2861

to turn this option on. You will also most likely have to

2862

turn the <filename>RelaxPermissions</filename> key to at least

2863

value 1 since in such a scenario home directories are likely

2864

to be group writable. Supported since 2.6.0.4.

2865

</para>

2866

</listitem>

2867

</varlistentry>

2868

2869

2870

<term>SupportAutomount</term>

2871

2872

<synopsis>SupportAutomount=false</synopsis>

2873

<para>

2874

By default GDM checks the ownership of the home directories

2875

before writing to them, this prevents security issues in case

2876

of bad setup. However, when home directories are managed by

2877

automounter, they are often not mounted before they are

2878

accessed. This option works around subtleties of Linux

2879

automounter.

2880

</para>

2881

</listitem>

2882

</varlistentry>

2883

2884

2885

<term>DisallowTCP</term>

2886

2887

<synopsis>DisallowTCP=true</synopsis>

2888

<para>

2889

If true, then always append <filename>-nolisten tcp</filename>

2890

to the command line when starting attached X servers, thus

2891

disallowing TCP connection. This is a more secure

2892

configuration if not using remote connections.

2893

</para>

2894

</listitem>

2895

</varlistentry>

2896

2897

2898

<term>NeverPlaceCookiesOnNFS</term>

2899

2900

<synopsis>NeverPlaceCookiesOnNFS=true</synopsis>

2901

<para>

2902

Normally if this is true (which is by default), GDM will not

2903

place cookies into the user's home directory if this directory

2904

is on NFS. Well, GDM will consider any filesystem with

2905

root-squashing an NFS filesystem. Sometimes however the remote

2906

file system can have root squashing and be safe (perhaps by

2907

using encryption). In this case set this to 'false'. Note

2908

that this option appeared in version 2.4.4.4 and is ignored in

2909

previous versions.

2910

</para>

2911

</listitem>

2912

</varlistentry>

2913

2914

2915

<term>PasswordRequired</term>

2916

2917

<synopsis>PasswordRequired=false</synopsis>

2918

<para>

2919

If true, this will cause PAM_DISALLOW_NULL_AUTHTOK to be

2920

passed as a flag to pam_authenticate and pam_acct_mgmt,

2921

disallowing NULL password. This setting will only take

2922

effect if PAM is being used by GDM. This value will be

2923

overridden with the value from

2924

<filename>/etc/default/login</filename> if it contains

2925

"PASSREQ=[YES|NO]". If the

2926

<filename>/etc/default/login</filename> file exists, but

2927

contains no value for PASSREQ, the value as defined in the GDM

2928

configuration will be used.

2929

</para>

2930

</listitem>

2931

</varlistentry>

2932

2933

2934

<term>RelaxPermissions</term>

2935

2936

<synopsis>RelaxPermissions=0</synopsis>

2937

<para>

2938

By default GDM ignores files and directories writable to

2939

other users than the owner.

2940

</para>

2941

2942

<para>

2943

Changing the value of RelaxPermissions makes it possible to

2944

alter this behavior:

2945

</para>

2946

2947

<para>

2948

0 - Paranoia option. Only accepts user owned files and

2949

directories.

2950

</para>

2951

<para>

2952

1 - Allow group writable files and directories.

2953

</para>

2954

<para>

2955

2 - Allow world writable files and directories.

2956

</para>

2957

</listitem>

2958

</varlistentry>

2959

2960

2961

<term>RetryDelay</term>

2962

2963

<synopsis>RetryDelay=1</synopsis>

2964

<para>

2965

The number of seconds GDM should wait before reactivating the

2966

entry field after a failed login.

2967

</para>

2968

</listitem>

2969

</varlistentry>

2970

2971

2972

<term>UserMaxFile</term>

2973

2974

<synopsis>UserMaxFile=65536</synopsis>

2975

<para>

2976

GDM will refuse to read/write files bigger than this number

2977

(specified in bytes).

2978

</para>

2979

2980

<para>

2981

In addition to the size check GDM is extremely picky about

2982

accessing files in user directories. It will not follow

2983

symlinks and can optionally refuse to read files and

2984

directories writable by other than the owner. See the

2985

<filename>RelaxPermissions</filename> option for more info.

2986

</para>

2987

</listitem>

2988

</varlistentry>

2989

2990

<term>UtmpLineAttached</term>

2991

2992

<synopsis>UtmpLineAttached=/dev/console (or /dev/dtlocal on Solaris)</synopsis>

2993

<para>

2994

When doing Utmp processing for attached displays, GDM sets the

2995

ut_line to the device associated with the Virtual Terminal (VT)

2996

if it is being used. Otherwise, it will use the value

2997

specified with the display in the

2998

<filename>[servers]</filename> section if a value is provided.

2999

If not, then the default value specified in UtmpLineAttached is

3000

used for attached displays. The value can contain

3001

"%d" which is translated to the DISPLAY value or

3002

"%h" which is translated to the hostname. This value

3003

must begin with <filename>/dev/</filename>.

3004

</para>

3005

</listitem>

3006

</varlistentry>

3007

3008

<term>UtmpLineRemote</term>

3009

3010

<synopsis>UtmpLineRemote= (or /dev/dtremote on Solaris)</synopsis>

3011

<para>

3012

When doing Utmp processing, GDM sets the ut_line to this value

3013

for remote displays. The value can contain "%d"

3014

which is translated to the DISPLAY value or "%h"

3015

which is translated to the hostname. This value must begin

3016

with <filename>/dev/</filename>.

3017

</para>

3018

</listitem>

3019

</varlistentry>

3020

3021

<term>UtmpPseudoDevice</term>

3022

3023

<synopsis>PseudoDevice=false (or true on Solaris)</synopsis>

3024

<para>

3025

If the device associated with a display does not exist, then

3026

GDM will create a symlink to <filename>/dev/null</filename>, or

3027

touch it if it is a symlink to <filename>/dev/null</filename>.

3028

Some programs such as <command>last</command>,

3029

<command>finger</command>, or <command>who</command> access the

3030

utmp database and may assume that the device points to an

3031

actual file. Creating such symlinks ensures that such programs

3032

work properly.

3033

</para>

3034

</listitem>

3035

</varlistentry>

3036

</variablelist>

3037

</sect3>

3038

3039

3040

<title>XDCMP Support</title>

3041

3042

3043

<title>[xdmcp]</title>

3044

3045

3046

<term>DisplaysPerHost</term>

3047

3048

<synopsis>DisplaysPerHost=1</synopsis>

3049

<para>

3050

To prevent attackers from filling up the pending queue, GDM

3051

will only allow one connection for each remote computer. If

3052

you want to provide display services to computers with more

3053

than one screen, you should increase the

3054

<filename>DisplaysPerHost</filename> value accordingly.

3055

</para>

3056

3057

<para>

3058

Note that the number of attached DISPLAYS allowed is not

3059

limited. Only remote connections via XDMCP are limited by

3060

this configuration option.

3061

</para>

3062

</listitem>

3063

</varlistentry>

3064

3065

3066

<term>Enable</term>

3067

3068

<synopsis>Enable=false</synopsis>

3069

<para>

3070

Setting this to true enables XDMCP support allowing remote

3071

displays/X terminals to be managed by GDM.

3072

</para>

3073

3074

<para>

3075

<filename>gdm</filename> listens for requests on UDP port 177.

3076

See the Port option for more information.

3077

</para>

3078

3079

<para>

3080

If GDM is compiled to support it, access from remote displays

3081

can be controlled using the TCP Wrappers library. The service

3082

name is <filename>gdm</filename>

3083

</para>

3084

3085

<para>

3086

You should add

3087

3088

gdm:.my.domain

3089

</screen>

3090

to your <filename><etc>/hosts.allow</filename>, depending

3091

on your TCP Wrappers configuration. See the

3092

<ulink type="help" url="man:hosts.allow">hosts.allow(5)</ulink>

3093

man page for details.

3094

</para>

3095

3096

<para>

3097

Please note that XDMCP is not a particularly secure protocol

3098

and that it is a good idea to block UDP port 177 on your

3099

firewall unless you really need it.

3100

</para>

3101

</listitem>

3102

</varlistentry>

3103

3104

3105

<term>EnableProxy</term>

3106

3107

<synopsis>EnableProxy=false</synopsis>

3108

<para>

3109

Setting this to true enables support for running XDMCP sessions

3110

on a local proxy X server. This may improve the performance of

3111

XDMCP sessions, especially on high latency networks, as many

3112

X protocol operations can be completed without going over the

3113

network.

3114

</para>

3115

<para>

3116

Note, however, that this mode will significantly increase the

3117

burden on the machine hosting the XDMCP sessions

3118

</para>

3119

<para>

3120

See the <filename>FlexiProxy</filename> and

3121

<filename>FlexiProxyDisconnect</filename> options for further

3122

details on how to configure support for this feature.

3123

</para>

3124

</listitem>

3125

</varlistentry>

3126

3127

3128

<term>HonorIndirect</term>

3129

3130

<synopsis>HonorIndirect=true</synopsis>

3131

<para>

3132

Enables XDMCP INDIRECT choosing (i.e. remote execution of

3133

<filename>gdmchooser</filename>) for X-terminals which don't

3134

supply their own display browser.

3135

</para>

3136

</listitem>

3137

</varlistentry>

3138

3139

3140

<term>MaxPending</term>

3141

3142

<synopsis>MaxPending=4</synopsis>

3143

<para>

3144

To avoid denial of service attacks, GDM has fixed size queue

3145

of pending connections. Only MaxPending displays can start at

3146

the same time.

3147

</para>

3148

3149

<para>

3150

Please note that this parameter does *not* limit the number of

3151

remote displays which can be managed. It only limits the number

3152

of displays initiating a connection simultaneously.

3153

</para>

3154

</listitem>

3155

</varlistentry>

3156

3157

3158

<term>MaxPendingIndirect</term>

3159

3160

<synopsis>MaxPendingIndirect=4</synopsis>

3161

<para>

3162

GDM will only provide <filename>MaxPendingIndirect</filename>

3163

displays with host choosers simultaneously. If more queries

3164

from different hosts come in, the oldest ones will be

3165

forgotten.

3166

</para>

3167

</listitem>

3168

</varlistentry>

3169

3170

3171

<term>MaxSessions</term>

3172

3173

<synopsis>MaxSessions=16</synopsis>

3174

<para>

3175

Determines the maximum number of remote display connections

3176

which will be managed simultaneously. I.e. the total number of

3177

remote displays that can use your host.

3178

</para>

3179

</listitem>

3180

</varlistentry>

3181

3182

3183

<term>MaxWait</term>

3184

3185

<synopsis>MaxWait=30</synopsis>

3186

<para>

3187

When GDM is ready to manage a display an ACCEPT packet is sent

3188

to it containing a unique session id which will be used in

3189

future XDMCP conversations.

3190

</para>

3191

3192

<para>

3193

GDM will then place the session id in the pending queue

3194

waiting for the display to respond with a MANAGE request.

3195

</para>

3196

3197

<para>

3198

If no response is received within MaxWait seconds, GDM will

3199

declare the display dead and erase it from the pending queue

3200

freeing up the slot for other displays.

3201

</para>

3202

</listitem>

3203

</varlistentry>

3204

3205

3206

<term>MaxWaitIndirect</term>

3207

3208

<synopsis>MaxWaitIndirect=30</synopsis>

3209

<para>

3210

The MaxWaitIndirect parameter determines the maximum number of

3211

seconds between the time where a user chooses a host and the

3212

subsequent indirect query where the user is connected to the

3213

host. When the timeout is exceeded, the information about the

3214

chosen host is forgotten and the indirect slot freed up for

3215

other displays. The information may be forgotten earlier if

3216

there are more hosts trying to send indirect queries then

3217

<filename>MaxPendingIndirect</filename>.

3218

</para>

3219

</listitem>

3220

</varlistentry>

3221

3222

3223

3224

3225

3226

<para>

3227

The UDP port number <filename>gdm</filename> should listen to

3228

for XDMCP requests. Don't change this unless you know what

3229

you are doing.

3230

</para>

3231

</listitem>

3232

</varlistentry>

3233

3234

3235

<term>PingIntervalSeconds</term>

3236

3237

<synopsis>PingIntervalSeconds=15</synopsis>

3238

<para>

3239

Interval in which to ping the X server in seconds. If the X

3240

server doesn't return before the next time we ping it, the

3241

connection is stopped and the session ended. This is a

3242

combination of the XDM PingInterval and PingTimeout, but in

3243

seconds.

3244

</para>

3245

3246

<para>

3247

Note that GDM in the past used to have a

3248

<filename>PingInterval</filename> configuration key which was

3249

also in minutes. For most purposes you'd want this setting

3250

to be lower then one minute however since in most cases where

3251

XDMCP would be used (such as terminal labs), a lag of more

3252

than 15 or so seconds would really mean that the terminal was

3253

turned off or restarted and you would want to end the session.

3254

</para>

3255

</listitem>

3256

</varlistentry>

3257

3258

3259

<term>ProxyReconnect</term>

3260

3261

<synopsis>FlexiProxyReconnect=</synopsis>

3262

<para>

3263

Setting this option enables experimental support for session

3264

migration with XDMCP sessions. This enables users to disconnect

3265

from their session and later reconnect to that same session,

3266

possibly from a different terminal.

3267

</para>

3268

<para>

3269

In order to use this feature, you must have a nested X server

3270

available which supports disconnecting from its parent X server

3271

and reconnecting to another X server. Currently, the Distributed

3272

Multihead X (DMX) server supports this feature to some extent

3273

and other projects like NoMachine NX are busy implementing it.

3274

</para>

3275

<para>

3276

This option should be set to the path of a command which will

3277

handle reconnecting the XDMCP proxy to another backend display.

3278

A sample implementation for use with DMX is supplied.

3279

</para>

3280

</listitem>

3281

</varlistentry>

3282

3283

3284

<term>ProxyXServer</term>

3285

3286

<synopsis>ProxyXServer=</synopsis>

3287

<para>

3288

The X server command line for a XDMCP proxy. Any nested X

3289

server like Xnest, Xephyr or Xdmx should work fairly well.

3290

</para>

3291

</listitem>

3292

</varlistentry>

3293

3294

3295

<term>Willing</term>

3296

3297

<synopsis>Willing=<etc>/gdm/Xwilling</synopsis>

3298

<para>

3299

When the machine sends a WILLING packet back after a QUERY it

3300

sends a string that gives the current status of this server.

3301

The default message is the system ID, but it is possible to

3302

create a script that displays customized message. If this

3303

script doesn't exist or this key is empty the default message

3304

is sent. If this script succeeds and produces some output,

3305

the first line of it's output is sent (and only the first

3306

line). It runs at most once every 3 seconds to prevent

3307

possible denial of service by flooding the machine with QUERY

3308

packets.

3309

</para>

3310

</listitem>

3311

</varlistentry>

3312

</variablelist>

3313

</sect3>

3314

3315

3316

<title>Common GUI Configuration Options</title>

3317

3318

3319

3320

3321

3322

<term>AllowGtkThemeChange</term>

3323

3324

<synopsis>AllowGtkThemeChange=true</synopsis>

3325

<para>

3326

If to allow changing the GTK+ (widget) theme from the greeter.

3327

Currently this only affects the standard greeter as the

3328

graphical greeter does not yet have this ability.

3329

The theme will stay in effect on this display until changed

3330

and will affect all the other windows that are put up by GDM.

3331

Supported since 2.5.90.2.

3332

</para>

3333

</listitem>

3334

</varlistentry>

3335

3336

3337

<term>GtkRC</term>

3338

3339

<synopsis>GtkRC=</synopsis>

3340

<para>

3341

Path to a <filename>gtkrc</filename> to read when GDM puts up

3342

a window. You should really now use the

3343

<filename>GtkTheme</filename> key for just setting a theme.

3344

</para>

3345

</listitem>

3346

</varlistentry>

3347

3348

3349

<term>GtkTheme</term>

3350

3351

<synopsis>GtkTheme=Default</synopsis>

3352

<para>

3353

A name of an installed theme to use by default. It will be

3354

used in the greeter, chooser and all other GUI windows put up

3355

by GDM. Supported since 2.5.90.2.

3356

</para>

3357

</listitem>

3358

</varlistentry>

3359

3360

3361

<term>GtkThemesToAllow</term>

3362

3363

<synopsis>GtkThemesToAllow=all</synopsis>

3364

<para>

3365

Comma separated list of themes to allow. These must be the

3366

names of the themes installed in the standard locations for

3367

GTK+ themes. You can also specify 'all' to allow all installed

3368

themes. This is related to the

3369

<filename>AllowGtkThemeChange</filename> key. Supported since

3370

2.5.90.2.

3371

</para>

3372

</listitem>

3373

</varlistentry>

3374

3375

3376

<term>MaxIconWidth</term>

3377

3378

<synopsis>MaxIconWidth=128</synopsis>

3379

<para>

3380

Specifies the maximum icon width (in pixels) that the face

3381

browser will display. Icons larger than this will be scaled.

3382

This also affects icons in the XDMCP chooser.

3383

</para>

3384

</listitem>

3385

</varlistentry>

3386

3387

3388

<term>MaxIconHeight</term>

3389

3390

<synopsis>MaxIconHeight=128</synopsis>

3391

<para>

3392

Specifies the maximum icon height (in pixels) that the face

3393

browser will display. Icons larger than this will be scaled.

3394

This also affects icons in the XDMCP chooser.

3395

</para>

3396

</listitem>

3397

</varlistentry>

3398

</variablelist>

3399

</sect3>

3400

3401

3402

<title>Greeter Configuration</title>

3403

3404

3405

<title>[greeter]</title>

3406

3407

3408

<term>BackgroundColor</term>

3409

3410

<synopsis>BackgroundColor=#76848F</synopsis>

3411

<para>

3412

If the BackgroundType is 2, use this color in the background

3413

of the greeter. Also use it as the back of transparent images

3414

set on the background and if the BackgroundRemoteOnlyColor

3415

is set and this is a remote display.

3416

This only affects the GTK+ Greeter.

3417

</para>

3418

</listitem>

3419

</varlistentry>

3420

3421

3422

<term>BackgroundProgramInitialDelay</term>

3423

3424

<synopsis>BackgroundProgramInitialDelay=30</synopsis>

3425

<para>

3426

The background application will be started after at least that

3427

many seconds of inactivity.

3428

</para>

3429

</listitem>

3430

</varlistentry>

3431

3432

3433

<term>RestartBackgroundProgram</term>

3434

3435

<synopsis>RestartBackgroundProgram=true</synopsis>

3436

<para>

3437

If set the background application will be restarted when it has

3438

exited, after the delay described below has elapsed. This

3439

option can be useful when you wish to run a screen saver

3440

application when no user is using the computer.

3441

</para>

3442

</listitem>

3443

</varlistentry>

3444

3445

3446

<term>BackgroundProgramRestartDelay</term>

3447

3448

<synopsis>BackgroundProgramRestartDelay=30</synopsis>

3449

<para>

3450

The background application will be restarted after at least that

3451

many seconds of inactivity.

3452

</para>

3453

</listitem>

3454

</varlistentry>

3455

3456

3457

<term>BackgroundImage</term>

3458

3459

<synopsis>BackgroundImage=somefile.png</synopsis>

3460

<para>

3461

If the BackgroundType is 1, then display this file as the

3462

background in the greeter. This only affects the GTK+

3463

Greeter.

3464

</para>

3465

</listitem>

3466

</varlistentry>

3467

3468

3469

<term>BackgroundProgram</term>

3470

3471

<synopsis>BackgroundProgram=<bin>/xeyes</synopsis>

3472

<para>

3473

If set this command will be run in the background while

3474

the login window is being displayed. Note that not all

3475

applications will run this way, since GDM does not usually have

3476

a home directory. You could set up home directory for the

3477

GDM user if you wish to run applications which require it.

3478

This only affects the GTK+ Greeter.

3479

</para>

3480

</listitem>

3481

</varlistentry>

3482

3483

3484

<term>BackgroundRemoteOnlyColor</term>

3485

3486

<synopsis>BackgroundRemoteOnlyColor=true</synopsis>

3487

<para>

3488

On remote displays only set the color background. This is to

3489

make network load lighter. The

3490

<filename>BackgroundProgram</filename> is also not run. This

3491

only affects the GTK+ Greeter.

3492

</para>

3493

</listitem>

3494

</varlistentry>

3495

3496

3497

<term>BackgroundScaleToFit</term>

3498

3499

<synopsis>BackgroundScaleToFit=true</synopsis>

3500

<para>

3501

Scale background image to fit the screen. This only affects

3502

the GTK+ Greeter.

3503

</para>

3504

</listitem>

3505

</varlistentry>

3506

3507

3508

<term>BackgroundType</term>

3509

3510

<synopsis>BackgroundType=2</synopsis>

3511

<para>

3512

The type of background to set. 0 is none, 1 is image and color,

3513

2 is color and 3 is image. This only affects the GTK+ Greeter.

3514

</para>

3515

</listitem>

3516

</varlistentry>

3517

3518

3519

<term>Browser</term>

3520

3521

<synopsis>Browser=true</synopsis>

3522

<para>

3523

Set to true to enable the face browser. See the

3524

``The GTK+ Greeter'' section for more information on the

3525

face browser. This option only works for the GTK+ Greeter.

3526

For the Themed Greeter, the face browser is enabled by

3527

choosing a theme which includes a face browser

3528

</para>

3529

</listitem>

3530

</varlistentry>

3531

3532

3533

<term>ChooserButton</term>

3534

3535

<synopsis>ChooserButton=true</synopsis>

3536

<para>

3537

If true, add a chooser button to the Actions menu that will

3538

restart the current X server with a chooser. XDMCP does not

3539

need to be enabled on the local computer for this to work.

3540

</para>

3541

</listitem>

3542

</varlistentry>

3543

3544

3545

<term>ConfigAvailable</term>

3546

3547

<synopsis>ConfigAvailable=false</synopsis>

3548

<para>

3549

If true, allows the configurator to be run from the greeter.

3550

Note that the user will need to type in the root password

3551

before the configurator will be started. This is set to

3552

false by default for additional security. See the

3553

<filename>Configurator</filename> option in the daemon

3554

section.

3555

</para>

3556

</listitem>

3557

</varlistentry>

3558

3559

3560

<term>DefaultFace</term>

3561

3562

<synopsis>DefaultFace=<share>/pixmaps/nophoto.png</synopsis>

3563

<para>

3564

If a user has no defined face image, GDM will use the

3565

"stock_person" icon defined in the current GTK+

3566

theme. If no such image is defined, the image specified by

3567

<filename>DefaultFace</filename> will be used. The image must

3568

be in a gdk-pixbuf supported format and the file must be

3569

readable to the GDM user.

3570

</para>

3571

</listitem>

3572

</varlistentry>

3573

3574

3575

<term>Include</term>

3576

3577

<synopsis>Include=</synopsis>

3578

<para>

3579

Comma separated list of users to be included in the face

3580

browser and in the <command>gdmsetup</command> selection list

3581

for Automatic/Timed login.

3582