You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
xrdp-proprietary/docs/man/sesman.ini.5

226 lines
6.3 KiB

.\"
.TH "sesman.ini" "5" "0.1.0" "xrdp team" ""
.SH "NAME"
\fBsesman.ini\fR \- Configuration file for \fBxrdp-sesman\fR(8)
.SH "DESCRIPTION"
\fBsesman.ini\fR consists of several sections. Each section starts with
the section name in square brackets, followed by a list of
\fIparameter\fR=\fIvalue\fR lines. Following sections are recognized:
.TP
\fB[Globals]\fR
Global configuration
.TP
\fB[Logging]\fR
Logging subsystem
.TP
\fB[Sessions]\fR
Session management
.TP
\fB[Security]\fR
Access control
.TP
\fB[X11rdp]\fR, \fB[Xvnc]\fR, \fB[Xorg]\fR
X11 server settings for supported servers
.TP
\fB[Chansrv]\fR
Settings for xrdp-chansrv(8)
.TP
\fB[SessionVariables]\fR
Environment variables for the session
.LP
All parameters and values (except for file names and paths) are case
insensitive, and are described in detail below. If any parameter is
specified more than once, the last entry will be used. Options specified
outside their proper section will be \fIignored\fR.
.SH "GLOBALS"
Following parameters can be used in the \fB[Globals]\fR section.
.TP
\fBListenAddress\fR=\fIip address\fR
xrdp-sesman listening address. Default is 0.0.0.0 (all interfaces).
.TP
\fBListenPort\fR=\fIport number\fR
xrdp-sesman listening port. Default is 3350.
.TP
\fBEnableUserWindowManager\fR=\fI[0|1]\fR
If set to \fB1\fR, \fBtrue\fR or \fByes\fR, this option enables user
specific startup script. That is, xrdp-sesman will execute the script
specified by \fBUserWindowManager\fR if it exists.
.TP
\fBUserWindowManager\fR=\fIfilename\fR
Name of the startup script relative to the user's home directory. If
present and enabled by \fBEnableUserWindowManager\fR, that script is
executed instead of \fBDefaultWindowManager\fR.
.TP
\fBDefaultWindowManager\fR=\fIfilename\fR
Full path to the default startup script used by xrdp-sesman to start a
session if the user script is disabled or missing.
.SH "LOGGING"
Following parameters can be used in the \fB[Logging]\fR section.
.TP
\fBLogFile\fR=\fIfilename\fR
Log file path. It can be either absolute or relative. The default is
\fI./sesman.log\fR
.TP
\fBLogLevel\fR=\fIlevel\fR
This option can have one of the following values:
\fBCORE\fR or \fB0\fR \- Log only core messages. Those messages are
logged \fIregardless\fR of the selected logging level.
\fBERROR\fR or \fB1\fR \- Log only error messages.
\fBWARNING\fR, \fBWARN\fR or \fB2\fR \- Logs warnings and error messages.
\fBINFO\fR or \fB3\fR \- Log errors, warnings and informational messages.
\fBDEBUG\fR or \fB4\fR \- Log everything. If xrdp-sesman is compiled in
debug mode, this options will output many more low\-level messages.
.TP
\fBEnableSyslog\fR=\fI[0|1]\fR
If set to \fB1\fR, \fBtrue\fR or \fByes\fR, this option enables logging to
syslog.
.TP
\fBSyslogLevel\fR=\fIlevel\fR
Logging level for syslog. It can have the same values as \fBLogLevel\fR.
If \fBSyslogLevel\fR and \fBLogLevel\fR differ, the least verbose setting
takes effect for syslog.
.SH "SESSIONS"
Following parameters can be used in the \fB[Sessions]\fR section.
.TP
\fBX11DisplayOffset\fR=\fInumber\fR
The first X display number available for xrdp-sesman. This prevents
xrdp-sesman from interfering with real X11 servers. The default is 10.
.TP
\fBMaxSessions\fR=\fInumber\fR
Sets the maximum number of simultaneous sessions. If not set or set to
\fI0\fR, unlimited session are allowed.
.TP
\fBKillDisconnected\fR=\fI[0|1]\fR
If set to \fB1\fR, \fBtrue\fR or \fByes\fR, every session will be killed
within 60 seconds after the user disconnects.
.TP
\fBIdleTimeLimit\fR=\fInumber\fR
\fI\This option is currently ignored!\fR Time limit before an idle
session is disconnected. If set to \fI0\fR, automatic disconnection is
disabled.
.TP
\fBDisconnectedTimeLimit\fR=\fInumber\fR
Sets the time limit (in seconds) before a disconnected session is killed.
If set to \fI0\fR, automatic killing is disabled.
.TP
\fBPolicy\fR=\fI[Default|UBD|UBI|UBC|UBDI|UBDC]\fR
Session allocation policy. By default, a new session is created
for the combination <User,BitPerPixel> when using Xrdp, and
for the combination <User,BitPerPixel,DisplaySize> when using Xvnc.
This behavior can be changed by setting session policy to:
.br
.br
\fBUBD\fR - session per <User,BitPerPixel,DisplaySize>
.br
\fBUBI\fR - session per <User,BitPerPixel,IPAddr>
.br
\fBUBC\fR - session per <User,BitPerPixel,Connection>
.br
\fBUBDI\fR - session per <User,BitPerPixel,DisplaySize,IPAddr>
.br
\fBUBDC\fR - session per <User,BitPerPixel,DisplaySize,Connection>
.br
.br
Note that the \fBUser\fR and \fBBitPerPixel\fR criteria cannot be turned
off. For Xvnc connections, \fBDisplaySize\fR is always enabled as well.
.br
.SH "SECURITY"
Following parameters can be used in the \fB[Security]\fR section.
.TP
\fBAllowRootLogin\fR=\fI[0|1]\fR
If set to \fB1\fR, \fBtrue\fR or \fByes\fR, enables root login on the
terminal server.
.TP
\fBMaxLoginRetry\fR=\fInumber\fR
The number of login attempts that are allowed on terminal server. If set
to \fI0\fR, unlimited attempts are allowed. The default value for this
field is \fI3\fR.
.TP
\fBTerminalServerUsers\fR=\fIgroup\fR
Only the users belonging to the specified group are allowed to login on
terminal server. If unset or set to an invalid or non\-existent group,
login for all users is enabled.
.TP
\fBTerminalServerAdmins\fR=\fIgroup\fR
\fIThis option is currently ignored!\fR Only members of this group can
have session management rights.
.TP
\fBAlwaysGroupCheck\fR=\fI[0|1]\fR
If set to \fB1\fR, \fBtrue\fR or \fByes\fR, require group membership even
if the group specified in \fBTerminalServerUsers\fR doesn't exist.
.SH "X11 SERVER"
Following parameters can be used in the \fB[X11rdp]\fR, \fB[Xvnc]\fR and
\fB[Xorg]\fR sections.
.TP
\fBparam0\fR=\fIfilename\fR
Path to the X11 server executable
.TP
\fBparam\fR\fIN\fR=\fIstring\fR
Nth command line argument
.SH "CHANSRV"
Following parameters can be used in the \fB[Chansrv]\fR section.
.TP
\fBFuseMountName\fR=\fIstring\fR
Directory for drive redirection, relative to the user home directory.
Created if it doesn't exist. Defaults to \fIxrdp_client\fR
.SH "SESSIONS VARIABLES"
All entries it the \fB[SessionVariables]\fR section are set as
environment variables in the user's session.
.SH "FILES"
/etc/xrdp/sesman.ini
.SH "SEE ALSO"
.BR xrdp-sesman (8),
.BR xrdp-sesrun (8),
.BR xrdp (8),
.BR xrdp.ini (5)
For more info on \fBxrdp\fR see http://www.xrdp.org/