Improve manual page for sesman

Add new sections and parameters, improve wording, wrap lines.
master
Pavel Roskin 9 years ago
parent ae5bb5bf9c
commit 0d7f2d2802

@ -1,206 +1,225 @@
.\" .\"
.TH "sesman.ini" "5" "0.1.0" "xrdp team" "" .TH "sesman.ini" "5" "0.1.0" "xrdp team" ""
.SH "NAME" .SH "NAME"
\fBsesman.ini\fR \- Configuration file for \fBsesman\fR(8) \fBsesman.ini\fR \- Configuration file for \fBxrdp-sesman\fR(8)
.SH "DESCRIPTION" .SH "DESCRIPTION"
This is the man page for \fBsesman.ini\fR, \fBsesman\fR(8) configuration file. \fBsesman.ini\fR consists of several sections. Each section starts with
It is composed by a number of sections, each one composed by a section name, enclosed by square brackets, folowed by a list of \fI<parameter>\fR=\fI<value>\fR lines. the section name in square brackets, followed by a list of
\fIparameter\fR=\fIvalue\fR lines. Following sections are recognized:
\fBsesman.ini\fR supports the following sections: .TP
\fB[Globals]\fR
Global configuration
.TP .TP
\fB[Globals]\fR \- sesman global configuration section, \fB[Logging]\fR
Logging subsystem
.TP .TP
\fB[Logging]\fR \- logging subsystem parameters \fB[Sessions]\fR
Session management
.TP .TP
\fB[Security]\fR \- Access control parameters \fB[Security]\fR
Access control
.TP .TP
\fB[Sessions]\fR \- Session management parameters \fB[X11rdp]\fR, \fB[Xvnc]\fR, \fB[Xorg]\fR
X11 server settings for supported servers
.LP .TP
All options and values (except for file names and paths) are case insensitive, and are described in detail below. \fB[Chansrv]\fR
Settings for xrdp-chansrv(8)
.LP .TP
For any of the following parameter, if it's specified more than one time the last entry encountered will be used. \fB[SessionVariables]\fR
Environment variables for the session
\fBNOTE\fR: if any of these options is specified outside its section, it will be \fIignored\fR. .LP
All parameters and values (except for file names and paths) are case
insensitive, and are described in detail below. If any parameter is
specified more than once, the last entry will be used. Options specified
outside their proper section will be \fIignored\fR.
.SH "GLOBALS" .SH "GLOBALS"
The options to be specified in the \fB[globals]\fR section are the following: Following parameters can be used in the \fB[Globals]\fR section.
.TP .TP
\fBListenAddress\fR=\fIip address\fR \fBListenAddress\fR=\fIip address\fR
Specifies sesman listening address. Default is 0.0.0.0 (all interfaces) xrdp-sesman listening address. Default is 0.0.0.0 (all interfaces).
.TP .TP
\fBListenPort\fR=\fIport number\fR \fBListenPort\fR=\fIport number\fR
Specifies sesman listening port. Default is 3350 xrdp-sesman listening port. Default is 3350.
.TP .TP
\fBEnableUserWindowManager\fR=\fI[0|1]\fR \fBEnableUserWindowManager\fR=\fI[0|1]\fR
If set to \fB1\fR, \fBtrue\fR or \fByes\fR this option enables user specific window manager, that is, anyone can define it's own script executed by sesman when starting a new session, specified by \fBUserWindowManager\fR If set to \fB1\fR, \fBtrue\fR or \fByes\fR, this option enables user
specific startup script. That is, xrdp-sesman will execute the script
specified by \fBUserWindowManager\fR if it exists.
.TP .TP
\fBUserWindowManager\fR=\fIstartwm.sh\fR \fBUserWindowManager\fR=\fIfilename\fR
This option specifies the script run by sesman when starting a session and per\-user window manager is enabled. Name of the startup script relative to the user's home directory. If
.br present and enabled by \fBEnableUserWindowManager\fR, that script is
The path is relative to user's HOME directory executed instead of \fBDefaultWindowManager\fR.
.TP .TP
\fBDefaultWindowManager\fR=\fI${SESMAN_BIN_DIR}/startwm.sh\fR \fBDefaultWindowManager\fR=\fIfilename\fR
This contains full path to the default window manager startup script used by sesman to start a session Full path to the default startup script used by xrdp-sesman to start a
session if the user script is disabled or missing.
.SH "LOGGING" .SH "LOGGING"
The following parameters can be used in the \fB[logging]\fR section: Following parameters can be used in the \fB[Logging]\fR section.
.TP .TP
\fBLogFile\fR=\fI${SESMAN_LOG_DIR}/sesman.log\fR \fBLogFile\fR=\fIfilename\fR
This options contains the path to logfile. It can be either absolute or relative, and the default is \fI${SESMAN_LOG_DIR}/sesman.log\fR Log file path. It can be either absolute or relative. The default is
\fI./sesman.log\fR
.TP .TP
\fBLogLevel\fR=\fIlevel\fR \fBLogLevel\fR=\fIlevel\fR
This option can have one of the following values: This option can have one of the following values:
\fBCORE\fR or \fB0\fR \- Log only core messages. these messages are _always_ logged, regardless the logging level selected. \fBCORE\fR or \fB0\fR \- Log only core messages. Those messages are
logged \fIregardless\fR of the selected logging level.
\fBERROR\fR or \fB1\fR \- Log only error messages \fBERROR\fR or \fB1\fR \- Log only error messages.
\fBWARNING\fR, \fBWARN\fR or \fB2\fR \- Logs warnings and error messages \fBWARNING\fR, \fBWARN\fR or \fB2\fR \- Logs warnings and error messages.
\fBINFO\fR or \fB3\fR \- Logs errors, warnings and informational messages \fBINFO\fR or \fB3\fR \- Log errors, warnings and informational messages.
\fBDEBUG\fR or \fB4\fR \- Log everything. If \fBsesman\fR is compiled in debug mode, this options will output many more low\-level message, useful for developers \fBDEBUG\fR or \fB4\fR \- Log everything. If xrdp-sesman is compiled in
debug mode, this options will output many more low\-level messages.
.TP .TP
\fBEnableSyslog\fR=\fI[0|1]\fR \fBEnableSyslog\fR=\fI[0|1]\fR
If set to \fB1\fR, \fBtrue\fR or \fByes\fR this option enables logging to syslog. Otherwise syslog is disabled. If set to \fB1\fR, \fBtrue\fR or \fByes\fR, this option enables logging to
syslog.
.TP .TP
\fBSyslogLevel\fR=\fIlevel\fR \fBSyslogLevel\fR=\fIlevel\fR
This option sets the logging level for syslog. It can have the same values of \fBLogLevel\fR. If \fBSyslogLevel\fR is greater than \fBLogLevel\fR, its value is lowered to that of \fBLogLevel\fR. Logging level for syslog. It can have the same values as \fBLogLevel\fR.
If \fBSyslogLevel\fR and \fBLogLevel\fR differ, the least verbose setting
takes effect for syslog.
.SH "SESSIONS" .SH "SESSIONS"
The following parameters can be used in the \fB[Sessions]\fR section: Following parameters can be used in the \fB[Sessions]\fR section.
.TP .TP
\fBX11DisplayOffset\fR=\fI<number>\fR \fBX11DisplayOffset\fR=\fInumber\fR
Specifies the first X display number available for \fBsesman\fP(8). This prevents sesman from interfering with real X11 servers. The default is 10. The first X display number available for xrdp-sesman. This prevents
xrdp-sesman from interfering with real X11 servers. The default is 10.
.TP .TP
\fBMaxSessions\fR=\fI<number>\fR \fBMaxSessions\fR=\fInumber\fR
Sets the maximum number of simultaneous session on terminal server. Sets the maximum number of simultaneous sessions. If not set or set to
.br \fI0\fR, unlimited session are allowed.
If unset or set to \fI0\fR, unlimited session are allowed.
.TP .TP
\fBKillDisconnected\fR=\fI[0|1]\fR \fBKillDisconnected\fR=\fI[0|1]\fR
If set to \fB1\fR, \fBtrue\fR or \fByes\fR, every session will be killed within 60 seconds when the user disconnects. If set to \fB1\fR, \fBtrue\fR or \fByes\fR, every session will be killed
.br within 60 seconds after the user disconnects.
.TP .TP
\fBIdleTimeLimit\fR=\fI<number>\fR \fBIdleTimeLimit\fR=\fInumber\fR
Sets the the time limit before an idle session is disconnected. \fI\This option is currently ignored!\fR Time limit before an idle
.br session is disconnected. If set to \fI0\fR, automatic disconnection is
If set to \fI0\fR, automatic disconnection is disabled. disabled.
.br
\fI\-this option is currently ignored!\-\fR .TP
\fBDisconnectedTimeLimit\fR=\fInumber\fR
.TP Sets the time limit (in seconds) before a disconnected session is killed.
\fBDisconnectedTimeLimit\fR=\fI<number>\fR
Sets the time(in seconds) limit before a disconnected session is killed.
.br
If set to \fI0\fR, automatic killing is disabled. If set to \fI0\fR, automatic killing is disabled.
.br
.TP .TP
\fBPolicy\fR=\fI[Default|UBD|UBI|UBC|UBDI|UBDC]\fR \fBPolicy\fR=\fI[Default|UBD|UBI|UBC|UBDI|UBDC]\fR
Session allocation policy. By Default, a new session is created Session allocation policy. By default, a new session is created
for the combination <User,BitPerPixel> when using Xrdp, and for the combination <User,BitPerPixel> when using Xrdp, and
for the combination <User,BitPerPixel,DisplaySize> when using Xvnc. for the combination <User,BitPerPixel,DisplaySize> when using Xvnc.
This behaviour can be changed by setting session policy to: This behavior can be changed by setting session policy to:
.br .br
.br .br
\fBUBD\fR - session per <User,BitPerPixel,DisplaySize> \fBUBD\fR - session per <User,BitPerPixel,DisplaySize>
.br .br
\fBUBI\fR - session per <User,BitPerPixel,IPAddr> \fBUBI\fR - session per <User,BitPerPixel,IPAddr>
.br .br
\fBUBC\fR - session per <User,BitPerPixel,Connection> \fBUBC\fR - session per <User,BitPerPixel,Connection>
.br .br
\fBUBDI\fR - session per <User,BitPerPixel,DisplaySize,IPAddr> \fBUBDI\fR - session per <User,BitPerPixel,DisplaySize,IPAddr>
.br .br
\fBUBDC\fR - session per <User,BitPerPixel,DisplaySize,Connection> \fBUBDC\fR - session per <User,BitPerPixel,DisplaySize,Connection>
.br .br
.br .br
Note that the criteria <User,BitPerPixel> can not be turned off Note that the \fBUser\fR and \fBBitPerPixel\fR criteria cannot be turned
and <DisplaySize> will always be checkt when for Xvnc connections. off. For Xvnc connections, \fBDisplaySize\fR is always enabled as well.
.br .br
.SH "SECURITY" .SH "SECURITY"
The following parameters can be used in the \fB[Sessions]\fR section: Following parameters can be used in the \fB[Security]\fR section.
.TP .TP
\fBAllowRootLogin\fR=\fI[0|1]\fR \fBAllowRootLogin\fR=\fI[0|1]\fR
If set to \fB1\fR, \fBtrue\fR or \fByes\fR enables root login on the terminal server If set to \fB1\fR, \fBtrue\fR or \fByes\fR, enables root login on the
terminal server.
.TP
\fBMaxLoginRetry\fR=\fI[0|1]\fR .TP
The number of login attempts that are allowed on terminal server. If set to \fI0\fR, unlimited attempts are allowed. The default value for this field is \fI3\fR. \fBMaxLoginRetry\fR=\fInumber\fR
The number of login attempts that are allowed on terminal server. If set
.TP to \fI0\fR, unlimited attempts are allowed. The default value for this
\fBTerminalServerUsers\fR=\fItsusers\fR field is \fI3\fR.
Only the users belonging to the group \fItsusers\fR are allowed to login on terminal server.
.br .TP
If unset or set to an invalid or non\-existent group, login for all users is enabled. \fBTerminalServerUsers\fR=\fIgroup\fR
Only the users belonging to the specified group are allowed to login on
.TP terminal server. If unset or set to an invalid or non\-existent group,
\fBTerminalServerAdmins\fR=\fItsadmins\fR login for all users is enabled.
Sets the group which a user shall belong to have session management rights.
.br .TP
\fI\-this option is currently ignored!\-\fR \fBTerminalServerAdmins\fR=\fIgroup\fR
\fIThis option is currently ignored!\fR Only members of this group can
.SH "EXAMPLES" have session management rights.
This is an example \fBsesman.ini\fR:
.TP
.nf \fBAlwaysGroupCheck\fR=\fI[0|1]\fR
[Globals] If set to \fB1\fR, \fBtrue\fR or \fByes\fR, require group membership even
ListenAddress=127.0.0.1 if the group specified in \fBTerminalServerUsers\fR doesn't exist.
ListenPort=3350
EnableUserWindowManager=1 .SH "X11 SERVER"
UserWindowManager=startwm.sh Following parameters can be used in the \fB[X11rdp]\fR, \fB[Xvnc]\fR and
DefaultWindowManager=startwm.sh \fB[Xorg]\fR sections.
[Logging] .TP
LogFile=/usr/local/xrdp/sesman.log \fBparam0\fR=\fIfilename\fR
LogLevel=DEBUG Path to the X11 server executable
EnableSyslog=0
SyslogLevel=DEBUG .TP
\fBparam\fR\fIN\fR=\fIstring\fR
[Sessions] Nth command line argument
MaxSessions=10
KillDisconnected=0 .SH "CHANSRV"
IdleTimeLimit=0 Following parameters can be used in the \fB[Chansrv]\fR section.
DisconnectedTimeLimit=0
.TP
[Security] \fBFuseMountName\fR=\fIstring\fR
AllowRootLogin=1 Directory for drive redirection, relative to the user home directory.
MaxLoginRetry=3 Created if it doesn't exist. Defaults to \fIxrdp_client\fR
TerminalServerUsers=tsusers
TerminalServerAdmins=tsadmins .SH "SESSIONS VARIABLES"
.fi All entries it the \fB[SessionVariables]\fR section are set as
environment variables in the user's session.
.SH "FILES" .SH "FILES"
${SESMAN_CFG_DIR}/sesman.ini /etc/xrdp/sesman.ini
.SH "SEE ALSO" .SH "SEE ALSO"
.BR sesman (8), .BR xrdp-sesman (8),
.BR sesrun (8), .BR xrdp-sesrun (8),
.BR xrdp (8), .BR xrdp (8),
.BR xrdp.ini (5) .BR xrdp.ini (5)
for more info on \fBxrdp\fR see http://xrdp.sf.net For more info on \fBxrdp\fR see http://xrdp.sf.net

Loading…
Cancel
Save