xrdp/docs/man/sesman.ini.5

182 lines
5.5 KiB
Groff

.\"
.TH "sesman.ini" "5" "0.1.0" "xrdp team" ""
.SH "NAME"
\fBsesman.ini\fR \- Configuration file for \fBsesman\fR(8)
.SH "DESCRIPTION"
This is the man page for \fBsesman.ini\fR, \fBsesman\fR(8) configuration file.
It is composed by a number of sections, each one composed by a section name, enclosed by square brackets, folowed by a list of \fI<parameter>\fR=\fI<value>\fR lines.
\fBsesman.ini\fR supports the following sections:
.TP
\fB[Globals]\fR \- sesman global configuration section,
.TP
\fB[Logging]\fR \- logging subsystem parameters
.TP
\fB[Security]\fR \- Access control parameters
.TP
\fB[Sessions]\fR \- Session management parameters
.LP
All options and values (except for file names and paths) are case insensitive, and are described in detail below.
.LP
For any of the following parameter, if it's specified more than one time the last entry encountered will be used.
\fBNOTE\fR: if any of these options is specified outside its section, it will be \fIignored\fR.
.SH "GLOBALS"
The options to be specified in the \fB[globals]\fR section are the following:
.TP
\fBListenAddress\fR=\fIip address\fR
Specifies sesman listening address. Default is 0.0.0.0 (all interfaces)
.TP
\fBListenPort\fR=\fIport number\fR
Specifies sesman listening port. Default is 3350
.TP
\fBEnableUserWindowManager\fR=\fI[0|1]\fR
If set to \fB1\fR, \fBtrue\fR or \fByes\fR this option enables user specific window manager, that is, anyone can define it's own script executed by sesman when starting a new session, specified by \fBUserWindowManager\fR
.TP
\fBUserWindowManager\fR=\fIstartwm.sh\fR
This option specifies the script run by sesman when starting a session and per\-user window manager is enabled.
.br
The path is relative to user's HOME directory
.TP
\fBDefaultWindowManager\fR=\fI${SESMAN_BIN_DIR}/startwm.sh\fR
This contains full path to the default window manager startup script used by sesman to start a session
.SH "LOGGING"
The following parameters can be used in the \fB[logging]\fR section:
.TP
\fBLogFile\fR=\fI${SESMAN_LOG_DIR}/sesman.log\fR
This options contains the path to logfile. It can be either absolute or relative, and the default is \fI${SESMAN_LOG_DIR}/sesman.log\fR
.TP
\fBLogLevel\fR=\fIlevel\fR
This option can have one of the following values:
\fBCORE\fR or \fB0\fR \- Log only core messages. these messages are _always_ logged, regardless the logging level selected.
\fBERROR\fR or \fB1\fR \- Log only error messages
\fBWARNING\fR, \fBWARN\fR or \fB2\fR \- Logs warnings and error messages
\fBINFO\fR or \fB3\fR \- Logs errors, warnings and informational messages
\fBDEBUG\fR or \fB4\fR \- Log everything. If \fBsesman\fR is compiled in debug mode, this options will output many more low\-level message, useful for developers
.TP
\fBEnableSyslog\fR=\fI[0|1]\fR
If set to \fB1\fR, \fBtrue\fR or \fByes\fR this option enables logging to syslog. Otherwise syslog is disabled.
.TP
\fBSyslogLevel\fR=\fIlevel\fR
This option sets the logging level for syslog. It can have the same values of \fBLogLevel\fR. If \fBSyslogLevel\fR is greater than \fBLogLevel\fR, its value is lowered to that of \fBLogLevel\fR.
.SH "SESSIONS"
The following parameters can be used in the \fB[Sessions]\fR section:
.TP
\fBX11DisplayOffset\fR=\fI<number>\fR
Specifies the first X display number available for \fBsesman\fP(8). This prevents sesman from interfering with real X11 servers. The default is 10.
.TP
\fBMaxSessions\fR=\fI<number>\fR
Sets the maximum number of simultaneous session on terminal server.
.br
If unset or set to \fI0\fR, unlimited session are allowed.
.TP
\fBKillDisconnected\fR=\fI[0|1]\fR
If set to \fB1\fR, \fBtrue\fR or \fByes\fR, every session will be killed within 60 seconds when the user disconnects.
.br
.TP
\fBIdleTimeLimit\fR=\fI<number>\fR
Sets the the time limit before an idle session is disconnected.
.br
If set to \fI0\fR, automatic disconnection is disabled.
.br
\fI\-this option is currently ignored!\-\fR
.TP
\fBDisconnectedTimeLimit\fR=\fI<number>\fR
Sets the time(in seconds) limit before a disconnected session is killed.
.br
If set to \fI0\fR, automatic killing is disabled.
.br
.SH "SECURITY"
The following parameters can be used in the \fB[Sessions]\fR section:
.TP
\fBAllowRootLogin\fR=\fI[0|1]\fR
If set to \fB1\fR, \fBtrue\fR or \fByes\fR enables root login on the terminal server
.TP
\fBMaxLoginRetry\fR=\fI[0|1]\fR
The number of login attempts that are allowed on terminal server. If set to \fI0\fR, unlimited attempts are allowed. The default value for this field is \fI3\fR.
.TP
\fBTerminalServerUsers\fR=\fItsusers\fR
Only the users belonging to the group \fItsusers\fR are allowed to login on terminal server.
.br
If unset or set to an invalid or non\-existent group, login for all users is enabled.
.TP
\fBTerminalServerAdmins\fR=\fItsadmins\fR
Sets the group which a user shall belong to have session management rights.
.br
\fI\-this option is currently ignored!\-\fR
.SH "EXAMPLES"
This is an example \fBsesman.ini\fR:
.nf
[Globals]
ListenAddress=127.0.0.1
ListenPort=3350
EnableUserWindowManager=1
UserWindowManager=startwm.sh
DefaultWindowManager=startwm.sh
[Logging]
LogFile=/usr/local/xrdp/sesman.log
LogLevel=DEBUG
EnableSyslog=0
SyslogLevel=DEBUG
[Sessions]
MaxSessions=10
KillDisconnected=0
IdleTimeLimit=0
DisconnectedTimeLimit=0
[Security]
AllowRootLogin=1
MaxLoginRetry=3
TerminalServerUsers=tsusers
TerminalServerAdmins=tsadmins
.fi
.SH "FILES"
${SESMAN_CFG_DIR}/sesman.ini
.SH "SEE ALSO"
.BR sesman (8),
.BR sesrun (8),
.BR xrdp (8),
.BR xrdp.ini (5)
for more info on \fBxrdp\fR see http://xrdp.sf.net