207 lines
6.3 KiB
Groff
207 lines
6.3 KiB
Groff
.\"
|
|
.TH "sesman.ini" "5" "0.1.0" "xrdp team" ""
|
|
.SH "NAME"
|
|
\fBsesman.ini\fR \- Configuration file for \fBsesman\fR(8)
|
|
|
|
.SH "DESCRIPTION"
|
|
This is the man page for \fBsesman.ini\fR, \fBsesman\fR(8) configuration file.
|
|
It is composed by a number of sections, each one composed by a section name, enclosed by square brackets, folowed by a list of \fI<parameter>\fR=\fI<value>\fR lines.
|
|
|
|
\fBsesman.ini\fR supports the following sections:
|
|
|
|
.TP
|
|
\fB[Globals]\fR \- sesman global configuration section,
|
|
|
|
.TP
|
|
\fB[Logging]\fR \- logging subsystem parameters
|
|
|
|
.TP
|
|
\fB[Security]\fR \- Access control parameters
|
|
|
|
.TP
|
|
\fB[Sessions]\fR \- Session management parameters
|
|
|
|
.LP
|
|
All options and values (except for file names and paths) are case insensitive, and are described in detail below.
|
|
|
|
.LP
|
|
For any of the following parameter, if it's specified more than one time the last entry encountered will be used.
|
|
|
|
\fBNOTE\fR: if any of these options is specified outside its section, it will be \fIignored\fR.
|
|
|
|
.SH "GLOBALS"
|
|
The options to be specified in the \fB[globals]\fR section are the following:
|
|
|
|
.TP
|
|
\fBListenAddress\fR=\fIip address\fR
|
|
Specifies sesman listening address. Default is 0.0.0.0 (all interfaces)
|
|
|
|
.TP
|
|
\fBListenPort\fR=\fIport number\fR
|
|
Specifies sesman listening port. Default is 3350
|
|
|
|
.TP
|
|
\fBEnableUserWindowManager\fR=\fI[0|1]\fR
|
|
If set to \fB1\fR, \fBtrue\fR or \fByes\fR this option enables user specific window manager, that is, anyone can define it's own script executed by sesman when starting a new session, specified by \fBUserWindowManager\fR
|
|
|
|
.TP
|
|
\fBUserWindowManager\fR=\fIstartwm.sh\fR
|
|
This option specifies the script run by sesman when starting a session and per\-user window manager is enabled.
|
|
.br
|
|
The path is relative to user's HOME directory
|
|
|
|
.TP
|
|
\fBDefaultWindowManager\fR=\fI${SESMAN_BIN_DIR}/startwm.sh\fR
|
|
This contains full path to the default window manager startup script used by sesman to start a session
|
|
|
|
.SH "LOGGING"
|
|
The following parameters can be used in the \fB[logging]\fR section:
|
|
|
|
.TP
|
|
\fBLogFile\fR=\fI${SESMAN_LOG_DIR}/sesman.log\fR
|
|
This options contains the path to logfile. It can be either absolute or relative, and the default is \fI${SESMAN_LOG_DIR}/sesman.log\fR
|
|
|
|
.TP
|
|
\fBLogLevel\fR=\fIlevel\fR
|
|
This option can have one of the following values:
|
|
|
|
\fBCORE\fR or \fB0\fR \- Log only core messages. these messages are _always_ logged, regardless the logging level selected.
|
|
|
|
\fBERROR\fR or \fB1\fR \- Log only error messages
|
|
|
|
\fBWARNING\fR, \fBWARN\fR or \fB2\fR \- Logs warnings and error messages
|
|
|
|
\fBINFO\fR or \fB3\fR \- Logs errors, warnings and informational messages
|
|
|
|
\fBDEBUG\fR or \fB4\fR \- Log everything. If \fBsesman\fR is compiled in debug mode, this options will output many more low\-level message, useful for developers
|
|
|
|
.TP
|
|
\fBEnableSyslog\fR=\fI[0|1]\fR
|
|
If set to \fB1\fR, \fBtrue\fR or \fByes\fR this option enables logging to syslog. Otherwise syslog is disabled.
|
|
|
|
.TP
|
|
\fBSyslogLevel\fR=\fIlevel\fR
|
|
This option sets the logging level for syslog. It can have the same values of \fBLogLevel\fR. If \fBSyslogLevel\fR is greater than \fBLogLevel\fR, its value is lowered to that of \fBLogLevel\fR.
|
|
|
|
.SH "SESSIONS"
|
|
The following parameters can be used in the \fB[Sessions]\fR section:
|
|
|
|
.TP
|
|
\fBX11DisplayOffset\fR=\fI<number>\fR
|
|
Specifies the first X display number available for \fBsesman\fP(8). This prevents sesman from interfering with real X11 servers. The default is 10.
|
|
|
|
.TP
|
|
\fBMaxSessions\fR=\fI<number>\fR
|
|
Sets the maximum number of simultaneous session on terminal server.
|
|
.br
|
|
If unset or set to \fI0\fR, unlimited session are allowed.
|
|
|
|
.TP
|
|
\fBKillDisconnected\fR=\fI[0|1]\fR
|
|
If set to \fB1\fR, \fBtrue\fR or \fByes\fR, every session will be killed within 60 seconds when the user disconnects.
|
|
.br
|
|
|
|
.TP
|
|
\fBIdleTimeLimit\fR=\fI<number>\fR
|
|
Sets the the time limit before an idle session is disconnected.
|
|
.br
|
|
If set to \fI0\fR, automatic disconnection is disabled.
|
|
.br
|
|
\fI\-this option is currently ignored!\-\fR
|
|
|
|
.TP
|
|
\fBDisconnectedTimeLimit\fR=\fI<number>\fR
|
|
Sets the time(in seconds) limit before a disconnected session is killed.
|
|
.br
|
|
If set to \fI0\fR, automatic killing is disabled.
|
|
.br
|
|
|
|
.TP
|
|
\fBPolicy\fR=\fI[Default|UBD|UBI|UBC|UBDI|UBDC]\fR
|
|
Session allocation policy. By Default, a new session is created
|
|
for the combination <User,BitPerPixel> when using Xrdp, and
|
|
for the combination <User,BitPerPixel,DisplaySize> when using Xvnc.
|
|
This behaviour can be changed by setting session policy to:
|
|
.br
|
|
|
|
.br
|
|
\fBUBD\fR - session per <User,BitPerPixel,DisplaySize>
|
|
.br
|
|
\fBUBI\fR - session per <User,BitPerPixel,IPAddr>
|
|
.br
|
|
\fBUBC\fR - session per <User,BitPerPixel,Connection>
|
|
.br
|
|
\fBUBDI\fR - session per <User,BitPerPixel,DisplaySize,IPAddr>
|
|
.br
|
|
\fBUBDC\fR - session per <User,BitPerPixel,DisplaySize,Connection>
|
|
.br
|
|
|
|
.br
|
|
Note that the criteria <User,BitPerPixel> can not be turned off
|
|
and <DisplaySize> will always be checkt when for Xvnc connections.
|
|
.br
|
|
|
|
.SH "SECURITY"
|
|
The following parameters can be used in the \fB[Sessions]\fR section:
|
|
|
|
.TP
|
|
\fBAllowRootLogin\fR=\fI[0|1]\fR
|
|
If set to \fB1\fR, \fBtrue\fR or \fByes\fR enables root login on the terminal server
|
|
|
|
.TP
|
|
\fBMaxLoginRetry\fR=\fI[0|1]\fR
|
|
The number of login attempts that are allowed on terminal server. If set to \fI0\fR, unlimited attempts are allowed. The default value for this field is \fI3\fR.
|
|
|
|
.TP
|
|
\fBTerminalServerUsers\fR=\fItsusers\fR
|
|
Only the users belonging to the group \fItsusers\fR are allowed to login on terminal server.
|
|
.br
|
|
If unset or set to an invalid or non\-existent group, login for all users is enabled.
|
|
|
|
.TP
|
|
\fBTerminalServerAdmins\fR=\fItsadmins\fR
|
|
Sets the group which a user shall belong to have session management rights.
|
|
.br
|
|
\fI\-this option is currently ignored!\-\fR
|
|
|
|
.SH "EXAMPLES"
|
|
This is an example \fBsesman.ini\fR:
|
|
|
|
.nf
|
|
[Globals]
|
|
ListenAddress=127.0.0.1
|
|
ListenPort=3350
|
|
EnableUserWindowManager=1
|
|
UserWindowManager=startwm.sh
|
|
DefaultWindowManager=startwm.sh
|
|
|
|
[Logging]
|
|
LogFile=/usr/local/xrdp/sesman.log
|
|
LogLevel=DEBUG
|
|
EnableSyslog=0
|
|
SyslogLevel=DEBUG
|
|
|
|
[Sessions]
|
|
MaxSessions=10
|
|
KillDisconnected=0
|
|
IdleTimeLimit=0
|
|
DisconnectedTimeLimit=0
|
|
|
|
[Security]
|
|
AllowRootLogin=1
|
|
MaxLoginRetry=3
|
|
TerminalServerUsers=tsusers
|
|
TerminalServerAdmins=tsadmins
|
|
.fi
|
|
|
|
.SH "FILES"
|
|
${SESMAN_CFG_DIR}/sesman.ini
|
|
|
|
.SH "SEE ALSO"
|
|
.BR sesman (8),
|
|
.BR sesrun (8),
|
|
.BR xrdp (8),
|
|
.BR xrdp.ini (5)
|
|
|
|
for more info on \fBxrdp\fR see http://xrdp.sf.net
|