summaryrefslogtreecommitdiff
path: root/man
diff options
context:
space:
mode:
authorMatthieu Herrb <matthieu@herrb.eu>2016-09-01 17:35:00 +0100
committerMatthieu Herrb <matthieu@herrb.eu>2016-09-01 17:49:24 +0100
commite2484ba42fc0d79ed29bdb33a467aca2aaffe3bc (patch)
tree776d42ebb647361930ad0f14105754aacb3e93cb /man
parent613f146250da654c81d5c29658161f5ebb981adf (diff)
Remove more XDMCP tentacles
Diffstat (limited to 'man')
-rw-r--r--man/xdm.man297
1 files changed, 7 insertions, 290 deletions
diff --git a/man/xdm.man b/man/xdm.man
index 9590c1a..b44545f 100644
--- a/man/xdm.man
+++ b/man/xdm.man
@@ -25,7 +25,7 @@
.\"
.TH XDM 1 __xorgversion__
.SH NAME
-xdm \- X Display Manager with support for XDMCP, host chooser
+xdm \- X Display Manager
.SH SYNOPSIS
.B xdm
[
@@ -51,8 +51,8 @@ xdm \- X Display Manager with support for XDMCP, host chooser
]
.SH DESCRIPTION
.I Xdm
-manages a collection of X displays, which may be on the local host
-or remote servers. The design of
+manages a collection of X displays on the local host.
+The design of
.I xdm
was guided by the needs of X terminals as well as The Open Group standard
XDMCP, the \fIX Display Manager Control Protocol\fP.
@@ -75,21 +75,6 @@ termination of this process terminates the user's session.
When the session is terminated, \fIxdm\fP
resets the X server and (optionally) restarts the whole process.
.PP
-When \fIxdm\fP receives an Indirect query via XDMCP, it can run a
-\fIchooser\fP process to
-perform an XDMCP BroadcastQuery (or an XDMCP Query to specified hosts)
-on behalf of the display and
-offer a menu of possible hosts that offer XDMCP display management.
-This feature is useful with X terminals that do not offer a host
-menu themselves.
-.PP
-.I Xdm
-can be configured to ignore BroadcastQuery messages from selected hosts.
-This is useful when you don't want the host to appear in menus produced
-by
-.I chooser
-or X terminals themselves.
-.PP
Because
.I xdm
provides the first interface that users will see, it is designed to be
@@ -108,22 +93,14 @@ controlled by resource files and shell scripts. The names of these
files themselves are resources read from the file \fIxdm-config\fP or
the file named by the \fB\-config\fP option.
.PP
-\fIxdm\fP offers display management two different ways. It can manage
+\fIxdm\fP can manage
X servers running on the local machine and specified in
-\fIXservers\fP, and it can manage remote X servers (typically X
-terminals) using XDMCP (the XDM Control Protocol)
-as specified in the \fIXaccess\fP file.
+\fIXservers\fP.
.PP
The resources of the X clients run by \fIxdm\fP outside the user's
session, including \fIxdm\fP's own login window, can be
affected by setting resources in the \fIXresources\fP file.
.PP
-For X terminals that do not offer a menu of hosts to get display
-management from, \fIxdm\fP can collect willing hosts and run the
-\fIchooser\fP program to offer the user a menu.
-For X displays attached to a host, this step is typically not used, as
-the local host does the display management.
-.PP
After resetting the X server, \fIxdm\fP runs the \fIXsetup\fP script
to assist in setting up the screen the user sees along with the
\fIxlogin\fP widget.
@@ -201,14 +178,6 @@ Specifies the value for the \fBDisplayManager.servers\fP resource.
See the section
.B "Local Server Specification"
for a description of this resource.
-.IP "\fB\-udpPort\fP \fIport_number\fP"
-Specifies the value for the \fBDisplayManager.requestPort\fP resource. This
-sets the port-number which
-.I xdm
-will monitor for XDMCP requests. If set to 0, xdm will not listen
-for XDMCP or Chooser requests. As XDMCP uses the registered well-known
-UDP port 177, this resource should not be changed to a value other than 0,
-except for debugging.
.IP "\fB\-session\fP \fIsession_program\fP"
Specifies the value for the \fBDisplayManager*session\fP resource. This
indicates the program to run as the session after the user has logged in.
@@ -231,14 +200,6 @@ the display name is inserted into the resource name between
For local displays, the resource name and class are as read from the
\fIXservers\fP file.
.PP
-For remote displays, the resource name is what the network address of
-the display resolves to. See the \fBremoveDomain\fP resource. The
-name must match exactly; \fIxdm\fP is not aware of
-all the network aliases that might reach a given display.
-If the name resolve fails, the address is
-used. The resource class is as sent by the display in the XDMCP
-Manage request.
-.PP
Because the resource
manager uses colons to separate the name of the resource from its value and
dots to separate resource name parts,
@@ -252,11 +213,6 @@ resource which defines the startup shell file for the ``expo.x.org:0'' display.
This resource either specifies a file name full of server entries, one per
line (if the value starts with a slash), or a single server entry.
See the section \fBLocal Server Specification\fP for the details.
-.IP "\fBDisplayManager.requestPort\fP"
-This indicates the UDP port number which
-.I xdm
-uses to listen for incoming XDMCP requests. Unless you need to debug the
-system, leave this with its default value of 177.
.IP "\fBDisplayManager.errorLogFile\fP"
Error output is normally directed at the system console. To redirect it,
set this resource to a file name. A method to send these messages to
@@ -314,31 +270,6 @@ files after a session terminates and the files have changed. By default it
is ``true.'' You can force
.I xdm
to reread these files by sending a SIGHUP to the main process.
-.IP "\fBDisplayManager.removeDomainname\fP"
-When computing the display name for XDMCP clients, the name resolver will
-typically create a fully qualified host name for the terminal. As this is
-sometimes confusing,
-.I xdm
-will remove the domain name portion of the host name if it is the same as the
-domain name of the local host when this variable is set. By default the
-value is ``true.''
-.IP "\fBDisplayManager.keyFile\fP"
-XDM-AUTHENTICATION-1 style XDMCP authentication requires that a private key
-be shared between
-.I xdm
-and the terminal. This resource specifies the file containing those
-values. Each entry in the file consists of a display name and the shared
-key. By default,
-.I xdm
-does not include support for XDM-AUTHENTICATION-1, as it requires DES which
-is not generally distributable because of United States export restrictions.
-.IP \fBDisplayManager.accessFile\fP
-To prevent unauthorized XDMCP service and to allow forwarding of XDMCP
-IndirectQuery requests, this file contains a database of hostnames which are
-either allowed direct access to this machine, or have a list of hosts to
-which queries should be forwarded to. The format of this file is described
-in the section
-.B "XDMCP Access Control."
.IP \fBDisplayManager.exportList\fP
A list of additional environment variables, separated by white space,
to pass on to the \fIXsetup\fP,
@@ -377,24 +308,6 @@ algorithm is used instead.
On systems that support a dynamically-loadable greeter library, the
name of the library. The default is
\fI DEF_GREETER_LIB\fP.
-.IP \fBDisplayManager.choiceTimeout\fP
-Number of seconds to wait for display to respond after user has
-selected a host from the chooser. If the display sends an XDMCP
-IndirectQuery within this time, the request is forwarded to the chosen
-host. Otherwise, it is assumed to be from a new session and the
-chooser is offered again.
-Default is 15.
-.IP \fBDisplayManager.sourceAddress\fP
-Use the numeric IP address of the incoming connection on multihomed hosts
-instead of the host name. This is to avoid trying to connect on the wrong
-interface which might be down at this time.
-.IP \fBDisplayManager.willing\fP
-This specifies a program which is run (as) root when an an XDMCP
-BroadcastQuery is received and this host is configured to offer XDMCP
-display management. The output of this program may be displayed on a chooser
-window. If no program is specified, the string \fIWilling to manage\fP is
-sent.
-.PP
.\"
.IP "\fBDisplayManager.\fP\fIDISPLAY\fP\fB.resources\fP"
This resource specifies the name of the file to be loaded by \fIxrdb\fP
@@ -410,11 +323,6 @@ resources that are appropriate to place in this file.
There is no default value for this resource, but
\fI XDMDIR/Xresources\fP
is the conventional name.
-.IP "\fBDisplayManager.\fP\fIDISPLAY\fP\fB.chooser\fP"
-Specifies the program run to offer a host menu for Indirect queries
-redirected to the special host name CHOOSER.
-\fI CHOOSERPATH \fP is the default.
-See the sections \fBXDMCP Access Control\fP and \fBChooser\fP.
.IP "\fBDisplayManager.\fP\fIDISPLAY\fP\fB.xrdb\fP"
Specifies the program used to load the resources. By default,
.I xdm
@@ -625,187 +533,6 @@ that some of the resources are specified with ``*'' separating the
components. These resources can be made unique for each different display,
by replacing the ``*'' with the display-name, but normally this is not very
useful. See the \fBResources\fP section for a complete discussion.
-.SH "XDMCP ACCESS CONTROL"
-.PP
-The database file specified by the \fBDisplayManager.accessFile\fP provides
-information which
-.I xdm
-uses to control access from displays requesting XDMCP service. This file
-contains three types of entries: entries which control the response to
-Direct and Broadcast queries, entries which control the response to
-Indirect queries, and macro definitions.
-.PP
-The format of the Direct entries is simple, either a host name or a
-pattern, which is distinguished from a host name by the inclusion of
-one or more meta characters (`*' matches any sequence of 0 or more
-characters, and `?' matches any single character) which are compared against
-the host name of the display device.
-If the entry is a host name, all comparisons are done using
-network addresses, so any name which converts to the correct network address
-may be used.
-For patterns, only canonical host names are used
-in the comparison, so ensure that you do not attempt to match
-aliases.
-Preceding either a host name or a pattern with a `!' character
-causes hosts which
-match that entry to be excluded.
-.PP
-To only respond to Direct queries for a host or pattern,
-it can be followed by the optional ``NOBROADCAST'' keyword.
-This can be used to prevent an xdm server from appearing on
-menus based on Broadcast queries.
-.PP
-An Indirect entry also contains a host name or pattern,
-but follows it with a list of
-host names or macros to which indirect queries should be sent.
-.PP
-A macro definition contains a macro name and a list of host names and
-other macros that
-the macro expands to. To distinguish macros from hostnames, macro
-names start with a `%' character. Macros may be nested.
-.PP
-Indirect entries
-may also specify to have \fIxdm\fP run \fIchooser\fP to offer a menu
-of hosts to connect to. See the section \fBChooser\fP.
-.PP
-When checking access for a particular display host, each entry is scanned in
-turn and the first matching entry determines the response. Direct and
-Broadcast
-entries are ignored when scanning for an Indirect entry and vice-versa.
-.PP
-Blank lines are ignored, `#' is treated as a comment
-delimiter causing the rest of that line to be ignored,
-and `\e\fInewline\fP'
-causes the newline to be ignored, allowing indirect host lists to span
-multiple lines.
-.PP
-Here is an example Xaccess file:
-.LP
-.ta 2i 4i
-.nf
-#
-# Xaccess \- XDMCP access control file
-#
-
-#
-# Direct/Broadcast query entries
-#
-
-!xtra.lcs.mit.edu # disallow direct/broadcast service for xtra
-bambi.ogi.edu # allow access from this particular display
-*.lcs.mit.edu # allow access from any display in LCS
-
-*.deshaw.com NOBROADCAST # allow only direct access
-*.gw.com # allow direct and broadcast
-
-#
-# Indirect query entries
-#
-
-%HOSTS expo.lcs.mit.edu xenon.lcs.mit.edu \\
- excess.lcs.mit.edu kanga.lcs.mit.edu
-
-extract.lcs.mit.edu xenon.lcs.mit.edu #force extract to contact xenon
-!xtra.lcs.mit.edu dummy #disallow indirect access
-*.lcs.mit.edu %HOSTS #all others get to choose
-.fi
-.PP
-If compiled with IPv6 support, multicast address groups may also be included
-in the list of addresses indirect queries are set to. Multicast addresses
-may be followed by an optional / character and hop count. If no hop count is
-specified, the multicast hop count defaults to 1, keeping the packet on the
-local network. For IPv4 multicasting, the hop count is used as the TTL.
-.PP
-Examples:
-.LP
-.ta 2.1i 4.5i
-.nf
-rincewind.sample.net ff02::1 #IPv6 Multicast to ff02::1
-\& #with a hop count of 1
-ponder.sample.net CHOOSER 239.192.1.1/16 #Offer a menu of hosts
-\& #who respond to IPv4 Multicast
-\& # to 239.192.1.1 with a TTL of 16
-.fi
-.SH CHOOSER
-.PP
-For X terminals that do not offer a host menu for use with Broadcast
-or Indirect queries, the \fIchooser\fP program can do this for them.
-In the \fIXaccess\fP file, specify ``CHOOSER'' as the first entry in
-the Indirect host list. \fIChooser\fP will send a Query request to
-each of the remaining host names in the list and offer a menu of all
-the hosts that respond.
-.PP
-The list may consist of the word ``BROADCAST,'' in which case
-\fIchooser\fP will send a Broadcast instead, again offering a menu of
-all hosts that respond. Note that on some operating systems, UDP
-packets cannot be broadcast, so this feature will not work.
-.PP
-Example \fIXaccess\fP file using \fIchooser\fP:
-
-.nf
-extract.lcs.mit.edu CHOOSER %HOSTS #offer a menu of these hosts
-xtra.lcs.mit.edu CHOOSER BROADCAST #offer a menu of all hosts
-.fi
-.PP
-The program to use for \fIchooser\fP is specified by the
-\fBDisplayManager.\fP\fIDISPLAY\fP\fB.chooser\fP resource. For more
-flexibility at this step, the chooser could be a shell script.
-\fIChooser\fP is the session manager here; it is run instead of a
-child \fIxdm\fP to manage the display.
-.PP
-Resources for this program
-can be put into the file named by
-\fBDisplayManager.\fP\fIDISPLAY\fP\fB.resources\fP.
-.PP
-When the user selects a host, \fIchooser\fP prints the host chosen,
-which is read by the parent \fIxdm\fP, and exits.
-\fIxdm\fP closes its connection to the X server, and the server resets
-and sends another \fBIndirect\fP XDMCP request.
-\fIxdm\fP remembers the user's choice (for
-\fBDisplayManager.choiceTimeout\fP seconds) and forwards the request
-to the chosen host, which starts a session on that display.
-.\"
-.SH LISTEN
-The following configuration directive is also defined for the Xaccess
-configuration file:
-.IP "\fBLISTEN\fP \fIinterface\fP \fI[list of multicast group addresses]\fP"
-\fIinterface\fP may be a hostname or IP address representing a
-network interface on this machine, or the wildcard * to represent all
-available network interfaces.
-.PP
-If one or more LISTEN lines are specified, xdm only listens for XDMCP
-connections on the specified interfaces. If multicast group addresses
-are listed on a listen line, xdm joins the multicast groups on the
-given interface.
-.PP
-If no LISTEN lines are given, the original behavior of listening on
-all interfaces is preserved for backwards compatibility.
-Additionally, if no LISTEN is specified, xdm joins the default XDMCP
-IPv6 multicast group, when compiled with IPv6 support.
-.PP
-To disable listening for XDMCP connections altogther, a line of LISTEN
-with no addresses may be specified, or the previously supported method
-of setting DisplayManager.requestPort to 0 may be used.
-.PP
-Examples:
-.ta 2i 4i
-.nf
-LISTEN * ff02::1 # Listen on all interfaces and to the
-\& # ff02::1 IPv6 multicast group.
-LISTEN 10.11.12.13 # Listen only on this interface, as long
-\& # as no other listen directives appear in
-\& # file.
-.fi
-.SH "IPv6 MULTICAST ADDRESS SPECIFICATION"
-.PP
-The Internet Assigned Numbers Authority has has assigned
-ff0\fIX\fP:0:0:0:0:0:0:12b as the permanently assigned range of
-multicast addresses for XDMCP. The \fIX\fP in the prefix may be replaced
-by any valid scope identifier, such as 1 for Interface-Local, 2 for Link-Local,
-5 for Site-Local, and so on. (See IETF RFC 4291 or its replacement for
-further details and scope definitions.) xdm defaults to listening on the
-Link-Local scope address ff02:0:0:0:0:0:0:12b to most closely match the
-old IPv4 subnet broadcast behavior.
.SH "LOCAL SERVER SPECIFICATION"
.PP
The resource \fBDisplayManager.servers\fP gives a server specification
@@ -816,8 +543,7 @@ Each specification
indicates a display which should constantly be managed and which is
not using XDMCP.
This method is used typically for local servers only. If the resource
-or the file named by the resource is empty, \fIxdm\fP will offer XDMCP
-service only.
+or the file named by the resource is empty, \fIxdm\fP will exit.
.PP
Each specification consists of at least three parts: a display
name, a display class, a display type, and (for local servers) a command
@@ -846,21 +572,12 @@ if your other resources are specified as
``DisplayManager._0.session''). The display class portion is also used in the
display-specific resources, as the class of the resource. This is
useful if you have a large collection of similar displays (such as a corral of
-X terminals) and would like to set resources for groups of them. When using
-XDMCP, the display is required to specify the display class, so the manual
-for your particular X terminal should document the display class
-string for your device. If it doesn't, you can run
-.I xdm
-in debug mode and
-look at the resource strings which it generates for that device, which will
-include the class string.
+X terminals) and would like to set resources for groups of them.
.PP
When \fIxdm\fP starts a session, it sets up authorization data for the
server. For local servers, \fIxdm\fP passes
``\fB\-auth\fP \fIfilename\fP'' on the server's command line to point
it at its authorization data.
-For XDMCP servers, \fIxdm\fP passes the
-authorization data to the server via the \fBAccept\fP XDMCP request.
.SH RESOURCES FILE
The \fIXresources\fP file is
loaded onto the display as a resource database using