Remove unused file.

1 files changed, 0 insertions, 1450 deletions

diff --git a/app/xdm/xdm.man.cpp b/app/xdm/xdm.man.cpp
deleted file mode 100644
index ef12677ff..000000000
--- a/app/xdm/xdm.man.cpp
+++ /dev/null
@@ -1,1450 +0,0 @@
-.\" Copyright 1988, 1994, 1998  The Open Group
-.\"
-.\" Permission to use, copy, modify, distribute, and sell this software and its
-.\" documentation for any purpose is hereby granted without fee, provided that
-.\" the above copyright notice appear in all copies and that both that
-.\" copyright notice and this permission notice appear in supporting
-.\" documentation.
-.\"
-.\" The above copyright notice and this permission notice shall be included
-.\" in all copies or substantial portions of the Software.
-.\"
-.\" THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
-.\" OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-.\" MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
-.\" IN NO EVENT SHALL THE OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR
-.\" OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
-.\" ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
-.\" OTHER DEALINGS IN THE SOFTWARE.
-.\"
-.\" Except as contained in this notice, the name of The Open Group shall
-.\" not be used in advertising or otherwise to promote the sale, use or
-.\" other dealings in this Software without prior written authorization
-.\" from The Open Group.
-.\"
-.\"
-.TH XDM 1 __xorgversion__
-.SH NAME
-xdm \- X Display Manager with support for XDMCP, host chooser
-.SH SYNOPSIS
-.B xdm
-[
-.B \-config
-.I configuration_file
-] [
-.B \-nodaemon
-] [
-.B \-debug
-.I debug_level
-] [
-.B \-error
-.I error_log_file
-] [
-.B \-resources
-.I resource_file
-] [
-.B \-server
-.I server_entry
-] [
-.B \-session
-.I session_program
-]
-.SH DESCRIPTION
-.I Xdm
-manages a collection of X displays, which may be on the local host
-or remote servers.  The design of
-.I xdm
-was guided by the needs of X terminals as well as The Open Group standard
-XDMCP, the \fIX Display Manager Control Protocol\fP.
-.I Xdm
-provides services similar to those provided by \fIinit\fP, \fIgetty\fP
-and \fIlogin\fP on character terminals: prompting for login name and password,
-authenticating the user, and running a ``session.''
-.PP
-A ``session'' is defined by the lifetime of a particular process; in the
-traditional character-based terminal world, it is the user's login shell.
-In the
-.I xdm
-context, it is an arbitrary session manager.  This is because in a windowing
-environment, a user's login shell process does not necessarily have any
-terminal-like interface with which to connect.
-When a real session manager is not available, a window manager or terminal
-emulator is typically used as the ``session manager,'' meaning that
-termination of this process terminates the user's session.
-.PP
-When the session is terminated, \fIxdm\fP
-resets the X server and (optionally) restarts the whole process.
-.PP
-When \fIxdm\fP receives an Indirect query via XDMCP, it can run a
-\fIchooser\fP process to
-perform an XDMCP BroadcastQuery (or an XDMCP Query to specified hosts)
-on behalf of the display and
-offer a menu of possible hosts that offer XDMCP display management.
-This feature is useful with X terminals that do not offer a host
-menu themselves.
-.PP
-.I Xdm
-can be configured to ignore BroadcastQuery messages from selected hosts.
-This is useful when you don't want the host to appear in menus produced
-by
-.I chooser
-or X terminals themselves.
-.PP
-Because
-.I xdm
-provides the first interface that users will see, it is designed to be
-simple to use and easy to customize to the needs of a particular site.
-.I Xdm
-has many options, most of which have reasonable defaults.  Browse through the
-various sections of this manual,
-picking and choosing the things you want to change.
-Pay particular attention to the
-.B "Session Program"
-section, which will describe how to
-set up the style of session desired.
-.SH "OVERVIEW"
-\fIxdm\fP is highly configurable, and most of its behavior can be
-controlled by resource files and shell scripts.  The names of these
-files themselves are resources read from the file \fIxdm-config\fP or
-the file named by the \fB\-config\fP option.
-.PP
-\fIxdm\fP offers display management two different ways.  It can manage
-X servers running on the local machine and specified in
-\fIXservers\fP, and it can manage remote X servers (typically X
-terminals) using XDMCP (the XDM Control Protocol)
-as specified in the \fIXaccess\fP file.
-.PP
-The resources of the X clients run by \fIxdm\fP outside the user's
-session, including \fIxdm\fP's own login window, can be
-affected by setting resources in the \fIXresources\fP file.
-.PP
-For X terminals that do not offer a menu of hosts to get display
-management from, \fIxdm\fP can collect willing hosts and run the
-\fIchooser\fP program to offer the user a menu.
-For X displays attached to a host, this step is typically not used, as
-the local host does the display management.
-.PP
-After resetting the X server, \fIxdm\fP runs the \fIXsetup\fP script
-to assist in setting up the screen the user sees along with the
-\fIxlogin\fP widget.
-.PP
-The \fIxlogin\fP widget, which \fIxdm\fP presents,
-offers the familiar login and password prompts.
-.PP
-After the user logs in, \fIxdm\fP runs the \fIXstartup\fP script as
-root.
-.PP
-Then \fIxdm\fP runs the \fIXsession\fP script as the user.  This
-system session file may do some additional startup and typically runs
-the \fI.xsession\fP script in the user's home directory.
-When the \fIXsession\fP script exits, the session is over.
-.PP
-At the end of the session, the \fIXreset\fP script is run to clean up,
-the X server is reset, and the cycle starts over.
-.PP
-The file \fI XDMLOGDIR/xdm.log\fP will contain error
-messages from
-.I xdm
-and anything output to stderr by \fIXsetup, Xstartup, Xsession\fP
-or \fIXreset\fP.
-When you have trouble getting
-.I xdm
-working, check this file to see if
-.I xdm
-has any clues to the trouble.
-.SH OPTIONS
-.PP
-All of these options, except \fB\-config\fP itself,
-specify values that can also be specified in the configuration file
-as resources.
-.IP "\fB\-config\fP \fIconfiguration_file\fP"
-Names the configuration file, which specifies resources to control
-the behavior of
-.I xdm.
-.I XDMDIR/xdm-config
-is the default.
-See the section \fBConfiguration File\fP.
-.IP "\fB\-nodaemon\fP"
-Specifies ``false'' as the value for the \fBDisplayManager.daemonMode\fP
-resource.
-This suppresses the normal daemon behavior, which is for
-.I xdm
-to close all file descriptors, disassociate itself from
-the controlling terminal, and put
-itself in the background when it first starts up.
-.IP "\fB\-debug\fP \fIdebug_level\fP"
-Specifies the numeric value for the \fBDisplayManager.debugLevel\fP
-resource.  A non-zero value causes
-.I xdm
-to print lots of debugging statements to the terminal; it also disables the
-\fBDisplayManager.daemonMode\fP resource, forcing
-.I xdm
-to run synchronously.  To interpret these debugging messages, a copy
-of the source code for
-.I xdm
-is almost a necessity.  No attempt has been
-made to rationalize or standardize the output.
-.IP "\fB\-error\fP \fIerror_log_file\fP"
-Specifies the value for the \fBDisplayManager.errorLogFile\fP resource.
-This file contains errors from
-.I xdm
-as well as anything written to stderr by the various scripts and programs
-run during the progress of the session.
-.IP "\fB\-resources\fP \fIresource_file\fP"
-Specifies the value for the \fBDisplayManager*resources\fP resource.  This file
-is loaded using
-.IR xrdb (__appmansuffix__)
-to specify configuration parameters for the
-authentication widget.
-.IP "\fB\-server\fP \fIserver_entry\fP"
-Specifies the value for the \fBDisplayManager.servers\fP resource.
-See the section
-.B "Local Server Specification"
-for a description of this resource.
-.IP "\fB\-udpPort\fP \fIport_number\fP"
-Specifies the value for the \fBDisplayManager.requestPort\fP resource.  This
-sets the port-number which
-.I xdm
-will monitor for XDMCP requests.  If set to 0, xdm will not listen
-for XDMCP or Chooser requests.  As XDMCP uses the registered well-known
-UDP port 177, this resource should not be changed to a value other than 0,
-except for debugging.
-.IP "\fB\-session\fP \fIsession_program\fP"
-Specifies the value for the \fBDisplayManager*session\fP resource.  This
-indicates the program to run as the session after the user has logged in.
-.IP "\fB\-xrm\fP \fIresource_specification\fP"
-Allows an arbitrary resource to be specified, as in most
-X Toolkit applications.
-.SH RESOURCES
-At many stages the actions of
-.I xdm
-can be controlled through the use of its configuration file, which is in the
-X resource format.
-Some resources modify the behavior of
-.I xdm
-on all displays,
-while others modify its behavior on a single display.  Where actions relate
-to a specific display,
-the display name is inserted into the resource name between
-``DisplayManager'' and the final resource name segment.
-.PP
-For local displays, the resource name and class are as read from the
-\fIXservers\fP file.
-.PP
-For remote displays, the resource name is what the network address of
-the display resolves to.  See the \fBremoveDomain\fP resource.  The
-name must match exactly; \fIxdm\fP is not aware of
-all the network aliases that might reach a given display.
-If the name resolve fails, the address is
-used.  The resource class is as sent by the display in the XDMCP
-Manage request.
-.PP
-Because the resource
-manager uses colons to separate the name of the resource from its value and
-dots to separate resource name parts,
-.I xdm
-substitutes underscores for both dots and colons when generating the resource
-name.
-For example, \fBDisplayManager.expo_x_org_0.startup\fP is the name of the
-resource which defines the startup shell file for the ``expo.x.org:0'' display.
-.\"
-.IP "\fBDisplayManager.servers\fP"
-This resource either specifies a file name full of server entries, one per
-line (if the value starts with a slash), or a single server entry.
-See the section \fBLocal Server Specification\fP for the details.
-.IP "\fBDisplayManager.requestPort\fP"
-This indicates the UDP port number which
-.I xdm
-uses to listen for incoming XDMCP requests.  Unless you need to debug the
-system, leave this with its default value of 177.
-.IP "\fBDisplayManager.errorLogFile\fP"
-Error output is normally directed at the system console.  To redirect it,
-set this resource to a file name.  A method to send these messages to
-.I syslog
-should be developed for systems which support it; however, the
-wide variety of interfaces precludes any system-independent
-implementation.  This file also contains any output directed to stderr
-by the \fIXsetup, Xstartup, Xsession\fP and \fIXreset\fP files,
-so it will contain descriptions
-of problems in those scripts as well.
-.IP "\fBDisplayManager.debugLevel\fP"
-If the integer value of this resource is greater than zero,
-reams of
-debugging information will be printed.  It also disables daemon mode, which
-would redirect the information into the bit-bucket, and
-allows non-root users to run
-.I xdm,
-which would normally not be useful.
-.IP "\fBDisplayManager.daemonMode\fP"
-Normally,
-.I xdm
-attempts to make itself into a daemon process unassociated with any terminal.
-This is
-accomplished by forking and leaving the parent process to exit, then closing
-file descriptors and releasing the controlling terminal.  In some
-environments this is not desired (in particular, when debugging).  Setting
-this resource to ``false'' will disable this feature.
-.IP "\fBDisplayManager.pidFile\fP"
-The filename specified will be created to contain an ASCII
-representation of the process-id of the main
-.I xdm
-process.
-.I Xdm
-also uses file locking on this file
-to attempt to eliminate multiple daemons running on
-the same machine, which would cause quite a bit of havoc.
-.IP "\fBDisplayManager.lockPidFile\fP"
-This is the resource which controls whether
-.I xdm
-uses file locking to keep multiple display managers from running amok.
-On System V, this
-uses the \fIlockf\fP library call, while on BSD it uses \fIflock.\fP
-.IP "\fBDisplayManager.authDir\fP"
-This names a directory under which
-.I xdm
-stores authorization files while initializing the session.  The
-default value is \fI XDMXAUTHDIR.\fP
-Can be overridden for specific displays by
-DisplayManager.\fIDISPLAY\fP.authFile.
-.IP \fBDisplayManager.autoRescan\fP
-This boolean controls whether
-.I xdm
-rescans the configuration, servers, access control and authentication keys
-files after a session terminates and the files have changed.  By default it
-is ``true.''  You can force
-.I xdm
-to reread these files by sending a SIGHUP to the main process.
-.IP "\fBDisplayManager.removeDomainname\fP"
-When computing the display name for XDMCP clients, the name resolver will
-typically create a fully qualified host name for the terminal.  As this is
-sometimes confusing,
-.I xdm
-will remove the domain name portion of the host name if it is the same as the
-domain name of the local host when this variable is set.  By default the
-value is ``true.''
-.IP "\fBDisplayManager.keyFile\fP"
-XDM-AUTHENTICATION-1 style XDMCP authentication requires that a private key
-be shared between
-.I xdm
-and the terminal.  This resource specifies the file containing those
-values.  Each entry in the file consists of a display name and the shared
-key.  By default,
-.I xdm
-does not include support for XDM-AUTHENTICATION-1, as it requires DES which
-is not generally distributable because of United States export restrictions.
-.IP \fBDisplayManager.accessFile\fP
-To prevent unauthorized XDMCP service and to allow forwarding of XDMCP
-IndirectQuery requests, this file contains a database of hostnames which are
-either allowed direct access to this machine, or have a list of hosts to
-which queries should be forwarded to.  The format of this file is described
-in the section
-.B "XDMCP Access Control."
-.IP \fBDisplayManager.exportList\fP
-A list of additional environment variables, separated by white space,
-to pass on to the \fIXsetup\fP,
-\fIXstartup\fP, \fIXsession\fP, and \fIXreset\fP programs.
-.IP \fBDisplayManager.randomFile\fP
-A file to checksum to generate the seed of authorization keys.
-This should be a file that changes frequently.
-The default is \fI/dev/mem\fP.
-#ifdef DEV_RANDOM
-.IP \fBDisplayManager.randomDevice\fP
-A file to read 8 bytes from to generate the seed of authorization keys.
-The default is \fI DEV_RANDOM \fP. If this file cannot be read, or if a
-read blocks for more than 5 seconds, xdm falls back to using a checksum
-of \fBDisplayManager.randomFile\fP to generate the seed.
-#endif
-#if !defined(ARC4_RANDOM)
-.IP \fBDisplayManager.prngdSocket\fP
-.IP \fBDisplayManager.prngPort\fP
-A UNIX domain socket name or a TCP socket port number on local host on
-which a Pseudo-Random Number Generator Daemon, like EGD
-(http://egd.sourceforge.net) is listening, in order to generate the
-autorization keys. Either a non null port or a valid socket name must
-be specified. The default is to use the Unix-domain socket
-\fI/tmp/entropy\fP.
-.PP
-On systems that don't have such a daemon, a fall-back entropy
-gathering system, based on various log file contents hashed by the MD5
-algorithm is used instead.
-#endif
-.IP \fBDisplayManager.greeterLib\fP
-On systems that support a dynamically-loadable greeter library, the
-name of the library.  The default is
-\fI XDMDIR/libXdmGreet.so\fP.
-.IP \fBDisplayManager.choiceTimeout\fP
-Number of seconds to wait for display to respond after user has
-selected a host from the chooser.  If the display sends an XDMCP
-IndirectQuery within this time, the request is forwarded to the chosen
-host.  Otherwise, it is assumed to be from a new session and the
-chooser is offered again.
-Default is 15.
-.IP \fBDisplayManager.sourceAddress\fP
-Use the numeric IP address of the incoming connection on multihomed hosts
-instead of the host name. This is to avoid trying to connect on the wrong
-interface which might be down at this time.
-.IP \fBDisplayManager.willing\fP
-This specifies a program which is run (as) root when an an XDMCP
-BroadcastQuery is received and this host is configured to offer XDMCP
-display management. The output of this program may be displayed on a chooser
-window.  If no program is specified, the string \fIWilling to manage\fP is
-sent.
-.PP
-.\"
-.IP "\fBDisplayManager.\fP\fIDISPLAY\fP\fB.resources\fP"
-This resource specifies the name of the file to be loaded by \fIxrdb\fP
-as the resource database onto the root window of screen 0 of the display.
-The \fIXsetup\fP program, the Login widget, and \fIchooser\fP will use
-the resources set in this file.
-This resource data base is loaded just before the authentication procedure
-is started, so it can control the appearance of the login window.  See the
-section
-.B "Authentication Widget,"
-which describes the various
-resources that are appropriate to place in this file.
-There is no default value for this resource, but
-\fI XDMDIR/Xresources\fP
-is the conventional name.
-.IP "\fBDisplayManager.\fP\fIDISPLAY\fP\fB.chooser\fP"
-Specifies the program run to offer a host menu for Indirect queries
-redirected to the special host name CHOOSER.
-\fI CHOOSERPATH \fP is the default.
-See the sections \fBXDMCP Access Control\fP and \fBChooser\fP.
-.IP "\fBDisplayManager.\fP\fIDISPLAY\fP\fB.xrdb\fP"
-Specifies the program used to load the resources.  By default,
-.I xdm
-uses \fI BINDIR/xrdb\fP.
-.IP "\fBDisplayManager.\fP\fIDISPLAY\fP\fB.cpp\fP"
-This specifies the name of the C preprocessor which is used by \fIxrdb\fP.
-.IP "\fBDisplayManager.\fP\fIDISPLAY\fP\fB.setup\fP"
-This specifies a program which is run (as root) before offering the
-Login window.  This may be used to change the appearance of the screen
-around the Login window or to put up other windows (e.g., you may want
-to run \fIxconsole\fP here).
-By default, no program is run.  The conventional name for a
-file used here is \fIXsetup\fP.
-See the section \fBSetup Program.\fP
-.IP "\fBDisplayManager.\fP\fIDISPLAY\fP\fB.startup\fP"
-This specifies a program which is run (as root) after the authentication
-process succeeds.  By default, no program is run.  The conventional name for a
-file used here is \fIXstartup\fP.
-See the section \fBStartup Program.\fP
-.IP "\fBDisplayManager.\fP\fIDISPLAY\fP\fB.session\fP"
-This specifies the session to be executed (not running as root).
-By default, \fI BINDIR/xterm\fP is
-run.  The conventional name is \fIXsession\fP.
-See the section
-.B "Session Program."
-.IP "\fBDisplayManager.\fP\fIDISPLAY\fP\fB.reset\fP"
-This specifies a program which is run (as root) after the session terminates.
-By default, no program is run.
-The conventional name is \fIXreset\fP.
-See the section
-.B "Reset Program."
-.IP "\fBDisplayManager.\fP\fIDISPLAY\fP\fB.openDelay\fP"
-.IP "\fBDisplayManager.\fP\fIDISPLAY\fP\fB.openRepeat\fP"
-.IP "\fBDisplayManager.\fP\fIDISPLAY\fP\fB.openTimeout\fP"
-.IP "\fBDisplayManager.\fP\fIDISPLAY\fP\fB.startAttempts\fP"
-These numeric resources control the behavior of
-.I xdm
-when attempting to open intransigent servers.  \fBopenDelay\fP is
-the length of the
-pause (in seconds) between successive attempts, \fBopenRepeat\fP is the
-number of attempts to make, \fBopenTimeout\fP is the amount of time
-to wait while actually
-attempting the open (i.e., the maximum time spent in the
-.IR connect (2)
-system call) and \fBstartAttempts\fP is the number of times this entire process
-is done before giving up on the server.  After \fBopenRepeat\fP attempts have been made,
-or if \fBopenTimeout\fP seconds elapse in any particular attempt,
-.I xdm
-terminates and restarts the server, attempting to connect again.
-This
-process is repeated \fBstartAttempts\fP times, at which point the display is
-declared dead and disabled.  Although
-this behavior may seem arbitrary, it has been empirically developed and
-works quite well on most systems.  The default values are
-5 for \fBopenDelay\fP, 5 for \fBopenRepeat\fP, 30 for \fBopenTimeout\fP and
-4 for \fBstartAttempts\fP.
-.IP "\fBDisplayManager.\fP\fIDISPLAY\fP\fB.pingInterval\fP"
-.IP "\fBDisplayManager.\fP\fIDISPLAY\fP\fB.pingTimeout\fP"
-To discover when remote displays disappear,
-.I xdm
-occasionally pings them, using an X connection and \fIXSync\fP
-calls.  \fBpingInterval\fP specifies the time (in minutes) between each
-ping attempt, \fBpingTimeout\fP specifies the maximum amount of time (in
-minutes) to wait for the terminal to respond to the request.  If the
-terminal does not respond, the session is declared dead and terminated.  By
-default, both are set to 5 minutes.  If you frequently use X terminals which
-can become isolated from the managing host, you may wish to increase this
-value.  The only worry is that sessions will continue to exist after the
-terminal has been accidentally disabled.
-.I xdm
-will not ping local displays.  Although it would seem harmless, it is
-unpleasant when the workstation session is terminated as a result of the
-server hanging for NFS service and not responding to the ping.
-.IP "\fBDisplayManager.\fP\fIDISPLAY\fP\fB.terminateServer\fP"
-This boolean resource specifies whether the X server should be terminated
-when a session terminates (instead of resetting it).  This option can be
-used when the server tends to grow without bound over time, in order to limit
-the amount of time the server is run.  The default value is ``false.''
-.IP "\fBDisplayManager.\fP\fIDISPLAY\fP\fB.userPath\fP"
-.I Xdm
-sets the PATH environment variable for the session to this value.  It should
-be a colon separated list of directories; see
-.IR sh (1)
-for a full description.
-The default value is derived from the default login class parameters defined in
-\fI/etc/login.conf\fP
-if available or otherwise is set to``DEF_USER_PATH''.
-.IP "\fBDisplayManager.\fP\fIDISPLAY\fP\fB.systemPath\fP"
-.I Xdm
-sets the PATH environment variable for the startup and reset scripts to the
-value of this resource.  The default for this resource is ``DEF_SYSTEM_PATH''.
-Note the absence of ``.'' from this entry.  This is a good practice to
-follow for root; it avoids many common Trojan Horse system penetration
-schemes.
-.IP "\fBDisplayManager.\fP\fIDISPLAY\fP\fB.systemShell\fP"
-.I Xdm
-sets the SHELL environment variable for the startup and reset scripts to the
-value of this resource.  It is \fI/bin/sh\fP by default.
-.IP "\fBDisplayManager.\fP\fIDISPLAY\fP\fB.failsafeClient\fP"
-If the default session fails to execute,
-.I xdm
-will fall back to this program.  This program is executed with no
-arguments, but executes using the same environment variables as
-the session would have had (see the section \fBSession Program\fP).
-By default, \fI BINDIR/xterm\fP is used.
-.IP "\fBDisplayManager.\fP\fIDISPLAY\fP\fB.grabServer\fP"
-.IP "\fBDisplayManager.\fP\fIDISPLAY\fP\fB.grabTimeout\fP"
-To improve security,
-.I xdm
-grabs the server and keyboard while reading the login name and password.
-The
-\fBgrabServer\fP resource specifies if the server should be held for the
-duration of the name/password reading.  When ``false,'' the server is ungrabbed
-after the keyboard grab succeeds, otherwise the server is grabbed until just
-before the session begins.  The default is ``false.''
-The \fBgrabTimeout\fP resource specifies the maximum time
-.I xdm
-will wait for the grab to succeed.  The grab may fail if some other
-client has the server grabbed, or possibly if the network latencies
-are very high.  This resource has a default value of 3 seconds; you
-should be cautious when raising it, as a user can be spoofed by a
-look-alike window on the display.  If the grab fails,
-.I xdm
-kills and restarts the server (if possible) and the session.
-.IP "\fBDisplayManager.\fP\fIDISPLAY\fP\fB.authorize\fP"
-.IP "\fBDisplayManager.\fP\fIDISPLAY\fP\fB.authName\fP"
-\fBauthorize\fP is a boolean resource which controls whether
-.I xdm
-generates and uses authorization for the local server connections.  If
-authorization is used, \fBauthName\fP is a list
-of authorization mechanisms to use, separated by white space.
-XDMCP connections dynamically specify which
-authorization mechanisms are supported, so
-\fBauthName\fP is ignored in this case.  When \fBauthorize\fP is set for a
-display and authorization is not available, the user is informed by having a
-different message displayed in the login widget.  By default, \fBauthorize\fP
-is ``true,''  \fBauthName\fP is ``MIT-MAGIC-COOKIE-1,'' or, if
-XDM-AUTHORIZATION-1 is available, ``XDM-AUTHORIZATION-1\0MIT-MAGIC-COOKIE-1.''
-.IP \fBDisplayManager.\fP\fIDISPLAY\fP\fB.authFile\fP
-This file is used to communicate the authorization data from
-.I xdm
-to the server, using the \fB\-auth\fP server command line option.
-It should be
-kept in a directory which is not world-writable as it could easily be
-removed, disabling the authorization mechanism in the server.
-If not specified, a name is generated from DisplayManager.authDir and
-the name of the display.
-.IP "\fBDisplayManager.\fP\fIDISPLAY\fP\fB.authComplain\fP"
-If set to ``false,'' disables the use of the \fBunsecureGreeting\fP
-in the login window.
-See the section \fBAuthentication Widget.\fP
-The default is ``true.''
-.IP "\fBDisplayManager.\fP\fIDISPLAY\fP\fB.resetSignal\fP"
-The number of the signal \fIxdm\fP sends to reset the server.
-See the section \fBControlling the Server.\fP
-The default is 1 (SIGHUP).
-.IP "\fBDisplayManager.\fP\fIDISPLAY\fP\fB.termSignal\fP"
-The number of the signal \fIxdm\fP sends to terminate the server.
-See the section \fBControlling the Server.\fP
-The default is 15 (SIGTERM).
-.IP "\fBDisplayManager.\fP\fIDISPLAY\fP\fB.resetForAuth\fP"
-The original implementation of authorization in the sample server reread the
-authorization file at server reset time, instead of when checking the
-initial connection.  As
-.I xdm
-generates the authorization information just before connecting to the
-display, an old server would not get up-to-date authorization information.
-This resource causes
-.I xdm
-to send SIGHUP to the server after setting up the file, causing an
-additional server reset to occur, during which time the new authorization
-information will be read.
-The default is ``false,'' which will work for all MIT servers.
-.IP "\fBDisplayManager.\fP\fIDISPLAY\fP\fB.userAuthDir\fP"
-When
-.I xdm
-is unable to write to the usual user authorization file ($HOME/.Xauthority),
-it creates a unique file name in this directory and points the environment
-variable XAUTHORITY at the created file.  It uses \fI/tmp\fP by default.
-.SH "CONFIGURATION FILE"
-First, the
-.I xdm
-configuration file should be set up.
-Make a directory (usually \fI XDMDIR\fP) to contain all
-of the relevant files.
-.LP
-Here is a reasonable configuration file, which could be
-named \fIxdm-config\fP:
-.nf
-
-.ta .5i 4i
-
-	DisplayManager.servers:	XDMDIR/Xservers
-	DisplayManager.errorLogFile:	XDMLOGDIR/xdm.log
-	DisplayManager*resources:	XDMDIR/Xresources
-	DisplayManager*startup:	XDMDIR/Xstartup
-	DisplayManager*session:	XDMDIR/Xsession
-	DisplayManager.pidFile:	XDMPIDDIR/xdm-pid
-	DisplayManager._0.authorize:	true
-	DisplayManager*authorize:	false
-
-.fi
-.PP
-Note that this file mostly contains references to other files.  Note also
-that some of the resources are specified with ``*'' separating the
-components.  These resources can be made unique for each different display,
-by replacing the ``*'' with the display-name, but normally this is not very
-useful.  See the \fBResources\fP section for a complete discussion.
-.SH "XDMCP ACCESS CONTROL"
-.PP
-The database file specified by the \fBDisplayManager.accessFile\fP provides
-information which
-.I xdm
-uses to control access from displays requesting XDMCP service.  This file
-contains three types of entries:  entries which control the response to
-Direct and Broadcast queries, entries which control the response to
-Indirect queries, and macro definitions.
-.PP
-The format of the Direct entries is simple, either a host name or a
-pattern, which is distinguished from a host name by the inclusion of
-one or more meta characters (`*' matches any sequence of 0 or more
-characters, and `?' matches any single character) which are compared against
-the host name of the display device.
-If the entry is a host name, all comparisons are done using
-network addresses, so any name which converts to the correct network address
-may be used.
-For patterns, only canonical host names are used
-in the comparison, so ensure that you do not attempt to match
-aliases.
-Preceding either a host name or a pattern with a `!' character
-causes hosts which
-match that entry to be excluded.
-.PP
-To only respond to Direct queries for a host or pattern,
-it can be followed by the optional ``NOBROADCAST'' keyword.
-This can be used to prevent an xdm server from appearing on
-menus based on Broadcast queries.
-.PP
-An Indirect entry also contains a host name or pattern,
-but follows it with a list of
-host names or macros to which indirect queries should be sent.
-.PP
-A macro definition contains a macro name and a list of host names and
-other macros that
-the macro expands to.  To distinguish macros from hostnames, macro
-names start with a `%' character.  Macros may be nested.
-.PP
-Indirect entries
-may also specify to have \fIxdm\fP run \fIchooser\fP to offer a menu
-of hosts to connect to.  See the section \fBChooser\fP.
-.PP
-When checking access for a particular display host, each entry is scanned in
-turn and the first matching entry determines the response.  Direct and
-Broadcast
-entries are ignored when scanning for an Indirect entry and vice-versa.
-.PP
-Blank lines are ignored, `#' is treated as a comment
-delimiter causing the rest of that line to be ignored,
-and `\e\fInewline\fP'
-causes the newline to be ignored, allowing indirect host lists to span
-multiple lines.
-.PP
-Here is an example Xaccess file:
-.LP
-.ta 2i 4i
-.nf
-XCOMM
-XCOMM Xaccess \- XDMCP access control file
-XCOMM
-
-XCOMM
-XCOMM Direct/Broadcast query entries
-XCOMM
-
-!xtra.lcs.mit.edu	# disallow direct/broadcast service for xtra
-bambi.ogi.edu	# allow access from this particular display
-*.lcs.mit.edu	# allow access from any display in LCS
-
-*.deshaw.com	NOBROADCAST	# allow only direct access
-*.gw.com			# allow direct and broadcast
-
-XCOMM
-XCOMM Indirect query entries
-XCOMM
-
-%HOSTS	expo.lcs.mit.edu xenon.lcs.mit.edu \\
-	excess.lcs.mit.edu kanga.lcs.mit.edu
-
-extract.lcs.mit.edu	xenon.lcs.mit.edu	#force extract to contact xenon
-!xtra.lcs.mit.edu	dummy	#disallow indirect access
-*.lcs.mit.edu	%HOSTS	#all others get to choose
-.fi
-.PP
-If compiled with IPv6 support, multicast address groups may also be included
-in the list of addresses indirect queries are set to.  Multicast addresses
-may be followed by an optional / character and hop count. If no hop count is
-specified, the multicast hop count defaults to 1, keeping the packet on the
-local network. For IPv4 multicasting, the hop count is used as the TTL.
-.PP
-Examples:
-.LP
-.ta 2.1i 4.5i
-.nf
-rincewind.sample.net	ff02::1	#IPv6 Multicast to ff02::1
-\&		#with a hop count of 1
-ponder.sample.net	CHOOSER 239.192.1.1/16  #Offer a menu of hosts
-\&		#who respond to IPv4 Multicast
-\&		# to 239.192.1.1 with a TTL of 16
-.fi
-.SH CHOOSER
-.PP
-For X terminals that do not offer a host menu for use with Broadcast
-or Indirect queries, the \fIchooser\fP program can do this for them.
-In the \fIXaccess\fP file, specify ``CHOOSER'' as the first entry in
-the Indirect host list.  \fIChooser\fP will send a Query request to
-each of the remaining host names in the list and offer a menu of all
-the hosts that respond.
-.PP
-The list may consist of the word ``BROADCAST,'' in which case
-\fIchooser\fP will send a Broadcast instead, again offering a menu of
-all hosts that respond.  Note that on some operating systems, UDP
-packets cannot be broadcast, so this feature will not work.
-.PP
-Example \fIXaccess\fP file using \fIchooser\fP:
-
-.nf
-extract.lcs.mit.edu	CHOOSER %HOSTS	#offer a menu of these hosts
-xtra.lcs.mit.edu	CHOOSER BROADCAST	#offer a menu of all hosts
-.fi
-.PP
-The program to use for \fIchooser\fP is specified by the
-\fBDisplayManager.\fP\fIDISPLAY\fP\fB.chooser\fP resource.  For more
-flexibility at this step, the chooser could be a shell script.
-\fIChooser\fP is the session manager here; it is run instead of a
-child \fIxdm\fP to manage the display.
-.PP
-Resources for this program
-can be put into the file named by
-\fBDisplayManager.\fP\fIDISPLAY\fP\fB.resources\fP.
-.PP
-When the user selects a host, \fIchooser\fP prints the host chosen,
-which is read by the parent \fIxdm\fP, and exits.
-\fIxdm\fP closes its connection to the X server, and the server resets
-and sends another \fBIndirect\fP XDMCP request.
-\fIxdm\fP remembers the user's choice (for
-\fBDisplayManager.choiceTimeout\fP seconds) and forwards the request
-to the chosen host, which starts a session on that display.
-.\"
-.SH LISTEN
-The following configuration directive is also defined for the Xaccess
-configuration file:
-.IP "\fBLISTEN\fP \fIinterface\fP \fI[list of multicast group addresses]\fP"
-\fIinterface\fP may be a hostname or IP addresss representing a
-network interface on this machine, or the wildcard * to represent all
-available network interfaces.
-.PP
-If one or more LISTEN lines are specified, xdm only listens for XDMCP
-connections on the specified interfaces. If multicast group addresses
-are listed on a listen line, xdm joins the multicast groups on the
-given interface.
-.PP
-If no LISTEN lines are given, the original behavior of listening on
-all interfaces is preserved for backwards compatibility.
-Additionally, if no LISTEN is specified, xdm joins the default XDMCP
-IPv6 multicast group, when compiled with IPv6 support.
-.PP
-To disable listening for XDMCP connections altogther, a line of LISTEN
-with no addresses may be specified, or the previously supported method
-of setting DisplayManager.requestPort to 0 may be used.
-.PP
-Examples:
-.ta 2i 4i
-.nf
-LISTEN * ff02::1	# Listen on all interfaces and to the
-\&	# ff02::1 IPv6 multicast group.
-LISTEN 10.11.12.13	# Listen only on this interface, as long
-\&	# as no other listen directives appear in
-\&	# file.
-.fi
-.SH "IPv6 MULTICAST ADDRESS SPECIFICATION"
-.PP
-The Internet Assigned Numbers Authority has has assigned
-ff0\fIX\fP:0:0:0:0:0:0:12b as the permanently assigned range of
-multicast addresses for XDMCP. The \fIX\fP in the prefix may be replaced
-by any valid scope identifier, such as 1 for Interface-Local, 2 for Link-Local,
-5 for Site-Local, and so on.  (See IETF RFC 4291 or its replacement for
-further details and scope definitions.)  xdm defaults to listening on the
-Link-Local scope address ff02:0:0:0:0:0:0:12b to most closely match the
-old IPv4 subnet broadcast behavior.
-.SH "LOCAL SERVER SPECIFICATION"
-.PP
-The resource \fBDisplayManager.servers\fP gives a server specification
-or, if the values starts with a slash (/), the name of a file
-containing server specifications, one per line.
-.PP
-Each specification
-indicates a display which should constantly be managed and which is
-not using XDMCP.
-This method is used typically for local servers only.  If the resource
-or the file named by the resource is empty, \fIxdm\fP will offer XDMCP
-service only.
-.PP
-Each specification consists of at least three parts:  a display
-name, a display class, a display type, and (for local servers) a command
-line to start the server.  A typical entry for local display number 0 would
-be:
-.nf
-
-  :0 Digital-QV local BINDIR/X :0
-
-.fi
-The display types are:
-.ta 1i
-.nf
-
-local		local display: \fIxdm\fP must run the server
-foreign		remote display: \fIxdm\fP opens an X connection to a running server
-
-.fi
-.PP
-The display name must be something that can be passed in the \fB\-display\fP
-option to an X program.  This string is used to generate the display-specific
-resource names, so be careful to match the
-names (e.g., use ``:0 Sun-CG3 local BINDIR/X :0'' instead of
-``localhost:0 Sun-CG3 local BINDIR/X :0''
-if your other resources are specified as
-``DisplayManager._0.session'').  The display class portion is also used in the
-display-specific resources, as the class of the resource.  This is
-useful if you have a large collection of similar displays (such as a corral of
-X terminals) and would like to set resources for groups of them.  When using
-XDMCP, the display is required to specify the display class, so the manual
-for your particular X terminal should document the display class
-string for your device.  If it doesn't, you can run
-.I xdm
-in debug mode and
-look at the resource strings which it generates for that device, which will
-include the class string.
-.PP
-When \fIxdm\fP starts a session, it sets up authorization data for the
-server.  For local servers, \fIxdm\fP passes
-``\fB\-auth\fP \fIfilename\fP'' on the server's command line to point
-it at its authorization data.
-For XDMCP servers, \fIxdm\fP passes the
-authorization data to the server via the \fBAccept\fP XDMCP request.
-.SH RESOURCES FILE
-The \fIXresources\fP file is
-loaded onto the display as a resource database using
-.I xrdb.
-As the authentication
-widget reads this database before starting up, it usually contains
-parameters for that widget:
-.nf
-.ta .5i 1i
-
-	xlogin*login.translations: #override\\
-		Ctrl<Key>R: abort-display()\\n\\
-		<Key>F1: set-session-argument(failsafe) finish-field()\\n\\
-		<Key>Return: set-session-argument() finish-field()
-	xlogin*borderWidth: 3
-	xlogin*greeting: CLIENTHOST
-\&	#ifdef COLOR
-	xlogin*greetColor: CadetBlue
-	xlogin*failColor: red
-\&	#endif
-
-.fi
-.PP
-Please note the translations entry; it specifies
-a few new translations for the widget which allow users to escape from the
-default session (and avoid troubles that may occur in it).  Note that if
-\&#override is not specified, the default translations are removed and replaced
-by the new value, not a very useful result as some of the default translations
-are quite useful (such as ``<Key>: insert-char ()'' which responds to normal
-typing).
-.PP
-This file may also contain resources for the setup program and \fIchooser\fP.
-.SH "SETUP PROGRAM"
-The \fIXsetup\fP file is run after
-the server is reset, but before the Login window is offered.
-The file is typically a shell script.
-It is run as root, so should be careful about security.
-This is the place to change the root background or bring up other
-windows that should appear on the screen along with the Login widget.
-.PP
-In addition to any specified by \fBDisplayManager.exportList\fP,
-the following environment variables are passed:
-.nf
-.ta .5i 2i
-
-	DISPLAY	the associated display name
-	PATH	the value of \fBDisplayManager.\fP\fIDISPLAY\fP\fB.systemPath\fP
-	SHELL	the value of \fBDisplayManager.\fP\fIDISPLAY\fP\fB.systemShell\fP
-	XAUTHORITY	may be set to an authority file
-.fi
-.PP
-Note that since \fIxdm\fP grabs the keyboard, any other windows will not be
-able to receive keyboard input.  They will be able to interact with
-the mouse, however; beware of potential security holes here.
-If \fBDisplayManager.\fP\fIDISPLAY\fP\fB.grabServer\fP is set,
-\fIXsetup\fP will not be able to connect
-to the display at all.
-Resources for this program
-can be put into the file named by
-\fBDisplayManager.\fP\fIDISPLAY\fP\fB.resources\fP.
-.PP
-Here is a sample \fIXsetup\fP script:
-.nf
-
-\&	#!/bin/sh
-\&	# Xsetup_0 \- setup script for one workstation
-	xcmsdb < XDMDIR/monitors/alex.0
-	xconsole\0\-geometry\0480x130\-0\-0\0\-notify\0\-verbose\0\-exitOnFail &
-
-.fi
-.SH "AUTHENTICATION WIDGET"
-The authentication widget prompts the user for the username, password, and/or
-other required authentication data from the keyboard.  Nearly every imaginable
-parameter can be controlled with a resource.  Resources for this widget
-should be put into the file named by
-\fBDisplayManager.\fP\fIDISPLAY\fP\fB.resources\fP.  All of these have reasonable
-default values, so it is not necessary to specify any of them.
-.PP
-The resource file is loaded with
-.IR xrdb (__appmansuffix__)
-so it may use the substitutions defined by that program such as CLIENTHOST
-for the client hostname in the login message, or C pre-processor #ifdef
-statements to produce different displays depending on color depth or other
-variables.
-.PP
-.I Xdm
-can be compiled with support for the
-.IR Xft (__libmansuffix__)
-library for font rendering.   If this support is present, font faces are
-specified using the resources with names ending in ``face'' in the
-fontconfig face format described in the
-.I Font Names
-section of
-.IR fonts.conf (__filemansuffix__).
-If not, then fonts are specified using the resources with names ending
-in ``font'' in the traditional
-.I X Logical Font Description
-format described in the
-.I Font Names
-section of
-.IR X (__miscmansuffix__).
-.IP "\fBxlogin.Login.width, xlogin.Login.height, xlogin.Login.x, xlogin.Login.y\fP"
-The geometry of the Login widget is normally computed automatically.  If you
-wish to position it elsewhere, specify each of these resources.
-.IP "\fBxlogin.Login.foreground\fP"
-The color used to display the input typed by the user.
-.IP "\fBxlogin.Login.face\fP"
-The face used to display the input typed by the user when built with Xft
-support.  The default is ``Serif-18''.
-.IP "\fBxlogin.Login.font\fP"
-The font used to display the input typed by the user when not built with Xft
-support.
-.IP "\fBxlogin.Login.greeting\fP"
-A string which identifies this window.
-The default is ``X Window System.''
-.IP "\fBxlogin.Login.unsecureGreeting\fP"
-When X authorization is requested in the configuration file for this
-display and none is in use, this greeting replaces the standard
-greeting.  The default is ``This is an unsecure session''
-.IP "\fBxlogin.Login.greetFace\fP"
-The face used to display the greeting when built with Xft support.
-The default is ``Serif-24:italic''.
-.IP "\fBxlogin.Login.greetFont\fP"
-The font used to display the greeting when not built with Xft support.
-.IP "\fBxlogin.Login.greetColor\fP"
-The color used to display the greeting.
-.IP "\fBxlogin.Login.namePrompt\fP"
-The string displayed to prompt for a user name.
-.I Xrdb
-strips trailing white space from resource values, so to add spaces at
-the end of the prompt (usually a nice thing), add spaces escaped with
-backslashes.  The default is ``Login:  ''
-.IP "\fBxlogin.Login.passwdPrompt\fP"
-The string displayed to prompt for a password, when not using an authentication
-system such as PAM that provides its own prompts.
-The default is ``Password:  ''
-.IP "\fBxlogin.Login.promptFace\fP"
-The face used to display prompts when built with Xft support.
-The default is ``Serif-18:bold''.
-.IP "\fBxlogin.Login.promptFont\fP"
-The font used to display prompts when not built with Xft support.
-.IP "\fBxlogin.Login.promptColor\fP"
-The color used to display prompts.
-.IP "\fBxlogin.Login.changePasswdMessage\fP"
-A message which is displayed when the users password has expired.
-The default is ``Password Change Required''
-.IP "\fBxlogin.Login.fail\fP"
-A message which is displayed when the authentication fails, when not using an
-authentication system such as PAM that provides its own prompts.
-The default is ``Login incorrect''
-.IP "\fBxlogin.Login.failFace\fP"
-The face used to display the failure message when built with Xft support.
-The default is ``Serif-18:bold''.
-.IP "\fBxlogin.Login.failFont\fP"
-The font used to display the failure message when not built with Xft support.
-.IP "\fBxlogin.Login.failColor\fP"
-The color used to display the failure message.
-.IP "\fBxlogin.Login.failTimeout\fP"
-The number of seconds that the failure message is displayed.
-The default is 10.
-.IP "\fBxlogin.Login.logoFileName\fP"
-Name of an XPM format pixmap to display in the greeter window, if built with
-XPM support.   The default is no pixmap.
-.IP "\fBxlogin.Login.logoPadding\fP"
-Number of pixels of space between the logo pixmap and other elements of the
-greeter window, if the pixmap is displayed.
-The default is 5.
-.IP "\fBxlogin.Login.useShape\fP"
-If set to ``true'', when built with XPM support, attempt to use the
-X Non-Rectangular Window Shape Extension to set the window shape.
-The default is ``true''.
-.IP "\fBxlogin.Login.hiColor\fP, \fBxlogin.Login.shdColor\fP"
-Raised appearance bezels may be drawn around
-the greeter frame and text input boxes by setting these resources.  hiColor
-is the highlight color, used on the top and left sides of the frame, and the
-bottom and right sides of text input areas.   shdColor is the shadow color,
-used on the bottom and right sides of the frame, and the top and left sides
-of text input areas.
-The default for both is the foreground color, providing a flat appearance.
-.IP "\fBxlogin.Login.frameWidth\fP"
-frameWidth is the width in pixels of the area
-around the greeter frame drawn in hiColor and shdColor.
-.IP "\fBxlogin.Login.innerFramesWidth\fP"
-innerFramesWidth is the width in pixels of the
-area around text input areas drawn in hiColor and shdColor.
-.IP "\fBxlogin.Login.sepWidth\fP"
-sepWidth is the width in pixels of the
-bezeled line between the greeting and input areas
-drawn in hiColor and shdColor.
-.IP "\fBxlogin.Login.allowRootLogin\fP"
-If set to ``false'', don't allow root (and any other user with uid = 0) to
-log in directly.
-The default is ``true''.
-.IP "\fBxlogin.Login.allowNullPasswd\fP"
-If set to ``true'', allow an otherwise failing password match to succeed
-if the account does not require a password at all.
-The default is ``false'', so only users that have passwords assigned can
-log in.
-.IP "\fBxlogin.Login.translations\fP"
-This specifies the translations used for the login widget.  Refer to the X
-Toolkit documentation for a complete discussion on translations.  The default
-translation table is:
-.nf
-.ta .5i 2i
-
-	Ctrl<Key>H:	delete-previous-character() \\n\\
-	Ctrl<Key>D:	delete-character() \\n\\
-	Ctrl<Key>B:	move-backward-character() \\n\\
-	Ctrl<Key>F:	move-forward-character() \\n\\
-	Ctrl<Key>A:	move-to-begining() \\n\\
-	Ctrl<Key>E:	move-to-end() \\n\\
-	Ctrl<Key>K:	erase-to-end-of-line() \\n\\
-	Ctrl<Key>U:	erase-line() \\n\\
-	Ctrl<Key>X:	erase-line() \\n\\
-	Ctrl<Key>C:	restart-session() \\n\\
-	Ctrl<Key>\\\\:	abort-session() \\n\\
-	<Key>BackSpace:	delete-previous-character() \\n\\
-	<Key>Delete:	delete-previous-character() \\n\\
-	<Key>Return:	finish-field() \\n\\
-	<Key>:	insert-char() \\
-
-.fi
-.PP
-The actions which are supported by the widget are:
-.IP "delete-previous-character"
-Erases the character before the cursor.
-.IP "delete-character"
-Erases the character after the cursor.
-.IP "move-backward-character"
-Moves the cursor backward.
-.IP "move-forward-character"
-Moves the cursor forward.
-.IP "move-to-begining"
-(Apologies about the spelling error.)
-Moves the cursor to the beginning of the editable text.
-.IP "move-to-end"
-Moves the cursor to the end of the editable text.
-.IP "erase-to-end-of-line"
-Erases all text after the cursor.
-.IP "erase-line"
-Erases the entire text.
-.IP "finish-field"
-If the cursor is in the name field, proceeds to the password field; if the
-cursor is in the password field, checks the current name/password pair.  If
-the name/password pair is valid, \fIxdm\fP
-starts the session.  Otherwise the failure message is displayed and
-the user is prompted again.
-.IP "abort-session"
-Terminates and restarts the server.
-.IP "abort-display"
-Terminates the server, disabling it.  This action
-is not accessible in the default configuration.
-There are various reasons to stop \fIxdm\fP on a system console, such as
-when shutting the system down, when using \fIxdmshell\fP,
-to start another type of server, or to generally access the console.
-Sending \fIxdm\fP a SIGHUP will restart the display.  See the section
-\fBControlling XDM\fP.
-.IP "restart-session"
-Resets the X server and starts a new session.  This can be used when
-the resources have been changed and you want to test them or when
-the screen has been overwritten with system messages.
-.IP "insert-char"
-Inserts the character typed.
-.IP "set-session-argument"
-Specifies a single word argument which is passed to the session at startup.
-See the section \fBSession Program\fP.
-.IP "allow-all-access"
-Disables access control in the server.  This can be used when
-the .Xauthority file cannot be created by
-.I xdm.
-Be very careful using this;
-it might be better to disconnect the machine from the network
-before doing this.
-.PP
-On some systems (OpenBSD) the user's shell must be listed in
-.I /etc/shells
-to allow login through xdm. The normal password and account expiration
-dates are enforced too.
-.SH "STARTUP PROGRAM"
-.PP
-The \fIXstartup\fP program is run as
-root when the user logs in.
-It is typically a shell script.
-Since it is run as root, \fIXstartup\fP should be
-very careful about security.  This is the place to put commands which add
-entries to \fIutmp\fP or \fIwtmp\fP files,
-(the \fIsessreg\fP program may be useful here),
-mount users' home directories from file servers,
-or abort the session if logins are not
-allowed.
-.PP
-In addition to any specified by \fBDisplayManager.exportList\fP,
-the following environment variables are passed:
-.nf
-.ta .5i 2i
-
-	DISPLAY	the associated display name
-	HOME	the initial working directory of the user
-	LOGNAME	the user name
-	USER	the user name
-	PATH	the value of \fBDisplayManager.\fP\fIDISPLAY\fP\fB.systemPath\fP
-	SHELL	the value of \fBDisplayManager.\fP\fIDISPLAY\fP\fB.systemShell\fP
-	XAUTHORITY	may be set to an authority file
-	WINDOWPATH	may be set to the "window path" leading to the X server
-
-.fi
-.PP
-No arguments are passed to the script.
-.I Xdm
-waits until this script exits before starting the user session.  If the
-exit value of this script is non-zero,
-.I xdm
-discontinues the session and starts another authentication
-cycle.
-.PP
-The sample \fIXstartup\fP file shown here prevents login while the
-file \fI/etc/nologin\fP
-exists.
-Thus this is not a complete example, but
-simply a demonstration of the available functionality.
-.PP
-Here is a sample \fIXstartup\fP script:
-.nf
-.ta .5i 1i
-
-\&	#!/bin/sh
-\&	#
-\&	# Xstartup
-\&	#
-\&	# This program is run as root after the user is verified
-\&	#
-	if [ \-f /etc/nologin ]; then
-		xmessage\0\-file /etc/nologin\0\-timeout 30\0\-center
-		exit 1
-	fi
-	sessreg\0\-a\0\-l $DISPLAY\0\-x XDMDIR/Xservers $LOGNAME
-	XDMDIR/GiveConsole
-	exit 0
-.fi
-.SH "SESSION PROGRAM"
-.PP
-The \fIXsession\fP program is the command which is run as the user's session.
-It is run with
-the permissions of the authorized user.
-.PP
-In addition to any specified by \fBDisplayManager.exportList\fP,
-the following environment variables are passed:
-.nf
-.ta .5i 2i
-
-	DISPLAY	the associated display name
-	HOME	the initial working directory of the user
-	LOGNAME	the user name
-	USER	the user name
-	PATH	the value of \fBDisplayManager.\fP\fIDISPLAY\fP\fB.userPath\fP
-	SHELL	the user's default shell (from \fIgetpwnam\fP)
-	XAUTHORITY	may be set to a non-standard authority file
-	KRB5CCNAME	may be set to a Kerberos credentials cache name
-	WINDOWPATH	may be set to the "window path" leading to the X server
-
-.fi
-.PP
-At most installations, \fIXsession\fP should look in $HOME for
-a file \fI\.xsession,\fP
-which contains commands that each user would like to use as a session.
-\fIXsession\fP should also
-implement a system default session if no user-specified session exists.
-.PP
-An argument may be passed to this program from the authentication widget
-using the `set-session-argument' action.  This can be used to select
-different styles of session.  One good use of this feature is to allow
-the user to escape from the ordinary session when it fails.  This
-allows users to repair their own \fI.xsession\fP if it fails,
-without requiring administrative intervention.
-The example following
-demonstrates this feature.
-.PP
-This example recognizes
-the special
-``failsafe'' mode, specified in the translations
-in the \fIXresources\fP file, to provide an escape
-from the ordinary session.  It also requires that the .xsession file
-be executable so we don't have to guess what shell it wants to use.
-.nf
-.ta .5i 1i 1.5i
-
-\&	#!/bin/sh
-\&	#
-\&	# Xsession
-\&	#
-\&	# This is the program that is run as the client
-\&	# for the display manager.
-
-	case $# in
-	1)
-		case $1 in
-		failsafe)
-			exec xterm \-geometry 80x24\-0\-0
-			;;
-		esac
-	esac
-
-	startup=$HOME/.xsession
-	resources=$HOME/.Xresources
-
-	if [ \-f "$startup" ]; then
-		exec "$startup"
-	else
-		if [ \-f "$resources" ]; then
-			xrdb \-load "$resources"
-		fi
-		twm &
-		xman \-geometry +10\-10 &
-		exec xterm \-geometry 80x24+10+10 \-ls
-	fi
-
-.fi
-.PP
-The user's \fI.xsession\fP file might look something like this
-example.  Don't forget that the file must have execute permission.
-.nf
-\&	#! /bin/csh
-\&	# no \-f in the previous line so .cshrc gets run to set $PATH
-	twm &
-	xrdb \-merge "$HOME/.Xresources"
-	emacs \-geometry +0+50 &
-	xbiff \-geometry \-430+5 &
-	xterm \-geometry \-0+50 -ls
-.fi
-.SH "RESET PROGRAM"
-.PP
-Symmetrical with \fIXstartup\fP,
-the \fIXreset\fP script is run after the user session has
-terminated.  Run as root, it should contain commands that undo
-the effects of commands in \fIXstartup,\fP updating entries
-in \fIutmp\fP or \fIwtmp\fP files,
-or unmounting directories from file servers.  The environment
-variables that were passed to \fIXstartup\fP are also
-passed to \fIXreset\fP.
-.PP
-A sample \fIXreset\fP script:
-.nf
-.ta .5i 1i
-\&	#!/bin/sh
-\&	#
-\&	# Xreset
-\&	#
-\&	# This program is run as root after the session ends
-\&	#
-	sessreg\0\-d\0\-l $DISPLAY\0\-x XDMDIR/Xservers $LOGNAME
-	XDMDIR/TakeConsole
-	exit 0
-.fi
-.SH "CONTROLLING THE SERVER"
-.I Xdm
-controls local servers using POSIX signals.  SIGHUP is expected to reset the
-server, closing all client connections and performing other cleanup
-duties.  SIGTERM is expected to terminate the server.
-If these signals do not perform the expected actions,
-the resources \fBDisplayManager.\fP\fIDISPLAY\fP\fB.resetSignal\fP and
-\fBDisplayManager.\fP\fIDISPLAY\fP\fB.termSignal\fP can specify alternate signals.
-.PP
-To control remote terminals not using XDMCP,
-.I xdm
-searches the window hierarchy on the display and uses the protocol request
-KillClient in an attempt to clean up the terminal for the next session.  This
-may not actually kill all of the clients, as only those which have created
-windows will be noticed.  XDMCP provides a more sure mechanism; when
-.I xdm
-closes its initial connection, the session is over and the terminal is
-required to close all other connections.
-.SH "CONTROLLING XDM"
-.PP
-.I Xdm
-responds to two signals: SIGHUP and SIGTERM.  When sent a SIGHUP,
-.I xdm
-rereads the configuration file, the access control file, and the servers
-file.  For the servers file, it notices if entries have been added or
-removed.  If a new entry has been added,
-.I xdm
-starts a session on the associated display.  Entries which have been removed
-are disabled immediately, meaning that any session in progress will be
-terminated without notice and no new session will be started.
-.PP
-When sent a SIGTERM,
-.I xdm
-terminates all sessions in progress and exits.  This can be used when
-shutting down the system.
-.PP
-.I Xdm
-attempts to mark its various sub-processes for
-.IR ps (1)
-by editing the
-command line argument list in place.  Because
-.I xdm
-can't allocate additional
-space for this task, it is useful to start
-.I xdm
-with a reasonably long
-command line (using the full path name should be enough).
-Each process which is
-servicing a display is marked \fB\-\fP\fIdisplay.\fP
-.SH "ADDITIONAL LOCAL DISPLAYS"
-.PP
-To add an additional local display, add a line for it to the
-\fIXservers\fP file.
-(See the section \fBLocal Server Specification\fP.)
-.PP
-Examine the display-specific resources in \fIxdm-config\fP
-(e.g., \fBDisplayManager._0.authorize\fP)
-and consider which of them should be copied for the new display.
-The default \fIxdm-config\fP has all the appropriate lines for
-displays \fB:0\fP and \fB:1\fP.
-.SH "OTHER POSSIBILITIES"
-.PP
-You can use \fIxdm\fP
-to run a single session at a time, using the 4.3 \fIinit\fP
-options or other suitable daemon by specifying the server on the command
-line:
-.nf
-.ta .5i
-
-	xdm \-server \(lq:0 SUN-3/60CG4 local BINDIR/X :0\(rq
-
-.fi
-.PP
-Or, you might have a file server and a collection of X terminals.  The
-configuration for this is identical to the sample above,
-except the \fIXservers\fP file would look like
-.nf
-.ta .5i
-
-	extol:0 VISUAL-19 foreign
-	exalt:0 NCD-19 foreign
-	explode:0 NCR-TOWERVIEW3000 foreign
-
-.fi
-.PP
-This directs
-.I xdm
-to manage sessions on all three of these terminals.  See the section
-\fBControlling Xdm\fP for a description of using signals to enable
-and disable these terminals in a manner reminiscent of
-.IR init (__adminmansuffix__).
-.SH LIMITATIONS
-One thing that
-.I xdm
-isn't very good at doing is coexisting with other window systems.  To use
-multiple window systems on the same hardware, you'll probably be more
-interested in
-.I xinit.
-.SH FILES
-.TP 20
-.I XDMDIR/xdm-config
-the default configuration file
-.TP 20
-.I $HOME/.Xauthority
-user authorization file where \fIxdm\fP stores keys for clients to read
-.TP 20
-.I CHOOSERPATH
-the default chooser
-.TP 20
-.I BINDIR/xrdb
-the default resource database loader
-.TP 20
-.I BINDIR/X
-the default server
-.TP 20
-.I BINDIR/xterm
-the default session program and failsafe client
-.TP 20
-.I XDMXAUTHDIR/A<display>\-<suffix>
-the default place for authorization files
-.TP 20
-.I /tmp/K5C<display>
-Kerberos credentials cache
-.SH "SEE ALSO"
-.IR X (__miscmansuffix__),
-.IR xinit (__appmansuffix__),
-.IR xauth (__appmansuffix__),
-.IR xrdb (__appmansuffix__),
-.IR Xsecurity (__miscmansuffix__),
-.IR sessreg (__appmansuffix__),
-.IR Xserver (__appmansuffix__),
-.\" .IR chooser (__appmansuffix__), \" except that there isn't a manual for it yet
-.\" .IR xdmshell (__appmansuffix__), \" except that there isn't a manual for it yet
-.IR fonts.conf (__filemansuffix__),
-.IR login.conf (__filemansuffix__).
-.br
-.I "X Display Manager Control Protocol"
-.br
-.RI "IETF RFC 4291: " "IP Version 6 Addressing Architecture" .
-.SH AUTHOR
-Keith Packard, MIT X Consortium