Re: [gdm-list] remote manager (XDMCP) on Suse

["dave stern - e-mail.pluribus.unum" <dit dash gmail com>]

Thanks. I have the extra menu option now but when I select xdmcp, I get an
Xrefresh (cursor becomes clock and large X) then the screen goes back to
the original login.

In /var/log/gdm, I see an entry implying that the X command is incorrect
Unrecognized options: 0
use ... (output from X --help)

In /var/log/messages, I see the command was
/usr/X11R6/in/X :0 0 -auth /var/gdm:0.Xauth
   Note the extra 0 ^
Where else could the X command be defined besides gdm.conf?

Here's my gdm.conf


# GDM Configuration file.  You can use gdmsetup program to graphically
# edit this, or you can optionally just edit this file by hand.  Note that
# gdmsetup does not tweak every option here, just the ones most users
# would care about.  Rest is for special setups and distro specific
# tweaks.  If you edit this file, you should send the HUP or USR1 signal to
# the daemon so that it restarts: (Assuming you have not changed PidFile)
#   kill -USR1 `cat /var/run/gdm.pid`
# (HUP will make gdm restart immediately while USR1 will make gdm not kill
# existing sessions and will only restart gdm after all users log out)
#
# You can also use the gdm-restart and gdm-safe-restart scripts which just
# do the above for you.
#
# For full reference documentation see the gnome help browser under
# GNOME|System category.  You can also find the docs in HTML form
# on http://www.jirka.org/gdm.html
#
# NOTE: Some of these are commented out but still show their default values.
# If you wish to change them you must remove the '#' from the beginning of
# the line.  The commented out lines are lines where the default might
# change in the future, so set them one way or another if you feel
# strongly about it.
#
# Have fun! - George

[daemon]
# Automatic login, if true the first local screen will automatically logged
# in as user as set with AutomaticLogin key.
AutomaticLoginEnable=false
AutomaticLogin=

# Timed login, useful for kiosks.  Log in a certain user after a certain
# amount of time
TimedLoginEnable=false
TimedLogin=
TimedLoginDelay=30

# The gdm configuration program that is run from the login screen, you should
# probably leave this alone
Configurator=/usr/bin/gdmsetup --disable-sound --disable-crash-dialog
# The chooser program.  Must output the chosen host on stdout, probably you
# should leave this alone
Chooser=/usr/bin/gdmchooser
# Greeter for local (non-xdmcp) logins.  Change gdmlogin to gdmgreeter to
# get the new graphical greeter.
Greeter=/usr/bin/gdmgreeter
# Greeter for xdmcp logins, usually you want a less graphically intensive
# greeter here so it's better to leave this with gdmlogin
RemoteGreeter=/usr/bin/gdmlogin
# Launch the greeter with an additional list of colon seperated gtk
# modules. This is useful for enabling additional feature support
# e.g. gnome accessibility framework. Only "trusted" modules should
# be allowed to minimise security holes
#AddGtkModules=false
# By default these are the accessibility modules
#GtkModulesList=gail:atk-bridge:dwellmouselistener:keymouselistener

# Default path to set.  The profile scripts will likely override this
DefaultPath=/bin:/usr/bin:/usr/bin/X11:/usr/X11R6/bin:/usr/local/bin:/opt/X11R6/bin:/usr/bin
# Default path for root.  The profile scripts will likely override this
#RootPath=/sbin:/usr/sbin:/bin:/usr/bin:/usr/bin/X11:/usr/X11R6/bin:/usr/local/bin:/opt/X11R6/bin:/usr/bin

# If you are having trouble with using a single server for a long time and
# want gdm to kill/restart the server, turn this on
AlwaysRestartServer=false

# User and group that gdm should run as.  Probably should be gdm and gdm and
# you should create these user and group.  Anyone found running this as
# someone too privilaged will get a kick in the ass.  This should have
# access to only the gdm directories and files.
User=gdm
Group=gdm
# To try to kill all clients started at greeter time or in the Init script.
# doesn't always work, only if those clients have a window of their own
#KillInitClients=true
LogDir=/var/log/gdm
# You should probably never change this value unless you have a weird setup
PidFile=/var/run/gdm.pid
# Note that a post login script is run before a PreSession script.
# It is run after the login is successful and before any setup is
# run on behalf of the user
PostLoginScriptDir=/etc/X11/gdm/SunRayPostLogin/
PreSessionScriptDir=/etc/X11/gdm/SunRayPreSession/
PostSessionScriptDir=/etc/X11/gdm/SunRayPostSession/
DisplayInitDir=/etc/X11/gdm/SunRayInit
# Distributions:  If you have some script that runs an X server in say
# VGA mode, allowing a login, could you please send it to me?
FailsafeXServer=
# if X keeps crashing on us we run this script.  The default one does a bunch
# of cool stuff to figure out what to tell the user and such and can
# run an X configuration program.
XKeepsCrashing=/bin/true
# Reboot, Halt and suspend commands, you can add different commands
# separated by a semicolon and gdm will use the first one it can find
RebootCommand=/bin/false
HaltCommand=/bin/false
SuspendCommand=/bin/false
# Probably should not touch the below this is the standard setup
ServAuthDir=/var/gdm
# This is our standard startup script.  A bit different from a normal
# X session, but it shares a lot of stuff with that.  See the provided
# default for more information.
BaseXsession=/etc/X11/gdm/Xsession
# This is a directory where .desktop files describing the sessions live
# It is really a PATH style variable since 2.4.4.2 to allow actual
# interoperability with KDM
#SessionDesktopDir=/etc/X11/sessions/:/etc/X11/dm/Sessions/:/usr/share/xsessions/
# This is the default .desktop session.  One of the ones in SessionDesktopDir
#DefaultSession=gnome.desktop
# Better leave this blank and HOME will be used.  You can use syntax ~/ below
# to indicate home directory of the user.  You can also set this to something
# like /tmp if you don't want the authorizations to be in home directories.
# This is useful if you have NFS mounted home directories.  Note that if this
# is the home directory the UserAuthFBDir will still be used in case the home
# directory is NFS, see security/NeverPlaceCookiesOnNFS to override
this behaviour.
UserAuthDir=
# Fallback if home directory not writable
UserAuthFBDir=/tmp
UserAuthFile=.Xauthority
# The X server to use if we can't figure out what else to run.
StandardXServer=/usr/X11R6/bin/X
# The maximum number of flexible X servers to run.
FlexibleXServers=0
# the X nest command
Xnest=/usr/X11R6/bin/Xnest -audit 0 -name Xnest
# Automatic VT allocation.  Right now only works on Linux.  This way
# we force X to use specific vts.  turn VTAllocation to false if this
# is causing problems.
#FirstVT=7
VTAllocation=false
# Should double login be treated with a warning (and possibility to change
# vts on linux systems for console logins)
#DoubleLoginWarning=true

[security]
# If any distributions ship with this one off, they should be shot
# this is only local, so it's only for say kiosk use, when you
# want to minimize possibility of breakin
AllowRoot=true
# If you want to be paranoid, turn this one off
AllowRemoteRoot=true
# This will allow remote timed login
AllowRemoteAutoLogin=false
# 0 is the most anal, 1 allows group write permissions, 2 allows all write
# permissions
RelaxPermissions=0
# Number of seconds to wait after a bad login
RetryDelay=3
# Maximum size of a file we wish to read.  This makes it hard for a user to DoS
# us by using a large file.
UserMaxFile=65536
# If true this will basically append -nolisten tcp to every X command line,
# a good default to have (why is this a "negative" setting? because if
# it is false, you could still not allow it by setting command line of
# any particular server).  It's probably better to ship with this on
# since most users will not need this and it's more of a security risk
# then anything else.
# Note: Anytime we find a -query or -indirect on the command line we do
# not add a "-nolisten tcp", as then the query just wouldn't work, so
# this setting only affects truly local sessions.
DisallowTCP=false
# By default never place cookies if we "detect" NFS.  We detect NFS
# by detecting "root-squashing".  It seems bad practice to place
# cookies on things that go over the network by default and thus we
# don't do it by default.  Sometimes you can however use safe remote
# filesystems where this is OK and you may want to have the cookie in your
# home directory.
#NeverPlaceCookiesOnNFS=true

# XDMCP is the protocol that allows remote login.  If you want to log into
# gdm remotely (I'd never turn this on on open network, use ssh for such
# remote usage that).  You can then run X with -query <thishost> to log in,
# or -indirect <thishost> to run a chooser.  Look for the 'Terminal' server
# type at the bottom of this config file.
[xdmcp]
# Distributions: Ship with this off.  It is never a safe thing to leave
# out on the net.  Setting up /etc/hosts.allow and /etc/hosts.deny to only
# allow local access is another alternative but not the safest.
# Firewalling port 177 is the safest if you wish to have xdmcp on.
# Read the manual for more notes on the security of XDMCP.
Enable=true
# Honour indirect queries, we run a chooser for these, and then redirect
# the user to the chosen host.  Otherwise we just log the user in locally.
HonorIndirect=true
# Maximum pending requests
#MaxPending=4
#MaxPendingIndirect=4
# Maximum open XDMCP sessions at any point in time
#MaxSessions=16
# Maximum wait times
#MaxWait=15
#MaxWaitIndirect=15
# How many times can a person log in from a single host.  Usually better to
# keep low to fend off DoS attacks by running many logins from a single
# host.  This is now set at 2 since if the server crashes then gdm doesn't
# know for some time and wouldn't allow another session.
#DisplaysPerHost=2
# The number of seconds after which a non-responsive session is logged off.
# Better keep this low.
#PingIntervalSeconds=15
# The port.  177 is the standard port so better keep it that way
#Port=177
# Willing script, none is shipped and by default we'll send
# hostname system id.  But if you supply something here, the
# output of this script will be sent as status of this host so that
# the chooser can display it.  You could for example send load,
# or mail details for some user, or some such.
Willing=/etc/X11/xdm/Xwilling

[gui]
# The 'theme'.  By default we're using the default gtk theme
# Of course assuming that gtk got installed in the same prefix,
# if not change this.
# NOTE - the next line is modified by the specfile.src in
# src/pkg/gdm for suse/jds. Know what you are doing before changing.
GtkRC=/usr/share/themes/Bluecurve/gtk-2.0/gtkrc
# Maximum size of an icon, larger icons are scaled down
#MaxIconWidth=128
#MaxIconHeight=128

[greeter]
# Greeter has a nice title bar that the user can move
TitleBar=false
# Configuration is available from the system menu of the greeter
ConfigAvailable=true
# Face browser is enabled.  This only works currently for the
# standard greeter as it is not yet enabled in the graphical greeter.
Browser=false
# The default picture in the browser
DefaultFace=/usr/share/pixmaps/nobody.png
# These are things excluded from the face browser, not from logging in
Exclude=bin,daemon,adm,lp,sync,shutdown,halt,mail,news,uucp,operator,nobody,gdm,postgres,pvm,rpm,nfsnobody,pcap
# As an alternative to the above this is the minimum uid to show
#MinimalUID=100
# If user or user.png exists in this dir it will be used as his picture
GlobalFaceDir=/usr/share/faces/
# File which contains the locale we show to the user.  Likely you want to use
# the one shipped with gdm and edit it.  It is not a standard locale.alias file,
# although gdm will be able to read a standard locale.alias file as well.
LocaleFile=/etc/X11/gdm/locale.alias
# Logo shown in the standard greeter
Logo=
# The standard greeter should shake if a user entered the wrong username or
# password.  Kind of cool looking
Quiver=true
# The Actions menu (formerly system menu) is shown in the greeter, this is the
# menu that contains reboot, shutdown, suspend, config and chooser.  None of
# these is available if this is off.  They can be turned off individually
# however
SystemMenu=true
# Should the chooser button be shown.  If this is shown, GDM can drop into
# chooser mode which will run the xdmcp chooser locally and allow the user
# to connect to some remote host.  Local XDMCP does not need to be enabled
# however
ChooserButton=true
DefaultWelcome=true
DefaultRemoteWelcome=true
# Note to distributors, if you wish to have a different Welcome string
# and wish to have this translated you can have entries such as
# Welcome[cs]=Vitejte na %n
# Just make sure the string is in utf-8
# Welcome is for all console logins and RemoteWelcome is for remote logins
# (through XDMCP).
# The default entries that are shipped are translated inside genius and
# are as follows:
Welcome=Hi there
RemoteWelcome=Welcome to Remote host %n
# Don't allow user to move the standard greeter window.  Only makes sense
# if TitleBar is on
LockPosition=true
# Set a position rather then just centering the window.  If you enter
# negative values for the position it is taken as an offset from the
# right or bottom edge.
SetPosition=false
PositionX=0
PositionY=0
# Xinerama screen we use to display the greeter on.  Not for true
# multihead, currently only works for Xinerama.
XineramaScreen=0
# Background settings for the standard greeter:
# Type can be 0=None, 1=Image, 2=Color
BackgroundType=0
BackgroundImage=
BackgroundScaleToFit=true
BackgroundColor=#27408b
# XDMCP session should only get a color, this is the sanest setting since
# you don't want to take up too much bandwidth
BackgroundRemoteOnlyColor=true
# Program to run to draw the background in the standard greeter.  Perhaps
# something like an xscreensaver hack or some such.
#BackgroundProgram=
# if this is true then the background program is run always, otherwise
# it is only run when the BackgroundType is 0 (None)
RunBackgroundProgramAlways=false
# Show the Failsafe sessions.  These are much MUCH nicer (focus for xterm for
# example) and more failsafe then those supplied by scripts so distros should
# use this rather then just running an xterm from a script.
ShowGnomeFailsafeSession=false
ShowXtermFailsafeSession=false
# Normally there is a session type called 'Last' that is shown which refers to
# the last session the user used.  If off, we will be in 'switchdesk' mode where
# the session saving stuff is disabled in GDM
#ShowLastSession=true
# Always use 24 hour clock no matter what the locale.
Use24Clock=false
# Use circles in the password field.  Looks kind of cool actually,
# but only works with certain fonts.
UseCirclesInEntry=false
# These two keys are for the new greeter.  Circles is the standard
# shipped theme
GraphicalTheme=circles
GraphicalThemeDir=/usr/share/gdm/themes/

# The chooser is what's displayed when a user wants an indirect XDMCP
# session, or selects Run XDMCP chooser from the system menu
[chooser]
# Default image for hosts
DefaultHostImg=/usr/share/pixmaps/nohost.png
# Directory with host images, they are named by the hosts: host or host.png
HostImageDir=/usr/share/hosts/
# Time we scan for hosts (well only the time we tell the user we are
# scanning actually, we continue to listen even after this has
# expired)
ScanTime=4
# A comma separated lists of hosts to automatically add (if they answer to
# a query of course).  You can use this to reach hosts that broadcast cannot
# reach.
Hosts=
# Broadcast a query to get all hosts on the current network that answer
Broadcast=true
# Allow adding random hosts to the list by typing in their names
AllowAdd=true

[debug]
# This will enable debugging into the syslog, usually not neccessary
# and it creates a LOT of spew of random stuff to the syslog.  However it
# can be useful in determining when something is going very wrong.
Enable=false

[servers]
# These are the standard servers.  You can add as many you want here
# and they will always be started.  Each line must start with a unique
# number and that will be the display number of that server.  Usually just
# the 0 server is used.
#0=StandardVT
0=Standard
#1=Standard
# Note the VTAllocation and FirstVT keys on linux.  Don't add any vt<number>
# arguments if VTAllocation is on, and set FirstVT to be the first vt
# available that your gettys don't grab (gettys are usually dumb and grab
# even a vt that has already been taken).  Using 7 will work pretty much for
# all linux distributions.  VTAllocation is not currently implemented on
# anything but linux since I don't own any non-linux systems.  Feel free to
# send patches.  X servers will just not get any extra arguments then.
#
# If you want to run an X terminal you could add an X server such as this
#0=Terminal -query serverhostname
# or for a chooser (optionally serverhostname could be localhost)
#0=Terminal -indirect serverhostname
#
# If you wish to run the XDMCP chooser on the local display use the following
# line
#0=Chooser

## Note:
# is your X server not listening to TCP requests?  Perhaps you should look
# at the security/DisallowTCP setting!

# Definition of the standard X server.
[server-Standard]
name=Standard server
command=/usr/X11R6/bin/X -audit 0
flexible=false

# Standard Server with forced vt allocation
[server-StandardVT]
name=Standard server with VTAllocation
command=/usr/X11R6/bin/X -audit 0 vt7
flexible=false

# To use this server type you should add -query host or -indirect host
# to the command line
[server-Terminal]
name=Terminal server
# Add -terminate to make things behave more nicely
command=/usr/X11R6/bin/X -audit 0 -terminate
# Make this not appear in the flexible servers (we need extra params
# anyway, and terminate would be bad for xdmcp choosing).  You can
# make a terminal server flexible, but not with an indirect query.
# If you need flexible indirect query server, then you must get rid
# of the -terminate and the only way to kill the flexible server will
# then be by Ctrl-Alt-Backspace
flexible=false
# Not local, we do not handle the logins for this X server
handled=false

# To use this server type you should add -query host or -indirect host
# to the command line
[server-Chooser]
name=Chooser server
command=/usr/X11R6/bin/X -audit 0
# Make this not appear in the flexible servers for now, but if you
# wish to allow a chooser server then make this true.  This is the
# only way to make a flexible chooser server that behaves nicely.
flexible=false
# Run the chooser instead of the greeter.  When the user chooses a
# machine they will get this same server but run with
# "-terminate -query hostname"
chooser=true



On Sun, May 18, 2008 at 5:12 PM, Brian Cameron <Brian Cameron sun com> wrote:
>
> Dave:
>
> If you have turned on SystemMenu=true and ChooserButton=true in your
> GDM configuration, then you should be able to use the "Options" button
> to start the gdmchooser program, which will allow you to XMDCP to
> other machines.
>
> Some GDM themes may not support the Options button, or a button to
> run the XDMCP chooser.  You can hit the F10 key to see a menu which
> will show all the options.  If you are using a theme that doesn't
> support showing the XDMCP chooser via a more direct method than
> the "F10" key, then you might consider using a better theme, or
> enhancing your theme to support the Options button or a button to
> launch the chooser.
>
> Brian
>
>> I have a Suse 9 SP3 host I've installed gdm via sunray server. The
>> default WM is KDE.
>> What I'd like the login screen to allow is a remote login to any
>> machine broadcasting
>> via XDMCP without first logging in to this host.
>> Under CDE, this would be found under options-->remote host.
>> I've already modified gdm.conf with
>> Enable=True
>> Browser=true
>> ChooserButton=true
>>
>> I've restarted X11 but see no difference. On this host I can xnest to
>> get a remote login
>> display from the various target hosts so I know they're running XDMCP.
>>
>> What other steps do I need to take?
>>
>> TIA
>> _______________________________________________
>> gdm-list mailing list
>> gdm-list gnome org
>> http://mail.gnome.org/mailman/listinfo/gdm-list
>
>