<HTML
><HEAD
><TITLE
>Configuring XDM</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.76b+
"><LINK
REL="HOME"
TITLE="XDM and X Terminal mini-HOWTO"
HREF="index.html"><LINK
REL="PREVIOUS"
TITLE="XDM"
HREF="xdm.html"><LINK
REL="NEXT"
TITLE="Advanced Configuration Options"
HREF="xdm-advconfig.html"></HEAD
><BODY
CLASS="SECT1"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
>XDM and X Terminal mini-HOWTO</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="xdm.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
></TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="xdm-advconfig.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="CONFIG">4. Configuring XDM</H1
><P
> This section covers what needs to be configured for XDM to perform
the functions described so far in this document.
</P
><P
> In each case, the configuration described is the minimum necessary to
accomplish each goal. In most cases this means that the configuration
is also the least secure. Please refer to some of the additional
documentation listed in <A
HREF="resources.html"
>Section 7</A
>
for information about securing XDM and X terminals
(in particular the 'Running Remote X Applications Howto' from the LDP).
</P
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="CONFIG-FILES">4.1. Configuration Files</H2
><P
> This describes the following scheme of XDM configuration files:
<P
></P
><UL
><LI
><P
> xdm-config
</P
></LI
><LI
><P
> Xaccess
</P
></LI
><LI
><P
> Xservers
</P
></LI
><LI
><P
> Xresources
</P
></LI
></UL
>
</P
><P
> These must be setup for the machine actually running XDM itself. They will typically be
found in (Debian 2.1. Mandrake 7.0.2, RedHat 6.2):
<TABLE
BORDER="1"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="SCREEN"
> /etc/X11/xdm
</PRE
></FONT
></TD
></TR
></TABLE
>
or (SuSE 6.4):
<TABLE
BORDER="1"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="SCREEN"
> /usr/X11R6/lib/X11/xdm
</PRE
></FONT
></TD
></TR
></TABLE
>
</P
><P
> <P
></P
><DIV
CLASS="VARIABLELIST"
><DL
><DT
>xdm-config</DT
><DD
><P
> Defines the names and locations of the other configuration files and the basic
access permissions. For all distributions considered for this document,
the file names were as listed here (but sometimes the locations varied).
</P
><P
> This also defines the scripts to be run for the various state
transitions for an X session, i.e. on startup, etc. You should
not need to change these, as most distributions would appear to
come with this pre-configured for you.
</P
><P
> Note that XDM managed X sessions have a different set of startup
and configuration scripts to X sessions started via xinit or startx
(i.e. non-XDM managed X sessions).
</P
><P
> Some distributions (e.g. Redhat 7.1) include the following line in this configuration
file, which will prevent XDM from listening for queries:
<TABLE
BORDER="1"
BGCOLOR="#E0E0E0"
WIDTH="90%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="SCREEN"
> DisplayManager.requestPort: 0
</PRE
></FONT
></TD
></TR
></TABLE
>
This must be commented out as follows:
<TABLE
BORDER="1"
BGCOLOR="#E0E0E0"
WIDTH="90%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="SCREEN"
> !DisplayManager.requestPort: 0
</PRE
></FONT
></TD
></TR
></TABLE
>
</P
></DD
><DT
>Xaccess</DT
><DD
><P
> Determines which machines can connect to XDM - i.e.
from which other machines on the network we are accepting XDMCP
queries. If a machine is not listed in this file, then it will not
be able to request a login prompt from XDM.
</P
></DD
><DT
>Xservers</DT
><DD
><P
> Contains a list of machines that XDM will connect to, to provide a
login prompt, automatically - i.e. those machines already running an X
server, but would like this machine to provide the login prompt.
</P
><P
> This is only required for 'XDM Managed X Servers'. You do not need
any entries in this file if you will be relying on remote X servers
to query XDM.
</P
><P
> When running as a stand-alone 'X Workstation', there is usually a
single entry in this file, listing just the localhost.
</P
></DD
><DT
>Xresources</DT
><DD
><P
> Details of the X properties used by the XDM widgets (e.g. size of the
login 'box', colours, bitmap backgrounds, etc).
</P
></DD
></DL
></DIV
>
</P
></DIV
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="XDM-XSERV">4.2. Configuring XDM to Manage X Servers</H2
><P
> An entry must be placed in the Xservers file for each X server
that XDM will be presenting a login prompt on. This could include
the local machine and/or a list of remote machines.
</P
><P
> Example
<TABLE
BORDER="1"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="SCREEN"
> # First the local host
:0 local /usr/bin/X11/X vt7
#
# Then the remote hosts
emma:0 foreign
alex:0 foreign
</PRE
></FONT
></TD
></TR
></TABLE
>
</P
><P
> This will start XDM on the local machine and also present
a login screen on the X servers running on the hosts 'emma' and 'alex' (assuming that
permissions have been setup on 'emma' and 'alex' such that this machine
is permitted to connect to the running X servers).
</P
><P
> Note that it is possible to specify the host and display (:0, :1, etc)
if required. This is useful, for example, if you are running multiple X servers on a
single machine, etc.
</P
></DIV
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="XDM-QUERIES">4.3. Configuring XDM to Receive Queries</H2
><P
> The file Xaccess determines which hosts may query XDM on this machine,
in order to request a login prompt.
</P
><P
> Example
<TABLE
BORDER="1"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="SCREEN"
> # First line for direct queries
*
# Following line for indirect queries
* CHOOSER BROADCAST
</PRE
></FONT
></TD
></TR
></TABLE
>
</P
><P
> This means that any host may request a login prompt via XDM (the first '*')
using a direct query.
</P
><P
> The 'CHOOSER' line specifies which hosts can connect to XDM using
indirect queries - in this case, any host may query this machine for
a list of potential hosts to connect to (the second '*' line).
</P
><P
> 'BROADCAST' means that the 'chooser' application on this machine
will obtain its list of available servers (that will also be running XDM)
via network broadcast queries. I will talk about the 'chooser' later.
</P
><P
> It is possible to place specific host names or specifications of network IP
addresses (e.g. a whole IP network or specific hosts) in these entries (and there
are also other indirect queries possible, without using the chooser)
but this is not described here (refer to <A
HREF="resources.html"
>Section 7</A
>
for some links to more information).
</P
></DIV
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="XDM-STARTX">4.4. Starting X</H2
><P
> The way you start the X server itself, will depend upon how you want it to
interact with XDM locally and remotely.
</P
><P
> <P
></P
><DIV
CLASS="VARIABLELIST"
><DL
><DT
>X Workstation: XDM and local X server</DT
><DD
><P
> XDM will normally start X automatically for you and XDM will usually
be configured to run as part of the startup process (via the init scripts).
Most distributions have a specific 'run-level' for starting the system up
with a graphical login prompt.
</P
><P
> The Xservers file would typically contain a single entry - that of the
local host, and the Xaccess file would only need to permit access from
the local host.
</P
></DD
><DT
>X Terminal: Remote XDM</DT
><DD
><P
> Just start X with no clients, with access permissions such that the
remote XDM is able to connect when it starts up. The following will start
X with no access control:
<TABLE
BORDER="1"
BGCOLOR="#E0E0E0"
WIDTH="90%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="SCREEN"
> /usr/X11R6/bin/X -ac
</PRE
></FONT
></TD
></TR
></TABLE
>
</P
><P
> When the remote XDM is started, it will 'push out' a login prompt to
all such configured X servers (as listed in its Xservers file).
</P
></DD
><DT
>X Terminal: Query a remote XDM</DT
><DD
><P
> Recall there are 3 modes for queries: direct, indirect and broadcast
(direct for a single host, indirect for a list of hosts or broadcast for
the first host that replies):
<TABLE
BORDER="1"
BGCOLOR="#E0E0E0"
WIDTH="90%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="SCREEN"
> /usr/X11R6/bin/X -query the.remote.host
/usr/X11R6/bin/X -indirect the.remote.host
/usr/X11R6/bin/X -broadcast
</PRE
></FONT
></TD
></TR
></TABLE
>
</P
></DD
></DL
></DIV
>
</P
><P
> In each case, X will probably have to be started as root.
</P
><P
> It is possible to have a machine automatically start X and perform a query
for a running XDM on the network. One way is to 'hijack' the inittab setting
for running as a graphical login (this is runlevel 5 on Debian and
Redhat based systems, and 3 for SuSE - this example assumes runlevel
5 throughout). This is often the line beginning x:5 towards the end of /etc/inittab.
Set this to (or add it if it doesn't exist):
<TABLE
BORDER="1"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="SCREEN"
> x:5:respawn:/usr/X11R6/bin/X -broadcast
</PRE
></FONT
></TD
></TR
></TABLE
>
Replacing -broadcast with -direct or -indirect, etc. as required. You may have to
change your default runlevel to be 5 too, (and then reboot), as follows:
<TABLE
BORDER="1"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="SCREEN"
> id:5:initdefault:
</PRE
></FONT
></TD
></TR
></TABLE
>
</P
></DIV
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="XDM-STARTUP">4.5. Starting XDM</H2
><P
> In a standard X workstation configuration, XDM would typically be started up by
specifying the default initial run-level to be that corresponding to a full graphical
login. On Redhat and Debian based systems this is usually runlevel 5. On SuSE it is
run-level 3.
</P
><P
> It is possible to run XDM automatically on startup by changing the default runlevel
to that described above. This is configured in /etc/inittab as follows:
<TABLE
BORDER="1"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="SCREEN"
> id:5:initdefault:
</PRE
></FONT
></TD
></TR
></TABLE
>
</P
><P
> Alternatively it is possible to add a startup script for XDM itself to the rc scripts
in the startup directories (/etc/rc.d/ for Redhat/Debian), to start and stop XDM in a
similar manner to other services on a Linux machine.
</P
><P
> The following script is suitable for a Redhat (and probably Mandrake) based system,
and should be saved as /etc/rc.d/init.d/xdm. You will have to enable it using
'chkconfig --add xdm'.
<TABLE
BORDER="1"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="SCREEN"
> #!/bin/sh
# xdm start/stop script for RedHat based systems
#
# chkconfig: 234 60 60
# description: xdm permits remote users to logon to this X display
# processname: /usr/X11R6/bin/xdm
# config: /etc/X11/xdm/xdm-config
# source function library
. /etc/rc.d/init.d/functions
[ -x /usr/X11R6/bin/xdm ] || exit 0
prog=/usr/X11R6/bin/xdm
RETVAL=0
start () {
echo -n $"Starting $prog: "
# start daemon
daemon $prog
RETVAL=$?
echo
[ $RETVAL = 0 ] && touch /var/lock/subsys/xdm
return $RETVAL
}
stop () {
echo -n $"Stopping $prog: "
killproc $prog
RETVAL=$?
echo
[ $RETVAL = 0 ] && rm -f /var/lock/subsys/xdm
return $RETVAL
}
restart () {
stop
start
RETVAL=$?
return $RETVAL
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
status)
status $prog
RETVAL=$?
;;
restart)
restart
;;
condrestart)
# only restart if it is already running
[ -f /var/lock/subsys/xdm ] && restart || :
;;
reload)
echo -n $"Reloading $prog: "
killproc $prog -HUP
RETVAL=$?
echo
;;
*)
echo $"Usage: $0 (start|stop|restart|condrestart|reload|status)"
RETVAL=1
esac
exit $RETVAL
</PRE
></FONT
></TD
></TR
></TABLE
>
</P
></DIV
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="XDM-CHOOSER">4.6. The Chooser Application</H2
><P
> When XDM receives an indirect query, and assuming that the appropriate options
have been specified in Xaccess for the 'chooser' application, it can
provide the user with a list of other XDM managed servers that it
knows about.
</P
><P
> In this mode of operation, instead of the normal XDM login prompt,
the user will be presented with a 'chooser' application, which will
provide a list of detected hosts on the network that are currently
accepting XDM connections.
</P
><P
> When I first tried the use the chooser, I found that the Xresources
files that came with my SuSE and Debian systems, specified a size for
the chooser widget that was too big for the screens ... The following
line from the Xresources file fixed that:
<TABLE
BORDER="1"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="SCREEN"
> Chooser*geometry: 700x500+300+200
</PRE
></FONT
></TD
></TR
></TABLE
>
</P
><P
> The chooser will obtain its lists of hosts by one of two methods:
<P
></P
><UL
><LI
><P
> Broadcast Query: In this mode a request is broadcast over the network,
and a list is built up from the replies received from other application
servers running XDM.
</P
></LI
><LI
><P
> Explicit Listing: It is possible to provide a list of hosts for
the chooser in the Xaccess file, as follows:
<TABLE
BORDER="1"
BGCOLOR="#E0E0E0"
WIDTH="90%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="SCREEN"
> %hostlist emma alex liam abigail
* CHOOSER %hostlist
</PRE
></FONT
></TD
></TR
></TABLE
>
This will mean that the hosts emma, alex, liam and abigail will all be
listed as candidates - even if one of the machines is down
(there is often a button to 'ping' the host to see if it is
running, before trying to connect to it).
</P
></LI
></UL
>
</P
><P
> Not that it is possible to include the localhost in the list of machines
known to the chooser as well. XDM should be configured not to startup on
the local console display though. Login should always be performed via
an indirect query to the local chooser application, then the localhost
should appear alongside any other hosts on the network.
</P
></DIV
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="XDM-ALTERNATIVES">4.7. Alternatives to XDM</H2
><P
> Both KDE and Gnome have their own application to replace the standard
XDM. They do similar things and are well documented.
As far as providing remote X access, there is a single setting in the configuration
file for the application to enable XDMCP support.
</P
><P
> <P
></P
><DIV
CLASS="VARIABLELIST"
><DL
><DT
>KDM: KDE Display Manager</DT
><DD
><P
> The following must be set in the KDM configuration file (/usr/share/config/kdm/kdmrc
for a Mandrake 8.1 system):
<TABLE
BORDER="1"
BGCOLOR="#E0E0E0"
WIDTH="90%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="SCREEN"
> [Xdmcp]
Enable=True
</PRE
></FONT
></TD
></TR
></TABLE
>
</P
></DD
><DT
>GDM: Gnome Display Manager</DT
><DD
><P
> The following must be set in the GDM configuration file (/etc/X11/gdm/gdm.conf):
<TABLE
BORDER="1"
BGCOLOR="#E0E0E0"
WIDTH="90%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="SCREEN"
> [Xdmcp]
Enable=True
</PRE
></FONT
></TD
></TR
></TABLE
>
To have GDM running without starting the local X server, comment out the line
<TABLE
BORDER="1"
BGCOLOR="#E0E0E0"
WIDTH="90%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="SCREEN"
> 0=Standard
</PRE
></FONT
></TD
></TR
></TABLE
>
in the 'servers' section of the configuration file too.
</P
></DD
></DL
></DIV
>
</P
></DIV
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="xdm.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="index.html"
ACCESSKEY="H"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="xdm-advconfig.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>XDM</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
> </TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>Advanced Configuration Options</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>
