Provided by: wdm_1.28-24_amd64
wdm - WINGs Display Manager
wdm [ options ]
wdm is an X display manager based on the original X11 X Display Manager (xdm). It features numerous functionality improvements, including the ability to reboot or halt the machine (once the proper password has been supplied) and to select from a list of available X sessions to start. The look of the login panel is somewhat configurable, too.
Except for -config, all of these options can be specified as resources. -config configuration_file Names the configuration file, which specifies resources to control the behavior of wdm. #configdir#/wdm-config is the default. -nodaemon Specifies ``false'' as the value for the DisplayManager.daemonMode resource. This suppresses the normal daemon behavior, which is for wdm to close all file descriptors, disassociate itself from the controlling terminal, and put itself in the background when it first starts up. -debug debug_level Specifies the numeric value for the DisplayManager.debugLevel resource. A non-zero value causes wdm to print lots of debugging statements to the terminal; it also disables the DisplayManager.daemonMode resource, forcing wdm to run synchronously. To interpret these debugging messages, a copy of the source code for wdm is almost a necessity. No attempt has been made to rationalize or standardize the output. -error error_log_file Specifies the value for the DisplayManager.errorLogFile resource. This file contains errors from wdm as well as anything written to stderr by the various scripts and programs run during the progress of the session. -syslog facility Specifies the value for the DisplayManager.syslogFacility resource. This is factility to use with all messages if log is redirected to syslog. -usesyslog Specifies ``true'' as the value for the DisplayManager.useSyslog resource. This will force all messages go to syslog with facility specified by DisplayManager.syslogFacility resource. -useerrfile Specifies ``false'' as the value for the DisplayManager.useSyslog resource. This will force all messages go to log file specified by DisplayManager.errorLogFile resource. -resources resource_file Specifies the value for the DisplayManager*resources resource. This file is loaded using xrdb to specify configuration parameters for the authentication widget. -server server_entry Specifies the value for the DisplayManager.servers resource. -udpPort port_number Specifies the value for the DisplayManager.requestPort resource. This sets the port-number which wdm will monitor for XDMCP requests. As XDMCP uses the registered well-known UDP port 177, this resource should not be changed except for debugging. If set to 0 wdm will not listen for XDMCP or Chooser requests. -session session_program Specifies the value for the DisplayManager*session resource. This indicates the program to run as the session after the user has logged in. -xrm resource_specification Allows an arbitrary resource to be specified, as in most X Toolkit applications.
At many stages the actions of wdm can be controlled through the use of its configuration file, which is in the X resource format. Some resources modify the behavior of wdm on all displays, while others modify its behavior on a single display. Where actions relate to a specific display, the display name is inserted into the resource name between ``DisplayManager'' and the final resource name segment. For local displays, the resource name and class are as read from the Xservers file. For remote displays, the resource name is what the network address of the display resolves to. See the removeDomain resource. The name must match exactly; wdm is not aware of all the network aliases that might reach a given display. If the name resolve fails, the address is used. The resource class is as sent by the display in the XDMCP Manage request. Because the resource manager uses colons to separate the name of the resource from its value and dots to separate resource name parts, wdm substitutes underscores for both dots and colons when generating the resource name. For example, DisplayManager.expo_x_org_0.startup is the name of the resource which defines the startup shell file for the ``expo.x.org:0'' display. DisplayManager.servers This resource either specifies a file name full of server entries, one per line (if the value starts with a slash), or a single server entry. See the section Local Server Specification for the details. DisplayManager.requestPort This indicates the UDP port number which wdm uses to listen for incoming XDMCP requests. Unless you need to debug the system, leave this with its default value of 177. DisplayManager.errorLogFile Error output is normally directed at the system console. To redirect it, set this resource to a file name. A method to send these messages to syslog should be developed for systems which support it; however, the wide variety of interfaces precludes any system-independent implementation. This file also contains any output directed to stderr by the Xsetup, Xstartup, Xsession and Xreset files, so it will contain descriptions of problems in those scripts as well. DisplayManager.debugLevel If the integer value of this resource is greater than zero, reams of debugging information will be printed. It also disables daemon mode, which would redirect the information into the bit-bucket, and allows non-root users to run wdm, which would normally not be useful. DisplayManager.daemonMode Normally, wdm attempts to make itself into a daemon process unassociated with any terminal. This is accomplished by forking and leaving the parent process to exit, then closing file descriptors and releasing the controlling terminal. In some environments this is not desired (in particular, when debugging). Setting this resource to ``false'' will disable this feature. DisplayManager.pidFile The filename specified will be created to contain an ASCII representation of the process-id of the main wdm process. Xdm also uses file locking on this file to attempt to eliminate multiple daemons running on the same machine, which would cause quite a bit of havoc. DisplayManager.lockPidFile This is the resource which controls whether wdm uses file locking to keep multiple display managers from running amok. On System V, this uses the lockf library call, while on BSD it uses flock. DisplayManager.authDir This names a directory under which wdm stores authorization files while initializing the session. The default value is #configdir#. Can be overridden for specific displays by DisplayManager.DISPLAY.authFile. DisplayManager.autoRescan This boolean controls whether wdm rescans the configuration, servers, access control and authentication keys files after a session terminates and the files have changed. By default it is ``true.'' You can force wdm to reread these files by sending a SIGHUP to the main process. DisplayManager.removeDomainname When computing the display name for XDMCP clients, the name resolver will typically create a fully qualified host name for the terminal. As this is sometimes confusing, wdm will remove the domain name portion of the host name if it is the same as the domain name of the local host when this variable is set. By default the value is ``true.'' DisplayManager.keyFile XDM-AUTHENTICATION-1 style XDMCP authentication requires that a private key be shared between wdm and the terminal. This resource specifies the file containing those values. Each entry in the file consists of a display name and the shared key. By default, wdm does not include support for XDM-AUTHENTICATION-1, as it requires DES which is not generally distributable because of United States export restrictions. DisplayManager.accessFile To prevent unauthorized XDMCP service and to allow forwarding of XDMCP IndirectQuery requests, this file contains a database of hostnames which are either allowed direct access to this machine, or have a list of hosts to which queries should be forwarded to. The format of this file is described in the section XDMCP Access Control. DisplayManager.exportList A list of additional environment variables, separated by white space, to pass on to the Xsetup, Xstartup, Xsession, and Xreset programs. DisplayManager.randomFile A file to checksum to generate the seed of authorization keys. This should be a file that changes frequently. The default is /dev/urandom. DisplayManager.greeterLib On systems that support a dynamically-loadable greeter library, the name of the library. The default is /usr/lib/X11/xdm/libXdmGreet.so. This not used in Debian. DisplayManager.choiceTimeout Number of seconds to wait for display to respond after user has selected a host from the chooser. If the display sends an XDMCP IndirectQuery within this time, the request is forwarded to the chosen host. Otherwise, it is assumed to be from a new session and the chooser is offered again. Default is 15. DisplayManager.sourceAddress Use the numeric IP address of the incoming connection on multihomed hosts instead of the host name. This is to avoid trying to connect on the wrong interface which might be down at this time. DisplayManager.willing This specifies a program which is run (as) root when an an XDMCP BroadcastQuery is received and this host is configured to offer XDMCP display management. The output of this program may be displayed on a chooser window. If no program is specified, the string Willing to manage is sent. DisplayManager.DISPLAY.resources This resource specifies the name of the file to be loaded by xrdb as the resource database onto the root window of screen 0 of the display. The Xsetup program, the Login widget, and chooser will use the resources set in this file. This resource data base is loaded just before the authentication procedure is started, so it can control the appearance of the login window. See the section Authentication Widget, which describes the various resources that are appropriate to place in this file. There is no default value for this resource, but #configdir#/Xresources is the conventional name. DisplayManager.DISPLAY.chooser Specifies the program run to offer a host menu for Indirect queries redirected to the special host name CHOOSER. /usr/lib/X11/xdm/chooser is the default. See the sections XDMCP Access Control and Chooser. DisplayManager.DISPLAY.xrdb Specifies the program used to load the resources. By default, wdm uses /usr/bin/xrdb. DisplayManager.DISPLAY.cpp This specifies the name of the C preprocessor which is used by xrdb. DisplayManager.DISPLAY.setup This specifies a program which is run (as root) before offering the Login window. This may be used to change the appearance of the screen around the Login window or to put up other windows (e.g., you may want to run xconsole here). By default, no program is run. The conventional name for a file used here is Xsetup. See the section Setup Program. DisplayManager.DISPLAY.startup This specifies a program which is run (as root) after the authentication process succeeds. By default, no program is run. The conventional name for a file used here is Xstartup. See the section Startup Program. DisplayManager.DISPLAY.session This specifies the session to be executed (not running as root). By default, /usr/bin/x-terminal-emulator is run. The conventional name is Xsession. See the section Session Program. DisplayManager.DISPLAY.reset This specifies a program which is run (as root) after the session terminates. By default, no program is run. The conventional name is Xreset. See the section Reset Program. DisplayManager.DISPLAY.openDelay DisplayManager.DISPLAY.openRepeat DisplayManager.DISPLAY.openTimeout DisplayManager.DISPLAY.startAttempts These numeric resources control the behavior of wdm when attempting to open intransigent servers. openDelay is the length of the pause (in seconds) between successive attempts, openRepeat is the number of attempts to make, openTimeout is the amount of time to wait while actually attempting the open (i.e., the maximum time spent in the connect(2) system call) and startAttempts is the number of times this entire process is done before giving up on the server. After openRepeat attempts have been made, or if openTimeout seconds elapse in any particular attempt, wdm terminates and restarts the server, attempting to connect again. This process is repeated startAttempts times, at which point the display is declared dead and disabled. Although this behavior may seem arbitrary, it has been empirically developed and works quite well on most systems. The default values are 5 for openDelay, 5 for openRepeat, 30 for openTimeout and 4 for startAttempts. DisplayManager.DISPLAY.pingInterval DisplayManager.DISPLAY.pingTimeout To discover when remote displays disappear, wdm occasionally pings them, using an X connection and XSync calls. pingInterval specifies the time (in minutes) between each ping attempt, pingTimeout specifies the maximum amount of time (in minutes) to wait for the terminal to respond to the request. If the terminal does not respond, the session is declared dead and terminated. By default, both are set to 5 minutes. If you frequently use X terminals which can become isolated from the managing host, you may wish to increase this value. The only worry is that sessions will continue to exist after the terminal has been accidentally disabled. wdm will not ping local displays. Although it would seem harmless, it is unpleasant when the workstation session is terminated as a result of the server hanging for NFS service and not responding to the ping. DisplayManager.DISPLAY.terminateServer This boolean resource specifies whether the X server should be terminated when a session terminates (instead of resetting it). This option can be used when the server tends to grow without bound over time, in order to limit the amount of time the server is run. The default value is ``false.'' DisplayManager.DISPLAY.userPath Xdm sets the PATH environment variable for the session to this value. It should be a colon separated list of directories; see sh(1) for a full description. ``:/bin:/usr/bin:/usr/games'' is a common setting. The default value can be specified at build time in the X system configuration file with DefaultUserPath. DisplayManager.DISPLAY.systemPath Xdm sets the PATH environment variable for the startup and reset scripts to the value of this resource. The default for this resource is specified at build time by the DefaultSystemPath entry in the system configuration file; ``/etc:/bin:/usr/bin'' is a common choice. Note the absence of ``.'' from this entry. This is a good practice to follow for root; it avoids many common Trojan Horse system penetration schemes. DisplayManager.DISPLAY.systemShell Xdm sets the SHELL environment variable for the startup and reset scripts to the value of this resource. It is /bin/sh by default. DisplayManager.DISPLAY.failsafeClient If the default session fails to execute, wdm will fall back to this program. This program is executed with no arguments, but executes using the same environment variables as the session would have had (see the section Session Program). By default, /usr/bin/x-terminal-emulator is used. DisplayManager.DISPLAY.grabServer DisplayManager.DISPLAY.grabTimeout To improve security, wdm grabs the server and keyboard while reading the login name and password. The grabServer resource specifies if the server should be held for the duration of the name/password reading. When ``false,'' the server is ungrabbed after the keyboard grab succeeds, otherwise the server is grabbed until just before the session begins. The default is ``false.'' The grabTimeout resource specifies the maximum time wdm will wait for the grab to succeed. The grab may fail if some other client has the server grabbed, or possibly if the network latencies are very high. This resource has a default value of 3 seconds; you should be cautious when raising it, as a user can be spoofed by a look-alike window on the display. If the grab fails, wdm kills and restarts the server (if possible) and the session. DisplayManager.DISPLAY.authorize DisplayManager.DISPLAY.authName authorize is a boolean resource which controls whether wdm generates and uses authorization for the local server connections. If authorization is used, authName is a list of authorization mechanisms to use, separated by white space. XDMCP connections dynamically specify which authorization mechanisms are supported, so authName is ignored in this case. When authorize is set for a display and authorization is not available, the user is informed by having a different message displayed in the login widget. By default, authorize is ``true.'' authName is ``MIT-MAGIC-COOKIE-1,'' or, if XDM-AUTHORIZATION-1 is available, ``XDM- AUTHORIZATION-1 MIT-MAGIC-COOKIE-1.'' DisplayManager.DISPLAY.authFile This file is used to communicate the authorization data from wdm to the server, using the -auth server command line option. It should be kept in a directory which is not world-writable as it could easily be removed, disabling the authorization mechanism in the server. If not specified, a name is generated from DisplayManager.authDir and the name of the display. DisplayManager.DISPLAY.authComplain If set to ``false,'' disables the use of the unsecureGreeting in the login window. See the section Authentication Widget. The default is ``true.'' DisplayManager.DISPLAY.resetSignal The number of the signal wdm sends to reset the server. See the section Controlling the Server. The default is 1 (SIGHUP). DisplayManager.DISPLAY.termSignal The number of the signal wdm sends to terminate the server. See the section Controlling the Server. The default is 15 (SIGTERM). DisplayManager.DISPLAY.resetForAuth The original implementation of authorization in the sample server reread the authorization file at server reset time, instead of when checking the initial connection. As wdm generates the authorization information just before connecting to the display, an old server would not get up-to-date authorization information. This resource causes wdm to send SIGHUP to the server after setting up the file, causing an additional server reset to occur, during which time the new authorization information will be read. The default is ``false,'' which will work for all MIT servers. DisplayManager.DISPLAY.userAuthDir When wdm is unable to write to the usual user authorization file ($HOME/.Xauthority), it creates a unique file name in this directory and points the environment variable XAUTHORITY at the created file. It uses /tmp by default. DisplayManager.wdmLogin Specifies the path to wdmLogin(1x) DisplayManager.wdmWm Is a colon separated list of window managers to use as options in the login panel. Note that if you include the path to the window manager, it will look ugly. You may set this resource to None if you want only NoChange to appear. DisplayManager.wdmLogo Path to the logo pixmap, several formats are accepted, read wdmLogin(1x) to find out more. DisplayManager.wdmHelpFile Path to a text file which will be displayed in the help panel, read wdmLogin(1x) to find out more. DisplayManager.wdmDefaultUser a default username which will be used if no username is typed. DisplayManager.wdmDefaultPasswd the clear text password of the default user above. BE VERY CAREFUL when using this two resources, and don't forget to do: chmod 600 wdm-config ; chown root.root wdm- config DisplayManager.wdmBg Background specification. Read the BACKGROUND IMAGE SPECIFICATION section to find out about the format. If this is not specified, then the background is not set. DisplayManager.wdmReboot Reboot command. DisplayManager.wdmHalt Halt command. DisplayManager.wdmVerify If true, verify user's identity for reboot/halt/exit. DisplayManager.wdmRoot If true, user must be root to exit. DisplayManager.wdmAnimations If true, enable animations consisting of shaking the panel (if an error) and rolling up the panel (when closing it). If false, animations are disabled. DisplayManager.wdmLocale LANG environment variable will be set to value of this resource before starting wdmLogin. DisplayManger.wdmCursorTheme If you have recent version of XFree with support for transparent cursors you can select cursor theme to use on login panel. XCURSOR_THEME environment variable will be set to value of this resource before starting wdmLogin.
The default location of the wdm configuration file is #configdir#/wdm-config Here is a reasonable configuration file, which could be named wdm-config: DisplayManager.servers: /usr/lib/X11/xdm/Xservers DisplayManager.errorLogFile: /usr/lib/X11/xdm/xdm-errors DisplayManager*resources: /usr/lib/X11/xdm/Xresources DisplayManager*startup: /usr/lib/X11/xdm/Xstartup DisplayManager*session: /usr/lib/X11/xdm/Xsession DisplayManager.pidFile: /usr/lib/X11/xdm/xdm-pid DisplayManager._0.authorize: true DisplayManager*authorize: false Note that this file mostly contains references to other files. Note also that some of the resources are specified with ``*'' separating the components. These resources can be made unique for each different display, by replacing the ``*'' with the display-name, but normally this is not very useful. See the Resources section for a complete discussion. If the entry is a host name, all comparisons are done using network addresses, so any name which converts to the correct network address may be used. For patterns, only canonical host names are used in the comparison, so ensure that you do not attempt to match aliases. Preceding either a host name or a pattern with a `!' character causes hosts which match that entry to be excluded. To only respond to Direct queries for a host or pattern, it can be followed by the optional ``NOBROADCAST'' keyword. This can be used to prevent an wdm server from appearing on menus based on Broadcast queries. An Indirect entry also contains a host name or pattern, but follows it with a list of host names or macros to which indirect queries should be sent. A macro definition contains a macro name and a list of host names and other macros that the macro expands to. To distinguish macros from hostnames, macro names start with a `%' character. Macros may be nested. Indirect entries may also specify to have wdm run chooser to offer a menu of hosts to connect to. See the section Chooser. When checking access for a particular display host, each entry is scanned in turn and the first matching entry determines the response. Direct and Broadcast entries are ignored when scanning for an Indirect entry and vice-versa. Blank lines are ignored, `#' is treated as a comment delimiter causing the rest of that line to be ignored, and `\newline' causes the newline to be ignored, allowing indirect host lists to span multiple lines. Here is an example Xaccess file: # # Xaccess - XDMCP access control file # # # Direct/Broadcast query entries # !xtra.lcs.mit.edu # disallow direct/broadcast service for xtra bambi.ogi.edu # allow access from this particular display *.lcs.mit.edu # allow access from any display in LCS *.deshaw.com NOBROADCAST # allow only direct access *.gw.com # allow direct and broadcast # # Indirect query entries # %HOSTS expo.lcs.mit.edu xenon.lcs.mit.edu \ excess.lcs.mit.edu kanga.lcs.mit.edu extract.lcs.mit.edu xenon.lcs.mit.edu #force extract to contact xenon !xtra.lcs.mit.edu dummy #disallow indirect access *.lcs.mit.edu %HOSTS #all others get to choose
The Xresources file is loaded onto the display as a resource database using xrdb. As the authentication widget reads this database before starting up, it usually contains parameters for that widget: xlogin*login.translations: #override\ Ctrl<Key>R: abort-display()\n\ <Key>F1: set-session-argument(failsafe) finish-field()\n\ <Key>Return: set-session-argument() finish-field() xlogin*borderWidth: 3 xlogin*greeting: CLIENTHOST #ifdef COLOR xlogin*greetColor: CadetBlue xlogin*failColor: red #endif Please note the translations entry; it specifies a few new translations for the widget which allow users to escape from the default session (and avoid troubles that may occur in it). Note that if #override is not specified, the default translations are removed and replaced by the new value, not a very useful result as some of the default translations are quite useful (such as ``<Key>: insert-char ()'' which responds to normal typing). This file may also contain resources for the setup program and chooser.
The Xsetup file is run after the server is reset, but before the Login window is offered. The file is typically a shell script. It is run as root, so should be careful about security. This is the place to change the root background or bring up other windows that should appear on the screen along with the Login widget. In addition to any specified by DisplayManager.exportList, the following environment variables are passed: DISPLAY the associated display name PATH the value of DisplayManager.DISPLAY.systemPath SHELL the value of DisplayManager.DISPLAY.systemShell XAUTHORITY may be set to an authority file Note that since wdm grabs the keyboard, any other windows will not be able to receive keyboard input. They will be able to interact with the mouse, however; beware of potential security holes here. If DisplayManager.DISPLAY.grabServer is set, Xsetup will not be able to connect to the display at all. Resources for this program can be put into the file named by DisplayManager.DISPLAY.resources. Here is a sample Xsetup script: #!/bin/sh # Xsetup_0 - setup script for one workstation xcmsdb < /usr/local/lib/monitors/alex.0 xconsole -geometry 480x130-0-0 -notify -verbose -exitOnFail &
BACKGROUND IMAGE SPECIFICATION
There are several possible ways of specifying a background image. The generic format is type:image. type can be any of: none The backgound is not set. solid it renders a solid background, and image is a color name hgradient, vgradient, dgradient a gradient (either horizontal, vertical or diagonal) will be rendered. image is comma separated of color names, and any number of colors can be specified. pixmap a pixmap will be used for the background. image is the full path to an image file (tiff, png, jpeg and xpm allowed) and it will be scaled to use the full screen.
wdm was written by Gene Czarcinski <firstname.lastname@example.org>. wdm is based on work by Tom Rothamel and xdm, (c) 1988 X Consortium This man page was written by Marcelo Magallon <email@example.com> and extensively modified by Noah Meyerhans <firstname.lastname@example.org>. Much of the content was taken from xdm's manual page. July 2002 wdm(1x)