Ubuntu Manpage: sesman.ini - Configuration file for xrdp-sesman(8)

Provided by: xrdp_0.9.12-1ubuntu0.1_amd64

NAME

       sesman.ini - Configuration file for xrdp-sesman(8)

DESCRIPTION

       sesman.ini  consists  of  several  sections.  Each section starts with the section name in
       square brackets, followed by a list  of  parameter=value  lines.  Following  sections  are
       recognized:

       [Globals]
              Global configuration

       [Logging]
              Logging subsystem

       [Sessions]
              Session management

       [Security]
              Access control

       [X11rdp], [Xvnc], [Xorg]
              X11 server settings for supported servers

       [Chansrv]
              Settings for xrdp-chansrv(8)

       [SessionVariables]
              Environment variables for the session

       All  parameters and values (except for file names and paths) are case insensitive, and are
       described in detail below. If any parameter is specified more than once,  the  last  entry
       will be used. Options specified outside their proper section will be ignored.

GLOBALS

Following parameters can be used in the [Globals] section.

ListenAddress=ip address
xrdp-sesman listening address. If not specified, defaults to 0.0.0.0 (all
interfaces).

ListenPort=port number
xrdp-sesman listening port. If not specified, defaults to 3350.

EnableUserWindowManager=[true|false]
If set to 1, true or yes, this option enables user specific startup script. That
is, xrdp-sesman will execute the script specified by UserWindowManager if it
exists.

UserWindowManager=filename
Path of the startup script relative to the user's home directory. If present and
enabled by EnableUserWindowManager, that script is executed instead of
DefaultWindowManager.

DefaultWindowManager=filename
Full path or relative path of the default startup script used by xrdp-sesman to
start a session. If the path is not a full path, it will be resolved as relative
path to /etc/xrdp. If not specified, defaults to /etc/xrdp/startwm.sh.

ReconnectScript=filename
Full path or relative path if the script which executed when users reconnects to
the existing session. If the path is not a full path, it will be resolved as
relative path to /etc/xrdp. If not specified, defaults to /etc/xrdp/reconnectwm.sh.

LOGGING

       Following parameters can be used in the [Logging] section.

       LogFile=filename
              Log file path. It can be either absolute or relative. If not specified, defaults to
              ./sesman.log

       LogLevel=level
              This option can have one of the following values:

              CORE  or  0  -  Log only core messages. Those messages are logged regardless of the
              selected logging level.

              ERROR or 1 - Log only error messages.

              WARNING, WARN or 2 - Logs warnings and error messages.

              INFO or 3 - Log errors, warnings and informational messages.

              DEBUG or 4 - Log everything. If xrdp-sesman is compiled in debug mode, this options
              will output many more low-level messages.

       EnableSyslog=[true|false]
              If set to 1, true or yes, this option enables logging to syslog.

       SyslogLevel=level
              Logging  level for syslog. It can have the same values as LogLevel.  If SyslogLevel
              and LogLevel differ, the least verbose setting takes effect for syslog.

SESSIONS

       Following parameters can be used in the [Sessions] section.

       X11DisplayOffset=number
              The first X display number available for  xrdp-sesman.  This  prevents  xrdp-sesman
              from interfering with real X11 servers. If not specified, defaults to 10.

       MaxSessions=number
              Sets the maximum number of simultaneous sessions. If not set or set to 0, unlimited
              session are allowed.

       KillDisconnected=[true|false]
              If set to 1, true or yes, every session will be killed within 60 seconds after  the
              user disconnects.

       DisconnectedTimeLimit=number
              Sets  the  time limit (in seconds) before a disconnected session is killed.  If set
              to 0, automatic killing is disabled.

       IdleTimeLimit=number
              Sets the time limit (in seconds) before an  idle  session  is  disconnected.   Idle
              means  no  keyboard  inputs  and  no  mouse  moves/clicks  here.  If set to 0, idle
              sessions will never be disconnected by timeout.   This  works  only  with  xorgxrdp
              session. Moreover, xorgxrdp must be v0.2.9 or later.

       Policy=[Default|UBD|UBI|UBC|UBDI|UBDC]
              Session allocation policy. By default, a new session is created for the combination
              <User,BitPerPixel>    when    using    Xrdp,    and     for     the     combination
              <User,BitPerPixel,DisplaySize>  when  using  Xvnc.  This behavior can be changed by
              setting session policy to:

              UBD - session per <User,BitPerPixel,DisplaySize>
              UBI - session per <User,BitPerPixel,IPAddr>
              UBC - session per <User,BitPerPixel,Connection>
              UBDI - session per <User,BitPerPixel,DisplaySize,IPAddr>
              UBDC - session per <User,BitPerPixel,DisplaySize,Connection>

              Note that the User  and  BitPerPixel  criteria  cannot  be  turned  off.  For  Xvnc
              connections, DisplaySize is always enabled as well.

SECURITY

       Following parameters can be used in the [Security] section.

       AllowRootLogin=[true|false]
              If set to 1, true or yes, enables root login on the terminal server.

       MaxLoginRetry=number
              The  number  of  login  attempts  that are allowed on terminal server. If set to 0,
              unlimited attempts are allowed. If not specified, defaults to 3.

       TerminalServerUsers=group
              Only the users belonging to the specified group are allowed to  login  on  terminal
              server. If unset or set to an invalid or non-existent group, login for all users is
              enabled.

       TerminalServerAdmins=group
              This option is currently ignored! Only members  of  this  group  can  have  session
              management rights.

       RestrictOutboundClipboard=[true|false]
              If  set to 1, true or yes, will restrict the clipboard outbound from the server, to
              prevent data copied inside the xrdp session to be be pasted  in  the  client  host.
              Default value is false.

       AlwaysGroupCheck=[true|false]
              If  set  to 1, true or yes, require group membership even if the group specified in
              TerminalServerUsers doesn't exist.

X11 SERVER

       Following parameters can be used in the [X11rdp], [Xvnc] and [Xorg] sections.

       param=string
              Multiple param lines are supported. This first line specifies the path to  the  X11
              server executable. Following lines specify command line arguments passed to the X11
              server.

CHANSRV

       Following parameters can be used in the [Chansrv] section.

       FuseMountName=string
              Directory for drive redirection, relative to the user home directory.   Created  if
              it doesn't exist. If not specified, defaults to xrdp_client.

       FileUmask=mode
              Additional  umask  to  apply  to files in the FuseMountName directory.  The default
              value of 077 prevents other  users  on  the  system  from  reading  files  on  your
              redirected  drives.  This may not be approprate for all environents, and so you can
              change this value to allow other users to access your remote files if required.

SESSIONS VARIABLES

       All entries in the [SessionVariables] section are set  as  environment  variables  in  the
       user's session.

FILES

       /etc/xrdp/sesman.ini