The kdm Handbook
The kdm Handbook
Next
 

The kdm Handbook

Oswald Buddenhagen

Conversion to British English: John Knight
Revision 0.05.02 (2003-03-01)

Copyright © 2000 Neal Crook

Copyright © 2002 Oswald Buddenhagen

Copyright © 2003 Lauri Watts

This document describes kdm the KDE Display Manager. kdm is also known as the “Login Manager”.

Table of Contents

1. Introduction
2. Quick Start Guide
3. The Login Window
4. Configuring kdm
The Login Manager KControl Module
Appearance
Font
Background
Shutdown
Users
Convenience
5. The Files kdm Uses for Configuration
kdmrc - The kdm master configuration file
The [General] section of kdmrc
The [Xdmcp] section of kdmrc
The [Shutdown] section of kdmrc
The [X-*-Core] section class of kdmrc
The [X-*-Greeter] section class of kdmrc
Specifying permanent X-Servers
XDMCP access control
Supplementary programs
Setup program
Startup program
Session program
Reset program
6. Configuring your system to use kdm
Setting up kdm
7. Supporting multiple window managers
8. Using kdm for Remote Logins (XDMCP)
9. Other sources of information
10. Credits and Licence
A. Building and Installing kdm
Glossary
Chapter 1. Introduction
Introduction
Prev
Next
 

Chapter 1. Introduction

kdm provides a graphical interface that allows you to log in to a system. It prompts for login (username) and password, authenticates the user and starts a “session”. kdm is superior to xdm, the X Display Manager, in a number of ways.

Prev
Next
Home
The kdm Handbook 
 Quick Start Guide
Up


Would you like to make a comment or contribute an update to this page?
Send feedback to the KDE Docs Team

Chapter 2. Quick Start Guide
Quick Start Guide
Prev
Next
 

Chapter 2. Quick Start Guide

This is a quick start guide for users who fit the following pattern:

  • X is configured and works with the command startx from the commandline.

  • Each user will generally only use a single window manager or desktop environment, and does not change this choice very often, or is comfortable editing a single text file in order to change their choice.

This scenario will be sufficient for many environments where a single user or several users normally boot the computer and log into their preferred environment.

Procedure 2.1. Setting up a Default Session

  1. Create or open the file ~/.xinitrc

    If you already have a working ~/.xinitrc, go to the next step

  2. If one does not already exist, add a line to the ~/.xinitrc to start your preferred window manager or desktop environment.

    For KDE you should enter:

    startkde

    For other window managers or desktop environments, you should look in their documentation for the correct command.

  3. Make a link as follows:

    ln -s ~/.xinitrc ~/.xsession

At this point, typing startx on the commandline should start X, with a KDE session. The next task is to try kdm.

As root, type kdm at the prompt.

You should see a login window, which is described more fully inChapter 3, The Login Window.

Typing your normal username and password in the fields provided, and leaving default selected as the session type should now open a KDE session for your user.

If you have other users to configure, you should repeat the procedure above for each of them.

Note

This is a quick guide to getting up and running only. You probably will want to customise kdm further, for example, to hide the names of the system accounts, to allow further sessions, and much more. Please read through the rest of this manual to find out how to do these things.

Prev
Next
Home
Introduction 
 The Login Window
Up


Would you like to make a comment or contribute an update to this page?
Send feedback to the KDE Docs Team

Chapter 3. The Login Window
The Login Window
Prev
Next
 

Chapter 3. The Login Window

The user interface to kdm consists of two dialogue boxes. The main dialogue box has these controls:

  • A Username: field for you to enter your username.

  • A Password: field for you to enter your password.

  • (Optionally) a graphical image of each user (for example, a digitised photograph). Clicking on an image is equivalent to typing the associated username into the Username: field. (This feature is an imitation of the login box on IRIX).

  • A Menu drop-down box that allows kdm to be used to start sessions with various different window managers or desktop environments installed on the system.

  • (Optionally) a region to the right of the Username:, Password: and Session Type: fields which can be used to display either a static image or an analogue clock.

  • A Login button that validates the username/password combination and attempts to start a session of the selected type.

  • A Clear button that clears the text from the Login and Pass fields.

  • (Optionally) A Shutdown button that displays the Shutdown dialogue box.

  • A Menu button that opens an action menu with the following items:

    • (On local displays) a Restart X Server item that terminates the currently running X-Server, starts a new one and displays the login dialogue again. You can use this if the display content seems to be broken somehow.

    • (On remote displays) A Close Connection item that closes the connection to the XDMCP server you are currently connected to. If you got to this server through a host chooser, this will bring you back to the chooser, otherwise it will only reset the X-Server and bring up the login dialogue again.

    • (Optionally on local displays) A Console Mode item that terminates the currently running X-Server and leaves you alone with a console login. kdm will resume the graphical login if nobody is logged in at the console for some time. To make this work, you need to use the local@<console> syntax in the Xservers file (see comments in that file).

  • (Optionally) A Shutdown... button that displays the shutdown dialogue box.

The Shutdown dialogue box presents a set of radio buttons that allow one of these options to be selected:

Shutdown

Shut the system down in a controlled manner, ready for power-down.

Restart

Shut the system down and reboot. For systems that use Lilo, an optional drop-down box allows you to select a particular operating-system kernel to be used for the reboot.

Restart X Server

Stop and then restart the X-server. Typically, you might need to use this option if you have changed your X11 configuration in some way.

Console Mode

Stop the X-Server and return the system to console mode. This is achieved by bringing the system down to run-level 3. Typically, the system manager might need to use this option before upgrading or re-configuring X11 software.

Pressing the OK button initiates the selected action; pressing the Cancel button returns to the main kdm dialogue box.

Prev
Next
Home
Quick Start Guide 
 Configuring kdm
Up


Would you like to make a comment or contribute an update to this page?
Send feedback to the KDE Docs Team

Chapter 4. Configuring kdm
Configuring kdm
Prev
Next
 

Chapter 4. Configuring kdm

This chapter assumes that kdm is already up and running on your system, and that you simply want to change its behaviour in some way.

When kdm starts up, it reads its configuration from the folder $KDEDIR/share/config/kdm/ (this may be /etc/kde3/kdm/ or something else on your system).

The main configuration file is kdmrc; all other files are referenced from there and could be stored under any name anywhere on the system - but usually that would not make much sense for obvious reasons (one particular exception is referencing configuration files of an already installed xdm - however when a new kdm is installed, it will import settings from those files if it finds an already installed xdm).

Since kdm must run before any user is logged in, it is not associated with any particular user. Therefore, it is not possible to have user-specific configuration files; all users share the common kdmrc. It follows from this that the configuration of kdm can only be altered by those users that have write access to $KDEDIR/share/config/kdm/kdmrc (normally restricted to system administrators logged in as root).

You can view the kdmrc file currently in use on your system, and you can configure kdm by editing this file. Alternatively, you can use the graphical configuration tool provided by the KDE Control Centre (under System Administration->Login Manager), which is described in the KControl help files.

The remainder of this chapter describes configuration of kdm via the KControl module, and the next chapter describes the options available in kdmrc itself. If you only need to configure for local users, the KControl module should be sufficient for your needs. If you need to configure remote logins, or have multiple kdm sessions running, you will need to read on.

The Login Manager KControl Module

Thomas Tanghus

Steffen Hansen

Mike McBride

Conversion to British English: John Knight

Using this module, you can configure the KDE graphical login manager, kdm. You can change how the login screen looks, who has access using the login manager and who can shutdown the computer.

Note

All settings will be written to the configuration file kdmrc, which in it's original state has many comments to help you configure kdm. Using this KControl module will strip these comments from the file. All available options in kdmrc are covered in Chapter 5, The Files kdm Uses for Configuration.

The options listed in this chapter are cross referenced with their equivalents in kdmrc. All options available in the KControl module are also available directly in kdmrc but the reverse is not true.

In order to organise all of these options, this module is divided into several sections: Appearance, Font, Background, Shutdown, Users and Convenience.

You can switch between the sections using the tabs at the top of the window.

Note

If you are not currently logged in as a superuser, you will need to click the Administrator Mode Button. You will then be asked for a superuser password. Entering a correct password will allow you to modify the settings of this module.

Appearance

From this page you can change the visual appearance of kdm, KDE's graphical login manager.

The Greeting: is the title of the login screen. Setting this is especially useful if you have many servers users may log in to. You may use various placeholders, which are described along with the corresponding key GreetString in kdmrc.

You can then choose to show either the current system time, a logo or nothing special in the login box. Make your choice in the radio buttons labelled Logo area:. This corresponds to LogoArea in kdmrc

If you chose Show logo you can now choose a logo:

  • Drop an image file on the image button.

  • Click on the image button and select a new image from the image chooser dialogue.

If you do not specify a logo the default $KDEDIR/share/apps/kdm/pics/kdelogo.xpm will be displayed.

Normally the login box is centred on the screen. Use the Position: options if you want it to appear elsewhere on the screen. You can specify the relative position (percentage of the screen size) for the centre of the login window, relative to the top left of the display, in the fields labelled X: and Y: respectively. These correspond to the key GreeterPos in kdmrc.

While KDE's style depends on the settings of the user logged in, the style used by kdm can be configured using the GUI Style: and Colour Scheme: options. These correspond to the keys GUIStyle and ColorScheme in kdmrc respectively.

Below that, you have a dropdown box to choose the language for your login box, corresponding to setting Language in kdmrc.

Font

From this section of the module you can change the fonts used in the login window. Only fonts available to all users are available here, not fonts you have installed on a per user basis.

You can select three different font styles from the drop down box (General:, Failures:, Greeting). When you click on the Choose... button a dialogue appears from which you can select the new characteristics for the font style.

  • The General: font is used in all other places in the login window.

  • The Failures: font is used when a login fails.

  • The Greeting: font is the font used for the title (Greeting String).

You can also check the box labelled Use anti-aliasing for fonts if you want smoothed fonts in the login dialogue.

An example of each font can be seen in the Example Box.

Background

Here you can change the desktop background which will be displayed before a user logs in. You can have a single colour or an image as a background. If you have an image as the background and select centre, the selected background colour will be used around the image if it is not large enough to cover the entire desktop.

The background colours and effects are controlled by the options on the tab labelled Background and you select a background image and its placement from the options on the tab labelled Wallpaper.

To change the default background colour(s) simply click either of the colour buttons and select a new colour.

The dropdown box above the colour buttons provides you with several different blend effects. Choose one from the list, and it will be previewed on the small monitor at the top of the window. Your choices are:

Flat

By choosing this mode, you select one colour (using the colour button labelled Colour 1), and the entire background is covered with this one colour.

Pattern

By choosing this mode, you select two colours (using both colour buttons).

You then select a pattern by clicking Setup. This opens a new dialogue window, which gives you the opportunity to select a pattern. Simply click once on the pattern of your choice, then click on OK, and KDE will render the pattern you selected using the two colours you selected. For more on patterns, see the section Background: Adding, Removing and Modifying Patterns.

Background Program

By selecting this option, you can have KDE use an external program to determine the background. This can be any program of your choosing. For more information on this option, see the section entitled Background: Using an external program.

Horizontal Gradient

By choosing this mode, you select two colours (using both colour buttons). KDE will then start with the colour selected by Colour 1 on the left edge of the screen, and slowly transform into the colour selected by Colour 2 by the time it gets to the right edge of the screen.

Vertical Gradient

By choosing this mode, you select two colours (using both colour buttons). KDE will then start with the colour selected by Colour 1 on the top edge of the screen, and slowly transform into the colour selected by Colour 2 as it moves to the bottom of the screen.

Pyramid Gradient

By choosing this mode, you select two colours (using both colour buttons). KDE will then start with the colour selected by Colour 1 in each corner of the screen, and slowly transform into the colour selected by Colour 2 as it moves to the centre of the screen.

Pipecross Gradient

By choosing this mode, you select two colours (using both colour buttons). KDE will then start with the colour selected by Colour 1 in each corner of the screen, and slowly transform into the colour selected by Colour 2 as it moves to the centre of the screen. The “shape” of this gradient is different then the pyramid gradient.

Elliptic Gradient

By choosing this mode, you select two colours (using both colour buttons). KDE will then start with the colour selected by Colour 2 in the centre of the screen, and slowly transform into the colour selected by Colour 1 as it moves to the edges, in an elliptical pattern.

The setup button is only needed for if you select Background program or Patterns. In these instances, another window will appear to configure the specifics.

Wallpaper

To select a new background image first, click on the Wallpapers tab, then you can either select an image from the drop-down list labelled Wallpaper or select Browse... and select an image file from a file selector.

The image can be displayed in six different ways:

No wallpaper

No image is displayed. Just the background colours.

Centred

The image will be centred on the screen. The background colours will be present anywhere the image does not cover.

Tiled

The image will be duplicated until it fills the entire desktop. The first image will be placed in the upper left corner of the screen, and duplicated downward and to the right.

Centre Tiled

The image will be duplicated until it fills the entire desktop. The first image will be placed in the centre of the screen, and duplicated upwards, downwards to the right, and to the left.

Centred Maxpect

The image will be placed in the centre of the screen. It will be scaled to fit the desktop, but it will not change the aspect ratio of the original image. This will provide you with an image that is not distorted.

Scaled

The image will be scaled to fit the desktop. It will be stretched to fit all four corners.

Shutdown

Allow Shutdown

Use these dropdown box to choose who is allowed to shut down:

  • Nobody: No one can shutdown the computer using kdm. You must be logged in, and execute a command.

  • Everybody: Everyone can shutdown the computer using kdm.

  • Only Root: kdm requires that the root password be entered before shutting down the computer.

You can independently configure who is allowed to issue a shutdown command for the Local: and Remote: users.

Commands

Use these text fields to define the exact shutdown command.

The Halt: command defaults to /sbin/halt. The restart command defaults to /sbin/reboot.

When Show boot options is enabled, kdm will on reboot offer you options for the lilo boot manager. For this feature to work, you will need to supply the correct paths to your lilo command and to lilo's map file.

Session types

Define which session types should be accessible from the login window.

For more information on this subject, look at /etc/X11/xdm/Xsession to find your xdm setup files. Also review the xdm man pages, especially under the SESSION PROGRAM section.

To add a session, type its name in the blank entitled New types, and click Add new.

To remove a session, select the session from the list and click Remove.

Users

From here you can change the way users are represented in the login window.

You may disable the user list in kdm entirely in the Show Users section. You can choose from:

None

Do not show any users. This is the most secure setting, since an attacker would then have to guess a valid login name as well as a password. It's also the preferred option if you have more than a handful of users to list, or the list itself would become unwieldy.

Selected only

Only show users you have specifically enabled.

Not hidden

Allows you to select a list of users that should not be shown, and all other users will be listed.

Independently of the users you specify by name, you can use the System UIDs to specify a range of valid UIDs that are shown in the list. By default user id's under 1000, which are often system or daemon users, and user id's over 65000, are not shown.

You can also enable the Sort users checkbox, to have the user list sorted alphabetically. If this is disabled, users will appear in the order they are listed in the password file.

If you choose to show users, then the login window will show images (which you select), of a list of users. When someone is ready to login, they may select their user name/image, enter their password, and they are granted access.

If you permit a user image, then you can configure the source for those images.

The available options for the User Image Source are:

You can configure the admin picture here, for each user on the system. Depending on the order selected above, users may be able to override your selection.

If you choose not to show users, then the login window will be more traditional. Users will need to type their username and password to gain entrance. This is the preferred way if you have many users on this terminal.

To show (and sort) or not to show users

Along the right edge of the window are two check boxes:

If Show users is selected you have chosen to show images of users, instead of making them type their login name.

If Sort users is selected, then the list of users will be sorted alphabetically in the login window. If unchecked, users will be listed in the same order as they are on this page. If Show users is not checked, this has no effect.

How to determine which users to show and which users to hide

Below the user image box, and above the Show users check box, is a set of two radio buttions:

  • Show only selected users: If this option is selected, only the users contained in the list labelled Selected Users, will be displayed in the login window. If Show users is not checked, this has no effect.

  • Show all users but no-show users: If this option is selected, all users will be listed, except those users contained in the list entitled No show users. If Show users is not checked, this has no effect.

Select users

This page contains three listboxes. The large listbox on the left shows all the users on the system which might be a genuine user.

The top rightmost listbox shows the selected users and the bottom rightmost listbox shows the users we do not want displayed in the login window.

To move a user from one listbox to another you click on the username in the listbox and click >> to move the user from the leftmost box the the rightmost box or << to move the user from the rightmost box to the leftmost box.

Images

Note

This section of the manual only applies if Show users is selected. If it is not, this image box has no effect.

Every user on the system can be represented by an image. The image for each user is kept in a file called $KDEDIR/share/apps/kdm/pics/users/$USER.xpm. If there is no such file for a particular user, the file $KDEDIR/share/apps/kdm/pics/users/default.xpm will be used instead.

To assign a new image to a user just select the user in one of the listboxes and either drop an imagefile on the image button to the right or click on the image button and select a new image from the image selector.

If no user is currently selected you will be asked if you want to change the default image.

The replacement is performed by a Konqueror process so if the imagefile already exists you will be prompted by Konqueror if you want to replace it. If you confirm the image will be replaced - you will NOT have to press the Apply button.

Convenience

In the convenience tab you can configure some options that make life easier for lazy people, like automatic login or disabling passwords.

Important

Please think more than twice before using these options. Every option in the Convenience tab is well-suited to seriously compromise your system security. Practically, these options are only to be used in a completely non-critical environment, e.g. a private computer at home.

Automatic Login

Automatic login will give anyone access to a certain account on your system without doing any authentication. You can enable it using the option Enable auto-login.

You can choose the account to be used for automatic login from the list labelled User:.

Password-Less Login

Using this feature, you can allow certain users to login without having to provide their password. Enable this feature using the Enable password-less logins option.

Below this option you'll see a list of users on the system. Enable password-less login for specific users by checking the checkbox next to the login names. By default, this feature is disabled for all users.

Important

Again, this option should only be used in a safe environment. If you enable it on a rather public system you should take care that only users with heavy access restrictions are granted password-less login, e.g. guest.

The Automatically login after X server crash option allows you to skip the authentication procedure when your X server accidentally crashed.

You can also choose which user is “preselected” when kdm starts. The default is None, but you can choose Previous to have kdm default to the last successfully logged in user, or you can Specify a particular user to always be selected from the list. You can also have kdm set the focus to the password field, so that when you reach the kdm login screen, you can type the password immediately.

Prev
Next
Home
The Login Window 
 The Files kdm Uses for Configuration
Up


Would you like to make a comment or contribute an update to this page?
Send feedback to the KDE Docs Team

Chapter 5. The Files kdm Uses for Configuration
The Files kdm Uses for Configuration
Prev
Next
 

Chapter 5. The Files kdm Uses for Configuration

This chapter documents the files that control kdm's behaviour. Some of this can be also controlled from the KControl module, but not all.

kdmrc - The kdm master configuration file

The basic format of the file is “INI-like”. Options are key/value pairs, placed in sections. Everything in the file is case sensitive. Syntactic errors and unrecognised key/section identifiers cause kdm to issue non-fatal error messages.

Lines beginning with # are comments; empty lines are ignored as well.

Sections are denoted by [Name of Section].

You can configure every X-display individually.

Every display has a display name, which consists of a host name (which is empty for local displays specified in the Xservers file), a colon and a display number. Additionally, a display belongs to a display class (which can be ignored in most cases).

Sections with display-specific settings have the formal syntax [X- host [ : number [ _ class ] ] - sub-section ]

All sections with the same sub-section make up a section class.

You can use the * wildcard for host, number and class. You may omit trailing components; they are assumed to be * then. The host part may be a domain specification like .inf.tu-dresden.de.

From which section a setting is actually taken is determined by these rules:

  • An exact match takes precedence over a partial match (for the host part), which in turn takes precedence over a wildcard.

  • Precedence decreases from left to right for equally exact matches.

  • Example: display name “myhost:0”, class “dpy

    • [X-myhost:0_dpy] precedes

    • [X-myhost:0_*] (same as [X-myhost:0]) precedes

    • [X-myhost:*_dpy] precedes

    • [X-myhost:*_*] (same as [X-myhost]) precedes

    • [X-*:0_dpy] precedes

    • [X-*:0_*] (same as [X-*:0]) precedes

    • [X-*:*_*] (same as [X-*]).

    • These sections do not match this display:

      [X-hishost], [X-myhost:0_dec], [X-*:1], [X-:*]

Common sections are [X-*] (all displays), [X-:*] (all local displays) and [X-:0] (the first local display).

The format for all keys is key = value. Keys are only valid in the section class they are defined for. Some keys do not apply to particular displays, in which case they are ignored.

If a setting is not found in any matching section, the default is used.

Note

A pristine kdmrc is very thoroughly commented. All comments will be lost if you change this file with the kcontrol frontend.

The [General] section of kdmrc

This section contains global options that do not fit into any specific section.

ConfigVersion

This option exists solely for the purpose of clean automatic upgrades. Do not change it, you may interfere with future upgrades and this could result in kdm failing to run.

Xservers

If the value starts with a slash (/), it specifies a file to read X-Server definitions from; otherwise, it is an X-Server definition by itself. See the section called “Specifying permanent X-Servers” for the details.

The default is an X-Server definition that is usually reasonable for the system on which kdm was built.

ServerVTs

List of Virtual Terminals to allocate to X-Servers. For negative numbers the absolute value is used, and the VT will be allocated only if the kernel says it is free. If kdm exhausts this list, it will allocate free VTs greater than the absolute value of the last entry in this list.

Empty by default.

PidFile

The filename specified will be created to contain an ASCII representation of the process ID of the main kdm process; the PID will not be stored if the filename is empty.

Empty by default.

LockPidFile

This option controls whether kdm uses file locking to keep multiple display managers from running onto each other.

The default is “true”.

AuthDir

This names a directory under which kdm stores X-Server authorisation files while initialising the session. kdm expects the system to clean up this directory from stale files on reboot.

The authorisation file to be used for a particular display can be specified with the AuthFile option in [X-*-Core].

The default is “/var/run/xauth”.

AutoRescan

This boolean controls whether kdm automatically re-reads its configuration files if it finds them to have changed.

The default is “true”.

ExportList

Additional environment variables kdm should pass on to all programs it runs. LD_LIBRARY_PATH and XCURSOR_THEME are good candidates; otherwise, it should not be necessary very often.

Empty by default.

RandomFile

If the system has no native entropy source like /dev/urandom (see RandomDevice) and no entropy daemon like EGD (see PrngdSocket and PrngdPort) is running, kdm will fall back to its own pseudo-random number generator that will, among other things, successively checksum parts of this file (which, obviously, should change frequently).

This option does not exist on Linux and various BSDs.

The default is “/dev/mem”.

PrngdSocket

If the system has no native entropy source like /dev/urandom (see RandomDevice), read random data from a Pseudo-Random Number Generator Daemon, like EGD (http://egd.sourceforge.net) via this UNIX domain socket.

This option does not exist on Linux and various BSDs.

Empty by default.

PrngdPort

Same as PrngdSocket, only use a TCP socket on localhost.

RandomDevice

The path to a character device which KDM should read random data from. Empty means to use the system's preferred entropy device if there is one.

This option does not exist on OpenBSD, as it uses the arc4_random function instead.

Empty by default.

FifoDir

The directory in which the command FiFos should be created; make it empty to disable them.

The default is “/var/run/xdmctl”.

FifoGroup

The group to which the global command FiFo should belong; can be either a name or a numerical ID.

DataDir

The directory in which kdm should store persistent working data; such data is, for example, the previous user that logged in on a particular display.

The default is “/var/lib/kdm”.

DmrcDir

The directory in which kdm should store users' .dmrc files. This is only needed if the home directories are not readable before actually logging in (like with AFS).

Empty by default.

The [Xdmcp] section of kdmrc

This section contains options that control kdm's handling of XDMCP requests.

Enable

Whether kdm should listen to incoming XDMCP requests.

The default is “true”.

Port

This indicates the UDP port number which kdm uses to listen for incoming XDMCP requests. Unless you need to debug the system, leave this with its default value.

The default is “177”.

KeyFile

XDM-AUTHENTICATION-1 style XDMCP authentication requires a private key to be shared between kdm and the terminal. This option specifies the file containing those values. Each entry in the file consists of a display name and the shared key.

Empty by default.

Xaccess

To prevent unauthorised XDMCP service and to allow forwarding of XDMCP IndirectQuery requests, this file contains a database of hostnames which are either allowed direct access to this machine, or have a list of hosts to which queries should be forwarded to. The format of this file is described in the section called “XDMCP access control”.

The default is “${kde_confdir}/kdm/Xaccess”.

ChoiceTimeout

Number of seconds to wait for the display to respond after the user has selected a host from the chooser. If the display sends an XDMCP IndirectQuery within this time, the request is forwarded to the chosen host; otherwise, it is assumed to be from a new session and the chooser is offered again.

The default is “15”.

RemoveDomainname

When computing the display name for XDMCP clients, the name resolver will typically create a fully qualified host name for the terminal. As this is sometimes confusing, kdm will remove the domain name portion of the host name if it is the same as the domain name of the local host when this option is enabled.

The default is “true”.

SourceAddress

Use the numeric IP address of the incoming connection on multihomed hosts instead of the host name. This is to avoid trying to connect on the wrong interface which might be down at this time.

The default is “false”.

Willing

This specifies a program which is run (as root) when an XDMCP DirectQuery or BroadcastQuery is received and this host is configured to offer XDMCP display management. The output of this program may be displayed in a chooser window. If no program is specified, the string “Willing to manage” is sent.

Empty by default.

The [Shutdown] section of kdmrc

This section contains global options concerning system shutdown.

HaltCmd

The command to run to halt/poweroff the system.

The default is something reasonable for the system on which kdm was built, like /sbin/shutdown -h now.

RebootCmd

The command to run to reboot the system.

The default is something reasonable for the system kdm on which was built, like /sbin/shutdown -r now.

AllowFifo

Whether it is allowed to shut down the system via the global command FiFo.

The default is “false”.

AllowFifoNow

Whether it is allowed to abort active sessions when shutting down the system via the global command FiFo.

This will have no effect unless AllowFifo is enabled.

The default is “true”.

UseLilo

Instructs kdm to offer LiLo boot options in the shutdown dialogue.

Only available on Linux i386 & x86-64.

The default is “false”.

LiloCmd

The location of the LiLo binary.

Only available on Linux i386 & x86-64.

The default is “/sbin/lilo”.

LiloMap

The location of the map file LiLo should use.

Only available on Linux i386 & x86-64.

The default is “/boot/map”.

The [X-*-Core] section class of kdmrc

This section class contains options concerning the configuration of the kdm backend (core).

OpenDelay

See OpenRepeat.

The default is “15”.

OpenTimeout

See OpenRepeat.

The default is “120”.

OpenRepeat

These options control the behaviour of kdm when attempting to open a connection to an X-Server. OpenDelay is the length of the pause (in seconds) between successive attempts, OpenRepeat is the number of attempts to make and OpenTimeout is the amount of time to spend on a connection attempt. After OpenRepeat attempts have been made, or if OpenTimeout seconds elapse in any particular connection attempt, the start attempt is considered failed.

The default is “5”.

StartAttempts

How many times kdm should attempt to start a foreign display listed in the Xservers file before giving up and disabling it. Local displays are attempted only once, and XDMCP displays are retried indefinitely by the client (unless the option -once was given to the X-Server).

The default is “4”.

ServerAttempts

How many times kdm should attempt to start up a local X-Server. Starting up includes executing it and waiting for it to come up.

The default is “1”.

ServerTimeout

How many seconds kdm should wait for a local X-Server to come up.

The default is “15”.

PingInterval

See PingTimeout.

The default is “5”.

PingTimeout

To discover when remote displays disappear, kdm regularly pings them. PingInterval specifies the time (in minutes) between the pings and PingTimeout specifies the maximum amount of time (in minutes) to wait for the terminal to respond to the request. If the terminal does not respond, the session is declared dead and terminated.

If you frequently use X terminals which can become isolated from the managing host, you may wish to increase the timeout. The only worry is that sessions will continue to exist after the terminal has been accidentally disabled.

The default is “5”.

TerminateServer

Whether kdm should restart the local X-Server after session exit instead of resetting it. Use this if the X-Server leaks memory or crashes the system on reset attempts.

The default is “false”.

ResetSignal

The signal number to use to reset the local X-Server.

The default is “1 (SIGHUP)”.

TermSignal

The signal number to use to terminate the local X-Server.

The default is “15 (SIGTERM)”.

Authorise

Controls whether kdm generates and uses authorisation for local X-Server connections. For XDMCP displays the authorisation requested by the display is used; foreign non-XDMCP displays do not support authorisation at all.

The default is “true”.

AuthNames

If Authorize is true, use the authorisation mechanisms listed herein. The MIT-MAGIC-COOKIE-1 authorisation is always available; XDM-AUTHORIZATION-1, SUN-DES-1 and MIT-KERBEROS-5 might be available as well, depending on the build configuration.

The default is “DEF_AUTH_NAME”.

ResetForAuth

Some old X-Servers re-read the authorisation file at X-Server reset time, instead of when checking the initial connection. As kdm generates the authorisation information just before connecting to the display, an old X-Server would not get up-to-date authorisation information. This option causes kdm to send SIGHUP to the X-Server after setting up the file, causing an additional X-Server reset to occur, during which time the new authorisation information will be read.

The default is “false”.

AuthFile

This file is used to communicate the authorisation data from kdm to the X-Server, using the -auth X-Server command line option. It should be kept in a directory which is not world-writable as it could easily be removed, disabling the authorisation mechanism in the X-Server. If not specified, a random name is generated from AuthDir and the name of the display.

Empty by default.

Resources

This option specifies the name of the file to be loaded by xrdb as the resource database onto the root window of screen 0 of the display. KDE programs generally do not use X-resources, so this option is only needed if the Setup program needs some X-resources.

Empty by default.

Xrdb

The xrdb program to use to read the X-resources file specified in Recources.

The default is “${x_bindir}/xrdb”.

Setup

This specifies a program which is run (as root) before offering the greeter window. This may be used to change the appearance of the screen around the greeter window or to put up other windows (e.g., you may want to run xconsole here). The conventional name for a file used here is Xsetup. See the section called “Setup program”.

Empty by default.

Startup

This specifies a program which is run (as root) after the user authentication process succeeds. The conventional name for a file used here is Xstartup. See the section called “Startup program”.

Empty by default.

Reset

This specifies a program which is run (as root) after the session terminates. The conventional name for a file used here is Xreset. See the section called “Reset program”.

Empty by default.

Session

This specifies the session program to be executed (as the user owning the session). The conventional name for a file used here is Xsession. See the section called “Session program”.

The default is “${x_bindir}/xterm -ls -T”.

FailsafeClient

If the Session program fails to execute, kdm will fall back to this program. This program is executed with no arguments, but executes using the same environment variables as the session would have had (see the section called “Session program”).

The default is “${x_bindir}/xterm”.

UserPath

The PATH environment variable for non-root Sessions.

The default depends on the system kdm was built on.

SystemPath

The PATH environment variable for all programs but non-root Sessions. Note that it is good practice not to include . (the current directory) into this entry.

The default depends on the system kdm was built on.

SystemShell

The SHELL environment variable for all programs but the Session.

The default is “/bin/sh”.

UserAuthDir

When kdm is unable to write to the usual user authorisation file ($HOME/.Xauthority), it creates a unique file name in this directory and points the environment variable XAUTHORITY at the created file.

The default is “/tmp”.

AutoReLogin

If enabled, kdm will automatically restart a session after an X-Server crash (or if it is killed by Alt-Ctrl-BackSpace). Note that enabling this feature opens a security hole: a secured display lock can be circumvented (unless KDE's built-in screen locker is used).

The default is “false”.

AllowRootLogin

If disabled, do not allow root (and any other user with UID = 0) to log in directly.

The default is “true”.

AllowNullPasswd

If disabled, only users that have passwords assigned can log in.

The default is “true”.

AllowShutdown

Who is allowed to shut down the system. This applies both to the greeter and to the command FiFo.

None

no Shutdown... menu entry is shown at all

Root

the root password must be entered to shut down

All

everybody can shut down the machine

The default is “All”.

AllowSdForceNow

Who is allowed to abort active sessions when shutting down.

None

no forced shutdown is allowed at all

Root

the root password must be entered to shut down forcibly

All

everybody can shut down the machine forcibly

The default is “All”.

DefaultSdMode

The default choice for the shutdown condition/timing.

Schedule

shut down after all active sessions exit (possibly at once)

TryNow

shut down, if no active sessions are open; otherwise, do nothing

ForceNow

shut down unconditionally

The default is “Schedule”.

ScheduledSd

How to offer shutdown scheduling options:

Never

not at all

Optional

as a button in the simple shutdown dialogues

Always

instead of the simple shutdown dialogues

The default is “Never”.

NoPassEnable

Enable password-less logins on this display. Use with extreme care!

The default is “false”.

NoPassUsers

The users that do not need to provide a password to log in. Items which are prefixed with @ represent all users in the user group named by that item. * means all users but root (and any other user with UID = 0). Never list root.

Empty by default.

AutoLoginEnable

Enable automatic login. Use with extreme care!

The default is “false”.

AutoLoginUser

The user to log in automatically. Never specify root!

Empty by default.

AutoLoginPass

The password for the user to log in automatically. This is not required unless the user is logged into a NIS or Kerberos domain. If you use this option, you should chmod 600 kdmrc for obvious reasons.

Empty by default.

SessionsDirs

A list of directories containing session type definitions.

The default is “${kde_datadir}/kdm/sessions”.

ClientLogFile

The file (relative to the user's home directory) to redirect the session output to. One occurrence of %s in this string will be substituted with the display name. Use %% to obtain a literal %.

The default is “.xsession-errors”.

The [X-*-Greeter] section class of kdmrc

This section class contains options concerning the configuration of the kdm frontend (greeter).

GUIStyle

Specify the widget style for the greeter. Empty means to use the built-in default which currently is Keramik.

Empty by default.

ColorScheme

Specify the widget colour scheme for the greeter. Empty means to use the built-in default which currently is yellowish grey with some light blue and yellow elements.

Empty by default.

LogoArea

What should be shown in the greeter righthand of the input lines (if UserList is disabled) or above them (if UserList is enabled):

None

nothing

Logo

the image specified by LogoPixmap

Clock

a neat analogue clock

The default is “Clock”.

LogoPixmap

The image to show in the greeter if LogoArea is Logo.

Empty by default.

GreeterPos

The relative coordinates (percentages of the screen size; X,Y) at which the centre of the greeter is put. kdm aligns the greeter to the edges of the screen it would cross otherwise.

The default is “50,50”.

GreeterScreen

The screen the greeter should be displayed on in multi-headed and Xinerama setups. The numbering starts with 0. For Xinerama, it corresponds to the listing order in the active ServerLayout section of XF86Config; -1 means to use the upper-left screen, -2 means to use the upper-right screen.

GreetString

The headline in the greeter. An empty greeting means none at all.

The following character pairs are replaced by their value:

%d

name of the current display

%h

local host name, possibly with the domain name

%n

local node name, most probably the host name without the domain name

%s

operating system

%r

operating system version

%m

machine (hardware) type

%%

a single %

The default is “Welcome to %s at %n”.

GreetFont

The font for the greeter headline.

The default is “charter,24,bold”.

StdFont

The normal font used in the greeter.

The default is “helvetica,12”.

FailFont

The font used for the “Login Failed” message.

The default is “helvetica,12,bold”.

AntiAliasing

Whether the fonts used in the greeter should be antialiased.

The default is “false”.

NumLock

What to do with the Num Lock modifier for the time the greeter is running:

Off

turn off

On

turn on

Keep

do not change the state

The default is “Keep”.

Language

Language and locale to use in the greeter, encoded like $LC_LANG.

The default is “en_US”.

UserCompletion

Enable autocompletion in the username line edit.

The default is “false”.

UserList

Show a user list with unix login names, real names and images in the greeter.

The default is “true”.

ShowUsers

This option controls which users will be shown in the user view (UserList) and/or offered for autocompletion (UserCompletion). If it is Selected, SelectedUsers contains the final list of users. If it is NotHidden, the initial user list are all users found on the system. Users contained in HiddenUsers are removed from the list, just like all users with a UID greater than specified in MaxShowUID and users with a non-zero UID less than specified in MinShowUID. Items in SelectedUsers and HiddenUsers which are prefixed with @ represent all users in the user group named by that item. Finally, the user list will be sorted alphabetically, if SortUsers is enabled.

The default is “NotHidden”.

SelectedUsers

See ShowUsers.

Empty by default.

HiddenUsers

See ShowUsers.

Empty by default.

MinShowUID

See ShowUsers.

MaxShowUID

See ShowUsers.

The default is “65535”.

SortUsers

See ShowUsers.

The default is “true”.

FaceSource

If UserList is enabled, this specifies where kdm gets the images from:

AdminOnly

from <FaceDir>/$USER.face[.icon]

PreferAdmin

prefer <FaceDir>, fallback on $HOME

PreferUser

... and the other way round

UserOnly

from the user's $HOME/.face[.icon]

The images can be in any format Qt recognises, but the filename must match kdm's expectations: .face.icon should be a 48x48 icon, while .face should be a 300x300 image. Currently the big image is used only as a fallback and is scaled down, but in the future it might be displayed full-size in the logo area or a tooltip.

The default is “AdminOnly”.

FaceDir

See FaceSource.

The default is “${kde_datadir}/kdm/faces”.

PreselectUser

Specify, if/which user should be preselected for log in:

None

do not preselect any user

Previous

the user which successfully logged in last time

Default

the user specified in the DefaultUser option

If FocusPasswd is enabled and a user was preselected, the cursor is placed in the password input field automatically.

Note

Enabling user preselection can be considered a security hole, as it presents a valid login name to a potential attacker, so he “only” needs to guess the password. On the other hand, one could set DefaultUser to a fake login name.

The default is “None”.

DefaultUser

See PreselectUser.

Empty by default.

FocusPasswd

See PreselectUser.

The default is “false”.

EchoMode

The password input fields cloak the typed in text. Specify, how to do it:

OneStar

* is shown for every typed letter

ThreeStars

*** is shown for every typed letter

NoEcho

nothing is shown at all, the cursor does not move

The default is “OneStar”.

UseBackground

If enabled, kdm will automatically start the krootimage program to set up the background; otherwise, the Setup program is responsible for the background.

The default is “true”.

BackgroundCfg

The configuration file to be used by krootimage. It contains a section named [Desktop0] like kdesktoprc does. Its options are not described herein; guess their meanings or use the control centre.

The default is “${kde_confdir}/kdm/backgroundrc”.

GrabServer

To improve security, the greeter grabs the X-Server and then the keyboard when it starts up. This option specifies if the X-Server grab should be held for the duration of the name/password reading. When disabled, the X-Server is ungrabbed after the keyboard grab succeeds; otherwise, the X-Server is grabbed until just before the session begins.

Note

Enabling this option disables UseBackground and Setup.

The default is “false”.

GrabTimeout

This option specifies the maximum time kdm will wait for the grabs to succeed. A grab may fail if some other X-client has the X-Server or the keyboard grabbed, or possibly if the network latencies are very high. You should be cautious when raising the timeout, as a user can be spoofed by a look-alike window on the display. If a grab fails, kdm kills and restarts the X-Server (if possible) and the session.

The default is “3”.

AuthComplain

Warn, if a display has no X-authorisation. This will be the case if

  • the authorisation file for a local X-Server could not be created,

  • a remote display from XDMCP did not request any authorisation or

  • the display is a foreign display from the Xservers file.

The default is “true”.

LoginMode

Specify whether the greeter of local displays should start up in host chooser (remote) or login (local) mode and whether it is allowed to switch to the other mode.

LocalOnly

only local login possible

DefaultLocal

start up in local mode, but allow switching to remote mode

DefaultRemote

... and the other way round

RemoteOnly

only choice of remote host possible

The default is “LocalOnly”.

ChooserHosts

A list of hosts to be automatically added to the remote login menu. The special name * means broadcast. Has no effect if LoginMode is LocalOnly.

The default is “*”.

ForgingSeed

Use this number as a random seed when forging saved session types, etc. of unknown users. This is used to avoid telling an attacker about existing users by reverse conclusion. This value should be random but constant across the login domain.

ShowLog

Enable kdm's built-in xconsole. Note that this can be enabled for only one display at a time. This option is available only if kdm was configured with --enable-kdm-xconsole.

The default is “false”.

LogSource

The data source for kdm's built-in xconsole. If empty, a console log redirection is requested from /dev/console. Has no effect if ShowLog is disabled.

Empty by default.

PluginsLogin

Specify conversation plugins for the login dialogue; the first in the list is selected initially. Each plugin can be specified as a base name (which expands to $kde_modulesdir/kgreet_base) or as a full pathname.

Conversation plugins are modules for the greeter which obtain authentication data from the user. Currently only the classic plugin is shipped with KDE; it presents the well-known username and password form.

The default is “classic”.

PluginsShutdown

Same as PluginsLogin, but for the shutdown dialogue.

The default is “classic”.

PluginOptions

A list of options of the form Key=Value. The conversation plugins can query these settings; it is up to them what possible keys are.

Empty by default.

AllowConsole

Show the Console Login action in the greeter. For this to work, a console must be configured for this particular display, see the section called “Specifying permanent X-Servers”.

The default is “true”.

AllowClose

Show the Restart X Server/Close Connection action in the greeter.

The default is “true”.

Preloader

A program to run while the greeter is visible. It is supposed to preload as much as possible of the session that is going to be started (most probably).

Empty by default.

Specifying permanent X-Servers
Specifying permanent X-Servers
The Files kdm Uses for Configuration

Specifying permanent X-Servers

Each specification indicates a display which should constantly be managed and which is not using XDMCP. This method is typically used only for local X-Servers that are started by kdm, but kdm can manage externally started (“foreign”) X-Servers as well, may they run on the local machine or rather remotely.

The formal syntax of a specification is 

display name [display classlocal[@tty] [reserveserver command
for own X-Servers and 
display name [display classforeign
for foreign X-Servers.

The display name must be something that can be passed in the -display option to an X program. This string is used to generate the display-specific section names, so be careful to match the names. The display name of XDMCP displays is derived from the display's address by reverse host name resolution. For configuration purposes, the localhost prefix from locally running XDMCP displays is not stripped to make them distinguishable from local X-Servers started by kdm.

The display class portion is also used in the display-specific sections. This is useful if you have a large collection of similar displays (such as a corral of X terminals) and would like to set options for groups of them. When using XDMCP, the display is required to specify the display class, so the manual for your particular X terminal should document the display class string for your device. If it does not, you can run kdm in debug mode and grep the log for “class”.

The tty specifies which text console an X-Server is “covering”, so kdm knows which console it should monitor for activity after switching to Console login to find out when the console session ends. Note that this concept (originating from Solaris) is not perfectly suited for Linux, as there X-Servers run on separate virtual terminals and consequently do not actually cover consoles (gettys).

The reserve keyword instructs kdm to start the display not when kdm starts up, but when it is explicitly requested via the command FiFo. If reserve displays are specified, the KDE menu will have a Start New Session item near the bottom; use that to activate a reserve display with a new login session. The monitor will switch to the new display, and you will have a minute to login. If there are no more reserve displays available, selecting the menu item will have no effect.

The server command specifies the complete X-Server command line, including a display number for secondary displays. When kdm starts a session, it sets up authorisation data for the X-Server. For local servers, kdm passes -auth filename on the X-Server's command line to point it at its authorisation data. For XDMCP displays, kdm passes the authorisation data to the X-Server via the “AcceptXDMCP message.

The Files kdm Uses for Configuration 
 XDMCP access control
Up


Would you like to make a comment or contribute an update to this page?
Send feedback to the KDE Docs Team

XDMCP access control
XDMCP access control
The Files kdm Uses for Configuration

XDMCP access control

The file specified by the AccessFile option provides information which kdm uses to control access from displays requesting service via XDMCP. The file contains four types of entries: entries which control the response to “Direct” and “Broadcast” queries, entries which control the response to “Indirect” queries, macro definitions for “Indirect” entries and entries which control on which network interfaces kdm listens for XDMCP queries. Blank lines are ignored, # is treated as a comment delimiter causing the rest of that line to be ignored and \ causes an immediately following newline to be ignored, allowing indirect host lists to span multiple lines.

The format of the “Direct” entries is simple, either a host name or a pattern, which is compared against the host name of the display device. Patterns are distinguished from host names by the inclusion of one or more meta characters; * matches any sequence of 0 or more characters, and ? matches any single character. If the entry is a host name, all comparisons are done using network addresses, so any name which converts to the correct network address may be used. Note that only the first network address returned for a host name is used. For patterns, only canonical host names are used in the comparison, so ensure that you do not attempt to match aliases. Host names from XDMCP queries always contain the local domain name even if the reverse lookup returns a short name, so you can use patterns for the local domain. Preceding the entry with a ! character causes hosts which match that entry to be excluded. To only respond to “Direct” queries for a host or pattern, it can be followed by the optional NOBROADCAST keyword. This can be used to prevent a kdm server from appearing on menus based on “Broadcast” queries.

An “Indirect” entry also contains a host name or pattern, but follows it with a list of host names or macros to which the queries should be forwarded. “Indirect” entries can be excluding as well, in which case a (valid) dummy host name must be supplied to make the entry distinguishable from a “Direct” entry. If compiled with IPv6 support, multicast address groups may also be included in the list of addresses the queries are forwarded to. If the indirect host list contains the keyword CHOOSER, “Indirect” queries are not forwarded, but instead a host chooser dialogue is displayed by kdm. The chooser will send a “Direct” query to each of the remaining host names in the list and offer a menu of all the hosts that respond. The host list may contain the keyword BROADCAST, to make the chooser send a “Broadcast” query as well; note that on some operating systems, UDP packets cannot be broadcast, so this feature will not work.

When checking access for a particular display host, each entry is scanned in turn and the first matching entry determines the response. “Direct” and “Broadcast” entries are ignored when scanning for an “Indirect” entry and vice-versa.

A macro definition contains a macro name and a list of host names and other macros that the macro expands to. To distinguish macros from hostnames, macro names start with a % character.

The last entry type is the LISTEN directive. The formal syntax is 

 LISTEN [interface [multicast list]]
If one or more LISTEN lines are specified, kdm listens for XDMCP requests only on the specified interfaces. interface may be a hostname or IP address representing a network interface on this machine, or the wildcard * to represent all available network interfaces. If multicast group addresses are listed on a LISTEN line, kdm joins the multicast groups on the given interface. For IPv6 multicasts, the IANA has assigned ff0X:0:0:0:0:0:0:12b as the permanently assigned range of multicast addresses for XDMCP. The X in the prefix may be replaced by any valid scope identifier, such as 1 for Node-Local, 2 for Link-Local, 5 for Site-Local, and so on (see IETF RFC 2373 or its replacement for further details and scope definitions). kdm defaults to listening on the Link-Local scope address ff02:0:0:0:0:0:0:12b to most closely match the IPv4 subnet broadcast behavior. If no LISTEN lines are given, kdm listens on all interfaces and joins the default XDMCP IPv6 multicast group (when compiled with IPv6 support). To disable listening for XDMCP requests altogether, a LISTEN line with no addresses may be specified, but using the [Xdmcp] Enable option is preferred.

Specifying permanent X-Server
 Supplementary programs
Up


Would you like to make a comment or contribute an update to this page?
Send feedback to the KDE Docs Team

Supplementary programs
Supplementary programs
The Files kdm Uses for Configuration

Supplementary programs

The following programs are run by kdm at various stages of a session. They typically are shell scripts.

The Setup, Startup and Reset programs are run as root, so they should be careful about security. Their first argument is auto if the session results from an automatic login; otherwise, no arguments are passed to them.

Setup program

The Xsetup program is run after the X-Server is started or reset, but before the greeter is offered. This is the place to change the root background (if UseBackground is disabled) or bring up other windows that should appear on the screen along with the greeter.

In addition to any specified by ExportList, the following environment variables are passed:

DISPLAY

the associated display name

PATH

the value of SystemPath

SHELL

the value of SystemShell

XAUTHORITY

may be set to an authority file

DM_CONTROL

the value of FifoDir

Note that since kdm grabs the keyboard, any other windows will not be able to receive keyboard input. They will be able to interact with the mouse, however; beware of potential security holes here. If GrabServer is set, Xsetup will not be able to connect to the display at all. Resources for this program can be put into the file named by Resources.

Startup program

The Xstartup program is run as root when the user logs in. This is the place to put commands which add entries to utmp (the sessreg program may be useful here), mount users' home directories from file servers, or abort the session if some requirements are not met (but note that on modern systems, many of these tasks are already taken care of by PAM modules).

In addition to any specified by ExportList, the following environment variables are passed:

DISPLAY

the associated display name

HOME

the initial working directory of the user

LOGNAME

the username

USER

the username

PATH

the value of SystemPath

SHELL

the value of SystemShell

XAUTHORITY

may be set to an authority file

DM_CONTROL

the value of FifoDir

kdm waits until this program exits before starting the user session. If the exit value of this program is non-zero, kdm discontinues the session and starts another authentication cycle.

Session program

The Xsession program is the command which is run as the user's session. It is run with the permissions of the authorised user. One of the keywords failsafe, default or custom, or a string to eval by a Bourne-compatible shell is passed as the first argument.

In addition to any specified by ExportList, the following environment variables are passed:

DISPLAY

the associated display name

HOME

the initial working directory of the user

LOGNAME

the username

USER

the username

PATH

the value of UserPath (or SystemPath for root user sessions)

SHELL

the user's default shell

XAUTHORITY

may be set to a non-standard authority file

KRBTKFILE

may be set to a Kerberos4 credentials cache name

KRB5CCNAME

may be set to a Kerberos5 credentials cache name

DM_CONTROL

the value of FifoDir

XDM_MANAGED

will contain a comma-separated list of parameters the session might find interesting, like the location of the command FiFo and its capabilities, and which conversation plugin was used for the login

DESKTOP_SESSION

the name of the session the user has chosen to run

Reset program

Symmetrical with Xstartup, the Xreset program is run after the user session has terminated. Run as root, it should contain commands that undo the effects of commands in Xstartup, removing entries from utmp or unmounting directories from file servers.

The environment variables that were passed to Xstartup are also passed to Xreset.

XDMCP access control 
 Configuring your system to use kdm
Up


Would you like to make a comment or contribute an update to this page?
Send feedback to the KDE Docs Team

Prev
Next
Home
Configuring kdm 
 Specifying permanent X-Servers
Up


Would you like to make a comment or contribute an update to this page?
Send feedback to the KDE Docs Team

Chapter 6. Configuring your system to use kdm
Configuring your system to use kdm
Prev
Next
 

Chapter 6. Configuring your system to use kdm

This chapter assumes that your system is already configured to run the X Window System, and that you only need to reconfigure it to allow graphical login.

Setting up kdm

The fundamental thing that controls whether your computer boots to a terminal prompt (console mode) or a graphical login prompt is the default runlevel. The runlevel is set by the program /sbin/init under the control of the configuration file /etc/inittab. The default runlevels used by different UNIX® systems (and different Linux® distributions) vary, but if you look at /etc/inittab the start of it should be something like this:

# Default runlevel. The runlevels used by RHS are:
# 0 - halt (Do NOT set initdefault to this)
# 1 - Single user mode
# 2 - Multiuser, without NFS
# 3 - Full multiuser mode
# 4 - unused
# 5 - X11
# 6 - reboot (Do NOT set initdefault to this)

id:3:initdefault:

All but the last line of this extract are comments. The comments show that runlevel 5 is used for X11 and that runlevel 3 is used for multi-user mode without X11 (console mode). The final line specifies that the default runlevel of the system is 3 (console mode). If your system currently uses graphical login (for example, using xdm) its default runlevel will match the runlevel specified for X11.

The runlevel with graphical login (xdm) for some common Linux® distributions are:

  • 5 for Red Hat® 3.x and later, and for Mandrake

  • 4 for Slackware

  • 3 for SuSE®. 4.x and 5.x

The first step in configuring your system is to ensure that you can start kdm from the command line. Once this is working, you can change your system configuration so that kdm starts automatically each time you reboot your system.

To test kdm, you must first bring your system to a runlevel that does not run xdm. To do so, issue a command like this:

/sbin/init 3

Instead of the number 3 you should specify the appropriate runlevel for console mode on your system.

If your system uses Pluggable Authentication Modules (PAM), which is normal with recent Linux® and Solaris systems, you should check that your PAM configuration permits login through the service named kde. If you previously used xdm successfully, you should not need to make any changes to your PAM configuration in order to use kdm. /etc/pam.conf or /etc/pam.d/kde. Information on configuring PAM is beyond the scope of this handbook, but PAM comes with comprehensive documentation (try looking in /usr/share/doc/*pam*/html/).

Now it's time for you to test kdm by issuing the following command:

kdm -nodaemon

If you get a kdm login dialogue and you are able to log in, things are going well. The main thing that can go wrong here is that the run-time linker might not find the shared Qt™ or KDE libraries. If you have a binary distribution of the KDE libraries, make sure kdm is installed where the libraries believe KDE is installed and try setting some environment variables to point to your KDE and Qt™ libraries.

For example:

export 
KDEDIR=/opt/kde
export 
QTDIR=/usr/lib/qt2
export 
PATH=$KDEDIR/bin:$QTDIR/bin:$PATH
export 
LD_LIBRARY_PATH=$KDEDIR/lib:$QTDIR/lib

If you are still unsuccessful, try starting xdm instead, to make sure that you are not suffering from a more serious X configuration problem.

When you are able to start kdm successfully, you can start to replace xdm by kdm. Again, this is distribution-dependent.

  • For Red Hat®, edit /etc/inittab, look for the string xdm and replace it with kdm (including all paths).

  • For Mandrake™, the X11 runlevel in /etc/inittab invokes the shell script /etc/X11/prefdm, which is set up to select from amongst several display managers, including kdm. Make sure that all the paths are correct for your installation.

  • For SuSE®, edit /sbin/init.d/xdm to add a first line:

    . /etc/rc.config
DISPLAYMANAGER=kdm
export DISPLAYMANAGER

  • For FreeBSD, edit /etc/ttys and find the line like this: 

    ttyv8   "/usr/X11R6/bin/xdm -nodaemon"  xterm   off secure
    and edit it to this: 
    ttyv8   "/usr/local/bin/kdm -nodaemon"  xterm   on secure

  • Most other distributions are a variation of one of these.

At this stage, you can test kdm again by bringing your system to the runlevel that should now run kdm. To do so, issue a command like this:

/sbin/init 5

Instead of the number 5 you should specify the appropriate runlevel for running X11 on your system.

The final step is to edit the initdefault entry in /etc/inittab to specify the appropriate runlevel for X11.

Warning

Before you make this change, ensure that you have a way to reboot your system if a problem occurs. This might be a “rescue” floppy-disk provided by your operating system distribution or a specially-designed “rescue” floppy-disk, such as tomsrtbt. Ignore this advice at your peril.

When you reboot your system, you should end up with the graphical kdm login dialogue.

If this step is unsuccessful the most likely problem is that the environment used at boot time differs from the environment that you used for testing at the command line. If you are trying to get two versions of KDE to co-exist, be particularly careful that the settings you use for your PATH and LD_LIBRARY_PATH environment variables are consistent, and that the startup scripts are not over-riding them in some way.

Prev
Next
Home
Supplementary programs 
 Supporting multiple window managers
Up


Would you like to make a comment or contribute an update to this page?
Send feedback to the KDE Docs Team

Chapter 7. Supporting multiple window managers
Supporting multiple window managers
Prev
Next
 

Chapter 7. Supporting multiple window managers

The main dialogue box for kdm includes a Session Type: drop-down box, which allows you to select a window manager to use for your session. This chapter describes the changes that you must make to your configuration files in order to support this feature.

The options that appear in the Session Type: drop-down box are configured by entries in the KDM section of kdmrc.

When you log in using kdm, the shell script Xsession is executed. The session type that you select is passed as a command-line argument. (Xsession can be found in /etc/X11/xdm/ for Redhat and Mandrake, and in /usr/X11R6/lib/X11/xdm/ for S.u.S.E.). Whilst debugging, you might find it helpful to add this line to Xsession:

echo "$0 || $1 || $2" 
> $HOME/.Xsession_args

How you proceed now depends upon how your system usually starts up window managers. Here are two different approaches, with examples of the changes that you must make:

  • The window manager is started by commands within Xsession. In this case, you can add a case statement to start the appropriate window manager. Linux Mandrake uses this approach; here is an extract from Xsession:

    # now, we see if xdm/gdm/kdm has asked for a specific environment
case $# in
1)
    case $1 in
        kde)
        source /opt/kde2/bin/kde1
        exec startkde
        ;;
        kde2)
        source /opt/kde2/bin/kde2
        exec startkde
        ;;
            failsafe)
        exec xterm -geometry 80x24-0-0
        ;;
        default)
        ;;
        *)
        exec /bin/sh -c "$(/usr/sbin/chksession -x=$1)"
        ;;
     esac
esac

  • The window manager is started by another script that is invoked by Xsession. In this case you must ensure that the parameter passed to Xsession is passed on to that other script. For example, if the window manager is started like this:

    exec $startup

    you would need to change it to:

    exec $startup$@

    Having made this change, you must trace your way through the startup to find the place where the window manager is started. One approach uses xinitrc to start the window manager; this allows a system-wide file /etc/X11/xinit/xinitrc or a user-specific file $HOME/.xinitrc to be used. If you edit $HOME/.xinitrc, you may want to save a copy in /etc/skel, so that it will be automatically generated in every user account you create from now on. Here is an example xinitrc for a system using this approach:

    #!/bin/bash
#
# .xsession/.xinitrc
#
# choose a window manager
#

defaultwm=kde
#set the window manager to $1 if it was supplied
windowmgr=${1:-$defaultwm}

#start the respective window managers
case ${windowmgr} in
  kde|kwm|kdestart)
        WINDOWMANAGER=startkde
        ;;
  fvwm|fvwm2)
        WINDOWMANAGER=fvwm2
        ;;

  fvwm95)
        WINDOWMANAGER=fvwm95
        ;;

  *)    WINDOWMANAGER=windowmgr   # default for unknown wm's

esac

#
# load resources
#

if [ -f /usr/X11R6/lib/X11/Xmodmap ]; then
    xmodmap /usr/X11R6/lib/X11/Xmodmap
fi

if [ -f ~/.Xmodmap ]; then
    xmodmap ~/.Xmodmap
fi

if [ -f ~/.Xdefaults ]; then
    xrdb -merge ~/.Xdefaults
fi

if [ -f ~/.Xresources ]; then
    xrdb -merge ~/.Xresources
fi
# 
# finally start the window manager
#
exec $WINDOWMANAGER
Prev
Next
Home
Configuring your system to use kdm 
 Using kdm for Remote Logins (XDMCP)
Up


Would you like to make a comment or contribute an update to this page?
Send feedback to the KDE Docs Team

Chapter 8. Using kdm for Remote Logins (XDMCP)
Using kdm for Remote Logins (XDMCP)
Prev
Next
 

Chapter 8. Using kdm for Remote Logins (XDMCP)

XDMCP is the Open Group standard, the “X Display Manager Control Protocol”. This is used to set up connections between remote systems over the network.

XDMCP is useful in multiuser situations where there are users with workstations and a more powerful server that can provide the resources to run multiple X sessions. For example, XDMCP is a good way to reuse old computers - a Pentium or even 486 computer with 16 Mb RAM is sufficient to run X itself, and using XDMCP such a computer can run a full modern KDE session from a server. For the server part, once a single KDE (or other environment) session is running, running another one requires very few extra resources.

However, allowing another method of login to your machine obviously has security implications. You should run this service only if you need to allow remote X Servers to start login sessions on your system. Users with a single UNIX® computer should not need to run this.

Prev
Next
Home
Supporting multiple window managers 
 Other sources of information
Up


Would you like to make a comment or contribute an update to this page?
Send feedback to the KDE Docs Team

Chapter 9. Other sources of information
Other sources of information
Prev
Next
 

Chapter 9. Other sources of information

Since kdm is descended from xdm, the xdm man page may provide useful background information. For X-related problems try the man pages X and startx. If you have questions about kdm that are not answered by this handbook, take advantage of the fact the kdm is provided under the terms of the GNU General Public Licence: look at the source code.

Prev
Next
Home
Using kdm for Remote Logins (XDMCP
 Credits and Licence
Up


Would you like to make a comment or contribute an update to this page?
Send feedback to the KDE Docs Team

Chapter 10. Credits and Licence
Credits and Licence
Prev
Next
 

Chapter 10. Credits and Licence

kdm is derived from, and includes code from, xdm (C) Keith Packard, MIT X Consortium.

kdm 0.1 was written by Matthias Ettrich. Later versions till KDE 2.0.x were written by Steffen Hansen. Some new features for KDE 2.1.x and a major rewrite for KDE 2.2.x made by Oswald Buddenhagen.

Other parts of the kdm code are copyright by the authors, and licensed under the terms of the GNU GPL. Anyone is allowed to change kdm and redistribute the result as long as the names of the authors are mentioned.

kdm requires the Qt library, which is copyright Troll Tech AS.

Documentation contributors:

  • Documentation written by Steffen Hansen

  • Documentation extended by Gregor Zumstein. Last update August 9, 1998

  • Documentation revised for KDE 2 by Neal Crook. Last update August 6, 2000

  • Documentation extended and revised for KDE 2.2 by Oswald Buddenhagen. Last update August, 2001

Documentation copyright Steffen Hansen, Gregor Zumstein, Neal Crook and Oswald Buddenhagen. This document also includes large parts of the xdm man page, which is (C) Keith Packard.

Conversion to British English: John Knight

This documentation is licensed under the terms of the GNU Free Documentation License.

This program is licensed under the terms of the GNU General Public License.

Prev
Next
Home
Other sources of information 
 Building and Installing kdm
Up


Would you like to make a comment or contribute an update to this page?
Send feedback to the KDE Docs Team

Appendix A. Building and Installing kdm
Building and Installing kdm
Prev
Next
 

Appendix A. Building and Installing kdm

kdm is part of the KDE project. The various component parts of the KDE project are broken into sections, called packages. kdm is part of the package called kdebase. You can get KDE source code from various Linux and BSD distribution CDs, or by download from www.kde.org or its mirrors. If you have an out-of-date source code tree, you can use one of the KDE cvsup servers to bring it up-to-date whilst using minimal network bandwidth.

Before building kdebase, you must have built and installed (in this order) version 2 of the qt library and the KDE packages kdesupport (optionally) and kdelibs.

In order to build any of the above, you must already have the X Window System installed, together with a C++ compiler. If are you building from CVS you will also need the GNU configuration tools automake and autoconf.

If the last few paragraphs seemed like a foreign language, then either you have strayed into an Inappropriate Area of this handbook, or you are about to undergo a Great Learning Experience.

If you managed to satisfy all of the prerequisites, you are unlikely to have any problems with building and installing kdebase. kdm is installed in your $KDEDIR/bin folder.

Note

make install will not overwrite your previous kdm config files including kdmrc.

Prev
Next
Home
Credits and Licence 
 Glossary
Up


Would you like to make a comment or contribute an update to this page?
Send feedback to the KDE Docs Team

Glossary
Glossary
Prev
 

Glossary

greeter

The greeter is the login dialogue, i.e. the part of kdm which the user sees.

entropy

...

Prev
Home
Building and Installing kdm 
 
Up


Would you like to make a comment or contribute an update to this page?
Send feedback to the KDE Docs Team

Next
 
 
 Introduction
 


Would you like to make a comment or contribute an update to this page?
Send feedback to the KDE Docs Team