sesman.ini(5)

1sesman.ini(5)                                                    sesman.ini(5)
2
3
4

NAME

6       sesman.ini - Configuration file for xrdp-sesman(8)
7
8

DESCRIPTION

10       sesman.ini  consists  of several sections. Each section starts with the
11       section name in square brackets, followed by a list of  parameter=value
12       lines. Following sections are recognized:
13
14
15       [Globals]
16              Global configuration
17
18
19       [Logging]
20              Logging subsystem
21
22
23       [Sessions]
24              Session management
25
26
27       [Security]
28              Access control
29
30
31       [X11rdp], [Xvnc], [Xorg]
32              X11 server settings for supported servers
33
34
35       [Chansrv]
36              Settings for xrdp-chansrv(8)
37
38
39       [SessionVariables]
40              Environment variables for the session
41
42
43       All  parameters  and  values (except for file names and paths) are case
44       insensitive, and are described in detail below.  If  any  parameter  is
45       specified  more  than once, the last entry will be used. Options speci‐
46       fied outside their proper section will be ignored.
47
48

GLOBALS

50       Following parameters can be used in the [Globals] section.
51
52
53       ListenAddress=ip address
54              xrdp-sesman listening address. If  not  specified,  defaults  to
55              0.0.0.0 (all interfaces).
56
57
58       ListenPort=port number
59              xrdp-sesman listening port. If not specified, defaults to 3350.
60
61
62       EnableUserWindowManager=[true|false]
63              If  set  to  1,  true  or yes, this option enables user specific
64              startup script. That is, xrdp-sesman  will  execute  the  script
65              specified by UserWindowManager if it exists.
66
67
68       UserWindowManager=filename
69              Path  of  the  startup script relative to the user's home direc‐
70              tory. If present and enabled  by  EnableUserWindowManager,  that
71              script is executed instead of DefaultWindowManager.
72
73
74       DefaultWindowManager=filename
75              Full path or relative path of the default startup script used by
76              xrdp-sesman to start a session.  If the path is not a full path,
77              it will be resolved as relative path to /etc/xrdp. If not speci‐
78              fied, defaults to /etc/xrdp/startwm.sh.
79
80
81       ReconnectScript=filename
82              Full path or relative path if the  script  which  executed  when
83              users  reconnects  to the existing session. If the path is not a
84              full path, it will be resolved as relative path to /etc/xrdp. If
85              not specified, defaults to /etc/xrdp/reconnectwm.sh.
86
87

LOGGING

89       Following parameters can be used in the [Logging] section.
90
91
92       LogFile=filename
93              Log  file  path.  It  can be either absolute or relative. If not
94              specified, defaults to ./sesman.log
95
96
97       LogLevel=level
98              This option can have one of the following values:
99
100              CORE or 0 - Log only core messages. Those  messages  are  logged
101              regardless of the selected logging level.
102
103              ERROR or 1 - Log only error messages.
104
105              WARNING, WARN or 2 - Logs warnings and error messages.
106
107              INFO or 3 - Log errors, warnings and informational messages.
108
109              DEBUG or 4 - Log everything. If xrdp-sesman is compiled in debug
110              mode, this options will output many more low-level messages.
111
112
113       EnableSyslog=[true|false]
114              If set to 1, true or yes, this option enables logging to syslog.
115
116
117       SyslogLevel=level
118              Logging level for  syslog.  It  can  have  the  same  values  as
119              LogLevel.  If SyslogLevel and LogLevel differ, the least verbose
120              setting takes effect for syslog.
121
122

SESSIONS

124       Following parameters can be used in the [Sessions] section.
125
126
127       X11DisplayOffset=number
128              The first X display number available for xrdp-sesman. This  pre‐
129              vents xrdp-sesman from interfering with real X11 servers. If not
130              specified, defaults to 10.
131
132
133       MaxSessions=number
134              Sets the maximum number of simultaneous sessions. If not set  or
135              set to 0, unlimited session are allowed.
136
137
138       KillDisconnected=[true|false]
139              If set to 1, true or yes, every session will be killed within 60
140              seconds after the user disconnects.
141
142
143       DisconnectedTimeLimit=number
144              Sets the time limit (in seconds) before a  disconnected  session
145              is killed.  If set to 0, automatic killing is disabled.
146
147
148       IdleTimeLimit=number
149              Sets  the time limit (in seconds) before an idle session is dis‐
150              connected.   Idle  means  no  keyboard  inputs  and   no   mouse
151              moves/clicks  here.   If  set  to 0, idle sessions will never be
152              disconnected by timeout.  This works only with xorgxrdp session.
153              Moreover, xorgxrdp must be v0.2.9 or later.
154
155
156       Policy=[Default|UBD|UBI|UBC|UBDI|UBDC]
157              Session  allocation policy. By default, a new session is created
158              for the combination <User,BitPerPixel> when using Xrdp, and  for
159              the  combination <User,BitPerPixel,DisplaySize> when using Xvnc.
160              This behavior can be changed by setting session policy to:
161
162              UBD - session per <User,BitPerPixel,DisplaySize>
163              UBI - session per <User,BitPerPixel,IPAddr>
164              UBC - session per <User,BitPerPixel,Connection>
165              UBDI - session per <User,BitPerPixel,DisplaySize,IPAddr>
166              UBDC - session per <User,BitPerPixel,DisplaySize,Connection>
167
168              Note that the User and BitPerPixel  criteria  cannot  be  turned
169              off.  For  Xvnc  connections,  DisplaySize  is always enabled as
170              well.
171
172

SECURITY

174       Following parameters can be used in the [Security] section.
175
176
177       AllowRootLogin=[true|false]
178              If set to 1, true or yes, enables root  login  on  the  terminal
179              server.
180
181
182       MaxLoginRetry=number
183              The  number  of  login  attempts  that  are  allowed on terminal
184              server. If set to 0, unlimited  attempts  are  allowed.  If  not
185              specified, defaults to 3.
186
187
188       TerminalServerUsers=group
189              Only  the  users belonging to the specified group are allowed to
190              login on terminal server. If unset  or  set  to  an  invalid  or
191              non-existent group, login for all users is enabled.
192
193
194       TerminalServerAdmins=group
195              This option is currently ignored! Only members of this group can
196              have session management rights.
197
198
199       RestrictOutboundClipboard=[true|false]
200              If set to 1, true or yes, will restrict the  clipboard  outbound
201              from  the server, to prevent data copied inside the xrdp session
202              to be be pasted in the client host. Default value is false.
203
204
205       AlwaysGroupCheck=[true|false]
206              If set to 1, true or yes, require group membership even  if  the
207              group specified in TerminalServerUsers doesn't exist.
208
209

X11 SERVER

211       Following  parameters  can  be  used in the [X11rdp], [Xvnc] and [Xorg]
212       sections.
213
214
215       param=string
216              Multiple param lines are supported. This  first  line  specifies
217              the  path  to the X11 server executable. Following lines specify
218              command line arguments passed to the X11 server.
219
220

CHANSRV

222       Following parameters can be used in the [Chansrv] section.
223
224
225       FuseMountName=string
226              Directory for drive  redirection,  relative  to  the  user  home
227              directory.   Created  if  it  doesn't  exist.  If not specified,
228              defaults to xrdp_client.
229
230

SESSIONS VARIABLES

232       All entries in the [SessionVariables] section are  set  as  environment
233       variables in the user's session.
234
235

FILES

237       /etc/xrdp/sesman.ini
238
239