Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
sesman.ini(5)							 sesman.ini(5)

NAME
       sesman.ini - Configuration file for xrdp-sesman(8)

DESCRIPTION
       sesman.ini  consists  of	several	sections. Each section starts with the
       section name in square brackets,	followed by a list of  parameter=value
       lines. Following	sections are recognized:

       [Globals]
	      Global configuration

       [Logging]
	      Logging subsystem

       [Sessions]
	      Session management

       [Security]
	      Access control

       [X11rdp], [Xvnc], [Xorg]
	      X11 server settings for supported	servers

       [Chansrv]
	      Settings for xrdp-chansrv(8)

       [ChansrvLogging]
	      Logging settings for xrdp-chansrv(8)

       [SessionVariables]
	      Environment variables for	the session

       All  parameters	and  values (except for	file names and paths) are case
       insensitive, and	are described in detail	below.	If  any	 parameter  is
       specified  more	than once, the last entry will be used.	Options	speci-
       fied outside their proper section will be ignored.

GLOBALS
       Following parameters can	be used	in the [Globals] section.

       ListenAddress=ip	address
	      xrdp-sesman listening address. If	 not  specified,  defaults  to
	      0.0.0.0 (all interfaces).

       ListenPort=port number
	      xrdp-sesman listening port. If not specified, defaults to	3350.

       EnableUserWindowManager=[true|false]
	      If  set  to  1,  true  or	yes, this option enables user specific
	      startup script. That is, xrdp-sesman  will  execute  the	script
	      specified	by UserWindowManager if	it exists.

       UserWindowManager=filename
	      Path  of	the  startup script relative to	the user's home	direc-
	      tory. If present and enabled  by	EnableUserWindowManager,  that
	      script is	executed instead of DefaultWindowManager.

       DefaultWindowManager=filename
	      Full path	or relative path of the	default	startup	script used by
	      xrdp-sesman to start a session.  If the path is not a full path,
	      it  will be resolved as relative path to /usr/local/etc/xrdp. If
	      not specified, defaults to /usr/local/etc/xrdp/startwm.sh.

       ReconnectScript=filename
	      Full path	or relative path if the	 script	 which	executed  when
	      users  reconnects	 to the	existing session. If the path is not a
	      full path, it will be resolved  as  relative  path  to  /usr/lo-
	      cal/etc/xrdp.   If   not	 specified,   defaults	 to   /usr/lo-
	      cal/etc/xrdp/reconnectwm.sh.

LOGGING
       Following parameters can	be used	in the [Logging] and  [ChansrvLogging]
       sections.

       LogFile=filename
	      Log  file	 path.	It  can	be either absolute or relative.	If not
	      specified, defaults to ./sesman.log It is	ignored	in the	[Chan-
	      srvLogging]  section  since  the	channel	server creates one log
	      file per display and instead uses	the following log file	naming
	      convention xrdp-chansrv.${DISPLAY}.log

       LogLevel=level
	      This option can have one of the following	values:

	      CORE  or	0  - Log only core messages. Those messages are	logged
	      regardless of the	selected logging level.

	      ERROR or 1 - Log only error messages.

	      WARNING, WARN or 2 - Logs	warnings and error messages.

	      INFO or 3	- Log errors, warnings and informational messages.

	      DEBUG or 4 - Log everything. If xrdp-sesman is compiled in debug
	      mode, this options will output many more low-level messages.

       EnableSyslog=[true|false]
	      If set to	1, true	or yes,	this option enables logging to syslog.

       SyslogLevel=level
	      Logging  level  for  syslog.  It	can  have  the	same values as
	      LogLevel.	 Defaults to DEBUG.

       EnableConsole=[true|false]
	      If set to	1, true	or yes,	this option  enables  logging  to  the
	      console (ie. stdout).

       ConsoleLevel=level
	      Logging  level  for  the console.	It can have the	same values as
	      LogLevel.	 Defaults to DEBUG.

       EnableProcessId=[true|false]
	      If set to	1, true	 or  yes,  this	 option	 enables  logging  the
	      process id in all	log messages. Defaults to false.

SESSIONS
       Following parameters can	be used	in the [Sessions] section.

       X11DisplayOffset=number
	      The  first X display number available for	xrdp-sesman. This pre-
	      vents xrdp-sesman	from interfering with real X11 servers.	If not
	      specified, defaults to 10.

       MaxSessions=number
	      Sets  the	maximum	number of simultaneous sessions. If not	set or
	      set to 0,	unlimited session are allowed.

       KillDisconnected=[true|false]
	      If set to	1, true	or yes,	every session will  be	killed	within
	      DisconnectedTimeLimit  seconds after the user disconnects.  This
	      setting currently	only works with	xorgxrdp sessions.

       DisconnectedTimeLimit=number
	      Sets the time limit for KillDisconnected to a value greater than
	      60.   Values  less  than	60 are to be overridden	with 60.  This
	      setting currently	only works with	xorgxrdp sessions.

       IdleTimeLimit=number
	      Sets the time limit (in seconds) before an idle session is  dis-
	      connected.    Idle   means  no  keyboard	inputs	and  no	 mouse
	      moves/clicks here.  If set to 0, idle  sessions  will  never  be
	      disconnected  by	timeout.   This	 works only with xorgxrdp ses-
	      sions. Moreover, xorgxrdp	must be	v0.2.9 or later.

       Policy=[Default|UBD|UBI|UBC|UBDI|UBDC]
	      Session allocation policy. Used to decide	when to	allocate a new
	      session. Set to one of the following values:

	      Default -	session	per <User,BitPerPixel>
	      UBD - session per	<User,BitPerPixel,DisplaySize>
	      UBI - session per	<User,BitPerPixel,IPAddr>
	      UBC - session per	<User,BitPerPixel,Connection>
	      UBDI - session per <User,BitPerPixel,DisplaySize,IPAddr>
	      UBDC - session per <User,BitPerPixel,DisplaySize,Connection>

	      Note  that  the  User  and BitPerPixel criteria cannot be	turned
	      off. DisplaySize refers to the initial geometry of a connection,
	      as actual	display	sizes can change dynamically.

SECURITY
       Following parameters can	be used	in the [Security] section.

       AllowRootLogin=[true|false]
	      If  set  to  1,  true or yes, enables root login on the terminal
	      server.

       MaxLoginRetry=number
	      The number of  login  attempts  that  are	 allowed  on  terminal
	      server.  If  set	to  0,	unlimited attempts are allowed.	If not
	      specified, defaults to 3.

       TerminalServerUsers=group
	      Only the users belonging to the specified	group are  allowed  to
	      login  on	 terminal  server.  If	unset  or set to an invalid or
	      non-existent group, login	for all	users is enabled.

       TerminalServerAdmins=group
	      This option is currently ignored!	Only members of	this group can
	      have session management rights.

       RestrictOutboundClipboard=[true|false]
	      If  set  to 1, true or yes, will restrict	the clipboard outbound
	      from the server, to prevent data copied inside the xrdp  session
	      to be be pasted in the client host. Default value	is false.

       AlwaysGroupCheck=[true|false]
	      If  set  to 1, true or yes, require group	membership even	if the
	      group specified in TerminalServerUsers doesn't exist.

X11 SERVER
       Following parameters can	be used	in the	[X11rdp],  [Xvnc]  and	[Xorg]
       sections.

       param=string
	      Multiple	param  lines  are supported. This first	line specifies
	      the path to the X11 server executable. Following	lines  specify
	      command line arguments passed to the X11 server.

CHANSRV
       Following parameters can	be used	in the [Chansrv] section.

       FuseMountName=string
	      Directory	 for  drive redirection.  Created if it	doesn't	exist.
	      If not specified,	defaults to xrdp_client.  If  first  character
	      is not a '/', this is relative to	$HOME.

	      If  first	 character is a	'/' this is an absolute	path. The fol-
	      lowing substitutions are made in this string:-
		  %U - Username
		  %u - Numeric UID
		  %% - Percent character

	      If this format is	used:-

	      1) The directory path permissions	MUST be	 configured  correctly
		 by the	system administrator or	the system itself - xrdp-chan-
		 srv will not do this for you (although	it will	create the fi-
		 nal directories owned by the user).

	      2)  The  desktop	may  not  automatically	display	a link for the
		 redirected drive. To fix this,	consult	the docs for your cho-
		 sen desktop.

       FileUmask=mode
	      Additional  umask	 to apply to files in the FuseMountName	direc-
	      tory.  The default value of 077 prevents other users on the sys-
	      tem  from	 reading files on your redirected drives. This may not
	      be approprate for	all environents, and so	you  can  change  this
	      value  to	 allow	other users to access your remote files	if re-
	      quired.

       EnableFuseMount=[true|false]
	      Defaults to true.	 Set to	false to disable xrdp-chansrv's	use of
	      the  FUSE	 system	 feature,  even	if it has been built with this
	      feature enabled.

	      Setting this value to false will disable the following  applica-
	      tion features:-

	      -	 drive redirection

	      -	 copying-and-pasting of	files

SESSIONS VARIABLES
       All  entries  in	 the [SessionVariables]	section	are set	as environment
       variables in the	user's session.

FILES
       /usr/local/etc/xrdp/sesman.ini

SEE ALSO
       xrdp-sesman(8), xrdp-sesrun(8), xrdp(8),	xrdp.ini(5)

       For more	info on	xrdp see <http://www.xrdp.org/>

xrdp team			    0.9.16			 sesman.ini(5)

NAME | DESCRIPTION | GLOBALS | LOGGING | SESSIONS | SECURITY | X11 SERVER | CHANSRV | SESSIONS VARIABLES | FILES | SEE ALSO

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=sesman.ini&sektion=5&manpath=FreeBSD+13.0-RELEASE+and+Ports>

home | help