1353 lines
50 KiB
Groff
1353 lines
50 KiB
Groff
.\" Copyright 1984 - 1991, 1993, 1994, 1998 The Open Group
|
|
.\" Copyright 2011 - 2016, Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
|
|
.\"
|
|
.\" Permission to use, copy, modify, distribute, and sell this software and its
|
|
.\" documentation for any purpose is hereby granted without fee, provided that
|
|
.\" the above copyright notice appear in all copies and that both that
|
|
.\" copyright notice and this permission notice appear in supporting
|
|
.\" documentation.
|
|
.\"
|
|
.\" The above copyright notice and this permission notice shall be included
|
|
.\" in all copies or substantial portions of the Software.
|
|
.\"
|
|
.\" THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
|
|
.\" OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
|
.\" MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
|
|
.\" IN NO EVENT SHALL THE OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR
|
|
.\" OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
|
|
.\" ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
|
|
.\" OTHER DEALINGS IN THE SOFTWARE.
|
|
.\"
|
|
.\" Except as contained in this notice, the name of The Open Group shall
|
|
.\" not be used in advertising or otherwise to promote the sale, use or
|
|
.\" other dealings in this Software without prior written authorization
|
|
.\" from The Open Group.
|
|
.ds q \N'34'
|
|
.TH nxagent 1 "Jun 2023" "Version 3.5.99.27" "NX Agent (Xserver)"
|
|
.SH NAME
|
|
nxagent \- nested Xserver optimized for remote computing
|
|
.SH SYNOPSIS
|
|
.B nxagent
|
|
.I "[options]"
|
|
.SH DESCRIPTION
|
|
\fBnxagent\fR is an X server for remote application/desktop access
|
|
similar to Xnest or Xephyr.
|
|
.PP
|
|
\fBnxagent\fR implements a very efficient compression of the X11
|
|
protocol, called the NX protocol.
|
|
.PP
|
|
The NX protocol increases performance when using X applications over high
|
|
latency and low bandwidth networks, while providing a local (LAN-like)
|
|
usage experience even if connecting from off-site locations (via cable
|
|
modem or GSM).
|
|
.PP
|
|
\fBnxagent\fR can be used standalone as a nested X server (with NX
|
|
protocol disabled), but its real benefits are gained when using it over
|
|
remote connections via the nxcomp compression library. The counterpart
|
|
application on the other end (i.e. the client) is called
|
|
\fBnxproxy\fR.
|
|
.PP
|
|
When used in proxy <-> agent mode, \fBnxagent\fR adds the feature of
|
|
being suspendible. Sessions can be started from one client, suspended and
|
|
then resumed from another (or the same) client.
|
|
.PP
|
|
\fBnxagent\fR and \fBnxproxy\fR are utilized by various remote
|
|
application/desktop frameworks for providing server-side GUI application
|
|
access from remote client systems.
|
|
.PP
|
|
Currently, \fBnxagent\fR is co-maintained by three of these projects: The
|
|
Arctica Project, TheQVD and X2Go.
|
|
.PP
|
|
|
|
.SH "STARTING THE SERVER"
|
|
\fBnxagent\fR should be run in user space. Other than the system's
|
|
local X.org server, \fBnxagent\fR does not require to be run as root.
|
|
When bundled with a remote application framework, you normally don't have
|
|
to launch \fBnxagent\fR manually. \fBnxagent\fR startup is usually
|
|
managed by the underlying framework (e.g. Arctica Session Manager, X2Go
|
|
Server, etc.).
|
|
.PP
|
|
When \fBnxagent\fR starts up (e.g. by typing 'nxagent -ac :1' in a
|
|
terminal window), it typically launches in "windowed desktop" mode. On
|
|
your local X server a new window appears being an X server itself.
|
|
.PP
|
|
However, \fBnxagent\fR also supports rootless (or seamless) application
|
|
mode and a shadow session mode (similar to what VNC does).
|
|
.PP
|
|
Example: You can launch a complete desktop session inside this nested X
|
|
server now:
|
|
.TP 8
|
|
The Debian way...
|
|
.PP
|
|
.nf
|
|
$ export DISPLAY=:1
|
|
$ STARTUP=mate-session /etc/X11/Xsession
|
|
.fi
|
|
.TP 8
|
|
The Fedora / Gentoo / openSUSE way...
|
|
.PP
|
|
.nf
|
|
### FIXME / TODO ###
|
|
.fi
|
|
.PP
|
|
However, \fBnxagent\fR also supports rootless (or seamless) application
|
|
mode and a shadow session mode (similar to what VNC does).
|
|
|
|
.SH OPTIONS
|
|
\fBnxagent\fR accepts a range of default X server options as described
|
|
below. Those default options have to be provided via the command line.
|
|
|
|
Furthermore, \fBnxagent\fR accepts some nx-X11 specific options,
|
|
described further below.
|
|
|
|
Last but not least, \fBnxagent\fR accepts several more options, the
|
|
so-called nx/nx options, provided via the $DISPLAY environment
|
|
variable or the \fB-options\fR command line option. See below for further
|
|
details.
|
|
|
|
.SH STANDARD XSERVER OPTIONS
|
|
.TP 8
|
|
.B :\fIdisplaynumber\fP
|
|
The X server runs as the given \fIdisplaynumber\fP, which by default is 0.
|
|
If multiple X servers are to run simultaneously on a host, each must have
|
|
a unique display number. See the DISPLAY
|
|
NAMES section of the \fIX\fP(__miscmansuffix__) manual page to learn how to
|
|
specify which display number clients should try to use.
|
|
.TP 8
|
|
.B \-a \fInumber\fP
|
|
sets pointer acceleration (i.e. the ratio of how much is reported to how much
|
|
the user actually moved the pointer).
|
|
.TP 8
|
|
.B \-ac
|
|
disables host-based access control mechanisms. Enables access by any host,
|
|
and permits any host to modify the access control list.
|
|
Use with extreme caution.
|
|
This option exists primarily for running test suites remotely.
|
|
.TP 8
|
|
.B \-audit \fIlevel\fP
|
|
sets the audit trail level. The default level is 1, meaning only connection
|
|
rejections are reported. Level 2 additionally reports all successful
|
|
connections and disconnects. Level 4 enables messages from the
|
|
SECURITY extension, if present, including generation and revocation of
|
|
authorizations and violations of the security policy.
|
|
Level 0 turns off the audit trail.
|
|
Audit lines are sent as standard error output.
|
|
.TP 8
|
|
.B \-auth \fIauthorization-file\fP
|
|
specifies a file which contains a collection of authorization records used
|
|
to authenticate access. See also the \fIxdm\fP(1) and
|
|
\fIXsecurity\fP(__miscmansuffix__) manual pages.
|
|
.TP 8
|
|
.B \-bs
|
|
disables backing store support on all screens.
|
|
.TP 8
|
|
.B \-br
|
|
sets the default root window to solid black (default).
|
|
.TP 8
|
|
.B \-wr
|
|
sets the default root window to solid white.
|
|
.TP 8
|
|
.B \-c
|
|
turns off key-click.
|
|
.TP 8
|
|
.B c \fIvolume\fP
|
|
sets key-click volume (allowable range: 0-100).
|
|
.TP 8
|
|
.B \-cc \fIclass\fP
|
|
sets the visual class for the root window of color screens.
|
|
The class numbers are as specified in the X protocol.
|
|
Not obeyed by all servers.
|
|
.TP 8
|
|
.B \-co \fIfilename\fP
|
|
This used to be the option for specifying the path to the RGB color
|
|
database file. As the RGB color database is now embedded into the
|
|
binary this option has no effect but is kept for
|
|
compatibility. Deprecated.
|
|
.ig
|
|
.TP 8
|
|
.B \-config \fIfilename\fP
|
|
reads more options from the given file. Options in the file may be separated
|
|
by newlines if desired. If a '#' character appears on a line, all characters
|
|
between it and the next newline are ignored, providing a simple commenting
|
|
facility. The \fB\-config\fR option itself may appear in the file.
|
|
.BR NOTE :
|
|
This option is disabled when the Xserver is run with an effective uid
|
|
different from the user's real uid.
|
|
..
|
|
.TP 8
|
|
.B \-core
|
|
causes the server to generate a core dump on fatal errors.
|
|
.TP 8
|
|
.B \-displayfd \fIfd\fP
|
|
specifies a file descriptor in the launching process. Rather than
|
|
specifying a display number, the X server will attempt to listen on
|
|
successively higher display numbers, and upon finding a free one, will
|
|
write the port number back on this file descriptor as a
|
|
newline-terminated string. The \fB\-pn\fR option is ignored when
|
|
using \fB\-displayfd\fR.
|
|
|
|
nxagent specific:
|
|
|
|
(1) Other than in X.org's Xserver, you can use \fB\-displayfd\fR in
|
|
conjunction with an explicit display number. If the explicit display number
|
|
is not available (i.e., already in use), nxagent tries to figure out the next
|
|
available display number,
|
|
|
|
e.g.:
|
|
|
|
\fBnxagent\fR \fI\-displayfd 2 :50\fR
|
|
|
|
(2) If \fB\-displayfd\fR <X> is given with <X> equaling 2 (STDERR), then the
|
|
display number string written to STDERR is beautified with some human-readable
|
|
(machine-parseable) text.
|
|
.TP 8
|
|
.B \-sync
|
|
This option tells \fBnxagent\fR to synchronize its window and graphics
|
|
operations with the real server. This is a useful option for
|
|
debugging, but it will slow down \fBnxagent\fR's performance
|
|
considerably. It should not be used unless absolutely necessary.
|
|
.TP 8
|
|
.B \-full
|
|
This option tells \fBnxagent\fR to utilize full regeneration of real
|
|
server objects and reopen a new connection to the real server each
|
|
time \fBnxagent\fR regenerates. The sample server implementation
|
|
regenerates all objects in the server when the last client of this
|
|
server terminates. When this happens, \fBnxagent\fR by default
|
|
maintains the same top-level window and the same real server
|
|
connection in each new generation. If the user selects full
|
|
regeneration, even the top-level window and the connection to the real
|
|
server will be regenerated for each server generation.
|
|
.TP 8
|
|
.B \-class \fIstring\fP
|
|
This option specifies the default visual class of the nested server.
|
|
It is similar to the
|
|
.B \-cc
|
|
option from the set of standard options except that it will accept a string
|
|
rather than a number for the visual class specification.
|
|
The
|
|
.I string
|
|
must be one of the following six values:
|
|
.BR StaticGray ,
|
|
.BR GrayScale ,
|
|
.BR StaticColor ,
|
|
.BR PseudoColor ,
|
|
.BR TrueColor ,
|
|
or
|
|
.BR DirectColor .
|
|
If both the
|
|
.B \-class
|
|
and
|
|
.B \-cc
|
|
options are specified, the last instance of either option takes precedence.
|
|
The class of the default visual of the nested server need not be the same as the
|
|
class of the default visual of the real server, but it must be supported by the
|
|
real server.
|
|
Use
|
|
.BR xdpyinfo (__appmansuffix__)
|
|
to obtain a list of supported visual classes on the real server before
|
|
starting \fBnxagent\fR. If the user chooses a static class, all the
|
|
colors in the default color map will be preallocated. If the user
|
|
chooses a dynamic class, colors in the default color map will be
|
|
available to individual clients for allocation.
|
|
.TP 8
|
|
.B \-deferglyphs \fIwhichfonts\fP
|
|
specifies the types of fonts for which the server should attempt to
|
|
use deferred glyph loading. \fIwhichfonts\fP can be all (all fonts),
|
|
none (no fonts), or 16 (16 bit fonts only).
|
|
.TP 8
|
|
.B \-depth \fIint\fP
|
|
This option specifies the default visual depth of the nested server.
|
|
The depth of the default visual of the nested server need not be the
|
|
same as the depth of the default visual of the real server, but it
|
|
must be supported by the real server. Use
|
|
.BR xdpyinfo (__appmansuffix__)
|
|
to obtain a list of supported visual depths on the real server before
|
|
starting \fBnxagent\fR.
|
|
.TP 8
|
|
.B \-geometry \fIW\fBx\fIH\fB+\fIX\fB+\fIY\fP
|
|
This option specifies the geometry parameters for the top-level
|
|
\fBnxagent\fR window. See \(lqGEOMETRY SPECIFICATIONS\(rq in
|
|
.BR X (__miscmansuffix__)
|
|
for a discusson of this option's syntax. This window corresponds to
|
|
the root window of the nested server. The width
|
|
.I W
|
|
and height
|
|
.I H
|
|
specified with this option will be the maximum width and height of
|
|
each top-level \fBnxagent\fR window. \fBnxagent\fR will allow the
|
|
user to make any top-level window smaller, but it will not actually
|
|
change the size of the nested server root window. If this option is
|
|
not specified, \fBnxagent\fR will choose
|
|
.I W
|
|
and
|
|
.I H
|
|
to be 3/4ths the dimensions of the root window of the real server. For
|
|
further values accepted see the documentation of
|
|
\fBgeometry=<string>\fR below.
|
|
.TP 8
|
|
.B \-dpi \fIresolution\fP
|
|
sets the resolution for all screens, in dots per inch. If this option
|
|
is not specified \fBnxagent\fR will assume 96. There's also
|
|
.B \-autodpi
|
|
which will clone the real server's dpi. Note that the resolution specified via
|
|
.B \-dpi
|
|
is a per session setting. It cannot be changed on reconnect! This means that
|
|
clients may look "wrong" when reconnecting a session that had been
|
|
started with a different dpi than the current real xserver.
|
|
.TP 8
|
|
.B dpms
|
|
enables DPMS (display power management services), where supported. The
|
|
default state is platform and configuration specific.
|
|
.TP 8
|
|
.B \-dpms
|
|
disables DPMS (display power management services). The default state
|
|
is platform and configuration specific.
|
|
.TP 8
|
|
.B \-f \fIvolume\fP
|
|
sets feep (bell) volume (allowable range: 0-100).
|
|
.TP 8
|
|
.B \-fc \fIcursorFont\fP
|
|
sets default cursor font.
|
|
.TP 8
|
|
.B \-fn \fIfont\fP
|
|
sets the default font.
|
|
.TP 8
|
|
.B \-fp \fIfontPath\fP
|
|
sets the search path for fonts. This path is a comma separated list
|
|
of directories which the X server searches for font databases.
|
|
See the FONTS section of this manual page for more information and the default
|
|
list.
|
|
.TP 8
|
|
.B \-help
|
|
prints a usage message.
|
|
.TP 8
|
|
.B \-I
|
|
causes all remaining command line arguments to be ignored.
|
|
.TP 8
|
|
.B \-maxbigreqsize \fIsize\fP
|
|
sets the maximum big request to
|
|
.I size
|
|
MB.
|
|
.TP 8
|
|
.B \-name string
|
|
This option specifies the name of the top-level \fBnxagent\fR window as
|
|
.IR string .
|
|
The default value is the program name.
|
|
.TP 8
|
|
.B \-nolisten \fItrans-type\fP
|
|
disables a transport type. For example, TCP/IP connections can be disabled
|
|
with
|
|
.BR "\-nolisten tcp" .
|
|
This option may be issued multiple times to disable listening to different
|
|
transport types.
|
|
.TP 8
|
|
.B \-noreset
|
|
prevents a server reset when the last client connection is closed. This
|
|
overrides a previous
|
|
.B \-terminate
|
|
command line option.
|
|
.TP 8
|
|
.B \-p \fIminutes\fP
|
|
sets screen-saver pattern cycle time in minutes.
|
|
.TP 8
|
|
.B \-pn
|
|
permits the server to continue running if it fails to establish all of
|
|
its well-known sockets (connection points for clients), but
|
|
establishes at least one. This option is set by default.
|
|
.TP 8
|
|
.B \-nopn
|
|
causes the server to exit if it fails to establish all of its well-known
|
|
sockets (connection points for clients).
|
|
.TP 8
|
|
.B \-r
|
|
turns off auto-repeat.
|
|
.TP 8
|
|
.B r
|
|
turns on auto-repeat.
|
|
.TP 8
|
|
.B \-s \fIminutes\fP
|
|
sets screen-saver timeout time in minutes.
|
|
.TP 8
|
|
.B \-su
|
|
disables save under support on all screens.
|
|
.TP 8
|
|
.B \-t \fInumber\fP
|
|
sets pointer acceleration threshold in pixels (i.e. after how many pixels
|
|
pointer acceleration should take effect).
|
|
.TP 8
|
|
.B \-terminate
|
|
causes the server to terminate at server reset, instead of continuing to run.
|
|
This overrides a previous
|
|
.B \-noreset
|
|
command line option.
|
|
.TP 8
|
|
.B \-to \fIseconds\fP
|
|
sets default connection timeout in seconds.
|
|
.TP 8
|
|
.B \-tst
|
|
disables all testing extensions.
|
|
.TP 8
|
|
.B v
|
|
sets video-off screen-saver preference.
|
|
.TP 8
|
|
.B \-v
|
|
sets video-on screen-saver preference.
|
|
.TP 8
|
|
.B \-wm
|
|
forces the default backing-store of all windows to be WhenMapped. This
|
|
is a backdoor way of getting backing-store to apply to all windows.
|
|
Although all mapped windows will have backing store, the backing store
|
|
attribute value reported by the server for a window will be the last
|
|
value established by a client. If it has never been set by a client,
|
|
the server will report the default value, NotUseful. This behavior is
|
|
required by the X protocol, which allows the server to exceed the
|
|
client's backing store expectations but does not provide a way to tell
|
|
the client that it is doing so.
|
|
.TP 8
|
|
.B [+-]xinerama
|
|
enables(+) or disables(-) XINERAMA provided via the PanoramiX extension. This is
|
|
set to off by default.
|
|
.TP 8
|
|
.B [+-]rrxinerama
|
|
enables(+) or disables(-) XINERAMA provided via the RandR
|
|
extension. By default, this feature is enabled. To disable XINERAMA
|
|
completely, make sure to use both options (\fB\-xinerama\fR and
|
|
\fB\-rrxinerama\fR) on the command line.
|
|
|
|
.SH SERVER DEPENDENT OPTIONS
|
|
\fBnxagent\fR additionally accepts the following non-standard options:
|
|
.TP 8
|
|
.B \-logo
|
|
turns on the X Window System logo display in the screen-saver.
|
|
There is currently no way to change this from a client.
|
|
.TP 8
|
|
.B nologo
|
|
turns off the X Window System logo display in the screen-saver.
|
|
There is currently no way to change this from a client.
|
|
.TP 8
|
|
.B \-render
|
|
|
|
.BR default | mono | gray | color
|
|
|
|
sets the color allocation policy that will be used by the render extension.
|
|
.RS 8
|
|
.TP 8
|
|
.I default
|
|
selects the default policy defined for the display depth of the X
|
|
server.
|
|
.TP 8
|
|
.I mono
|
|
don't use any color cell.
|
|
.TP 8
|
|
.I gray
|
|
use a gray map of 13 color cells for the X render extension.
|
|
.TP 8
|
|
.I color
|
|
use a color cube of at most 4*4*4 colors (that is 64 color cells).
|
|
.RE
|
|
.TP 8
|
|
.B \-dumbSched
|
|
disables smart scheduling on platforms that support the smart scheduler.
|
|
.TP
|
|
.B \-schedInterval \fIinterval\fP
|
|
sets the smart scheduler's scheduling interval to
|
|
.I interval
|
|
milliseconds.
|
|
.SH NXAGENT SPECIFIC OPTIONS
|
|
The nx-X11 system adds the following command line arguments:
|
|
.TP 8
|
|
.B \-forcenx
|
|
force use of NX protocol messages assuming communication through \fBnxproxy\fR
|
|
.TP 8
|
|
.B \-id \fIstring\fP
|
|
The session id.
|
|
.TP 8
|
|
.B \-autograb
|
|
enable autograb mode on \fBnxagent\fR startup. The autograb feature can be toggled via nxagent keystrokes
|
|
.TP 8
|
|
.B \-textclipboard
|
|
force text-only clipboard \fBnxagent\fR startup. See option file
|
|
option \fBtextclipboard=<bool>\fR for an explanation.
|
|
.TP 8
|
|
.B \-nxrealwindowprop
|
|
set property NX_REAL_WINDOW for each X11 client inside \fBnxagent\fR,
|
|
providing the window XID of the corresponding window object on the X
|
|
server that \fBnxagent\fR runs on
|
|
.TP 8
|
|
.B \-reportwids
|
|
explicitly tell \fBnxagent\fR to report its externally exposed X11 window
|
|
IDs to the session log (in machine readable form), so that external
|
|
parsers can obtain that information from there
|
|
.TP 8
|
|
.B \-reportprivatewids
|
|
explicitly tell \fBnxagent\fR to report X11 window IDs of internally
|
|
created window objects to the session log (in machine readable form),
|
|
so that external parsers can obtain that information from there; this
|
|
creates a lot of output and may affect performance
|
|
.TP 8
|
|
.B \-timeout \fIint\fP
|
|
auto-disconnect timeout in seconds (minimum allowed: 60). Default is 0
|
|
(no timeout).
|
|
.TP 8
|
|
.B \-norootlessexit
|
|
don't exit if there are no clients in rootless mode
|
|
.TP 8
|
|
.B \-autodpi
|
|
detect real server's DPI and set it in the agent session; the
|
|
.B \-dpi\fP cmdline option overrides
|
|
.B \-autodpi\fP.
|
|
Note that using
|
|
.B \-autodpi
|
|
will also adapt the DPI on reconnect which will cause
|
|
newly started clients respecting the new DPI while clients that had
|
|
been started before the reconnect still use the old DPI. This may lead
|
|
to applications looking "weird".
|
|
.TP 8
|
|
.B \-nomagicpixel
|
|
disable magic pixel support at session startup, can be re-enabled via
|
|
nx/nx option on session resumption
|
|
.TP 8
|
|
.B \-norender
|
|
disable the use of the render extension
|
|
.TP 8
|
|
.B \-nocomposite/-composite
|
|
disable/enable the use of the composite extension (default ist disabled)
|
|
.TP 8
|
|
.B \-nopersistent
|
|
disable disconnection/reconnection to the X display on
|
|
SIGHUP. Non-persistent sessions will terminate on SIGHUP.
|
|
.TP 8
|
|
.B \-noshmem
|
|
disable use of shared memory extension
|
|
.TP 8
|
|
.B \-shmem
|
|
enable use of shared memory extension (default)
|
|
.TP 8
|
|
.B \-noshpix
|
|
disable use of shared pixmaps
|
|
.TP 8
|
|
.B \-shpix
|
|
enable use of shared pixmaps (default)
|
|
.TP 8
|
|
.B \-noignore
|
|
don't ignore pointer and keyboard configuration changes mandated by
|
|
clients. As a result, configuration commands like disabling the
|
|
keyboard bell (xset -b) will also affect the real X server.
|
|
.TP 8
|
|
.B \-nokbreset
|
|
don't reset keyboard device if the session is resumed
|
|
.TP 8
|
|
.B \-noxkblock
|
|
this is only relevant if you also specify \-keyboard=query. In that
|
|
case \fBnxagent\fR will lock the keyboard settings and clients will
|
|
get an error when trying to change keyboard settings via
|
|
XKEYBOARD. With \-noxkblock the lock is not applied and clients are
|
|
allowed to change the keyboard settings through XKEYBOARD.
|
|
.TP 8
|
|
.B \-tile WxH
|
|
maximum size of the tile used when sending an image to the remote
|
|
display (minimum allowed: 32x32). The default depends on the link
|
|
type: 64x64 for \fImodem\fR and \fIisdn\fR, 4096x4096 for all other
|
|
link types)
|
|
.TP 8
|
|
.B \-irlimit
|
|
maximum image data rate to the encoder input in kB/s. The default is no limit.
|
|
.TP 8
|
|
.B \-D
|
|
enable desktop mode (default)
|
|
.TP 8
|
|
.B \-R
|
|
enable rootless mode
|
|
.TP 8
|
|
.B \-S
|
|
enable shadow mode
|
|
.TP 8
|
|
.B \-B
|
|
enable proxy binding mode
|
|
.TP 8
|
|
.B \-keystrokefile
|
|
define path to a keyboard shortcut definitions file. Default is
|
|
.IR ~/.nx/keystrokes.cfg
|
|
and
|
|
.IR /etc/nxagent/keystroke.cfg
|
|
(first existing
|
|
file is taken). If \fBnxagent\fR is run as \fBx2goagent\fR the defaults are
|
|
.IR ~/.x2go/keystrokes.cfg
|
|
and
|
|
.IR /etc/x2go/keystrokes.cfg
|
|
. Any keystrokes
|
|
\fBnxagent\fR knows about that are not defined in this file are
|
|
ignored. (Only) if no file is found built-in defaults are used. The
|
|
keystroke file can be re-read by a keystroke (ctrl-alt-k by default).
|
|
See
|
|
.IR README.keystrokes
|
|
and
|
|
.IR README.keystrokes.debug
|
|
for all keystrokes \fBnxagent\fR knows. At startup the active keystrokes are printed to the session output.
|
|
.TP 8
|
|
.B \-version
|
|
show version information and exit
|
|
.TP 8
|
|
.B \-options \fIfilepath|string\fP
|
|
path to an options file containing nx/nx options (see below). Instead of a path the options can be specified diretly on the commandline by prefixing the options strings with
|
|
.IR nx/nx,
|
|
which is mostly useful for testing/debugging.
|
|
.PP
|
|
In addition to the command line options, \fBnxagent\fR can be configured at
|
|
session startup and at runtime (i.e. when resuming a suspended session)
|
|
by so-called nx/nx options. The options file is read on startup. It can be modified during runtime (but it must stay at the same path). On re-connect the modified file is then read and the changed options are applied.
|
|
.PP
|
|
As nx/nx options all options supported by nxcomp (see \fBnxproxy\fR man
|
|
page) and all \fBnxagent\fR nx/nx options (see below) can be used.
|
|
.
|
|
When launching an nxcomp based \fBnxagent\fR session (i.e. proxy <->
|
|
agent), you will normally set the $DISPLAY variable like this:
|
|
.PP
|
|
.nf
|
|
$ export DISPLAY=nx/nx,listen=<proxy-port>,options=<options.file>:<nx-display-port>
|
|
$ nxagent <command-line-options> :<nx-display-port>
|
|
.fi
|
|
.PP
|
|
The value for <nx-display-port> is some value of a not-yet-used X11
|
|
display (e.g. :50).
|
|
.PP
|
|
Using an options file is recommended, but you can also put available
|
|
nx/nx options (see below) into the DISPLAY variable directly. Note, that
|
|
the $DISPLAY variable field is of limited length.
|
|
.PP
|
|
As <proxy-port> you can pick an arbitrary (unused) TCP port or Unix
|
|
socket file path. This is the port / socket that you have to connect to
|
|
with the \fBnxproxy\fR application.
|
|
.PP
|
|
The right hand side of an option (the part following the "=" character)
|
|
can include URL encoded characters. It is required to URL encode at
|
|
least "," (as %2D) and "=" (as %3D) to avoid wrong parsing of the
|
|
options string.
|
|
.PP
|
|
Available \fBnxagent\fR options (as an addition to nx/nx options supported
|
|
by nxcomp already):
|
|
.TP 8
|
|
.B options=<string>
|
|
read options from file, this text file can contain a single loooong
|
|
line with comma-separated nx/nx options
|
|
.TP 8
|
|
.B rootless=<bool>
|
|
start \fBnxagent\fR in rootless mode, matches \-R given on the command
|
|
line, no-op when resuming (default: \fI0\fR, disabled)
|
|
.TP 8
|
|
.B geometry=<string>
|
|
desktop geometry when starting or resuming a session, no-op in
|
|
rootless mode (default 66% of the underlying X server geometry). You
|
|
can either specify a standard X geometry string
|
|
(WxH+X+Y) or \fIallscreens\fR for a window covering
|
|
all available screens or \fRonescreen\fR for a window covering only
|
|
one screen. For historical reasons \fIfullscreen\fR (as a synonym to
|
|
\fIallscreens\fR) is also accepted.
|
|
.TP 8
|
|
.B fullscreen=<int>
|
|
start or resume a session in fullscreen mode (default: \fI0\fR, off). Specify \fI1\fR for
|
|
a fullscreen window covering all available screens or \fI2\fR for a fullscreen window
|
|
covering only the first screen.
|
|
.TP 8
|
|
.B resize=<bool>
|
|
set resizing support (default: \fI1\fR, enabled)
|
|
.TP 8
|
|
.B keyboard=<string> or kbtype=<string>
|
|
|
|
.BR query | clone | <model>/<layout> | rmlvo/<rules>#<model>#<layout>#<variant>#<options>
|
|
|
|
.RS 8
|
|
.TP 8
|
|
.I query
|
|
use the default XKB keyboard layout (see below) and only allow clients
|
|
to query the settings but prevent any changes. \fIquery\fR is
|
|
especially helpful for setups where you need to set/modify the actual
|
|
keyboard layout using core X protocol functions (e.g. via \fBxmodmap\fR). It is used for
|
|
MacOS X clients to handle some keyboard problems that are special for
|
|
this platform. Note that in this case XKEYBOARD will always report
|
|
the default layout which will most likely not match the experienced
|
|
settings.
|
|
.TP 8
|
|
.I clone
|
|
ask the real X server for the keyboard settings using XKEYBOARD
|
|
protocol functions and clone them. This is the recommended setting. For
|
|
compatibility reasons it is not the default.
|
|
.TP 8
|
|
.I <model>/<layout>
|
|
use the given model and layout. A value of \fInull/null\fR is equivalent to
|
|
\fIclone\fR. You can not modify keyboard rules,
|
|
variant or options this way. Instead preset values are used. These are
|
|
\fIbase\fR for rules and empty strings for variant and options.
|
|
.TP 8
|
|
.I rmlvo/<rules>#<model>#<layout>#<variant>#<options>
|
|
configure the keyboard according to the rmlvo
|
|
(Rules+Model+Layout+Variant+Options) description given after the / and
|
|
separated by #. This can be used to fully pass the keyboard
|
|
configuration of \fBnxagent\fR right after the start. Example:
|
|
rmlvo/base#pc105#de,us#nodeadkeys#lv3:rwin_switch
|
|
.RE
|
|
.TP 8
|
|
|
|
.PP
|
|
If \fIkeyboard\fR is omitted the internal defaults of \fBnxagent\fR will be used (rules: \fIbase\fR, layout: \fIus\fR, model: \fIpc102\fR, empty variant and options).
|
|
|
|
.TP 8
|
|
.B keyconv=<string>
|
|
set keycode conversion mode
|
|
|
|
.BR auto | on | off
|
|
|
|
by default (\fIauto\fR) \fBnxagent\fR will activate keycode conversion
|
|
if it detects an evdev XKEYBOARD setup on the \fBnxproxy\fR side (the
|
|
standard on Linux systems nowadays). Keycode conversion means that
|
|
certain keycodes are mapped to make the keyboard appear as an pc105
|
|
model. Using \fIoff\fR this conversion can be suppressed and with
|
|
\fIon\fR it will be forced.
|
|
|
|
.TP 8
|
|
.B clipboard=<string>
|
|
|
|
.BR both | client | server | none
|
|
|
|
.RS 8
|
|
.TP 8
|
|
.I both
|
|
Allow clipboard data exchange both from nxagent to real X server and vice-versa. This is the default.
|
|
.TP 8
|
|
.I client
|
|
Limit clipboard data exchange to work only in one direction: from real X server to nxagent.
|
|
Clipboard will still work inside nxagent. This setting effectively prevents data leakage from the nxagent session to the outside.
|
|
.TP 8
|
|
.I server
|
|
Limit clipboard data exchange to work only in one direction: from nxagent to real X server.
|
|
.TP 8
|
|
.I none
|
|
Disable any clipboard data exchange. Clipboard will still work inside the nxagent and on the real X server, but no data exchange will be possible.
|
|
.RE
|
|
.TP 8
|
|
.B textclipboard=<bool>
|
|
enable (set to \fI1\fR) or disable (set to \fI0\fR) text-only
|
|
clipboard. Text-only clipboard is the old (<= 3.5.99.26) clipboard
|
|
behaviour where you could only copy and paste text strings (no
|
|
graphics, no rich text, ...). Using this mode been seen as a security feature
|
|
as it effectively prevents transferring dangerous binary data,
|
|
e.g. manipulated graphics by accident. On the other hand it's also
|
|
less comfortable. (default: disabled)
|
|
.TP 8
|
|
.B streaming=<bool>
|
|
enable (set to \fI1\fR) or disable (set to \fI0\fR) streaming support for images, not fully implemented yet and thus non-functional. (default: disabled)
|
|
.TP 8
|
|
.B backingstore=<bool>
|
|
disable (set to \fI0\fR) or enforce (set to \fI1\fR) backing store support (default: enforced). In rootless mode backingstore is always disabled.
|
|
.TP 8
|
|
.B composite=<bool>
|
|
enable (set to \fI1\fR) or disable (set to \fI0\fR) Composite support in \fBnxagent\fR (default: enabled)
|
|
.TP 8
|
|
.B xinerama=<bool>
|
|
enable (set to \fI1\fR) or disable (set to \fI0\fR) XINERAMA support in \fBnxagent\fR (default: enabled)
|
|
.TP 8
|
|
.B shmem=<bool>
|
|
enable/disable using shared memory. Accepted values: \fI1\fR (enable, default), \fI0\fR (disable)
|
|
.TP 8
|
|
.B shpix=<bool>
|
|
enable/disable shared pixmaps support. Accepted values: \fI1\fR (enable, default), \fI0\fR (disable)
|
|
.TP 8
|
|
.B client=<string>
|
|
type of connecting operating system (supported: \fIlinux\fR,
|
|
\fIwindows\fR, \fIsolaris\fR and \fImacosx\fR)
|
|
.TP 8
|
|
.B clients=<string>
|
|
filename where to log output of the nxagent's clients. This is ignored if no session id has been provided. It then points to stderr. Default: <sessiondir>/clients.
|
|
.TP 8
|
|
.B shadow=<string>
|
|
define the display that should be shadowed
|
|
.TP 8
|
|
.B shadowuid=<int>
|
|
unique identifier for the shadow session
|
|
.TP 8
|
|
.B shadowmode=<bool>
|
|
full access (set to \fI1\fR) or viewing-only (set to \fI0\fR, default)
|
|
.TP 8
|
|
.B state=<string>
|
|
filename where to store the state of the nxagent (for easier interoperation with software like x2go. Default: sessiondir/state.
|
|
.TP 8
|
|
.B defer=<int>
|
|
defer image updates (enabled for all connection types except LAN),
|
|
accepts values \fI0\fR, \fI1\fR and \fI2\fR
|
|
|
|
The default value can be set via the command line (\-defer). The value
|
|
provided as nx/nx option is set when resuming a session, thus it
|
|
overrides the command line default.
|
|
|
|
The default depends on the link type (see man nxproxy).
|
|
|
|
Each defer level adds the following rules to the previous ones:
|
|
.RS 8
|
|
.TP 8
|
|
.I 0
|
|
Eager encoding.
|
|
|
|
Default for link speed \fIlan\fR and \fIlocal\fR.
|
|
.TP 8
|
|
.I 1
|
|
No data is put or copied on pixmaps, marking them always as corrupted
|
|
and synchronizing them on demand, i.e. when a copy area to a window is
|
|
requested, the source is synchronized before copying it.
|
|
|
|
Default for link speed \fIwan\fR.
|
|
.TP 8
|
|
.I 2
|
|
The put images over the windows are skipped marking the destination as
|
|
corrupted. The same happens for copy area and composite operations,
|
|
spreading the corrupted regions of involved drawables.
|
|
|
|
Default for link speed \fIadsl\fR, \fIisdn\fR and \fImodem\fR.
|
|
.RE
|
|
|
|
.TP 8
|
|
.B tile=<string>
|
|
set the maximum tile size in pixels (\fI<W>x<H>\fR) for bitmap data sent over the wire
|
|
|
|
The default value can be set via the command line (\-tile). The value
|
|
provided as nx/nx option is set when resuming a session, thus it
|
|
overrides the command line default.
|
|
.TP 8
|
|
.B menu=<bool>
|
|
support pulldown menu in \fBnxagent\fR session (only available on
|
|
proxy <-> agent remote sessions) (default: \fI1\fR, enabled)
|
|
.TP 8
|
|
.B magicpixel=<bool>
|
|
enable/disable magic pixel support in fullscreen mode (default: \fI1\fR, enabled)
|
|
.TP 8
|
|
.B copysize=<int>
|
|
Maximum number of bytes that can be pasted from an NX session
|
|
into an external application. Default is unlimited.
|
|
.TP 8
|
|
.B autodpi=<bool>
|
|
enable/disable deriving session DPI automatically from real server
|
|
(default: \fI0\fR, disabled); only takes effect on session startups, gets
|
|
ignored when reconnecting to a suspended session
|
|
.TP 8
|
|
.B sleep=<int>
|
|
delay X server operations when suspended (provided in milliseconds),
|
|
set to \fI0\fR to keep \fBnxagent\fR session fully functional when
|
|
suspended (e.g. useful when mirroring an \fBnxagent\fR session via
|
|
VNC). Graphic intensive applications will be affected by this more
|
|
than others. The default is 50ms.
|
|
.TP 8
|
|
.B tolerancechecks=<string>
|
|
|
|
.BR strict|safe|risky|bypass
|
|
.RS 8
|
|
.TP 8
|
|
.I strict
|
|
means that the number of internal and external pixmap formats must
|
|
match exactly and every internal pixmap format must be available in the
|
|
external pixmap format array. This is the default.
|
|
.TP 8
|
|
.I safe
|
|
means that the number of pixmap formats might diverge, but all
|
|
internal pixmap formats must also be included in the external pixmap
|
|
formats array. This is recommended, because it allows clients with more
|
|
pixmap formats to still connect, but not lose functionality.
|
|
.TP 8
|
|
.I risky
|
|
means that the internal pixmap formats array is allowed to be
|
|
smaller than the external pixmap formats array, but at least one pixmap
|
|
format must be included in both. This is potentially unsafe.
|
|
.TP 8
|
|
.I bypass
|
|
means that all of these checks are essentially
|
|
deactivated. This is a very bad idea.
|
|
.RE
|
|
.TP 8
|
|
.B autograb=<bool>
|
|
enable or disable autograb (default: \fI0\fR, disabled). Can be toggled during session via keystroke.
|
|
.RE
|
|
|
|
If you want to use \fBnxagent\fR as a replacement for Xnest or Xephyr you
|
|
can pass options like this:
|
|
.PP
|
|
.nf
|
|
$ echo nx/nx,fullscreen=1$DISPLAY >/tmp/opt
|
|
$ nxagent <command-line-options> -options /tmp/opt :<nx-display-port>
|
|
.fi
|
|
|
|
.SH XDMCP OPTIONS
|
|
X servers that support XDMCP have the following options.
|
|
See the \fIX Display Manager Control Protocol\fP specification for more
|
|
information.
|
|
.TP 8
|
|
.B \-query \fIhostname\fP
|
|
enables XDMCP and sends Query packets to the specified
|
|
.IR hostname .
|
|
.TP 8
|
|
.B \-broadcast
|
|
enable XDMCP and broadcasts BroadcastQuery packets to the network. The
|
|
first responding display manager will be chosen for the session.
|
|
.TP 8
|
|
.B \-multicast [\fIaddress\fP [\fIhop count\fP]]
|
|
Enable XDMCP and multicast BroadcastQuery packets to the network.
|
|
The first responding display manager is chosen for the session. If an
|
|
address is specified, the multicast is sent to that address. If no
|
|
address is specified, the multicast is sent to the default XDMCP IPv6
|
|
multicast group. If a hop count is specified, it is used as the maximum
|
|
hop count for the multicast. If no hop count is specified, the multicast
|
|
is set to a maximum of 1 hop, to prevent the multicast from being routed
|
|
beyond the local network.
|
|
.TP 8
|
|
.B \-indirect \fIhostname\fP
|
|
enables XDMCP and send IndirectQuery packets to the specified
|
|
.IR hostname .
|
|
.TP 8
|
|
.B \-port \fIport-number\fP
|
|
uses the specified \fIport-number\fP for XDMCP packets, instead of the
|
|
default. This option must be specified before any \-query, \-broadcast,
|
|
\-multicast, or \-indirect options.
|
|
.TP 8
|
|
.B \-from \fIlocal-address\fP
|
|
specifies the local address to connect from (useful if the connecting host
|
|
has multiple network interfaces). The \fIlocal-address\fP may be expressed
|
|
in any form acceptable to the host platform's \fIgethostbyname\fP(3)
|
|
implementation.
|
|
.TP 8
|
|
.B \-once
|
|
causes the server to terminate (rather than reset) when the XDMCP session
|
|
ends.
|
|
.TP 8
|
|
.B \-class \fIdisplay-class\fP
|
|
XDMCP has an additional display qualifier used in resource lookup for
|
|
display-specific options. This option sets that value, by default it
|
|
is "MIT-Unspecified" (not a very useful value).
|
|
.TP 8
|
|
.B \-cookie \fIxdm-auth-bits\fP
|
|
When testing XDM-AUTHENTICATION-1, a private key is shared between the
|
|
server and the manager. This option sets the value of that private
|
|
data (not that it is very private, being on the command line!).
|
|
.TP 8
|
|
.B \-displayID \fIdisplay-id\fP
|
|
Yet another XDMCP specific value, this one allows the display manager to
|
|
identify each display so that it can locate the shared key.
|
|
|
|
.SH XKEYBOARD OPTIONS
|
|
X servers that support the XKEYBOARD (a.k.a. \*qXKB\*q) extension accept the
|
|
following options. All layout files specified on the command line must be
|
|
located in the XKB base directory or a subdirectory, and specified as the
|
|
relative path from the XKB base directory. The default XKB base directory is
|
|
.IR /usr/share/X11/xkb .
|
|
.TP 8
|
|
.B [+-]kb
|
|
enables(+) or disables(-) the XKEYBOARD extension.
|
|
.TP 8
|
|
.BR [+-]accessx " [ \fItimeout\fP [ \fItimeout_mask\fP [ \fIfeedback\fP [ \fIoptions_mask\fP ] ] ] ]"
|
|
enables(+) or disables(-) AccessX key sequences.
|
|
.TP 8
|
|
.B \-xkbdir \fIdirectory\fP
|
|
base directory for keyboard layout files. This option is not available
|
|
for setuid X servers (i.e., when the X server's real and effective uids
|
|
are different).
|
|
.TP 8
|
|
.B \-ardelay \fImilliseconds\fP
|
|
sets the autorepeat delay (length of time in milliseconds that a key must
|
|
be depressed before autorepeat starts).
|
|
.TP 8
|
|
.B \-arinterval \fImilliseconds\fP
|
|
sets the autorepeat interval (length of time in milliseconds that should
|
|
elapse between autorepeat-generated keystrokes).
|
|
.TP 8
|
|
.B \-xkbmap \fIfilename\fP
|
|
loads keyboard description in \fIfilename\fP on server startup.
|
|
|
|
.SH SECURITY EXTENSION OPTIONS
|
|
X servers that support the SECURITY extension accept the following option:
|
|
.TP 8
|
|
.B \-sp \fIfilename\fP
|
|
causes the server to attempt to read and interpret filename as a security
|
|
policy file with the format described below. The file is read at server
|
|
startup and reread at each server reset.
|
|
.PP
|
|
The syntax of the security policy file is as follows.
|
|
Notation: "*" means zero or more occurrences of the preceding element,
|
|
and "+" means one or more occurrences. To interpret <foo/bar>, ignore
|
|
the text after the /; it is used to distinguish between instances of
|
|
<foo> in the next section.
|
|
.PP
|
|
.nf
|
|
<policy file> ::= <version line> <other line>*
|
|
|
|
<version line> ::= <string/v> '\en'
|
|
|
|
<other line > ::= <comment> | <access rule> | <site policy> | <blank line>
|
|
|
|
<comment> ::= # <not newline>* '\en'
|
|
|
|
<blank line> ::= <space> '\en'
|
|
|
|
<site policy> ::= sitepolicy <string/sp> '\en'
|
|
|
|
<access rule> ::= property <property/ar> <window> <perms> '\en'
|
|
|
|
<property> ::= <string>
|
|
|
|
<window> ::= any | root | <required property>
|
|
|
|
<required property> ::= <property/rp> | <property with value>
|
|
|
|
<property with value> ::= <property/rpv> = <string/rv>
|
|
|
|
<perms> ::= [ <operation> | <action> | <space> ]*
|
|
|
|
<operation> ::= r | w | d
|
|
|
|
<action> ::= a | i | e
|
|
|
|
<string> ::= <dbl quoted string> | <single quoted string> | <unquoted string>
|
|
|
|
<dbl quoted string> ::= <space> " <not dqoute>* " <space>
|
|
|
|
<single quoted string> ::= <space> ' <not squote>* ' <space>
|
|
|
|
<unquoted string> ::= <space> <not space>+ <space>
|
|
|
|
<space> ::= [ ' ' | '\et' ]*
|
|
|
|
Character sets:
|
|
|
|
<not newline> ::= any character except '\en'
|
|
<not dqoute> ::= any character except "
|
|
<not squote> ::= any character except '
|
|
<not space> ::= any character except those in <space>
|
|
.fi
|
|
.PP
|
|
The semantics associated with the above syntax are as follows.
|
|
.PP
|
|
<version line>, the first line in the file, specifies the file format
|
|
version. If the server does not recognize the version <string/v>, it
|
|
ignores the rest of the file. The version string for the file format
|
|
described here is "version-1" .
|
|
.PP
|
|
Once past the <version line>, lines that do not match the above syntax
|
|
are ignored.
|
|
.PP
|
|
<comment> lines are ignored.
|
|
.PP
|
|
<sitepolicy> lines are currently ignored. They are intended to
|
|
specify the site policies used by the XC-QUERY-SECURITY-1
|
|
authorization method.
|
|
.PP
|
|
<access rule> lines specify how the server should react to untrusted
|
|
client requests that affect the X Window property named <property/ar>.
|
|
The rest of this section describes the interpretation of an
|
|
<access rule>.
|
|
.PP
|
|
For an <access rule> to apply to a given instance of <property/ar>,
|
|
<property/ar> must be on a window that is in the set of windows
|
|
specified by <window>. If <window> is any, the rule applies to
|
|
<property/ar> on any window. If <window> is root, the rule applies to
|
|
<property/ar> only on root windows.
|
|
.PP
|
|
If <window> is <required property>, the following apply. If <required
|
|
property> is a <property/rp>, the rule applies when the window also
|
|
has that <property/rp>, regardless of its value. If <required
|
|
property> is a <property with value>, <property/rpv> must also have
|
|
the value specified by <string/rv>. In this case, the property must
|
|
have type STRING and format 8, and should contain one or more
|
|
null-terminated strings. If any of the strings match <string/rv>, the
|
|
rule applies.
|
|
.PP
|
|
The definition of string matching is simple case-sensitive string
|
|
comparison with one elaboration: the occurrence of the character '*' in
|
|
<string/rv> is a wildcard meaning "any string." A <string/rv> can
|
|
contain multiple wildcards anywhere in the string. For example, "x*"
|
|
matches strings that begin with x, "*x" matches strings that end with
|
|
x, "*x*" matches strings containing x, and "x*y*" matches strings that
|
|
start with x and subsequently contain y.
|
|
.PP
|
|
There may be multiple <access rule> lines for a given <property/ar>.
|
|
The rules are tested in the order that they appear in the file. The
|
|
first rule that applies is used.
|
|
.PP
|
|
<perms> specify operations that untrusted clients may attempt, and
|
|
the actions that the server should take in response to those operations.
|
|
.PP
|
|
<operation> can be r (read), w (write), or d (delete). The following
|
|
table shows how X Protocol property requests map to these operations
|
|
in The Open Group server implementation.
|
|
.PP
|
|
.nf
|
|
GetProperty r, or r and d if delete = True
|
|
ChangeProperty w
|
|
RotateProperties r and w
|
|
DeleteProperty d
|
|
ListProperties none, untrusted clients can always list all properties
|
|
.fi
|
|
.PP
|
|
<action> can be a (allow), i (ignore), or e (error). Allow means
|
|
execute the request as if it had been issued by a trusted client.
|
|
Ignore means treat the request as a no-op. In the case of
|
|
GetProperty, ignore means return an empty property value if the
|
|
property exists, regardless of its actual value. Error means do not
|
|
execute the request and return a BadAtom error with the atom set to
|
|
the property name. Error is the default action for all properties,
|
|
including those not listed in the security policy file.
|
|
.PP
|
|
An <action> applies to all <operation>s that follow it, until the next
|
|
<action> is encountered. Thus, irwad means ignore read and write,
|
|
allow delete.
|
|
.PP
|
|
GetProperty and RotateProperties may do multiple operations (r and d,
|
|
or r and w). If different actions apply to the operations, the most
|
|
severe action is applied to the whole request; there is no partial
|
|
request execution. The severity ordering is: allow < ignore < error.
|
|
Thus, if the <perms> for a property are ired (ignore read, error
|
|
delete), and an untrusted client attempts GetProperty on that property
|
|
with delete = True, an error is returned, but the property value is
|
|
not. Similarly, if any of the properties in a RotateProperties do not
|
|
allow both read and write, an error is returned without changing any
|
|
property values.
|
|
.PP
|
|
Here is an example security policy file.
|
|
.PP
|
|
.ta 3i 4i
|
|
.nf
|
|
version-1
|
|
|
|
# Allow reading of application resources, but not writing.
|
|
property RESOURCE_MANAGER root ar iw
|
|
property SCREEN_RESOURCES root ar iw
|
|
|
|
# Ignore attempts to use cut buffers. Giving errors causes apps to crash,
|
|
# and allowing access may give away too much information.
|
|
property CUT_BUFFER0 root irw
|
|
property CUT_BUFFER1 root irw
|
|
property CUT_BUFFER2 root irw
|
|
property CUT_BUFFER3 root irw
|
|
property CUT_BUFFER4 root irw
|
|
property CUT_BUFFER5 root irw
|
|
property CUT_BUFFER6 root irw
|
|
property CUT_BUFFER7 root irw
|
|
|
|
# If you are using Motif, you probably want these.
|
|
property _MOTIF_DEFAULT_BINDINGS root ar iw
|
|
property _MOTIF_DRAG_WINDOW root ar iw
|
|
property _MOTIF_DRAG_TARGETS any ar iw
|
|
property _MOTIF_DRAG_ATOMS any ar iw
|
|
property _MOTIF_DRAG_ATOM_PAIRS any ar iw
|
|
|
|
# The next two rules let xwininfo -tree work when untrusted.
|
|
property WM_NAME any ar
|
|
|
|
# Allow read of WM_CLASS, but only for windows with WM_NAME.
|
|
# This might be more restrictive than necessary, but demonstrates
|
|
# the <required property> facility, and is also an attempt to
|
|
# say "top level windows only."
|
|
property WM_CLASS WM_NAME ar
|
|
|
|
# These next three let xlsclients work untrusted. Think carefully
|
|
# before including these; giving away the client machine name and command
|
|
# may be exposing too much.
|
|
property WM_STATE WM_NAME ar
|
|
property WM_CLIENT_MACHINE WM_NAME ar
|
|
property WM_COMMAND WM_NAME ar
|
|
|
|
# To let untrusted clients use the standard colormaps created by
|
|
# xstdcmap, include these lines.
|
|
property RGB_DEFAULT_MAP root ar
|
|
property RGB_BEST_MAP root ar
|
|
property RGB_RED_MAP root ar
|
|
property RGB_GREEN_MAP root ar
|
|
property RGB_BLUE_MAP root ar
|
|
property RGB_GRAY_MAP root ar
|
|
|
|
# To let untrusted clients use the color management database created
|
|
# by xcmsdb, include these lines.
|
|
property XDCCC_LINEAR_RGB_CORRECTION root ar
|
|
property XDCCC_LINEAR_RGB_MATRICES root ar
|
|
property XDCCC_GRAY_SCREENWHITEPOINT root ar
|
|
property XDCCC_GRAY_CORRECTION root ar
|
|
|
|
# To let untrusted clients use the overlay visuals that many vendors
|
|
# support, include this line.
|
|
property SERVER_OVERLAY_VISUALS root ar
|
|
|
|
# Dumb examples to show other capabilities.
|
|
|
|
# oddball property names and explicit specification of error conditions
|
|
property "property with spaces" 'property with "' aw er ed
|
|
|
|
# Allow deletion of Woo-Hoo if window also has property OhBoy with value
|
|
# ending in "son". Reads and writes will cause an error.
|
|
property Woo-Hoo OhBoy = "*son" ad
|
|
|
|
.fi
|
|
.SH "NETWORK CONNECTIONS"
|
|
The X server supports client connections via a platform-dependent subset of
|
|
the following transport types: TCP\/IP, Unix Domain sockets
|
|
and several varieties of SVR4 local connections. See the DISPLAY
|
|
NAMES section of the \fIX\fP(__miscmansuffix__) manual page to learn how to
|
|
specify which transport type clients should try to use.
|
|
|
|
.SH GRANTING ACCESS
|
|
The X server implements a platform-dependent subset of the following
|
|
authorization protocols: MIT-MAGIC-COOKIE-1, XDM-AUTHORIZATION-1,
|
|
XDM-AUTHORIZATION-2, SUN-DES-1, and MIT-KERBEROS-5. See the
|
|
\fIXsecurity\fP(__miscmansuffix__) manual page for information on the
|
|
operation of these protocols.
|
|
.PP
|
|
Authorization data required by the above protocols is passed to the
|
|
server in a private file named with the \fB\-auth\fR command line
|
|
option. Each time the server is about to accept the first connection
|
|
after a reset (or when the server is starting), it reads this file.
|
|
If this file contains any authorization records, the local host is not
|
|
automatically allowed access to the server, and only clients which
|
|
send one of the authorization records contained in the file in the
|
|
connection setup information will be allowed access. See the
|
|
\fIXau\fP manual page for a description of the binary format of this
|
|
file. See \fIxauth\fP(1) for maintenance of this file, and distribution
|
|
of its contents to remote hosts.
|
|
.PP
|
|
The X server also uses a host-based access control list for deciding
|
|
whether or not to accept connections from clients on a particular machine.
|
|
If no other authorization mechanism is being used,
|
|
this list initially consists of the host on which the server is running as
|
|
well as any machines listed in the file \fI/etc/X\fBn\fI.hosts\fR, where
|
|
\fBn\fP is the display number of the server. Each line of the file should
|
|
contain either an Internet hostname (e.g. expo.lcs.mit.edu) or a complete
|
|
name in the format \fIfamily\fP:\fIname\fP as described in the
|
|
\fIxhost\fP(1) manual page.
|
|
There should be no leading or trailing spaces on any lines. For example:
|
|
.sp
|
|
.in +8
|
|
.nf
|
|
joesworkstation
|
|
corporate.company.com
|
|
star::
|
|
inet:bigcpu
|
|
local:
|
|
.fi
|
|
.in -8
|
|
.PP
|
|
Users can add or remove hosts from this list and enable or disable access
|
|
control using the \fIxhost\fP command from the same machine as the server.
|
|
.PP
|
|
If the X FireWall Proxy (\fIxfwp\fP) is being used without a sitepolicy,
|
|
host-based authorization must be turned on for clients to be able to
|
|
connect to the X server via the \fIxfwp\fP. If \fIxfwp\fP is run without
|
|
a configuration file and thus no sitepolicy is defined, if \fIxfwp\fP
|
|
is using an X server where xhost + has been run to turn off host-based
|
|
authorization checks, when a client tries to connect to this X server
|
|
via \fIxfwp\fP, the X server will deny the connection. See \fIxfwp\fP(1)
|
|
for more information about this proxy.
|
|
.PP
|
|
The X protocol intrinsically does not have any notion of window operation
|
|
permissions or place any restrictions on what a client can do; if a program can
|
|
connect to a display, it has full run of the screen.
|
|
X servers that support the SECURITY extension fare better because clients
|
|
can be designated untrusted via the authorization they use to connect; see
|
|
the \fIxauth\fP(1) manual page for details. Restrictions are imposed
|
|
on untrusted clients that curtail the mischief they can do. See the SECURITY
|
|
extension specification for a complete list of these restrictions.
|
|
.PP
|
|
Sites that have better
|
|
authentication and authorization systems might wish to make
|
|
use of the hooks in the libraries and the server to provide additional
|
|
security models.
|
|
.SH SIGNALS
|
|
The X server attaches special meaning to the following signals:
|
|
.TP 8
|
|
.I SIGHUP
|
|
This signal causes the server to close all existing connections, free all
|
|
resources, and restore all defaults. It is sent by the display manager
|
|
whenever the main user's main application (usually an \fIxterm\fP or window
|
|
manager) exits to force the server to clean up and prepare for the next
|
|
user.
|
|
.TP 8
|
|
.I SIGTERM
|
|
This signal causes the server to exit cleanly.
|
|
.TP 8
|
|
.I SIGUSR1
|
|
This signal is used quite differently from either of the above. When the
|
|
server starts, it checks to see if it has inherited SIGUSR1 as SIG_IGN
|
|
instead of the usual SIG_DFL. In this case, the server sends a SIGUSR1 to
|
|
its parent process after it has set up the various connection schemes.
|
|
\fIXdm\fP uses this feature to recognize when connecting to the server
|
|
is possible.
|
|
.SH FONTS
|
|
The X server
|
|
can obtain fonts from directories and/or from font servers.
|
|
The list of directories and font servers
|
|
the X server uses when trying to open a font is controlled
|
|
by the \fIfont path\fP.
|
|
.LP
|
|
The default font path is
|
|
__default_font_path__ .
|
|
.LP
|
|
The font path can be set with the \fB\-fp\fR option or by \fIxset\fP(1)
|
|
after the server has started.
|
|
.SH FILES
|
|
.TP 30
|
|
.I /etc/X\fBn\fP.hosts
|
|
Initial access control list for display number \fBn\fP
|
|
.TP 30
|
|
.IR /usr/share/fonts/X11/misc,
|
|
/usr/share/fonts/X11/75dpi,
|
|
/usr/share/fonts/X11/100dpi
|
|
Bitmap font directories
|
|
.TP 30
|
|
.IR /usr/share/fonts/X11/Type1
|
|
Outline font directories
|
|
.TP 30
|
|
.I /usr/share/nx/rgb
|
|
Color database
|
|
.TP 30
|
|
.I /tmp/.X11-unix/X\fBn\fP
|
|
Unix domain socket for display number \fBn\fP
|
|
.TP 30
|
|
.IR /tmp/rcX\fBn\fP
|
|
Kerberos 5 replay cache for display number \fBn\fP
|
|
.SH "SEE ALSO"
|
|
Protocols:
|
|
.I "X Window System Protocol,"
|
|
.I "NX Compression Protocol,"
|
|
.I "The X Font Service Protocol,"
|
|
.I "X Display Manager Control Protocol"
|
|
.PP
|
|
Fonts: \fIbdftopcf\fP(1), \fImkfontdir\fP(1), \fImkfontscale\fP(1),
|
|
\fIxfs\fP(1), \fIxlsfonts\fP(1), \fIxfontsel\fP(1), \fIxfd\fP(1),
|
|
.I "X Logical Font Description Conventions"
|
|
.PP
|
|
Security: \fIXsecurity\fP(__miscmansuffix__), \fIxauth\fP(1), \fIXau\fP(1),
|
|
\fIxdm\fP(1), \fIxhost\fP(1), \fIxfwp\fP(1),
|
|
.I "Security Extension Specification"
|
|
.PP
|
|
Starting the server: \fIxdm\fP(1), \fIxinit\fP(1)
|
|
.PP
|
|
Controlling the server once started: \fIxset\fP(1), \fIxsetroot\fP(1),
|
|
\fIxhost\fP(1)
|
|
.PP
|
|
Server-specific man pages:
|
|
\fIXdec\fP(1), \fIXmacII\fP(1), \fIXsun\fP(1), \fIXnest\fP(1),
|
|
\fIXvfb\fP(1), \fIXFree86\fP(1), \fIXDarwin\fP(1).
|
|
.PP
|
|
Server internal documentation:
|
|
.I "Definition of the Porting Layer for the X v11 Sample Server"
|
|
.SH AUTHORS
|
|
The first sample X server was originally written by Susan Angebranndt,
|
|
Raymond Drewry, Philip Karlton, and Todd Newman, from Digital Equipment
|
|
Corporation, with support from a large cast. It has since been
|
|
extensively rewritten by Keith Packard and Bob Scheifler, from MIT. Dave
|
|
Wiggins took over post-R5 and made substantial improvements.
|
|
.PP
|
|
The first implementation of nx-X11 (version 1.x up to 3.5.x) was written
|
|
by NoMachine (maintained until 2011).
|
|
.PP
|
|
The current implementation of nx-X11 is maintained by various projects,
|
|
amongst others The Arctica Project, TheQVD (Qindel Group) and X2Go.
|
|
.PP
|
|
This manual page was written by Per Hansen <spamhans@yahoo.de>, and
|
|
modified by Marcelo Boveto Shima <marceloshima@gmail.com> and Mike
|
|
Gabriel <mike.gabriel@das-netzwerkteam.de>. In 2016, the original
|
|
Xserver.man page shipped with nx-X11 was merged into the \fBnxagent\fR
|
|
man page and received a major update by Mike Gabriel
|
|
<mike.gabriel@das-netzwerkteam.de>.
|