diff --git a/flux/src/etc/xrdp/sesman.ini b/flux/src/etc/xrdp/sesman.ini new file mode 100644 index 00000000..a76e0631 --- /dev/null +++ b/flux/src/etc/xrdp/sesman.ini @@ -0,0 +1,147 @@ +;; See `man 5 sesman.ini` for details + +[Globals] +ListenAddress=127.0.0.1 +ListenPort=3350 +EnableUserWindowManager=true +; Give in relative path to user's home directory +UserWindowManager=startwm.sh +; Give in full path or relative path to /etc/xrdp +DefaultWindowManager=startwm.sh +; Give in full path or relative path to /etc/xrdp +ReconnectScript=reconnectwm.sh + +[Security] +AllowRootLogin=true +MaxLoginRetry=4 +TerminalServerUsers=tsusers +TerminalServerAdmins=tsadmins +; When AlwaysGroupCheck=false access will be permitted +; if the group TerminalServerUsers is not defined. +AlwaysGroupCheck=false +; When RestrictOutboundClipboard=true clipboard from the +; server is not pushed to the client. +RestrictOutboundClipboard=false + +[Sessions] +;; X11DisplayOffset - x11 display number offset +; Type: integer +; Default: 10 +X11DisplayOffset=10 + +;; MaxSessions - maximum number of connections to an xrdp server +; Type: integer +; Default: 0 +MaxSessions=50 + +;; KillDisconnected - kill disconnected sessions +; Type: boolean +; Default: false +; if 1, true, or yes, every session will be killed within DisconnectedTimeLimit +; seconds after the user disconnects +KillDisconnected=false + +;; DisconnectedTimeLimit (seconds) - wait before kill disconnected sessions +; Type: integer +; Default: 0 +; if KillDisconnected is set to false, this value is ignored +DisconnectedTimeLimit=0 + +;; IdleTimeLimit (seconds) - wait before disconnect idle sessions +; Type: integer +; Default: 0 +; Set to 0 to disable idle disconnection. +IdleTimeLimit=0 + +;; Policy - session allocation policy +; Type: enum [ "Default" | "UBD" | "UBI" | "UBC" | "UBDI" | "UBDC" ] +; "Default" session per +; "UBD" session per +; "UBI" session per +; "UBC" session per +; "UBDI" session per +; "UBDC" session per +Policy=Default + +[Logging] +; Note: Log levels can be any of: core, error, warning, info, debug, or trace +LogFile=xrdp-sesman.log +LogLevel=INFO +EnableSyslog=true +#SyslogLevel=INFO +#EnableConsole=false +#ConsoleLevel=INFO +#EnableProcessId=false + +[LoggingPerLogger] +; Note: per logger configuration is only used in XRDP_DEBUG builds of XRDP. +#sesman.c=INFO +#main()=INFO + +; +; Session definitions - startup command-line parameters for each session type +; + +[Xorg] +; Specify the path of non-suid Xorg executable. It might differ depending +; on your distribution and version. Find out the appropreate path for your +; environment. The typical path is known as follows: +; +; Fedora 26 or later : param=/usr/libexec/Xorg +; Debian 9 or later : param=/usr/lib/xorg/Xorg +; Ubuntu 16.04 or later : param=/usr/lib/xorg/Xorg +; Arch Linux : param=/usr/lib/Xorg +; CentOS 7 : param=/usr/bin/Xorg or param=Xorg +; CentOS 8 : param=/usr/libexec/Xorg +; +param=Xorg +; Leave the rest paramaters as-is unless you understand what will happen. +param=-config +param=xrdp/xorg.conf +param=-noreset +param=-nolisten +param=tcp +param=-logfile +param=.xorgxrdp.%s.log + +[Xvnc] +param=Xvnc +param=-bs +param=-nolisten +param=tcp +param=-localhost +param=-dpi +param=96 + +[Chansrv] +; drive redirection +; See sesman.ini(5) for the format of this parameter +#FuseMountName=/run/user/%u/thinclient_drives +#FuseMountName=/media/thinclient_drives/%U/thinclient_drives +FuseMountName=thinclient_drives +; this value allows only the user to acess their own mapped drives. +; Make this more permissive (e.g. 022) if required. +FileUmask=077 +; Can be used to disable FUSE functionality - see sesman.ini(5) +#EnableFuseMount=false + +[ChansrvLogging] +; Note: one log file is created per display and the LogFile config value +; is ignored. The channel server log file names follow the naming convention: +; xrdp-chansrv.${DISPLAY}.log +; +; Note: Log levels can be any of: core, error, warning, info, debug, or trace +LogLevel=INFO +EnableSyslog=true +#SyslogLevel=INFO +#EnableConsole=false +#ConsoleLevel=INFO +#EnableProcessId=false + +[ChansrvLoggingPerLogger] +; Note: per logger configuration is only used in XRDP_DEBUG builds of XRDP. +#chansrv.c=INFO +#main()=INFO + +[SessionVariables] +PULSE_SCRIPT=/etc/xrdp/pulse/default.pa