| Gnome Display Manager Reference Manual | ||
|---|---|---|
| Prev | Chapter 2. The Configuration Directory | |
The daemon and the accompanying utilities share a common configuration file: etc/gdm/gdm.conf.
The configuration file is divided into sections each containing variables that define the behaviour for a specific part of the GDM suite.
gdm.conf follows the standard GNOME configuration file syntax. Keywords in brackets define sections, strings before an equal sign (=) are variables and the data after equal sign represents their value.
In general, 0 represents disable and 1 represents enable for boolean configuration options.
[daemon]
Chooser=bin/gdmchooser --disable-sound |
Full path and name of the chooser executable followed by optional arguments.
DefaultPath=/bin:/usr/bin:/usr/bin/X11:/usr/local/bin |
Specifies the path which will be set in the user's session.
DisplayInitDir=etc/gdm/Init |
Directory containing the display init scripts. See the ``Script Directories'' section for more info.
Greeter=bin/gdmlogin --disable-sound |
Full path and name of the greeter executable followed by optional arguments.
Group=gdm |
The group id under which gdmlogin/gdmchooser are run.
HaltCommand=/sbin/shutdown -h now |
Full path and arguments to command to be executed when user selects Halt from the System menu.
KillInitClients=1 |
Determines whether GDM should kill X clients started by the init scripts when the user logs in.
LogDir=var/gdm |
Directory containing the log files for the individual displays. By default this is the same as the ServAuthDir.
PidFile=var/run/gdm.pid |
Name of the file containing the gdm process id.
PostSessionScriptDir=etc/gdm/PostSession |
Directory containing the scripts run after the user logs out. See the ``Script Directories'' section for more info.
PreSessionScriptDir=etc/gdm/PreSession |
Directory containing the scripts run before the user logs in. See the ``Script Directories'' section for more info.
RebootCommand=/sbin/shutdown -r now |
Full path and optional arguments to the program to be executed when user selects Reboot from the System menu.
RootPath=/sbin:/usr/sbin:/bin:/usr/bin:/usr/bin/X11:/usr/local/bin |
Specifies the path which will be set in the root's session and the {Init,PreSession,PostSession} scripts executed by GDM.
ServAuthDir=/var/gdm |
Directory containing the X authentication files for the individual displays. Should be owned by gdm.gdm with permissions 750.
SessionDir=etc/gdm/Sessions |
Directory containing the scripts for all session types available on the system.
User=gdm |
The username under which gdmlogin / gdmchooser are run.
UserAuthDir= |
The directory where user's .Xauthority file should be saved. When nothing is specfied the user's home directory is used.
UserAuthFBDir=/tmp |
If GDM fails to update the user's .Xauthority file a fallback cookie is created in this directory.
UserAuthFile=.Xauthority |
Name of the file used for storing user cookies.
[security]
AllowRoot=0 |
Graphical root logins are disallowed by default. Set this value to 1 to enable priviledged user logins.
On systems that support PAM, this parameter is ignored. It's up to the PAM libraries to determine whether the user is on a local display or not.
RelaxPermissions=0 |
By default GDM ignores files and directories writable to other users than the owner.
Changing the value of RelaxPermissions makes it possible to alter this behaviour:
0 - Paranoia option. Only accepts user owned files and directories.
1 - Allow group writable files and directories.
2 - Allow world writable files and directories.
RetryDelay=3 |
The number of seconds GDM should wait before reactivating the entry field after a failed login.
UserMaxFile=65536 |
GDM will refuse to read/write files bigger than this number (specified in bytes).
In addition to the size check both gdm and gdmlogin are extremely picky about accessing files in user directories. Neither will follow symlinks and they can optionally refuse to read files and directories writable by other than the owner. See the RelaxPermissions option for more info.
VerboseAuth=0 |
Specifies whether GDM should print authentication errors in the message field in the greeter.
Depending on your system setup, usernames might be exposed when this option is on.
[xdmcp]
Enable=0 |
Setting this to 1 enables XDMCP support allowing remote displays/X terminals to be managed by GDM.
gdm listens for requests on UDP port 177. See the Port option for more information.
If GDM is compiled to support it, access from remote displays can be controlled using the TCP Wrappers library. The service name is gdm
You should add
gdm: .my.domain
|
to your /etc/hosts.allow. See the hosts_access(5) man page for details.
Please note that XDMCP is not a particularly secure protocol and that it is a good idea to block UDP port 177 on your firewall unless you really need it.
HonorIndirect=1 |
Enables XDMCP INDIRECT choosing (i.e. remote execution of gdmchooser) for X-terminals which don't supply their own display browser.
MaxPending=4 |
To avoid denial of service attacks, GDM has fixed size queue of pending connections. Only MaxPending displays can start at the same time.
Please note that this parameter does *not* limit the number of remote displays which can be managed. It only limits the number of displays initiating a connection simultaneously.
MaxPendingIndirect=4 |
GDM will only provide MaxPendingIndirect displays with host choosers simultaneously.
MaxSessions=16 |
Determines the maximum number of remote display connections which will be managed simultaneously. I.e. the total number of remote displays that can use your host.
MaxWait=30 |
When GDM is ready to manage a display an ACCEPT packet is sent to it containing a unique session id which will be used in future XDMCP conversations.
GDM will then place the session id in the pending queue waiting for the display to respond with a MANAGE request.
If no response is received within MaxWait seconds, GDM will declare the display dead and erase it from the pending queue freeing up the slot for other displays.
MaxWaitIndirect=30 |
The MaxWaitIndirect parameter determines the maximum number of seconds between the time where a display requests a chooser and completion of protocol negotiation. If the timeout is exceeded, GDM will remove the display from the pending list freeing up the slot for other displays.
Port=177 |
The UDP port number gdm should listen to for XDMCP requests. Don't change this unless you know what you're doing.
[gui]
Gtkrc= |
Path to a gtkrc containing the theme for use in gdmlogin / gdmchooser.
MaxIconWidth=128 |
Specifies the maximum icon width (in pixels) that the face browser will display. Icons larger than this will be scaled.
MaxIconHeight=128 |
Specifies the maximum icon height (in pixels) that the face browser will display. Icons larger than this will be scaled.
[greeter]
Browser=0 |
Set to 1 to enable the face browser. See the ``Greeter'' section for more information on the face browser.
DefaultFace=share/pixmaps/nophoto.png |
Default icon file for users without a personal picture in ~/gnome/photo. The image must be in an Imlib supported format and the file must be readable for the gdm user.
DefaultLocale=english |
This language is used for the session unless nothing is specified in ~user/.gnome/gdm and the user didn't select a language in the Locale menu in the greeter.
Exclude=bin,daemon,adm,lp,sync,shutdown,halt,mail,... |
Comma-separated list of usernames to exclude from the face browser. The excluded users will still be able to log in.
Font=-adobe-helvetica-bold-r-normal-*-*-180-*-*-*-*-*-* |
Font to use for the welcome message in the greeter.
GlobalFaceDir=share/faces/ |
Systemwide directory for face files. The sysadmin can place icons for users here without touching their homedirs. Faces are named after their users' logins.
I.e. <GlobalFaceDir>/johndoe would contain the face icon for the user ``johndoe''. No image format extension should be specified.
The face images must be stored in Imlib supported formats and they must be readable for the GDM user.
A user's own icon file will always take precedence over the sysadmin provided one.
Icon=share/pixmaps/gdm.xpm |
Icon to use for gdmlogin when it's in the iconified state. The image must be in an Imlib supported format and it must be readable for the GDM user. If no file is specified the iconify feature is disabled.
LocaleFile=etc/gdm/locale.alias |
File in GNU locale format with entries for all supported languages on the system.
Logo=share/pixmaps/gnome-logo-large.png |
Image file to display in the logo box. The file must be in an Imlib supported format and it must be readable by the GDM user. If no file is specified the logo feature is disabled.
Quiver=1 |
Controls whether gdmlogin should shake the display when an incorrect username/password is entered.
SystemMenu=0 |
Turns the Shutdown/Halt menu on/off.
Welcome=Welcome to %n |
Controls which text to display next to the logo image in the greeter. The following control chars are supported:
%% the `%' character
%d display's hostname
%h Fully qualified hostname
%m machine (processor type)
%n Nodename (i.e. hostname without .domain)
%r release (OS version)
%s sysname (i.e. OS)
[chooser]
DefaultHostImage=share/pixmaps/nohost.png |
File name for the default host icon. This image will be displayed if no icon is specified for a given host. The file must be in an Imlib supported format and it must be readable for the GDM user.
HostImageDir=share/hosts |
Repository for host icon files. The sysadmin can place icons for remote hosts here and they will appear in gdmchooser.
The file name must match the fully qualified name (FQDN) for the host. The icons must be stored in Imlib supported formats and they must be readable to the gdm user.
ScanTime=3 |
Specifies how many seconds the chooser should wait for replies to its BROADCAST_QUERY.
[servers]
0=/usr/bin/X11/X |
Control section for local X servers. Each line indicates the local display number and the command that needs to be run to start the X server(s).
GDM will append "-auth <ServAuthDir>/:n.Xauth :n", where n is the display number.