Re: XDMCP and GDM3

To: debian-user@lists.debian.org
Subject: Re: XDMCP and GDM3
From: Martin Feuersänger <m@feuersaenger.de>
Date: Thu, 1 Dec 2011 13:08:17 +0100 (CET)
Message-id: <[🔎] 6729.168.87.60.62.1322741297.squirrel@wm.feuersaenger.de>

Hi Rob,

Rob Owens wrote:
> On Mon, Nov 28, 2011 at 04:22:07PM +0100, Martin Feuersänger wrote:
>> I know which files control the KDM behavior in regard to XDMCP (kdmrc
>> and Xaccess, both in /etc/kde4/kdm/).
>> But for GDM3 I have no idea where this is done. It just worked. Xaccess
>> at /etc/X11/xdm/ had no influence so it must be somewhere else.
>>
>>
> On my Squeeze system, there is /etc/gdm3/daemon.conf, which has an XDMCP
> section.  I'm taking a wild guess here, but you might add something to that
> section like:

Thanks for the suggestion, I forgot that we actually set 'Enable=true' in
the XDMCP section of /etc/gdm3/daemon.conf, otherwise GDM3 doesn't even
listen on port 177.

Then it seems that GDM3 allows every host to access directly and indirectly.

Several configuration examples that cover all of xdm, gdm and kdm seem to
suggest this. They explicitly mention mention Xaccess for both xdm and kdm
but leave it out for gdm.

If GDM3 still behaves like the older GDM I guess
http://library.gnome.org/admin/gdm/stable/configuration.html.en
has the answer:

HonorIndirect=true

Enables remote execution of the chooser, 'true' seems to be default.

Regarding access control the document says:

"If GDM is compiled to support it, access from remote displays can be
controlled using the TCP Wrappers library. The service name is gdm

You should add

gdm:.my.domain

to your <etc>/hosts.allow, depending on your TCP Wrappers configuration."

Cheers,
  Martin

Reply to:

Prev by Date: Re: Detach Icedove from xterm itself called from terminal.
Next by Date: Re: can't enter into gnome interface
Previous by thread: Re: NNTP server
Next by thread: Re: Laptop Not Resuming From Hibernation
Index(es):
- Date
- Thread