successfully configure the XDMCP in MandrakeLinux9.2!

skating

摘自Thomas Chao的“Linux XDMCP HOWTO”<tomchao@lucent.com>;
These are steps I used to setup the X Server for accepting XDMCP requests:


In Linux X environment, you need to provide font using either X font server (xfs) or hard coded font path in XF86Config and XF86Config-4 configuration files. If you plan to use xfs font server (check here to see the xfs advantages), do this in RH 6.2 and Mandrake 8.x and 9.0, modify /etc/rc.d/init.d/xfs and make the following changes. Change all (this is where the Font Server port):

daemon xfs -droppriv -daemon -port -1


to:

daemon xfs -droppriv -daemon -port 7100


In Mandrake 7.2, the port is already set to 7100. Also, in RH 7.x, it is by default, for security enhancement, not listening to TCP port any longer! If you like to setup X font server, do the following steps:

Change this line in /etc/rc.d/init.d/xfs:

daemon xfs -droppriv -daemon


to:

daemon xfs -droppriv -daemon -port 7100


Then, in /etc/X11/fs/config, comment out this line:

# don't listen to TCP ports by default for security reasons
#no-listen = tcp


If you change or add the port, use this command to restart your X font server (requires root): service xfs restart



You do not have to use port 7100. You can set a different port, as long as you carefully plan it first to make sure no conflicts in using the port number and change it accordingly. It is better to consult your Linux admin before doing so, so that he/she knows the port has been taken! Different Linux distribution may put the xfs in different folder under /etc/rc.d. You may search for it if that's the case.

Modify /etc/X11/xdm/xdm-config and make the following change. Be default (in most Linux distributions), this line is set, so that it is not listening to XDMCP connection. This is for security reason. For Caldera using kdm, this file is at /etc/X11/kdm. Find this line:

DisplayManager.requestPort:     0


and comment it out as:

! DisplayManager.requestPort:     0


Remember, this does not affects gdm. For gdm setup, it is in the following section.

In /etc/X11/xdm/Xaccess, change this. (this allow all hosts to connect). For Caldera using kdm, this file is at /etc/X11/kdm. Set the security to 644 (chmod 644):

#*    # any host can get a login window


to:

*     # any host can get a login window


The above setup is in a Broadcast mode, which will list all the X Server that are listening and willing to manage your X connection. If you only want to allow certain connections, use the CHOOSER section in this same file. An example can be found in the Resources.

I use the gdm as default and use gdm login window to switch between KDE and GNOME. For gdm, edit /etc/X11/gdm/gdm.conf. This activates XDMCP, causing it to listen to the request. For kdm (if you pick KDE as your DM in your installation), edit /usr/share/config/kdm/kdmrc for Mandrake and /etc/kde/kdm/kdmrc for Red Hat or /opt/kde2/share/config/kdm/kdmrc for Slackware version (KDE2). Change this line:

[xdmcp]
Enable=false (may shown as 0 in some distributions)


to:

Enable=true (or 1 in some distributions)


Make sure "ort=177" is at the end of this block.

Now edit /etc/inittab and change the following line:

id:3:initdefault:


to:

id:5:initdefault:


In Slackware, the X11 mode is number "4", not "5".

This is switching from Text Mode login to Graphical Mode using Display Manager. Before changing this line, you can use the telinit command to test prior to modifying the line. Use either telinit 3 to set to level 3, or telinit 5 to set to level 5, graphics mode (you can issue this command on the second machine that telnets into this server).

Make sure the proper security of the file /etc/X11/xdm/Xservers is set to 444 (chmod 444).

Locate /etc/X11/xdm/Xsetup_0 and chmod 755 this file.

Edit the XF86Config file (if you are using XFree86 4.x, the file is XF86Config-4) at /etc/X11 and change the line:

FontPath    "unix/:-1"


to:

FontPath    "unix/:7100"


If you decide to use the port number other than the usual 7100, be sure to change both in "/etc/rc.d/init.d/xfs" file and here!

To save your time and energy, I recommend you to add the FontPath in the XF86Config and XF86Config-4 configuration files. If you are not sure what fonts are available to you, you can use this command to check it out (requires root):

chkfontpath --list


The following are some of the example fonts for your reference. Make sure you have these fonts before editing these path.

         FontPath  "/usr/X11R6/lib/X11/fonts/75dpi/"
         FontPath  "/usr/X11R6/lib/X11/fonts/misc/"
         FontPath  "/usr/X11R6/lib/X11/fonts/CID/"
         FontPath  "/usr/X11R6/lib/X11/fonts/Speedo/"
         FontPath  "/usr/X11R6/lib/X11/fonts/100dpi/"
         FontPath  "/usr/X11R6/lib/X11/fonts/Type1/"


(You do not have to make this change. You can keep the default setting, but this is what I prefer. If you are not sure, leave this alone.) Change this line to the end of /etc/inittab:

x:5:respawn:/usr/bin/gdm


If you decided not to change this line, it is fine! This is not a required step, but of a personal preference!


You are now ready to run a test.

One other thing to know (that some users have asked) is how to display with Willing to manage message with load info As I know this is available in xdm by adding the following to the /etc/X11/xdm/xdm-config. DisplayManager.willing:  su noboby -c /etc/X11/xdm/Xwilling

and the XWilling script must exist. For gdm, add this line to the /etc/X11/gdm/gdm.conf in [security] section: Willing=/etc/X11/gdm/Xwilling



A sample of Xwilling script is here for your reference. Adding this script or not is your preference. It is not required step here!


2.7. Testing
To test if your XDMCP with X Server is ready to accept connection(s), do these steps. I find it easier using the X Server and another machine to test it:


(Re-)Start your X (which is in runlevel 5). If you are not sure how to do this, simply reboot your system (but this is really not necessary, if you know how to restart it using command line. That's the beauty of Linux, when comparing it to my Windows).

If you have not modify your firewall rules, you need to temporary disable it by using iptables -F (or ipchains -F).

Make sure the Graphical login page comes up. Make sure the display resolution and mouse work. Log in from the console to see if the local access is OK. If OK, do not log off.

Setup Hummingbird Exceed (or other X Client software) to either query this machine (using the IP address or fully qualified DNS name) or set to use XDMCP-Broadcast and try to connect to the X Server. You should see the X Session come up and the login screen appear.