InDepth: Configuring xdm

For both convenience and flexibility, xdm offers a useful way to manage X sessions.
Configuring xdm

xdm is highly configurable; the following is only one way to configure it in order to accomplish a specific goal.

On my Red Hat 7 system, xdm lives in /etc/X11/xdm. Its main configuration file is xdm-config (see Listing 1).

Listing 1. xdm-config

xdm's configuration files are in X resource format. There are resources for the configuration of the locations of various files. We are interested in the files pointed to by the resources servers, accessFile and resources. The adventurous will be interested in the session and DisplayManager._X.setup, where X is the display number.

Notice that DisplayManager.requestPort:0 is commented out. This resource specifies which UDP port to use to listen for XDMCP requests. If it is set to 0 (as is the default), then XDMCP requests are ignored, and xdm only manages local displays (see Xservers file). We comment it out so that xdm will listen on the default port (USP port 177).

My Xservers file looks like this:

#:0 local /usr/X11R6/bin/X

If this line were not commented out, then I would get a graphical login screen every time I started xdm. That is, it would start and manage a local X server on display 0 by running the command /usr/X11R6/bin/X. What we want to be able to do is select the host that we will connect to. We accomplish this using the Xaccess file:

#any indirect host can get a chooser
*  CHOOSER BROADCAST
#
# If you'd prefer to configure the set of
# hosts each terminal sees,
# then just uncomment these lines
# (and comment out the CHOOSER line above)
# and edit the %hostlist line as appropriate
#
#%hostlist      host-a host-b
#*              CHOOSER %hostlist       #
Although the Xaccess file is a very flexible tool, we will only be using it to launch the chooser (indirect mode). The chooser is a little X application that displays a list of available hosts on the network, allowing us to select the one to which we would like to connect. I like to use the BROADCAST option because new hosts show up in the list automatically. Some may prefer to name the hosts specifically, as shown using the %hostlist macro. This method is sometimes required, especially in larger networks where the broadcast doesn't reach all desired hosts.

If you are interested in a finer level of control, you can use a list of servers instead of BROADCAST. This will allow you to specify the list of available hosts directly.

If you want to configure xdm to handle requests from different X servers in different ways, you can specify a hostname or host list instead of *. Examples of this follow.

The following lines tell xdm to handle all queries from either host-a, host-b or host-c itself (Direct mode):

host-a
host-b
host-c

To tell xdm to send indirect queries from host-a to server-a or server-b, type

host-a    server-a server-b
It could also be written
%hostlist         server-a server-b
host-a              %hostlist
You can set up xdm to handle indirect queries using the chooser (our preferred method). In our next example, host-a gets a chooser window containing a list of all hosts that answer the BROADCAST, while everyone else gets only the list specified by %hostlist:
%hostlist         server-a server-b
host-a              CHOOSER BROADCAST
*                      CHOOSER %hostlist.
Finally, to finish up the basic functionality, we can look at the Xresources file. I left mine with the defaults, but some might want to customize the look and feel a bit. In this file you can change colors, fonts and other style options. I've found the Chooser*geometry resource to be the most useful because it allows you to set the size of the chooser application window.

You can configure some administrative functions in xdm-config as well. Things like DisplayManager.errorLogFilelogfile will set the location of the log file. This log file contains the stderr output of xdm, Xsetup, Xstartup, Xsession and Xreset scripts.

Upon successful logon-process completion, xdm launches the script file specified in the session resource. This allows users to customize the behavior of the X sessions. Administrators will most likely want to check out the Xsession script. Users will want to create a $HOME/.xsession or $HOME/.Xclients file to customize the behavior of the session manager (i.e., start a window manager, a clock, etc.).

Testing Our Configuration

In order to test our configuration, we need to find X (which X). On my system, it's in /usr/X11R6/bin/X. In any case, you should end up seeing a logon screen. To test direct mode you would type

/usr/X11R6/bin/X -query remotexdmhost

For indirect broadcast mode type

/usr/X11R6/bin/X -broadcast
And for indirect mode using the chooser, type
/usr/X11R6/bin/X -indirect remotexdmhost
Once these were working, I created the /etc/rc.d/init.d script to auto-start and auto-stop the xdm service. See the article on using the chkconfig utility in the April 2001 Linux Journal for more information.

Then, I created the following scripts to make life simple for my users. On their workstations, I create a file named /usr/bin/X11/startx.xdmcp. If the host is called “wkstn1”, then the file contains

#!/bin/sh
/usr/X11R6/bin/X -indirect wkstn1

where hostname is the name of the xdm server (in my case the workstations are both an xdm server and an X server).

Next, I entered

mv /usr/bin/X11/startx /usr/bin/X11/startx.original
chmod 755 /usr/bin/X11/startx.xdmcp
ln -s /usr/bin/X11/startx.xdmcp /usr/bin/X11/startx

This allows any user who may be used to logging in to their workstation and typing startx to get a console, to instead receive a list of available hosts to log in to (including their own workstation).

______________________

Webinar
One Click, Universal Protection: Implementing Centralized Security Policies on Linux Systems

As Linux continues to play an ever increasing role in corporate data centers and institutions, ensuring the integrity and protection of these systems must be a priority. With 60% of the world's websites and an increasing share of organization's mission-critical workloads running on Linux, failing to stop malware and other advanced threats on Linux can increasingly impact an organization's reputation and bottom line.

Learn More

Sponsored by Bit9

Webinar
Linux Backup and Recovery Webinar

Most companies incorporate backup procedures for critical data, which can be restored quickly if a loss occurs. However, fewer companies are prepared for catastrophic system failures, in which they lose all data, the entire operating system, applications, settings, patches and more, reducing their system(s) to “bare metal.” After all, before data can be restored to a system, there must be a system to restore it to.

In this one hour webinar, learn how to enhance your existing backup strategies for better disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible bare-metal recovery solution for UNIX and Linux systems.

Learn More

Sponsored by Storix