commit 185a95375fb06a2218e7bdaf8b8048983f0547a0 Author: Marcin Krol <h...@tld-linux.org> Date: Thu Sep 6 09:43:04 2018 +0000
- merged version 0.9.7 from TLD Linux: * patch bundled *.ini files instead of keeping local copy * create special group xrdp for allowed users * deny root login by default * added script for starting selected WM * higher loglevel * dropped kerberos auth, there is no pam fallback which prevents user login build.patch | 11 --- config.patch | 187 ++++++++++++++++++++++++++++++++++++++++++++++++++ format-security.patch | 11 --- heimdal.patch | 42 ------------ link.patch | 9 --- quiet.patch | 47 +++++++++++++ startwm.sh | 3 + xrdp.README.PLD | 2 +- xrdp.README.PLD.pl | 4 +- xrdp.sesman.ini | 40 ----------- xrdp.spec | 164 +++++++++++++++++++++++++++++++------------ xrdp.xrdp.ini | 72 ------------------- 12 files changed, 360 insertions(+), 232 deletions(-) --- diff --git a/xrdp.spec b/xrdp.spec index aa654d7..c2d677a 100644 --- a/xrdp.spec +++ b/xrdp.spec @@ -1,35 +1,35 @@ Summary: Remote desktop server Summary(pl.UTF-8): Serwer remote desktop Name: xrdp -Version: 0.6.1 +Version: 0.9.7 Release: 1 License: GPL Group: X11/Applications/Networking -Source0: http://download.sourceforge.net/xrdp/%{name}-v%{version}.tar.gz -# Source0-md5: 26099c6588943262023607c1b4e774d8 +Source0: https://github.com/neutrinolabs/xrdp/releases/download/v%{version}/%{name}-%{version}.tar.gz +# Source0-md5: 5f8074a7bed8b45d43ef028748a86755 Source1: %{name}.init Source2: %{name}.pamd -Source3: %{name}.xrdp.ini -Source4: %{name}.sesman.ini -Source5: %{name}.README.PLD -Source6: %{name}.README.PLD.pl -Patch0: format-security.patch -Patch1: build.patch -Patch2: heimdal.patch -Patch3: link.patch -URL: http://xrdp.sourceforge.net/ +Source3: %{name}.README.PLD +Source4: %{name}.README.PLD.pl +Source5: startwm.sh +Patch0: config.patch +Patch1: quiet.patch +URL: http://www.xrdp.org/ BuildRequires: autoconf BuildRequires: automake BuildRequires: freerdp-devel -BuildRequires: heimdal-devel >= 1.5.3-4 BuildRequires: libtool BuildRequires: openssl-devel BuildRequires: pam-devel BuildRequires: rpmbuild(macros) >= 1.268 +Requires: xrdp-libs = %{version}-%{release} Requires(post,preun): /sbin/chkconfig Requires: /usr/bin/Xvnc Requires: rc-scripts Requires: xinitrc-ng +Requires(postun): /usr/sbin/groupdel +Requires(pre): /usr/bin/getgid +Requires(pre): /usr/sbin/groupadd BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n) %description @@ -49,16 +49,50 @@ klientami protokołu rdp Microsoftu. xrdp używa jako backendu Xvnc lub X11rdp. +%package -n xrdp-libs +Summary: xrdp shared libraries +Summary(pl.UTF-8): Biblioteki współdzielone xrdp +Group: Libraries +Requires(post,postun): /sbin/ldconfig + +%description -n xrdp-libs +xrdp shared libraries. + +%description -n xrdp-libs -l pl.UTF-8 +Biblioteki współdzielone xrdp. + +%package -n xrdp-devel +Summary: Header files for xrdp libraries +Summary(pl.UTF-8): Pliki nagłówkowe bibliotek xrdp +Group: Development/Libraries +Requires: xrdp-libs = %{version}-%{release} + +%description -n xrdp-devel +Header files for xrdp libraries. + +%description -n xrdp-devel -l pl.UTF-8 +Pliki nagłówkowe bibliotek xrdp. + +%package -n xrdp-static +Summary: Static xrdp libraries +Summary(pl.UTF-8): Statyczne biblioteki xrdp +License: LGPL v2.1 +Group: Development/Libraries +Requires: xrdp-devel = %{version}-%{release} + +%description -n xrdp-static +Static xrdp libraries. + +%description -n xrdp-static -l pl.UTF-8 +Statyczne biblioteki xrdp. + %prep -%setup -q -n %{name}-v%{version} +%setup -q %patch0 -p1 %patch1 -p1 -%patch2 -p1 -%patch3 -p1 -install %{SOURCE5} README.PLD -install %{SOURCE6} README.PLD.pl -awk '{gsub("LIBDIR","%{_libdir}"); print}' < %{SOURCE3} > xrdp.ini +install %{SOURCE3} README.PLD +install %{SOURCE4} README.PLD.pl %build %{__libtoolize} @@ -66,78 +100,88 @@ awk '{gsub("LIBDIR","%{_libdir}"); print}' < %{SOURCE3} > xrdp.ini %{__autoconf} %{__autoheader} %{__automake} -export CFLAGS="%{rpmcflags} -DHEIMDAL" %configure \ - --enable-kerberos \ --enable-freerdp1 %{__make} %install rm -rf $RPM_BUILD_ROOT -install -d $RPM_BUILD_ROOT%{_sysconfdir}/{%{name},pam.d,rc.d/init.d} +install -d $RPM_BUILD_ROOT%{_sysconfdir}/{%{name},pam.d,rc.d/init.d,security} %{__make} install \ DESTDIR=$RPM_BUILD_ROOT install %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/rc.d/init.d/xrdp install %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/pam.d/sesman -install %{SOURCE4} $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/sesman.ini +%{__rm} -f $RPM_BUILD_ROOT%{_sysconfdir}/pam.d/xrdp-sesman +%{__ln} -s sesman $RPM_BUILD_ROOT%{_sysconfdir}/pam.d/xrdp-sesman +%{__rm} $RPM_BUILD_ROOT%{_libdir}/%{name}/lib*.{a,la} +%{__rm} -f $RPM_BUILD_ROOT%{_sysconfdir}/xrdp/startwm.sh +install %{SOURCE5} $RPM_BUILD_ROOT%{_sysconfdir}/xrdp/startwm.sh -%{__rm} $RPM_BUILD_ROOT%{_libdir}/%{name}/lib*.{a,la,so} +:> $RPM_BUILD_ROOT/etc/security/blacklist.sesman + +%pre +%groupadd -g 183 xrdp %post -/sbin/ldconfig /sbin/chkconfig --add xrdp %service xrdp restart "xrdp server" -%postun -p /sbin/ldconfig - %preun if [ "$1" = "0" ]; then %service xrdp stop /sbin/chkconfig --del xrdp fi +%postun +if [ "$1" = "0" ]; then + %groupremove xrdp +fi %clean rm -rf $RPM_BUILD_ROOT +%post -n xrdp-libs -p /sbin/ldconfig +%postun -n xrdp-libs -p /sbin/ldconfig + %files %defattr(644,root,root,755) %doc *.txt %doc README.PLD %doc README.PLD.pl %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/sesman +%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/security/blacklist.sesman +%attr(640,root,root) /etc/pam.d/xrdp-sesman %attr(754,root,root) /etc/rc.d/init.d/xrdp %dir %{_sysconfdir}/%{name} -%config(noreplace) %{_sysconfdir}/%{name}/xrdp.ini +%dir %{_sysconfdir}/%{name}/pulse +%config(noreplace) %{_sysconfdir}/%{name}/cert.pem +%config(noreplace) %{_sysconfdir}/%{name}/key.pem %config(noreplace) %{_sysconfdir}/%{name}/rsakeys.ini %config(noreplace) %{_sysconfdir}/%{name}/sesman.ini -%{_sysconfdir}/%{name}/km-0407.ini -%{_sysconfdir}/%{name}/km-0409.ini -%{_sysconfdir}/%{name}/km-040c.ini -%{_sysconfdir}/%{name}/km-0410.ini -%{_sysconfdir}/%{name}/km-0419.ini -%{_sysconfdir}/%{name}/km-041d.ini +%config(noreplace) %{_sysconfdir}/%{name}/xrdp.ini +%config(noreplace) %{_sysconfdir}/%{name}/xrdp_keyboard.ini +%{_sysconfdir}/%{name}/km-*.ini +%config(noreplace) %{_sysconfdir}/%{name}/pulse/default.pa +%attr(755,root,root) %{_sysconfdir}/xrdp/reconnectwm.sh +%attr(755,root,root) %{_sysconfdir}/xrdp/startwm.sh %attr(755,root,root) %{_bindir}/xrdp-dis %attr(755,root,root) %{_bindir}/xrdp-genkeymap %attr(755,root,root) %{_bindir}/xrdp-keygen %attr(755,root,root) %{_bindir}/xrdp-sesadmin %attr(755,root,root) %{_bindir}/xrdp-sesrun -%attr(755,root,root) %{_bindir}/xrdp-sestest %attr(755,root,root) %{_sbindir}/xrdp %attr(755,root,root) %{_sbindir}/xrdp-chansrv %attr(755,root,root) %{_sbindir}/xrdp-sesman -%attr(755,root,root) %{_sbindir}/xrdp-sessvc %dir %{_libdir}/xrdp -%attr(755,root,root) %{_libdir}/xrdp/libcommon.so.* -%attr(755,root,root) %{_libdir}/xrdp/libmc.so.* -%attr(755,root,root) %{_libdir}/xrdp/librdp.so.* -%attr(755,root,root) %{_libdir}/xrdp/libscp.so.* -%attr(755,root,root) %{_libdir}/xrdp/libvnc.so.* -%attr(755,root,root) %{_libdir}/xrdp/libxrdp.so.* -%attr(755,root,root) %{_libdir}/xrdp/libxrdpfreerdp1.so.* -%attr(755,root,root) %{_libdir}/xrdp/libxup.so.* +%attr(755,root,root) %{_libdir}/xrdp/libcommon.so* +%attr(755,root,root) %{_libdir}/xrdp/libmc.so* +%attr(755,root,root) %{_libdir}/xrdp/libscp.so* +%attr(755,root,root) %{_libdir}/xrdp/libvnc.so* +%attr(755,root,root) %{_libdir}/xrdp/libxrdp.so* +%attr(755,root,root) %{_libdir}/xrdp/libxrdpapi.so* +%attr(755,root,root) %{_libdir}/xrdp/libxup.so* %dir %{_datadir}/xrdp %{_datadir}/xrdp/ad24b.bmp %{_datadir}/xrdp/ad256.bmp @@ -146,8 +190,40 @@ rm -rf $RPM_BUILD_ROOT %{_datadir}/xrdp/sans-10.fv1 %{_datadir}/xrdp/xrdp24b.bmp %{_datadir}/xrdp/xrdp256.bmp +%{_datadir}/xrdp/xrdp_logo.bmp +%{_mandir}/man1/xrdp-dis.1* %{_mandir}/man5/sesman.ini.5* %{_mandir}/man5/xrdp.ini.5* +%{_mandir}/man8/xrdp-chansrv.8* +%{_mandir}/man8/xrdp-genkeymap.8* +%{_mandir}/man8/xrdp-keygen.8* +%{_mandir}/man8/xrdp-sesadmin.8* %{_mandir}/man8/xrdp-sesman.8* %{_mandir}/man8/xrdp-sesrun.8* %{_mandir}/man8/xrdp.8* + +%files libs +%defattr(644,root,root,755) +%attr(755,root,root) %{_libdir}/libpainter.so.*.* +%attr(755,root,root) %{_libdir}/librfxencode.so.*.* + +%files devel +%defattr(644,root,root,755) +%attr(755,root,root) %{_libdir}/libpainter.so +%attr(755,root,root) %{_libdir}/librfxencode.so +%{_includedir}/painter.h +%{_includedir}/rfxcodec_common.h +%{_includedir}/rfxcodec_decode.h +%{_includedir}/rfxcodec_encode.h +%{_includedir}/xrdp_client_info.h +%{_includedir}/xrdp_constants.h +%{_includedir}/xrdp_rail.h +%{_includedir}/xrdp_sockets.h +%{_pkgconfigdir}/libpainter.pc +%{_pkgconfigdir}/rfxcodec.pc +%{_pkgconfigdir}/xrdp.pc + +%files static +%defattr(644,root,root,755) +%attr(755,root,root) %{_libdir}/libpainter.a +%attr(755,root,root) %{_libdir}/librfxencode.a diff --git a/build.patch b/build.patch deleted file mode 100644 index 78662ea..0000000 --- a/build.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- xrdp-v0.6.1/sesman/tools/Makefile.am~ 2013-11-09 21:11:15.000000000 +0100 -+++ xrdp-v0.6.1/sesman/tools/Makefile.am 2013-12-07 18:41:21.172980720 +0100 -@@ -20,7 +20,7 @@ - xrdp_sesrun_SOURCES = \ - sesrun.c \ - tcp.c \ -- config.c -+ ../config.c - - xrdp_sestest_SOURCES = \ - sestest.c diff --git a/config.patch b/config.patch new file mode 100644 index 0000000..e27fb63 --- /dev/null +++ b/config.patch @@ -0,0 +1,187 @@ +diff -ur xrdp-0.9.7.orig/sesman/sesman.ini xrdp-0.9.7/sesman/sesman.ini +--- xrdp-0.9.7.orig/sesman/sesman.ini 2018-06-29 08:18:27.000000000 +0000 ++++ xrdp-0.9.7/sesman/sesman.ini 2018-09-06 09:10:42.289218472 +0000 +@@ -12,13 +12,13 @@ + ReconnectScript=reconnectwm.sh + + [Security] +-AllowRootLogin=true ++AllowRootLogin=false + MaxLoginRetry=4 +-TerminalServerUsers=tsusers +-TerminalServerAdmins=tsadmins ++TerminalServerUsers=xrdp ++TerminalServerAdmins=root + ; When AlwaysGroupCheck=false access will be permitted + ; if the group TerminalServerUsers is not defined. +-AlwaysGroupCheck=false ++AlwaysGroupCheck=true + + [Sessions] + ;; X11DisplayOffset - x11 display number offset +@@ -55,10 +55,10 @@ + Policy=Default + + [Logging] +-LogFile=xrdp-sesman.log +-LogLevel=DEBUG ++LogFile=/dev/null ++LogLevel=INFO + EnableSyslog=1 +-SyslogLevel=DEBUG ++SyslogLevel=INFO + + ; + ; Session definitions - startup command-line parameters for each session type +@@ -81,8 +81,8 @@ + param=-noreset + param=-nolisten + param=tcp +-param=-logfile +-param=.xorgxrdp.%s.log ++#param=-logfile ++#param=.xorgxrdp.%s.log + + [X11rdp] + param=X11rdp +diff -ur xrdp-0.9.7.orig/xrdp/xrdp.ini xrdp-0.9.7/xrdp/xrdp.ini +--- xrdp-0.9.7.orig/xrdp/xrdp.ini 2018-06-29 08:18:27.000000000 +0000 ++++ xrdp-0.9.7/xrdp/xrdp.ini 2018-09-06 09:13:13.540216769 +0000 +@@ -4,6 +4,8 @@ + + ; fork a new process for each incoming connection + fork=true ++; IP address to listen ++;address=127.0.0.1 + ; tcp port to listen + port=3389 + ; 'port' above should be connected to with vsock instead of tcp +@@ -118,10 +120,10 @@ + ls_btn_cancel_height=30 + + [Logging] +-LogFile=xrdp.log +-LogLevel=DEBUG ++LogFile=/dev/null ++LogLevel=INFO + EnableSyslog=true +-SyslogLevel=DEBUG ++SyslogLevel=INFO + ; LogLevel and SysLogLevel could by any of: core, error, warning, info or debug + + [Channels] +@@ -153,24 +155,24 @@ + ; Some session types such as Xorg, X11rdp and Xvnc start a display server. + ; Startup command-line parameters for the display server are configured + ; in sesman.ini. See and configure also sesman.ini. +-[Xorg] +-name=Xorg +-lib=libxup.so +-username=ask +-password=ask +-ip=127.0.0.1 +-port=-1 +-code=20 +- +-[X11rdp] +-name=X11rdp +-lib=libxup.so +-username=ask +-password=ask +-ip=127.0.0.1 +-port=-1 +-xserverbpp=24 +-code=10 ++#[Xorg] ++#name=Xorg ++#lib=libxup.so ++#username=ask ++#password=ask ++#ip=127.0.0.1 ++#port=-1 ++#code=20 ++ ++#[X11rdp] ++#name=X11rdp ++#lib=libxup.so ++#username=ask ++#password=ask ++#ip=127.0.0.1 ++#port=-1 ++#xserverbpp=24 ++#code=10 + + [Xvnc] + name=Xvnc +@@ -182,43 +184,43 @@ + #xserverbpp=24 + #delay_ms=2000 + +-[console] +-name=console +-lib=libvnc.so +-ip=127.0.0.1 +-port=5900 +-username=na +-password=ask ++#[console] ++#name=console ++#lib=libvnc.so ++#ip=127.0.0.1 ++#port=5900 ++#username=na ++#password=ask + #delay_ms=2000 + +-[vnc-any] +-name=vnc-any +-lib=libvnc.so +-ip=ask +-port=ask5900 +-username=na +-password=ask ++#[vnc-any] ++#name=vnc-any ++#lib=libvnc.so ++#ip=ask ++#port=ask5900 ++#username=na ++#password=ask + #pamusername=asksame + #pampassword=asksame + #pamsessionmng=127.0.0.1 + #delay_ms=2000 + +-[sesman-any] +-name=sesman-any +-lib=libvnc.so +-ip=ask +-port=-1 +-username=ask +-password=ask ++#[sesman-any] ++#name=sesman-any ++#lib=libvnc.so ++#ip=ask ++#port=-1 ++#username=ask ++#password=ask + #delay_ms=2000 + +-[neutrinordp-any] +-name=neutrinordp-any +-lib=libxrdpneutrinordp.so +-ip=ask +-port=ask3389 +-username=ask +-password=ask ++#[neutrinordp-any] ++#name=neutrinordp-any ++#lib=libxrdpneutrinordp.so ++#ip=ask ++#port=ask3389 ++#username=ask ++#password=ask + + ; You can override the common channel settings for each session type + #channel.rdpdr=true diff --git a/format-security.patch b/format-security.patch deleted file mode 100644 index f8a1d66..0000000 --- a/format-security.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- xrdp-v0.6.1/common/log.c~ 2013-11-09 21:11:15.000000000 +0100 -+++ xrdp-v0.6.1/common/log.c 2013-12-07 18:38:21.836315352 +0100 -@@ -160,7 +160,7 @@ - if (l_cfg->enable_syslog && (lvl <= l_cfg->log_level)) - { - /* log to syslog */ -- syslog(log_xrdp2syslog(lvl), buff + 20); -+ syslog(log_xrdp2syslog(lvl), "%s", buff + 20); - } - - if (lvl <= l_cfg->log_level) diff --git a/heimdal.patch b/heimdal.patch deleted file mode 100644 index 80f3750..0000000 --- a/heimdal.patch +++ /dev/null @@ -1,42 +0,0 @@ ---- xrdp-v0.6.1/sesman/verify_user_kerberos.c~ 2013-11-09 21:11:15.000000000 +0100 -+++ xrdp-v0.6.1/sesman/verify_user_kerberos.c 2013-12-07 19:01:56.670626777 +0100 -@@ -187,11 +187,15 @@ - - u_info = (struct user_info*)data; - rc = 0; -+#ifndef HEIMDAL - types = krb5_get_prompt_types(ctx); -+#endif - for (i = 0; i < num_prompts; i++) - { -+#ifndef HEIMDAL - if (types[i] == KRB5_PROMPT_TYPE_PASSWORD || - types[i] == KRB5_PROMPT_TYPE_NEW_PASSWORD_AGAIN) -+#endif - { - g_strncpy(prompts[i].reply->data, u_info->pass, 255); - } -@@ -214,7 +214,11 @@ - krb5_creds my_creds; - krb5_error_code code = 0; - krb5_get_init_creds_opt options; -+#ifdef HEIMDAL -+ krb5_addresses* addresses; -+#else - krb5_address** addresses; -+#endif - - krb5_get_init_creds_opt_init(&options); - g_memset(&my_creds, 0, sizeof(my_creds)); -@@ -245,7 +249,11 @@ - if (opts->addresses) - { - addresses = NULL; -+#ifdef HEIMDAL -+ code = krb5_get_all_client_addrs(k5->ctx, addresses); -+#else - code = krb5_os_localaddr(k5->ctx, &addresses); -+#endif - if (code != 0) - { - g_printf("krb5_os_localaddr failed in k5_kinit\n"); diff --git a/link.patch b/link.patch deleted file mode 100644 index 44a9c5f..0000000 --- a/link.patch +++ /dev/null @@ -1,9 +0,0 @@ ---- xrdp-v0.6.1/common/Makefile.am~ 2013-11-09 21:11:15.000000000 +0100 -+++ xrdp-v0.6.1/common/Makefile.am 2013-12-07 20:09:12.855037515 +0100 -@@ -23,4 +23,5 @@ - libcommon_la_LIBADD = \ - -lcrypto \ - -lssl \ -- -lpthread -+ -lpthread \ -+ -ldl diff --git a/quiet.patch b/quiet.patch new file mode 100644 index 0000000..ee6b5fa --- /dev/null +++ b/quiet.patch @@ -0,0 +1,47 @@ +diff -ur xrdp-0.9.7.orig/common/log.c xrdp-0.9.7/common/log.c +--- xrdp-0.9.7.orig/common/log.c 2018-06-04 15:01:57.000000000 +0000 ++++ xrdp-0.9.7/common/log.c 2018-07-04 15:24:35.592840196 +0000 +@@ -382,11 +382,11 @@ + /* try to create path if not exist */ + g_create_path(lc->log_file); + +- g_printf("logging configuration:\r\n"); ++ /*g_printf("logging configuration:\r\n"); + g_printf("\tLogFile: %s\r\n", lc->log_file); + g_printf("\tLogLevel: %i\r\n", lc->log_level); + g_printf("\tEnableSyslog: %i\r\n", lc->enable_syslog); +- g_printf("\tSyslogLevel: %i\r\n", lc->syslog_level); ++ g_printf("\tSyslogLevel: %i\r\n", lc->syslog_level);*/ + return LOG_STARTUP_OK; + } + +diff -ur xrdp-0.9.7.orig/xrdp/xrdp.c xrdp-0.9.7/xrdp/xrdp.c +--- xrdp-0.9.7.orig/xrdp/xrdp.c 2018-06-29 08:06:27.000000000 +0000 ++++ xrdp-0.9.7/xrdp/xrdp.c 2018-07-04 15:26:48.163832295 +0000 +@@ -475,7 +475,7 @@ + + if (startup_params->kill) + { +- g_writeln("stopping xrdp"); ++ /*g_writeln("stopping xrdp");*/ + /* read the xrdp.pid file */ + fd = -1; + +@@ -493,7 +493,7 @@ + g_memset(text, 0, 32); + g_file_read(fd, text, 31); + pid = g_atoi(text); +- g_writeln("stopping process id %d", pid); ++ /*g_writeln("stopping process id %d", pid);*/ + + if (pid > 0) + { +@@ -597,7 +597,7 @@ + or systemd cannot detect xrdp daemon couldn't start properly */ + g_exit(1); + } +- g_writeln("daemon process %d started ok", pid); ++ /*g_writeln("daemon process %d started ok", pid);*/ + /* exit, this is the main process */ + g_deinit(); + g_exit(0); diff --git a/startwm.sh b/startwm.sh new file mode 100755 index 0000000..1853e3c --- /dev/null +++ b/startwm.sh @@ -0,0 +1,3 @@ +#!/bin/sh + +. /etc/X11/xinit/Xclients diff --git a/xrdp.README.PLD b/xrdp.README.PLD index 3ea2748..7f3f07f 100644 --- a/xrdp.README.PLD +++ b/xrdp.README.PLD @@ -8,5 +8,5 @@ sesman config file: /etc/xrdp/sesman.ini. === Users permitted to log in: === -By default, members of the "users" group are permitted to log in. You can +By default, members of the "xrdp" group are permitted to log in. You can change this by editing "TerminalServerUsers" in the sesman config file. diff --git a/xrdp.README.PLD.pl b/xrdp.README.PLD.pl index 7777483..063bd67 100644 --- a/xrdp.README.PLD.pl +++ b/xrdp.README.PLD.pl @@ -9,5 +9,5 @@ sesmana: /etc/xrdp/sesman.ini. === Uprawnieni użytkownicy: === -Aby ograniczyć prawo do korzystania z xrdp do określonej grupy uzytkowników, -można wpisać tą grupę w pliku /etc/xrdp/sesman.ini w polu TerminalServerUsers. +Domyślnie tylko użytkownicy należący do grupy xrdp mają prawo logowania. Można +zmienić tą grupę w pliku /etc/xrdp/sesman.ini w polu TerminalServerUsers. diff --git a/xrdp.sesman.ini b/xrdp.sesman.ini deleted file mode 100644 index e11b161..0000000 --- a/xrdp.sesman.ini +++ /dev/null @@ -1,40 +0,0 @@ -[Globals] -ListenAddress=127.0.0.1 -ListenPort=3350 -EnableUserWindowManager=1 -UserWindowManager=/etc/X11/xinit/Xclients -DefaultWindowManager=/etc/X11/xinit/Xclients - -[Security] -AllowRootLogin=1 -MaxLoginRetry=4 -TerminalServerUsers=users -TerminalServerAdmins=root - -[Sessions] -X11DisplayOffset=10 -MaxSessions=10 -KillDisconnected=0 -IdleTimeLimit=0 -DisconnectedTimeLimit=0 - -[Logging] -LogFile=/dev/null -LogLevel=CORE -EnableSyslog=1 -SyslogLevel=CORE - -[X11rdp] -param1=-bs -param2=-ac -#param3=-nolisten -#param4=tcp - -[Xvnc] -param1=-bs -param2=-ac -#param3=-nolisten -#param4=tcp -#param5=-localhost -#param6=-dpi -#param7=96 diff --git a/xrdp.xrdp.ini b/xrdp.xrdp.ini deleted file mode 100644 index 8217a8c..0000000 --- a/xrdp.xrdp.ini +++ /dev/null @@ -1,72 +0,0 @@ - -[globals] -bitmap_cache=yes -bitmap_compression=yes -port=3389 -crypt_level=low -channel_code=1 -max_bpp=24 -#black=000000 -#grey=d6d3ce -#dark_grey=808080 -#blue=08246b -#dark_blue=08246b -#white=ffffff -#red=ff0000 -#green=00ff00 -#background=626c72 - -[xrdp1] -name=sesman-Xvnc -lib=LIBDIR/xrdp/libvnc.so -username=ask -password=ask -ip=127.0.0.1 -port=-1 - -[xrdp2] -name=console -lib=LIBDIR/xrdp/libvnc.so -ip=127.0.0.1 -port=5900 -username=na -password=ask - -[xrdp3] -name=vnc-any -lib=LIBDIR/xrdp/libvnc.so -ip=ask -port=ask5900 -username=na -password=ask - -[xrdp4] -name=sesman-any -lib=LIBDIR/xrdp/libvnc.so -ip=ask -port=-1 -username=ask -password=ask - -[xrdp5] -name=rdp-any -lib=LIBDIR/xrdp/librdp.so -ip=ask -port=ask3389 - -[xrdp6] -name=freerdp-any -lib=LIBDIR/xrdp/libxrdpfreerdp1.so -ip=ask -port=ask3389 -username=ask -password=ask - -[xrdp7] -name=sesman-X11rdp -lib=LIBDIR/xrdp/libxup.so -username=ask -password=ask -ip=127.0.0.1 -port=-1 -xserverbpp=24 ================================================================ ---- gitweb: http://git.pld-linux.org/gitweb.cgi/packages/xrdp.git/commitdiff/185a95375fb06a2218e7bdaf8b8048983f0547a0 _______________________________________________ pld-cvs-commit mailing list pld-cvs-commit@lists.pld-linux.org http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit