tdmrc"> ksmserver"> kdesktop"> XDMCP"> xdm"> ]> The &tdm; Handbook The &tde; Documentation Team 2000 &Neal.Crook; 2002 &Oswald.Buddenhagen; 2003 &Lauri.Watts; &tde-copyright-date; The TDE Documentation Team &tde-release-date; &tde-release-version; This document describes &tdm;, the &tde; Display Manager. &tdm; is also known as the Login Manager. TDE tdm xdm display manager login manager Introduction &tdm; provides a graphical interface that allows you to log in to a system. It prompts for login (username) and password, authenticates the user and starts a session. &tdm; is superior to &xdm;, the X Display Manager, in a number of ways. Quick Start Guide This is a quick start guide for users who fit the following pattern: X is configured and works with the command startx from the commandline. Each user will generally only use a single window manager or desktop environment, and does not change this choice very often, or is comfortable editing a single text file in order to change their choice. This scenario will be sufficient for many environments where a single user or several users normally boot the computer and log into their preferred environment. Setting up a Default Session Create or open the file ~/.xinitrc If you already have a working ~/.xinitrc, go to the next step If one does not already exist, add a line to the ~/.xinitrc to start your preferred window manager or desktop environment. For &tde; you should enter: starttde For other window managers or desktop environments, you should look in their documentation for the correct command. Make a link as follows: ln ~/.xinitrc ~/.xsession At this point, typing startx on the commandline should start X, with a &tde; session. The next task is to try &tdm;. As root, type tdm at the prompt. You should see a login window, which is described more fully in . Typing your normal username and password in the fields provided, and leaving selected as the session type should now open a &tde; session for your user. If you have other users to configure, you should repeat the procedure above for each of them. This is a quick guide to getting up and running only. You probably will want to customize &tdm; further, for example, to hide the names of the system accounts, to allow further sessions, and much more. Please read through the rest of this manual to find out how to do these things. The Login Window The &tdm; interface consists of two dialog boxes: a login dialog and a shutdown dialog. The &tdm; interface might be protected by the Trinity Secure Access Key (SAK) mechanism. When the SAK is enabled, users are prompted to press &Ctrl; &Alt;Delete to obtain access to the &tdm; interface. The main login dialog box has these controls: A Username: field for you to enter your username. A Password: field for you to enter your password. (Optionally) a graphical image of each user (for example, a digitized photograph). Clicking on an image is equivalent to typing the associated username into the Username: field. (This feature is an imitation of the login box on &IRIX;). A Menu drop down box that allows &tdm; to be used to start sessions with various different window managers or desktop environments installed on the system. (Optionally) a region to the right of the Username:, Password: and Session Type: fields which can be used to display either a static image or an analog clock. A Login button that validates the username/password combination and attempts to start a session of the selected type. A Clear button that clears the text from the Login and Pass fields. A Menu button that opens an action menu with the following items: (On local displays) A Restart X Server item that terminates the currently running &X-Server;, starts a new one and displays the login dialog again. You can use this if the display content seems to be broken somehow. (On remote displays) A Close Connection item that closes the connection to the &XDMCP; server you are currently connected to. If you got to this server through a host chooser, this will bring you back to the chooser, otherwise it will only reset the &X-Server; and bring up the login dialog again. (Optionally on local displays) A Console Mode item that terminates the currently running &X-Server; and leaves you alone with a console login. &tdm; will resume the graphical login if nobody is logged in at the console for some time. (Optionally) A Shutdown button that displays the Shutdown dialog box. The Shutdown dialog box presents a set of radio buttons that allow one of these options to be selected: Shutdown Shut the system down in a controlled manner, ready for power-down. Restart Shut the system down and reboot. For systems that use Lilo, an optional drop down box allows you to select a particular operating-system kernel to be used for the reboot. Restart X Server Stop and then restart the X-server. Typically, you might need to use this option if you have changed your X11 configuration in some way. Console Mode Stop the &X-Server; and return the system to console mode. This is achieved by bringing the system down to runlevel 3. Typically, the system manager might need to use this option before upgrading or re-configuring X11 software. Pressing the OK button initiates the selected action; pressing the Cancel button returns to the main &tdm; dialog box. Configuring &tdm; This chapter assumes that &tdm; is already up and running on your system, and that you simply want to change its behavior in some way. Upon starting, &tdm; reads its configuration from the folder $TDEDIR/share/config/tdm/ (this may be /etc/trinity/tdm/ or something else on your system). The main configuration file is &tdmrc;; all other files are referenced from there and could be stored under any name anywhere on the system. Usually that would not make much sense for obvious reasons (one particular exception is referencing configuration files of an already installed &xdm;. However, when a new &tdm; is installed, it will import settings from those files if it finds an already installed &xdm;). Since &tdm; must run before any user is logged in, it is not associated with any particular user. Therefore, it is not possible to have user-specific configuration files; all users share the common &tdmrc;. It follows from this that the configuration of &tdm; can only be altered by those users who have write access to $TDEDIR/share/config/tdm/tdmrc (normally restricted to system administrators logged in as root). You can view the &tdmrc; file currently in use on your system, and you can configure &tdm; by editing that file. Alternately, you can use the graphical configuration tool provided by the &kcontrolcenter; (under System AdministrationLogin Manager), which is described in the next section. The remainder of this chapter describes configuring &tdm; using the &kcontrolcenter; module, and the next chapter describes the options available in &tdmrc; itself. If you only need to configure for local users, the &kcontrolcenter; module should be sufficient for your needs. If you need to configure remote logins, or have multiple &tdm; sessions running, you will need to continue reading. &Thomas.Tanghus; &Thomas.Tanghus.mail; &Steffen.Hansen; &Steffen.Hansen.mail; &Mike.McBride; &Mike.McBride.mail; The Login Manager &kcontrolcenter; Module Using this module, you can configure the &tde; graphical login manager, &tdm;. You can change how the login screen looks, who has access using the login manager and who can shutdown the computer. All settings will be written to the configuration file &tdmrc;, which in its original state has many comments to help you configure &tdm;. Using this &kcontrolcenter; module will strip these comments from the file. Consider making a backup of &tdmrc; before making changes. All available options in &tdmrc; are covered in . The options listed in this chapter are cross referenced with their equivalents in &tdmrc;. All options available in the &kcontrol; module are also available directly in &tdmrc; but the reverse is not true. In order to organize all of these options, this module is divided into several sections: Appearance, Font, Background, Shutdown, Users and Convenience. You can switch between the sections using the tabs at the top of the window. If you are not currently logged in as a superuser, you will need to select the Administrator Mode... Button. You will then be asked for a superuser password. Entering a correct password will allow you to modify the settings of this module. Appearance From this page you can change the visual appearance of &tdm;, &tde;'s graphical login manager. The Greeting: is the title of the login screen. Setting this is especially useful if you have many servers users may log in to. You may use various placeholders, which are described along with the corresponding key in &tdmrc;. You can then choose to show either the current system time, a logo or nothing special in the login box. Make your choice in the radio buttons labeled Logo area:. This corresponds to in &tdmrc; If you chose Show logo you can now choose a logo: Drop an image file on the image button. Click on the image button and select a new image from the image chooser dialog. If you do not specify a logo the default $TDEDIR/share/apps/tdm/pics/kdelogo.xpm will be displayed. Normally the login box is centered on the screen. Use the Position: options if you want it to appear elsewhere on the screen. You can specify the relative position (percentage of the screen size) for the center of the login window, relative to the top left of the display, in the fields labeled X: and Y: respectively. These correspond to the key in &tdmrc;. While &tde;'s style depends on the settings of the user logged in, the style used by &tdm; can be configured using the GUI Style: and Color Scheme: options. These correspond to the keys and in &tdmrc; respectively. Below that, you have a drop down box to choose the language for your login box, corresponding to setting in &tdmrc;. In this same section &tdm; can be configured to use a Secure Attention Key (SAK). A Secure Attention Key is a special key press to which only certain privileged applications are able to respond, such as the login and screen unlock dialogs. This mechanism prevents a malevolent user from creating an exact copy of the login screen to "sniff" or "phish" passwords or other sensitive information. The unprivileged copy is unable to detect the SAK key press, thereby providing a visible difference in operation to the user. When the Trinity SAK is enabled, users are prompted to press &Ctrl; &Alt;Delete before sensitive information is requested. The Trinity Secure Attention Key dialog The Trinity Secure Attention Key dialog When SAK is enabled, and the &Ctrl; &Alt;Delete dialog does not appear before sensitive information is requested, someone might be attempting to "phish" for that information. A prudent course of action would be to terminate the active X11 session via &Ctrl; &Alt; Backspace or any other distribution-specific key press for this action, thereby restoring control to the kernel and base system. Generally, using the Trinity SAK is a good idea when supporting many graphical login accounts on a machine. For example, in enterprise environments or computer laboratories. When only one graphical login account is used, or only a few accounts in a controlled environment, such as with a home computer, Trinity SAK will not provide tangible benefits over the standard login methods. Trinity SAK requires udev to be running and the Linux uinput kernel module to be loaded. Font From this section of the module you can change the fonts used in the login window. Only fonts available to all users are available here, not fonts you have installed on a per user basis. You can select three different font styles from the drop down box (General:, Failures:, Greeting:). When you click on the Choose... button a dialog appears from which you can select the new characteristics for the font style. The General: font is used in all other places in the login window. The Failures: font is used when a login fails. The Greeting: font is the font used for the title (Greeting String). You can also check the box labeled Use anti-aliasing for fonts if you want smoothed fonts in the login dialog. Background Here you can change the desktop background which will be displayed before a user logs in. You can have a single color or an image as a background. If you have an image as the background and select center, the selected background color will be used around the image if it is not large enough to cover the entire desktop. The background colors and effects are controlled by the options on the tab labeled Background and you select a background image and its placement from the options on the tab labeled Wallpaper. To change the default background color(s) simply click either of the color buttons and select a new color. The drop down box above the color buttons provides you with several different blend effects. Choose one from the list, and it will be previewed on the small monitor at the top of the window. Your choices are: Flat By choosing this mode, you select one color (using the color button labeled Color 1), and the entire background is covered with this one color. Pattern By choosing this mode, you select two colors (using both color buttons). You then select a pattern by clicking Setup. This opens a new dialog window, which gives you the opportunity to select a pattern. Simply click once on the pattern of your choice, then click on OK, and &tde; will render the pattern you selected using the two colors you selected. For more on patterns, see the section Background: Adding, Removing and Modifying Patterns. Background Program By selecting this option, you can have &tde; use an external program to determine the background. This can be any program of your choosing. For more information on this option, see the section entitled Background: Using an external program. Horizontal Gradient By choosing this mode, you select two colors (using both color buttons). &tde; will then start with the color selected by Color 1 on the left edge of the screen, and slowly transform into the color selected by Color 2 by the time it gets to the right edge of the screen. Vertical Gradient By choosing this mode, you select two colors (using both color buttons). &tde; will then start with the color selected by Color 1 on the top edge of the screen, and slowly transform into the color selected by Color 2 as it moves to the bottom of the screen. Pyramid Gradient By choosing this mode, you select two colors (using both color buttons). &tde; will then start with the color selected by Color 1 in each corner of the screen, and slowly transform into the color selected by Color 2 as it moves to the center of the screen. Pipecross Gradient By choosing this mode, you select two colors (using both color buttons). &tde; will then start with the color selected by Color 1 in each corner of the screen, and slowly transform into the color selected by Color 2 as it moves to the center of the screen. The shape of this gradient is different then the pyramid gradient. Elliptic Gradient By choosing this mode, you select two colors (using both color buttons). &tde; will then start with the color selected by Color 2 in the center of the screen, and slowly transform into the color selected by Color 1 as it moves to the edges, in an elliptical pattern. The setup button is only needed for if you select Background program or Patterns. In these instances, another window will appear to configure the specifics. Wallpaper To select a new background image first, click on the Wallpapers tab, then you can either select an image from the drop down list labeled Wallpaper or select Browse... and select an image file from a file selector. The image can be displayed in six different ways: No wallpaper No image is displayed. Just the background colors. Centered The image will be centered on the screen. The background colors will be present anywhere the image does not cover. Tiled The image will be duplicated until it fills the entire desktop. The first image will be placed in the upper left corner of the screen, and duplicated downward and to the right. Center Tiled The image will be duplicated until it fills the entire desktop. The first image will be placed in the center of the screen, and duplicated upward, downward to the right, and to the left. Centered Maxpect The image will be placed in the center of the screen. It will be scaled to fit the desktop, but it will not change the aspect ratio of the original image. This will provide you with an image that is not distorted. Scaled The image will be scaled to fit the desktop. It will be stretched to fit all four corners. <guilabel>Shutdown</guilabel> Allow Shutdown Use this drop down box to choose who is allowed to shut down: Nobody: No one can shutdown the computer using &tdm;. You must be logged in, and execute a command. Everybody: Everyone can shutdown the computer using &tdm;. Only Root: &tdm; requires that the root password be entered before shutting down the computer. You can independently configure who is allowed to issue a shutdown command for the Local: and Remote: users. Commands Use these text fields to define the exact shutdown command. The Halt: command defaults to /sbin/halt. The Restart: command defaults to /sbin/reboot. When Show boot options is enabled, &tdm; will on reboot offer you options for the lilo boot manager. For this feature to work, you will need to supply the correct paths to your lilo command and to lilo's map file. Note that this option is not available on all operating systems. Users From here you can change the way users are represented in the login window. You may disable the user list in &tdm; entirely in the Show Users section. You can choose from: Show List Only show users you have specifically enabled in the list alongside If you do not check this box, no list will be shown. This is the most secure setting, since an attacker would then have to guess a valid login name as well as a password. It's also the preferred option if you have more than a handful of users to list, or the list itself would become unwieldy. Inverse selection Allows you to intead select a list of users that should not be shown, and all other users will be listed. Independently of the users you specify by name, you can use the System UIDs to specify a range of valid UIDs that are shown in the list. By default user id's under 1000, which are often system or daemon users, and user id's over 65000, are not shown. You can also enable the Sort users checkbox, to have the user list sorted alphabetically. If this is disabled, users will appear in the order they are listed in the password file. &tdm; will also autocomplete user names if you enable the Autocompletion option. If you choose to show users, then the login window will show images (which you select), of a list of users. When someone is ready to login, they may select their user name/image, enter their password, and they are granted access. If you permit a user image, then you can configure the source for those images. You can configure the admin picture here, for each user on the system. Depending on the order selected above, users may be able to override your selection. If you choose not to show users, then the login window will be more traditional. Users will need to type their username and password to gain entrance. This is the preferred way if you have many users on this terminal. Convenience In the convenience tab you can configure some options that make life easier for lazy people, like automatic login or disabling passwords. Please think more than twice before using these options. Every option in the Convenience tab is well-suited to seriously compromise your system security. Practically, these options are only to be used in a completely non-critical environment, ⪚ a private computer at home. Automatic Login Automatic login will give anyone access to a certain account on your system without doing any authentication. You can enable it using the option Enable Auto-login. You can choose the account to be used for automatic login from the list labeled User:. <guilabel>Password-Less Login</guilabel> Using this feature, you can allow certain users to login without having to provide their password. Enable this feature using the Enable Password-less logins option. Below this option you'll see a list of users on the system. Enable password-less login for specific users by checking the checkbox next to the login names. By default, this feature is disabled for all users. Again, this option should only be used in a safe environment. If you enable it on a rather public system you should take care that only users with heavy access restrictions are granted password-less login, ⪚ guest. You can also choose which user is preselected when &tdm; starts. The default is None, but you can choose Previous to have &tdm; default to the last successfully logged in user, or you can Specify a particular user to always be selected from the list. You can also have &tdm; set the focus to the password field, so that when you reach the &tdm; login screen, you can type the password immediately. The Automatically login after X server crash option allows you to skip the authentication procedure when your X server accidentally crashed. &tdmrc-ref; Configuring your system to use &tdm; This chapter assumes that your system is already configured to run the &X-Window;, and that you only need to reconfigure it to allow graphical login. Setting up &tdm; The fundamental thing that controls whether your computer boots to a terminal prompt (console mode) or a graphical login prompt is the default runlevel. The runlevel is set by the program /sbin/init under the control of the configuration file /etc/inittab. The default runlevels used by different &UNIX; systems (and different &Linux; distributions) vary, but if you look at /etc/inittab the start of it should be something like this: # Default runlevel. The runlevels used by RHS are: # 0 - halt (Do NOT set initdefault to this) # 1 - Single user mode # 2 - Multiuser, without NFS # 3 - Full multiuser mode # 4 - unused # 5 - X11 # 6 - reboot (Do NOT set initdefault to this) id:3:initdefault: All but the last line of this extract are comments. The comments show that runlevel 5 is used for X11 and that runlevel 3 is used for multi-user mode without X11 (console mode). The final line specifies that the default runlevel of the system is 3 (console mode). If your system currently uses graphical login (for example, using &xdm;) its default runlevel will match the runlevel specified for X11. The runlevel with graphical login (&xdm;) for some common &Linux; distributions is: 5 for &RedHat; 3.x and later, and for &Mandrake; 4 for Slackware 3 for &SuSE;. 4.x and 5.x The first step in configuring your system is to ensure that you can start &tdm; from the command line. Once this is working, you can change your system configuration so that &tdm; starts automatically each time you reboot your system. To test &tdm;, you must first bring your system to a runlevel that does not run &xdm;. To do so, issue a command like this: /sbin/init Instead of the number you should specify the appropriate runlevel for console mode on your system. If your system uses Pluggable Authentication Modules (PAM), which is normal with recent &Linux; and &Solaris; systems, you should check that your PAM configuration permits login through the service named tde. If you previously used &xdm; successfully, you should not need to make any changes to your PAM configuration in order to use &tdm;. /etc/pam.conf or /etc/pam.d/tde. Information on configuring PAM is beyond the scope of this handbook, but PAM comes with comprehensive documentation (try looking in /usr/share/doc/*pam*/html/). Now it's time for you to test &tdm; by issuing the following command: tdm If you get a &tdm; login dialog and you are able to log in, things are going well. The main thing that can go wrong here is that the run-time linker might not find the shared &Qt; or &tde; libraries. If you have a binary distribution of the &tde; libraries, make sure &tdm; is installed where the libraries believe &tde; is installed and try setting some environment variables to point to your &tde; and &Qt; libraries. For example: export export export export If you are still unsuccessful, try starting &xdm; instead, to make sure that you are not suffering from a more serious X configuration problem. When you are able to start &tdm; successfully, you can start to replace &xdm; by &tdm;. Again, this is distribution-dependent. For &RedHat;, edit /etc/inittab, look for this line: x:5:respawn:/usr/X11/bin/xdm -nodaemon and replace with: x:5:respawn:/opt/tde/bin/tdm This tells init(8) to respawn &tdm; when the system is in run level 5. Note that &tdm; does not need the option. For &Mandrake;, the X11 runlevel in /etc/inittab invokes the shell script /etc/X11/prefdm, which is set up to select from amongst several display managers, including &tdm;. Make sure that all the paths are correct for your installation. For &SuSE;, edit /sbin/init.d/xdm to add a first line: . /etc/rc.config DISPLAYMANAGER=tdm export DISPLAYMANAGER For FreeBSD, edit /etc/ttys and find the line like this: ttyv8 "/usr/X11R6/bin/xdm -nodaemon" xterm off secure and edit it to this: ttyv8 "/usr/local/bin/tdm" xterm on secure Most other distributions are a variation of one of these. At this stage, you can test &tdm; again by bringing your system to the runlevel that should now run &tdm;. To do so, issue a command like this: /sbin/init Instead of the number you should specify the appropriate runlevel for running X11 on your system. The final step is to edit the initdefault entry in /etc/inittab to specify the appropriate runlevel for X11. Before you make this change, ensure that you have a way to reboot your system if a problem occurs. This might be a rescue floppy-disk provided by your operating system distribution or a specially-designed rescue floppy-disk, such as tomsrtbt. Ignore this advice at your peril. This usually involves changing the line: id:3:initdefault: to id:5:initdefault: When you reboot your system, you should end up with the graphical &tdm; login dialog. If this step is unsuccessful the most likely problem is that the environment used at boot time differs from the environment that you used for testing at the command line. If you are trying to get two versions of &tde; to co-exist, be particularly careful that the settings you use for your PATH and LD_LIBRARY_PATH environment variables are consistent, and that the startup scripts are not over-riding them in some way. Supporting multiple window managers &tdm; detects most available window manager and desktop environments when it is run. Installing a new one should make it automatically available in the &tdm; main dialog Session Type:. If you have a very new window manager, or something that &tdm; does not support, the first thing you should check is that the application to be run is in the PATH and has not been renamed during the install into something unexpected. If the case is that the application is too new and not yet supported by &tdm;, you can quite simply add a new session. The sessions are defined in .desktop files in $TDEDIR/share/apps/tdm/sessions. You can simply add an appropriately named .desktop file in this directory. The fields are: [Desktop Entry] Encoding=UTF-8 This is fixed to and may be omitted Type=XSession This is fixed to and may be omitted Exec=executable name Passed to eval exec in a Bourne shell TryExec=executable name Supported but not required Name=name to show in the &tdm; session list There are also three magic: default The default session for &tdm; is normally &tde; but can be configured by the system administrator. custom The Custom session will run the users ~/.xsession if it exists. failsafe Failsafe will run a very plain session, and is useful only for debugging purposes. To override a session type, copy the .desktop file from the data dir to the config dir and edit it at will. Removing the shipped session types can be accomplished by shadowing them with .desktop files containing Hidden=true. For the magic session types no .desktop files exist by default, but &tdm; pretends they would, so you can override them like any other type. I guess you already know how to add a new session type by now. ;-) Using &tdm; for Remote Logins (&XDMCP;) &XDMCP; is the Open Group standard, the X Display Manager Control Protocol. This is used to set up connections between remote systems over the network. &XDMCP; is useful in multiuser situations where there are users with workstations and a more powerful server that can provide the resources to run multiple X sessions. For example, &XDMCP; is a good way to reuse old computers - a Pentium or even 486 computer with 16 Mb RAM is sufficient to run X itself, and using &XDMCP; such a computer can run a full modern &tde; session from a server. For the server part, once a single &tde; (or other environment) session is running, running another one requires very few extra resources. However, allowing another method of login to your machine obviously has security implications. You should run this service only if you need to allow remote X Servers to start login sessions on your system. Users with a single &UNIX; computer should not need to run this. Advanced Topics Command Sockets This is a feature you can use to remote-control &tdm;. It's mostly intended for use by &ksmserver; and &kdesktop; from a running session, but other applications are possible as well. The sockets are &UNIX; domain sockets which live in subdirectories of the directory specified by =. The subdir is the key to addressing and security; the sockets all have the file name socket and file permissions rw-rw-rw- (0666). This is because some systems don't care for the file permission of the socket files. There are two types of sockets: the global one (tdmctl) and the per-display ones (tdmctl-<display>). The global one's subdir is owned by root, the subdirs of the per-display ones' are owned by the user currently owning the session (root or the logged in user). Group ownership of the subdirs can be set via FifoGroup=, otherwise it is root. The file permissions of the subdirs are rwxr-x--- (0750). The fields of a command are separated by tabs (\t), the fields of a list are separated by spaces, literal spaces in list fields are denoted by \s. The command is terminated by a newline (\n). The same applies to replies. The reply on success is ok, possibly followed by the requested information. The reply on error is an errno-style word (⪚ perm, noent, &etc;) followed by a longer explanation. Global commands: login (now | schedule) user password [session_arguments] login user at specified display. if now is specified, a possibly running session is killed, otherwise the login is done after the session exits. session_arguments are printf-like escaped contents for .dmrc. Unlisted keys will default to previously saved values. Per-display commands: lock The display is marked as locked. If the &X-Server; crashes in this state, no auto-relogin will be performed even if the option is on. unlock Reverse the effect of lock, and re-enable auto-relogin. suicide The currently running session is forcibly terminated. No auto-relogin is attempted, but a scheduled "login" command will be executed. Commands for all sockets caps Returns a list of this socket's capabilities: &tdm; identifies &tdm;, in case some other DM implements this protocol, too list, lock, suicide, login The respective command is supported bootoptions The listbootoptions command and the to shutdown are supported shutdown <list> shutdown is supported and allowed for the listed users (a comma separated list.) * means all authenticated users. nuke <list> Forced shutdown may be performed by the listed users. nuke Forced shutdown may be performed by everybody reserve <number> Reserve displays are configured, and number are available at this time list [all | alllocal] Return a list of running sessions. By default all active sessions are listed. if all is specified, passive sessions are listed as well. If alllocal is specified, passive sessions are listed as well, but all incoming remote sessions are skipped. Each session entry is a comma separated tuple of: Display or TTY name VT name for local sessions Logged in user's name, empty for passive sessions and outgoing remote sessions (local chooser mode) Session type or <remote> for outgoing remote sessions, empty for passive sessions. A Flag field: * for the display belonging to the requesting socket. ! for sessions that cannot be killed by the reqeusting socket. New fields may be added in the future. reserve [timeout in seconds] Start a reserve login screen. If nobody logs in within the specified amount of time (one minute by default), the display is removed again. When the session on the display exits, the display is removed, too. Permitted only on sockets of local displays and the global socket. activate (vt|display) Switch to a particular VT (virtual terminal). The VT may be specified either directly (⪚ vt3) or by a display using it (eg; :2). Permitted only on sockets of local displays and the global socket. listbootoptions List available boot options. shutdown (reboot | halt) [=bootchoice] (ask|trynow|forcenow|schedule|start (-1|end (force|forcemy|cancel)))) Request a system shutdown, either a reboot or a halt/poweroff. An OS choice for the next boot may be specified from the list returned by listbootoptions Shutdowns requested from per-display sockets are executed when the current sessino on that display exits. Such a request may pop up a dialog asking for confirmation and/or authentication start is the time for which the shutdown is scheduled. If it starts with a plus-sign, the current time is added. Zero means immediately. end is the latest time at which the shutdown should be performed if active sessions are still running. If it starts with a plus-sign, the start time is added. -1 means wait infinitely. If end is through and active sessions are still running, &tdm; can do one of the following: cancel - give up the shutdown force - shut down nonetheless forcemy - shut down nonetheless if all active sessions belong to the requesting user. Only for per-display sockets. start and end are specified in seconds since the &UNIX; epoch. trynow is a synonym for 0 0 cancel, forcenow for 0 0 force and schedule for 0 -1. ask attempts an immediate shutdown and interacts with the user if active sessions are still running. Only for per-display sockets. shutdown cancel [local|global} Cancel a scheduled shutdown. The global socket always cancels the currently pending shutdown, while per-display sockets default to cancelling their queued request. shutdown status Return a list with information about shutdowns. The entries are a comma-separated tuples of: (global|local) - pending vs. queued shutdown. A local entry can be returned only by a per-display socket. (halt|reboot) start end ("ask"|"force"|"forcemy"|"cancel") Numeric user ID of the requesting user, -1 for the global socket. The next boot OS choice or "-" for none. New fields might be added later There are two ways of using the sockets: Connecting them directly. FifoDir is exported as $DM_CONTROL; the name of per-display sockets can be derived from $DISPLAY. By using the tdmctl command (⪚ from within a shell script). Try tdmctl to find out more. Here is an example bash script reboot into FreeBSD: if tdmctl | grep -q shutdown; then IFS=$'\t' set -- `tdmctl listbootoptions` if [ "$1" = ok ]; then fbsd=$(echo "$2" | tr ' ' '\n' | sed -ne 's,\\s, ,g;/freebsd/I{p;q}') if [ -n "$fbsd" ]; then tdmctl shutdown reboot "=$fbsd" ask > /dev/null else echo "FreeBSD boot unavailable." fi else echo "Boot options unavailable." fi else echo "Cannot reboot system." fi Other sources of information Since &tdm; is descended from &xdm;, the &xdm; man page may provide useful background information. For X-related problems try the man pages X and startx. If you have questions about &tdm; that are not answered by this handbook, take advantage of the fact the &tdm; is provided under the terms of the &GNU; General Public License: look at the source code. Credits and License &tdm; is derived from, and includes code from, &xdm; (C) Keith Packard, MIT X Consortium. &tdm; 0.1 was written by &Matthias.Ettrich;. Later versions till &tde; 2.0.x were written by &Steffen.Hansen;. Some new features for &tde; 2.1.x and a major rewrite for &tde; 2.2.x made by &Oswald.Buddenhagen;. Other parts of the &tdm; code are copyright by the authors, and licensed under the terms of the &GNU; GPL. Anyone is allowed to change &tdm; and redistribute the result as long as the names of the authors are mentioned. &tdm; requires the &Qt; library, which is copyright Troll Tech AS. Documentation contributors: Documentation written by &Steffen.Hansen; stefh@dit.ou.dk Documentation extended by Gregor Zumsteinzumstein@ssd.ethz.ch. Last update August 9, 1998 Documentation revised for &tde; 2 by &Neal.Crook; &Neal.Crook.mail;. Last update August 6, 2000 Documentation extended and revised for &tde; 2.2 by &Oswald.Buddenhagen; &Oswald.Buddenhagen.mail;. Last update August, 2001 Documentation copyright &Steffen.Hansen;, Gregor Zumstein, &Neal.Crook; and &Oswald.Buddenhagen;. This document also includes large parts of the &xdm; man page, which is © Keith Packard. &underFDL; &underGPL; Glossary greeter The greeter is the login dialog, &ie; the part of &tdm; which the user sees. entropy The entropy of a system is the measure of its unpredictability. This is used during the generation of random numbers.