2021-11-12 18:56:29 +01:00
|
|
|
{{ ansible_managed | comment(decoration = '; ') }}
|
|
|
|
|
2021-11-03 13:37:46 +01:00
|
|
|
;; See `man 5 sesman.ini` for details
|
|
|
|
|
|
|
|
[Globals]
|
|
|
|
ListenAddress=127.0.0.1
|
|
|
|
ListenPort=3350
|
|
|
|
EnableUserWindowManager=true
|
|
|
|
; Give in relative path to user's home directory
|
|
|
|
UserWindowManager=startwm.sh
|
|
|
|
; Give in full path or relative path to /etc/xrdp
|
|
|
|
DefaultWindowManager=startwm.sh
|
|
|
|
; Give in full path or relative path to /etc/xrdp
|
|
|
|
ReconnectScript=reconnectwm.sh
|
|
|
|
|
|
|
|
[Security]
|
|
|
|
AllowRootLogin=true
|
|
|
|
MaxLoginRetry=4
|
|
|
|
TerminalServerUsers=tsusers
|
|
|
|
TerminalServerAdmins=tsadmins
|
|
|
|
; When AlwaysGroupCheck=false access will be permitted
|
|
|
|
; if the group TerminalServerUsers is not defined.
|
|
|
|
AlwaysGroupCheck=false
|
|
|
|
; When RestrictOutboundClipboard=true clipboard from the
|
|
|
|
; server is not pushed to the client.
|
|
|
|
RestrictOutboundClipboard=false
|
|
|
|
|
|
|
|
[Sessions]
|
|
|
|
;; X11DisplayOffset - x11 display number offset
|
|
|
|
; Type: integer
|
|
|
|
; Default: 10
|
|
|
|
X11DisplayOffset=10
|
|
|
|
|
|
|
|
;; MaxSessions - maximum number of connections to an xrdp server
|
|
|
|
; Type: integer
|
|
|
|
; Default: 0
|
|
|
|
MaxSessions={{ xrdp_maxsessions }}
|
|
|
|
|
|
|
|
;; KillDisconnected - kill disconnected sessions
|
|
|
|
; Type: boolean
|
|
|
|
; Default: false
|
|
|
|
; if 1, true, or yes, kill session after 60 seconds
|
|
|
|
KillDisconnected={{ xrdp_killdisconnected }}
|
|
|
|
|
|
|
|
;; DisconnectedTimeLimit - when to kill idle sessions
|
|
|
|
; Type: integer
|
|
|
|
; Default: 0
|
|
|
|
; if not zero, the seconds before a disconnected session is killed
|
|
|
|
; min 60 seconds
|
|
|
|
DisconnectedTimeLimit=0
|
|
|
|
|
|
|
|
;; IdleTimeLimit (specify in second) - wait before disconnect idle sessions
|
|
|
|
; Type: integer
|
|
|
|
; Default: 0
|
|
|
|
; Set to 0 to disable idle disconnection.
|
|
|
|
IdleTimeLimit=0
|
|
|
|
|
|
|
|
;; Policy - session allocation policy
|
|
|
|
; Type: enum [ "Default" | "UBD" | "UBI" | "UBC" | "UBDI" | "UBDC" ]
|
|
|
|
; Default: Xrdp:<User,BitPerPixel> and Xvnc:<User,BitPerPixel,DisplaySize>
|
|
|
|
; "UBD" session per <User,BitPerPixel,DisplaySize>
|
|
|
|
; "UBI" session per <User,BitPerPixel,IPAddr>
|
|
|
|
; "UBC" session per <User,BitPerPixel,Connection>
|
|
|
|
; "UBDI" session per <User,BitPerPixel,DisplaySize,IPAddr>
|
|
|
|
; "UBDC" session per <User,BitPerPixel,DisplaySize,Connection>
|
|
|
|
Policy={{ xrdp_policy }}
|
|
|
|
|
|
|
|
[Logging]
|
|
|
|
LogFile=xrdp-sesman.log
|
|
|
|
LogLevel=DEBUG
|
|
|
|
EnableSyslog=1
|
|
|
|
SyslogLevel=DEBUG
|
|
|
|
|
|
|
|
;
|
|
|
|
; Session definitions - startup command-line parameters for each session type
|
|
|
|
;
|
|
|
|
|
|
|
|
[Xorg]
|
|
|
|
; Specify the path of non-suid Xorg executable. It might differ depending
|
|
|
|
; on your distribution and version. The typical path is shown as follows:
|
|
|
|
;
|
|
|
|
; Fedora 26 or later : param=/usr/libexec/Xorg
|
|
|
|
; Debian 9 or later : param=/usr/lib/xorg/Xorg
|
|
|
|
; Ubuntu 16.04 or later : param=/usr/lib/xorg/Xorg
|
|
|
|
; Arch Linux : param=/usr/lib/xorg-server/Xorg
|
|
|
|
; CentOS 7 : param=/usr/bin/Xorg or param=Xorg
|
|
|
|
;
|
|
|
|
param=/usr/lib/xorg/Xorg
|
|
|
|
; Leave the rest paramaters as-is unless you understand what will happen.
|
|
|
|
param=-config
|
|
|
|
param=xrdp/xorg.conf
|
|
|
|
param=-noreset
|
|
|
|
param=-nolisten
|
|
|
|
param=tcp
|
|
|
|
param=-logfile
|
|
|
|
param=.xorgxrdp.%s.log
|
|
|
|
|
|
|
|
[Xvnc]
|
|
|
|
param=Xvnc
|
|
|
|
param=-bs
|
|
|
|
param=-nolisten
|
|
|
|
param=tcp
|
|
|
|
param=-localhost
|
|
|
|
param=-dpi
|
|
|
|
param=96
|
|
|
|
|
|
|
|
[Chansrv]
|
|
|
|
; drive redirection, defaults to xrdp_client if not set
|
|
|
|
FuseMountName=thinclient_drives
|
|
|
|
; this value allows only the user to acess their own mapped drives.
|
|
|
|
; Make this more permissive (e.g. 022) if required.
|
|
|
|
FileUmask=077
|
|
|
|
|
|
|
|
[SessionVariables]
|
|
|
|
PULSE_SCRIPT=/etc/xrdp/pulse/default.pa
|