/usr/share/help/gl/gdm/index.docbook is in gdm3 3.18.3-0ubuntu2.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 638 639 640 641 642 643 644 645 646 647 648 649 650 651 652 653 654 655 656 657 658 659 660 661 662 663 664 665 666 667 668 669 670 671 672 673 674 675 676 677 678 679 680 681 682 683 684 685 686 687 688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 703 704 705 706 707 708 709 710 711 712 713 714 715 716 717 718 719 720 721 722 723 724 725 726 727 728 729 730 731 732 733 734 735 736 737 738 739 740 741 742 743 744 745 746 747 748 749 750 751 752 753 754 755 756 757 758 759 760 761 762 763 764 765 766 767 768 769 770 771 772 773 774 775 776 777 778 779 780 781 782 783 784 785 786 787 788 789 790 791 792 793 794 795 796 797 798 799 800 801 802 803 804 805 806 807 808 809 810 811 812 813 814 815 816 817 818 819 820 821 822 823 824 825 826 827 828 829 830 831 832 833 834 835 836 837 838 839 840 841 842 843 844 845 846 847 848 849 850 851 852 853 854 855 856 857 858 859 860 861 862 863 864 865 866 867 868 869 870 871 872 873 874 875 876 877 878 879 880 881 882 883 884 885 886 887 888 889 890 891 892 893 894 895 896 897 898 899 900 901 902 903 904 905 906 907 908 909 910 911 912 913 914 915 916 917 918 919 920 921 922 923 924 925 926 927 928 929 930 931 932 933 934 935 936 937 938 939 940 941 942 943 944 945 946 947 948 949 950 951 952 953 954 955 956 957 958 959 960 961 962 963 964 965 966 967 968 969 970 971 972 973 974 975 976 977 978 979 980 981 982 983 984 985 986 987 988 989 990 991 992 993 994 995 996 997 998 999 1000 1001 1002 1003 1004 1005 1006 1007 1008 1009 1010 1011 1012 1013 1014 1015 1016 1017 1018 1019 1020 1021 1022 1023 1024 1025 1026 1027 1028 1029 1030 1031 1032 1033 1034 1035 1036 1037 1038 1039 1040 1041 1042 1043 1044 1045 1046 1047 1048 1049 1050 1051 1052 1053 1054 1055 1056 1057 1058 1059 1060 1061 1062 1063 1064 1065 1066 1067 1068 1069 1070 1071 1072 1073 1074 1075 1076 1077 1078 1079 1080 1081 1082 1083 1084 1085 1086 1087 1088 1089 1090 1091 1092 1093 1094 1095 1096 1097 1098 1099 1100 1101 1102 1103 1104 1105 1106 1107 1108 1109 1110 1111 1112 1113 1114 1115 1116 1117 1118 1119 1120 1121 1122 1123 1124 1125 1126 1127 1128 1129 1130 1131 1132 1133 1134 1135 1136 1137 1138 1139 1140 1141 1142 1143 1144 1145 1146 1147 1148 1149 1150 1151 1152 1153 1154 1155 1156 1157 1158 1159 1160 1161 1162 1163 1164 1165 1166 1167 1168 1169 1170 1171 1172 1173 1174 1175 1176 1177 1178 1179 1180 1181 1182 1183 1184 1185 1186 1187 1188 1189 1190 1191 1192 1193 1194 1195 1196 1197 1198 1199 1200 1201 1202 1203 1204 1205 1206 1207 1208 1209 1210 1211 1212 1213 1214 1215 1216 1217 1218 1219 1220 1221 1222 1223 1224 1225 1226 1227 1228 1229 1230 1231 1232 1233 1234 1235 1236 1237 1238 1239 1240 1241 1242 1243 1244 1245 1246 1247 1248 1249 1250 1251 1252 1253 1254 1255 1256 1257 1258 1259 1260 1261 1262 1263 1264 1265 1266 1267 1268 1269 1270 1271 1272 1273 1274 1275 1276 1277 1278 1279 1280 1281 1282 1283 1284 1285 1286 1287 1288 1289 1290 1291 1292 1293 1294 1295 1296 1297 1298 1299 1300 1301 1302 1303 1304 1305 1306 1307 1308 1309 1310 1311 1312 1313 1314 1315 1316 1317 1318 1319 1320 1321 1322 1323 1324 1325 1326 1327 1328 1329 1330 1331 1332 1333 1334 1335 1336 1337 1338 1339 1340 1341 1342 1343 1344 1345 1346 1347 1348 1349 1350 1351 1352 1353 1354 1355 1356 1357 1358 1359 1360 1361 1362 1363 1364 1365 1366 1367 1368 1369 1370 1371 1372 1373 1374 1375 1376 1377 1378 1379 1380 1381 1382 1383 1384 1385 1386 1387 1388 1389 1390 1391 1392 1393 1394 1395 1396 1397 1398 1399 1400 1401 1402 1403 1404 1405 1406 1407 1408 1409 1410 1411 1412 1413 1414 1415 1416 1417 1418 1419 1420 1421 1422 1423 1424 1425 1426 1427 1428 1429 1430 1431 1432 1433 1434 1435 1436 1437 1438 1439 1440 1441 1442 1443 1444 1445 1446 1447 1448 1449 1450 1451 1452 1453 1454 1455 1456 1457 1458 1459 1460 1461 1462 1463 1464 1465 1466 1467 1468 1469 1470 1471 1472 1473 1474 1475 1476 1477 1478 1479 1480 1481 1482 1483 1484 1485 1486 1487 1488 1489 1490 1491 1492 1493 1494 1495 1496 1497 1498 1499 1500 1501 1502 1503 1504 1505 1506 1507 1508 1509 1510 1511 1512 1513 1514 1515 1516 1517 1518 1519 1520 1521 1522 1523 1524 1525 1526 1527 1528 1529 1530 1531 1532 1533 1534 1535 1536 1537 1538 1539 1540 1541 1542 1543 1544 1545 1546 1547 1548 1549 1550 1551 1552 1553 1554 1555 1556 1557 1558 1559 1560 1561 1562 1563 1564 1565 1566 1567 1568 1569 1570 1571 1572 1573 1574 1575 1576 1577 1578 1579 1580 1581 1582 1583 1584 1585 1586 1587 1588 1589 1590 1591 1592 1593 1594 1595 1596 1597 1598 1599 1600 1601 1602 1603 1604 1605 1606 1607 1608 1609 1610 1611 1612 1613 1614 1615 1616 1617 1618 1619 1620 1621 1622 1623 1624 1625 1626 1627 1628 1629 1630 1631 1632 1633 1634 1635 1636 1637 1638 1639 1640 1641 1642 1643 1644 1645 1646 1647 1648 1649 1650 1651 1652 1653 1654 1655 1656 1657 1658 1659 1660 1661 1662 1663 1664 1665 1666 1667 1668 1669 1670 1671 1672 1673 1674 1675 1676 1677 1678 1679 1680 1681 1682 1683 1684 1685 1686 1687 1688 1689 1690 1691 1692 1693 1694 1695 1696 1697 1698 1699 1700 1701 1702 1703 1704 1705 1706 1707 1708 1709 1710 1711 1712 1713 1714 1715 1716 1717 1718 1719 1720 1721 1722 1723 1724 1725 1726 1727 1728 1729 1730 1731 1732 1733 1734 1735 1736 1737 1738 1739 1740 1741 1742 1743 1744 1745 1746 1747 1748 1749 1750 1751 1752 1753 1754 1755 1756 1757 1758 1759 1760 1761 1762 1763 1764 1765 1766 1767 1768 1769 1770 1771 1772 1773 1774 1775 1776 1777 1778 1779 1780 1781 1782 1783 1784 1785 1786 1787 1788 1789 1790 1791 1792 1793 1794 1795 1796 1797 1798 1799 1800 1801 1802 1803 1804 1805 1806 1807 1808 1809 1810 1811 1812 1813 1814 1815 1816 1817 1818 1819 1820 1821 1822 1823 1824 1825 | <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN" "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd" [
<!ENTITY legal SYSTEM "legal.xml">
<!ENTITY version "2.26.0">
<!ENTITY date "02/10/2009">
<!ENTITY mdash "—">
<!ENTITY percnt "%">
]>
<article id="index" lang="gl">
<articleinfo>
<title>Manual de referencia do Xestor de entrada de GNOME</title>
<revhistory>
<revision><revnumber>0.0</revnumber> <date>2008-09</date></revision>
</revhistory>
<abstract role="description">
<para>GDM é o Xestor de entrada de GNOME, un programa gráfico de inicio de sesión.</para>
</abstract>
<authorgroup>
<author><firstname>Martin</firstname><othername>K.</othername> <surname>Petersen</surname> <affiliation> <address><email>mkp@mkp.net</email></address> </affiliation></author>
<author><firstname>George</firstname><surname>Lebl</surname> <affiliation> <address><email>jirka@5z.com</email></address> </affiliation></author>
<author><firstname>Jon</firstname><surname>McCann</surname> <affiliation> <address><email>mccann@jhu.edu</email></address> </affiliation></author>
<author><firstname>Ray</firstname><surname>Strode</surname> <affiliation> <address><email>rstrode@redhat.com</email></address> </affiliation></author>
<author role="maintainer"><firstname>Brian</firstname><surname>Cameron</surname> <affiliation> <address><email>Brian.Cameron@Oracle.COM</email></address> </affiliation></author>
</authorgroup>
<copyright><year>1998</year> <year>1999</year> <holder>Martin K. Petersen</holder></copyright>
<copyright><year>2001</year> <year>2003</year> <year>2004</year> <holder>George Lebl</holder></copyright>
<copyright><year>2003</year> <year>2007</year> <year>2008</year> <holder>Red Hat, Inc.</holder></copyright>
<copyright><year>2003</year> <year>2011</year> <holder>Oracle e/ou os seus afiliados. Todos os dereitos reservados.</holder></copyright>
<legalnotice id="legalnotice">
<para>Pode copiar, distribuír e modificar este documento baixo os termos da Licenza de Documentación Libre GNU (GFDL) na súa versión 1.1 ou posterior, publicada pola Free Software Foundation, sen seccións invariantes e sen textos de portada ou de contraportada. Pode atopar unha copia da GFDL en <ulink type="help" url="ghelp:fdl">link</ulink> ou no ficheiro COPYING-DOCS distribuído xunto con este manual.</para>
<para>Este manual forma parte dunha colección de documentos de GNOME distribuidos segundo a GFDL. Se desexa distribuír este manual de forma independente da colección, pode facelo agregando unha copia da licenza ao documento, segundo se descibe na sección 6 da mesma.</para>
<para>Moitos dos nomes empregados polas empresas para distinguir os seus produtos e servizos considéranse marcas comerciais. Cando estes nomes aparezan na documentación de GNOME, e sempre que se teña informado aos membros do Proxecto de documentación de GNOME de ditas marcas comerciais, os nomes aparecerán en maiúsculas ou coas iniciais en maiúsculas.</para>
<para>DOCUMENT AND MODIFIED VERSIONS OF THE DOCUMENT ARE PROVIDED UNDER THE TERMS OF THE GNU FREE DOCUMENTATION LICENSE WITH THE FURTHER UNDERSTANDING THAT: <orderedlist>
<listitem>
<para>DOCUMENT IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, WARRANTIES THAT THE DOCUMENT OR MODIFIED VERSION OF THE DOCUMENT IS FREE OF DEFECTS MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR NON-INFRINGING. THE ENTIRE RISK AS TO THE QUALITY, ACCURACY, AND PERFORMANCE OF THE DOCUMENT OR MODIFIED VERSION OF THE DOCUMENT IS WITH YOU. SHOULD ANY DOCUMENT OR MODIFIED VERSION PROVE DEFECTIVE IN ANY RESPECT, YOU (NOT THE INITIAL WRITER, AUTHOR OR ANY CONTRIBUTOR) ASSUME THE COST OF ANY NECESSARY SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE. NO USE OF ANY DOCUMENT OR MODIFIED VERSION OF THE DOCUMENT IS AUTHORIZED HEREUNDER EXCEPT UNDER THIS DISCLAIMER; AND</para>
</listitem>
<listitem>
<para>EN NINGUNHA CIRCUNSTANCIA NIN SEGUNDO NINGÚN ARGUMENTO LEGAL, SEXA POR MOTIVOS CULPOSOS (INCLUÍDA A NEGLIXENCIA), CONTRACTUAIS OU DE OUTRO TIPO, NIN O AUTOR, NIN O REDACTOR INICIAL, NIN CALQUERA COLABORADOR, NIN CALQUERA DISTRIBUIDOR DO DOCUMENTO OU VERSIÓN MODIFICADA DO MESMO, NIN CALQUERA FORNECEDOR DE CALQUERA DE DITAS PARATES, SERÁN RESPONSÁBEIS, ANTE NINGÚN TERCEIRO, DE NINGÚN DANO OU PERXUIZO DIRECTO, INDIRECTO, ESPECIAL, INCIDENTAL OU CONSIGUIENTE DE NINGÚN TIPO, INCLUÍDOS, SEN LIMITACIÓN, OS DANOS POR PERDA DE FONDO DE COMERCIO, INTERRUPCIÓN DO TRABALLO, FALLO OU MAL FUNCIONAMENTO INFORMÁTICO, NIN CALQUERA OUTRO DANO OU PERDA DERIVADA DO USO DO DOCUMENTO E AS VERSIÓNS MODIFICADAS DO MESMO, OU RELACIONADO CON ILO, INCLUSO SE SE COMUNICOU A AQUELA PARTE A POSIBILIDADE DE TALES DANOS. </para>
</listitem>
</orderedlist></para>
</legalnotice>
<releaseinfo>Este manual describe a versión 2.26.0 do Xestor de entrada de GNOME. Actualizouse por última vez o 2 de febreiro de 2009.</releaseinfo>
<othercredit class="translator">
<personname>
<firstname>Fran Dieguez</firstname>
</personname>
<email>frandieguez@gnome.org</email>
</othercredit>
<copyright>
<year>2012-2013.</year>
<holder>Fran Dieguez</holder>
</copyright>
</articleinfo>
<!-- ============= Preface ================================== -->
<sect1 id="preface">
<title>Termos e convencións usados neste manual</title>
<para>Este manual describe a versión 2.26.0 do Xestor de entrada de GNOME. Actualizouse por última vez o 2 de febreiro de 2009.</para>
<para>Selector: Un programa que se usa para seleccionar un equipo remoto para xestionar unha pantalla remotamente na pantalla local (<command>gdm-host-chooser</command>).</para>
<para>FreeDesktop: A organización que fornece estándares para o escritorio, tales como a Especificación de Entrada do Escritorio que usa GDM <ulink type="http" url="http://www.freedesktop.org/">http://www.freedesktop.org</ulink>.</para>
<para>GDM: O xestor de entrada de GNOME. Úsase para describir o paquete de software como un todo.</para>
<para>Interface de entrada con temas - A xanela de entrada gráfica (fornecido por <command>gnome-shell</command>).</para>
<para>PAM: Mecanismo de engadidos de autenticación (Pluggable Autentication Mechanism)</para>
<para>XDMCP: Protocolo de xestión de pantallas X (X Display Manager Protocol)</para>
<para>Servidor X: Unha implementación do X Windows System. Por exemplo, o servidor X de Xorg fornecido pola Fundación X.org <ulink type="http" url="http://www.x.org/">http://www.x.org</ulink>.</para>
<para>Rutas que comezan cunha palabra entre parénteses son relativas ao prefixo de instalación, p.ex. <filename><share>/pixmaps/</filename> refírese a <filename>/usr/share/pixmaps</filename> se GDM configurouse con <command>--prefix=/usr</command>.</para>
</sect1>
<!-- ============= Overview ================================= -->
<sect1 id="overview">
<title>Vista xeral</title>
<sect2 id="introduction">
<title>Introdución</title>
<para>O Xestor de entrada de GNOME (GDM) é un xestor de entrada que implementa todas as características significativas requiridas para xestionar pantallas remotas e locais. GDM escribiuse desde cero e non contén nada de código de XDM ou do X Consortium.</para>
<para>Note que o GDM é altamaente configurábel e moitos axustes de configuración poden afectar á seguranza. Os temas sobre os que debe prestar atención están realzados neste documento.</para>
<para>Note que algúns sistemas operativos configuran GDM para comportarse de forma diferente aos valores predetermiandos, como se describe neste documento. Se GDM non parece comportarse como se documenta, entón comprobe se algunha configuración relacionada difire da aquí describa.</para>
<para lang="en">
For further information about GDM, refer to the project website at
<ulink type="http" url="http://wiki.gnome.org/Projects/GDM/">
http://wiki.gnome.org/Projects/GDM</ulink>.
</para>
<para>Para discusións ou consultas sobre GDM, diríxase á rolda de correo <address><email>gdm-list@gnome.org</email></address>. Esta lista está arquivada, e é unha boa fonte para buscar respostas a preguntas comúns. Esta lista está arquivada en <ulink type="http" url="http://mail.gnome.org/archives/gdm-list/">http://mail.gnome.org/archives/gdm-list/</ulink> e ten busca integrada para atopar mensaxes con palabras chave.</para>
<para>Envía calquera informe de erro ou peticións de mellora na categoría «gdm» en <ulink type="http" url="http://bugzilla.gnome.org/">http://bugzilla.gnome.org</ulink>.</para>
</sect2>
<sect2 id="stability">
<title>Estabilidade de interfaces</title>
<para>GDM 2.20 e máis actuais admiten as interfaces estábeis de configuración. Porén, o código base foi completamente rescrito en GDM 2.22, e pode non ser completamente compatíbel cara atrás con publicacións antigas. Isto é en parte porque as cousas funcionan de forma diferente, polo que algunhas opcións agora xa non teñen sentido, en parte porque algunhas opcións nunca tiveron sentido e en parte porque algunha funcionalidade non foi reimplementada.</para>
<para>As interfaces que continúan sendo compatíbeis nun sentido estábel inclúen os scripts de Init, PreSession, PostSession, PostLogin e Xsession. Algunhas opcións de configuración do «daemon» do ficheiro <filename><etc>/gdm/custom.conf</filename> continúan sendo compatíbeis. Ademais, <filename>~/.dmrc</filename>, e as localizacións das imaxes continúan sendo compatíbeis.</para>
<para>GDM 2.20e máis actual admitían a característica de xestionar múltiples pantallas con tarxetas gráficas separadas, como son usados en ambientes de servidor de terminais, inicio de sesión nunha xanela mediante programas como Xnest ou Xephyr, o programa gdmsetup, os temas de benvida baseados en XL e a característica de executar o selector de XDMCP desde o inicio de sesión. Estas características non foron restauradas durante a rescritura de 2.22.</para>
</sect2>
<sect2 id="functionaldesc">
<title>Descrición funcional</title>
<!--
<para>
TODO - Would be good to discuss D-Bus, perhaps the new GObject model,
and to explain the reasons why the rewrite made GDM better.
From a high-level overview perspective, rather than the
technical aspects.
</para>
-->
<para>GDM é responsábel de xestionar pantallas no seu sistema. Isto inclúe a autenticación de usuarios, iniciar e rematar a sesión de usuario. GDM é configurábel e pode atopar unha descrición das formas de como pode facelo na sección «Configurando GDM» deste documento. GDM tamén é accesíbel para os usuarois con discapacidades.</para>
<para>GDM fornece a característica de xestionar a pantalla da console principal e as pantallas iniciadas en VT. Está integrado con outros programas, como o miniaplicativo de Intercambio de usuarios rápido (FUSA) e o gnome-screensaver para xestionar as pantallas múltiples nunha consola mediante a interface de Terminal Virtual Xserver (VT). Tamén pode xestionar pantallas XDMCP.</para>
<para>Con respecto do tipo de pantalla, GDM fará o seguinte cando xestione a pantalla. Comezará o proceso Xserver, logo executará o script <filename>Init</filename> como un usuario root, e logo iniciará o programa de benvida na pantalla.</para>
<para>O programa de benvida execútase co usuario/grupo sen privilexios. Este usuario e grupo descríbense na sección "Seguridade" deste documento. As funcións principais do programa de bencida é de fornecer un mecanismo para seleccionar unha conta onde iniciar sesión e conducir o diálogo entre o usuario e o sistema ao autenticarse con dita conta. O proceso de autenticación está conducido polos Modulos de Autenticación Conetábeis (PAM). Os modulos PAM determinan que preguntas (se as hai) se mostran ao usuario ao autenticarse. Nun sistema normal, o programa de benvida solicitará un nome de usuario e un contrasinal para autenticarse. Porén nalgúns sistemas configurados para empregar mecanismos suplementarios como a pegada dixital ou lectores de tarxetas intelixentes. GDM pode configurarse para admitir estas alternativas en paralelo coas extensións de inicio de sesión da pantalla de benvida e a opción <command>--enable-split-authentication</command> <filename>./configure</filename>, ou unha á vez mediante a configuración PAM do sistema.</para>
<para>A extensión de tarxetas intelixentes pode activarse ou desactivarse mediante a chave de gsettings <filename>org.gnome.display-manager.extensions.smartcard.active</filename>.</para>
<para>Seguramente, a extensión de pegada dixital pode activarse ou desactivarse mediante a chave de gsettings <filename>org.gnome.display-manager.extensions.fingerprint.active</filename>.</para>
<para>GDM e PAM pode configurarse para non requirir ningunha entrada, que causará que GDM inicie sesión automaticamente e logo inicie a sesión, o cal pode ser útil para algúns ambientes, como en sistemas de usuario único e quioscos.</para>
<para>Ademais da autenticación, o programa de benvida permítelle ao usuario seleccionar que sesión iniciar e en que idioma. As sesións están definidas por ficheiros que rematan co sufixo .desktop e pode atopar máis información sobre estes ficheiros na sección «Configuración de sesión de usuario e idioma de GDM». Por omisión, GDM está configurado para mostrar un listado de caras para que o usuario poida seleccionar a súa conta de usuario ao premer nunha imaxe no lugar de ter que escribir o seu contrasinal. GDM fai un seguemento da sesión por omisión do usuario e do idioma no <filename>~/.dmrc</filename> do usuario e usará estas configuración predefinidas se o usaurio non selecciona unha sección ou idioma no GUI de inicio de sesión.</para>
<para>Despois de autenticar a un usuario, o «daemon» executa o script <filename>PostLogin</filename> como usuario root, e logo executa o script <filename>PreSession</filename> como usuario root. Despois de executar estes scripts a sesión do usuario arríncase. Cando o usuario sae da súa sesión, o script <filename>PostSession</filename> execútarase como usuario root. Estes scripts fornécense como hooks para as distribucións e aos usuario finais para personalizar como se xestionan as sesións. Por exemplo, usando estes hooks pode configurar que a máquina cree o cartafol de usuario $HOME ao voo, e o elimine ao iniciar sesión. A diferenza entre os scripts <filename>PostLogin</filename> e<filename>PreSession</filename> son que <filename>PostLogin</filename> execútase antes da chamada a pam_open_session polo que é o lugar correcto para facer calquera cousaa que se debería executar antes de que a sesión do usuario se inicialice.</para>
</sect2>
<sect2 id="greeterpanel">
<title>O panel da interface de entrada con temas</title>
<para>A pantalla de benvida de GDM mostra un panel situado na parte inferior da pantalla que fornece funcionalidade adicional. Cando un usuario está seleccionado o panel permítelle ao usuario seleccionar a sesión, idioma e distribución de teclado que quere usar ao iniciar sesión. O selector da distribución do teclado tamén cambia a distribución do teclado ao escribir o seu contrasinal.O panel tamén contén un área para que os servizos de inicio de sesión poidan deixar iconas de estado. Como exemplo dalgunhas iconas atopará unha icona do estado da batería e unha icona para activar características de accesibilidade. O programa de benvida tamén fornece botóns que lle permiten ao usuario apagar ou reiniciar o seu sistema. É posíbel configurar GDM para non fornecer os botóns de apagar ou reinicio, se o desexa. GDM tamén pode configurarse mediante PolicyKit (ou mediante RBAC en Oracle Solaris) para requirir que o usuario teña unha autorización axeitada antes de aceptar unha solicitude de apagado ou reinicio.</para>
<para>Teña en conta que as características de disposición do teclado só están dispoñíbeis en sistemas que son compatíbeis con libxklavier.</para>
</sect2>
<sect2 id="accessibility">
<title>Accesibilidade</title>
<para>GDM admite «Inicio de sesión accesíbel», o cal lle permite iniciar sesión nunha sesión de escritorio incluso cando non pode usar de forma doada a pantalla, o rato ou o teclado na forma normal. A Tecnoloxía de Accesibilidade (AT) ten características como teclado en pantalla, lector de pantalla, magnificador de pantalla e accesibilidade de teclado AccessX de Xserver. Vaia á sección «Configuración de accesibilidade»do documento para obter máis información sobre como se poden configurar as distintas características de accesibilidade. </para>
<para>Nalgúns sistemas operativos, é necesario asegurarse que o usuario de GDM é un membro do grupo «audio» para os programas de AT que requiren saída de son (como texto-a-fala) para que sexan funcionais.</para>
</sect2>
<sect2 id="facebrowser">
<title>O visor de rostros de GDM</title>
<para>O explorador de caras é a interface que lle permite os usuarios seleccionar o seu nomem de usuario seleccionando unha imaxe. Esta característica pode activarse ou desactivarse mediante a chave de lista de Gsettings org.gnome.login-screen disable-user-enabled, a cal está activada por omisión. Ao activala, mostrará todos os usuarios locais que están dispoñíbeis para iniciar sesión no sistema (todas as contas de usuario definidas en /etc/password que teñan unha shell válida e un UID suficientemente alto) e os usuarios remotos que iniciaran sesión recentemente. O explorador de caras en GDM 2.20 e superior tentarán mostrar todos os usuarios remotos o que pode causar problemas de rendemento para despregues empresariais grandes.</para>
<para>O Explorador de caras está configurado para mostrar os usuarios que inician sesión máis frecuentemente na parte superior da lista. Isto axúdalle a asegurarse que os usuarios que inician sesión con máis frecuencia poida atoparse a súa imaxe de inicio de sesión máis rápido.</para>
<para>O explorador de caras admite "busca adiantada" que move dinámicamente a selección de cara mentres o usuario escribe o correspondente nome de usuario na lista. Isto significa que un usuario con un nome de usuario longo só ten que escribir os primeiros caracteres do seu nome antes de que seleccione o elemento correcto na lista.</para>
<para>As iconas usadas por GDM están instaladas de forma global polo administrador do sistema ou poden estar nos cartafoles persoais dos usuarios. Se está instalada de forma global debería estar no cartafol <filename><share>/pixmaps/faces/</filename> e o nome de ficheiro debería ser o nome de usuario. Os ficheiros de imaxes de avatar no cartafol «face» global debe poder lerse polo usuario GDM. </para>
<!--
<para>
TODO - In the old GDM the ~/gnome2/gdm file is used, but the new code
seems to use ~/.gnome/gdm. Error?
</para>
-->
<para>Non hai unha icona global para o usuario, GDM bucará no cartafol $HOME do usuario pola imaxe. GDM primeiro mirará o ficheiro de avatar do usuario en <filename>~/.face</filename>. Se non o atopa, tentará <filename>~/.face.icon</filename>. Se aínda non o atopou, usará o valor definido por "face/picture=" no ficheiro <filename>~/.gnome2/gdm</filename>.</para>
<para>Se o usuario non ten unha imaxe de avatar definida, GDM usará a icona «stock_person» definida no tema GTK+ actual. Se non hai unha imaxe definida, usarase a imaxe de avatar xenérica. </para>
<para>Teña en conta que cargar e escalar iconas de avatar localizadas en cartafoles persoais remotos pode ser unha tarefa que leve tempo. Xa que no é práctico cargar imaxes mediante NIS ou NFS, GDM non tentará cargar imaxes desde cartafoles persoais remotos.</para>
<para>Cando o explorador está activado, os nomes de usuario válidos no computador mostraranse para calquera que poida ver. Se XDMCP está activado, os nomes de usuario móstranse tamén para os usuario remotos. Isto, por suposto, limita a seguridade xa que un usuario malicioso non precisa adiviñar os nomes de usuarios válidos. Nalgúns ambientes restritivos o explorador de avatares podería non ser o axeitado.</para>
</sect2>
<sect2 id="xdmcp">
<title>XDMCP</title>
<!--
<para>
TODO - What XDMCP features actually work? I know that the
chooser is missing.
</para>
-->
<para>O «daemon» GDM pode configurarse para escoitar e xestionar peticións X Display Manage Protocol (XDMCP) desde pantallas remotas. Por defecto a compatibilidade con XDMCP está descativada, porén pode activala se o desexa. Se GDM se constrúe con compatibilidade de wrapper TCP, o daemon só lle dará acceso a equipos específicos na sección do servizo GDM do ficheiro de configuración de TCP Wrappers.</para>
<para>GDM inclúe varias medidas que o fan máis resistente a ataques de denegación de servizo en XDMCP. Moitos dos parámetros do protocolo, tempos de espera de negociación, etc. poden axustarse.. A configuración predefinida debería funcionar razoabelmente ben na maioría dos sistemas.</para>
<para>GDM escoita por omisión ás peticións XDMCP no porto UDP normal usado por XDMCP, o porto 177, e responderá ás peticións QUERY e BROADCAST_QUERY enviando un paquete WILLING ao remitente.</para>
<para>GDM tamen pode configurarse para ceder consultas INDIRECT e mostrar un selector de equipo dunha pantalla remota. GDM recordará a elección do usuario e derivará as subsecuentes consultas ao xestor de elección. GDM tamén permite que unha extensión do protocolo faga a redirección en canto a conexión do usuario teña éxito. Esta extensión só se admite se ámbolos dous daemons son GDM. É transparente e é ignorada por XDM ou outros daemons que implementen XDMCP.</para>
<para>Se semella que XDMCP non está funcionando, asegúrese que todos os computadores están especificados no ficheiro <filename>/etc/hosts</filename>.</para>
<para>Consulte a sección «Seguridade» para obter máis información sobre a seguridade ao usar XDMCP.</para>
</sect2>
<sect2 id="logging">
<title>Rexistro de actividade</title>
<para>GDM usa syslog para rexistrar erros e o seu estado. Tamén pode rexistrar información de depuración, a cal pode ser útil para facer un seguemento dos problemas se GDM non está funcionando correctamente. A saída de depuración pode activarse configurando a chave de configuración debug/Enable a «true» no ficheiro <filename><etc>/gdm/custom.conf</filename>.</para>
<para>A saída para varios Xservers almacénase no cartafol de rexistro de GDM, o cal normalmente está en <filename><var>/log/gdm/</filename>. Calquera mensaxe de Xserver gardarase no ficheiro asociado co valor da pantalla, <filename><display>.log</filename>.</para>
<para>A saída da sesión é derivada mediante o daemon de GDM ao ficheiro <filename>~/<replaceable>$XDG_CACHE_HOME</replaceable>/gdm/session.log</filename> que normalmente expánde a <filename>~/.cache/gdm/session.log</filename>. O ficheiro sobrescríbese en cada inicio de sesión, polo que ao saír da sesión e volver a entrar co mesmo usuario mediante GDM causará que se perda calquera mensaxe da sesión anterior.</para>
<para>Teña en conta que se GDM non pode crear este ficheiro por calquera razón, crearase un ficheiro de respaldo co nome <filename>~/<replaceable>$XDG_CACHE_HOME</replaceable>/gdm/session.log.XXXXXXXX</filename> onde <filename>XXXXXXXX</filename> son caracteres aleatorios.</para>
</sect2>
<sect2 id="fusa">
<title>Cambio rápido de usuarios</title>
<para lang="en">
GDM allows multiple users to be logged in at the same time. After one
user is logged in, additional users can log in via the User Switcher
on the GNOME Panel, or from the "Switch User" button in Lock Screen dialog
of GNOME Screensaver. The active session can be changed back and forth using
the same mechanism. Note that some distributions may not add the User Switcher
to the default panel configuration. It can be added using the panel context
menu.
</para>
<para>Teña en conta que esta característica só está dispoñíbel en sistemas que admiten Terminais Virtuais. Esta característica non funcionará se as Terminais virtuais non funcionan.</para>
</sect2>
</sect1>
<!-- ============= Security ================================= -->
<sect1 id="security">
<title>Seguranza</title>
<sect2 id="gdmuser">
<title>O usuario e grupo de GDM</title>
<para lang="en">
For security reasons a dedicated user and group id are recommended for
proper operation. This user and group are normally "gdm" on
most systems, but can be configured to any user or group. All GDM
GUI programs are run as this user, so that the programs which interact
with the user are run in a sandbox. This user and group should have
limited privilege.
</para>
<para lang="en">
The only special privilege the "gdm" user requires is the
ability to read and write Xauth files to the
<filename><var>/run/gdm</filename> directory. The
<filename><var>/run/gdm</filename> directory should have
root:gdm ownership and 1777 permissions.
</para>
<para lang="en">
You should not, under any circumstances, configure the GDM user/group
to a user which a user could easily gain access to, such as the user
<filename>nobody</filename>. Any user who gains access to an Xauth
key can snoop on and control running GUI programs running in the
associated session or perform a denial-of-service attack on it. It
is important to ensure that the system is configured properly so that
only the "gdm" user has access to these files and that it
is not easy to login to this account. For example, the account should
be setup to not have a password or allow non-root users to login to the
account.
</para>
<para lang="en">
The GDM greeter configuration is stored in GConf. To allow the GDM
user to be able to write configuration, it is necessary for the
"gdm" user to have a writable $HOME directory. Users may
configure the default GConf configuration as desired to avoid the
need to provide the "gdm" user with a writable $HOME
directory. However, some features of GDM may be disabled if it is
unable to write state information to GConf configuration.
</para>
</sect2>
<sect2 id="PAM">
<title>PAM</title>
<para lang="en">
GDM uses PAM for login authentication. PAM stands for Pluggable
Authentication Module, and is used by most programs that request
authentication on your computer. It allows the administrator to
configure specific authentication behavior for different login programs
(such as ssh, login GUI, screensaver, etc.)
</para>
<para lang="en">
PAM is complicated and highly configurable, and this documentation does
not intend to explain this in detail. Instead, it is intended to give
an overview of how PAM configuration relates with GDM, how PAM is
commonly configured with GDM, and known issues. It is expected that
a person needing to do PAM configuration would need to do further
reading of PAM documentation to understand how to configure PAM and
to understand terms used in this section.
</para>
<para>A configuración PAM ten interfaces diferentes, pero similares, para os distintos sistemas operativos, polo que comprobe a páxina man <ulink type="help" url="man:pam.d">pam.d</ulink> ou <ulink type="help" url="man:pam.conf">pam.conf</ulink>. Asegúrese que lee a documentación PAM e ten en conta as implicacións de seguridade que calquera cambio que queira facer na súa configuración.</para>
<para>Teña en conta que, por omisión, GDM usa o nome de servizo PAM «gdm» para o inicio de sesión normal e o nome de servizo PAM «gdm-autologin» para os inicios de sesión automáticos. Se non hai entrada entón GDM usará o comportamento PAM por omisión. Na maioría dos sistemas isto funcionará ben, porén, no inicio de sesión automático pode que non funcione se o servizo gdm-autologin non está definido.</para>
<para>O script <filename>PostLogin</filename> execútase antes de que se chame a pam_open_session, e o script <filename>PreSession</filename> chámase despois. Isto permítelle ao administrador do sistema engadir calquera script no proceso de inicio de sesión antes ou despois de que PAM inicialice a sesión.</para>
<para lang="en">
If you wish to make GDM work with other types of authentication
mechanisms (such as a fingerprint or SmartCard reader), then you should
implement this by using a PAM service module for the desired
authentication type rather than by trying to modify the GDM code
directly. Refer to the PAM documentation on your system. How to do
this is frequently discussed on the
<address><email>gdm-list@gnome.org</email></address> mail list,
so you can refer to the list archives for more information.
</para>
<para lang="en">
PAM does have some limitations regarding being able to work with
multiple types of authentication at the same time, like supporting
the ability to accept either SmartCard and the ability to type the
username and password into the login program. There are techniques
that are used to make this work, and it is best to research how this
problem is commonly solved when setting up such a configuration.
</para>
<para lang="en">
If automatic login does not work on a system, check to see if the
"gdm-autologin" PAM stack is defined in the PAM configuration. For
this to work, it is necessary to use a PAM module that simply does no
authentication, or which simply returns PAM_SUCCESS from all of its
public interfaces. Assuming your system has a pam_allow.so PAM module
which does this, a PAM configuration to enable "gdm-autologin" would
look like this:
</para>
<screen>
gdm-autologin auth required pam_unix_cred.so.1
gdm-autologin auth sufficient pam_allow.so.1
gdm-autologin account sufficient pam_allow.so.1
gdm-autologin session sufficient pam_allow.so.1
gdm-autologin password sufficient pam_allow.so.1
</screen>
<para>A configuración de arriba causará que a entrada lastlog non se xere. Se desexa unha entrada lastlog entón use o seguinte para a sesión:</para>
<screen>
gdm-autologin session required pam_unix_session.so.1
</screen>
<para lang="en">
If the computer is used by several people, which makes automatic login
unsuitable, you may want to allow some users to log in without entering
their password. This feature can be enabled as a per-user option in
the users-admin tool from the gnome-system-tools; it is achieved by
checking that the user is member a Unix group called
"nopasswdlogin" before asking for a password. For this to work,
the PAM configuration file for the "gdm" service must include
a line such as:
</para>
<screen>
gdm auth sufficient pam_succeed_if.so user ingroup nopasswdlogin
</screen>
</sect2>
<sect2 id="utmpwtmp">
<title lang="en">utmp and wtmp</title>
<para lang="en">
GDM generates utmp and wtmp User Accounting Database entries upon
session login and logout. The utmp database contains user access
and accounting information that is accessed by commands such as
<command>finger</command>, <command>last</command>,
<command>login</command>, and <command>who</command>. The wtmp
database contains the history of user access and accounting
information for the utmp database. Refer to the
<ulink type="help" url="man:utmp">utmp</ulink> and
<ulink type="help" url="man:wtmp">wtmp</ulink>
man pages on your system for more information.
</para>
</sect2>
<sect2 id="xauth">
<title>Esquema de autenticación do servidor X</title>
<para lang="en">
Xserver authorization files are stored in a newly created subdirectory
of <filename><var>/run/gdm</filename> at start up. These files
are used to store and share a "password" between X clients
and the Xserver. This "password" is unique for each session
logged in, so users from one session can't snoop on users from another.
</para>
<para lang="en">
GDM only supports the MIT-MAGIC-COOKIE-1 Xserver authentication
scheme. Normally little is gained from the other schemes, and no
effort has been made to implement them so far. Be especially
careful about using XDMCP because the Xserver authentication cookie
goes over the wire as clear text. If snooping is possible, then an
attacker could simply snoop your authentication password as you log in,
regardless of the authentication scheme being used. If snooping is
possible and undesirable, then you should use ssh for tunneling an X
connection rather then using XDMCP. You could think of XDMCP as a sort
of graphical telnet, having the same security issues. In most cases,
ssh -Y should be preferred over GDM's XDMCP features.
</para>
</sect2>
<sect2 id="xdmcpsecurity">
<title>Seguranza XDMCP</title>
<para lang="en">
Even though your display is protected by cookies, XEvents and thus
keystrokes typed when entering passwords will still go over the wire in
clear text. It is trivial to capture these.
</para>
<para lang="en">
XDMCP is primarily useful for running thin clients such as in terminal
labs. Those thin clients will only ever need the network to access
the server, and so it seems like the best security policy to have
those thin clients on a separate network that cannot be accessed by
the outside world, and can only connect to the server. The only point
from which you need to access outside is the server. This type of set up
should never use an unmanaged hub or other sniffable network.
</para>
</sect2>
<sect2 id="xdmcpaccess">
<title>Control de acceso XDMCP</title>
<para>O control de acceso de XDMCP está construído empregando envoltorios de TCP. É posíbel compilar GDM sen a compatibilidade de envoltorios de TCP, polo que esta característica podería non admitirse nalgúns sistemas operativos.</para>
<para>Debería usar un nome de daemon <command>gdm</command> nos ficheiros <filename><etc>/hosts.allow</filename> e <filename><etc>/hosts.deny</filename>. Por exemplo para denegarlle o inicio de sesión desde <filename>.dominio.maligno</filename>, entón engada</para>
<screen>
gdm: .dominio.maligno
</screen>
<para>a <filename><etc>/hosts.deny</filename>. Tamén precisa engadir</para>
<screen>
gdm: .o.seu.dominio
</screen>
<para>ao seu <filename><etc>/hosts.allow</filename> se normalmente desautoriza todos os servizos desde todos os equipos. Vexa unha páxina d eman <ulink type="help" url="man:hosts.allow">hosts.allow(5)</ulink> para obter máis detalles.</para>
</sect2>
<sect2 id="firewall">
<title>Seguranza con devasa</title>
<para lang="en">
Even though GDM tries to outsmart potential attackers trying to take
advantage of XDMCP, it is still advised that you block the XDMCP port
(normally UDP port 177) on your firewall unless really needed. GDM
guards against denial of service attacks, but the X protocol is still
inherently insecure and should only be used in controlled environments.
Also each remote connection takes up lots of resources, so it is much
easier to do a denial of service attack via XDMCP than attacking a
webserver.
</para>
<para lang="en">
It is also wise to block all of the Xserver ports. These are TCP
ports 6000+ (one for each display number) on your firewall. Note that
GDM will use display numbers 20 and higher for flexible on-demand
servers.
</para>
<para>X non é un protocolo moi seguro ao usalo por internet, e XDMCP é aínda menos seguro.</para>
</sect2>
<sect2 id="policykit">
<title>PolicyKit</title>
<!--
<para>
TODO - Should we say more?
</para>
-->
<para>GDM pode configurarse para usar PolicyKit para permitirlle a un administrador de sistemas o control de se a pantalla de benvida debería fornecer os botóns de apagado e reinicio.</para>
<para>Estes botóns están controlados polas accións <filename>org.freedesktop.consolekit.system.stop-multiple-users</filename> e <filename>org.freedesktop.consolekit.system.restart-multiple-users</filename> respectivamente. A normativa para estas acccións pode configurarse usando a ferramenta polkit-gnome-authorization ou o programa de liña de ordes polkit-auth.</para>
</sect2>
<sect2 id="rbac">
<title>RBAC (Control de acceso baseado en rol)</title>
<para>GDM pode configurarse para usar RBAC no lugar de PolicyKit. Neste caso a configuración de RBAC úsase para controlar se a pantalla de inicio de sesión debería fornecer os botóns de apagado e reinicio na pantalla de benvida.</para>
<para>Por exemplo, en Oracle Soraris, úsase a autorización «solaris.system.shutdown» para controlar isto. Simplemente modifique o ficheiro <filename>/etc/user_attr</filename> para que o usuario «gdm» teña esta autorización.</para>
</sect2>
</sect1>
<!-- ============= ConsoleKit ================================ -->
<sect1 id="consolekit">
<title>Compatibilidade para ConsoleKit</title>
<!--
<para>
TODO - Should we update these docs? Probably should mention any
configuration that users may want to do for using it with GDM?
If so, perhaps this section should be moved to a subsection of
the "Configure" section?
</para>
-->
<para>GDM inclúe compatibilidade para publicar información de inicio de sesión do usuario co marco de traballo de contas de sesión e usuario coñecido como ConsoleKit. ConsoleKit pode facer un seguemento de todos os usuarios coa sesión aberta actualmente. Neste respecto, pode usarse como un substituto dos ficheiros utmp ou utmpx que están dispoñíbeis na maioría dos sistemas operativos Unix.</para>
<para lang="en">
When GDM is about to create a new login process for a user it will call
a privileged method of ConsoleKit in order to open a new session for this
user. At this time GDM also provides ConsoleKit with information about
this user session such as: the user ID, the X11 Display name that will be
associated with the session, the host-name from which the session
originates (useful in the case of an XDMCP session), whether or not this
session is attached, etc. As the entity that initiates the user process,
GDM is in a unique position to know about the user session and to be
trusted to provide these bits of information. The use of this privileged
method is restricted by the use of the D-Bus system message bus security
policy.
</para>
<para>No caso de que un usuario con unha sesión existente se autenticara en GDM e solicite retomar unha sesión existente, GDM chama ao método con privilexios de ConsoleKit para desbloquear a sesión. Os detalles exactos do que acontece cando a sesión recibe este sinal de desbloqueo non están definidos e é específico da sesión. Porén, a maioría das sesións desbloquearán o protector de pantalla en resposta.</para>
<para>Cando o usuario queira saír da sesión, ou se GDM ou a sesión saen de forma inesperada a sesión do usuario desrexistrarase desde ConsoleKit.</para>
</sect1>
<!-- ============= Configuration ============================= -->
<sect1 id="configuration">
<title>Configuración</title>
<para>GDM ten un conxunto de interfaces de configuración. Isto inclúe puntos de integración de scripting, configuración do «daemon», configuración da pantalla de benvida, configuracións xerais da sesión, integración coas configuracións de «gnome-settings-daemon» e configuración da sesión. Estes tipos de integración descríbense en detalle embaixo.</para>
<sect2 id="scripting">
<title>Puntos de integración de scripts</title>
<para>Os puntos de integración por script de GDM pódense atopar no cartafol <filename><etc>/gdm/</filename>:</para>
<screen>
Xsession
Init/
PostLogin/
PreSession/
PostSession/
</screen>
<para>Os scripts <filename>Init</filename>, <filename>PostLogin</filename>, <filename>PreSession</filename> e <filename>PostSession</filename> todos funcionan como se describe embaixo.</para>
<para lang="en">
For each type of script, the default one which will be executed is
called "Default" and is stored in a directory associated with
the script type. So the default <filename>Init</filename> script is
<filename><etc>/gdm/Init/Default</filename>. A per-display
script can be provided, and if it exists it will be run instead of the
default script. Such scripts are stored in the same directory as the
default script and have the same name as the Xserver DISPLAY value for
that display. For example, if the <filename><Init>/:0</filename>
script exists, it will be run for DISPLAY ":0".
</para>
<para lang="en">
All of these scripts are run with root privilege and return 0 if run
successfully, and a non-zero return code if there was any failure that
should cause the login session to be aborted. Also note that GDM will
block until the scripts finish, so if any of these scripts hang, this
will cause the login process to also hang.
</para>
<para lang="en">
When the Xserver for the login GUI has been successfully started, but
before the login GUI is actually displayed, GDM will run the
<filename>Init</filename> script. This script is useful for starting
programs that should be run while the login screen is showing, or for
doing any special initialization if required.
</para>
<para lang="en">
After the user has been successfully authenticated GDM will run the
<filename>PostLogin</filename> script. This is done before any session
setup has been done, including before the pam_open_session call. This
script is useful for doing any session initialization that needs to
happen before the session starts. For example, you might setup the
user's $HOME directory if needed.
</para>
<para lang="en">
After the user session has been initialized, GDM will run the
<filename>PreSession</filename> script. This script is useful for
doing any session initialization that needs to happen after the
session has been initialized. It can be used for session management or
accounting, for example.
</para>
<para lang="en">
When a user terminates their session, GDM will run the
<filename>PostSession</filename> script. Note that the Xserver will
have been stopped by the time this script is run, so it should not be
accessed.
</para>
<para lang="en">
Note that the <filename>PostSession</filename> script will be run
even when the display fails to respond due to an I/O error or
similar. Thus, there is no guarantee that X applications will work
during script execution.
</para>
<para lang="en">
All of the above scripts will set the
<filename>$RUNNING_UNDER_GDM</filename> environment variable to
<filename>yes</filename>. If the scripts are also shared with other
display managers, this allows you to identify when GDM is calling these
scripts, so you can run specific code when GDM is used.
</para>
</sect2>
<sect2 id="autostart">
<title>Configuración automática ao inicio</title>
<para lang="en">
The <filename><share>/gdm/autostart/LoginWindow</filename>
directory contains files in the format specified by the
"FreeDesktop.org Desktop Application Autostart
Specification". Standard features in the specification may be
used to specify programs that should auto-restart or only be launched
if a GConf configuration value is set, etc.
</para>
<para lang="en">
Any <filename>.desktop</filename> files in this directory will cause
the associated program to automatically start with the login GUI
greeter. By default, GDM is shipped with files which will autostart
the gdm-simple-greeter login GUI greeter itself, the
gnome-power-manager application, the gnome-settings-daemon, and the
metacity window manager. These programs are needed for the greeter
program to work. In addition, desktop files are provided for starting
various AT programs if the configuration values specified in the
Accessibility Configuration section below are set.
</para>
</sect2>
<sect2 id="xsessionscript">
<title>Script Xsession</title>
<para lang="en">
There is also an <filename>Xsession</filename> script located at
<filename><etc>/gdm/Xsession</filename> which is called between
the <filename>PreSession</filename> and the
<filename>PostSession</filename> scripts. This script does not
support per-display like the other scripts. This script is used for
actually starting the user session. This script is run as the user,
and it will run whatever session was specified by the Desktop session
file the user selected to start.
</para>
</sect2>
<sect2 id="daemonconfig">
<title>Configuración do «daemon»</title>
<para lang="en">
The GDM daemon is configured using the
<filename><etc>/gdm/custom.conf</filename> file. Default
values are stored in GConf in the <filename>gdm.schemas</filename>
file. It is recommended that end-users modify the
<filename><etc>/gdm/custom.conf</filename> file because the
schemas file may be overwritten when the user updates their system to
have a newer version of GDM.
</para>
<para lang="en">
Note that older versions of GDM supported additional configuration
options which are no longer supported in the latest versions of GDM.
</para>
<para lang="en">
The <filename><etc>/gdm/custom.conf</filename> file is in the
<filename>keyfile</filename> format. Keywords in brackets
define group sections, strings before an equal sign (=) are keys and
the data after equal sign represents their value. Empty lines or
lines starting with the hash mark (#) are ignored.
</para>
<para lang="en">
The file <filename><etc>/gdm/custom.conf</filename> supports the
"[daemon]", "[security]", and "[xdmcp]"
group sections. Within each group, there are particular key/value
pairs that can be specified to modify how GDM behaves. For example,
to enable timed login and specify the timed login user to be a user
named "you", you would modify the file so it contains the
following lines:
</para>
<screen>
[daemon]
TimedLoginEnable=true
TimedLogin=you
</screen>
<para lang="en">
A full list of supported configuration keys follow:
</para>
<sect3 id="choosersection">
<title>[chooser]</title>
<variablelist>
<varlistentry>
<term>Multicast</term>
<listitem>
<synopsis>Multicast=false</synopsis>
<para>Se é verdadeiro e IPv6 está activado, o selector enviará unha consulta multicast á rede local e recollera as respostas dos equipos que están unidos ao grupo multicast.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>MulticastAddr</term>
<listitem>
<synopsis>MulticastAddr=ff02::1</synopsis>
<para>Este é o enderezo multicast de link local</para>
</listitem>
</varlistentry>
</variablelist>
</sect3>
<sect3 id="daemonsection">
<title>[daemon]</title>
<variablelist>
<varlistentry>
<term>TimedLoginEnable</term>
<listitem>
<synopsis>TimedLoginEnable=false</synopsis>
<para lang="en">
If the user given in <filename>TimedLogin</filename> should be
logged in after a number of seconds (set with
<filename>TimedLoginDelay</filename>) of inactivity on the
login screen. This is useful for public access terminals or
perhaps even home use. If the user uses the keyboard or
browses the menus, the timeout will be reset to
<filename>TimedLoginDelay</filename> or 30 seconds, whichever
is higher. If the user does not enter a username but just
hits the ENTER key while the login program is requesting the
username, then GDM will assume the user wants to login
immediately as the timed user. Note that no password will be
asked for this user so you should be careful, although if using
PAM it can be configured to require password entry before
allowing login. Refer to the "Security->PAM"
section of the manual for more information, or for help if this
feature does not seem to work.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>TimedLogin</term>
<listitem>
<synopsis>TimedLogin=</synopsis>
<para>Este é o usuario no que se debería iniciar sesión despois dun número especificado de segundos de inactividade.</para>
<para lang="en">
If the value ends with a vertical bar | (the pipe symbol),
then GDM will execute the program specified and use whatever
value is returned on standard out from the program as the user.
The program is run with the DISPLAY environment variable set so
that it is possible to specify the user in a per-display
fashion. For example if the value is "/usr/bin/getloginuser|",
then the program "/usr/bin/getloginuser" will be run to get the
user value.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>TimedLoginDelay</term>
<listitem>
<synopsis>TimedLoginDelay=30</synopsis>
<para>Atraso en segundos antes de que o usuario <filename>TimedLogin</filename> se inicie sesión.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>AutomaticLoginEnable</term>
<listitem>
<synopsis>AutomaticLoginEnable=false</synopsis>
<para lang="en">
If true, the user given in <filename>AutomaticLogin</filename>
should be logged in immediately. This feature is like timed
login with a delay of 0 seconds.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>AutomaticLogin</term>
<listitem>
<synopsis>AutomaticLogin=</synopsis>
<para lang="en">
This is the user that should be logged in immediately if
<filename>AutomaticLoginEnable</filename> is true.
</para>
<para lang="en">
If the value ends with a vertical bar | (the pipe symbol),
then GDM will execute the program specified and use whatever
value is returned on standard out from the program as the user.
The program is run with the DISPLAY environment variable set so
that it is possible to specify the user in a per-display
fashion. For example if the value is "/usr/bin/getloginuser|",
then the program "/usr/bin/getloginuser" will be run to get the
user value.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>User</term>
<listitem>
<synopsis>User=gdm</synopsis>
<para lang="en">
The username under which the greeter and other GUI programs
are run. Refer to the <filename>Group</filename>
configuration key and to the "Security->GDM User And
Group" section of this document for more information.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Group</term>
<listitem>
<synopsis>Group=gdm</synopsis>
<para lang="en">
The group name under which the greeter and other GUI programs
are run. Refer to the <filename>User</filename>
configuration key and to the "Security->GDM User And
Group" section of this document for more information.
</para>
</listitem>
</varlistentry>
</variablelist>
</sect3>
<sect3 id="debugsection">
<title>Opcións de depuración</title>
<variablelist>
<title>[debug]</title>
<varlistentry>
<term>Enable</term>
<listitem>
<synopsis>Enable=false</synopsis>
<para lang="en">
To enable debugging, set the debug/Enable key to
"true" in the
<filename><etc>/gdm/custom.conf</filename>
file and restart GDM. Then debug output will be sent to the
system log file (<filename><var>/log/messages</filename>
or <filename><var>/adm/messages</filename> depending on
your Operating System).
</para>
</listitem>
</varlistentry>
</variablelist>
</sect3>
<sect3 id="greetersection">
<title>Opcións da interface</title>
<variablelist>
<title>[greeter]</title>
<varlistentry>
<term>IncludeAll</term>
<listitem>
<synopsis>IncludeAll=true</synopsis>
<para lang="en">
If true, then the face browser will show all users on the local
machine. If false, the face browser will only show users who
have recently logged in.
</para>
<para lang="en">
When this key is true, GDM will call fgetpwent() to get a list
of local users on the system. Any users with a user id less
than 500 (or 100 if running on Oracle Solaris) are filtered
out. The Face Browser also will display any users that have
previously logged in on the system (for example NIS/LDAP
users). It gets this list via calling the
<command>ck-history</command> ConsoleKit interface. It will
also filter out any users which do not have a valid shell
(valid shells are any shell that getusershell() returns -
/sbin/nologin or /bin/false are considered invalid shells even
if getusershell() returns them).
</para>
<para lang="en">
If false, then GDM more simply only displays users that have
previously logged in on the system (local or NIS/LDAP users) by
calling the <command>ck-history</command> ConsoleKit interface.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Include</term>
<listitem>
<synopsis>Include=</synopsis>
<para lang="en">
Set to a list of users to always include in the Face Browser.
This value is set to a list of users separated by commas. By
default, the value is empty.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Exclude</term>
<listitem>
<synopsis>Exclude=bin,root,daemon,adm,lp,sync,shutdown,halt,mail,news,uucp,operator,nobody,nobody4,noaccess,postgres,pvm,rpm,nfsnobody,pcap</synopsis>
<para lang="en">
Set to a list of users to always exclude in the Face Browser.
This value is set to a list of users separated by commas. Note
that the setting in the <filename>custom.conf</filename>
overrides the default value, so if you wish to add additional
users to the list, then you need to set the value to the
default value with additional users appended to the list.
</para>
</listitem>
</varlistentry>
</variablelist>
</sect3>
<sect3 id="securitysection">
<title>Opcións de seguranza</title>
<variablelist>
<title>[security]</title>
<varlistentry>
<term>DisallowTCP</term>
<listitem>
<synopsis>DisallowTCP=true</synopsis>
<para lang="en">
If true, then always append <filename>-nolisten tcp</filename>
to the command line when starting attached Xservers, thus
disallowing TCP connection. This is a more secure
configuration if you are not using remote connections.
</para>
</listitem>
</varlistentry>
</variablelist>
</sect3>
<sect3 id="xdmcpsection">
<title>Compatibilidade XDMCP</title>
<variablelist>
<title>[xdmcp]</title>
<varlistentry>
<term>DisplaysPerHost</term>
<listitem>
<synopsis>DisplaysPerHost=1</synopsis>
<para lang="en">
To prevent attackers from filling up the pending queue, GDM
will only allow one connection for each remote computer. If
you want to provide display services to computers with more
than one screen, you should increase this value.
</para>
<para lang="en">
Note that the number of attached DISPLAYS allowed is not
limited. Only remote connections via XDMCP are limited by
this configuration option.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Enable</term>
<listitem>
<synopsis>Enable=false</synopsis>
<para lang="en">
Setting this to true enables XDMCP support allowing remote
displays/X terminals to be managed by GDM.
</para>
<para lang="en">
<filename>gdm</filename> listens for requests on UDP port 177.
See the Port option for more information.
</para>
<para lang="en">
If GDM is compiled to support it, access from remote displays
can be controlled using the TCP Wrappers library. The service
name is <filename>gdm</filename>
</para>
<para lang="en">
You should add
<screen lang="en">
gdm:.my.domain
</screen>
to your <filename><etc>/hosts.allow</filename>, depending
on your TCP Wrappers configuration. See the
<ulink type="help" url="man:hosts.allow">hosts.allow</ulink>
man page for details.
</para>
<para lang="en">
Please note that XDMCP is not a particularly secure protocol
and that it is a good idea to block UDP port 177 on your
firewall unless you really need it.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>HonorIndirect</term>
<listitem>
<synopsis>HonorIndirect=true</synopsis>
<para lang="en">
Enables XDMCP INDIRECT choosing (i.e. remote execution of
<filename>gdmchooser</filename>) for X-terminals which do not
supply their own display browser.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>MaxPending</term>
<listitem>
<synopsis>MaxPending=4</synopsis>
<para>Para evitar os ataques de denegación de servizos, GDM ten un tamaño de cola de conexións pendentes fixo. Só se poden iniciar MaxPending pantallas á vez.</para>
<para lang="en">
Please note that this parameter does not limit the number of
remote displays which can be managed. It only limits the number
of displays initiating a connection simultaneously.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>MaxSessions</term>
<listitem>
<synopsis>MaxSessions=16</synopsis>
<para lang="en">
Determines the maximum number of remote display connections
which will be managed simultaneously. I.e. the total number of
remote displays that can use your host.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>MaxWait</term>
<listitem>
<synopsis>MaxWait=30</synopsis>
<para lang="en">
When GDM is ready to manage a display an ACCEPT packet is sent
to it containing a unique session id which will be used in
future XDMCP conversations.
</para>
<para lang="en">
GDM will then place the session id in the pending queue
waiting for the display to respond with a MANAGE request.
</para>
<para lang="en">
If no response is received within MaxWait seconds, GDM will
declare the display dead and erase it from the pending queue
freeing up the slot for other displays.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>MaxWaitIndirect</term>
<listitem>
<synopsis>MaxWaitIndirect=30</synopsis>
<para lang="en">
The MaxWaitIndirect parameter determines the maximum number of
seconds between the time where a user chooses a host and the
subsequent indirect query where the user is connected to the
host. When the timeout is exceeded, the information about the
chosen host is forgotten and the indirect slot freed up for
other displays. The information may be forgotten earlier if
there are more hosts trying to send indirect queries then
<filename>MaxPendingIndirect</filename>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>PingIntervalSeconds</term>
<listitem>
<synopsis>PingIntervalSeconds=60</synopsis>
<para lang="en">
If the Xserver does not respond in the specified number of
seconds, then the connection is stopped and the session ended.
When this happens the slave daemon dies with an ALARM signal.
Note that GDM 2.20 and earlier multiplied this setting by 2,
so it may be necessary to increase the timeout if upgrading
from GDM 2.20 and earlier to a newer version.
</para>
<para lang="en">
Note that GDM in the past used to have a
<filename>PingInterval</filename> configuration key which was
also in minutes. For most purposes you'd want this setting
to be lower than one minute. However since in most cases where
XDMCP would be used (such as terminal labs), a lag of more
than 15 or so seconds would really mean that the terminal was
turned off or restarted and you would want to end the session.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Port</term>
<listitem>
<synopsis>Port=177</synopsis>
<para lang="en">
The UDP port number <filename>gdm</filename> should listen to
for XDMCP requests. Do not change this unless you know what
you are doing.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Willing</term>
<listitem>
<synopsis>Willing=<etc>/gdm/Xwilling</synopsis>
<para lang="en">
When the machine sends a WILLING packet back after a QUERY it
sends a string that gives the current status of this server.
The default message is the system ID, but it is possible to
create a script that displays customized message. If this
script does not exist or this key is empty the default message
is sent. If this script succeeds and produces some output,
the first line of it's output is sent (and only the first
line). It runs at most once every 3 seconds to prevent
possible denial of service by flooding the machine with QUERY
packets.
</para>
</listitem>
</varlistentry>
</variablelist>
</sect3>
</sect2>
<sect2 id="greeterconfiguration">
<title>Configuración da interface simple</title>
<para lang="en">
The GDM default greeter is called the simple Greeter and is
configured via GConf. Default values are stored in GConf in the
<filename>gdm-simple-greeter.schemas</filename> file. These defaults
can be overridden if the "gdm" user has a writable $HOME
directory to store GConf settings. These values can be edited using
the <command>gconftool-2</command> or <command>gconf-editor</command>
programs. The following configuration options are supported:
</para>
<variablelist>
<title>Chaves de configuración da interface</title>
<varlistentry>
<term>/apps/gdm/simple-greeter/banner_message_enable</term>
<listitem>
<synopsis>false (booleano)</synopsis>
<para>Controla se se mostra ou non o mensaxe de texto.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>/apps/gdm/simple-greeter/banner_message_text</term>
<listitem>
<synopsis>NULL (cadea)</synopsis>
<para lang="en">
Specifies the text banner message to show on the greeter
window.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>/apps/gdm/simple-greeter/disable_restart_buttons</term>
<listitem>
<synopsis>false (booleano)</synopsis>
<para lang="en">
Controls whether to show the restart buttons in the login
window.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>/apps/gdm/simple-greeter/disable_user_list</term>
<listitem>
<synopsis>false (booleano)</synopsis>
<para lang="en">
If true, then the face browser with known users is not shown
in the login window.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>/apps/gdm/simple-greeter/logo_icon_name</term>
<listitem>
<synopsis>computer (cadea)</synopsis>
<para lang="en">
Set to the themed icon name to use for the greeter logo.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>/apps/gdm/simple-greeter/recent-languages</term>
<listitem>
<synopsis>[] (lista de cadeas)</synopsis>
<para lang="en">
Set to a list of languages to be shown by default in the login
window. Default value is "[]". With the default setting only
the system default language is shown and the option "Other..."
which pops-up a dialog box showing a full list of available
languages which the user can select.
</para>
<para lang="en">
Users are not intended to change this setting by hand. Instead
GDM keeps track of any languages selected in this configuration
key, and will show them in the language combo box along with
the "Other..." choice. This way, commonly selected languages
are easier to select.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>/apps/gdm/simple-greeter/recent-layouts</term>
<listitem>
<synopsis>[] (lista de cadeas)</synopsis>
<para lang="en">
Set to a list of keyboard layouts to be shown by default in the
login panel. Default value is "[]". With the default setting
only the system default keyboard layout is shown and the option
"Other..." which pops-up a dialog box showing a full list of
available keyboard layouts which the user can select.
</para>
<para lang="en">
Users are not intended to change this setting by hand. Instead
GDM keeps track of any keyboard layouts selected in this
configuration key, and will show them in the keyboard layout
combo box along with the "Other..." choice. This way, commonly
selected keyboard layouts are easier to select.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>/apps/gdm/simple-greeter/wm_use_compiz</term>
<listitem>
<synopsis>false (booleano)</synopsis>
<para lang="en">
Controls whether compiz is used as the window manager instead
of metacity.
</para>
</listitem>
</varlistentry>
</variablelist>
</sect2>
<sect2 id="accessibilityconfiguration">
<title>Configuración da accesibilidade</title>
<para lang="en">
This section describes the accessibility configuration options available
in GDM.
</para>
<sect3 id="accessibilitydialog">
<title lang="en">GDM Accessibility Dialog And GConf Keys</title>
<para lang="en">
The GDM greeter panel at the login screen displays an accessibility
icon. Clicking on that icon opens the GDM Accessibility Dialog. In
the GDM Accessibility Dialog, there is a list of checkboxes, so the
user can enable or disable the associated assistive tools.
</para>
<para lang="en">
The checkboxes that correspond to the on-screen keyboard, screen
magnifier and screen reader assistive tools act on the three GConf
keys that are described in the next section of this document. By
enabling or disabling these checkboxes, the associated GConf key is
set to "true" or "false". When the GConf key is set to true, the
assistive tools linked to this GConf key are launched. When the
GConf key is set to "false", any running assistive tool linked to
this GConf key are terminated. These GConf keys are not automatically
reset to a default state after the user has logged in. Consequently,
the assistive tools that were running during the last GDM login
session will automatically be launched at the next GDM login session.
</para>
<para lang="en">
The other checkboxes in the GDM Accessibility Dialog do not have
corresponding GConf keys because no additional program is launched to
provide the accessibility features that they offer. These other
options correspond to accessibility features that are provided by the
Xserver, which is always running during the GDM session.
</para>
</sect3>
<sect3 id="accessibilitygconfconfiguration">
<title>Chaves de accesibilidade de GConf</title>
<para lang="en">
GDM offers the following GConf keys to control its accessibility
features:
</para>
<variablelist>
<title>Chaves de configuración de GDM</title>
<varlistentry>
<term>/desktop/gnome/interface/accessibility</term>
<listitem>
<synopsis>false (booleano)</synopsis>
<para lang="en">
Controls whether the Accessibility infrastructure will be
started with the GDM GUI. This is needed for many
accessibility technology programs to work.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>/desktop/gnome/applications/at/screen_magnifier_enabled</term>
<listitem>
<synopsis>false (booleano)</synopsis>
<para lang="en">
If set, then the assistive tools linked to this GConf key will
be started with the GDM GUI program. By default this is a
screen magnifier application.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>/desktop/gnome/applications/at/screen_keyboard_enabled</term>
<listitem>
<synopsis>false (booleano)</synopsis>
<para lang="en">
If set, then the assistive tools linked to this GConf key will
be started with the GDM GUI program. By default this is an
on-screen keyboard application.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>/desktop/gnome/applications/at/screen_reader_enabled</term>
<listitem>
<synopsis>false (booleano)</synopsis>
<para lang="en">
If set, then the assistive tools linked to this GConf key will
be started with the GDM GUI program. By default this is a
screen reader application.
</para>
</listitem>
</varlistentry>
</variablelist>
</sect3>
<sect3 id="accessibilitytoolsconfiguration">
<title lang="en">Linking GConf Keys to Accessibility Tools</title>
<para lang="en">
For the screen_magnifier_enabled, the screen_keyboard_enabled, and the
screen_reader_enabled GConf keys, the assistive tool which gets
launched depends on the desktop files located in the GDM autostart
directory as described in the "Autostart Configuration" section of
this manual. Any desktop file in the GDM autostart directory can be
linked to these GConf key via specifying that GConf key in the
AutostartCondition value in the desktop file. So the exact
AutostartCondition line in the desktop file could be one of the
following:
</para>
<screen>
AutostartCondition=GNOME /desktop/gnome/applications/at/screen_keyboard_enabled
AutostartCondition=GNOME /desktop/gnome/applications/at/screen_magnifier_enabled
AutostartCondition=GNOME /desktop/gnome/applications/at/screen_reader_enabled
</screen>
<para lang="en">
When an accessibility key is true, then any program which is linked to
that key in a GDM autostart desktop file will be launched (unless the
Hidden key is set to true in that desktop file). A single GConf key
can even start multiple assistive tools if there are multiple desktop
files with this AutostartCondition in the GDM autostart directory.
</para>
</sect3>
<sect3 id="accessibilitytoolexample">
<title lang="en">Example Of Modifying Accessibility Tool Configuration</title>
<para lang="en">
For example, if GNOME is distributed with GOK as the default on-screen
keyboard, then this could be replaced with a different program if
desired. To replace GOK with the on-screen keyboard application
"onboard" and additionally activate the assistive tool "mousetweaks"
for dwelling support, then the following configuration is needed.
</para>
<para lang="en">
Create a desktop file for onboard and a second one for mousetweaks;
for example, onboard.desktop and mousetweaks.desktop. These files
must be placed in the GDM autostart directory and be in the format
as explained in the "Autostart Configuration" section of this
document.
</para>
<para>O seguinte é un exemplo de ficheiro <filename>onboard.desktop</filename>:</para>
<screen>
[Desktop Entry]
Encoding=UTF-8
Name=Teclado en pantalla
Comment=Usar un teclado en pantalla
TryExec=onboard
Exec=onboard --size 500x180 -x 20 -y 10
Terminal=false
Type=Application
StartupNotify=true
Categories=GNOME;GTK;Accessibility;
AutostartCondition=GNOME /desktop/gnome/applications/at/screen_keyboard_enabled
</screen>
<para>O seguinte é un exemplo de ficheiro <filename>mousetweaks.desktop</filename>:</para>
<screen lang="en">
[Desktop Entry]
Encoding=UTF-8
Name=Software Mouse-Clicks
Comment=Perform clicks by dwelling with the pointer
TryExec=mousetweaks
Exec=mousetweaks --enable-dwell -m window -c -x 20 -y 240
Terminal=false
Type=Application
StartupNotify=true
Categories=GNOME;GTK;Accessibility;
AutostartCondition=GNOME /desktop/gnome/applications/at/screen_keyboard_enabled
</screen>
<para lang="en">
Note the line with the AutostartCondition that links both desktop
files to the GConf key for the on-screen keyboard.
</para>
<para lang="en">
To disable GOK from starting, the desktop file for the GOK on-screen
keyboard must be removed or deactivated. Otherwise onboard and GOK
would simultaneously be started. This can be done by removing the
gok.desktop file from the GDM autostart directory, or by adding the
"Hidden=true" key setting to the gok.desktop file.
</para>
<para lang="en">
After making these changes, GOK will no longer be started when the
user activates the on-screen keyboard in the GDM session; but onboard
and mousetweaks will instead be launched.
</para>
</sect3>
</sect2>
<sect2 id="generalsessionconfig">
<title>Configuracińo xeral de sesión</title>
<!--
<para>
TODO - I think this section should be expanded upon. What specific
keys are of interest, or would some users be likely to want
to configure? Also, would be good to be more specific about
how lock down management is handled.
</para>
-->
<para lang="en">
The GDM Greeter uses some of the same framework that your desktop
session will use. And so, it is influenced by a number of the same
GConf settings. For each of these settings the Greeter will use the
default value unless it is specifically overridden by a) GDM's
installed mandatory policy b) system mandatory policy. GDM installs
its own mandatory policy to lock down some settings for security.
</para>
</sect2>
<sect2 id="gnomesettingsdaemon">
<title>«Daemon» de preferencias de GNOME</title>
<!--
<para>
TODO - I think this section should be expanded upon. What specific
keys are of interest, or would some users be likely to want
to configure? Also, would be good to give a more complete
list of plugins that users might want to consider disabling.
Also, shouldn't we list the sound/active key in the Greeter
configuration setting? Oddly I do not find this key used
in anything but the chooser in SVN.
</para>
-->
<para>GDM conta cos seguintes engadidos de gnome-settings-daemon: a11y-keyboard, background, sound, xsettings.</para>
<para lang="en">
These are responsible for things like the background image, font and
theme settings, sound events, etc.
</para>
<para lang="en">
Plugins can also be disabled using GConf. For example, if you want to
disable the sound plugin then unset the following key:
<filename>/apps/gdm/simple-greeter/settings-manager-plugins/sound/active</filename>.
</para>
</sect2>
<sect2 id="sessionconfig">
<title>Configuración de sesión de GDM</title>
<para lang="en">
GDM sessions are specified using the FreeDesktop.org Desktop Entry
Specification, which can be referenced at the following URL:
<ulink url="http://www.freedesktop.org/wiki/Specifications/desktop-entry-spec">
http://www.freedesktop.org/wiki/Specifications/desktop-entry-spec</ulink>.
</para>
<para lang="en">
By default, GDM will install desktop files in the
<filename><share>/xsessions</filename> directory. GDM will
search the following directories in this order to find desktop files:
<filename><etc>/X11/sessions/</filename>,
<filename><dmconfdir>/Sessions</filename>,
<filename><share>/xsessions</filename>, and
<filename><share>/gdm/BuiltInSessions</filename>. By default the
<filename><dmconfdir></filename> is set to
<filename><etc>/dm/</filename> unless GDM is configured to use
a different directory via the "--with-dmconfdir" option.
</para>
<para lang="en">
A session can be disabled by editing the desktop file and adding a line
as follows: <filename>Hidden=true</filename>.
</para>
<para lang="en">
GDM desktop files support a GDM-specific extension, a key named
"X-GDM-BypassXsession". If the key is not specified in a
desktop file, the value defaults to "false". If this key is
specified to be "true" in a desktop file, then GDM will
launch the program specified by the desktop file "Exec" key
directly when starting the user session. It will not run the program
via the <filename><etc>/gdm/Xsession</filename> script, which is
the normal behavior. Since bypassing the
<filename><etc>/gdm/Xsession</filename> script avoids setting up
the user session with the normal system and user settings, sessions
started this way can be useful for debugging problems in the system or
user scripts that might be preventing a user from being able to start
a session.
</para>
</sect2>
<sect2 id="userconfig">
<title>Sesión de usuario de GDM e preferencias de idioma</title>
<para lang="en">
The user's default session and language choices are stored in the
<filename>~/.dmrc</filename> file. When a user logs in for the first
time, this file is created with the user's initial choices. The user
can change these default values by simply changing to a different value
when logging in. GDM will remember this change for subsequent logins.
</para>
<para lang="en">
The <filename>~/.dmrc</filename> file is in the standard
<filename>INI</filename> format. It has one section called
<filename>[Desktop]</filename> which has two keys:
<filename>Session</filename> and <filename>Language</filename>.
</para>
<para lang="en">
The <filename>Session</filename> key specifies the basename of the
session <filename>.desktop</filename> file that the user wishes to
normally use without the <filename>.desktop</filename> extension.
The <filename>Language</filename> key specifies the language that the
user wishes to use by default. If either of these keys is missing, the
system default is used. The file would normally look as follows:
</para>
<screen>
[Desktop]
Session=gnome
Language=gl_ES.UTF-8
</screen>
</sect2>
</sect1>
<!-- ============= GDM Commands ============================= -->
<sect1 id="binaries">
<title>Ordes de GDM</title>
<sect2 id="sbindir_binaries">
<title>Ordes do administrador de GDM</title>
<para lang="en">
The GDM package provides the following commands in
<filename>sbindir</filename> intended to be run by the root user:
</para>
<sect3 id="gdmcommandline">
<title>Opcións da liña de ordes de <command>gdm</command></title>
<para lang="en">
<command>gdm</command> is the main daemon which sets up
graphical login environment and starts necessary helpers.
</para>
<variablelist>
<title>Opcións da liña de ordes de <command>gdm</command></title>
<varlistentry>
<term>-?, --help</term>
<listitem>
<para>Fornece unha vista rápida das opcións de liña de ordes.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>--fatal-warnings</term>
<listitem>
<para>Facer todos os avisos que GDM saian.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>--timed-exit</term>
<listitem>
<para>Saír despois de 30 segundos. Útil para depuración.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>--version</term>
<listitem>
<para>Imprime a versión do daemon GDM.</para>
</listitem>
</varlistentry>
</variablelist>
</sect3>
<sect3 id="gdmrestartcommandline">
<title>Opcións de liña de ordes de <command>gdm-restart</command></title>
<para lang="en">
<command>gdm-restart</command> stops and restarts GDM by sending
the GDM daemon a HUP signal. This command will immediately terminate
all sessions and log out users currently logged in with GDM.
</para>
</sect3>
<sect3 id="gdmsaferestartcommandline">
<title>Opcións de liña de ordes de <command>gdm-safe-restart</command></title>
<para><command>gdm-safe-restart</command> para e reinicia GDM enviando ao «daemon» GDM un sinal USR1. GDM reiniciarase tan pronto como todos os usuarios saian.</para>
</sect3>
<sect3 id="gdmstopcommandline">
<title>Opcións da liña de ordes de <command>gdm-stop</command></title>
<para><command>gdm-stop</command> para GDM enviando ao «daemon» GDM un sinal TERM.</para>
</sect3>
</sect2>
</sect1>
<!-- ============= Troubleshooting =========================== -->
<sect1 id="troubleshooting">
<title>Resolución de problemas</title>
<!--
<para>
TODO - any other tips we should add? Might be useful to highlight any
common D-Bus configuration issues?
</para>
-->
<para lang="en">
This section discusses helpful tips for getting GDM working. In general,
if you have a problem using GDM, you can submit a bug or send an email
to the gdm-list mailing list. Information about how to do this is in
the Introduction section of the document.
</para>
<para lang="en">
If GDM is failing to work properly, it is always a good idea to include
debug information. To enable debugging, set the debug/Enable key to
"true" in the <filename><etc>/gdm/custom.conf</filename>
file and restart GDM. Then use GDM to the point where it fails, and
debug output will be sent to the system log file
(<filename><var>/log/messages</filename> or
<filename><var>/adm/messages</filename> depending on your Operating
System). If you share this output with the GDM community via a bug
report or email, please only include the GDM related debug information
and not the entire file since it can be large. If you do not see any
GDM syslog output, you may need to configure syslog (refer to the
<ulink type="help" url="man:syslog">syslog</ulink> man page).
</para>
<sect2 id="wontstart">
<title>GDM non se inicia</title>
<para lang="en">
There are a many problems that can cause GDM to fail to start, but
this section will discuss a few common problems and how to approach
tracking down a problem with GDM starting. Some problems will
cause GDM to respond with an error message or dialog when it tries
to start, but it can be difficult to track down problems when GDM
fails silently.
</para>
<para lang="en">
First make sure that the Xserver is configured properly. The
GDM configuration file contains a command in the [server-Standard]
section that is used for starting the Xserver. Verify that this
command works on your system. Running this command from the
console should start the Xserver. If it fails, then the problem
is likely with your Xserver configuration. Refer to your Xserver
error log for an idea of what the problem may be. The problem may
also be that your Xserver requires different command-line options.
If so, then modify the Xserver command in the GDM configuration file
so that it is correct for your system.
</para>
<para lang="en">
Also make sure that the <filename>/tmp</filename> directory has
reasonable ownership and permissions, and that the machine's file
system is not full. These problems will cause GDM to fail to start.
</para>
</sect2>
</sect1>
<!-- ============= Application License ============================= -->
<sect1 id="license">
<title>Licenza</title>
<para lang="en">
This program is free software; you can redistribute it and/or
modify it under the terms of the <ulink type="help" url="gnome-help:gpl">
<citetitle>GNU General Public License</citetitle></ulink> as
published by the Free Software Foundation;
either version 2 of the License, or (at your option) any later
version.
</para>
<para lang="en">
This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
<citetitle>GNU General Public License</citetitle> for more details.
</para>
<para lang="en">
A copy of the <citetitle>GNU General Public License</citetitle> is
included as an appendix to the <citetitle>GNOME Users
Guide</citetitle>. You may also obtain a copy of the
<citetitle>GNU General Public License</citetitle> from the Free
Software Foundation by visiting
<ulink type="http" url="http://www.fsf.org">their Web site</ulink> or by
writing to
<address lang="en">
Free Software Foundation, Inc.
<street>51 Franklin Street, Fifth Floor</street>
<city>Boston</city>, <state>MA</state> <postcode>02110-1301</postcode>
<country>USA</country>
</address>
</para>
</sect1>
</article>
<!-- Keep this comment at the end of the file
Local variables:
mode: sgml
sgml-omittag:t
sgml-shorttag:t
sgml-minimize-attributes:nil
sgml-always-quote-attributes:t
sgml-indent-step:2
sgml-indent-data:t
sgml-parent-document:nil
sgml-exposed-tags:nil
sgml-local-catalogs:nil
sgml-local-ecat-files:nil
End:
-->
|