You can control GDM behavior during runtime in several different ways.
You can either run certain commands, or you can talk to GDM using either
a unix socket protocol, or a FIFO protocol.
To stop GDM, you can either send the TERM signal to the main daemon or
run the gdm-stop command which is in the
<sbin>/ directory. To restart GDM, you can
either send the HUP signal to the main daemon or run the
gdm-restart command which is also in the
<sbin>/ directory. To restart GDM but only
after all the users have logged out, you can either send the USR1
signal to the main daemon or run the
gdm-safe-restart command which is in the
<sbin>/ directory as well.
The gdmflexiserver command can be used to start
new flexible (on demand) servers. Run
gdmflexiserver --help to get a listing of possible
options. This command will also lock the current screen with
xscreensaver so that the user can safely walk away from the machine and
let someone else log in. XFree86 will automatically switch back to the
same virtual terminal (if your operating system supports it), after the
new session has ended, so this should work quite transparently to the
users.
GDM also provides a FIFO called .gdmfifo in the
ServAuthDir directory
(usually <var>/gdm/.gdmfifo). You must be
root to use this protocol, and it is mostly used for internal GDM
chatter. It is a very simple protocol where you just echo a command on
a single line to this file. It can be used to tell GDM things such as
restart, suspend the machine, or restart all X servers next time it has
a chance (which would be useful from an X configuration program).
Full and up to date documentation of the commands and their use is
contained in the GDM source tree in the file
daemon/gdm.h. Look for the defines starting with
GDM_SOP_. The commands which require the
pid of the slave as an argument are the ones that are really used for
internal communication of the slave with the master and should not be
used.
GDM provides a unix domain socket for communication at
/tmp/.gdm_socket. Using this you can check if
GDM is running, the version of the daemon, the current servers that are
running and who is logged in on them, and if GDM supports it on your
operating system, also the virtual terminals of all the console logins.
You can also request new flexible servers to be run with this protocol,
but this is best done with the
gdmflexiserver command.
gdmflexiserver accepts the following commands with the --command
option:
VERSION
AUTH_LOCAL
FLEXI_XSERVER
FLEXI_XNEST
CONSOLE_SERVERS
ALL_SERVERS
UPDATE_CONFIG
GREETERPIDS
QUERY_LOGOUT_ACTION
SET_LOGOUT_ACTION
SET_SAFE_LOGOUT_ACTION
QUERY_VT
SET_VT
CLOSE
|
These are described in detail below, including required arguments,
response format, and return codes.
VERSION: Query version
Supported since: 2.2.4.0
Arguments: None
Answers:
GDM <gdm version>
ERROR <err number> <english error description>
200 = Too many messages
999 = Unknown error
|
AUTH_LOCAL: Setup this connection as authenticated for
FLEXI_SERVER Because all full blown (non-Xnest)
servers can be started only from users logged in
locally, and here gdm assumes only users logged
in from gdm. They must pass the xauth
MIT-MAGIC-COOKIE-1 that they were passed before
the connection is authenticated.
Note: The AUTH LOCAL command requires the
--authenticate option, although only
FLEXI XSERVER uses this currently.
Supported since: 2.2.4.0
Arguments: <xauth cookie>
<xauth cookie> is in hex form with no 0x prefix
Answers:
OK
ERROR <err number> <english error description>
0 = Not implemented
100 = Not authenticated
200 = Too many messages
999 = Unknown error
|
FLEXI_XSERVER: Start a new X flexible server
Only supported on connection that passed AUTH_LOCAL
Supported since: 2.2.4.0
Arguments: <xserver type>
If no arguments, starts the standard x server
Answers:
OK <display>
ERROR <err number> <english error description>
0 = Not implemented
1 = No more flexi servers
2 = Startup errors
3 = X failed
4 = X too busy
6 = No server binary
100 = Not authenticated
200 = Too many messages
999 = Unknown error
|
FLEXI_XNEXT: Start a new flexible Xnest server
Note: Supported an older version from 2.2.4.0, later
2.2.4.2, but since 2.3.90.4 you must supply 4
arguments or ERROR 100 will be returned. This
will start Xnest using the XAUTHORITY file
supplied and as the uid same as the owner of
that file (and same as you supply). You must
also supply the cookie as the third argument
for this display, to prove that you indeed are
this user. Also this file must be readable
ONLY by this user, that is have a mode of 0600.
If this all is not met, ERROR 100 is returned.
Note: The cookie should be the MIT-MAGIC-COOKIE-1,
the first one gdm can find in the XAUTHORITY
file for this display. If that's not what you
use you should generate one first. The cookie
should be in hex form.
Supported since: 2.3.90.4
Arguments: <display to run on> <uid of requesting user>
<xauth cookie for the display> <xauth file>
Answers:
OK <display>
ERROR <err number> <english error description>
0 = Not implemented
1 = No more flexi servers
2 = Startup errors
3 = X failed
4 = X too busy
5 = Xnest can't connect
6 = No server binary
100 = Not authenticated
200 = Too many messages
999 = Unknown error
|
CONSOLE_SERVERS: List all console servers, useful for linux
mostly. Doesn't list xdmcp and xnest
non-console servers
Supported since: 2.2.4.0
Arguments: None
Answers:
OK <server>;<server>;...
<server> is <display>,<logged in user>,<vt or xnest display>
<logged in user> can be empty in case no one logged
in yet, and <vt> can be -1 if it's not known or not
supported (on non-linux for example). If the display is an
xnest display and is a console one (that is, it is an xnest
inside another console display) it is listed and instead of
vt, it lists the parent display in standard form.
ERROR <err number> <english error description>
1 = Not implemented
200 = Too many messages
999 = Unknown error
|
ALL_SERVERS: List all servers, including console, remote, xnest.
This can, for example, be useful to figure out if
the server you are on is managed by the gdm daemon,
by seeing if it is in the list. It is also somewhat
like the 'w' command but for graphical sessions.
Supported since: 2.4.2.96
Arguments: None
Answers:
OK <server>;<server>;...
<server> is <display>,<logged in user>
<logged in user> can be empty in case no one logged in yet
ERROR <err number> <english error description>
0 = Not implemented
200 = Too many messages
999 = Unknown error
|
UPDATE_CONFIG: Tell the daemon to update config of some key.
Any user can really request that values are
re-read but the daemon caches the last date
of the config file so a user can't actually
change any values unless they can write the
config file.
Supported keys:
security/AllowRoot (2.3.90.2)
security/AllowRemoteRoot (2.3.90.2)
security/AllowRemoteAutoLogin (2.3.90.2)
security/RetryDelay (2.3.90.2)
security/DisallowTCP (2.4.2.0)
daemon/Greeter (2.3.90.2)
daemon/RemoteGreeter (2.3.90.2)
xdmcp/Enable (2.3.90.2)
xdmcp/Port (2.3.90.2)
xdmcp/PARAMETERS (2.3.90.2) (pseudokey, all the parameters)
xdmcp/MaxPending
xdmcp/MaxSessions
xdmcp/MaxWait
xdmcp/DisplaysPerHost
xdmcp/HonorIndirect
xdmcp/MaxPendingIndirect
xdmcp/MaxWaitIndirect
xdmcp/PingIntervalSeconds (only affects new connections)
daemon/TimedLogin (2.3.90.3)
daemon/TimedLoginEnable (2.3.90.3)
daemon/TimedLoginDelay (2.3.90.3)
greeter/SystemMenu (2.3.90.3)
greeter/ConfigAvailable (2.3.90.3)
greeter/ChooserButton (2.4.2.0)
greeter/SoundOnLoginFile (2.5.90.0)
daemon/AddGtkModules (2.5.90.0)
daemon/GtkModulesList (2.5.90.0)
Supported since: 2.3.90.2
Arguments: <key>
<key> is just the base part of the key such as
"security/AllowRemoteRoot"
Answers:
OK
ERROR <err number> <english error description>
0 = Not implemented
50 = Unsupported key
200 = Too many messages
999 = Unknown error
|
GREETERPIDS: List all greeter pids so that one can send HUP
to them for config rereading. Of course one
must be root to do that.
Supported since: 2.3.90.2
Arguments: None
Answers:
OK <pid>;<pid>;...
ERROR <err number> <english error description>
0 = Not implemented
200 = Too many messages
999 = Unknown error
|
QUERY_LOGOUT_ACTION: Query which logout actions are possible
Only supported on connections that passed AUTH_LOCAL.
Supported since: 2.5.90.0
Answers:
OK <action>;<action>;...
Where action is one of HALT, REBOOT or SUSPEND. An
empty list can also be returned if no action is possible.
A '!' is appended to an action if it was already set with
SET_LOGOUT_ACTION or SET_SAFE_LOGOUT_ACTION. Note that
SET_LOGOUT_ACTION has precedence over
SET_SAFE_LOGOUT_ACTION.
ERROR <err number> <english error description>
0 = Not implemented
100 = Not authenticanted
200 = Too many messages
999 = Unknown error
|
SET_LOGOUT_ACTION: Tell the daemon to halt/reboot/suspend
after slave process exits.
Only supported on connections that passed AUTH_LOCAL.
Supported since: 2.5.90.0
Arguments: <action>
NONE Set exit action to 'none'
HALT Set exit action to 'halt'
REBOOT Set exit action to 'reboot'
SUSPEND Set exit action to 'suspend'
Answers:
OK
ERROR <err number> <english error description>
0 = Not implemented
7 = Unknown logout action, or not available
100 = Not authenticanted
200 = Too many messages
999 = Unknown error
|
SET_SAFE_LOGOUT_ACTION: Tell the daemon to halt/reboot/suspend
after everybody logs out. If only
one person logs out, then this is
obviously the same as the
SET_LOGOUT_ACTION. Note that
SET_LOGOUT_ACTION has precendence over
SET_SAFE_LOGOUT_ACTION if it is set to
something other then NONE. If no one
is logged in, then the action takes
effect immediately.
Only supported on connections that passed AUTH_LOCAL.
Supported since: 2.5.90.0
Arguments: <action>
NONE Set exit action to 'none'
HALT Set exit action to 'halt'
REBOOT Set exit action to 'reboot'
SUSPEND Set exit action to 'suspend'
Answers:
OK
ERROR <err number> <english error description>
0 = Not implemented
7 = Unknown logout action, or not available
100 = Not authenticanted
200 = Too many messages
999 = Unknown error
|
QUERY_VT: Ask the daemon about which VT we are currently on.
This is useful for logins which don't own
/dev/console but are still console logins. Only
supported on Linux currently, other places will
just get ERROR 8. This is also the way to query
if VT support is available in the daemon in the
first place.
Only supported on connections that passed AUTH_LOCAL.
Supported since: 2.5.90.0
Arguments: None
Answers:
OK <vt number>
ERROR <err number> <english error description>
0 = Not implemented
8 = Virtual terminals not supported
100 = Not authenticanted
200 = Too many messages
999 = Unknown error
|
SET_VT: Change to the specified virtual terminal.
This is useful for logins which don't own /dev/console
but are still console logins. Only supported on Linux
currently, other places will just get ERROR 8.
Only supported on connections that passed AUTH_LOCAL.
Supported since: 2.5.90.0
Arguments: <vt>
Answers:
OK
ERROR <err number> <english error description>
0 = Not implemented
8 = Virtual terminals not supported
9 = Invalid virtual terminal number
100 = Not authenticanted
200 = Too many messages
999 = Unknown error
|
CLOSE Answers: None
Supported since: 2.2.4.0
|