X-Git-Url: https://git.tld-linux.org/?p=packages%2Fxrdp.git;a=blobdiff_plain;f=config.patch;h=9a8ff29c59c7c346d0194952b715f910fae723c9;hp=553344cdb740de1114be8a1212ee9d54a6b7a69b;hb=HEAD;hpb=bf524922b592ede951bacfb56ea09c3dca93b462 diff --git a/config.patch b/config.patch index 553344c..02c2704 100644 --- a/config.patch +++ b/config.patch @@ -1,36 +1,44 @@ -diff -ur xrdp-0.9.7.orig/sesman/sesman.ini xrdp-0.9.7/sesman/sesman.ini ---- xrdp-0.9.7.orig/sesman/sesman.ini 2018-06-29 08:18:27.000000000 +0000 -+++ xrdp-0.9.7/sesman/sesman.ini 2018-07-04 18:54:10.174090693 +0000 -@@ -14,11 +14,11 @@ +diff -ur xrdp-0.9.19.orig/sesman/sesman.ini xrdp-0.9.19/sesman/sesman.ini +--- xrdp-0.9.19.orig/sesman/sesman.ini 2022-03-17 07:21:20.000000000 +0100 ++++ xrdp-0.9.19/sesman/sesman.ini 2022-04-01 00:52:52.926266171 +0200 +@@ -12,13 +12,13 @@ + ReconnectScript=reconnectwm.sh + [Security] - AllowRootLogin=true +-AllowRootLogin=true ++AllowRootLogin=false MaxLoginRetry=4 -TerminalServerUsers=tsusers -TerminalServerAdmins=tsadmins -+TerminalServerUsers=users ++TerminalServerUsers=xrdp +TerminalServerAdmins=root ; When AlwaysGroupCheck=false access will be permitted ; if the group TerminalServerUsers is not defined. -AlwaysGroupCheck=false +AlwaysGroupCheck=true - - [Sessions] - ;; X11DisplayOffset - x11 display number offset -@@ -55,10 +55,10 @@ - Policy=Default + ; When RestrictOutboundClipboard=all clipboard from the + ; server is not pushed to the client. + ; In addition, you can control text/file/image transfer restrictions +@@ -80,13 +80,13 @@ [Logging] + ; Note: Log levels can be any of: core, error, warning, info, debug, or trace -LogFile=xrdp-sesman.log --LogLevel=DEBUG +LogFile=/dev/null -+LogLevel=INFO - EnableSyslog=1 --SyslogLevel=DEBUG + LogLevel=INFO + EnableSyslog=true +-#SyslogLevel=INFO +-#EnableConsole=false +-#ConsoleLevel=INFO +-#EnableProcessId=false +SyslogLevel=INFO ++EnableConsole=false ++ConsoleLevel=INFO ++EnableProcessId=false - ; - ; Session definitions - startup command-line parameters for each session type -@@ -81,8 +81,8 @@ + [LoggingPerLogger] + ; Note: per logger configuration is only used if xrdp is built with +@@ -117,8 +117,8 @@ param=-noreset param=-nolisten param=tcp @@ -39,26 +47,41 @@ diff -ur xrdp-0.9.7.orig/sesman/sesman.ini xrdp-0.9.7/sesman/sesman.ini +#param=-logfile +#param=.xorgxrdp.%s.log - [X11rdp] - param=X11rdp -diff -ur xrdp-0.9.7.orig/xrdp/xrdp.ini xrdp-0.9.7/xrdp/xrdp.ini ---- xrdp-0.9.7.orig/xrdp/xrdp.ini 2018-06-29 08:18:27.000000000 +0000 -+++ xrdp-0.9.7/xrdp/xrdp.ini 2018-07-04 18:55:55.985084386 +0000 -@@ -118,10 +118,10 @@ - ls_btn_cancel_height=30 + [Xvnc] + param=Xvnc +diff -ur xrdp-0.9.19.orig/xrdp/xrdp.ini xrdp-0.9.19/xrdp/xrdp.ini +--- xrdp-0.9.19.orig/xrdp/xrdp.ini 2022-03-17 07:16:35.000000000 +0100 ++++ xrdp-0.9.19/xrdp/xrdp.ini 2022-04-01 00:53:37.547367844 +0200 +@@ -5,6 +5,9 @@ + ; fork a new process for each incoming connection + fork=true + ++; IP address to listen ++#address=127.0.0.1 ++ + ; ports to listen on, number alone means listen on all interfaces + ; 0.0.0.0 or :: if ipv6 is configured + ; space between multiple occurrences +@@ -178,13 +181,13 @@ [Logging] + ; Note: Log levels can be any of: core, error, warning, info, debug, or trace -LogFile=xrdp.log --LogLevel=DEBUG +LogFile=/dev/null -+LogLevel=INFO + LogLevel=INFO EnableSyslog=true --SyslogLevel=DEBUG +-#SyslogLevel=INFO +-#EnableConsole=false +-#ConsoleLevel=INFO +-#EnableProcessId=false +SyslogLevel=INFO - ; LogLevel and SysLogLevel could by any of: core, error, warning, info or debug ++EnableConsole=false ++ConsoleLevel=INFO ++EnableProcessId=false - [Channels] -@@ -153,24 +153,24 @@ + [LoggingPerLogger] + ; Note: per logger configuration is only used if xrdp is built with +@@ -218,14 +221,15 @@ ; Some session types such as Xorg, X11rdp and Xvnc start a display server. ; Startup command-line parameters for the display server are configured ; in sesman.ini. See and configure also sesman.ini. @@ -70,16 +93,7 @@ diff -ur xrdp-0.9.7.orig/xrdp/xrdp.ini xrdp-0.9.7/xrdp/xrdp.ini -ip=127.0.0.1 -port=-1 -code=20 -- --[X11rdp] --name=X11rdp --lib=libxup.so --username=ask --password=ask --ip=127.0.0.1 --port=-1 --xserverbpp=24 --code=10 ++ +#[Xorg] +#name=Xorg +#lib=libxup.so @@ -88,39 +102,13 @@ diff -ur xrdp-0.9.7.orig/xrdp/xrdp.ini xrdp-0.9.7/xrdp/xrdp.ini +#ip=127.0.0.1 +#port=-1 +#code=20 -+ -+#[X11rdp] -+#name=X11rdp -+#lib=libxup.so -+#username=ask -+#password=ask -+#ip=127.0.0.1 -+#port=-1 -+#xserverbpp=24 -+#code=10 [Xvnc] name=Xvnc -@@ -182,43 +182,43 @@ - #xserverbpp=24 - #delay_ms=2000 - --[console] --name=console --lib=libvnc.so --ip=127.0.0.1 --port=5900 --username=na --password=ask -+#[console] -+#name=console -+#lib=libvnc.so -+#ip=127.0.0.1 -+#port=5900 -+#username=na -+#password=ask - #delay_ms=2000 - +@@ -247,13 +251,13 @@ + ; Generic VNC Proxy + ; Tailor this to specific hosts and VNC instances by specifying an ip + ; and port and setting a suitable name. -[vnc-any] -name=vnc-any -lib=libvnc.so @@ -138,38 +126,26 @@ diff -ur xrdp-0.9.7.orig/xrdp/xrdp.ini xrdp-0.9.7/xrdp/xrdp.ini #pamusername=asksame #pampassword=asksame #pamsessionmng=127.0.0.1 - #delay_ms=2000 - --[sesman-any] --name=sesman-any --lib=libvnc.so --ip=ask --port=-1 --username=ask --password=ask -+#[sesman-any] -+#name=sesman-any -+#lib=libvnc.so -+#ip=ask -+#port=-1 -+#username=ask -+#password=ask - #delay_ms=2000 - +@@ -262,15 +266,15 @@ + ; Generic RDP proxy using NeutrinoRDP + ; Tailor this to specific hosts by specifying an ip and port and setting + ; a suitable name. -[neutrinordp-any] -name=neutrinordp-any ++#[neutrinordp-any] ++#name=neutrinordp-any + ; To use this section, you should build xrdp with configure option + ; --enable-neutrinordp. -lib=libxrdpneutrinordp.so -ip=ask -port=ask3389 -username=ask -password=ask -+#[neutrinordp-any] -+#name=neutrinordp-any +#lib=libxrdpneutrinordp.so +#ip=ask +#port=ask3389 +#username=ask +#password=ask - - ; You can override the common channel settings for each session type - #channel.rdpdr=true + ; Uncomment the following lines to enable PAM authentication for proxy + ; connections. + #pamusername=ask