Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ vuelogin(1X) — sys5 — Apollo Domain/OS SR10.4.1

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

connect(2)

login(1)

getty(1M)

sh(1)

stty(1)

tset(1)

VUELOGIN(1X)

X(1)

xinit(1M)

xrdb(1)



VUELOGIN(1X)        UNIX Programmer's Manual         VUELOGIN(1X)



NAME
     vuelogin - The HP VUE Login Manager.


SYNOPSIS
     vuelogin [-config configuration_file] [-daemon] [-debug
     debug_level] [-error error_log_file] [-nodaemon] [-resources
     resource_file] [-server server_entry] [-session
     session_program]


DESCRIPTION
     Vuelogin manages a collection of X displays, both local and
     possibly remote.  The emergence of X terminals guided the
     design of several parts of this system, along with the
     development of the X Consortium standard XDMCP ( X Display
     Manager Control Protocol).  Vuelogin provides services simi-
     lar to those provided by init(1M), getty(1M) and login(1) on
     character terminals:  prompting for login and password,
     authenticating the user, and running a ``session.''

     A ``session'' is defined by the lifetime of a particular
     process; in the traditional character-based terminal world,
     it is the user's login shell process.  In the HP VUE con-
     text, it is the HP VUE Session Manager.  This is because in
     a windowing environment, a user's login shell process does
     not necessarily have any terminal-like interface with which
     to connect.

     If the HP VUE Session Manager is not used, the typical
     vuelogin substitute is either a window manager with an exit
     option, or a terminal emulator running a shell, where the
     lifetime of the terminal emulator is the lifetime of the
     shell process that it is running; thus reducing the X ses-
     sion to an emulation of the character-based terminal ses-
     sion.

     When the session is terminated, vuelogin resets the X server
     and (optionally) restarts the whole process.

     Because vuelogin provides the first interface that users
     see, it is designed to be simple to use and easy to custom-
     ize to the needs of a particular site.

OPTIONS
     All options, except -config, specify values that can also be
     specified in the configuration file as resources.  Typi-
     cally, customization is done via the configuration file
     rather than command line options.  The options are most use-
     ful for debugging and one-shot tests.

     -config configuration_file



HP VUE 3.0 (6/92)                                               1





VUELOGIN(1X)        UNIX Programmer's Manual         VUELOGIN(1X)



          Specifies a resource file that specifies the remaining
          configuration parameters.  If no file is specified and
          the file /usr/vue/config/Xconfig exists, vuelogin uses
          it.

     -daemon
          Specifies ``true'' as the value for the daemonMode
          resource.  This makes vuelogin close all file descrip-
          tors, disassociate the controlling terminal and put
          itself in the background when it first starts up (just
          like the host of other daemons).

     -debug debug_level
          Specifies the numeric value for the debugLevel
          resource.  A non-zero value causes vuelogin to print
          debugging statements to the terminal; it also disables
          the daemonMode resource, forcing vuelogin to run syn-
          chronously.

     -error error_log_file
          Specifies the value for the errorLogFile resource.
          This file contains errors from vuelogin as well as any-
          thing written to stderr by the various scripts and pro-
          grams run during the progress of the session.

     -nodaemon
          Specifies ``false'' as the value for the daemonMode
          resource.

     -resources resource_file
          Specifies the value for the resources resource.  This
          file is loaded using xrdb (1) to specify configuration
          parameters for the authentication screen.

     -server server_entry
          Specifies the value for the servers resource.  See
          servers below for more detail.

     -udpPort port_number
          Specifies the value for the requestPort resource.  This
          sets the port-number that vuelogin monitors for XDMCP
          requests.  Since XDMCP uses the registered well-known
          udp port 177, this resource should probably not be
          changed except for debugging.

     -session session_program
          Specifies the value for the session resource.  This
          indicates the program to run when the user has logged
          in as the session.






HP VUE 3.0 (6/92)                                               2





VUELOGIN(1X)        UNIX Programmer's Manual         VUELOGIN(1X)



CONTROLLING THE SERVER
     Vuelogin controls local servers using POSIX signals.  SIGHUP
     is expected to reset the server, closing all client connec-
     tions and performing other clean up duties.  SIGTERM is
     expected to terminate the server.  If these signals do not
     perform the expected actions, the resources resetSignal and
     termSignal can specify alternate signals.

     To control remote servers not using XDMCP, vuelogin searches
     the window hierarchy on the display and uses the KillClient
     protocol request in an attempt to clean up the terminal for
     the next session.  This may not actually kill all of the
     clients, since only those that have created windows are
     noticed.  XDMCP provides a more sure mechanism; when vuelo-
     gin closes its initial connection, the session is over and
     the terminal is required to close all other connections.


CONTROLLING VUELOGIN
     Vuelogin responds to two signals: SIGHUP and SIGTERM.  When
     sent a SIGHUP, vuelogin rereads the configuration file and
     the file specified by the servers resource and determines
     whether entries have been added or removed.  If a new entry
     has been added, vuelogin starts a session on the associated
     display.  Entries that have been removed are disabled
     immediately, meaning that any session in progress is ter-
     minated without notice, and no new session is started.

     When sent a SIGTERM, vuelogin terminates all sessions in
     progress and exits.  This can be used when shutting down the
     system.


ENVIRONMENT
     Vuelogin invokes the user's session with the following
     default environment:

          DISPLAY        is set to the associated display name
          EDITOR         is set to /usr/vue/bin/vuepad
          HOME           is set to the home directory of the user
          KBD_LANG       is set to the value of LANG for applicable languages
          LANG           is set to the current NLS language (if any)
          LC_ALL         is set to the current NLS language (if any)
          LC_MESSAGES    is set to the current NLS language (if any)
          LOGNAME        is set to the user name
          MAIL           is set to /usr/mail/$USER
          PATH           is set to the value of the userPath resource
          USER           is set to the user name
          SHELL          is set to the user's default shell (from /etc/passwd)
          TERM           is set to xterm
          TZ             is set to the value of the timeZone resource or system default
          XAUTHORITY     may be set to an authority file



HP VUE 3.0 (6/92)                                               3





VUELOGIN(1X)        UNIX Programmer's Manual         VUELOGIN(1X)



     Three methods are available to modify or add to this list
     depending on the desired scope of the resulting environment
     variable.

     The environment resource is available in the vuelogin confi-
     guration file to allow setting of environment variables on a
     global or per-display basis.  Variables specified by this
     method are available to both the display's X server process
     and the user's session and override any default settings.
     The resource accepts a string of <name>=<value> pairs
     separated by at least one space or tab. The values specified
     must be constants because no shell is used to parse the
     string.  See the Resources section below for details on set-
     ting this resource.

     For example:

          Vuelogin*environment:SB_DISPLAY_ADDR=0xB00000 \
                               WMSHMSPC=0x200000

     Note: The environment variables LANG and TZ have their own
     dedicated resources in the configuration file and should not
     be set via environment.

     Environment variables that require processing by a shell or
     are dependent on the value of another environment variable
     can be specified in the startup script Xsession. These vari-
     ables are loaded into the environment of all users on the
     display, but not to the X server process.  They override any
     previous settings of the same variable.  The Xsession script
     accepts ksh syntax for setting environment variables.

     For example.

          MAIL=/usr/mail/$USER

     Finally, personal environment variables can be set on a
     per-user basis in the script file $HOME/.vueprofile.  Vuelo-
     gin accepts either sh, ksh, or csh syntax for the commands
     in this file.  The commands should only be those that set
     environment variables, not any that perform terminal I/O,
     excepting tset(1) or stty(1).  If the first line of .vuepro-
     file is #!/bin/sh, #!/bin/ksh, or #!/bin/csh, vuelogin uses
     the appropriate shell to parse .vueprofile.  Otherwise, the
     user's default shell ($SHELL) is used.


INTERNATIONALIZATION
     All labels and messages are localizable. The message catalog
     vuelogin.cat contains the localized representations of the
     default labels and messages. Vuelogin reads the appropriate
     message catalog indicated by the LANG environment variable



HP VUE 3.0 (6/92)                                               4





VUELOGIN(1X)        UNIX Programmer's Manual         VUELOGIN(1X)



     and displays the localized strings.  An option on the
     authentication screen allows the user to override the
     default language for the subsequent session.  If the authen-
     tication screen has been localized for the selected
     language, it is redisplayed in that language; otherwise, it
     is displayed in the default language.  In either case, the
     LANG environment variable is set appropriately for the
     resulting session.

     The resource language is available in the vuelogin confi-
     guration file to change the default language for a display.

     The resource languagelist is also available in the vuelogin
     configuration file to override the default set of languages
     displayed on the authentication screen.


RESOURCES
     The actions of vuelogin can be controlled through the use of
     various configuration files, which are in the X resource
     format.  Some resources control the behavior of vuelogin in
     general, some can be specified for a particular display, and
     others control the appearance of the authentication screen.
     The general and display-specific resources are specified in
     the configuration file named by the -config command line
     option.  All resources should be prepended with the applica-
     tion name Vuelogin.

                         Vuelogin General Resource Set
Name               Class              Type      Default
________________________________________________________________________________
accessFile         AccessFile         String    NULL
autoRescan         AutoRescan         Boolean   True
daemonMode         DaemonMode         Boolean   False
debugLevel         DebugLevel         Int       0
errorLogFile       ErrorLogFile       String    NULL
errorLogSize       ErrorLogSize       Int       50
fontPathHead       FontPathHead       String    NULL
fontPathTail       FontPathTail       String    NULL
keyFile            KeyFile            String    /usr/vue/config/Xkeys
lockPidFile        LockPidFile        Boolean   True
pidFile            PidFile            String    NULL
authDir            AuthDir            String    /usr/vue/config
removeDomainname   RemoveDomainname   Boolean   True
requestPort        RequestPort        Int       177
servers            Servers            String    :0 Local local /usr/bin/X11/X :0
sysParmsFile       SysParmsFile       String    /etc/src.sh
timeZone           TimeZone           String    MST7MDT
wakeupInterval     WakeupInterval     Int       10

     The vuelogin general resources are not display-specific and
     are applied to all displays where appropriate.



HP VUE 3.0 (6/92)                                               5





VUELOGIN(1X)        UNIX Programmer's Manual         VUELOGIN(1X)



     accessFile
          To prevent unauthorized XDMCP service this file con-
          tains a database of hostnames which are allowed direct
          access to this machine.  The format of this file is
          described in the section Xdmcp Access Control.

     authDir
          This is a directory name that vuelogin uses to tem-
          porarily store authorization files for displays using
          XDMCP.

     autoRescan
          This boolean controls whether vuelogin rescans the con-
          figuration file and server file after a session ter-
          minates and the files have changed. You can force
          vuelogin to reread these files by sending a SIGHUP to
          the main process.

     daemonMode
          Vuelogin can make itself into an unassociated daemon
          process.  This is accomplished by forking and leaving
          the parent process to exit, then closing file descrip-
          tors and releasing the controlling terminal.  This is
          inconvenient when attempting to debug vuelogin. Setting
          this resource to "false" disables daemonMode.

          If vuelogin is started from /etc/inittab, it should not
          be run in daemon mode.  Otherwise the init process will
          think it has terminated and will attempt to restart it.

     debugLevel
          A non-zero value specified for this integer resource
          enables debugging information to be printed.  It also
          disables daemon mode, which redirects the information
          into the bit-bucket.  Specifying a non-zero debug level
          also allows non-root users to run vuelogin, which is
          not normally useful.

     errorLogFile
          Error output is normally directed at the system con-
          sole.  To redirect it, set this resource to any file
          name. This file also contains any output directed to
          stderr by Xstartup, Xsession and Xreset, so it contains
          descriptions of problems in those scripts as well.

     errorLogSize
          This resource specifies the maximum size of the error
          log file in kilobytes.  When the limit is reached,
          vuelogin will delete the oldest entries in the file
          until the file size is reduced to 75% of the maximum.

     fontPathHead



HP VUE 3.0 (6/92)                                               6





VUELOGIN(1X)        UNIX Programmer's Manual         VUELOGIN(1X)



          This resource defines additional font path elements to
          be prepended to the X server's default font path at the
          time the X server is invoked.  You can alternatively
          define this string via an exported FONT_PATH_HEAD
          environment variable in /etc/src.sh.

     fontPathTail
          This resource defines additional font path elements to
          be appended to the X server's default font path at the
          time the X server is invoked.  You can alternatively
          define this string via an exported FONT_PATH_TAIL
          environment variable in /etc/src.sh.

     keyFile
          XDM-AUTHENTICATION-1 style XDMCP authentication
          requires that a private key be shared between vuelogin
          and the terminal.  This resource specifies the file
          containing those values.  Each entry in the file con-
          sists of a display name and the shared key.  By
          default, vuelogin does not include support for XDM-
          AUTHENTICATION-1 because it requires DES, which is not
          generally distributable.

     lockPidFile
          This is the resource that controls whether vuelogin
          uses file locking to prevent multiple logins.

     pidFile
          The filename specified is created to contain an ASCII
          representation of the process-id of the main vuelogin
          process.  This is quite useful when reinitializing the
          system.  Vuelogin also uses file locking to attempt to
          prevent more than one daemon running on the same
          machine.

     removeDomainname
          When computing the display name for XDMCP clients, the
          resolver typically creates a fully qualified host name
          for the terminal.  As this is sometimes confusing,
          vuelogin removes the domain name portion of the host
          name if it is the same as the domain name for the local
          host when this variable is set.

     requestPort
          This indicates the UDP port number that vuelogin uses
          to listen for incoming XDMCP requests.  Unless you need
          to debug the system, leave this with its default value.

     servers
          This resource either specifies a file name full of
          server entries, one per line (if the value starts with
          a slash), or a single server entry.  Each entry



HP VUE 3.0 (6/92)                                               7





VUELOGIN(1X)        UNIX Programmer's Manual         VUELOGIN(1X)



          indicates a display that should constantly be managed
          and that is not using XDMCP.  Each entry consists of at
          least three parts:  a display name, a display class, a
          display type, and (for local servers) a command line to
          start the server.  A typical entry for local display
          number 0 is:

            :0 Local local@console /usr/bin/X11/X :0

          The display types are:

          locala local display, i.e. one that has a server program to run
          foreigna remote display, i.e. one that has no server program to run


          The display name must be something that can be passed
          in the -display option to any X program.  This string
          is used in the display-specific resources to specify
          the particular display, so be careful to match the
          names (e.g., use ":0 local /usr/bin/X11/X :0" instead
          of "localhost:0 local /usr/bin/X11/X :0" if your other
          resources are specified as "Vuelogin._0.session").  The
          display class portion is also used in the display-
          specific resources as the class portion of the
          resource.  This is useful if you have a large collec-
          tion of similar displays (a group of X terminals, for
          example) and want to set resources for groups of them.
          When using XDMCP, the display is required to specify
          the display class, so perhaps your X terminal documen-
          tation describes a reasonably standard display class
          string for your device.

          On local bitmaps, the user may choose a "No Windows"
          option via the login screen, which temporarily suspends
          the X-server and presents the traditional character
          "login:" prompt.  The user can then log in and perform
          non-X related tasks.  When the user finishes and logs
          out, the X-server is restarted, and the login screen is
          redisplayed.

          In order to support "No Windows" mode, the display must
          have an associated Internal Terminal Emulator (ITE)
          device.  By default, vuelogin associates the ITE device
          "console" (/dev/console) with display ":0".  If your
          configuration does not match this default, specify
          "@<device>" for the display(s) with an associated ITE
          and "@none" for all other displays listed in the
          servers file.

          Arguments in the command line portion of the entry may
          be environment variables (usually defined and exported
          in /etc/src.sh or /etc/vuerc).  If used, they must be



HP VUE 3.0 (6/92)                                               8





VUELOGIN(1X)        UNIX Programmer's Manual         VUELOGIN(1X)



          of the simple form $variable, and must represent entire
          command arguments.  Variables embedded in strings or
          enclosed in braces are not allowed.

          If font path modifications have been specified (via
          fontPathHead and fontPathTail resources, or via
          FONT_PATH_HEAD and FONT_PATH_TAIL environment variables
          in /etc/src.sh), the modifications will be applied to
          the X server's font path each time just before the
          greet screen appears.

     sysParmsFile
          This resource specifies a file containing shell com-
          mands, one of which sets the timezone environment vari-
          able (TZ) for the system.  If the timezone is set via
          the shell syntax, "TZ=", vuelogin can use this informa-
          tion to set the timezone for the user session.  In a
          similar fashion, the file may also set FONT_PATH_HEAD
          and FONT_PATH_TAIL variables.

     timeZone
          This resource specifies the local time zone for vuelo-
          gin.  It is loaded into the environment of vuelogin as
          the value of the variable TZ and inherited by all sub-
          sequent sessions.

          Some systems maintain a configuration file that con-
          tains the timezone setting (ex. /etc/src.sh).  See the
          resource sysParmsFile.

     wakeupInterval
          If the user selects "No Windows" mode from the login
          screen, vuelogin terminates the X-server and allows the
          traditional character-based login prompt, "login:" to
          become visible.  If the user does not log in within 2 *
          wakeupInterval seconds, the X-server is restarted.
          Once the user has logged in, vuelogin checks every
          wakeupInterval seconds to see if the user has logged
          out.  If so, the X-server is restarted and the login
          screen is redisplayed.


                                     Vuelogin Display Resource Set
Name              Class             Type      Default
________________________________________________________________________________________________________
authorize         Authorize         Boolean   False
authName          AuthName          String    MIT-MAGIC-COOKIE-1
authFile          AuthFile          String    /usr/vue/config/auth-server
cpp               Cpp               String    /lib/cpp
environment       Environment       String    NULL
failsafeClient    FailsafeClient    String    /usr/bin/X11/xterm
grabServer        GrabServer        Boolean   True



HP VUE 3.0 (6/92)                                               9





VUELOGIN(1X)        UNIX Programmer's Manual         VUELOGIN(1X)



grabTimeout       GrabTimeout       Int       3 sec.
language          Language          String    NULL
languageList      LanguageList      String    NULL
openDelay         OpenDelay         Int       5 sec.
openRepeat        OpenRepeat        Int       5 sec.
openTimeout       OpenTimeout       Int       30 sec.
pingInterval      PingInterval      Int       5 min.
pingTimeout       PingTimeout       Int       5 min.
reset             Reset             String    NULL
resetForAuth      ResetForAuth      Boolean   False
resetSignal       Signal            Int       1 (SIGHUP)
resources         Resources         String    NULL
session           Session           String    NULL
startAttempts     StartAttempts     Int       4
startup           Startup           String    NULL
systemPath        SystemPath        String    /usr/bin/X11:/bin:/usr/bin:/etc
systemShell       SystemShell       String    /bin/sh
terminateServer   TerminateServer   Boolean   False
termSignal        Signal            Int       15 (SIGTERM)
userAuthDir       UserAuthDir       String    /tmp
userPath          UserPath          String    /usr/bin/X11:/bin:/usr/bin:/usr/contrib/bin:/usr/local/bin
vuelite           Vuelite           Boolean   False
xrdb              Xrdb              String    /usr/bin/X11/xrdb


     Vuelogin display resources can be specified for all displays
     or for a particular display.  To specify a particular
     display, the display name is inserted into the resource name
     between ``Vuelogin'' and the final resource name segment.
     For example, Vuelogin.expo_0.startup is the name of the
     resource defining the startup shell file on the ``expo:0''
     display.  The resource manager separates the name of the
     resource from its value with colons, and separates resource
     name parts with dots, so vuelogin uses underscores for the
     dots and colons when generating the resource name.

     Resources can also be specified for a class of displays by
     inserting the class name instead of a display name.  A
     display that is not managed by XDMCP can have its class
     affiliation specified in the file referenced by the servers
     resource.  A display using XDMCP supplies its class affilia-
     tion as part of the XDMCP packet.



     authorize
          authorize is a boolean resource that controls whether
          vuelogin generates and uses authorization for the
          server connections.  (See authName.)

     authName
          If authorize is used, authName specifies the type of



HP VUE 3.0 (6/92)                                              10





VUELOGIN(1X)        UNIX Programmer's Manual         VUELOGIN(1X)



          authorization to be used.  Currently, vuelogin supports
          only MIT-MAGIC-COOKIE-1 authorization, XDM-
          AUTHORIZATION-1 could be supported, but DES is not gen-
          erally distributable.  XDMCP connections state which
          authorization types are supported dynamically, so auth-
          Name is ignored in this case. (See authorize.)

     authFile
          This file is used to communicate the authorization data
          from vuelogin to the server, using the -auth server
          command line option.  It should be kept in a write-
          protected directory to prevent its erasure, which would
          disable the authorization mechanism in the server.

     cpp  This specifies the name of the C preprocessor that is
          used by xrdb.

     environment
          This resource can contain a set of <name>=<value> pairs
          separated by a space or tab.  Each item is loaded into
          the environment of the server and session.  See the
          Environment section for details.

     failsafeClient
          If the default session fails to execute, vuelogin falls
          back to this program.  This program is executed with no
          arguments, but executes using the same environment
          variables as the session would have had.  (See The
          Xsession File below.)

     grabServer (See grabTimeout.)

     grabTimeout
          To improve security, vuelogin grabs the server and key-
          board while reading the name and password.  The grab-
          Server resource specifies if the server should be held
          while the name and password is read.  When FALSE, the
          server is ungrabbed after the keyboard grab succeeds;
          otherwise, the server is grabbed until just before the
          session begins.  The grabTimeout resource specifies the
          maximum time vuelogin will wait for the grab to
          succeed.  The grab may fail if some other client has
          the server grabbed, or possibly if the network laten-
          cies are very high.   The grabTimeout resource has a
          default of 3 seconds; be cautious when using this
          resource, since a user can be deceived by a look-alike
          window on the display.  If the grab fails, vuelogin
          kills and restarts the server (if possible) and ses-
          sion.

          Some X-terminals cannot display their configuration
          screens while the server is grabbed. Setting grabServer



HP VUE 3.0 (6/92)                                              11





VUELOGIN(1X)        UNIX Programmer's Manual         VUELOGIN(1X)



          to false will allow the screens to be displayed, but
          opens the possibility that a user's login name can be
          stolen by copying the contents of the login screen.
          Since the keyboard is still grabbed and the password is
          not echoed, the password cannot be stolen.

     language
          This resource specifies the default setting for the
          LANG environment variable.  If the vuelogin screen is
          localized for that language, it is displayed appropri-
          ately; otherwise, it is displayed in the language "C".
          The user may temporarily override this setting via an
          option on the login screen.  When the subsequent ses-
          sion terminates, the LANG variable reverts to this set-
          ting.

     languageList
          This resource allows the user to override the default
          set of languages displayed in the "Language" menu of
          the login screen.  It is useful if the set of languages
          actually used on a particular display is smaller than
          the set installed on the system.  The resource value is
          a list of valid values for the LANG environment vari-
          able.  Language values should be separated by one or
          more spaces or tabs.

     openDelay  (See startAttempts.)

     openRepeat  (See startAttempts.)

     openTimeout  (See startAttempts.)

     pingInterval (See pingTimeout.)

     pingTimeout
          To discover when remote displays disappear, vuelogin
          occasionally "pings" them, using an X connection and
          sending XSync requests.  pingInterval specifies the
          time (in minutes) between successive ping attempts, and
          pingTimeout specifies the maximum wait time (in
          minutes) for the terminal to respond to the request.
          If the terminal does not respond, the session is ter-
          minated.  Vuelogin does not ping local displays.
          Although it may seem harmless, it is undesirable when
          the workstation session is terminated as a result of
          the server hanging for NFS service and not responding
          to the ping.

     reset
          This specifies a program that is run (as root) after
          the session terminates.  By default no program is run.
          The conventional name is Xreset.  See The Xreset File



HP VUE 3.0 (6/92)                                              12





VUELOGIN(1X)        UNIX Programmer's Manual         VUELOGIN(1X)



          below.

     resetForAuth
          The original implementation of authorization in the
          sample server reread the authorization file at server
          reset time, instead of when checking the initial con-
          nection.  Since vuelogin generates the authorization
          information just before connecting to the display, an
          old server does not get current authorization informa-
          tion.  This resource causes vuelogin to send SIGHUP to
          the server after setting up the file, causing an addi-
          tional server reset to occur, during which time the new
          authorization information is read.

     resetSignal
          This resource specifies the signal vuelogin sends to
          reset the server.  See the section Controlling The
          Server

     resources
          This resource specifies the name of the file to be
          loaded by xrdb (1) as the resource data-base onto the
          root window of screen 0 of the display.  This resource
          data base is loaded just before the authentication pro-
          cedure is started, so it can control the appearance of
          the "login" window.  See the section below on the
          authentication screen, which describes the various
          resources that are appropriate to place in this file.
          There is no default value for this resource, but the
          conventional name is Xresources.  See Authentication
          Screen Resources below.

     session
          This specifies the session to be executed (not running
          as root).  By default, /usr/bin/X11/xterm is run.  The
          conventional name is Xsession.  See The Xsession File
          below.

     startAttempts
          Four numeric resources control the behavior of vuelogin
          when attempting to open reluctant servers:  openDelay,
          openRepeat, openTimeout, and startAttempts.  openDelay
          is the duration (in seconds) between successive
          attempts; openRepeat is the number of attempts to make;
          openTimeout is the amount of time to wait while actu-
          ally attempting the opening (i.e., the maximum time
          spent in the connect (2) syscall); and startAttempts is
          the number of times the entire process occurs before
          giving up on the server.  After openRepeat attempts
          have been made, or if openTimeout seconds elapse in any
          particular attempt, vuelogin terminates and restarts
          the server, attempting to connect again.  This process



HP VUE 3.0 (6/92)                                              13





VUELOGIN(1X)        UNIX Programmer's Manual         VUELOGIN(1X)



          is repeated startAttempts time, at which point the
          display is declared dead and disabled.  (See openDelay,
          openRepeat, and openTimeout.)

     startup
          This specifies a program that is run (as root) after
          the authentication process succeeds.  By default, no
          program is run.  The conventional name for a file used
          here is Xstartup.  See the Xstartup section below.

     systemPath
          Vuelogin sets the PATH environment variable for the
          startup and reset scripts to the value of this
          resource. Note the conspicuous absence of "." from this
          entry.  This is a good practice to follow for root; it
          avoids many system penetration schemes.

     systemShell
          Vuelogin sets the SHELL environment variable for the
          startup and reset scripts to the value of this
          resource.

     terminateServer
          This boolean resource specifies whether the X server
          should be terminated when a session terminates (instead
          of resetting it). This option can be used if the server
          tends to grow without bound over time in order to limit
          the amount of time the server is run continuously.

     termSignal
          This resource specifies the signal vuelogin sends to
          terminate the server.  See the section Controlling The
          Server

     userAuthDir
          When vuelogin cannot write to the usual user authoriza-
          tion file ($HOME/.Xauthority), it creates a unique file
          name in this directory and points the environment vari-
          able XAUTHORITY at the created file.

     userPath
          Vuelogin sets the PATH environment variable for the
          session to this value.  It should be a colon-separated
          list of directories; see sh(1) for a full description.

     vuelite
          Setting this resource to "True" restricts the display
          to only allowing fail-safe or VUE Lite sessions.  The
          "HP VUE Session" selection is disabled.

     xrdb Specifies the program used to load the resources.




HP VUE 3.0 (6/92)                                              14





VUELOGIN(1X)        UNIX Programmer's Manual         VUELOGIN(1X)



AUTHENTICATION SCREEN RESOURCES
     The authentication screen reads a name-password pair from
     the keyboard.  As this is a Motif toolkit client, colors,
     fonts and some layout options can be controlled with
     resources.  Resources for this screen should be put into the
     file named by the resources resource.

     The default logo on the authentication screen may be
     replaced with a bitmap of the user's choice.  The following
     resources are available in addition to the standard Motif
     set in order to control positioning of the logo and the drop
     shadow.  The resources should be prefaced with the string
     Vuelogin*logo* when specified.

                             Logo Resource Set
Name                         Class                        Type       Default
____________________________________________________________________________
bitmapFile                   BitmapFile                   String     NULL
dropShadowBackground         DropShadowBackground         Pixel      dynamic
dropShadowForeground         DropShadowForeground         Pixel      dynamic
dropShadowBackgroundPixmap   DropShadowBackgroundPixmap   String     dynamic
dropShadowThickness          DropShadowThickness          Int        dynamic
verticalOffset               VerticalOffset               Int        dynamic
x                            X                            Position   -1
y                            X                            Position   -1


     bitmapFile
          Specifies the absolute path name to the bitmap file to
          be used for the logo.

     dropShadowBackground
          Specifes the background color for the drop shadow.

     dropShadowForeground
          Specifes the foreground color for the drop shadow.

     dropShadowBackgroundPixmap
          Specifes the pixmap to be used for the drop shadow.
          This can either be a built-in Motif pixmap or the abso-
          lute path name to a bitmap to be used as the tile for
          the drop shadow.

     dropShadowThickness
          Specifes the thickness of the drop shadow in units of
          pixels.

     verticalOffset
          Specifes the percentage of the logo to be positioned
          vertically off the main matte.  By default the logo is
          centered horizontally and positioned vertically by this
          amount above the matte.  This resource is ignored if y



HP VUE 3.0 (6/92)                                              15





VUELOGIN(1X)        UNIX Programmer's Manual         VUELOGIN(1X)



          is specified.

     x    Specifes the x origin for the logo in units of pixels.
          This resource overrides the default horizontal center-
          ing of the logo.

     y    Specifes the y origin for the logo in units of pixels.
          This resource overrides the default vertical position-
          ing of the logo.


     The default welcome message on the authentication screen may
     also be replaced with a message of the user's choice.  The
     following resources are available to control content and
     positioning of the welcome message.  The resources should be
     prefaced with the string Vuelogin*greeting* when specified.

                        Greeting Resource Set
     Name          Class        Type       Default
     ____________________________________________________________
     alignment     Alignment    char       ALIGNMENT_CENTER
     background    Background   Pixel      dynamic
     foreground    Foreground   Pixel      dynamic
     fontList      FontList     FontList   dynamic
     labelString   String       String     Welcome to %LocalHost%
     x             X            Position   dynamic
     y             X            Position   dynamic


     alignment
     Specifies the alignment of text in the welcome message. Pos-
     sible values are ALIGNMENT_BEGINNING, ALIGNMENT_CENTER, and
     ALIGNMENT_END.

     background
     Specifes the background color for the welcome message.

     foreground
     Specifes the foreground color for the welcome message.

     fontList
     Specifes the font to use for the welcome message.

     labelString
     Specifes the text to use in the welcome message.  Multiple
     lines can be specified by including newline characters,
     "\n", in the text. If the token %LocalHost% is included in
     the text, it will be replaced with the name of the host pro-
     viding login service.  If the token %DisplayName% is
     included in the text, it will be replaced with the name of
     the X display showing the login screen.




HP VUE 3.0 (6/92)                                              16





VUELOGIN(1X)        UNIX Programmer's Manual         VUELOGIN(1X)



     x
     Specifes the x origin for the welcome message in units of
     pixels.  By default the welcome message is centered horizon-
     tally in the login matte.  While in the matte it is clipped
     to the matte boundaries. If it is positioned outside the
     matte, it may extend to the screen boundaries.

     y
     Specifes the y origin for the welcome message in units of
     pixels.  By default the message is positioned slightly above
     the login area of the login matte.


XDMCP ACCESS CONTROL
     The database file specified by the Vuelogin.accessFile
     resource provides information which vuelogin uses to control
     access from displays requesting XDMCP service.  This file
     contains entries which control the response to Direct and
     Broadcast queries.

     The format of an entry is either a host name or a pattern.
     A pattern is distinguished from a host name by the inclusion
     of one or more meta characters (`*' matches any sequence of
     0 or more characters, and `?' matches any single character)
     which are compared against the host name of the display dev-
     ice.  If the entry is a host name, all comparisons are done
     using network addresses, so any name which converts to the
     correct network address may be used.  For patterns, only
     canonical host names are used in the comparison, so ensure
     that you do not attempt to match aliases.  Preceding either
     a host name or a pattern with a `!' character causes hosts
     which match that entry to be excluded.

     When checking access for a particular display host, each
     entry is scanned in turn and the first matching entry deter-
     mines the response.

     Blank lines are ignored, `#' is treated as a comment delim-
     iter causing the rest of that line to be ignored, and `\new-
     line' causes the newline to be ignored, allowing indirect
     host lists to span multiple lines.

     Here is an example Xaccess file:

     #
     # Xaccess - XDMCP access control file
     #

     !xtra.lcs.mit.edu   # disallow direct/broadcast service for xtra
     bambi.ogi.edu       # allow access from this particular display
     *.lcs.mit.edu       # allow access from any display in LCS




HP VUE 3.0 (6/92)                                              17





VUELOGIN(1X)        UNIX Programmer's Manual         VUELOGIN(1X)



     If XDMCP access is granted, a temporary file may be created
     in the authDir directory which contains authorization infor-
     mation for the X-terminal.  It is deleted when the session
     starts.


AUTOMATIC LOGIN OPTION
     The Xaccess file also provides a means for selected X termi-
     nals to bypass the usual greet screen and automatically
     login as a specified user without requesting a password.  To
     enable this behavior, after the name of the display host you
     must specify the string "BYPASS_LOGIN" followed by the name
     of the user under which to log in.  For example:

     # The terminals listed below will be logged in as the user
     # specified without a greet screen and with no password required.

     shop1          BYPASS_LOGIN        jones     # terminal "shop1" logs
                                                  # in as user "jones"


     Be aware use of this feature can compromise the security of
     your system.


SESSION STARTUP
     Three files are provided to assist in session startup.  They
     can be replaced by other mechanisms via vuelogin resources.

The Xstartup File
     This file is typically a shell script.  It is run as "root"
     and should be very careful about security.  This is the
     place to put commands that display the message of the day or
     do other system-level functions on behalf of the user.
     Various environment variables are set for the use of this
     script:

          DISPLAY        is set to the associated display name
          HOME           is set to the home directory of the user
          PATH           is set to the value of the systemPath resource
          USER           is set to the user name
          SHELL          is set to the value of the systemShell resource


     No arguments of any kind are passed to the script.  Vuelogin
     waits until this script exits before starting the user ses-
     sion.  If the exit value of this script is non-zero, vuelo-
     gin discontinues the session immediately and starts another
     authentication cycle.

The Xsession File




HP VUE 3.0 (6/92)                                              18





VUELOGIN(1X)        UNIX Programmer's Manual         VUELOGIN(1X)



     This script reads in the user's personal environment from
     $HOME/.vueprofile and then invokes the desired session
     manager.  It is run with the permissions of the authorized
     user, and has several environment variables pre-set.  See
     the Environment section for a list of the pre-set variables.

The Xreset File
     Symmetrical with Xstartup, this script is run after the user
     session has terminated.  Run as root, it should probably
     contain commands that undo the effects of commands in
     Xstartup, such as unmounting directories from file servers.
     The collection of environment variables that were passed to
     Xstartup are also given to Xreset.


TYPICAL USAGE
     Vuelogin is designed to operate in a wide variety of
     environments.  The following setup is a good place to start,
     but may not be "typical" in many environments.

     First off, the vuelogin configuration file should be set up.
     A good thing to do is to make a directory (ex.
     /usr/vue/config) that contains all of the relevant files.
     Here is a typical configuration file, which could be named
     Xconfig :


          Vuelogin.errorLogFile:/usr/vue/config/Xerrors
          Vuelogin.pidFile:/usr/vue/config/Xpid
          Vuelogin.accessFile:/usr/vue/config/Xaccess
          Vuelogin.servers:/usr/vue/config/Xservers

          Vuelogin*resources:/usr/vue/config/Xresources
          Vuelogin*startup:/usr/vue/config/Xstartup
          Vuelogin*session:/usr/vue/config/Xsession
          Vuelogin*reset:/usr/vue/config/Xreset

     As you can see, this file simply contains references to
     other files.  Note that some of the resources are specified
     with ``*'' separating the components.  These resources can
     be made unique for each different display, by replacing the
     ``*'' with the display-name.  See the Resources section for
     a complete discussion.

     The first file /usr/vue/config/Xservers contains the list of
     displays to manage.  Most workstations have only one
     display, numbered 0, so the file looks like this:

          :0 Local local /usr/bin/X11/X :0






HP VUE 3.0 (6/92)                                              19





VUELOGIN(1X)        UNIX Programmer's Manual         VUELOGIN(1X)



     This keeps /usr/bin/X11/X running on this display and manage
     a continuous cycle of sessions.

     The file /usr/vue/config/Xerrors contains error messages
     from vuelogin and anything output to stderr by Xstartup,
     Xsession or Xreset.  When you have trouble getting vuelogin
     working, check this file to see if vuelogin has any clues to
     the trouble.  Xerrors can become quite large and should be
     trimmed periodically.

     The next configuration entry, /usr/vue/config/Xresources, is
     loaded onto the display as a resource database using xrdb
     (1).  As the authentication screen reads this database
     before starting up, it usually contains parameters for that
     screen.




SOME OTHER POSSIBILITIES
     You can also use vuelogin to run a single session at a time
     by specifying the server on the command line:

          vuelogin -server ":0 HP-TVRX local /usr/bin/X11/X :0"


     If you have an X terminal that supports the XDMCP protocol,
     an entry for that terminal in Xservers is not required.  If
     you have a file server and all X terminals support XDMCP,
     then Xservers would contain no entries.

     Configurations may contain combinations of local servers, X
     terminals without XDMCP, and X terminals with XDCMP.


COPYRIGHT
     Copyright 1988, Massachusetts Institute of Technology.
     See X(1) for a full statement of rights and permissions.


AUTHOR
     Vuelogin is based on the MIT client XDM, authored by Keith
     Packard.  Additional modifications were developed by Hewlett
     Packard.


ORIGIN
     Hewlett-Packard Company.


SEE ALSO
     connect(2), login(1), getty(1M), sh(1), stty(1), tset(1),



HP VUE 3.0 (6/92)                                              20





VUELOGIN(1X)        UNIX Programmer's Manual         VUELOGIN(1X)



     X(1), xinit(1M), xrdb(1), and XDMCP.






















































HP VUE 3.0 (6/92)                                              21



Typewritten Software • bear@typewritten.org • Edmonds, WA 98026