x2go-commits January 2017

x2go-commits@lists.x2go.org

3 participants
366 discussions

[[X2Go Wiki]] page changed: doc:howto:tce
by wiki-admin＠x2go.org 02 Jan '17

02 Jan '17

A page in your DokuWiki was added or changed. Here are the details: Date : 2017/01/02 17:54 Browser : Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0 IP-Address : 78.43.90.159 Hostname : HSI-KBW-078-043-090-159.hsi4.kabel-badenwuerttemberg.de Old Revision: http://wiki.x2go.org/doku.php/doc:howto:tce?rev=1483379416 New Revision: http://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: User : stefanbaur @@ -24,9 +24,12 @@ * We suggest using a 64-Bit system, however, it is possible to use a 32-Bit system if you don't want to build a 64-Bit ThinClient image. * We suggest leaving at least 4 GB of free disk space so the build won't abort due to insufficient disk space while packages are downloaded, unpacked and copied around. * Make sure your package list is up to date by running: <code>sudo apt-get update </code> * Install the required packages by running: <code>sudo apt-get install genisoimage git-core live-build live-config-doc live-manual-html live-boot-doc</code> - * export the following variables:<code> + + ===== Building your own X2Go-TCE Image ===== + ==== Configuring the Build ==== + <code> # Select ONE of the following git reposities # this one loosely corresponds to "stable" export LBX2GO_CONFIG='git://code.x2go.org/live-build-x2go.git::feature/openbox' # this one loosely corresponds to "heuler" @@ -78,11 +81,9 @@ # export LBX2GO_IMAGETYPE='tar' </code> - ===== Building your own X2Go-TCE image ===== - - ==== Starting the build ==== + ==== Starting the Build ==== Change to a directory where you want to save your builds, and run the following commands:<code> # Create Timestamp LBX2GO_TIMESTAMP=$(date +"%Y%m%d%H%M%S") -- This mail was generated by DokuWiki at http://wiki.x2go.org/

1 0

[[X2Go Wiki]] page changed: doc:howto:tce
by wiki-admin＠x2go.org 02 Jan '17

02 Jan '17

A page in your DokuWiki was added or changed. Here are the details: Date : 2017/01/02 17:50 Browser : Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0 IP-Address : 78.43.90.159 Hostname : HSI-KBW-078-043-090-159.hsi4.kabel-badenwuerttemberg.de Old Revision: http://wiki.x2go.org/doku.php/doc:howto:tce?rev=1483378508 New Revision: http://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [Building your own X2Go-TCE image] User : stefanbaur @@ -78,11 +78,11 @@ # export LBX2GO_IMAGETYPE='tar' </code> - ==== Building your own X2Go-TCE image ==== + ===== Building your own X2Go-TCE image ===== - === Starting the build === + ==== Starting the build ==== Change to a directory where you want to save your builds, and run the following commands:<code> # Create Timestamp LBX2GO_TIMESTAMP=$(date +"%Y%m%d%H%M%S") -- This mail was generated by DokuWiki at http://wiki.x2go.org/

1 0

[[X2Go Wiki]] page changed: doc:howto:tce
by wiki-admin＠x2go.org 02 Jan '17

02 Jan '17

A page in your DokuWiki was added or changed. Here are the details: Date : 2017/01/02 17:35 Browser : Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0 IP-Address : 78.43.90.159 Hostname : HSI-KBW-078-043-090-159.hsi4.kabel-badenwuerttemberg.de Old Revision: http://wiki.x2go.org/doku.php/doc:howto:tce?rev=1483378202 New Revision: http://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [ThinClient prerequisites for all variants] User : stefanbaur @@ -14,9 +14,9 @@ Our current TCE works just fine with Jessie, and we expect it to work in Stretch and hopefully in Buster (Stretch+1) as well. The one catch is that the live-build package in Debian/the Debian-Live project is currently looking for a new maintainer - so there is a slim chance that live-build might be removed from Debian Buster, especially if no new maintainer steps up and the live-build replacement that is currently in the works (called live-wrapper) contains all the required functionality of live-build by then. ===== ThinClient prerequisites for all variants ===== - * At least 1 GB of RAM UNLESS you use non-NTFS local storage, in that case, 512MB or even 256MB might work + * At least 1 GB of RAM //unless// you use non-NTFS local storage, in that case, 512MB or even 256MB might work * At least an i586-compatible CPU * Capability to boot via PXE //or// sufficient local storage (expect 250-450 MB, depending on what you decide to include) * A graphics card and input devices (Keyboard, Mouse/Trackball/Touchpad/Trackpoint/Touchscreen, ...) that are supported by the stock Debian X Server ===== Build system prerequisites for all variants ===== -- This mail was generated by DokuWiki at http://wiki.x2go.org/

1 0

[[X2Go Wiki]] page changed: doc:howto:tce
by wiki-admin＠x2go.org 02 Jan '17

02 Jan '17

A page in your DokuWiki was added or changed. Here are the details: Date : 2017/01/02 17:30 Browser : Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0 IP-Address : 78.43.90.159 Hostname : HSI-KBW-078-043-090-159.hsi4.kabel-badenwuerttemberg.de Old Revision: http://wiki.x2go.org/doku.php/doc:howto:tce?rev=1483378101 New Revision: http://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [What options are available under FURTHER-OPTIONS-GO-HERE?] User : stefanbaur @@ -442,9 +442,10 @@ </note> ==== What options are available under FURTHER-OPTIONS-GO-HERE? ==== * Where it says FURTHER-OPTIONS-GO-HERE, you can (must!) add one or more of the options explained below. All options are separated from the next option using a single blank (space bar), just like the options before that placeholder. **DO NOT** use newlines. All "APPEND" options must be on **one and the same** line. - * Options containing "tftp|rsync|https|http|ftp://your-http-server-ip-here" should be replaced with the proper HTTP, HTTPS, FTP, or, where mentioned as an alternative, TFTP or rsync URL for your server. HTTPS is always preferred for security reasons. + * Options containing "tftp|rsync|https|http|ftp://your-http-server-ip-here" should be replaced with the proper HTTP, HTTPS, FTP, or, where mentioned as an alternative, TFTP or rsync URL for your server. HTTPS is always preferred for security reasons. Be sure to use only the IP, not a DNS name. + * Options containing "tftp|rsync|https|http|ftp://your-http-server-ip-or-dns-here" should be replaced with the proper HTTP, HTTPS, FTP, or, where mentioned as an alternative, TFTP or rsync URL for your server. HTTPS is always preferred for security reasons. IP or DNS name may be used. === These two are mutually exclusive, i.e. never put both of them in the same config === * ''sessionsurl=https|http|ftp://your-http-server-ip-or-dns-here/x2go-tce/x2go-tce.sessions'' - use this to specify a sessions file. You need this unless you are using a session broker. See below for how to add this file to your HTTP, HTTPS, or FTP server. Note that whoever manages to spoof the server name can inject rogue session config files into your ThinClients. To mitigate this risk, use HTTPS, where the attacker would have to spoof both server name and matching certificate. * ''broker-url=ssh:<nowiki>//</nowiki>your-broker-address-here'' - this allows you to specify an X2Go Session Broker instead of a sessions file (not limited to an ssh-based broker, works with an http-based broker as well) -- This mail was generated by DokuWiki at http://wiki.x2go.org/

1 0

[[X2Go Wiki]] page changed: doc:howto:tce
by wiki-admin＠x2go.org 02 Jan '17

02 Jan '17

A page in your DokuWiki was added or changed. Here are the details: Date : 2017/01/02 17:28 Browser : Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0 IP-Address : 78.43.90.159 Hostname : HSI-KBW-078-043-090-159.hsi4.kabel-badenwuerttemberg.de Old Revision: http://wiki.x2go.org/doku.php/doc:howto:tce?rev=1483377899 New Revision: http://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [What options are available under FURTHER-OPTIONS-GO-HERE?] User : stefanbaur @@ -450,9 +450,9 @@ * ''broker-url=ssh:<nowiki>//</nowiki>your-broker-address-here'' - this allows you to specify an X2Go Session Broker instead of a sessions file (not limited to an ssh-based broker, works with an http-based broker as well) === These are entirely optional === * ''xorg-resolution=HRESxVRES'' - will force the horizontal resolution to HRES and the vertical resolution to VRES, e.g. ''xorg-resolution=1280x1024'', useful if autodetection for the correct screen size fails, but you do get as far as seeing the X2Go GUI - * ''xorgconfurl=tftp|http|https|ftp://your-http-server-ip-here/x2go-tce/x2go-tce.xorg.conf'' - when a client outright refuses to boot into the graphical X2Go login screen, but gets stuck at the console or a black screen instead, yet you can get the GUI to work using a regular Linux on the same hardware, you can disable the X Server's autodetection and force it to use the xorg.conf specified here. Note that you should use a more descriptive name for the file, as described below. Also note that whoever manages to spoof the server name can inject rogue xorg config files into your ThinClients. To mitigate this risk, use HTTPS, where the attacker would have to spoof both server name and matching certificate. + * ''xorgconfurl=tftp|http|https|ftp://your-http-server-ip-or-dns-here/x2go-tce/x2go-tce.xorg.conf'' - when a client outright refuses to boot into the graphical X2Go login screen, but gets stuck at the console or a black screen instead, yet you can get the GUI to work using a regular Linux on the same hardware, you can disable the X Server's autodetection and force it to use the xorg.conf specified here. Note that you should use a more descriptive name for the file, as described below. Also note that whoever manages to spoof the server name can inject rogue xorg config files into your ThinClients. To mitigate this risk, use HTTPS, where the attacker would have to spoof both server name and matching certificate. * ''pubkey=tftp|http|https|ftp://your-http-server-ip-or-dns-here/x2go-tce/x2go-tce.authorized_keys'' - Allows you to add an ssh public key file to the ThinClient, so your administrators can log in remotely using SSH. Note that this file needs to be chmodded 644, not 600, on the web server. **Attention: Whoever manages to spoof this server name will have root access to your ThinClients. Using HTTPS will mitigate this - an attacker would not only have to spoof the server name, but also the matching certificate.** * ''xinerama=left-of|right-of|above|below|same-as'' - Allows you to specify how multiple screens are handled (same-as clones the primary screen to all secondary screens, the other commands will cascade and thus expand the screen). Note that the current implementation will enforce "same-as" if it detects a touch screen driver (wacom) and no other pointing device. This is so you won't get stuck being unable to log off, for example, due to your touch device being limited to one screen. * ''ldap=ldap.example.com:389:cn=cngoeshere,dc=example,dc=com'' - this allows you to specify an LDAP server to authenticate against * ''ldap1=ldap-backupserver-1.example.com:389'' - this allows you to specify the first of up to two LDAP backup servers when using LDAP authentication -- This mail was generated by DokuWiki at http://wiki.x2go.org/

1 0

[[X2Go Wiki]] page changed: doc:howto:tce
by wiki-admin＠x2go.org 02 Jan '17

02 Jan '17

A page in your DokuWiki was added or changed. Here are the details: Date : 2017/01/02 17:24 Browser : Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0 IP-Address : 78.43.90.159 Hostname : HSI-KBW-078-043-090-159.hsi4.kabel-badenwuerttemberg.de Old Revision: http://wiki.x2go.org/doku.php/doc:howto:tce?rev=1483377021 New Revision: http://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: User : stefanbaur @@ -189,21 +189,11 @@ </note> === Adding the configuration files to your Boot Server === Again, this is assuming you already have an existing, working PXE/TFTP server setup. - * Change to the pxelinux.cfg directory in your tftproot. + * change to the pxelinux.cfg directory in your tftproot. * create a file x2go-tce there, using the template below and adjusting it to your needs - * options ending in "=de" and "=de_DE.UTF-8" should be set to match your desired country/locale setting - * options containing "http://your-http-server-ip-here" should be replaced with the proper HTTP, HTTPS, FTP, or, where mentioned as an alternative, rsync URL for your server - * where it says FURTHER-OPTIONS-GO-HERE, you can (must!) add one or more of the options explained below. All options are separated from the next option using a single blank (space bar), just like the options before that placeholder. **DO NOT** use newlines. All "APPEND" options must be on **one and the same** line. - - <note tip>To have different hostnames for each thin client: - * assign DNS names for your thin clients - * set your DHCP server to reply to "request host-name" requests from dhclient - * use ''hostname=localhost'' as shown above. - - If you remove ''hostname=localhost'' entirely, all thin clients will share the hostname ''debian'', which is the Debian-Live default host name. Similarly, if you set ''hostname=someothervalue'', all thin clients booting this configuration will share the hostname ''someothervalue''. - </note> + * read section "Boot Parameters for X2Go-TCE" to find out what changes to make and what to put where it says FURTHER-OPTIONS-GO-HERE <file - x2go-tce> DEFAULT x2go-tce PROMPT 0 MENU TITLE Linux Boot Menu @@ -218,39 +208,8 @@ KERNEL x2go-tce/vmlinuz APPEND initrd=x2go-tce/initrd.img boot=live components noswap aufs rd.luks=0 rd.lvm=0 rd.md=0 rd.dm=0 kernel.sysrq=1 keep_bootcon sysrq_always_enabled rd.driver.pre=loop rd.noverifyssl rd.skipfsck rd.live.overlay.check rd.live.overlay.reset rd.live.ram log_buf_len=1M quickreboot consoleblank=0 kernel.sysrq=1 keep_bootcon sysrq_always_enabled rootwait=120 silent quiet splash lang=de vconsole.keymap=de keyboard-layouts=de locales=de_DE.UTF-8 hostname=localhost noroot nouser fetch=http://your-http-server-ip-here/x2go-tce/x2go-tce-filesystem.squashfs FURTHER-OPTIONS-GO-HERE </file> - <note important>**These are always required for security reasons, unless you are working on a debug image:** - * ''noroot'' - do not allow the local user account on the ThinClient (named "user") to become root, e.g. using sudo **Always set this unless you are debugging an image and need to log in locally!** - * ''nouser'' - do not allow the local user account on the ThinClient (named "user") to log in at the console or remotely (using password "live") **Always set this unless you are debugging an image and need to log in locally!** - </note> - - === What options are available under FURTHER-OPTIONS-GO-HERE? === - - These two are mutually exclusive, i.e. never put both of them in the same config: - * ''sessionsurl=https|http|ftp://your-http-server-ip-or-dns-here/x2go-tce/x2go-tce.sessions'' - use this to specify a sessions file. You need this unless you are using a session broker. See below for how to add this file to your HTTP, HTTPS, or FTP server. Note that whoever manages to spoof the server name can inject rogue session config files into your ThinClients. To mitigate this risk, use HTTPS, where the attacker would have to spoof both server name and matching certificate. - * ''broker-url=ssh:<nowiki>//</nowiki>your-broker-address-here'' - this allows you to specify an X2Go Session Broker instead of a sessions file (not limited to an ssh-based broker, works with an http-based broker as well) - - These are entirely optional: - * ''xorg-resolution=HRESxVRES'' - will force the horizontal resolution to HRES and the vertical resolution to VRES, e.g. ''xorg-resolution=1280x1024'', useful if autodetection for the correct screen size fails, but you do get as far as seeing the X2Go GUI - * ''xorgconfurl=tftp|http|https|ftp://your-http-server-ip-here/x2go-tce/x2go-tce.xorg.conf'' - when a client outright refuses to boot into the graphical X2Go login screen, but gets stuck at the console or a black screen instead, yet you can get the GUI to work using a regular Linux on the same hardware, you can disable the X Server's autodetection and force it to use the xorg.conf specified here. Note that you should use a more descriptive name for the file, as described below. Also note that whoever manages to spoof the server name can inject rogue xorg config files into your ThinClients. To mitigate this risk, use HTTPS, where the attacker would have to spoof both server name and matching certificate. - * ''pubkey=tftp|http|https|ftp://your-http-server-ip-or-dns-here/x2go-tce/x2go-tce.authorized_keys'' - Allows you to add an ssh public key file to the ThinClient, so your administrators can log in remotely using SSH. Note that this file needs to be chmodded 644, not 600, on the web server. **Attention: Whoever manages to spoof this server name will have root access to your ThinClients. Using HTTPS will mitigate this - an attacker would not only have to spoof the server name, but also the matching certificate.** - * ''xinerama=left-of|right-of|above|below|same-as'' - Allows you to specify how multiple screens are handled (same-as clones the primary screen to all secondary screens, the other commands will cascade and thus expand the screen). Note that the current implementation will enforce "same-as" if it detects a touch screen driver (wacom) and no other pointing device. This is so you won't get stuck being unable to log off, for example, due to your touch device being limited to one screen. - * ''ldap=ldap.example.com:389:cn=cngoeshere,dc=example,dc=com'' - this allows you to specify an LDAP server to authenticate against - * ''ldap1=ldap-backupserver-1.example.com:389'' - this allows you to specify the first of up to two LDAP backup servers when using LDAP authentication - * ''ldap2=ldap-backupserver-2.example.com:389'' - this allows you to specify the second of up to two LDAP backup servers when using LDAP authentication - - These are //not yet implemented//, but planned for a future release: - * ''blank=n|n:n:n'' - Will disable (''blank=0'') or set screensaver timeout. Use ''blank=n:n:n'' to set DPMS Standby/Suspend/Off values. Standby value equals screensaver timeout value. All values are given in seconds. - * ''nodpms'' - Will not touch DPMS settings at all (by default, ''blank=0'' does both ''xset s off'' and ''xset -dpms''). Use this along with ''blank=n'' if you do want to blank the screen, but your screen is confused by DPMS settings. - * ''tcpprint'' - Will allow you to use local LPT/USB printers like "dumb" network printers (listening to port 9100 and above). Requires MAC->IP mapping in DHCP server (and optionally, DNS->IP mapping), or static IPs - else your print jobs will end up on random devices. This setup is preferred over the X2GoClient's built-in printing for locally attached printers if X2GoServer and ThinClients are on the same network. It is not recommended when your X2Go connection goes across the internet or when the ThinClient is actually a laptop roaming between different networks. **Attention:** When used without ''tcpprintonlyfrom'' (see below), this means anyone that can reach your thin client via e.g. ping can also send print jobs to it! - * ''tcpprintonlyfrom=x.x.x.x'' - Will allow you to specify which IP address may connect to Port 9100 and above for printing to a locally attached LPT/USB printer. This should be the IP of your CUPS server or whatever print server system you use. Understands the same syntax as xinetd's ''only_from''. - - These are //not yet implemented//, but planned for a future release, and only intended to be used with TCE images stored on local media: - * ''updateurl=rsync|https|http|ftp://your-http-server-ip-or-dns-here/path-to-update-files'' - Will allow you to update an image in the background when using local storage instead of PXE. Download task will start at a randomized interval to avoid unintentional dDOSing of the update server/network infrastructure. The updater will even work when using NTFS for local storage, but only if the //toram// boot option is used. Regardless of NTFS or not, the updater requires three directories: ''/boot/live1, /boot/live2, /boot/live-download'' **Attention:** Whoever manages to spoof the server name can deploy rogue images to your ThinClients. Even though it is slower, using an HTTPS web server is the safer way of doing this. Be sure that your web server delivers a last-modified header for all files. - * ''updatesleep=nnnnn'' - Will allow you to specify the upper limit (in seconds) of the update timer's randomizer. Allowed range for upper limit: 240-32767. Will default to 900 if unset or set to an out-of-range value. Lower limit is fixed at 120 seconds. - * ''bwlimit=nnn'' - Will allow you to specify a bandwidth limit (valid values: 1-100) in percent for the backgrounded update task. - * ''ntfs-uuid='' - Will be required for updating images stored on NTFS filesystems. Full UUID as shown under /dev/disk/by-uuid/ is preferred, but can work with the volume serial number shown in the output of "vol c:" as well. === Required unless using the X2Go Session Broker: Adding the x2go-tce.sessions session configuration file to your HTTP or FTP Server === Again, this is assuming you already have an existing, working HTTP or FTP server setup. * run X2GoClient on any computer you like, and configure a session the same way it should appear on the ThinClient <note tip>when using a Windows client, run x2goclient.exe --portable, or it will store the session information in the registry, rather than in a "sessions" file.</note> @@ -464,9 +423,53 @@ initrd /boot/X2Go-live2/x2go-tce-initrd.img </file> + ===== Boot Parameters for X2Go-TCE ===== + <note important>**These are always required for security reasons, unless you are working on a debug image:** + * ''noroot'' - do not allow the local user account on the ThinClient (named "user") to become root, e.g. using sudo **Always set this unless you are debugging an image and need to log in locally!** + * ''nouser'' - do not allow the local user account on the ThinClient (named "user") to log in at the console or remotely (using password "live") **Always set this unless you are debugging an image and need to log in locally!** + </note> + ==== Options already present in the templates that you may/should change to your needs ==== + * options ending in "=de" and "=de_DE.UTF-8" should be set to match your desired country/locale setting + + <note tip>To have different hostnames for each thin client: + * assign DNS names for your thin clients + * set your DHCP server to reply to "request host-name" requests from dhclient + * use ''hostname=localhost'' as shown above. + + If you remove ''hostname=localhost'' entirely, all thin clients will share the hostname ''debian'', which is the Debian-Live default host name. Similarly, if you set ''hostname=someothervalue'', all thin clients booting this configuration will share the hostname ''someothervalue''. + </note> + + ==== What options are available under FURTHER-OPTIONS-GO-HERE? ==== + * Where it says FURTHER-OPTIONS-GO-HERE, you can (must!) add one or more of the options explained below. All options are separated from the next option using a single blank (space bar), just like the options before that placeholder. **DO NOT** use newlines. All "APPEND" options must be on **one and the same** line. + * Options containing "tftp|rsync|https|http|ftp://your-http-server-ip-here" should be replaced with the proper HTTP, HTTPS, FTP, or, where mentioned as an alternative, TFTP or rsync URL for your server. HTTPS is always preferred for security reasons. + + === These two are mutually exclusive, i.e. never put both of them in the same config === + * ''sessionsurl=https|http|ftp://your-http-server-ip-or-dns-here/x2go-tce/x2go-tce.sessions'' - use this to specify a sessions file. You need this unless you are using a session broker. See below for how to add this file to your HTTP, HTTPS, or FTP server. Note that whoever manages to spoof the server name can inject rogue session config files into your ThinClients. To mitigate this risk, use HTTPS, where the attacker would have to spoof both server name and matching certificate. + * ''broker-url=ssh:<nowiki>//</nowiki>your-broker-address-here'' - this allows you to specify an X2Go Session Broker instead of a sessions file (not limited to an ssh-based broker, works with an http-based broker as well) + + === These are entirely optional === + * ''xorg-resolution=HRESxVRES'' - will force the horizontal resolution to HRES and the vertical resolution to VRES, e.g. ''xorg-resolution=1280x1024'', useful if autodetection for the correct screen size fails, but you do get as far as seeing the X2Go GUI + * ''xorgconfurl=tftp|http|https|ftp://your-http-server-ip-here/x2go-tce/x2go-tce.xorg.conf'' - when a client outright refuses to boot into the graphical X2Go login screen, but gets stuck at the console or a black screen instead, yet you can get the GUI to work using a regular Linux on the same hardware, you can disable the X Server's autodetection and force it to use the xorg.conf specified here. Note that you should use a more descriptive name for the file, as described below. Also note that whoever manages to spoof the server name can inject rogue xorg config files into your ThinClients. To mitigate this risk, use HTTPS, where the attacker would have to spoof both server name and matching certificate. + * ''pubkey=tftp|http|https|ftp://your-http-server-ip-or-dns-here/x2go-tce/x2go-tce.authorized_keys'' - Allows you to add an ssh public key file to the ThinClient, so your administrators can log in remotely using SSH. Note that this file needs to be chmodded 644, not 600, on the web server. **Attention: Whoever manages to spoof this server name will have root access to your ThinClients. Using HTTPS will mitigate this - an attacker would not only have to spoof the server name, but also the matching certificate.** + * ''xinerama=left-of|right-of|above|below|same-as'' - Allows you to specify how multiple screens are handled (same-as clones the primary screen to all secondary screens, the other commands will cascade and thus expand the screen). Note that the current implementation will enforce "same-as" if it detects a touch screen driver (wacom) and no other pointing device. This is so you won't get stuck being unable to log off, for example, due to your touch device being limited to one screen. + * ''ldap=ldap.example.com:389:cn=cngoeshere,dc=example,dc=com'' - this allows you to specify an LDAP server to authenticate against + * ''ldap1=ldap-backupserver-1.example.com:389'' - this allows you to specify the first of up to two LDAP backup servers when using LDAP authentication + * ''ldap2=ldap-backupserver-2.example.com:389'' - this allows you to specify the second of up to two LDAP backup servers when using LDAP authentication + + === These are //not yet implemented//, but planned for a future release === + * ''blank=n|n:n:n'' - Will disable (''blank=0'') or set screensaver timeout. Use ''blank=n:n:n'' to set DPMS Standby/Suspend/Off values. Standby value equals screensaver timeout value. All values are given in seconds. + * ''nodpms'' - Will not touch DPMS settings at all (by default, ''blank=0'' does both ''xset s off'' and ''xset -dpms''). Use this along with ''blank=n'' if you do want to blank the screen, but your screen is confused by DPMS settings. + * ''tcpprint'' - Will allow you to use local LPT/USB printers like "dumb" network printers (listening to port 9100 and above). Requires MAC->IP mapping in DHCP server (and optionally, DNS->IP mapping), or static IPs - else your print jobs will end up on random devices. This setup is preferred over the X2GoClient's built-in printing for locally attached printers if X2GoServer and ThinClients are on the same network. It is not recommended when your X2Go connection goes across the internet or when the ThinClient is actually a laptop roaming between different networks. **Attention:** When used without ''tcpprintonlyfrom'' (see below), this means anyone that can reach your thin client via e.g. ping can also send print jobs to it! + * ''tcpprintonlyfrom=x.x.x.x'' - Will allow you to specify which IP address may connect to Port 9100 and above for printing to a locally attached LPT/USB printer. This should be the IP of your CUPS server or whatever print server system you use. Understands the same syntax as xinetd's ''only_from''. + + === These are //not yet implemented//, but planned for a future release, and only intended to be used with TCE images stored on local media === + * ''updateurl=rsync|https|http|ftp://your-http-server-ip-or-dns-here/path-to-update-files'' - Will allow you to update an image in the background when using local storage instead of PXE. Download task will start at a randomized interval to avoid unintentional dDOSing of the update server/network infrastructure. The updater will even work when using NTFS for local storage, but only if the //toram// boot option is used. Regardless of NTFS or not, the updater requires three directories: ''/boot/live1, /boot/live2, /boot/live-download'' **Attention:** Whoever manages to spoof the server name can deploy rogue images to your ThinClients. Even though it is slower, using an HTTPS web server is the safer way of doing this. Be sure that your web server delivers a last-modified header for all files. + * ''updatesleep=nnnnn'' - Will allow you to specify the upper limit (in seconds) of the update timer's randomizer. Allowed range for upper limit: 240-32767. Will default to 900 if unset or set to an out-of-range value. Lower limit is fixed at 120 seconds. + * ''bwlimit=nnn'' - Will allow you to specify a bandwidth limit (valid values: 1-100) in percent for the backgrounded update task. + * ''ntfs-uuid='' - Will be required for updating images stored on NTFS filesystems. Full UUID as shown under /dev/disk/by-uuid/ is preferred, but can work with the volume serial number shown in the output of "vol c:" as well. ===== Troubleshooting a booted X2Go-TCE image ===== ==== You can see the X2Go login screen, but the screen size (resolution) is wrong ==== -- This mail was generated by DokuWiki at http://wiki.x2go.org/

1 0

[[X2Go Wiki]] page changed: doc:howto:tce
by wiki-admin＠x2go.org 02 Jan '17

02 Jan '17

A page in your DokuWiki was added or changed. Here are the details: Date : 2017/01/02 17:10 Browser : Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0 IP-Address : 78.43.90.159 Hostname : HSI-KBW-078-043-090-159.hsi4.kabel-badenwuerttemberg.de Old Revision: http://wiki.x2go.org/doku.php/doc:howto:tce?rev=1483375726 New Revision: http://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: User : stefanbaur @@ -1,8 +1,8 @@ ====== X2Go-ThinClientEditon (TCE, TCE-NG, TCE-New) ====== - + <columns 75% -> <note important>This page is very much Work in Progess. Please leave a note on x2go-user(a)lists.x2go.org if you're interested in trying this out, so we can guide you along if something goes wrong.</note> - + </columns> ===== History, Rationale, Outlook ===== During the time of Debian Wheezy being Debian's stable release, we started developing a new ThinClientEdition (TCE) - one that is based on Debian-Live and thus does no longer rely on NFS. Instead, the entire image is loaded into the RAM of the ThinClient machine. -- This mail was generated by DokuWiki at http://wiki.x2go.org/

1 0

[[X2Go Wiki]] page changed: doc:howto:tce
by wiki-admin＠x2go.org 02 Jan '17

02 Jan '17

A page in your DokuWiki was added or changed. Here are the details: Date : 2017/01/02 16:48 Browser : Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0 IP-Address : 78.43.90.159 Hostname : HSI-KBW-078-043-090-159.hsi4.kabel-badenwuerttemberg.de Old Revision: http://wiki.x2go.org/doku.php/doc:howto:tce?rev=1483375352 New Revision: http://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [Installing a boot loader] User : stefanbaur @@ -355,10 +355,13 @@ </file> === Installing syslinux === FIXME - * install syslinux (should work with FAT* as well as ext*) - + * install syslinux (should work with FAT* as well as ext*): + * ''apt-get install -y syslinux mbr'' + * ''syslinux --install /dev/targetpartition'' + * note that you have to check that /dev/targetpartition is marked as "active" in fdisk + * if your system doesn't boot like that, it might be due to an empty Master Boot Record. You can use ''install-mbr /dev/targetdisk'' to fix this. * for syslinux, use these three files as templates: <file - syslinux.cfg> menu title X2Go-TCE # This says "password" in md5 -- This mail was generated by DokuWiki at http://wiki.x2go.org/

1 0

[[X2Go Wiki]] page changed: doc:howto:tce
by wiki-admin＠x2go.org 02 Jan '17

02 Jan '17

A page in your DokuWiki was added or changed. Here are the details: Date : 2017/01/02 16:42 Browser : Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0 IP-Address : 78.43.90.159 Hostname : HSI-KBW-078-043-090-159.hsi4.kabel-badenwuerttemberg.de Old Revision: http://wiki.x2go.org/doku.php/doc:howto:tce?rev=1483375231 New Revision: http://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [You can see a text login screen with grey/white, green, and possibly red letters against a black background, or the screen is entirely black] User : stefanbaur @@ -469,13 +469,15 @@ ==== You can see the X2Go login screen, but the screen size (resolution) is wrong ==== Determine the correct resolution for your screen and set boot parameter ''xorg-resolution=HRESxVRES'' accordingly, e.g. to ''xorg-resolution=1280x1024'' - ==== You can see a text login screen with grey/white, green, and possibly red letters against a black background, or the screen is entirely black ==== + ==== The screen is entirely black (though you might see an active backlight in case of a TFT) ==== If the screen is entirely black, try pressing [Ctrl]+[Alt]+[F1] and see if that takes you to the text login screen. - If so, this means the X Server's autodetection failed. There's not much you can do from inside X2Go-TCE at this point. Make a note of the MAC address (the GREEN text), shut down the ThinClient and try to boot a different Linux distribution on it. Try, for example, KNOPPIX Live Linux, other Distribution's Live Images (a recent Fedora or Arch, maybe?). + ==== You can see a text login screen with grey/white, green, and possibly red letters against a black background ==== + + If you end up at the text login, this means the X Server's autodetection failed. There's not much you can do from inside X2Go-TCE at this point. Make a note of the MAC address (the GREEN text), shut down the ThinClient and try to boot a different Linux distribution on it. Try, for example, KNOPPIX Live Linux, other Distribution's Live Images (a recent Fedora or Arch, maybe?). If you can get X running in one of these, proceed as follows: In the running Linux where you have a working X Server on that particular hardware: -- This mail was generated by DokuWiki at http://wiki.x2go.org/

1 0

[[X2Go Wiki]] page changed: doc:howto:tce
by wiki-admin＠x2go.org 02 Jan '17

02 Jan '17

A page in your DokuWiki was added or changed. Here are the details: Date : 2017/01/02 16:40 Browser : Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0 IP-Address : 78.43.90.159 Hostname : HSI-KBW-078-043-090-159.hsi4.kabel-badenwuerttemberg.de Old Revision: http://wiki.x2go.org/doku.php/doc:howto:tce?rev=1483375197 New Revision: http://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [Booting from local storage media] User : stefanbaur @@ -309,9 +309,9 @@ Do **not** select hdd or tar - even though we are creating a local storage media installation. - On your local storage media, create the following folders: ''/boot/X2Go-live1'', ''/boot/X2Go-live2'', ''/boot/X2Go-live-download''. - If you have serious space constraints, you can limit yourself to ''/boot/X2Go-live1'', but you will be unable to use the autoupdater then. - - Copy ''./x2go-tce-vmlinuz'', ''./x2go-tce-initrd.img'', and ''./x2go-tce-squashfs-only.iso'' to ''/boot/X2Go-live1'' (and to ''/boot/X2Go-live2'', if present). + - Copy ''./x2go-tce-vmlinuz'', ''./x2go-tce-initrd.img'', and ''./x2go-tce-squashfs-only.iso'' to ''/boot/X2Go-live1/'' (and to ''/boot/X2Go-live2/'', if present). ==== Installing a boot loader ==== The next step is to install a boot loader. Currently, there are three choices, GRUB-legacy, syslinux, and GRUB4DOS. * Use GRUB-legacy for ext* file systems. -- This mail was generated by DokuWiki at http://wiki.x2go.org/

1 0

← Newer
1
...
28
29
30
31
32
33
34
...
37
Older →

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

x2go-commits January 2017