Table of Contents
Security Issues: xf86(4)
Unix/BSDs provide a great sturdy platform for running services that just need to be "going and going and ..." For this type of environment the Windowing Graphical User Interface is mostly unnecessary (or maybe totally unnecessary.) But a Win GUI augments the tough exterior of the sturdy server with a more approachable look for those new to Unix/BSDs who are used to a desktop environment (ala MS Windows.) OpenBSD is as adept as other *NIX systems in displaying a nice gui and a flexible GUI provides a platform for non-*NIX people to be introduced to, operate and maintain the general configurations of a a secure OpenBSD box.
These notes refer to XFree86 4.1 and OpenBSD 3.0
Your OpenBSD team has put together a good guide in /usr/X11R6/README, step-by-step instructions for installing your X-Windows system.
The utilities required for installing both XFree86 4.1 and XFree86 3.3.6 are both referenced and more complete documentation are stored in:
| Location | Release |
| /usr/X11R6/lib/X11/doc/ | XFree86 4.1 |
| /usr/X11R6/lib/X11/doc/XFree86-3.3.6/ | XFree86 3.3.6 |
If you would like to refer to the documentation previously available on installing X, please refer to the article x-windows3.htm
[ref: XF3.3x /usr/X11R6/lib/X11/doc/XFree86-3.3.6/QuickStart.doc,
XF86Config-3(4)]
[ref: XF4.1 /usr/X11R6/lib/X11/doc/, XF86Config(5)]
To get X Windows started on your system you 1st have to generate a configuration file (assuming of course that you installed the x* files during installation. and followed /usr/X11R6/README)
[ref: SuperProbe(1)]
[ref: x-windows3.htm]
The use of SuperProbe to determine your video card settings are documented in our previous installation instructions. Essentially, running the program will help you with selecting the correct video card for configuring the X server.
If you really want to use an accelerator driver only available in XFree86 3.x then please look at the previous instructions for installing XF 3.x.
Fortunately we do not have to do much work with the mouse, because of the new wsmouse device with OpenBSD 3.0
If the older notes do not help, what I have found to be a starting point on a new machine with no idea about the video card, is the XFree 4.x's XFree86 -configure option.
From the documention: [XFree86(1)]
-configure When this option is specified, the X server loads all video driver modules, probes for available hardware, and writes out an initial XF86Config(5) file based on what was detected. This option cur rently has some problems on some platforms, but in most cases it is a good way to bootstrap the con figuration process. This option is only available when the server is run as root (i.e, with real-uid 0).
After running XF86Config from root you should get some response similar to the following:
# XFree86 -configure
Your XF86Config file is /root/XF86Config.new
To test the server, run 'XFree86 -xf86config /root/XF86Config.new'
Now I can test whether the XF86 configuration generated by the program works by using the example shown above.
# XFree86 -xf86config /root/XF86Config.new
Don't look for something exciting, this should only be the X environment, which will basically just show as a blank screen with a mouse cursor. Worse, it will probably be at the lowest possible resolution, but it's working.
Ctrl+Alt+Bksp: For those very new to X, use the Control+Alt+Backspace key combination (hold all three keys down at the same time) to stop X and return to the command-prompt.
Success? If the graphic screen worked for you, you can now use this Configuration as a basis for your X environment. To do this copy the /root/XF86Config.new file to the standard location for your machine (usually at /etc/X11)
# cp /root/XF86Config.new /etc/X11/XF86Config
WARNING: make backups of any existing files before you copy anything.
In OpenBSD (3.2 & 3.3 tested with this comment) the only major thing to configure from the above sample configuration are:
[ref: wsmouse(4)]
One key aspect to realise with OpenBSD 3.0 and XFree86 4.x is that the mouse protocol is now 'wsmouse' irregardless of which mouse you may have (at least on my i386 systems, i'm sorry if i'm wrong.)
[ref: XF3.3x xf86config3]
[ref: XF4.1 xf86cfg(1), xf86config(1)]
Two programs are recommended for creating your XF86Config file: xf86cfg and xf86config.
xf86cfg configuration is confusing if you are not used to it (a quasi GUI interface) alternately it offers a text-mode configuration 'xf86cfg -textmode'
It significantly helps the XF86Config process if you can connect from another computer 'ssh' and execute the installation sequence so you can more easily review error output, which is logged in /var/log/XFree86.0.log. (i.e. use a 2nd screen to tail -f /var/log/XFree86.0.log and view the startup process/failure.)
If your configuration has been successful then you can start and stop X Windows by doing the following.
Both setup programs should create a workable server, and you can test it by using the startx script.
| # /usr/X11R6/bin/startx |
To Get out of X, use Ctrl+Alt+Backspace
After starting X Windows for the 1st time you should get a screen with one or two x-term windows open on the screen.
Often, I screw up the resolution, or the color mode configuration. One simple way of starting X into a different configuration than that which is in the configuration file, is to use the following example.
To start X Window using 256 color mode:
| # startx -- -bbp 8 |
To start X Window in true colour mode, use the following command
| # startx -- -bbp 32 |
'startx' is a script to initialise services for the X Window environment which in the default OpenBSD configuration starts up a simple 'window manager' and an 'xterm' connection running under the fvwm Window Manager.
I'm not really into interface wars between KDE & GNOME and all the 'lighter' stuff, because I much prefer KDE for my OpenBSD box, and I much prefer Internet Explorer over the other browsers, so ...
Members of the OpenBSD development team involved with KDE development have done a wonderful set of work to incorporate many of the standard features of KDE into OpenBSD's port.
I've got the OpenBSD 3.0 cd set, so I just pkg_add all the kde files, including koffice. (copied from the CD to /usr/ports/packages/i386/All)
| # cd /usr/ports/packages/i386/All |
| All # ls kde* |
| kdeartwork-2.2.1.tgz kdebase-ns-2.2.1.tgz
kdegraphics-2.2.1.tgz kdenetwork-2.2.1.tgz kdebase-2.2.1.tgz kdegames-2.2.1.tgz kdelibs-2.2.1.tgz kdetoys-2.2.1.tgz |
| All # ls kof* |
| koffice-1.1.tgz |
| # pkg_add koffice-1.1.tgz kdenetwork-2.2.1.tgz # pkg_add kdegraphics* kdegames* kdetoys* |
You can test the installation by starting an xterm while in X Windows and typing startkde at the command prompt. This should start up kde for your personal configuration.
If KDE does not start up, then something is broken with the KDE install and you can refer to the /var/log/XFree86.0.log for further items to check that may be broken (missing) in your install.
[ref: Red Hat Linux Administrator's Handbook 2nd ed. Mohammed J. Kabir]
To allow user customisation, the startx script looks for system wide files and their corresponding version in the user home directory. If the user files are not found then the global version is used, otherwise the local user version is used. In this way, your users can have their own custom visual displays when they start up in X Window.
The global configuration files are xserverrc and xinitrc. The user custom versions are ~/.xserverrc and ~/.xinitrc
xserverrc or ~/.xserverrc contain details of which X servers to start, while
xinitrc or ~/.xinitrc contain details of which client applications are going to be run after the X Window system has started. When the script exits, the X server is also terminated.
Create a file : ~/.xinitrc to contain the following startup commands.
File: ~/.xinitrc
| #!/bin/sh /usr/local/bin/startkde |
After creating the above file, then you need to make the file executable by performing the following command as the user.
|
$ cd ~ $ chmod a+x .xinitrc |
Now, when the user starts X (by using startx) the user will be presented with KDE as their default GUI.
To set the environment so all desktops started with startx are kde, make changes to /usr/X11R6/lib/X11/xinit/xinitrc
The relevant lines are shown below.
File: xinitrc
| # start some nice programs xclock -geometry 50x50-1+1 & xconsole & xterm -geometry 80x24 & |
| # fvwm || xterm |
| /usr/local/bin/startkde |
The default X install supports can be started straight into X Windows by using the xdm display manager. The installation of KDE gives you an additional display manager kdm.
[ref: rc.conf(8), xdm(1)]
To automatically start the machine with the X environment, configuration changes are made in the /etc/rc.conf.local file
To enable the X manager to begin on startup, create or change options in Section 1 of the /etc/rc.conf.local file
Edit the File: /etc/rc.conf.local and add a line that reads as follows in Section 1:
| xdm_flags="" # note the use of two double-quotes |
The above setting will override the general settings in /etc/rc.conf which reads as follows:
| xdm_flags=NO |
When you restart your machine, xdm will start and greet you with a dialog prompt for your username and password.
You can obviously go straight to this display manager from the command prompt by typing in '/usr/X11R6/bin/xdm'
| # /usr/X11R6/bin/xdm |
The configuration files for xdm are stored in /etc/X11/xdm
One mail discussion recommends that you should use xdm_flags="-udpPort 0" to stop xdm from listening to the Network.
From the man pages xmd(1)
| -udpPort port_number Specifies the value for the DisplayManager.requestPort resource. This sets the port-number which xdm will monitor for XDMCP requests. As XDMCP uses the registered well-known UDP port 177, this resource should not be changed except for debugging. If set to 0 xdm will not listen for XDMCP or Chooser requests. |
[ref: rc.conf(8), kdm]
To enable the X manager to begin on startup, create or change options in Section 1 of the /etc/rc.conf.local file
Edit the File: /etc/rc.conf.local and add a line that reads as follows in Section 1:
| kdm_flags="" # note the use of two double-quotes |
Edit the file: /etc/rc.local and add the lines
|
echo -n 'starting local daemons:' # [ ... stuff left out ... ] |
|
if [ "X${kdm_flags}" != X"NO" ]; then
|
|
echo '.' |
When you restart your machine, kdm will start and greet you with a dialog prompt for your username and password.
You can obviously go straight to this display manager from the command prompt by typing in '/usr/local/bin/kdm'
| # /usr/local/bin/kdm |
[ref: kdmrc]
kdm can be configured by root in the KMenu :-> Preferences :-> System :-> Login Manager
The configuration files for xdm are stored in /usr/local/share/config/kdm/kdmrc
Aspects of the configuration file that are appropriate to change include:
Edit File ./kdmrc to include the following settings
| [Shutdown] HaltCmd=/sbin/halt -p RebootCmd=/sbin/reboot [X-*-Greeter] ... DefaultUser= ... MinShowUID=1000 ... LogoArea=Logo LogoPixmap=/usr/X11R6/lib/X11/xdm/pixmaps/OpenBSD_15bpp.xpm |
HaltCmd. I modified this to include "-p" because my laptop must be powered off by software (i think) and if it merely halts without powering down, then the power switch essentially puts the laptop into sleep mode.
MinShowUID=1000. Standard users (so far as I know) begin at 1000 so specifically putting this in prevents system userids like www etc. from showing on the dialog box.
LogoPixmap=?. Specifies the pixture to use with the startup/login screen. Being patriotic, I recommend the OpenBSD logo as specified in the above example.
[Ref: /etc/X11/xdm/Xsession]
kdm offers three options (at least) of window managers to launch for a selected user. To configure kdm so it correctly launches KDE from the selection menu, make the following changes to the file Xsession: Change the section in the Xsession file that reads:
Edit the file Xsession and update the lines that read
|
case $1 in esac |
To read as follows
|
case $1 in |
|
kde | default) |
|
esac |
When you start kdm you can now select either failsafe or kde and kdm will launch the selected desktop environment. The '| default' will set the default desktop to the KDE instructions.
As you can see, you can now modify the kdmrc file to include further GUI desktop selections for your users. Of course, you should have the GUI installed and tested before making modifications both in kdmrc & Xsession
Edit kdmrc to modify the below line
| SessionTypes=default,kde,failsafe, |
to read as follows
| SessionTypes=default,kde,failsafe,fvwm |
and obviously you will have to make some additions to the script shown above for Xsession. The following is one example.
| case $1 in failsafe) xterm -geometry 80x24-0-0 do_exit ;; kde | default) /usr/local/bin/startkde do_exit ;; |
| fvwm) xterm & xterm & fvwm do_exit ;; |
| esac |
The following is a sample VESA /etc/X11/XF86Config I used for my laptop. This configuration is nice in how it handles multiple pointer devices and has been used by other laptop owners with a different configuration than specified in the comments.
The configuration file works with my:
OpenBSD 3.0 w/ XFree86 4.1.0
Toshiba Satellite Pro 4600, 15 inch Super VGA
16MB Trident CyberBlade XP
Gateway Solo 9300 Pro
The only changes made in this file, from the original files by hme were to specify the OpenBSD specific port devices and keyboard type and the fact that OpenBSD's wsmouse device can handle two input devices simultaneously(?).
# $Id: x-windows4.htm,v 1.1.1.1 2002/06/10 02:09:58 samt Exp $
#
# XF86Config (XFree86 4.0.2) file for Toshiba Satellite Pro 4600.
#
# This is a Trident CyberBlade XP graphics card with 16 MByte memory.
# SVGA graphics is supported up to 1600x1200 @ 85 Hz.
# The LCD is a 15 inch 1024x768 TFT.
#
# The card is not recognised by the trident driver, and the vga driver
# gives only 320x200 pixels. So the generic vesa driver is used, which
# supports up to 1280x1024.
#
# This file is bascially created with xf86config for an unsupported VGA card.
# However, then the Driver was changed from "vga" to "vesa", the DefaultDepth
# from 8 bpp to 16 bpp, and the Modes list reduced to "1024x768" only.
#
# If you add a "1280x1024" mode at the end of the Modes line,
# you will have a 640x480 viewport on that size of screen, scrolled by
# mouse movement. If you put that mode in front of "1024x768" you will
# have a 1024x768 viewport on a 1280x1024 screen, but cannot scroll to
# the right or bottom edge.
#
# 24 bpp and 32 bpp do not work, I suspect the card does not support
# 24 bpp and the vesa driver does not support more than 24 bpp.
#
# This file is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
#
# (C) 2001 United Kingdom Astronomy Technology Centre.
# Horst Meyerdierks <hme over-at roe.ac.uk>.
# Some sections courtesy of Helmut Bluhm.
#
# 2001/03/03: Original version.
# 2001/03/04: Modified keyboard section, minor addition to mouse section.
# 2001/03/08: Minor tweaking of keyboard section.
# 2001/04/27: Remove references to pc101 in keyboard section,
# to make my UK keyboard work with Red Hat 7.1 XFree86 4.0.3.
# 2001/05/23: Dual mouse sections for simultaneous use of PS/2 and USB mice,
# also both with IMPS/2 and ZAxisMapping.
# 2001/06/01: Swap InputDevice lines in ServerLayout to initialise USB mouse
# last (after keyboard).
# 2001/12/12: /dev/wsmouse is adequate to pick up dual USB & Internal Pointer
# device wsmouse(4)(samt)
Section "Module"
Load "dbe" # Double buffer extension
SubSection "extmod"
Option "omit xfree86-dga" # don't initialise the DGA extension
EndSubSection
Load "type1"
Load "freetype"
EndSection
Section "Files"
RgbPath "/usr/X11R6/lib/X11/rgb"
FontPath "/usr/X11R6/lib/X11/fonts/local/"
FontPath "/usr/X11R6/lib/X11/fonts/misc/"
FontPath "/usr/X11R6/lib/X11/fonts/75dpi/:unscaled"
FontPath "/usr/X11R6/lib/X11/fonts/100dpi/:unscaled"
FontPath "/usr/X11R6/lib/X11/fonts/Type1/"
FontPath "/usr/X11R6/lib/X11/fonts/Speedo/"
FontPath "/usr/X11R6/lib/X11/fonts/75dpi/"
FontPath "/usr/X11R6/lib/X11/fonts/100dpi/"
FontPath "/usr/local/AbiSuite/fonts/"
EndSection
Section "ServerFlags"
EndSection
Section "InputDevice"
Identifier "Keyboard1"
Driver "Keyboard"
Option "AutoRepeat" "500 30"
Option "LeftAlt" "Meta"
Option "RightAlt" "Meta"
Option "ScrollLock" "Compose"
Option "RightCtl" "Control"
Option "XkbKeycodes" "xfree86"
Option "XkbTypes" "default"
Option "XkbCompat" "default"
Option "XkbRules" "xfree86"
Option "XkbLayout" "us"
EndSection
Section "InputDevice"
Identifier "Mouse"
Driver "mouse"
Option "Protocol" "wsmouse"
Option "Device" "/dev/wsmouse"
Option "Emulate3Buttons"
Option "Emulate3Timeout" "150"
Option "ZAxisMapping" "4 5"
EndSection
Section "Monitor"
Identifier "Tosh 4600 LCD"
HorizSync 31.5 - 82.0
VertRefresh 50-90
EndSection
Section "Device"
Identifier "Standard VGA"
VendorName "Unknown"
BoardName "Unknown"
# Chipset "generic"
Driver "vga"
# BusID "PCI:0:10:0"
# VideoRam 256
# Clocks 25.2 28.3
EndSection
Section "Device"
Identifier "Trident XP"
Driver "vesa"
# unsupported card
#VideoRam 16384
# Insert Clocks lines here if appropriate
EndSection
Section "Screen"
Identifier "Screen 1"
Device "Trident XP"
Monitor "Tosh 4600 LCD"
DefaultDepth 16
Subsection "Display"
Depth 8
Modes "1024x768"
ViewPort 0 0
EndSubsection
Subsection "Display"
Depth 16
Modes "1024x768"
ViewPort 0 0
EndSubsection
EndSection
Section "ServerLayout"
Identifier "Simple Layout"
Screen "Screen 1"
InputDevice "Mouse" "CorePointer"
InputDevice "Keyboard1" "CoreKeyboard"
EndSection
|
My apologies to the purist, I tried to maintain where I got the above information (some Toshiba site in Japan) but didn't do a good job of that so I do not have a link to the original source.
[ref XFree86(1)]
I have a machine that of OpenBSD 3.2 and XFree86 4.2.1, the video card was not directly supported so it was very hit and miss on how to set up X.
The direction I had to take was to manually run the XFree86 binary (/usr/X11R6/bin/XFree86) with the following option.
| -configure When this option is specified, the X server loads all video driver modules, probes for available hardware, and writes out an initial XF86Config(5) file based on what was detected. This option cur rently has some problems on some platforms, but in most cases it is a good way to bootstrap the con figuration process. This option is only available when the server is run as root (i.e, with real-uid 0). |
After running XFree86 -configure, the program stores the new configuration at
/root/XF86Config.new and you can test the configuration using:
| # XFree86 -xf86config /root/XF86Config.new |
This gives me the opportunity to fine-tune the configuration before installing it as my full config.
| -xf86config file Read the server configuration from file. This option will work for any file when the server is run as root (i.e, with real-uid 0), or for files relative to a directory in the config search path for all other users. |
The program will give me a working Screen and Video Card Device section which, again, can be finetuned.
Some addresses picked up on the misc@ mailing list.
Tutorial at IBM http://www-105.ibm.com/developerworks/education.nsf/linux-onlinecourse-bytitle/3100FF4795B3F31F86256AF70056FDB3?OpenDocument
Copyright (c) 2000/1/2 Samiuela LV Taufa. All Rights Reserved.
You are permitted and encouraged to use this guide for fun or for profit as you see fit. If you republish this work in what-ever form, it would be nice (though not enforceable) to be credited.
|
XF86 4.1 a pretty face on OpenBSD |
Copyright © 2000/1/2 NoMoa.COM All rights reserved.