netbsd-users: Re: Re: xdm on machine w/o screen/keyboard/mouse

Subject: Re: Re: xdm on machine w/o screen/keyboard/mouse
To: John Nemeth <jnemeth@victoria.tc.ca>
From: Joel CARNAT <joel@carnat.net>
List: netbsd-users
Date: 05/01/2005 11:27:05
--0OAP2g/MAC+5xKAE
Content-Type: text/plain; charset=iso-8859-15
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Sat, Apr 30 2005 - 12:30, John Nemeth wrote:
> On Sep 19,  4:28pm, Joel CARNAT wrote:
> }=20
> } I decided to try to connect to my firewall using xdm/Xnest.
>=20
>      I advise against this.  A machine acting as a firewall should be a
> dedicated machine.  It should have no unnecessary services running, and
> xdm is not required for a firewall to operate.  If you're going to run
> a whole bunch of services on it and have users, then you should realise
> that it is really a general purpose sever and will be less secure then
> a true firewall.
>=20

 yes I know that ;)
 but this FW is just my HOME server.

> } My FW has no screen, no keyboard, no mouse connected.
> } I boot it with serial console enabled.
> }=20
> } I used "XFree86 -configure" to set XF86Config.
>=20
>      This is strictly for configuring the XFree86 X server.  You're not
> interested in an X server, so ignore both XFree86 and XF86Config.
>=20

 ah... this means that you don't need VGA support to start xdm so...
 I'm thinking of running xdm the same way on SUN Ultra5 (where ATI
 support is only in -current yet).

>      You need to configure xdm.  You will find the config files for it
> in either /etc/X11/xdm or /usr/X11R6/lib/X11/xdm.  There are several
> files you need to modify.  First, you need to modify Xaccess to specify
> which X terminals are allowed to use your xdm (see the comments in the
> file).  Then, you need to comment out the line in Xservers that tells
> it to start a server on the console (it should be the last line).
> Finally, you need to comment the line in xdm-config that says,
> "DisplayManager.requestPort:      0" (should be the last line) in order
> to allow xdm to listen to the network.
>=20

 OK, done all that plus a few things (FW rules update, reverse DNS update,
 chmod on /usr/X11R6/lib/X11/xdm/Xwilling) and it now works :)

 thanks a lot !

> }-- End of excerpt from Joel CARNAT

--=20
,- This mail runs ------.
`--------- NetBSD/i386 -'

--0OAP2g/MAC+5xKAE
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (NetBSD)

iD8DBQFCdKDo0/VH7L7F7Y4RAnBbAJ9p/pg+WJN75LO+Sm3+hixgHcvH8wCghpRK
91/eaK5ajOxhza3HBEYUxos=
=0Qm4
-----END PGP SIGNATURE-----

--0OAP2g/MAC+5xKAE--