You can control GDM behavior during runtime in several different ways. You can either run certain commands, or you can talk to GDM using either a unix socket protocol, or a FIFO protocol.
To stop GDM, you can either send the TERM signal to the main daemon or
run the gdm-stop command which is in the
<sbin>/
directory. To restart GDM, you can
either send the HUP signal to the main daemon or run the
gdm-restart command which is also in the
<sbin>/
directory. To restart GDM but only
after all the users have logged out, you can either send the USR1
signal to the main daemon or run the
gdm-safe-restart command which is in the
<sbin>/
directory as well.
The gdmflexiserver command can be used to start new flexible (on demand) displays if your system supports virtual terminals. This command will normally lock the current session with a screensaver so that the user can safely walk away from the computer and let someone else log in. If more that two flexible displays have started gdmflexiserver will display a pop-up dialog allowing the user to select which session to continue. The user will normally have to enter a password to return to the session. On session exit the system will return to the previous virtual terminal. Run gdmflexiserver --help to get a listing of possible options.
GDM also provides a FIFO called .gdmfifo
in the
ServAuthDir
directory
(usually <var>/gdm/.gdmfifo
). You must be
root to use this protocol, and it is mostly used for internal GDM
chatter. It is a very simple protocol where you just echo a command on
a single line to this file. It can be used to tell GDM things such as
restart, suspend the computer, or restart all X servers next time it has
a chance (which would be useful from an X configuration application).
Full and up to date documentation of the commands and their use is
contained in the GDM source tree in the file
daemon/gdm.h
. Look for the defines starting with
GDM_SOP_
. The commands which require the
pid of the slave as an argument are the ones that are really used for
internal communication of the slave with the master and should not be
used.
GDM provides a unix domain socket for communication at
/tmp/.gdm_socket
. Using this you can check if
GDM is running, the version of the daemon, the current displays that
are running and who is logged in on them, and if GDM supports it on
your operating system, also the virtual terminals of all the console
logins. The gdmflexiserver command uses this
protocol, for example, to launch flexible (on-demand) displays.
gdmflexiserver accepts the following commands with the --command option:
ADD_DYNAMIC_DISPLAY ALL_SERVERS ATTACHED_SERVERS AUTH_LOCAL CLOSE FLEXI_XNEST FLEXI_XNEST_USER FLEXI_XSERVER FLEXI_XSERVER_USER GET_CONFIG GET_CONFIG_FILE GET_CUSTOM_CONFIG_FILE GET_SERVER_LIST GET_SERVER_DETAILS GREETERPIDS QUERY_LOGOUT_ACTION QUERY_CUSTOM_CMD_LABELS QUERY_CUSTOM_CMD_NO_RESTART_STATUS QUERY_VT RELEASE_DYNAMIC_DISPLAYS REMOVE_DYNAMIC_DISPLAY SERVER_BUSY SET_LOGOUT_ACTION SET_SAFE_LOGOUT_ACTION SET_VT UPDATE_CONFIG VERSION
These are described in detail below, including required arguments, response format, and return codes.
ADD_DYNAMIC_DISPLAY: Create a new server definition that will run on the specified display leaving, it in DISPLAY_CONFIG state. Supported since: 2.8.0.0 Arguments: <display to run on>=<server> Where <server> is either a configuration named in the GDM configuration or a literal command name. Answers: OK <display> ERROR <err number> <english error description> 0 = Not implemented 2 = Existing display 3 = No server string 4 = Display startup failure 100 = Not authenticated 200 = Dynamic Displays not allowed 999 = Unknown error
ALL_SERVERS: List all displays, including console, remote, xnest. This can, for example, be useful to figure out if the display you are on is managed by the gdm daemon, by seeing if it is in the list. It is also somewhat like the 'w' command but for graphical sessions. Supported since: 2.4.2.96 Arguments: None Answers: OK <server>;<server>;... <server> is <display>,<logged in user> <logged in user> can be empty in case no one logged in yet ERROR <err number> <english error description> 0 = Not implemented 200 = Too many messages 999 = Unknown error
ATTACHED_SERVERS: List all attached displays. Doesn't list XDMCP and xnest non-attached displays. Note: This command used to be named CONSOLE_SERVERS, which is still recognized for backwards compatibility. The optional pattern argument is supported as of version 2.8.0.0. Supported since: 2.2.4.0 Arguments: <pattern> (optional) With no argument, all attached displays are returned. The optional <pattern> is a string that may contain glob characters '*', '?', and '[]'. Only displays that match the pattern will be returned. Answers: OK <server>;<server>;... <server> is <display>,<logged in user>,<vt or xnest display> <logged in user> can be empty in case no one logged in yet, and <vt> can be -1 if it's not known or not supported (on non-Linux for example). If the display is an xnest display and is a console one (that is, it is an xnest inside another console display) it is listed and instead of vt, it lists the parent display in standard form. ERROR <err number> <english error description> 0 = Not implemented 200 = Too many messages 999 = Unknown error
AUTH_LOCAL: Setup this connection as authenticated for FLEXI_SERVER. Because all full blown (non-nested) displays can be started only from users logged into attached displays, and here GDM assumes only users logged in from GDM. They must pass the xauth MIT-MAGIC-COOKIE-1 that they were passed before the connection is authenticated. Note: The AUTH LOCAL command requires the --authenticate option, although only FLEXI XSERVER uses this currently. Note: Since 2.6.0.6 you can also use a global <ServAuthDir>/.cookie, which works for all authentication except for SET_LOGOUT_ACTION and QUERY_LOGOUT_ACTION and SET_SAFE_LOGOUT_ACTION which require a logged in display. Supported since: 2.2.4.0 Arguments: <xauth cookie> <xauth cookie> is in hex form with no 0x prefix Answers: OK ERROR <err number> <english error description> 0 = Not implemented 100 = Not authenticated 200 = Too many messages 999 = Unknown error
FLEXI_XNEXT: Start a new flexible nested display. Note: Supported on older version from 2.2.4.0, later 2.2.4.2, but since 2.3.90.4 you must supply 4 arguments or ERROR 100 will be returned. This will start the nested X server command using the XAUTHORITY file supplied and as the uid same as the owner of that file (and same as you supply). You must also supply the cookie as the third argument for this display, to prove that you indeed are this user. Also this file must be readable ONLY by this user, that is have a mode of 0600. If this all is not met, ERROR 100 is returned. Note: The cookie should be the MIT-MAGIC-COOKIE-1, the first one GDM can find in the XAUTHORITY file for this display. If that's not what you use you should generate one first. The cookie should be in hex form. Supported since: 2.3.90.4 Arguments: <display to run on> <uid of requesting user> <xauth cookie for the display> <xauth file> Answers: OK <display> ERROR <err number> <english error description> 0 = Not implemented 1 = No more flexi servers 2 = Startup errors 3 = X failed 4 = X too busy 5 = Xnest can't connect 6 = No server binary 100 = Not authenticated 200 = Too many messages 999 = Unknown error
FLEXI_XNEST_USER: Start a new flexible nested display and initialize the greeter with the given username. Note: This is a variant of the FLEXI_XNEST command. Note: The cookie should be the MIT-MAGIC-COOKIE-1, the first one GDM can find in the XAUTHORITY file for this display. If that's not what you use you should generate one first. The cookie should be in hex form. Supported since: 2.17.7 Arguments: <username> <display to run on> <uid of requesting user> <xauth cookie for the display> <xauth file> Answers: OK <display> ERROR <err number> <english error description> 0 = Not implemented 1 = No more flexi servers 2 = Startup errors 3 = X failed 4 = X too busy 5 = Xnest can't connect 6 = No server binary 100 = Not authenticated 200 = Too many messages 999 = Unknown error
FLEXI_XSERVER: Start a new X flexible display. Only supported on connection that passed AUTH_LOCAL Supported since: 2.2.4.0 Arguments: <xserver type> If no arguments, starts the standard X server Answers: OK <display> ERROR <err number> <english error description> 0 = Not implemented 1 = No more flexi servers 2 = Startup errors 3 = X failed 4 = X too busy 6 = No server binary 100 = Not authenticated 200 = Too many messages 999 = Unknown error
FLEXI_XSERVER_USER: Start a new X flexible display and initialize the greeter with the given username. Only supported on connection that passed AUTH_LOCAL Supported since: 2.17.7 Arguments: <username> <xserver type> If no server type specified, starts the standard X server Answers: OK <display> ERROR <err number> <english error description> 0 = Not implemented 1 = No more flexi servers 2 = Startup errors 3 = X failed 4 = X too busy 6 = No server binary 100 = Not authenticated 200 = Too many messages 999 = Unknown error
GET_CONFIG: Get configuration value for key. Useful so that other applications can request configuration information from GDM. Any key defined as GDM_KEY_* in gdm-daemon-config-keys.h is supported. Starting with version 2.13.0.2, translated keys (such as "greeter/GdmWelcome[cs]" are supported via GET_CONFIG. Also starting with version 2.13.0.2 it is no longer necessary to include the default value (i.e. you can use key "greeter/IncludeAll" instead of having to use "greeter/IncludeAll=false". Supported since: 2.6.0.9 Arguments: <key> Answers: OK <value> ERROR <err number> <english error description> 0 = Not implemented 50 = Unsupported key 200 = Too many messages 999 = Unknown error
GET_CONFIG_FILE: Get config file location being used by the daemon. If the GDM daemon was started with the --config option, it will return the value passed in via the argument. Supported since: 2.8.0.2 Arguments: None Answers: OK <full path to GDM configuration file> ERROR <err number> <english error description> 0 = Not implemented 200 = Too many messages 999 = Unknown error
GET_CUSTOM_CONFIG_FILE: Get custom config file location being used by the daemon. Supported since: 2.14.0.0 Arguments: None Answers: OK <full path to GDM custom configuration file> ERROR <err number> <english error description> 0 = Not implemented 1 = File not found 200 = Too many messages 999 = Unknown error
GET_SERVER_DETAILS: Get detail information for a specific server. Supported since: 2.13.0.4 Arguments: <server> <key> Key values include: NAME - Returns the server name COMMAND - Returns the server command FLEXIBLE - Returns "true" if flexible, "false" otherwise CHOOSABLE - Returns "true" if choosable, "false" otherwise HANDLED - Returns "true" if handled, "false" otherwise CHOOSER - Returns "true" if chooser, "false" otherwise PRIORITY - Returns process priority Answers: OK <value> ERROR <err number> <english error description> 0 = Not implemented 1 = Server not found 2 = Key not valid 50 = Unsupported key 200 = Too many messages 999 = Unknown error
GET_SERVER_LIST: Get a list of the server sections from the configuration file. Supported since: 2.13.0.4 Arguments: None Answers: OK <value>;<value>;... ERROR <err number> <english error description> 0 = Not implemented 1 = No servers found 200 = Too many messages 999 = Unknown error
GREETERPIDS: List all greeter pids so that one can send HUP to them for config rereading. Of course one must be root to do that. Supported since: 2.3.90.2 Arguments: None Answers: OK <pid>;<pid>;... ERROR <err number> <english error description> 0 = Not implemented 200 = Too many messages 999 = Unknown error
QUERY_LOGOUT_ACTION: Query which logout actions are possible Only supported on connections that passed AUTH_LOCAL. Supported since: 2.5.90.0 Answers: OK <action>;<action>;... Where action is one of HALT, REBOOT, SUSPEND or CUSTOM_CMD[0-9]. An empty list can also be returned if no action is possible. A '!' is appended to an action if it was already set with SET_LOGOUT_ACTION or SET_SAFE_LOGOUT_ACTION. Note that SET_LOGOUT_ACTION has precedence over SET_SAFE_LOGOUT_ACTION. ERROR <err number> <english error description> 0 = Not implemented 100 = Not authenticated 200 = Too many messages 999 = Unknown error
QUERY_CUSTOM_CMD_LABELS: Query labels belonging to exported custom commands Only supported on connections that passed AUTH_LOCAL. Supported since: 2.5.90.0 Answers: OK <label1>;<label2>;... Where labelX is one of the labels belonging to CUSTOM_CMDX (where X in [0,GDM_CUSTOM_COMMAND_MAX)). An empty list can also be returned if none of the custom commands are exported outside login manager (no CustomCommandIsPersistent options are set to true). ERROR <err number> <english error description> 0 = Not implemented 100 = Not authenticated 200 = Too many messages 999 = Unknown error
QUERY_CUSTOM_CMD_NO_RESTART_STATUS: Query NoRestart config options for each of custom commands Only supported on connections that passed AUTH_LOCAL. Supported since: 2.5.90.0 Answers: OK <status> Where each bit of the status represents NoRestart value for each of the custom commands. bit on (1): NoRestart = true, bit off (0): NoRestart = false. ERROR <err number> <english error description> 0 = Not implemented 100 = Not authenticated 200 = Too many messages 999 = Unknown error
QUERY_VT: Ask the daemon about which VT we are currently on. This is useful for logins which don't own /dev/console but are still console logins. Only supported on Linux currently, other places will just get ERROR 8. This is also the way to query if VT support is available in the daemon in the first place. Only supported on connections that passed AUTH_LOCAL. Supported since: 2.5.90.0 Arguments: None Answers: OK <vt number> ERROR <err number> <english error description> 0 = Not implemented 8 = Virtual terminals not supported 100 = Not authenticated 200 = Too many messages 999 = Unknown error
RELEASE_DYNAMIC_DISPLAYS: Release dynamic displays currently in DISPLAY_CONFIG state Supported since: 2.8.0.0 Arguments: <display to release> Answers: OK <display> ERROR <err number> <english error description> 0 = Not implemented 1 = Bad display number 100 = Not authenticated 200 = Dynamic Displays not allowed 999 = Unknown error
REMOVE_DYNAMIC_DISPLAY: Remove a dynamic display, killing the server and purging the display configuration Supported since: 2.8.0.0 Arguments: <display to remove> Answers: OK <display> ERROR <err number> <english error description> 0 = Not implemented 1 = Bad display number 100 = Not authenticated 200 = Dynamic Displays not allowed 999 = Unknown error
SERVER_BUSY: Returns true if half or more of the daemon's sockets are busy, false otherwise. Used by slave programs which want to ensure they do not overwhelm the sever. Supported since: 2.13.0.8 Arguments: None Answers: OK <value> ERROR <err number> <english error description> 0 = Not implemented 200 = Too many messages 999 = Unknown error
SET_LOGOUT_ACTION: Tell the daemon to halt/restart/suspend after slave process exits. Only supported on connections that passed AUTH_LOCAL. Supported since: 2.5.90.0 Arguments: <action> NONE Set exit action to 'none' HALT Set exit action to 'halt' REBOOT Set exit action to 'reboot' SUSPEND Set exit action to 'suspend' CUSTOM_CMD[0-9] Set exit action to 'custom command [0-9]' Answers: OK ERROR <err number> <english error description> 0 = Not implemented 7 = Unknown logout action, or not available 100 = Not authenticated 200 = Too many messages 999 = Unknown error
SET_SAFE_LOGOUT_ACTION: Tell the daemon to halt/restart/suspend after everybody logs out. If only one person logs out, then this is obviously the same as the SET_LOGOUT_ACTION. Note that SET_LOGOUT_ACTION has precedence over SET_SAFE_LOGOUT_ACTION if it is set to something other then NONE. If no one is logged in, then the action takes effect effect immediately. Only supported on connections that passed AUTH_LOCAL. Supported since: 2.5.90.0 Arguments: <action> NONE Set exit action to 'none' HALT Set exit action to 'halt' REBOOT Set exit action to 'reboot' SUSPEND Set exit action to 'suspend' CUSTOM_CMD[0-9] Set exit action to 'custom command [0-9]' Answers: OK ERROR <err number> <english error description> 0 = Not implemented 7 = Unknown logout action, or not available 100 = Not authenticated 200 = Too many messages 999 = Unknown error
SET_VT: Change to the specified virtual terminal. This is useful for logins which don't own /dev/console but are still console logins. Only supported on Linux currently, other places will just get ERROR 8. Only supported on connections that passed AUTH_LOCAL. Supported since: 2.5.90.0 Arguments: <vt> Answers: OK ERROR <err number> <english error description> 0 = Not implemented 8 = Virtual terminals not supported 9 = Invalid virtual terminal number 100 = Not authenticated 200 = Too many messages 999 = Unknown error
UPDATE_CONFIG: Tell the daemon to re-read a key from the GDM configuration file. Any user can request that values are re-read but the daemon will only do so if the file has been modified since GDM first read the file. Only users who can change the GDM configuration file (normally writable only by the root user) can actually modify the GDM configuration. This command is useful to cause the GDM to update itself to recognize a change made to the GDM configuration file by the root user. Starting with version 2.13.0.0, all GDM keys are supported except for the following: daemon/PidFile daemon/ConsoleNotify daemon/User daemon/Group daemon/LogDir daemon/ServAuthDir daemon/UserAuthDir daemon/UserAuthFile daemon/UserAuthFBDir GDM also supports the following Psuedokeys: xdmcp/PARAMETERS (2.3.90.2) updates the following: xdmcp/MaxPending xdmcp/MaxSessions xdmcp/MaxWait xdmcp/DisplaysPerHost xdmcp/HonorIndirect xdmcp/MaxPendingIndirect xdmcp/MaxWaitIndirect xdmcp/PingIntervalSeconds (only affects new connections) xservers/PARAMETERS (2.13.0.4) updates the following: all [server-foo] sections. Supported keys for previous versions of GDM: security/AllowRoot (2.3.90.2) security/AllowRemoteRoot (2.3.90.2) security/AllowRemoteAutoLogin (2.3.90.2) security/RetryDelay (2.3.90.2) security/DisallowTCP (2.4.2.0) daemon/Greeter (2.3.90.2) daemon/RemoteGreeter (2.3.90.2) xdmcp/Enable (2.3.90.2) xdmcp/Port (2.3.90.2) daemon/TimedLogin (2.3.90.3) daemon/TimedLoginEnable (2.3.90.3) daemon/TimedLoginDelay (2.3.90.3) greeter/SystemMenu (2.3.90.3) greeter/ConfigAvailable (2.3.90.3) greeter/ChooserButton (2.4.2.0) greeter/SoundOnLoginFile (2.5.90.0) daemon/AddGtkModules (2.5.90.0) daemon/GtkModulesList (2.5.90.0) Supported since: 2.3.90.2 Arguments: <key> <key> is just the base part of the key such as "security/AllowRemoteRoot" Answers: OK ERROR <err number> <english error description> 0 = Not implemented 50 = Unsupported key 200 = Too many messages 999 = Unknown error