X2Go - everywhere@home

User Tools

Site Tools

Trace:
doc:howto:tce

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
doc:howto:tce [2025/05/01 19:04]
stefanbaur [What options are available under FURTHER-OPTIONS-GO-HERE?] added launchicon parameter explanation 		doc:howto:tce [2025/05/05 09:32] (current)
stefanbaur [What options are available under FURTHER-OPTIONS-GO-HERE?] added liveboot_params description
Line 1075: Line 1075:
  
 === These are entirely optional === === These are entirely optional ===
 +  * ''allowedapps=app1[,app2[,app3[,...,appn]'' - a comma-separated list of applications that should be shown in the start button menu and on the task bar. Obviously, these apps need to be included in the image - apps that are not installed will be skipped. If this parameter isn't specified, it will default to ''x2goclient,firefox,firefox-esr,debian-uxterm''. Other apps you might want to add to the list are: ''chromium,debian-xterm,x5250,x3270''. Note that in case of x3270 and x5250, all sessions listed in the ''x3270servers=''/''x5250servers='' parameters will be added to the start menu and task bar. (As of 2025-05-01, only available in openbox-microdesktop-bookworm on gitlab.com/bauritcs)
   * ''audioout=list'' / ''audioout="alsa_card.something|output:something"'' - use this to list all available audio outputs / select a particular audio output. Note that when selecting one, the parameter consists of two values (as displayed in the output on /dev/tty8 when specifying ''list'') that need to be separated with a ''|'', and the set of the two values needs to be enclosed in double quotes. Do //not// enclose each value in double quotes separately! Correct example: ''audioout="alsa_card.pci-0000_00_1b.0|output:hdmi-stereo"''   * ''audioout=list'' / ''audioout="alsa_card.something|output:something"'' - use this to list all available audio outputs / select a particular audio output. Note that when selecting one, the parameter consists of two values (as displayed in the output on /dev/tty8 when specifying ''list'') that need to be separated with a ''|'', and the set of the two values needs to be enclosed in double quotes. Do //not// enclose each value in double quotes separately! Correct example: ''audioout="alsa_card.pci-0000_00_1b.0|output:hdmi-stereo"''
 +  * ''autostartapps=app1[,app2[,app3[,...,appn]'' - a comma-separated list of applications that should be shown in the start button menu and on the task bar. Obviously, these apps need to be included in the image - apps that are not installed will be skipped. If this parameter isn't specified, it will default to an empty string - note that X2GoClient will be started automatically anyway. Other apps you might want to add to the list are: ''chromium,debian-xterm,x5250,x3270''. Note that in case of x3270 and x5250, all sessions listed in the ''x3270servers=''/''x5250servers='' parameters will be autostarted. If the ''x3270servers=''/''x5250servers='' parameter is left empty, x3270/x5250 will start in offline mode with no sessions configured. (As of 2025-05-01, only available in openbox-microdesktop-bookworm on gitlab.com/bauritcs)
   * ''bg=https|http|ftp://your-http-server-ip-or-dns-here/x2go-tce/x2go-tce-bg.svg'' - use this to specify an SVG file to "brand" your X2Go-TCE with. It will replace the blue background theme of the login screen. See below for how to add this file to your HTTP, HTTPS, or FTP server.  **Attention: Whoever manages to spoof the server name can inject rogue images into your ThinClients.** To mitigate this risk, use HTTPS, where the attacker would have to spoof both server name and matching certificate.   * ''bg=https|http|ftp://your-http-server-ip-or-dns-here/x2go-tce/x2go-tce-bg.svg'' - use this to specify an SVG file to "brand" your X2Go-TCE with. It will replace the blue background theme of the login screen. See below for how to add this file to your HTTP, HTTPS, or FTP server.  **Attention: Whoever manages to spoof the server name can inject rogue images into your ThinClients.** To mitigate this risk, use HTTPS, where the attacker would have to spoof both server name and matching certificate.
   * ''blank=n|n:n:n'' - Will disable (''blank=0'') or set screensaver timeout. Use ''blank=n:n:n'' to set DPMS Standby/Suspend/Off values. Standby value equals screensaver timeout value. All values are given in seconds.   * ''blank=n|n:n:n'' - Will disable (''blank=0'') or set screensaver timeout. Use ''blank=n:n:n'' to set DPMS Standby/Suspend/Off values. Standby value equals screensaver timeout value. All values are given in seconds.
Line 1091: Line 1093:
   * ''ldap1=ldap-backupserver-1.example.com:389'' - this allows you to specify the first of up to two LDAP backup servers when using LDAP authentication   * ''ldap1=ldap-backupserver-1.example.com:389'' - this allows you to specify the first of up to two LDAP backup servers when using LDAP authentication
   * ''ldap2=ldap-backupserver-2.example.com:389'' - this allows you to specify the second of up to two LDAP backup servers when using LDAP authentication    * ''ldap2=ldap-backupserver-2.example.com:389'' - this allows you to specify the second of up to two LDAP backup servers when using LDAP authentication 
 +  * ''liveboot_params=https|http|ftp://your-http-server-ip-or-dns-here/x2go-tce/liveboot_params'' - this is an __experimental__ feature that allows you to put all boot parameters not used by the kernel, but by the userspace programs, into a configuration file. This file may be a single-line file, or list all parameters as ''name=value'' pairs, each pair on a separate line, for improved readability. You can either save it as includes.chroot/boot/liveboot_params, or offer it for download via this parameter. The local file will always take precedence over an URL. Be sure to keep essential parameters like ''nouser'' and ''noroot'' in the local boot parameters, rather than in the remote file, or bad things may happen! (As of 2025-05-04, only available in openbox-microdesktop-bookworm on gitlab.com/bauritcs)
 +  * ''lprdest=host[:port]'' - this activeates a stub bash script posing as lpr - it will attempt to blindly forward all data passed on STDIN to the host and port specified here. If no port is given, port 9100 is assumed. You can combine this with ''tcpprint'' and point it at 127.0.0.1:9100, but this will only work if your printer is able to understand the raw data - no processing is taking place on the client. If you need some form of processing, point this at a network print server instead. (As of 2025-05-04, only available in openbox-microdesktop-bookworm on gitlab.com/bauritcs)
   * ''nodpms'' - Will not touch DPMS settings at all (by default, ''blank=0'' does both ''xset s off'' and ''xset -dpms''). Use this along with ''blank=n'' if you do want to blank the screen, but your screen is confused by DPMS settings.   * ''nodpms'' - Will not touch DPMS settings at all (by default, ''blank=0'' does both ''xset s off'' and ''xset -dpms''). Use this along with ''blank=n'' if you do want to blank the screen, but your screen is confused by DPMS settings.
   * ''nomagicpixel=1'' or ''nomagicpixel=2'' - you should set ''nomagicpixel=1'' while the "magic pixel" (clicking in the upper right corner of the screen will minimize a fullscreen session) is still active in thinclient mode (this feature is expected to be disabled at some point in the future). ''nomagicpixel=1'' will disable the window manager when exactly 3 windows are detected (that's the usual situation when a fullscreen session is active). It will re-enable openbox whenever more or less than 3 windows are detected. If this fails for you, you can try ''nomagicpixel=2'', which will try to trigger on the window-minimize command and restore it to fullscreen (this will cause a short screen flickering effect). Note that ''nomagicpixel=2'' will make your ThinClient unusable when trying to run the actual X2Go-TCE client as a virtual machine guest (the //X2GoServer// you connect to may be a VM guest, no problems there). To live with the magic pixel bug, simply do not add this option at all.   * ''nomagicpixel=1'' or ''nomagicpixel=2'' - you should set ''nomagicpixel=1'' while the "magic pixel" (clicking in the upper right corner of the screen will minimize a fullscreen session) is still active in thinclient mode (this feature is expected to be disabled at some point in the future). ''nomagicpixel=1'' will disable the window manager when exactly 3 windows are detected (that's the usual situation when a fullscreen session is active). It will re-enable openbox whenever more or less than 3 windows are detected. If this fails for you, you can try ''nomagicpixel=2'', which will try to trigger on the window-minimize command and restore it to fullscreen (this will cause a short screen flickering effect). Note that ''nomagicpixel=2'' will make your ThinClient unusable when trying to run the actual X2Go-TCE client as a virtual machine guest (the //X2GoServer// you connect to may be a VM guest, no problems there). To live with the magic pixel bug, simply do not add this option at all.
   * ''ntp="server1 server2 ... servern"'' - this allows you to specify your own NTP server.  If this parameter is not used, time will be synced with standard Debian NTP servers.  To disable NTP syncing entirely, use ''ntp=false''   * ''ntp="server1 server2 ... servern"'' - this allows you to specify your own NTP server.  If this parameter is not used, time will be synced with standard Debian NTP servers.  To disable NTP syncing entirely, use ''ntp=false''
 +  * ''openboxbuttons=Text1,Text2,Text3'' - This will change the default "Logout,Reboot,Shutdown" entries in the Openbox-MicroDesktop flavor's launcher menu to whatever you define here. Try ''Abmelden,Neustart,Herunterfahren'' for German, or ''Déconnecter,Redémarrer,Arrêter'' for French. (As of 2025-05-04, only available in openbox-microdesktop-bookworm on gitlab.com/bauritcs)
   * ''pavol=[n:]volume%[|[n:]volume% ...]'' - Allows you to set default volume levels for one or more audio output devices. ''pavol=50%'' will set the default audio output device (#0) to 50%. ''pavol=1:99%'' will set audio output device #1 to 99%. ''pavol="0:50%|1:99%"'' will set audio output device #0 to 50%, and audio output device #1 to 99%. Note that this opion only makes sense in MATE-MiniDesktop mode, as regular TCE sessions get their volume levels restored from the host they connect to.   * ''pavol=[n:]volume%[|[n:]volume% ...]'' - Allows you to set default volume levels for one or more audio output devices. ''pavol=50%'' will set the default audio output device (#0) to 50%. ''pavol=1:99%'' will set audio output device #1 to 99%. ''pavol="0:50%|1:99%"'' will set audio output device #0 to 50%, and audio output device #1 to 99%. Note that this opion only makes sense in MATE-MiniDesktop mode, as regular TCE sessions get their volume levels restored from the host they connect to.
   * ''pubkey=tftp|http|https|ftp://your-http-server-ip-or-dns-here/x2go-tce/x2go-tce.authorized_keys'' - Allows you to add an ssh public key file to the ThinClient, so your administrators can log in remotely using SSH. Note that this file needs to be chmodded 644, not 600, on the web server.  **Attention: Whoever manages to spoof this server name will have root access to your ThinClients.** Using HTTPS will mitigate this - an attacker would not only have to spoof the server name, but also the matching certificate.   * ''pubkey=tftp|http|https|ftp://your-http-server-ip-or-dns-here/x2go-tce/x2go-tce.authorized_keys'' - Allows you to add an ssh public key file to the ThinClient, so your administrators can log in remotely using SSH. Note that this file needs to be chmodded 644, not 600, on the web server.  **Attention: Whoever manages to spoof this server name will have root access to your ThinClients.** Using HTTPS will mitigate this - an attacker would not only have to spoof the server name, but also the matching certificate.
   *  ''session=sessionname'' - use this to specify a session by name that should be pre-selected on startup. The name must be listed in the sessions file and may only contain characters from the following charset: //a-zA-Z0-9.:/ _-// (We suggest naming the default session ''default'' and using ''session=default''.) When using a session name with blanks, please enclose the sessionname in either single or double quotes, like so: ''session="session name"'' / ''session='session name'''   *  ''session=sessionname'' - use this to specify a session by name that should be pre-selected on startup. The name must be listed in the sessions file and may only contain characters from the following charset: //a-zA-Z0-9.:/ _-// (We suggest naming the default session ''default'' and using ''session=default''.) When using a session name with blanks, please enclose the sessionname in either single or double quotes, like so: ''session="session name"'' / ''session='session name'''
 +  * ''showbattstate'' - show battery charge/pop up a warning message when battery charge is nearing its end (As of 2025-04-21, only available in openbox-microdesktop-bookworm on gitlab.com/bauritcs)
 +  * ''startupmsg="Your startup message here"'' - This will change the message text in the Openbox-MicroDesktop flavor's autostart popup to whatever you define here. Try ''System startet, bitte warten ...'' for German, or ''Démarrage du système en cours, un instant s'il vous plaît ...'' for French. (As of 2025-05-04, only available in openbox-microdesktop-bookworm on gitlab.com/bauritcs)
   * ''tcedebug'' - this switches X2GoClient into debug mode and will also lead to increased logging to /var/log/x2goclient and to tty9   * ''tcedebug'' - this switches X2GoClient into debug mode and will also lead to increased logging to /var/log/x2goclient and to tty9
   * ''tcpprint'' - Will allow you to use local LPT/USB printers like "dumb" network printers (listening to port 9100 and above). Requires MAC->IP mapping in DHCP server (and optionally, DNS->IP mapping), or static IPs - else your print jobs will end up on random devices. This setup is preferred over the X2GoClient's built-in printing for locally attached printers if X2GoServer and ThinClients are on the same network. It is not recommended when your X2Go connection goes across the internet or when the ThinClient is actually a laptop roaming between different networks. **Attention: When used without ''tcpprintonlyfrom'' (see below), this means anyone that can reach your thin client via e.g. ping can also send print jobs to it!**     * ''tcpprint'' - Will allow you to use local LPT/USB printers like "dumb" network printers (listening to port 9100 and above). Requires MAC->IP mapping in DHCP server (and optionally, DNS->IP mapping), or static IPs - else your print jobs will end up on random devices. This setup is preferred over the X2GoClient's built-in printing for locally attached printers if X2GoServer and ThinClients are on the same network. It is not recommended when your X2Go connection goes across the internet or when the ThinClient is actually a laptop roaming between different networks. **Attention: When used without ''tcpprintonlyfrom'' (see below), this means anyone that can reach your thin client via e.g. ping can also send print jobs to it!**  
doc/howto/tce.1746126252.txt.gz · Last modified: 2025/05/01 19:04 by stefanbaur

Page Tools

Imprint & Legal Disclaimer - Data Protection & Privacy Statement
Except where otherwise noted, content on this wiki is licensed under the following license: GNU Free Documentation License 1.3
GNU Free Documentation License 1.3 Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki