XMANAGER 连接到REDHAT AS 5 需要修改的地方

最新推荐文章于 2021-05-12 19:21:07 发布

原创最新推荐文章于 2021-05-12 19:21:07 发布 · 128 阅读

0 ·

CC 4.0 BY-SA版权

文章标签：

#RedHat #Socket #Windows #Security

Unix & Linux 专栏收录该内容

8 篇文章

订阅专栏

本文介绍如何通过XManager连接RedHat AS5系统，并详细解释了必要的配置步骤，包括修改gdm配置文件、设置默认运行级别及允许Root用户远程登录等。

已经找不到出处了...

一、 XMANAGER 连接到 REDHAT AS 5 需要修改的地方。

rhel5 与 rhel4 不同的地方是， rhel5 裡没有 /etc/X11/gdm/ 这个目录， rhel5 的 gdm 的配置文件放在这裡 /usr/share/gdm/defaults.comf ，这一点可能是困扰大家的地方。

在 /usr/share/gdm/defaults.conf 裡确保有以下几句配置：

Enable=true
DisplaysPerHost=10
Port=177
在 /etc/inittab 裡把默认级别改為 5 ：
id:5:initdefault:

再在这个文件裡加一句：
x:5:respawn:/usr/bin/gdm

然后重啟系统。然后在 windows 系统上运行 xmanager2 裡的 Xbrowser 程序，在裡面新建一个 Xmanager Session ，在 Host 这裡输入 ip 地址，其它配置都不要改变（包括端口号），确定退出。然后双击这个 New Xmanager Session ，看到登录界面：

二、如果允许 Root 用户连接到 XMANAGER 需要修改以下内容：

# vi defaults.conf

[security]
# Allow root to login. It makes sense to turn this off for kiosk use, when
# you want to minimize the possibility of break in.
AllowRoot=true
# Allow login as root via XDMCP. This value will be overridden and set to
# false if the /etc/default/login file exists and contains
# "CONSOLE=/dev/login", and set to true if the /etc/default/login file exists
# and contains any other value or no value for CONSOLE.
AllowRemoteRoot=true
# This will allow remote timed login.
AllowRemoteAutoLogin=false
# 0 is the most restrictive, 1 allo

#vi /etc/securetty
......
tty2
tty3
tty4
tty5
tty6
tty7
tty8
tty9
tty10
tty11
pts/0
pts/1
pts/2
pts/3
pts/4

添加这一些。

# vi /etc/pam.d/login

#%PAM-1.0
#auth [user_unknown=ignore success=ok ignore=ignore default=bad] pam_securetty.so
auth       include      system-auth
account    required     pam_nologin.so
account    include      system-auth
password   include      system-auth
# pam_selinux.so close should be the first session rule
session    required     pam_selinux.so close
session    include      system-auth
session    required     pam_loginuid.so
session    optional     pam_console.so
# pam_selinux.so open should only be followed by sessions to be executed in the user context
session    required     pam_selinux.so open
session    optional     pam_keyinit.so force revoke
~

#vi /etc/pam.d/remote

#%PAM-1.0
#auth       required     pam_securetty.so
auth       include      system-auth
account    required     pam_nologin.so
account    include      system-auth
password   include      system-auth
# pam_selinux.so close should be the first session rule
session    required     pam_selinux.so close
session    include      system-auth
session    required     pam_loginuid.so
session    optional     pam_console.so
# pam_selinux.so open should only be followed by sessions to be executed in the user context
session    required     pam_selinux.so open
session    optional     pam_keyinit.so force revoke
~
~

#vi /etc/xinetd.d/telnet

# default: on
# description: The telnet server serves telnet sessions; it uses \
#       unencrypted username/password pairs for authentication.
service telnet
{
        flags           = REUSE
        socket_type     = stream
        wait            = no
        user            = root
        server          = /usr/sbin/in.telnetd
        log_on_failure += USERID
        disable         = no
}
~
~

~