100 lines
3.5 KiB
Bash
Executable file
100 lines
3.5 KiB
Bash
Executable file
#!/bin/bash
|
|
|
|
#
|
|
# This script is for Arch Linux to configure XRDP for enhanced session mode
|
|
#
|
|
# The configuration is adapted from the Ubuntu 16.04 script.
|
|
#
|
|
# Script adapted from https://github.com/microsoft/linux-vm-tools
|
|
#
|
|
|
|
if [ "$(id -u)" -ne 0 ]; then
|
|
echo 'This script must be run with root privileges' >&2
|
|
exit 1
|
|
fi
|
|
|
|
# Use Qi to check for exact package name
|
|
if ! pacman -Qi xrdp > /dev/null ; then
|
|
echo 'xrdp not installed. Installing now...' >&2
|
|
sudo pacman -Syu --needed --noconfirm base base-devel git
|
|
sudo yay -Syu xrdp-git --noconfirm
|
|
fi
|
|
|
|
# Use Qs to allow xorgxrdp-devel-git
|
|
if ! pacman -Qs xorgxrdp > /dev/null ; then
|
|
echo 'xorgxrdp not installed. Installing now...' >&2
|
|
sudo pacman -Syu --needed --noconfirm base base-devel git
|
|
yay -Syu xorgxrdp-git --noconfirm
|
|
fi
|
|
|
|
###############################################################################
|
|
# Configure XRDP
|
|
#
|
|
systemctl enable xrdp
|
|
systemctl enable xrdp-sesman
|
|
|
|
# Configure the installed XRDP ini files.
|
|
# use rdp security.
|
|
sed -i_orig -e 's/security_layer=negotiate/security_layer=rdp/g' /etc/xrdp/xrdp.ini
|
|
# remove encryption validation.
|
|
sed -i_orig -e 's/crypt_level=high/crypt_level=none/g' /etc/xrdp/xrdp.ini
|
|
# disable bitmap compression since its local its much faster
|
|
sed -i_orig -e 's/bitmap_compression=true/bitmap_compression=false/g' /etc/xrdp/xrdp.ini
|
|
#
|
|
# sed -n -e 's/max_bpp=32/max_bpp=24/g' /etc/xrdp/xrdp.ini
|
|
|
|
# use the default lightdm x display
|
|
# sed -i_orig -e 's/X11DisplayOffset=10/X11DisplayOffset=0/g' /etc/xrdp/sesman.ini
|
|
# rename the redirected drives to 'shared-drives'
|
|
sed -i_orig -e 's/FuseMountName=thinclient_drives/FuseMountName=shared-drives/g' /etc/xrdp/sesman.ini
|
|
|
|
# Change the allowed_users
|
|
echo "allowed_users=anybody" > /etc/X11/Xwrapper.config
|
|
|
|
|
|
#Ensure hv_sock gets loaded
|
|
if [ ! -e /etc/modules-load.d/hv_sock.conf ]; then
|
|
echo "hv_sock" > /etc/modules-load.d/hv_sock.conf
|
|
fi
|
|
|
|
# Configure the policy xrdp session
|
|
cat > /etc/polkit-1/rules.d/02-allow-colord.rules <<EOF
|
|
polkit.addRule(function(action, subject) {
|
|
if ((action.id == "org.freedesktop.color-manager.create-device" ||
|
|
action.id == "org.freedesktop.color-manager.modify-profile" ||
|
|
action.id == "org.freedesktop.color-manager.delete-device" ||
|
|
action.id == "org.freedesktop.color-manager.create-profile" ||
|
|
action.id == "org.freedesktop.color-manager.modify-profile" ||
|
|
action.id == "org.freedesktop.color-manager.delete-profile") &&
|
|
subject.isInGroup("users"))
|
|
{
|
|
return polkit.Result.YES;
|
|
}
|
|
});
|
|
EOF
|
|
|
|
# Adapt the xrdp pam config
|
|
cat > /etc/pam.d/xrdp-sesman <<EOF
|
|
#%PAM-1.0
|
|
auth include system-remote-login
|
|
account include system-remote-login
|
|
password include system-remote-login
|
|
session include system-remote-login
|
|
EOF
|
|
|
|
|
|
###############################################################################
|
|
# .xinitrc has to be modified manually.
|
|
#
|
|
echo "You will have to configure .xinitrc to start your windows manager, see https://wiki.archlinux.org/index.php/Xinit"
|
|
echo "Basic configuration:"
|
|
echo "$ cp /etc/X11/xinit/xinitrc ~/.xinitrc"
|
|
echo "~/.xinitrc (comment or delete the default cmd twm, xclock and xterm and add your DE start cmd)"
|
|
echo "#twm &"
|
|
echo "#xclock -geometry 50x50-1+1 &"
|
|
echo "#xterm -geometry 80x50+494+51 &"
|
|
echo "#xterm -geometry 80x20+494-0 &"
|
|
echo "#exec xterm -geometry 80x66+0+0 -name login"
|
|
echo "exec dbus-run-session -- startkde (or startxfce4 or..)"
|
|
echo "Reboot your machine to begin using XRDP."
|
|
|