Table of Contents
Xserver - X Window System display server
X is the generic name for the X Window System display
server. It is frequently a link or a copy of the appropriate server binary
for driving the most frequently used server on a given machine.
The X server is usually started from the X Display Manager program
or a similar display manager program. This utility is run from the
system boot files and takes care of keeping the server running, prompting
for usernames and passwords, and starting up the user sessions.
that run more than one window system may need to use the xinit(1)
instead of a display manager. However, xinit is to be considered a tool
for building startup scripts and is not intended for use by end users.
Site administrators are strongly urged to use a display manager, or build
other interfaces for novice users.
The X server may also be started directly
by the user, though this method is usually reserved for testing and is
not recommended for normal operation. On some platforms, the user must
have special permission to start the X server, often because access to
certain devices (e.g. /dev/mouse) is restricted.
When the X server starts
up, it typically takes over the display. If you are running on a workstation
whose console is the display, you may not be able to log into the console
while the server is running.
Many X servers have device-specific command
line options. See the manual pages for the individual servers for more
details; a list of server-specific manual pages is provided in the SEE ALSO
All of the X servers accept the command line options described
below. Some X servers may have alternative ways of providing the parameters
described here, but the values provided via the command line options should
override values specified via other mechanisms.
Some X servers accept the following options:
- The X server
runs as the given displaynumber, which by default is 0. If multiple X servers
are to run simultaneously on a host, each must have a unique display number.
See the DISPLAY NAMES section of the X(7)
manual page to learn how to
specify which display number clients should try to use.
- -a number
- sets pointer
acceleration (i.e. the ratio of how much is reported to how much the user
actually moved the pointer).
- disables host-based access control mechanisms.
Enables access by any host, and permits any host to modify the access
control list. Use with extreme caution. This option exists primarily for
running test suites remotely.
- -audit level
- sets the audit trail level. The
default level is 1, meaning only connection rejections are reported. Level
2 additionally reports all successful connections and disconnects. Level
4 enables messages from the SECURITY extension, if present, including generation
and revocation of authorizations and violations of the security policy.
Level 0 turns off the audit trail. Audit lines are sent as standard error
- -auth authorization-file
- specifies a file which contains a collection
of authorization records used to authenticate access. See also the xdm(1)
- disables certain kinds of error checking,
for bug compatibility with previous releases (e.g., to work around bugs in
R2 and R3 xterms and toolkits). Deprecated.
- disables backing store support
on all screens.
- sets the default root window to solid black instead of
the standard root weave pattern.
- turns off key-click.
- c volume
- sets key-click
volume (allowable range: 0-100).
- -cc class
- sets the visual class for the root
window of color screens. The class numbers are as specified in the X protocol.
Not obeyed by all servers.
- -co filename
- sets name of RGB color database.
The default is /tmp/Xorg-KEM/lib/X11/rgb.
- causes the server to generate
a core dump on fatal errors.
- -deferglyphs whichfonts
- specifies the types
of fonts for which the server should attempt to use deferred glyph loading.
whichfonts can be all (all fonts), none (no fonts), or 16 (16 bit fonts
- -dpi resolution
- sets the resolution for all screens, in dots per inch.
To be used when the server cannot determine the screen size(s) from the
- enables DPMS (display power management services), where supported.
The default state is platform and configuration specific.
DPMS (display power management services). The default state is platform
and configuration specific.
- -f volume
- sets feep (bell) volume (allowable
- -fc cursorFont
- sets default cursor font.
- -fn font
- sets the default
- -fp fontPath
- sets the search path for fonts. This path is a comma separated
list of directories which the X server searches for font databases. See
the FONTS section of this manual page for more information and the default
- prints a usage message.
- causes all remaining command line arguments
to be ignored.
- -maxbigreqsize size
- sets the maxmium big request to size MB.
- -nolisten trans-type
- disables a transport type. For example, TCP/IP connections
can be disabled with -nolisten tcp. This option may be issued multiple times
to disable listening to different transport types.
- prevents a server
reset when the last client connection is closed. This overrides a previous
-terminate command line option.
- -p minutes
- sets screen-saver pattern cycle
time in minutes.
- permits the server to continue running if it fails to
establish all of its well-known sockets (connection points for clients),
but establishes at least one. This option is set by default.
the server to exit if it fails to establish all of its well-known sockets
(connection points for clients).
- turns off auto-repeat.
- turns on auto-repeat.
- -s minutes
- sets screen-saver timeout time in minutes.
- disables save under
support on all screens.
- -t number
- sets pointer acceleration threshold in
pixels (i.e. after how many pixels pointer acceleration should take effect).
- causes the server to terminate at server reset, instead of continuing
to run. This overrides a previous -noreset command line option.
- -to seconds
- sets default connection timeout in seconds.
- disables all testing extensions
(e.g., XTEST, XTrap, XTestExtension1, RECORD).
- ignored, for servers
started the ancient way (from init).
- sets video-off screen-saver preference.
- sets video-on screen-saver preference.
- forces the default backing-store
of all windows to be WhenMapped. This is a backdoor way of getting backing-store
to apply to all windows. Although all mapped windows will have backing store,
the backing store attribute value reported by the server for a window will
be the last value established by a client. If it has never been set by
a client, the server will report the default value, NotUseful. This behavior
is required by the X protocol, which allows the server to exceed the client's
backing store expectations but does not provide a way to tell the client
that it is doing so.
- -x extension
- loads the specified extension at init. This
is a no-op for most implementations.
- enables(+) or disables(-)
the XINERAMA extension. The default state is platform and configuration
- -ld kilobytes
- sets the data space limit of the server to the specified number
of kilobytes. A value of zero makes the data size as large as possible.
The default value of -1 leaves the data space limit unchanged.
- -lf files
the number-of-open-files limit of the server to the specified number. A value
of zero makes the limit as large as possible. The default value of -1 leaves
the limit unchanged.
- -ls kilobytes
- sets the stack space limit of the server
to the specified number of kilobytes. A value of zero makes the stack size
as large as possible. The default value of -1 leaves the stack space limit
- turns on the X Window System logo display in the screen-saver.
There is currently no way to change this from a client.
- turns off
the X Window System logo display in the screen-saver. There is currently
no way to change this from a client.
- default|mono|gray|color sets the
color allocation policy that will be used by the render extension.
- selects the default policy defined for the display depth of the X server.
- don't use any color cell.
- use a gray map of 13 color cells for
the X render extension.
- use a color cube of at most 4*4*4 colors (that
is 64 color cells).
X servers that
support XDMCP have the following options. See the X Display Manager Control
Protocol specification for more information.
- disables smart scheduling on platforms that
support the smart scheduler.
- -schedInterval interval
- sets the smart scheduler's
scheduling interval to interval milliseconds.
X servers that support the XKEYBOARD (a.k.a. "XKB") extension accept
the following options. All layout files specified on the command line must
be located in the XKB base directory or a subdirectory, and specified
as the relative path from the XKB base directory. The default XKB base
directory is /tmp/Xorg-KEM/lib/X11/xkb.
- -query hostname
- enables XDMCP
and sends Query packets to the specified hostname.
- enable XDMCP
and broadcasts BroadcastQuery packets to the network. The first responding
display manager will be chosen for the session.
- -multicast [address [hop
- Enable XDMCP and multicast BroadcastQuery packets to the network.
The first responding display manager is chosen for the session. If an
address is specified, the multicast is sent to that address. If no address
is specified, the multicast is sent to the default XDMCP IPv6 multicast
group. If a hop count is specified, it is used as the maximum hop count
for the multicast. If no hop count is specified, the multicast is set
to a maximum of 1 hop, to prevent the multicast from being routed beyond
the local network.
- -indirect hostname
- enables XDMCP and send IndirectQuery
packets to the specified hostname.
- -port port-number
- uses the specified port-number
for XDMCP packets, instead of the default. This option must be specified
before any -query, -broadcast, -multicast, or -indirect options.
- -from local-address
- specifies the local address to connect from (useful if the connecting host
has multiple network interfaces). The local-address may be expressed in
any form acceptable to the host platform's gethostbyname(3)
- causes the server to terminate (rather than reset) when the XDMCP
- -class display-class
- XDMCP has an additional display qualifier
used in resource lookup for display-specific options. This option sets that
value, by default it is "MIT-Unspecified" (not a very useful value).
- When testing XDM-AUTHENTICATION-1, a private key is shared between
the server and the manager. This option sets the value of that private
data (not that it is very private, being on the command line!).
- Yet another XDMCP specific value, this one allows the display
manager to identify each display so that it can locate the shared key.
X servers that
support the SECURITY extension accept the following option:
- enables(+) or disables(-) the
- [+-]accessx [ timeout [ timeout_mask [ feedback [ options_mask
] ] ] ]
- enables(+) or disables(-) AccessX key sequences.
- -xkbdir directory
- base directory for keyboard layout files. This option is not available
for setuid X servers (i.e., when the X server's real and effective uids are
- -ar1 milliseconds
- sets the autorepeat delay (length of time in
milliseconds that a key must be depressed before autorepeat starts).
- sets the autorepeat interval (length of time in milliseconds
that should elapse between autorepeat-generated keystrokes).
loading of an XKB keymap description on server startup.
- -xkbdb filename
filename for default keyboard keymaps.
- -xkbmap filename
- loads keyboard description
in filename on server startup.
- -sp filename
- causes the server to attempt to read and interpret filename as a security
policy file with the format described below. The file is read at server
startup and reread at each server reset.
The syntax of the security policy
file is as follows. Notation: "*" means zero or more occurrences of the
preceding element, and "+" means one or more occurrences. To interpret
<foo/bar>, ignore the text after the /; it is used to distinguish between
instances of <foo> in the next section.
<policy file> ::= <version line> <other line>*
<version line> ::= <string/v> '\n'
<other line > ::= <comment> | <access rule> | <site policy> | <blank line>
<comment> ::= # <not newline>* '\n'
<blank line> ::= <space> '\n'
<site policy> ::= sitepolicy <string/sp> '\n'
<access rule> ::= property <property/ar> <window> <perms> '\n'
<property> ::= <string>
<window> ::= any | root | <required property>
<required property> ::= <property/rp> | <property with value>
<property with value> ::= <property/rpv> = <string/rv>
<perms> ::= [ <operation> | <action> | <space> ]*
<operation> ::= r | w | d
<action> ::= a | i | e
<string> ::= <dbl quoted string> | <single quoted string> | <unqouted string>
<dbl quoted string> ::= <space> " <not dqoute>* " <space>
<single quoted string> ::= <space> ' <not squote>* ' <space>
<unquoted string> ::= <space> <not space>+ <space>
<space> ::= [ ' ' | '\t' ]*
<not newline> ::= any character except '\n'
<not dqoute> ::= any character except "
<not squote> ::= any character except '
<not space> ::= any character except those in <space>
The semantics associated with the above syntax are as follows.
the first line in the file, specifies the file format version. If the server
does not recognize the version <string/v>, it ignores the rest of the file.
The version string for the file format described here is "version-1" .
past the <version line>, lines that do not match the above syntax are ignored.
<comment> lines are ignored.
<sitepolicy> lines are currently ignored. They
are intended to specify the site policies used by the XC-QUERY-SECURITY-1
<access rule> lines specify how the server should react
to untrusted client requests that affect the X Window property named <property/ar>.
The rest of this section describes the interpretation of an <access rule>.
For an <access rule> to apply to a given instance of <property/ar>, <property/ar>
must be on a window that is in the set of windows specified by <window>.
If <window> is any, the rule applies to <property/ar> on any window. If <window>
is root, the rule applies to <property/ar> only on root windows.
is <required property>, the following apply. If <required property> is a <property/rp>,
the rule applies when the window also has that <property/rp>, regardless
of its value. If <required property> is a <property with value>, <property/rpv>
must also have the value specified by <string/rv>. In this case, the property
must have type STRING and format 8, and should contain one or more null-terminated
strings. If any of the strings match <string/rv>, the rule applies.
of string matching is simple case-sensitive string comparison with one elaboration:
the occurrence of the character '*' in <string/rv> is a wildcard meaning "any
string." A <string/rv> can contain multiple wildcards anywhere in the string.
For example, "x*" matches strings that begin with x, "*x" matches strings
that end with x, "*x*" matches strings containing x, and "x*y*" matches
strings that start with x and subsequently contain y.
There may be multiple
<access rule> lines for a given <property/ar>. The rules are tested in the order
that they appear in the file. The first rule that applies is used.
specify operations that untrusted clients may attempt, and the actions
that the server should take in response to those operations.
be r (read), w (write), or d (delete). The following table shows how X
Protocol property requests map to these operations in The Open Group server
GetProperty r, or r and d if delete = True
RotateProperties r and w
ListProperties none, untrusted clients can always list all properties
<action> can be a (allow), i (ignore), or e (error). Allow means execute
the request as if it had been issued by a trusted client. Ignore means treat
the request as a no-op. In the case of GetProperty, ignore means return
an empty property value if the property exists, regardless of its actual
value. Error means do not execute the request and return a BadAtom error
with the atom set to the property name. Error is the default action for
all properties, including those not listed in the security policy file.
An <action> applies to all <operation>s that follow it, until the next <action>
is encountered. Thus, irwad means ignore read and write, allow delete.
GetProperty and RotateProperties may do multiple operations (r and d, or
r and w). If different actions apply to the operations, the most severe
action is applied to the whole request; there is no partial request execution.
The severity ordering is: allow < ignore < error. Thus, if the <perms> for
a property are ired (ignore read, error delete), and an untrusted client
attempts GetProperty on that property with delete = True, an error is returned,
but the property value is not. Similarly, if any of the properties in a
RotateProperties do not allow both read and write, an error is returned
without changing any property values.
Here is an example security policy
# Allow reading of application resources, but not writing.
property RESOURCE_MANAGER root ar iw
property SCREEN_RESOURCES root ar iw
# Ignore attempts to use cut buffers. Giving errors causes apps to crash,
# and allowing access may give away too much information.
property CUT_BUFFER0 root irw
property CUT_BUFFER1 root irw
property CUT_BUFFER2 root irw
property CUT_BUFFER3 root irw
property CUT_BUFFER4 root irw
property CUT_BUFFER5 root irw
property CUT_BUFFER6 root irw
property CUT_BUFFER7 root irw
# If you are using Motif, you probably want these.
property _MOTIF_DEFAULT_BINDINGS root ar iw
property _MOTIF_DRAG_WINDOW root ar iw
property _MOTIF_DRAG_TARGETS any ar iw
property _MOTIF_DRAG_ATOMS any ar iw
property _MOTIF_DRAG_ATOM_PAIRS any ar iw
# The next two rules let xwininfo -tree work when untrusted.
property WM_NAME any ar
# Allow read of WM_CLASS, but only for windows with WM_NAME.
# This might be more restrictive than necessary, but demonstrates
# the <required property> facility, and is also an attempt to
# say "top level windows only."
property WM_CLASS WM_NAME ar
# These next three let xlsclients work untrusted. Think carefully
# before including these; giving away the client machine name and command
# may be exposing too much.
property WM_STATE WM_NAME ar
property WM_CLIENT_MACHINE WM_NAME ar
property WM_COMMAND WM_NAME ar
# To let untrusted clients use the standard colormaps created by
# xstdcmap, include these lines.
property RGB_DEFAULT_MAP root ar
property RGB_BEST_MAP root ar
property RGB_RED_MAP root ar
property RGB_GREEN_MAP root ar
property RGB_BLUE_MAP root ar
property RGB_GRAY_MAP root ar
# To let untrusted clients use the color management database created
# by xcmsdb, include these lines.
property XDCCC_LINEAR_RGB_CORRECTION root ar
property XDCCC_LINEAR_RGB_MATRICES root ar
property XDCCC_GRAY_SCREENWHITEPOINT root ar
property XDCCC_GRAY_CORRECTION root ar
# To let untrusted clients use the overlay visuals that many vendors
# support, include this line.
property SERVER_OVERLAY_VISUALS root ar
# Dumb examples to show other capabilities.
# oddball property names and explicit specification of error conditions
property "property with spaces" 'property with "' aw er ed
# Allow deletion of Woo-Hoo if window also has property OhBoy with value
# ending in "son". Reads and writes will cause an error.
property Woo-Hoo OhBoy = "*son" ad
The X server supports client connections via a platform-dependent
subset of the following transport types: TCP/IP, Unix Domain sockets, DECnet,
and several varieties of SVR4 local connections. See the DISPLAY NAMES
section of the X(7)
manual page to learn how to specify which transport
type clients should try to use.
The X server implements a
platform-dependent subset of the following authorization protocols: MIT-MAGIC-COOKIE-1,
XDM-AUTHORIZATION-1, XDM-AUTHORIZATION-2, SUN-DES-1, and MIT-KERBEROS-5. See the
manual page for information on the operation of these protocols.
Authorization data required by the above protocols is passed to the server
in a private file named with the -auth command line option. Each time the
server is about to accept the first connection after a reset (or when the
server is starting), it reads this file. If this file contains any authorization
records, the local host is not automatically allowed access to the server,
and only clients which send one of the authorization records contained
in the file in the connection setup information will be allowed access.
See the Xau manual page for a description of the binary format of this
file. See xauth(1)
for maintenance of this file, and distribution of its
contents to remote hosts.
The X server also uses a host-based access control
list for deciding whether or not to accept connections from clients on
a particular machine. If no other authorization mechanism is being used,
this list initially consists of the host on which the server is running
as well as any machines listed in the file /etc/Xn.hosts, where n is the
display number of the server. Each line of the file should contain either
an Internet hostname (e.g. expo.lcs.mit.edu) or a DECnet hostname in double
colon format (e.g. hydra::) or a complete name in the format family:name
as described in the xhost(1)
manual page. There should be no leading or
trailing spaces on any lines. For example:
Users can add or remove hosts from this list and enable or disable access
control using the xhost command from the same machine as the server.
the X FireWall Proxy (xfwp) is being used without a sitepolicy, host-based
authorization must be turned on for clients to be able to connect to the
X server via the xfwp. If xfwp is run without a configuration file and
thus no sitepolicy is defined, if xfwp is using an X server where xhost
+ has been run to turn off host-based authorization checks, when a client
tries to connect to this X server via xfwp, the X server will deny the
connection. See xfwp(1)
for more information about this proxy.
The X protocol
intrinsically does not have any notion of window operation permissions
or place any restrictions on what a client can do; if a program can connect
to a display, it has full run of the screen. X servers that support the
SECURITY extension fare better because clients can be designated untrusted
via the authorization they use to connect; see the xauth(1)
for details. Restrictions are imposed on untrusted clients that curtail
the mischief they can do. See the SECURITY extension specification for
a complete list of these restrictions.
Sites that have better authentication
and authorization systems might wish to make use of the hooks in the libraries
and the server to provide additional security models.
The X server
attaches special meaning to the following signals:
The X server can obtain fonts
from directories and/or from font servers. The list of directories and font
servers the X server uses when trying to open a font is controlled by the
- This signal causes
the server to close all existing connections, free all resources, and restore
all defaults. It is sent by the display manager whenever the main user's
main application (usually an xterm or window manager) exits to force the
server to clean up and prepare for the next user.
- This signal causes
the server to exit cleanly.
- This signal is used quite differently
from either of the above. When the server starts, it checks to see if it
has inherited SIGUSR1 as SIG_IGN instead of the usual SIG_DFL. In this
case, the server sends a SIGUSR1 to its parent process after it has set
up the various connection schemes. Xdm uses this feature to recognize when
connecting to the server is possible.
The default font path is /tmp/Xorg-KEM/lib/X11/fonts/misc/,
/tmp/Xorg-KEM/lib/X11/fonts/TTF/, /tmp/Xorg-KEM/lib/X11/fonts/Type1/, /tmp/Xorg-KEM/lib/X11/fonts/CID/,
/tmp/Xorg-KEM/lib/X11/fonts/75dpi/, /tmp/Xorg-KEM/lib/X11/fonts/100dpi/ .
The font path can be set with the -fp option or by xset(1)
after the server
- Initial access control list for display number
- Bitmap font directories
- Outline font directories
- Color database
- Unix domain socket for display number n
- Kerberos 5 replay cache
for display number n
- Error log file for display number
n if run from init(8)
- Default error
log file if the server is run from xdm(1)
Protocols: X Window System Protocol, The X Font Service Protocol,
X Display Manager Control Protocol
, X Logical Font Description Conventions
Starting the server: xdm(1)
the server once started: xset(1)
man pages: Xdec(1)
Server internal documentation: Definition of the Porting Layer
for the X v11 Sample Server
The sample server was originally written
by Susan Angebranndt, Raymond Drewry, Philip Karlton, and Todd Newman,
from Digital Equipment Corporation, with support from a large cast. It
has since been extensively rewritten by Keith Packard and Bob Scheifler,
from MIT. Dave Wiggins took over post-R5 and made substantial improvements.
Table of Contents