Switch to SpeakEasy.net DSL

The Modular Manual Browser

Home Page
Manual: (HP-UX-11.11)
Apropos / Subsearch:
optional field

 Xf86(1)			X Version 11			     Xf86(1)
				 Release 6.5

      Xf86 - X Window System display server

      Xf86 [option ...]

      Xf86 is name for the XFree86 Window System display server delivered by
      Hewlett Packard.

      All of the X servers accept the following command line options:

	      the X server runs as the given displaynumber, which by default
	      is 0.  If multiple X servers are to run simultaneously on a
	      host, each must have a unique display number.  See the DISPLAY
	      NAMES section of the X(5) manual page to learn how to specify
	      which display number clients should try to use.

      -a number
	      sets pointer acceleration (i.e. the ratio of how much is
	      reported to how much the user actually moved the pointer).

      -ac     disables host-based access control mechanisms.  Enables access
	      by any host, and permits any host to modify the access control
	      list.  Use with extreme caution.	This option exists primarily
	      for running test suites remotely.

      -audit level
	      Sets the audit trail level.  The default level is 1, meaning
	      only connection rejections are reported.	Level 2 additionally
	      reports all successful connections and disconnects.  Level 4
	      enables messages from the SECURITY extension, if present,
	      including generation and revocation of authorizations and
	      violations of the security policy.  Level 0 turns off the
	      audit trail.  Audit lines are sent as standard error output.

      -auth authorization-file
	      Specifies a file which contains a collection of authorization
	      records used to authenticate access.  See also the xdm and
	      Xsecurity manual pages.

      bc      disables certain kinds of error checking, for bug
	      compatibility with previous releases (e.g., to work around
	      bugs in R2 and R3 xterms and toolkits).  Deprecated.

      -bs     disables backing store support on all screens.

      -c      turns off key-click.

 Hewlett-Packard Company	    - 1 -     HP-UX Release 11.i: March 2002

 Xf86(1)			X Version 11			     Xf86(1)
				 Release 6.5

      c volume
	      sets key-click volume (allowable range: 0-100).

      -cc class
	      sets the visual class for the root window of color screens.
	      The class numbers are as specified in the X protocol.  Not
	      obeyed by all servers.

      -co filename
	      sets name of RGB color database.	The default is /etc/X11/rgb.

      -core   causes the server to generate a core dump on fatal errors.

      -dpi resolution
	      sets the resolution of the screen, in dots per inch.  To be
	      used when the server cannot determine the screen size from the

      -deferglyphs whichfonts
	      specifies the types of fonts for which the server should
	      attempt to use deferred glyph loading.  whichfonts can be all
	      (all fonts), none (no fonts), or 16 (16 bit fonts only).

      -f volume
	      sets feep (bell) volume (allowable range: 0-100).

      -fc cursorFont
	      sets default cursor font.

      -fn font
	      sets the default font.

      -fp fontPath
	      sets the search path for fonts.  This path is a comma
	      separated list of directories which the X server searches for
	      font databases.

      -help   prints a usage message.

      -I      causes all remaining command line arguments to be ignored.

      -kb     disables the XKEYBOARD extension if present.

      -nolisten trans-type
	      Disable a transport type.	 For example, TCP/IP connections can
	      be disabled with -nolisten tcp

	      prevents a server reset when the last client connection is
	      closed.  This overrides a previous -terminate command line

 Hewlett-Packard Company	    - 2 -     HP-UX Release 11.i: March 2002

 Xf86(1)			X Version 11			     Xf86(1)
				 Release 6.5

      -p minutes
	      sets screen-saver pattern cycle time in minutes.

      -pn     permits the server to continue running if it fails to
	      establish all of its well-known sockets (connection points for
	      clients), but establishes at least one.

      -r      turns off auto-repeat.

      r	      turns on auto-repeat.

      -s minutes
	      sets screen-saver timeout time in minutes.

      -su     disables save under support on all screens.

      -t number
	      sets pointer acceleration threshold in pixels (i.e. after how
	      many pixels pointer acceleration should take effect).

	      causes the server to terminate at server reset, instead of
	      continuing to run.  This overrides a previous -noreset command
	      line option.

      -to seconds
	      sets default connection timeout in seconds.

      -tst    disables all testing extensions (e.g., XTEST, XTrap,
	      XTestExtension1, RECORD).

      ttyxx   ignored, for servers started the ancient way (from init).

      v	      sets video-off screen-saver preference.

      -v      sets video-on screen-saver preference.

      -wm     forces the default backing-store of all windows to be
	      WhenMapped.  This is a backdoor way of getting backing-store
	      to apply to all windows.	Although all mapped windows will
	      have backing store, the backing store attribute value reported
	      by the server for a window will be the last value established
	      by a client.  If it has never been set by a client, the server
	      will report the default value, NotUseful.	 This behavior is
	      required by the X protocol, which allows the server to exceed
	      the client's backing store expectations but does not provide a
	      way to tell the client that it is doing so.

      -x extension
	      loads the specified extension at init.  This is a no-op for
	      most implementations.

 Hewlett-Packard Company	    - 3 -     HP-UX Release 11.i: March 2002

 Xf86(1)			X Version 11			     Xf86(1)
				 Release 6.5

	      enable(+) or disable(-) XINERAMA extension. Default is

      Some X servers accept the following options:

      -ld kilobytes
	      sets the data space limit of the server to the specified
	      number of kilobytes.  A value of zero makes the data size as
	      large as possible.  The default value of -1 leaves the data
	      space limit unchanged.

      -lf files
	      sets the number-of-open-files limit of the server to the
	      specified number.	 A value of zero makes the limit as large as
	      possible.	 The default value of -1 leaves the limit unchanged.

      -ls kilobytes
	      sets the stack space limit of the server to the specified
	      number of kilobytes.  A value of zero makes the stack size as
	      large as possible.  The default value of -1 leaves the stack
	      space limit unchanged.

      -logo   turns on the X Window System logo display in the screen-saver.
	      There is currently no way to change this from a client.

      nologo  turns off the X Window System logo display in the screen-
	      saver.  There is currently no way to change this from a

      X servers that support XDMCP have the following options.

      -query host-name
	      Enable XDMCP and send Query packets to the specified host.

	      Enable XDMCP and broadcast BroadcastQuery packets to the
	      network.	The first responding display manager will be chosen
	      for the session.

      -indirect host-name
	      Enable XDMCP and send IndirectQuery packets to the specified

      -port port-num
	      Use an alternate port number for XDMCP packets.  Must be
	      specified before any -query, -broadcast or -indirect options.

 Hewlett-Packard Company	    - 4 -     HP-UX Release 11.i: March 2002

 Xf86(1)			X Version 11			     Xf86(1)
				 Release 6.5

      -once   Causes the server to terminate (rather than reset) when the
	      XDMCP session ends.

      -class display-class
	      XDMCP has an additional display qualifier used in resource
	      lookup for display-specific options.  This option sets that
	      value, by default it is "MIT-Unspecified" (not a very useful

      -cookie xdm-auth-bits
	      When testing XDM-AUTHENTICATION-1, a private key is shared
	      between the server and the manager.  This option sets the
	      value of that private data (not that it is very private, being
	      on the command line!).

      -displayID display-id
	      Yet another XDMCP specific value, this one allows the display
	      manager to identify each display so that it can locate the
	      shared key.

      X servers that support the XKEYBOARD extension accept the following

      -xkbdir directory
	      base directory for keyboard layout files

      -xkbmap filename
	      keyboard description to load on startup

	      enable(+) or disable(-) AccessX key sequences

      -ar1 milliseconds
	      sets the length of time in milliseconds that a key must be
	      depressed before autorepeat starts

      -ar2 milliseconds
	      sets the length of time in milliseconds that should elapse
	      between autorepeat-generated keystrokes

      Many servers also have device-specific command line options.  See the
      manual pages for the individual servers for more details.

      X servers that support the SECURITY extension accept the following

      -sp filename
	      causes the server to attempt to read and interpret filename as
	      a security policy file with the format described below.  The

 Hewlett-Packard Company	    - 5 -     HP-UX Release 11.i: March 2002

 Xf86(1)			X Version 11			     Xf86(1)
				 Release 6.5

	      file is read at server startup and reread at each server

      The syntax of the security policy file is as follows.  Notation: "*"
      means zero or more occurrences of the preceding element, and "+" means
      one or more occurrences.	To interpret <foo/bar>, ignore the text
      after the /; it is used to distinguish between instances of <foo> in
      the next section.

      <policy file> ::= <version line> <other line>*

      <version line> ::= <string/v> '\n'

      <other line > ::= <comment> | <access rule> | <site policy> | <blank line>

      <comment> ::= # <not newline>* '\n'

      <blank line> ::= <space> '\n'

      <site policy> ::= sitepolicy <string/sp> '\n'

      <access rule> ::= property <property/ar> <window> <perms> '\n'

      <property> ::= <string>

      <window> ::= any | root | <required property>

      <required property> ::= <property/rp> | <property with value>

      <property with value> ::= <property/rpv> = <string/rv>

      <perms> ::= [ <operation> | <action> | <space> ]*

      <operation> ::= r | w | d

      <action> ::= a | i | e

      <string> ::= <dbl quoted string> | <single quoted string> | <unqouted string>

      <dbl quoted string> ::= <space> " <not dqoute>* " <space>

      <single quoted string> ::= <space> ' <not squote>* ' <space>

      <unquoted string> ::= <space> <not space>+ <space>

      <space> ::= [ ' ' | '\t' ]*

      Character sets:

      <not newline> ::= any character except '\n'
      <not dqoute>  ::= any character except "

 Hewlett-Packard Company	    - 6 -     HP-UX Release 11.i: March 2002

 Xf86(1)			X Version 11			     Xf86(1)
				 Release 6.5

      <not squote>  ::= any character except '
      <not space>   ::= any character except those in <space>

      The semantics associated with the above syntax are as follows.

      <version line>, the first line in the file, specifies the file format
      version.	If the server does not recognize the version <string/v>, it
      ignores the rest of the file.  The version string for the file format
      described here is "version-1" .

      Once past the <version line>, lines that do not match the above syntax
      are ignored.

      <comment> lines are ignored.

      <sitepolicy> lines are currently ignored.	 They are intended to
      specify the site policies used by the XC-QUERY-SECURITY-1
      authorization method.

      <access rule> lines specify how the server should react to untrusted
      client requests that affect the X Window property named <property/ar>.
      The rest of this section describes the interpretation of an <access

      For an <access rule> to apply to a given instance of <property/ar>,
      <property/ar> must be on a window that is in the set of windows
      specified by <window>.  If <window> is any, the rule applies to
      <property/ar> on any window.  If <window> is root, the rule applies to
      <property/ar> only on root windows.

      If <window> is <required property>, the following apply.	If <required
      property> is a <property/rp>, the rule applies when the window also
      has that <property/rp>, regardless of its value.	If <required
      property> is a <property with value>, <property/rpv> must also have
      the value specified by <string/rv>.  In this case, the property must
      have type STRING and format 8, and should contain one or more null-
      terminated strings.  If any of the strings match <string/rv>, the rule

      The definition of string matching is simple case-sensitive string
      comparison with one elaboration: the occurence of the character '*' in
      <string/rv> is a wildcard meaning "any string."  A <string/rv> can
      contain multiple wildcards anywhere in the string.  For example, "x*"
      matches strings that begin with x, "*x" matches strings that end with
      x, "*x*" matches strings containing x, and "x*y*" matches strings that
      start with x and subsequently contain y.

      There may be multiple <access rule> lines for a given <property/ar>.
      The rules are tested in the order that they appear in the file.  The
      first rule that applies is used.

 Hewlett-Packard Company	    - 7 -     HP-UX Release 11.i: March 2002

 Xf86(1)			X Version 11			     Xf86(1)
				 Release 6.5

      <perms> specify operations that untrusted clients may attempt, and the
      actions that the server should take in response to those operations.

      <operation> can be r (read), w (write), or d (delete).  The following
      table shows how X Protocol property requests map to these operations
      in The Open Group server implementation.

      GetProperty    r, or r and d if delete = True
      ChangeProperty w
      RotateProperties	  r and w
      DeleteProperty d
      ListProperties none, untrusted clients can always list all properties

      <action> can be a (allow), i (ignore), or e (error).  Allow means
      execute the request as if it had been issued by a trusted client.
      Ignore means treat the request as a no-op.  In the case of
      GetProperty, ignore means return an empty property value if the
      property exists, regardless of its actual value.	Error means do not
      execute the request and return a BadAtom error with the atom set to
      the property name.  Error is the default action for all properties,
      including those not listed in the security policy file.

      An <action> applies to all <operation>s that follow it, until the next
      <action> is encountered.	Thus, irwad  means ignore read and write,
      allow delete.

      GetProperty and RotateProperties may do multiple operations (r and d,
      or r and w).  If different actions apply to the operations, the most
      severe action is applied to the whole request; there is no partial
      request execution.  The severity ordering is: allow < ignore < error.
      Thus, if the <perms> for a property are ired (ignore read, error
      delete), and an untrusted client attempts GetProperty on that property
      with delete = True, an error is returned, but the property value is
      not.  Similarly, if any of the properties in a RotateProperties do not
      allow both read and write, an error is returned without changing any
      property values.

      Here is an example security policy file.


      # Allow reading of application resources, but not writing.
      property RESOURCE_MANAGER	    root      ar iw
      property SCREEN_RESOURCES	    root      ar iw

      # Ignore attempts to use cut buffers.  Giving errors causes apps to crash,
      # and allowing access may give away too much information.
      property CUT_BUFFER0	    root      irw
      property CUT_BUFFER1	    root      irw
      property CUT_BUFFER2	    root      irw
      property CUT_BUFFER3	    root      irw

 Hewlett-Packard Company	    - 8 -     HP-UX Release 11.i: March 2002

 Xf86(1)			X Version 11			     Xf86(1)
				 Release 6.5

      property CUT_BUFFER4	    root      irw
      property CUT_BUFFER5	    root      irw
      property CUT_BUFFER6	    root      irw
      property CUT_BUFFER7	    root      irw

      # If you are using Motif, you probably want these.
      property _MOTIF_DEFAULT_BINDINGS	      rootar iw
      property _MOTIF_DRAG_WINDOW   root      ar iw
      property _MOTIF_DRAG_TARGETS  any	      ar iw
      property _MOTIF_DRAG_ATOMS    any	      ar iw
      property _MOTIF_DRAG_ATOM_PAIRS	      any ar iw

      # The next two rules let xwininfo -tree work when untrusted.
      property WM_NAME		    any	      ar

      # Allow read of WM_CLASS, but only for windows with WM_NAME.
      # This might be more restrictive than necessary, but demonstrates
      # the <required property> facility, and is also an attempt to
      # say "top level windows only."
      property WM_CLASS		    WM_NAME   ar

      # These next three let xlsclients work untrusted.	 Think carefully
      # before including these; giving away the client machine name and command
      # may be exposing too much.
      property WM_STATE		    WM_NAME   ar
      property WM_CLIENT_MACHINE    WM_NAME   ar
      property WM_COMMAND	    WM_NAME   ar

      # To let untrusted clients use the standard colormaps created by
      # xstdcmap, include these lines.
      property RGB_DEFAULT_MAP	    root      ar
      property RGB_BEST_MAP	    root      ar
      property RGB_RED_MAP	    root      ar
      property RGB_GREEN_MAP	    root      ar
      property RGB_BLUE_MAP	    root      ar
      property RGB_GRAY_MAP	    root      ar

      # To let untrusted clients use the color management database created
      # by xcmsdb, include these lines.
      property XDCCC_LINEAR_RGB_CORRECTION    rootar
      property XDCCC_LINEAR_RGB_MATRICES      rootar
      property XDCCC_GRAY_SCREENWHITEPOINT    rootar
      property XDCCC_GRAY_CORRECTION	      rootar

      # To let untrusted clients use the overlay visuals that many vendors
      # support, include this line.
      property SERVER_OVERLAY_VISUALS	      rootar

      # Dumb examples to show other capabilities.

      # oddball property names and explicit specification of error conditions

 Hewlett-Packard Company	    - 9 -     HP-UX Release 11.i: March 2002

 Xf86(1)			X Version 11			     Xf86(1)
				 Release 6.5

      property "property with spaces"	      'property with "'aw er ed

      # Allow deletion of Woo-Hoo if window also has property OhBoy with value
      # ending in "son".  Reads and writes will cause an error.
      property Woo-Hoo		    OhBoy = "*son"ad

      The X server supports client connections via a platform-dependent
      subset of the following transport types: TCP/IP, Unix Domain sockets,
      DECnet, and several varieties of SVR4 local connections.	See the
      DISPLAY NAMES section of the X(5) manual page to learn how to specify
      which transport type clients should try to use.

      The X server implements a platform-dependent subset of the following
      authorization protocols: MIT-MAGIC-COOKIE-1, XDM-AUTHORIZATION-1,
      SUN-DES-1, and MIT-KERBEROS-5.  See the Xsecurity(1) manual page for
      information on the operation of these protocols.

      Authorization data required by the above protocols is passed to the
      server in a private file named with the -auth command line option.
      Each time the server is about to accept the first connection after a
      reset (or when the server is starting), it reads this file.  If this
      file contains any authorization records, the local host is not
      automatically allowed access to the server, and only clients which
      send one of the authorization records contained in the file in the
      connection setup information will be allowed access.  See the Xau
      manual page for a description of the binary format of this file.	See
      xauth(1) for maintenance of this file, and distribution of its
      contents to remote hosts.

      The X server also uses a host-based access control list for deciding
      whether or not to accept connections from clients on a particular
      machine.	If no other authorization mechanism is being used, this list
      initially consists of the host on which the server is running as well
      as any machines listed in the file /etc/Xn.hosts, where n is the
      display number of the server.  Each line of the file should contain
      either an Internet hostname (e.g. expo.lcs.mit.edu) or a DECnet
      hostname in double colon format (e.g. hydra::).  There should be no
      leading or trailing spaces on any lines.	For example:


      Users can add or remove hosts from this list and enable or disable
      access control using the xhost command from the same machine as the

 Hewlett-Packard Company	   - 10 -     HP-UX Release 11.i: March 2002

 Xf86(1)			X Version 11			     Xf86(1)
				 Release 6.5

      If the X FireWall Proxy (xfwp) is being used without a sitepolicy,
      host-based authorization must be turned on for clients to be able to
      connect to the X server via the xfwp.  If xfwp is run without a
      configuration file and thus no sitepolicy is defined, if xfwp is using
      an X server where xhost + has been run to turn off host-based
      authorization checks, when a client tries to connect to this X server
      via xfwp, the X server will deny the connection.	See xfwp(1) for more
      information about this proxy.

      The X protocol intrinsically does not have any notion of window
      operation permissions or place any restrictions on what a client can
      do; if a program can connect to a display, it has full run of the
      screen.  X servers that support the SECURITY extension fare better
      because clients can be designated untrusted via the authorization they
      use to connect; see the xauth(1) manual page for details.
      Restrictions are imposed on untrusted clients that curtail the
      mischief they can do.  See the SECURITY extension specification for a
      complete list of these restrictions.

      Sites that have better authentication and authorization systems might
      wish to make use of the hooks in the libraries and the server to
      provide additional security models.

      The X server attaches special meaning to the following signals:

      SIGHUP  This signal causes the server to close all existing
	      connections, free all resources, and restore all defaults.  It
	      is sent by the display manager whenever the main user's main
	      application (usually an xterm or window manager) exits to
	      force the server to clean up and prepare for the next user.

      SIGTERM This signal causes the server to exit cleanly.

      SIGUSR1 This signal is used quite differently from either of the
	      above.  When the server starts, it checks to see if it has
	      inherited SIGUSR1 as SIG_IGN instead of the usual SIG_DFL.  In
	      this case, the server sends a SIGUSR1 to its parent process
	      after it has set up the various connection schemes.  Xdm uses
	      this feature to recognize when connecting to the server is

      The X server can obtain fonts from directories and/or from font
      servers.	The list of directories and font servers the X server uses
      when trying to open a font is controlled by the font path.  The
      default font path is:


 Hewlett-Packard Company	   - 11 -     HP-UX Release 11.i: March 2002

 Xf86(1)			X Version 11			     Xf86(1)
				 Release 6.5

      /usr/lib/X11/fonts/iso_8859.15/75dpi/, /usr/lib/X11/fonts/hp_kana8/,

      The font path can be set with the -fp option or by xset(1) after the
      server has started.

      /etc/Xn.hosts		    Initial access control list for display
				    number n

      /usr/lib/X11/fonts/misc, /usr/lib/X11/fonts/75dpi,
				    Bitmap font directories

      /usr/lib/X11/fonts/Speedo, /usr/lib/X11/fonts/Type1
				    Outline font directories

      /etc/X11/rgb.txt		    Color database

      /var/spool/sockets/X11/n	    Unix domain socket for display number n

      /usr/adm/Xnmsgs		    Error log file for display number n if
				    run from init(8)

      /usr/lib/X11/xdm/xdm-errors   Default error log file if the server is
				    run from xdm(1)

      General information: X(5)

      Fonts: bdftopcf(1), mkfontdir(1), xfs(1), xlsfonts(1), xfontsel(1),

      Security: Xsecurity(5), xauth(1), Xau(1), xdm(1), xhost(1), xfwp(1)

      Starting the server: xdm(1), xinit(1)

      Controlling the server once started: xset(1), xsetroot(1), xhost(1)

      Server-specific man pages: X(1), Xserver(1), Xhp(1).

      The sample server was originally written by Susan Angebranndt, Raymond
      Drewry, Philip Karlton, and Todd Newman, from Digital Equipment
      Corporation, with support from a large cast.  It has since been

 Hewlett-Packard Company	   - 12 -     HP-UX Release 11.i: March 2002

 Xf86(1)			X Version 11			     Xf86(1)
				 Release 6.5

      extensively rewritten by Keith Packard and Bob Scheifler, from MIT.
      Dave Wiggins took over post-R5 and made substantial improvements.

 Hewlett-Packard Company	   - 13 -     HP-UX Release 11.i: March 2002