the upstream code thinks it can do all the login work itself, just doing setuid, initgroups, etc. when instead it should have been patched to use setusercontext.
the upshot is if you define your env in ~/login_conf :setenv, when you rdp into your account, your env doesn't match what it is when you ssh in.
the temporary workaround is to use `exec env -U "$USER" i3` in xrdp's startwm.sh file instead of just `exec i3`.
*** This bug has been marked as a duplicate of bug 250852 ***
sorry for noise! i didn't prepend category/port so it wasn't auto assigned so i recreated bug https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=250852