rpms/tigervnc
5
0
Fork 0
Code Issues Pull Requests Releases Activity

1.10.90 (1.11.0 beta)

Browse Source
This commit is contained in:
Jan Grulich 2020-08-24 12:48:53 +02:00
parent 49af595f6d
commit 518baca222
13 changed files with 188 additions and 291 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -28,3 +28,4 @@ tigervnc-1.0.90-20100721svn4113.tar.bz2
/tigervnc-1.9.90.tar.gz
/tigervnc-1.10.0.tar.gz
/tigervnc-1.10.1.tar.gz
/tigervnc-1.10.90.tar.gz

34
0001-xserver-add-no-op-input-thread-init-function.patch
View File

@ -1,34 +0,0 @@
From 920d9c4d6562ecabf79497bc901d50522d4bc661 Mon Sep 17 00:00:00 2001
From: Linus Heckemann <git@sphalerite.org>
Date: Sat, 1 Feb 2020 11:08:26 +0100
Subject: [PATCH] xserver: add no-op input thread init function
This allows Xvnc to build with xorg-server 1.20.7, which requires OS
layers to implement a ddxInputThreadInit function when configured with
--enable-input-thread (the default).
relevant xorg-server commit: e3f26605d85d987da434640f52646d728f1fe919
---
unix/xserver/hw/vnc/Input.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/unix/xserver/hw/vnc/Input.c b/unix/xserver/hw/vnc/Input.c
index 534e435e..b342d4d6 100644
--- a/unix/xserver/hw/vnc/Input.c
+++ b/unix/xserver/hw/vnc/Input.c
@@ -711,3 +711,12 @@ static void vncKeysymKeyboardEvent(KeySym keysym, int down)
*/
mieqProcessInputEvents();
}
+
+#if INPUTTHREAD
+/** This function is called in Xserver/os/inputthread.c when starting
+ the input thread. */
+void
+ddxInputThreadInit(void)
+{
+}
+#endif
--
2.24.1

2
10-libvnc.conf
View File

@ -12,7 +12,7 @@
#EndSection
#Section "Screen"
# Identifier "Screen0"
# Identifier "Screen0
# DefaultDepth 16
# Option "SecurityTypes" "VncAuth"
# Option "PasswordFile" "/root/.vnc/passwd"

110
HOWTO.md Normal file
View File

@ -0,0 +1,110 @@
# What has changed
The previous Tigervnc versions had a wrapper script called `vncserver` which
could be run as a user manually to start *Xvnc* process. The usage was quite
simple as you just run
```
$ vncserver :x [vncserver options] [Xvnc options]
```
and that was it. While this was working just fine, there were issues when users
wanted to start a Tigervnc server using *systemd*. For these reasons things were
completely changed and there is now a new way how this all is supposed to work.
 # How to start Tigervnc server
 
## Add a user mapping
With this you can map a user to a particular port. The mapping should be done in
`/etc/tigervnc/vncserver.users` configuration file. It should be pretty
straightforward once you open the file as there are some examples, but basically
the mapping is in form
```
:x=user
```
For example you can have
```
:1=test
:2=vncuser
```
## Configure Xvnc options
To configure Xvnc parameters, you need to go to the same directory where you did
the user mapping and open `vncserver-config-defaults` configuration file. This
file is for the default Xvnc configuration and will be applied to every user
unless any of the following applies:
* The user has its own configuration in `$HOME/.vnc/config`
* The same option with different value is configured in
  `vncserver-config-mandatory` configuration file, which replaces the default
  configuration and has even a higher priority than the per-user configuration.
  This option is for system administrators when they want to force particular
  *Xvnc* options.
Format of the configuration file is also quite simple as the configuration is
in form of
```
option=value
option
```
for example
```
session=gnome
securitytypes=vncauth,tlsvnc
desktop=sandbox
geometry=2000x1200
localhost
alwaysshared
```
### Note:
There is one important option you need to set and that option is the session you
want to start. E.g when you want to start GNOME desktop, then you have to use
```
session=gnome
```
which should match the name of a session desktop file from `/usr/share/xsessions`
directory.
## Set VNC password
You need to set a password for each user in order to be able to start the
Tigervnc server. In order to create a password, you just run
```
$ vncpasswd
```
as the user you will be starting the server for.
### Note:
If you were using Tigervnc before for your user and you already created a
password, then you will have to make sure the `$HOME/.vnc` folder created by
`vncpasswd` will have the correct *SELinux* context. You either can delete this
folder and recreate it again by creating the password one more time, or
alternatively you can run
```
$ restorecon -RFv /home/<USER>/.vnc
```
## Start the Tigervnc server
Finally you can start the server using systemd service. To do so just run
```
$ systemctl start vncserver@:x
```
as root or
```
$ sudo systemctl start vncserver@:x
```
as a regular user in case it has permissions to run `sudo`. Don't forget to
replace the `:x` by the actual number you configured in the user mapping file.
Following our example by running
```
$ systemctl start vncserver@:1
```
you will start a Tigervnc server for user `test` with a GNOME session.
### Note:
If you were previously using Tigervnc and you were used to start it using
*systemd* then you will need to remove previous *systemd* configuration files,
those you most likely copied to `/etc/systemd/system/vncserver@.service`,
otherwise this service file will be preferred over the new one installed with
latest Tigervnc.
# Limitations
You will not be able to start a Tigervnc server for a user who is already
logged into a graphical session. Avoid running the server as the `root` user as
it's not a safe thing to do. While running the server as the `root` should work
in general, it's not recommended to do so and there might be some things which
are not working properly.

2
sources
View File

@ -1 +1 @@
SHA512 (tigervnc-1.10.1.tar.gz) = 3486ff772d39217feb8c075860cae58e1021bdb8095443d8b5c383929cc6c622b57ea61c31d06ff0bd48c7e6889db4b6a99d0742bdd60edf323fb2a3ad328705
SHA512 (tigervnc-1.10.90.tar.gz) = f5479b948ab64f6011a38ee4540ece33e73c2bbec4f887ba12fee059a2a7c17d68321682599e778444ca5ee009d79c6529f84a7ffc080f9ed8aa7dbb30dc5bba

12
tigervnc-manpages.patch
View File

@ -1,12 +0,0 @@
diff --git a/unix/vncserver b/unix/vncserver
index 68be032..ac0e993 100755
--- a/unix/vncserver
+++ b/unix/vncserver
@@ -678,6 +678,7 @@ sub Usage
" [-geometry <width>x<height>]\n".
" [-pixelformat rgbNNN|bgrNNN]\n".
" [-fp <font-path>]\n".
+ " [-cc <visual>]\n".
" [-fg]\n".
" [-autokill]\n".
" [-noxstartup]\n".

9
tigervnc-shebang.patch
View File

@ -1,9 +0,0 @@
diff -up tigervnc-1.3.0/unix/vncserver.shebang tigervnc-1.3.0/unix/vncserver
--- tigervnc-1.3.0/unix/vncserver.shebang 2013-07-24 12:22:34.962158378 +0100
+++ tigervnc-1.3.0/unix/vncserver 2013-07-24 12:22:41.593188190 +0100
@@ -1,4 +1,4 @@
-#!/usr/bin/env perl
+#!/usr/bin/perl
#
# Copyright (C) 2009-2010 D. R. Commander. All Rights Reserved.
# Copyright (C) 2005-2006 Sun Microsystems, Inc. All Rights Reserved.

33
tigervnc-xstartup.patch
View File

@ -1,33 +0,0 @@
diff --git a/unix/vncserver b/unix/vncserver
index c4d0535..64c6744 100755
--- a/unix/vncserver
+++ b/unix/vncserver
@@ -61,27 +61,7 @@ $defaultXStartup
= ("#!/bin/sh\n\n".
"unset SESSION_MANAGER\n".
"unset DBUS_SESSION_BUS_ADDRESS\n".
- "OS=`uname -s`\n".
- "if [ \$OS = 'Linux' ]; then\n".
- " case \"\$WINDOWMANAGER\" in\n".
- " \*gnome\*)\n".
- " if [ -e /etc/SuSE-release ]; then\n".
- " PATH=\$PATH:/opt/gnome/bin\n".
- " export PATH\n".
- " fi\n".
- " ;;\n".
- " esac\n".
- "fi\n".
- "if [ -x /etc/X11/xinit/xinitrc ]; then\n".
- " exec /etc/X11/xinit/xinitrc\n".
- "fi\n".
- "if [ -f /etc/X11/xinit/xinitrc ]; then\n".
- " exec sh /etc/X11/xinit/xinitrc\n".
- "fi\n".
- "[ -r \$HOME/.Xresources ] && xrdb \$HOME/.Xresources\n".
- "xsetroot -solid grey\n".
- "xterm -geometry 80x24+10+10 -ls -title \"\$VNCDESKTOP Desktop\" &\n".
- "twm &\n");
+ "exec /etc/X11/xinit/xinitrc\n");
$defaultConfig
= ("## Supported server options to pass to vncserver upon invocation can be listed\n".

129
tigervnc.spec
View File

@ -1,6 +1,6 @@
Name: tigervnc
Version: 1.10.1
Release: 9%{?dist}
Version: 1.10.90
Release: 1%{?dist}
Summary: A TigerVNC remote display system
%global _hardened_build 1
@ -9,21 +9,14 @@ License: GPLv2+
URL: http://www.tigervnc.com
Source0: %{name}-%{version}.tar.gz
Source1: vncserver-system.service
Source2: vncserver-user.service
Source3: vncserver.sysconfig
Source4: 10-libvnc.conf
Source5: xvnc.service
Source6: xvnc.socket
Source7: vncserver_wrapper
Source1: xvnc.service
Source2: xvnc.socket
Source3: 10-libvnc.conf
Source4: HOWTO.md
Patch1: tigervnc-manpages.patch
Patch2: tigervnc-getmaster.patch
Patch3: tigervnc-shebang.patch
Patch4: tigervnc-xstartup.patch
Patch5: tigervnc-utilize-system-crypto-policies.patch
Patch7: tigervnc-passwd-crash-with-malloc-checks.patch
Patch8: 0001-xserver-add-no-op-input-thread-init-function.patch
Patch100: tigervnc-xserver120.patch
@ -35,8 +28,8 @@ BuildRequires: libxkbfile-devel, openssl-devel, libpciaccess-devel
BuildRequires: mesa-libGL-devel, libXinerama-devel, xorg-x11-font-utils
BuildRequires: freetype-devel, libXdmcp-devel, libxshmfence-devel
BuildRequires: libjpeg-turbo-devel, gnutls-devel, pam-devel
BuildRequires: libdrm-devel, libXt-devel, pixman-devel
BuildRequires: systemd, cmake, desktop-file-utils,
BuildRequires: libdrm-devel, libXt-devel, pixman-devel,
BuildRequires: systemd, cmake, desktop-file-utils, selinux-policy-devel
%if 0%{?fedora} > 24 || 0%{?rhel} >= 7
BuildRequires: libXfont2-devel
%else
@ -66,7 +59,8 @@ server.
%package server
Summary: A TigerVNC server
Requires: perl-interpreter
Requires: tigervnc-server-minimal
Requires: tigervnc-server-minimal = %{version}-%{release}
Requires: tigervnc-selinux = %{version}-%{release}
Requires: xorg-x11-xauth
Requires: xorg-x11-xinit
Requires(post): systemd
@ -120,6 +114,18 @@ BuildArch: noarch
%description icons
This package contains icons for TigerVNC viewer
%package selinux
Summary: SELinux module for TigerVNC
BuildArch: noarch
Requires(pre): libselinux-utils
Requires(post): selinux-policy >= %{_selinux_policy_version}
Requires(post): policycoreutils
Requires(post): libselinux-utils
%description selinux
This package provides the SELinux policy module to ensure TigerVNC
runs properly under an environment with SELinux enabled.
%prep
%setup -q
@ -131,25 +137,14 @@ done
%patch100 -p1 -b .xserver120-rebased
popd
# Synchronise manpages and --help output (bug #980870).
%patch1 -p1 -b .manpages
# libvnc.so: don't use unexported GetMaster function (bug #744881 again).
%patch2 -p1 -b .getmaster
# Don't use shebang in vncserver script.
%patch3 -p1 -b .shebang
# Clearer xstartup file (bug #923655).
%patch4 -p1 -b .xstartup
# Utilize system-wide crypto policies
%patch5 -p1 -b .utilize-system-crypto-policies
%patch7 -p1 -b .tigervnc-passwd-crash-with-malloc-checks
%patch8 -p1 -b .inputthread
%build
%ifarch sparcv9 sparc64 s390 s390x
export CFLAGS="$RPM_OPT_FLAGS -fPIC"
@ -158,10 +153,13 @@ export CFLAGS="$RPM_OPT_FLAGS -fpic"
%endif
export CXXFLAGS="$CFLAGS -std=c++11"
%{cmake} .
%make_build
%cmake
%cmake_build
pushd unix/xserver
sed -i 's@TIGERVNC_BUILDDIR=${TIGERVNC_SRCDIR}@TIGERVNC_BUILDDIR=${TIGERVNC_SRCDIR}/%{_target_platform}@g' hw/vnc/Makefile.am
autoreconf -fiv
%configure \
--disable-xorg --disable-xnest --disable-xvfb --disable-dmx \
@ -180,16 +178,21 @@ autoreconf -fiv
--disable-devel-docs \
--disable-selective-werror
%make_build
make %{?_smp_mflags}
popd
# Build icons
pushd media
pushd %{_target_platform}/media
make
popd
# SELinux
pushd unix/vncserver/selinux
make
popd
%install
%make_install
%cmake_install
rm -f %{buildroot}%{_docdir}/%{name}-%{version}/{README.rst,LICENCE.TXT}
pushd unix/xserver/hw/vnc
@ -197,19 +200,13 @@ pushd unix/xserver/hw/vnc
popd
# Install systemd unit file
mkdir -p %{buildroot}%{_unitdir}
mkdir -p %{buildroot}%{_userunitdir}
install -m644 %{SOURCE1} %{buildroot}%{_unitdir}/vncserver@.service
install -m644 %{SOURCE2} %{buildroot}%{_userunitdir}/vncserver@.service
install -m644 %{SOURCE5} %{buildroot}%{_unitdir}/xvnc@.service
install -m644 %{SOURCE6} %{buildroot}%{_unitdir}/xvnc.socket
rm -rf %{buildroot}%{_initrddir}
pushd unix/vncserver/selinux
make install DESTDIR=%{buildroot}
popd
# Install vncserver wrapper script
install -m744 %{SOURCE7} %{buildroot}%{_bindir}/vncserver_wrapper
mkdir -p %{buildroot}%{_sysconfdir}/sysconfig
install -m644 %{SOURCE3} %{buildroot}%{_sysconfdir}/sysconfig/vncservers
# Install systemd unit file
install -m644 %{SOURCE1} %{buildroot}%{_unitdir}/xvnc@.service
install -m644 %{SOURCE2} %{buildroot}%{_unitdir}/xvnc.socket
# Install desktop stuff
mkdir -p %{buildroot}%{_datadir}/icons/hicolor/{16x16,24x24,48x48}/apps
@ -226,23 +223,37 @@ popd
rm -f %{buildroot}%{_libdir}/xorg/modules/extensions/libvnc.la
mkdir -p %{buildroot}%{_sysconfdir}/X11/xorg.conf.d/
install -m 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/X11/xorg.conf.d/10-libvnc.conf
install -m 644 %{SOURCE3} %{buildroot}%{_sysconfdir}/X11/xorg.conf.d/10-libvnc.conf
%post server
%systemd_post vncserver.service
%systemd_post xvnc.service
%systemd_post xvnc.socket
%preun server
%systemd_preun vncserver.service
%systemd_preun xvnc.service
%systemd_preun xvnc.socket
%postun server
%systemd_postun vncserver.service
%systemd_postun xvnc.service
%systemd_postun xvnc.socket
%pre selinux
%selinux_relabel_pre
%post selinux
%selinux_modules_install %{_datadir}/selinux/packages/vncsession.pp
%selinux_relabel_post
%posttrans selinux
%selinux_relabel_post
%postun selinux
%selinux_modules_uninstall vncsession
if [ $1 -eq 0 ]; then
%selinux_relabel_post
fi
%files -f %{name}.lang
%doc README.rst
%{_bindir}/vncviewer
@ -250,16 +261,20 @@ install -m 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/X11/xorg.conf.d/10-libvnc.c
%{_mandir}/man1/vncviewer.1*
%files server
%config(noreplace) %{_sysconfdir}/sysconfig/vncservers
%{_userunitdir}/vncserver@.service
%config(noreplace) %{_sysconfdir}/pam.d/tigervnc
%config(noreplace) %{_sysconfdir}/tigervnc/vncserver-config-defaults
%config(noreplace) %{_sysconfdir}/tigervnc/vncserver-config-mandatory
%config(noreplace) %{_sysconfdir}/tigervnc/vncserver.users
%{_unitdir}/vncserver@.service
%{_unitdir}/xvnc@.service
%{_unitdir}/xvnc.socket
%{_bindir}/x0vncserver
%{_bindir}/vncserver
%{_bindir}/vncserver_wrapper
%{_mandir}/man1/vncserver.1*
%{_sbindir}/vncsession
%{_libexecdir}/vncserver
%{_libexecdir}/vncsession-start
%{_mandir}/man1/x0vncserver.1*
%{_mandir}/man8/vncserver.8*
%{_mandir}/man8/vncsession.8*
%files server-minimal
%{_bindir}/vncconfig
@ -274,12 +289,18 @@ install -m 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/X11/xorg.conf.d/10-libvnc.c
%config %{_sysconfdir}/X11/xorg.conf.d/10-libvnc.conf
%files license
%license LICENCE.TXT
%{_docdir}/tigervnc/LICENCE.TXT
%files icons
%{_datadir}/icons/hicolor/*/apps/*
%files selinux
%{_datadir}/selinux/packages/vncsession.pp
%changelog
* Mon Aug 24 2020 Jan Grulich <jgrulich@redhat.com. - 1.10.90-1
- Update to 1.10.90 (1.11.0 beta)
* Sat Aug 01 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.10.1-9
- Second attempt - Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild

45
vncserver-system.service
View File

@ -1,45 +0,0 @@
# The vncserver service unit file
#
# Quick HowTo:
# 1. Copy this file to /etc/systemd/system/vncserver@.service
# 2. Replace <USER> with the actual user name and edit vncserver
# parameters in the wrapper script located in /usr/bin/vncserver_wrapper
# 3. Run `systemctl daemon-reload`
# 4. Run `systemctl enable vncserver@:<display>.service`
#
# DO NOT RUN THIS SERVICE if your local area network is
# untrusted! For a secure way of using VNC, you should
# limit connections to the local host and then tunnel from
# the machine you want to view VNC on (host A) to the machine
# whose VNC output you want to view (host B)
#
# [user@hostA ~]$ ssh -v -C -L 590N:localhost:590M hostB
#
# this will open a connection on port 590N of your hostA to hostB's port 590M
# (in fact, it ssh-connects to hostB and then connects to localhost (on hostB).
# See the ssh man page for details on port forwarding)
#
# You can then point a VNC client on hostA at vncdisplay N of localhost and with
# the help of ssh, you end up seeing what hostB makes available on port 590M
#
# Use "-nolisten tcp" to prevent X connections to your VNC server via TCP.
#
# Use "-localhost" to prevent remote VNC clients connecting except when
# doing so through a secure tunnel. See the "-via" option in the
# `man vncviewer' manual page.
[Unit]
Description=Remote desktop service (VNC)
After=syslog.target network.target
[Service]
Type=simple
# Clean any existing files in /tmp/.X11-unix environment
ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'
ExecStart=/usr/bin/vncserver_wrapper <USER> %i
ExecStop=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'
[Install]
WantedBy=multi-user.target

59
vncserver-user.service
View File

@ -1,59 +0,0 @@
# The vncserver service unit file
#
# Quick HowTo: As the User wanting to have this functionality
#
# 1. Copy this file to ~/.config/systemd/user/ (Optional, in case default settings are not suitable)
#
# $ mkdir -p ~/.config/systemd/user
# $ cp /usr/lib/systemd/user/vncserver@.service ~/.config/systemd/user/
#
# 2. Reload user's systemd
#
# $ systemctl --user daemon-reload
#
# 3. Start the service immediately and enable it at boot
#
# $ systemctl --user enable vncserver@:<display>.service --now
#
# 4. Enable lingering
#
# $ loginctl enable-linger
#
# DO NOT RUN THIS SERVICE if your local area network is
# untrusted! For a secure way of using VNC, you should
# limit connections to the local host and then tunnel from
# the machine you want to view VNC on (host A) to the machine
# whose VNC output you want to view (host B)
#
# [user@hostA ~]$ ssh -v -C -L 590N:localhost:590M hostB
#
# this will open a connection on port 590N of your hostA to hostB's port 590M
# (in fact, it ssh-connects to hostB and then connects to localhost (on hostB).
# See the ssh man page for details on port forwarding)
#
# You can then point a VNC client on hostA at vncdisplay N of localhost and with
# the help of ssh, you end up seeing what hostB makes available on port 590M
#
# Use "-nolisten tcp" to prevent X connections to your VNC server via TCP.
#
# Use "-localhost" to prevent remote VNC clients connecting except when
# doing so through a secure tunnel. See the "-via" option in the
# `man vncviewer' manual page.
[Unit]
Description=Remote desktop service (VNC)
After=syslog.target network.target
[Service]
Type=forking
ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'
ExecStart=/usr/bin/vncserver %i
ExecStop=/usr/bin/vncserver -kill %i
Restart=on-success
RestartSec=15
[Install]
WantedBy=default.target

1
vncserver.sysconfig
View File

@ -1 +0,0 @@
# THIS FILE HAS BEEN REPLACED BY /lib/systemd/system/vncserver@.service

42
vncserver_wrapper
View File

@ -1,42 +0,0 @@
#!/bin/sh
USER="$1"
INSTANCE="$2"
die() {
echo "FATAL: ${@:-}" >&2
exit 2
}
cleanup() {
[ -n "$VNCPID" ] || return
if kill -0 $VNCPID 2>/dev/null; then
kill $VNCPID
fi
}
trap cleanup TERM INT HUP
[ -n "$USER" -a -n "$INSTANCE" ] || die "Invalid usage!"
/usr/sbin/runuser -l "$USER" -c "/usr/bin/vncserver ${INSTANCE}"
[ $? -eq 0 ] || die "'runuser -l $USER' failed!"
# Wait up to 5 seconds for vncserver to be up
for tries in $(seq 1 50); do
[ -e "~$USER/.vnc/$(hostname)${INSTANCE}.pid" ] && break
sleep 0.1
done
eval HOME=~$USER
VNCPID=$(cat "$HOME/.vnc/$(hostname)${INSTANCE}.pid" 2>/dev/null || true)
[ -n "$VNCPID" ] || die "'vncserver ${INSTANCE}' failed to start after 5 seconds!"
echo "'vncserver ${INSTANCE}' has PID $VNCPID, waiting until it exits ..."
while kill -0 $VNCPID 2>/dev/null; do
sleep 5
done
echo "PID $VNCPID exited, exiting ..."