rpms/tigervnc
5
0
Fork 0
Code Issues Pull Requests Releases Activity

backport upstream fix allowing Tigervnc to specify boolean values in configuration

Browse Source 
Revert removal of vncserver for F32 and F33
This commit is contained in:
Jan Grulich 2020-09-29 15:36:10 +02:00
parent 6815db4039
commit 7daeac56f7
5 changed files with 1319 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
tigervnc-systemd-service.patch Normal file
View File

@ -0,0 +1,47 @@
From 40f104ffe1e36df9613f8d316f616fb2b089cc86 Mon Sep 17 00:00:00 2001
From: Jan Grulich <jgrulich@redhat.com>
Date: Tue, 29 Sep 2020 13:37:16 +0200
Subject: [PATCH] Use /run instead of /var/run which is just a symlink
---
unix/vncserver/selinux/vncsession.fc | 2 +-
unix/vncserver/vncserver@.service.in | 2 +-
unix/vncserver/vncsession.c | 2 +-
3 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/unix/vncserver/selinux/vncsession.fc b/unix/vncserver/selinux/vncsession.fc
index 121cdd237..ae768baa4 100644
--- a/unix/vncserver/selinux/vncsession.fc
+++ b/unix/vncserver/selinux/vncsession.fc
@@ -23,4 +23,4 @@ HOME_ROOT/\.vnc(/.*)? gen_context(system_u:object_r:xdm_home_t,s0)
/usr/sbin/vncsession -- gen_context(system_u:object_r:vnc_session_exec_t,s0)
/usr/libexec/vncsession-start -- gen_context(system_u:object_r:vnc_session_exec_t,s0)
-/var/run/vncsession-:[0-9]*\.pid -- gen_context(system_u:object_r:vnc_session_var_run_t,s0)
+/run/vncsession-:[0-9]*\.pid -- gen_context(system_u:object_r:vnc_session_var_run_t,s0)
diff --git a/unix/vncserver/vncserver@.service.in b/unix/vncserver/vncserver@.service.in
index 584ecf4b1..5624dff76 100644
--- a/unix/vncserver/vncserver@.service.in
+++ b/unix/vncserver/vncserver@.service.in
@@ -36,7 +36,7 @@ After=syslog.target network.target
[Service]
Type=forking
ExecStart=@CMAKE_INSTALL_FULL_LIBEXECDIR@/vncsession-start %i
-PIDFile=/var/run/vncsession-%i.pid
+PIDFile=/run/vncsession-%i.pid
SELinuxContext=system_u:system_r:vnc_session_t:s0
[Install]
diff --git a/unix/vncserver/vncsession.c b/unix/vncserver/vncsession.c
index 3e0c98f0f..2b47f5f55 100644
--- a/unix/vncserver/vncsession.c
+++ b/unix/vncserver/vncsession.c
@@ -543,7 +543,7 @@ main(int argc, char **argv)
}
snprintf(pid_file, sizeof(pid_file),
- "/var/run/vncsession-%s.pid", display);
+ "/run/vncsession-%s.pid", display);
f = fopen(pid_file, "w");
if (f == NULL) {
syslog(LOG_ERR, "Failure creating pid file \"%s\": %s",

149
tigervnc-tolerate-specifying-boolparam.patch Normal file
View File

@ -0,0 +1,149 @@
From 38c6848b30cb1908171f2b4628e345fbf6727b39 Mon Sep 17 00:00:00 2001
From: Pierre Ossman <ossman@cendio.se>
Date: Fri, 18 Sep 2020 10:44:32 +0200
Subject: [PATCH] Tolerate specifying -BoolParam 0 and similar
This is needed by vncserver which doesn't know which parameters are
boolean, and it cannot use the -Param=Value form as that isn't tolerated
by the Xorg code.
---
unix/vncserver/vncserver.in | 8 ++++----
unix/xserver/hw/vnc/RFBGlue.cc | 16 ++++++++++++++++
unix/xserver/hw/vnc/RFBGlue.h | 1 +
unix/xserver/hw/vnc/xvnc.c | 14 ++++++++++++++
vncviewer/vncviewer.cxx | 20 ++++++++++++++++++++
5 files changed, 55 insertions(+), 4 deletions(-)
diff --git a/unix/vncserver/vncserver.in b/unix/vncserver/vncserver.in
index 25fbbd315..261b258f1 100755
--- a/unix/vncserver/vncserver.in
+++ b/unix/vncserver/vncserver.in
@@ -107,7 +107,7 @@ $default_opts{rfbwait} = 30000;
$default_opts{rfbauth} = "$vncUserDir/passwd";
$default_opts{rfbport} = $vncPort;
$default_opts{fp} = $fontPath if ($fontPath);
-$default_opts{pn} = "";
+$default_opts{pn} = undef;
# Load user-overrideable system defaults
LoadConfig($vncSystemConfigDefaultsFile);
@@ -242,13 +242,13 @@ push(@cmd, "@CMAKE_INSTALL_FULL_BINDIR@/Xvnc", ":$displayNumber");
foreach my $k (sort keys %config) {
push(@cmd, "-$k");
- push(@cmd, $config{$k}) if $config{$k};
+ push(@cmd, $config{$k}) if defined($config{$k});
delete $default_opts{$k}; # file options take precedence
}
foreach my $k (sort keys %default_opts) {
push(@cmd, "-$k");
- push(@cmd, $default_opts{$k}) if $default_opts{$k};
+ push(@cmd, $default_opts{$k}) if defined($default_opts{$k});
}
warn "\nNew '$desktopName' desktop is $host:$displayNumber\n\n";
@@ -291,7 +291,7 @@ sub LoadConfig {
# current config file being loaded defined the logical opposite setting
# (NeverShared vs. AlwaysShared, etc etc).
$toggle = lc($1); # must normalize key case
- $config{$toggle} = $k;
+ $config{$toggle} = undef;
}
}
close(IN);
diff --git a/unix/xserver/hw/vnc/RFBGlue.cc b/unix/xserver/hw/vnc/RFBGlue.cc
index f108fae43..7c32bea8f 100644
--- a/unix/xserver/hw/vnc/RFBGlue.cc
+++ b/unix/xserver/hw/vnc/RFBGlue.cc
@@ -143,6 +143,22 @@ const char* vncGetParamDesc(const char *name)
return param->getDescription();
}
+int vncIsParamBool(const char *name)
+{
+ VoidParameter *param;
+ BoolParameter *bparam;
+
+ param = rfb::Configuration::getParam(name);
+ if (param == NULL)
+ return false;
+
+ bparam = dynamic_cast<BoolParameter*>(param);
+ if (bparam == NULL)
+ return false;
+
+ return true;
+}
+
int vncGetParamCount(void)
{
int count;
diff --git a/unix/xserver/hw/vnc/RFBGlue.h b/unix/xserver/hw/vnc/RFBGlue.h
index 112405b84..695cea105 100644
--- a/unix/xserver/hw/vnc/RFBGlue.h
+++ b/unix/xserver/hw/vnc/RFBGlue.h
@@ -41,6 +41,7 @@ int vncSetParam(const char *name, const char *value);
int vncSetParamSimple(const char *nameAndValue);
char* vncGetParam(const char *name);
const char* vncGetParamDesc(const char *name);
+int vncIsParamBool(const char *name);
int vncGetParamCount(void);
char *vncGetParamList(void);
diff --git a/unix/xserver/hw/vnc/xvnc.c b/unix/xserver/hw/vnc/xvnc.c
index 4eb0b0b13..5744acac8 100644
--- a/unix/xserver/hw/vnc/xvnc.c
+++ b/unix/xserver/hw/vnc/xvnc.c
@@ -618,6 +618,20 @@ ddxProcessArgument(int argc, char *argv[], int i)
exit(0);
}
+ /* We need to resolve an ambiguity for booleans */
+ if (argv[i][0] == '-' && i+1 < argc &&
+ vncIsParamBool(&argv[i][1])) {
+ if ((strcasecmp(argv[i+1], "0") == 0) ||
+ (strcasecmp(argv[i+1], "1") == 0) ||
+ (strcasecmp(argv[i+1], "true") == 0) ||
+ (strcasecmp(argv[i+1], "false") == 0) ||
+ (strcasecmp(argv[i+1], "yes") == 0) ||
+ (strcasecmp(argv[i+1], "no") == 0)) {
+ vncSetParam(&argv[i][1], argv[i+1]);
+ return 2;
+ }
+ }
+
if (vncSetParamSimple(argv[i]))
return 1;
diff --git a/vncviewer/vncviewer.cxx b/vncviewer/vncviewer.cxx
index d4dd3063c..77ba3d3f4 100644
--- a/vncviewer/vncviewer.cxx
+++ b/vncviewer/vncviewer.cxx
@@ -556,6 +556,26 @@ int main(int argc, char** argv)
}
for (int i = 1; i < argc;) {
+ /* We need to resolve an ambiguity for booleans */
+ if (argv[i][0] == '-' && i+1 < argc) {
+ VoidParameter *param;
+
+ param = Configuration::getParam(&argv[i][1]);
+ if ((param != NULL) &&
+ (dynamic_cast<BoolParameter*>(param) != NULL)) {
+ if ((strcasecmp(argv[i+1], "0") == 0) ||
+ (strcasecmp(argv[i+1], "1") == 0) ||
+ (strcasecmp(argv[i+1], "true") == 0) ||
+ (strcasecmp(argv[i+1], "false") == 0) ||
+ (strcasecmp(argv[i+1], "yes") == 0) ||
+ (strcasecmp(argv[i+1], "no") == 0)) {
+ param->setParam(argv[i+1]);
+ i += 2;
+ continue;
+ }
+ }
+ }
+
if (Configuration::setParam(argv[i])) {
i++;
continue;

39
tigervnc.spec
View File

@ -1,6 +1,6 @@
Name: tigervnc
Version: 1.11.0
Release: 5%{?dist}
Release: 6%{?dist}
Summary: A TigerVNC remote display system
%global _hardened_build 1
@ -14,9 +14,17 @@ Source2: xvnc.socket
Source3: 10-libvnc.conf
Source4: HOWTO.md
Patch2: tigervnc-getmaster.patch
Patch5: tigervnc-utilize-system-crypto-policies.patch
Patch7: tigervnc-passwd-crash-with-malloc-checks.patch
# Backwards compatibility
Source5: vncserver
Source6: vncserver.man
Patch1: tigervnc-getmaster.patch
Patch2: tigervnc-utilize-system-crypto-policies.patch
Patch3: tigervnc-passwd-crash-with-malloc-checks.patch
Patch4: tigervnc-systemd-service.patch
# Upstream patches
Patch50: tigervnc-tolerate-specifying-boolparam.patch
Patch100: tigervnc-xserver120.patch
@ -138,12 +146,18 @@ done
popd
# libvnc.so: don't use unexported GetMaster function (bug #744881 again).
%patch2 -p1 -b .getmaster
%patch1 -p1 -b .getmaster
# Utilize system-wide crypto policies
%patch5 -p1 -b .utilize-system-crypto-policies
%patch2 -p1 -b .utilize-system-crypto-policies
%patch7 -p1 -b .tigervnc-passwd-crash-with-malloc-checks
%patch3 -p1 -b .tigervnc-passwd-crash-with-malloc-checks
# Enable once this is reviewed by upstream
# https://github.com/TigerVNC/tigervnc/pull/1115
# %patch4 -p1 -b .tigervnc-systemd-service
%patch50 -p1 -b .tigervnc-tolerate-specifying-boolparam
%build
%ifarch sparcv9 sparc64 s390 s390x
@ -224,6 +238,7 @@ install -m644 tigervnc_$s.png %{buildroot}%{_datadir}/icons/hicolor/${s}x$s/apps
done
popd
%if 0%{?fedora} > 33
# Install a replacement for /usr/bin/vncserver which will tell the user to read the
# HOWTO.md file
cat <<EOF > %{buildroot}/%{_bindir}/vncserver
@ -232,6 +247,12 @@ echo "vncserver has been replaced by a systemd unit."
echo "Please read /usr/share/doc/tigervnc/HOWTO.md for more information."
EOF
chmod +x %{buildroot}/%{_bindir}/vncserver
%else
rm -f %{buildroot}/%{_mandir}/man8/vncserver.8
install -m 755 %{SOURCE5} %{buildroot}/%{_bindir}/vncserver
install -m 644 %{SOURCE6} %{buildroot}/%{_mandir}/man8/vncserver.8
%endif
%find_lang %{name} %{name}.lang
@ -318,6 +339,10 @@ fi
%{_datadir}/selinux/packages/vncsession.pp
%changelog
* Tue Sep 29 13:12:22 CEST 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-6
- Backport upstream fix allowing Tigervnc to specify boolean valus in configuration
- Revert removal of vncserver for F32 and F33
* Thu Sep 24 07:14:06 CEST 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-5
- Actually install the HOWTO.md file

887
vncserver Normal file
View File

@ -0,0 +1,887 @@
#!/usr/bin/perl
#
# Copyright (C) 2009-2010 D. R. Commander. All Rights Reserved.
# Copyright (C) 2005-2006 Sun Microsystems, Inc. All Rights Reserved.
# Copyright (C) 2002-2003 Constantin Kaplinsky. All Rights Reserved.
# Copyright (C) 2002-2005 RealVNC Ltd.
# Copyright (C) 1999 AT&T Laboratories Cambridge. All Rights Reserved.
#
# This is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This software is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this software; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
# USA.
#
#
# vncserver - wrapper script to start an X VNC server.
#
# First make sure we're operating in a sane environment.
$exedir = "";
$slashndx = rindex($0, "/");
if($slashndx>=0) {
$exedir = substr($0, 0, $slashndx+1);
}
&SanityCheck();
&NotifyAboutDeprecation();
#
# Global variables. You may want to configure some of these for
# your site
#
$geometry = "1024x768";
#$depth = 16;
$vncUserDir = "$ENV{HOME}/.vnc";
$vncUserConfig = "$vncUserDir/config";
$vncSystemConfigDir = "/etc/tigervnc";
$vncSystemConfigDefaultsFile = "$vncSystemConfigDir/vncserver-config-defaults";
$vncSystemConfigMandatoryFile = "$vncSystemConfigDir/vncserver-config-mandatory";
$skipxstartup = 0;
$xauthorityFile = "$ENV{XAUTHORITY}" || "$ENV{HOME}/.Xauthority";
$xstartupFile = $vncUserDir . "/xstartup";
$defaultXStartup
= ("#!/bin/sh\n\n".
"unset SESSION_MANAGER\n".
"unset DBUS_SESSION_BUS_ADDRESS\n".
"exec /etc/X11/xinit/xinitrc\n");
$defaultConfig
= ("## Supported server options to pass to vncserver upon invocation can be listed\n".
"## in this file. See the following manpages for more: vncserver(1) Xvnc(1).\n".
"## Several common ones are shown below. Uncomment and modify to your liking.\n".
"##\n".
"# securitytypes=vncauth,tlsvnc\n".
"# desktop=sandbox\n".
"# geometry=2000x1200\n".
"# localhost\n".
"# alwaysshared\n");
chop($host = `uname -n`);
if (-d "/etc/X11/fontpath.d") {
$fontPath = "catalogue:/etc/X11/fontpath.d";
}
@fontpaths = ('/usr/share/X11/fonts', '/usr/share/fonts', '/usr/share/fonts/X11/');
if (! -l "/usr/lib/X11") {push(@fontpaths, '/usr/lib/X11/fonts');}
if (! -l "/usr/X11") {push(@fontpaths, '/usr/X11/lib/X11/fonts');}
if (! -l "/usr/X11R6") {push(@fontpaths, '/usr/X11R6/lib/X11/fonts');}
push(@fontpaths, '/usr/share/fonts/default');
@fonttypes = ('misc',
'75dpi',
'100dpi',
'Speedo',
'Type1');
foreach $_fpath (@fontpaths) {
foreach $_ftype (@fonttypes) {
if (-f "$_fpath/$_ftype/fonts.dir") {
if (! -l "$_fpath/$_ftype") {
$defFontPath .= "$_fpath/$_ftype,";
}
}
}
}
if ($defFontPath) {
if (substr($defFontPath, -1, 1) == ',') {
chop $defFontPath;
}
}
if ($fontPath eq "") {
$fontPath = $defFontPath;
}
# Check command line options
&ParseOptions("-geometry",1,"-depth",1,"-pixelformat",1,"-name",1,"-kill",1,
"-help",0,"-h",0,"--help",0,"-fp",1,"-list",0,"-fg",0,"-autokill",0,"-noxstartup",0,"-xstartup",1);
&Usage() if ($opt{'-help'} || $opt{'-h'} || $opt{'--help'});
&Kill() if ($opt{'-kill'});
&List() if ($opt{'-list'});
# Uncomment this line if you want default geometry, depth and pixelformat
# to match the current X display:
# &GetXDisplayDefaults();
if ($opt{'-geometry'}) {
$geometry = $opt{'-geometry'};
}
if ($opt{'-depth'}) {
$depth = $opt{'-depth'};
$pixelformat = "";
}
if ($opt{'-pixelformat'}) {
$pixelformat = $opt{'-pixelformat'};
}
if ($opt{'-noxstartup'}) {
$skipxstartup = 1;
}
if ($opt{'-xstartup'}) {
$xstartupFile = $opt{'-xstartup'};
}
if ($opt{'-fp'}) {
$fontPath = $opt{'-fp'};
$fpArgSpecified = 1;
}
&CheckGeometryAndDepth();
# Create the user's vnc directory if necessary.
if (!(-e $vncUserDir)) {
if (!mkdir($vncUserDir,0755)) {
die "$prog: Could not create $vncUserDir.\n";
}
}
# Find display number.
if ((@ARGV > 0) && ($ARGV[0] =~ /^:(\d+)$/)) {
$displayNumber = $1;
shift(@ARGV);
if (!&CheckDisplayNumber($displayNumber)) {
die "A VNC server is already running as :$displayNumber\n";
}
} elsif ((@ARGV > 0) && ($ARGV[0] !~ /^-/) && ($ARGV[0] !~ /^\+/)) {
&Usage();
} else {
$displayNumber = &GetDisplayNumber();
}
$vncPort = 5900 + $displayNumber;
if ($opt{'-name'}) {
$desktopName = $opt{'-name'};
} else {
$desktopName = "$host:$displayNumber ($ENV{USER})";
}
my %default_opts;
my %config;
# We set some reasonable defaults. Config file settings
# override these where present.
$default_opts{desktop} = &quotedString($desktopName);
$default_opts{auth} = &quotedString($xauthorityFile);
$default_opts{geometry} = $geometry if ($geometry);
$default_opts{depth} = $depth if ($depth);
$default_opts{pixelformat} = $pixelformat if ($pixelformat);
$default_opts{rfbwait} = 30000;
$default_opts{rfbauth} = "$vncUserDir/passwd";
$default_opts{rfbport} = $vncPort;
$default_opts{fp} = $fontPath if ($fontPath);
$default_opts{pn} = "";
# Load user-overrideable system defaults
LoadConfig($vncSystemConfigDefaultsFile);
# Then the user's settings
LoadConfig($vncUserConfig);
# And then override anything set above if mandatory settings exist.
# WARNING: "Mandatory" is used loosely here! As the man page says,
# there is nothing stopping someone from EASILY subverting the
# settings in $vncSystemConfigMandatoryFile by simply passing
# CLI args to vncserver, which trump config files! To properly
# hard force policy in a non-subvertible way would require major
# development work that touches Xvnc itself.
LoadConfig($vncSystemConfigMandatoryFile, 1);
#
# Check whether VNC authentication is enabled, and if so, prompt the user to
# create a VNC password if they don't already have one.
#
$securityTypeArgSpecified = 0;
$vncAuthEnabled = 0;
$passwordArgSpecified = 0;
@vncAuthStrings = ("vncauth", "tlsvnc", "x509vnc");
# ...first we check our configuration files' settings
if ($config{'securitytypes'}) {
$securityTypeArgSpecified = 1;
foreach $arg2 (split(',', $config{'securitytypes'})) {
if (grep {$_ eq lc($arg2)} @vncAuthStrings) {
$vncAuthEnabled = 1;
}
}
}
# ...and finally we check CLI args, which in the case of the topic at
# hand (VNC auth or not), override anything found in configuration files
# (even so-called "mandatory" settings).
for ($i = 0; $i < @ARGV; ++$i) {
# -SecurityTypes can be followed by a space or "="
my @splitargs = split('=', $ARGV[$i]);
if (@splitargs <= 1 && $i < @ARGV - 1) {
push(@splitargs, $ARGV[$i + 1]);
}
if (lc(@splitargs[0]) eq "-securitytypes") {
if (@splitargs > 1) {
$securityTypeArgSpecified = 1;
}
foreach $arg2 (split(',', @splitargs[1])) {
if (grep {$_ eq lc($arg2)} @vncAuthStrings) {
$vncAuthEnabled = 1;
}
}
}
if ((lc(@splitargs[0]) eq "-password")
|| (lc(@splitargs[0]) eq "-passwordfile"
|| (lc(@splitargs[0]) eq "-rfbauth"))) {
$passwordArgSpecified = 1;
}
}
if ((!$securityTypeArgSpecified || $vncAuthEnabled) && !$passwordArgSpecified) {
($z,$z,$mode) = stat("$vncUserDir/passwd");
if (!(-e "$vncUserDir/passwd") || ($mode & 077)) {
warn "\nYou will require a password to access your desktops.\n\n";
system($exedir."vncpasswd -q $vncUserDir/passwd");
if (($? >> 8) != 0) {
exit 1;
}
}
}
$desktopLog = "$vncUserDir/$host:$displayNumber.log";
unlink($desktopLog);
# Make an X server cookie and set up the Xauthority file
# mcookie is a part of util-linux, usually only GNU/Linux systems have it.
$cookie = `mcookie`;
# Fallback for non GNU/Linux OS - use /dev/urandom on systems that have it,
# otherwise use perl's random number generator, seeded with the sum
# of the current time, our PID and part of the encrypted form of the password.
if ($cookie eq "" && open(URANDOM, '<', '/dev/urandom')) {
my $randata;
if (sysread(URANDOM, $randata, 16) == 16) {
$cookie = unpack 'h*', $randata;
}
close(URANDOM);
}
if ($cookie eq "") {
srand(time+$$+unpack("L",`cat $vncUserDir/passwd`));
for (1..16) {
$cookie .= sprintf("%02x", int(rand(256)) % 256);
}
}
open(XAUTH, "|xauth -f $xauthorityFile source -");
print XAUTH "add $host:$displayNumber . $cookie\n";
print XAUTH "add $host/unix:$displayNumber . $cookie\n";
close(XAUTH);
# Now start the X VNC Server
# We build up our Xvnc command with options
$cmd = $exedir."Xvnc :$displayNumber";
foreach my $k (sort keys %config) {
$cmd .= " -$k $config{$k}";
delete $default_opts{$k}; # file options take precedence
}
foreach my $k (sort keys %default_opts) {
$cmd .= " -$k $default_opts{$k}";
}
# Add color database stuff here, e.g.:
# $cmd .= " -co /usr/lib/X11/rgb";
foreach $arg (@ARGV) {
$cmd .= " " . &quotedString($arg);
}
$cmd .= " >> " . &quotedString($desktopLog) . " 2>&1";
# Run $cmd and record the process ID.
$pidFile = "$vncUserDir/$host:$displayNumber.pid";
system("$cmd & echo \$! >$pidFile");
# Give Xvnc a chance to start up
sleep(3);
if ($fontPath ne $defFontPath) {
unless (kill 0, `cat $pidFile`) {
if ($fpArgSpecified) {
warn "\nWARNING: The first attempt to start Xvnc failed, probably because the font\n";
warn "path you specified using the -fp argument is incorrect. Attempting to\n";
warn "determine an appropriate font path for this system and restart Xvnc using\n";
warn "that font path ...\n";
} else {
warn "\nWARNING: The first attempt to start Xvnc failed, possibly because the font\n";
warn "catalog is not properly configured. Attempting to determine an appropriate\n";
warn "font path for this system and restart Xvnc using that font path ...\n";
}
$cmd =~ s@-fp [^ ]+@@;
$cmd .= " -fp $defFontPath" if ($defFontPath);
system("$cmd & echo \$! >$pidFile");
sleep(3);
}
}
unless (kill 0, `cat $pidFile`) {
warn "Could not start Xvnc.\n\n";
unlink $pidFile;
open(LOG, "<$desktopLog");
while (<LOG>) { print; }
close(LOG);
die "\n";
}
warn "\nNew '$desktopName' desktop is $host:$displayNumber\n\n";
# Create the user's xstartup script if necessary.
if (! $skipxstartup) {
if (!(-e "$xstartupFile")) {
warn "Creating default startup script $xstartupFile\n";
open(XSTARTUP, ">$xstartupFile");
print XSTARTUP $defaultXStartup;
close(XSTARTUP);
chmod 0755, "$xstartupFile";
}
}
# Create the user's config file if necessary.
if (!(-e "$vncUserDir/config")) {
warn "Creating default config $vncUserDir/config\n";
open(VNCUSERCONFIG, ">$vncUserDir/config");
print VNCUSERCONFIG $defaultConfig;
close(VNCUSERCONFIG);
chmod 0644, "$vncUserDir/config";
}
# Run the X startup script.
if (! $skipxstartup) {
warn "Starting applications specified in $xstartupFile\n";
}
warn "Log file is $desktopLog\n\n";
# If the unix domain socket exists then use that (DISPLAY=:n) otherwise use
# TCP (DISPLAY=host:n)
if (-e "/tmp/.X11-unix/X$displayNumber" ||
-e "/usr/spool/sockets/X11/$displayNumber")
{
$ENV{DISPLAY}= ":$displayNumber";
} else {
$ENV{DISPLAY}= "$host:$displayNumber";
}
$ENV{VNCDESKTOP}= $desktopName;
if ($opt{'-fg'}) {
if (! $skipxstartup) {
system("$xstartupFile >> " . &quotedString($desktopLog) . " 2>&1");
}
if (kill 0, `cat $pidFile`) {
$opt{'-kill'} = ':'.$displayNumber;
&Kill();
}
} else {
if ($opt{'-autokill'}) {
if (! $skipxstartup) {
system("($xstartupFile; $0 -kill :$displayNumber) >> "
. &quotedString($desktopLog) . " 2>&1 &");
}
} else {
if (! $skipxstartup) {
system("$xstartupFile >> " . &quotedString($desktopLog)
. " 2>&1 &");
}
}
}
exit;
###############################################################################
# Functions
###############################################################################
#
# Populate the global %config hash with settings from a specified
# vncserver configuration file if it exists
#
# Args: 1. file path
# 2. optional boolean flag to enable warning when a previously
# set configuration setting is being overridden
#
sub LoadConfig {
local ($configFile, $warnoverride) = @_;
local ($toggle) = undef;
if (stat($configFile)) {
if (open(IN, $configFile)) {
while (<IN>) {
next if /^#/;
if (my ($k, $v) = /^\s*(\w+)\s*=\s*(.+)$/) {
$k = lc($k); # must normalize key case
if ($warnoverride && $config{$k}) {
print("Warning: $configFile is overriding previously defined '$k' to be '$v'\n");
}
$config{$k} = $v;
} elsif ($_ =~ m/^\s*(\S+)/) {
# We can't reasonably warn on override of toggles (e.g. AlwaysShared)
# because it would get crazy to do so. We'd have to check if the
# current config file being loaded defined the logical opposite setting
# (NeverShared vs. AlwaysShared, etc etc).
$toggle = lc($1); # must normalize key case
$config{$toggle} = $k;
}
}
close(IN);
}
}
}
#
# CheckGeometryAndDepth simply makes sure that the geometry and depth values
# are sensible.
#
sub CheckGeometryAndDepth
{
if ($geometry =~ /^(\d+)x(\d+)$/) {
$width = $1; $height = $2;
if (($width<1) || ($height<1)) {
die "$prog: geometry $geometry is invalid\n";
}
$geometry = "${width}x$height";
} else {
die "$prog: geometry $geometry is invalid\n";
}
if ($depth && (($depth < 8) || ($depth > 32))) {
die "Depth must be between 8 and 32\n";
}
}
#
# GetDisplayNumber gets the lowest available display number. A display number
# n is taken if something is listening on the VNC server port (5900+n) or the
# X server port (6000+n).
#
sub GetDisplayNumber
{
foreach $n (1..99) {
if (&CheckDisplayNumber($n)) {
return $n+0; # Bruce Mah's workaround for bug in perl 5.005_02
}
}
die "$prog: no free display number on $host.\n";
}
#
# CheckDisplayNumber checks if the given display number is available. A
# display number n is taken if something is listening on the VNC server port
# (5900+n) or the X server port (6000+n).
#
sub CheckDisplayNumber
{
local ($n) = @_;
socket(S, $AF_INET, $SOCK_STREAM, 0) || die "$prog: socket failed: $!\n";
eval 'setsockopt(S, &SOL_SOCKET, &SO_REUSEADDR, pack("l", 1))';
if (!bind(S, pack('S n x12', $AF_INET, 6000 + $n))) {
close(S);
return 0;
}
close(S);
socket(S, $AF_INET, $SOCK_STREAM, 0) || die "$prog: socket failed: $!\n";
eval 'setsockopt(S, &SOL_SOCKET, &SO_REUSEADDR, pack("l", 1))';
if (!bind(S, pack('S n x12', $AF_INET, 5900 + $n))) {
close(S);
return 0;
}
close(S);
if (-e "/tmp/.X$n-lock") {
warn "\nWarning: $host:$n is taken because of /tmp/.X$n-lock\n";
warn "Remove this file if there is no X server $host:$n\n";
return 0;
}
if (-e "/tmp/.X11-unix/X$n") {
warn "\nWarning: $host:$n is taken because of /tmp/.X11-unix/X$n\n";
warn "Remove this file if there is no X server $host:$n\n";
return 0;
}
if (-e "/usr/spool/sockets/X11/$n") {
warn("\nWarning: $host:$n is taken because of ".
"/usr/spool/sockets/X11/$n\n");
warn "Remove this file if there is no X server $host:$n\n";
return 0;
}
return 1;
}
#
# GetXDisplayDefaults uses xdpyinfo to find out the geometry, depth and pixel
# format of the current X display being used. If successful, it sets the
# options as appropriate so that the X VNC server will use the same settings
# (minus an allowance for window manager decorations on the geometry). Using
# the same depth and pixel format means that the VNC server won't have to
# translate pixels when the desktop is being viewed on this X display (for
# TrueColor displays anyway).
#
sub GetXDisplayDefaults
{
local (@lines, @matchlines, $width, $height, $defaultVisualId, $i,
$red, $green, $blue);
$wmDecorationWidth = 4; # a guess at typical size for window manager
$wmDecorationHeight = 24; # decoration size
return if (!defined($ENV{DISPLAY}));
@lines = `xdpyinfo 2>/dev/null`;
return if ($? != 0);
@matchlines = grep(/dimensions/, @lines);
if (@matchlines) {
($width, $height) = ($matchlines[0] =~ /(\d+)x(\d+) pixels/);
$width -= $wmDecorationWidth;
$height -= $wmDecorationHeight;
$geometry = "${width}x$height";
}
@matchlines = grep(/default visual id/, @lines);
if (@matchlines) {
($defaultVisualId) = ($matchlines[0] =~ /id:\s+(\S+)/);
for ($i = 0; $i < @lines; $i++) {
if ($lines[$i] =~ /^\s*visual id:\s+$defaultVisualId$/) {
if (($lines[$i+1] !~ /TrueColor/) ||
($lines[$i+2] !~ /depth/) ||
($lines[$i+4] !~ /red, green, blue masks/))
{
return;
}
last;
}
}
return if ($i >= @lines);
($depth) = ($lines[$i+2] =~ /depth:\s+(\d+)/);
($red,$green,$blue)
= ($lines[$i+4]
=~ /masks:\s+0x([0-9a-f]+), 0x([0-9a-f]+), 0x([0-9a-f]+)/);
$red = hex($red);
$green = hex($green);
$blue = hex($blue);
if ($red > $blue) {
$red = int(log($red) / log(2)) - int(log($green) / log(2));
$green = int(log($green) / log(2)) - int(log($blue) / log(2));
$blue = int(log($blue) / log(2)) + 1;
$pixelformat = "rgb$red$green$blue";
} else {
$blue = int(log($blue) / log(2)) - int(log($green) / log(2));
$green = int(log($green) / log(2)) - int(log($red) / log(2));
$red = int(log($red) / log(2)) + 1;
$pixelformat = "bgr$blue$green$red";
}
}
}
#
# quotedString returns a string which yields the original string when parsed
# by a shell.
#
sub quotedString
{
local ($in) = @_;
$in =~ s/\'/\'\"\'\"\'/g;
return "'$in'";
}
#
# removeSlashes turns slashes into underscores for use as a file name.
#
sub removeSlashes
{
local ($in) = @_;
$in =~ s|/|_|g;
return "$in";
}
#
# Usage
#
sub Usage
{
die("\nusage: $prog [:<number>] [-name <desktop-name>] [-depth <depth>]\n".
" [-geometry <width>x<height>]\n".
" [-pixelformat rgbNNN|bgrNNN]\n".
" [-fp <font-path>]\n".
" [-cc <visual>]\n".
" [-fg]\n".
" [-autokill]\n".
" [-noxstartup]\n".
" [-xstartup <file>]\n".
" <Xvnc-options>...\n\n".
" $prog -kill <X-display>\n\n".
" $prog -list\n\n");
}
#
# List
#
sub List
{
opendir(dir, $vncUserDir);
my @filelist = readdir(dir);
closedir(dir);
print "\nTigerVNC server sessions:\n\n";
print "X DISPLAY #\tPROCESS ID\n";
foreach my $file (@filelist) {
if ($file =~ /$host:(\d+)$\.pid/) {
chop($tmp_pid = `cat $vncUserDir/$file`);
if (kill 0, $tmp_pid) {
print ":".$1."\t\t".`cat $vncUserDir/$file`;
} else {
unlink ($vncUserDir . "/" . $file);
}
}
}
exit;
}
#
# Kill
#
sub Kill
{
$opt{'-kill'} =~ s/(:\d+)\.\d+$/$1/; # e.g. turn :1.0 into :1
if ($opt{'-kill'} =~ /^:\d+$/) {
$pidFile = "$vncUserDir/$host$opt{'-kill'}.pid";
} else {
if ($opt{'-kill'} !~ /^$host:/) {
die "\nCan't tell if $opt{'-kill'} is on $host\n".
"Use -kill :<number> instead\n\n";
}
$pidFile = "$vncUserDir/$opt{'-kill'}.pid";
}
if (! -r $pidFile) {
die "\nCan't find file $pidFile\n".
"You'll have to kill the Xvnc process manually\n\n";
}
$SIG{'HUP'} = 'IGNORE';
chop($pid = `cat $pidFile`);
warn "Killing Xvnc process ID $pid\n";
if (kill 0, $pid) {
system("kill $pid");
sleep(1);
if (kill 0, $pid) {
print "Xvnc seems to be deadlocked. Kill the process manually and then re-run\n";
print " ".$0." -kill ".$opt{'-kill'}."\n";
print "to clean up the socket files.\n";
exit
}
} else {
warn "Xvnc process ID $pid already killed\n";
$opt{'-kill'} =~ s/://;
if (-e "/tmp/.X11-unix/X$opt{'-kill'}") {
print "Xvnc did not appear to shut down cleanly.";
print " Removing /tmp/.X11-unix/X$opt{'-kill'}\n";
unlink "/tmp/.X11-unix/X$opt{'-kill'}";
}
if (-e "/tmp/.X$opt{'-kill'}-lock") {
print "Xvnc did not appear to shut down cleanly.";
print " Removing /tmp/.X$opt{'-kill'}-lock\n";
unlink "/tmp/.X$opt{'-kill'}-lock";
}
}
unlink $pidFile;
exit;
}
#
# ParseOptions takes a list of possible options and a boolean indicating
# whether the option has a value following, and sets up an associative array
# %opt of the values of the options given on the command line. It removes all
# the arguments it uses from @ARGV and returns them in @optArgs.
#
sub ParseOptions
{
local (@optval) = @_;
local ($opt, @opts, %valFollows, @newargs);
while (@optval) {
$opt = shift(@optval);
push(@opts,$opt);
$valFollows{$opt} = shift(@optval);
}
@optArgs = ();
%opt = ();
arg: while (defined($arg = shift(@ARGV))) {
foreach $opt (@opts) {
if ($arg eq $opt) {
push(@optArgs, $arg);
if ($valFollows{$opt}) {
if (@ARGV == 0) {
&Usage();
}
$opt{$opt} = shift(@ARGV);
push(@optArgs, $opt{$opt});
} else {
$opt{$opt} = 1;
}
next arg;
}
}
push(@newargs,$arg);
}
@ARGV = @newargs;
}
# Routine to make sure we're operating in a sane environment.
sub SanityCheck
{
local ($cmd);
# Get the program name
($prog) = ($0 =~ m|([^/]+)$|);
#
# Check we have all the commands we'll need on the path.
#
cmd:
foreach $cmd ("uname","xauth") {
for (split(/:/,$ENV{PATH})) {
if (-x "$_/$cmd") {
next cmd;
}
}
die "$prog: couldn't find \"$cmd\" on your PATH.\n";
}
if($exedir eq "") {
cmd2:
foreach $cmd ("Xvnc","vncpasswd") {
for (split(/:/,$ENV{PATH})) {
if (-x "$_/$cmd") {
next cmd2;
}
}
die "$prog: couldn't find \"$cmd\" on your PATH.\n";
}
}
else {
cmd3:
foreach $cmd ($exedir."Xvnc",$exedir."vncpasswd") {
for (split(/:/,$ENV{PATH})) {
if (-x "$cmd") {
next cmd3;
}
}
die "$prog: couldn't find \"$cmd\".\n";
}
}
if (!defined($ENV{HOME})) {
die "$prog: The HOME environment variable is not set.\n";
}
#
# Find socket constants. 'use Socket' is a perl5-ism, so we wrap it in an
# eval, and if it fails we try 'require "sys/socket.ph"'. If this fails,
# we just guess at the values. If you find perl moaning here, just
# hard-code the values of AF_INET and SOCK_STREAM. You can find these out
# for your platform by looking in /usr/include/sys/socket.h and related
# files.
#
chop($os = `uname`);
chop($osrev = `uname -r`);
eval 'use Socket';
if ($@) {
eval 'require "sys/socket.ph"';
if ($@) {
if (($os eq "SunOS") && ($osrev !~ /^4/)) {
$AF_INET = 2;
$SOCK_STREAM = 2;
} else {
$AF_INET = 2;
$SOCK_STREAM = 1;
}
} else {
$AF_INET = &AF_INET;
$SOCK_STREAM = &SOCK_STREAM;
}
} else {
$AF_INET = &AF_INET;
$SOCK_STREAM = &SOCK_STREAM;
}
}
sub NotifyAboutDeprecation
{
warn "\nWARNING: vncserver has been replaced by a systemd unit and is about to be removed in the next Fedora release.\n";
warn "Please read /usr/share/doc/tigervnc/HOWTO.md for more information.\n";
}

204
vncserver.man Normal file
View File

@ -0,0 +1,204 @@
.TH vncserver 1 "" "TigerVNC" "Virtual Network Computing"
.SH NAME
vncserver \- start or stop a VNC server
.SH SYNOPSIS
.B vncserver
.RI [: display# ]
.RB [ \-name
.IR desktop-name ]
.RB [ \-geometry
.IR width x height ]
.RB [ \-depth
.IR depth ]
.RB [ \-pixelformat
.IR format ]
.RB [ \-fp
.IR font-path ]
.RB [ \-fg ]
.RB [ \-autokill ]
.RB [ \-noxstartup ]
.RB [ \-xstartup
.IR script ]
.RI [ Xvnc-options... ]
.br
.BI "vncserver \-kill :" display#
.br
.BI "vncserver \-list"
.SH DESCRIPTION
.B vncserver
is used to start a VNC (Virtual Network Computing) desktop.
.B vncserver
is a Perl script which simplifies the process of starting an Xvnc server. It
runs Xvnc with appropriate options and starts a window manager on the VNC
desktop.
.B vncserver
can be run with no options at all. In this case it will choose the first
available display number (usually :1), start Xvnc with that display number,
and start the default window manager in the Xvnc session. You can also
specify the display number, in which case vncserver will attempt to start
Xvnc with that display number and exit if the display number is not
available. For example:
.RS
vncserver :13
.RE
Editing the file $HOME/.vnc/xstartup allows you to change the applications run
at startup (but note that this will not affect an existing VNC session.)
.SH OPTIONS
You can get a list of options by passing \fB\-h\fP as an option to vncserver.
In addition to the options listed below, any unrecognised options will be
passed to Xvnc - see the Xvnc man page, or "Xvnc \-help", for details.
.TP
.B \-name \fIdesktop-name\fP
Each VNC desktop has a name which may be displayed by the viewer. The desktop
name defaults to "\fIhost\fP:\fIdisplay#\fP (\fIusername\fP)", but you can
change it with this option. The desktop name option is passed to the xstartup
script via the $VNCDESKTOP environment variable, which allows you to run a
different set of applications depending on the name of the desktop.
.
.TP
.B \-geometry \fIwidth\fPx\fIheight\fP
Specify the size of the VNC desktop to be created. Default is 1024x768.
.
.TP
.B \-depth \fIdepth\fP
Specify the pixel depth (in bits) of the VNC desktop to be created. Default is
24. Other possible values are 8, 15 and 16 - anything else is likely to cause
strange behaviour by applications.
.
.TP
.B \-pixelformat \fIformat\fP
Specify pixel format for Xvnc to use (BGRnnn or RGBnnn). The default for
depth 8 is BGR233 (meaning the most significant two bits represent blue, the
next three green, and the least significant three represent red), the default
for depth 16 is RGB565, and the default for depth 24 is RGB888.
.
.TP
.B \-cc 3
As an alternative to the default TrueColor visual, this allows you to run an
Xvnc server with a PseudoColor visual (i.e. one which uses a color map or
palette), which can be useful for running some old X applications which only
work on such a display. Values other than 3 (PseudoColor) and 4 (TrueColor)
for the \-cc option may result in strange behaviour, and PseudoColor desktops
must have an 8-bit depth.
.
.TP
.B \-kill :\fIdisplay#\fP
This kills a VNC desktop previously started with vncserver. It does this by
killing the Xvnc process, whose process ID is stored in the file
"$HOME/.vnc/\fIhost\fP:\fIdisplay#\fP.pid". The
.B \-kill
option ignores anything preceding the first colon (":") in the display
argument. Thus, you can invoke "vncserver \-kill $DISPLAY", for example at the
end of your xstartup file after a particular application exits.
.
.TP
.B \-fp \fIfont-path\fP
If the vncserver script detects that the X Font Server (XFS) is running, it
will attempt to start Xvnc and configure Xvnc to use XFS for font handling.
Otherwise, if XFS is not running, the vncserver script will attempt to start
Xvnc and allow Xvnc to use its own preferred method of font handling (which may
be a hard-coded font path or, on more recent systems, a font catalog.) In
any case, if Xvnc fails to start, the vncserver script will then attempt to
determine an appropriate X font path for this system and start Xvnc using
that font path.
The
.B \-fp
argument allows you to override the above fallback logic and specify a font
path for Xvnc to use.
.
.TP
.B \-fg
Runs Xvnc as a foreground process. This has two effects: (1) The VNC server
can be aborted with CTRL-C, and (2) the VNC server will exit as soon as the
user logs out of the window manager in the VNC session. This may be necessary
when launching TigerVNC from within certain grid computing environments.
.
.TP
.B \-autokill
Automatically kill Xvnc whenever the xstartup script exits. In most cases,
this has the effect of terminating Xvnc when the user logs out of the window
manager.
.
.TP
.B \-noxstartup
Do not run the %HOME/.vnc/xstartup script after launching Xvnc. This
option allows you to manually start a window manager in your TigerVNC session.
.
.TP
.B \-xstartup \fIscript\fP
Run a custom startup script, instead of %HOME/.vnc/xstartup, after launching
Xvnc. This is useful to run full-screen applications.
.
.TP
.B \-list
Lists all VNC desktops started by vncserver.
.SH FILES
Several VNC-related files are found in the directory $HOME/.vnc:
.TP
$HOME/.vnc/xstartup
A shell script specifying X applications to be run when a VNC desktop is
started. If this file does not exist, then vncserver will create a default
xstartup script which attempts to launch your chosen window manager.
.TP
/etc/tigervnc/vncserver-config-defaults
The optional system-wide equivalent of $HOME/.vnc/config. If this file exists
and defines options to be passed to Xvnc, they will be used as defaults for
users. The user's $HOME/.vnc/config overrides settings configured in this file.
The overall configuration file load order is: this file, $HOME/.vnc/config,
and then /etc/tigervnc/vncserver-config-mandatory. None are required to exist.
.TP
/etc/tigervnc/vncserver-config-mandatory
The optional system-wide equivalent of $HOME/.vnc/config. If this file exists
and defines options to be passed to Xvnc, they will override any of the same
options defined in a user's $HOME/.vnc/config. This file offers a mechanism
to establish some basic form of system-wide policy. WARNING! There is
nothing stopping users from constructing their own vncserver-like script
that calls Xvnc directly to bypass any options defined in
/etc/tigervnc/vncserver-config-mandatory. Likewise, any CLI arguments passed
to vncserver will override ANY config file setting of the same name. The
overall configuration file load order is:
/etc/tigervnc/vncserver-config-defaults, $HOME/.vnc/config, and then this file.
None are required to exist.
.TP
$HOME/.vnc/config
An optional server config file wherein options to be passed to Xvnc are listed
to avoid hard-coding them to the physical invocation. List options in this file
one per line. For those requiring an argument, simply separate the option from
the argument with an equal sign, for example: "geometry=2000x1200" or
"securitytypes=vncauth,tlsvnc". Options without an argument are simply listed
as a single word, for example: "localhost" or "alwaysshared".
.TP
$HOME/.vnc/passwd
The VNC password file.
.TP
$HOME/.vnc/\fIhost\fP:\fIdisplay#\fP.log
The log file for Xvnc and applications started in xstartup.
.TP
$HOME/.vnc/\fIhost\fP:\fIdisplay#\fP.pid
Identifies the Xvnc process ID, used by the
.B \-kill
option.
.SH SEE ALSO
.BR vncviewer (1),
.BR vncpasswd (1),
.BR vncconfig (1),
.BR Xvnc (1)
.br
https://www.tigervnc.org
.SH AUTHOR
Tristan Richardson, RealVNC Ltd., D. R. Commander and others.
VNC was originally developed by the RealVNC team while at Olivetti
Research Ltd / AT&T Laboratories Cambridge. TightVNC additions were
implemented by Constantin Kaplinsky. Many other people have since
participated in development, testing and support. This manual is part
of the TigerVNC software suite.