note to self....
Monday, October 10, 2005
VNC
OVERVIEW:
This paper outlines - in a very general way - the steps needed to
set up VNC servic on a host machine such that VNC will provide
remotely accessible, multi-user graphical loging functionality on a
Unixish server.
Additionally, these steps include information about how to custom-
tailor the Xvnc configuration such that connection to various
defined ports can provides specified client screen resolution.
Using well-crafted VNC startup initialization scripts in concert
with the named port mapping technique shown here, these methods
could could produce highly customized. specialized services on VNC
service ports in the specified range.
Ports may be named appropirately, and portions of the configuration
scripts may be dynamic.
PRECONDITIONS:
The the following conditions should pertain for the host which is to
provide the VNC service:
* is running the display manager XDM (X-windows Display Manager)
* is running the Internet meta-deamon INETD
* has Xvnc installed
Additionally, the user performing the configuration must have system
administrative privileges for the host.
STEPS:
1. Add VNC User account
the VNC server application runs as this user. This should be
generic system user ID, a bit like the user 'nobody' which
Apache runs as.
2. Add VNC Port names to /etc/services
VNC uses TCP/IP ports 5900 to 5999. These ports map to display
numbers in VNC client connect strings, and by inetd (or xinetd)
to start the VNC service.
3. Add VNC service definitions to /etc/inetd.conf
For each VNC port name defined in step 2, above, a line is
placed in the /etc/inetd.comf file. These are standard inetd
configuration / invocation syntax definitions that are used to
configure services that are requested via inetd.
4. Modify Display Manager startup scripts
a) /etc/X11/xdm/Xaccess
The file /etc/X11/xdm/Xaccess contains rules which control
access to the XDM display manager. These rules must remote
access to XDM in order that remote users be able to use XDM
for login.
The simplest way to accomplish that is to simply place a
single asterick character (*) on a line by itself in this
file.
For example. an /etc/X11/xdm/Xaccess rule allowing access to
Xdm from any network host is:
* # any host can get a login window
b) /etc/X11/xdm/xdm-config
Comment out the DisplayManager.requestPort line.
5. Restart System Services XDM and INETD
% /etc/init.d/xdm restart
% /etc/init.d/inetd restart
NOTES:
For additional information about XDM initialization and
configuration, see the XDM manual pages.
For additional information about VNC session startup initialization,
see the VNC documentation.
For additional information about INETD and the /etc/services file,
see the manual pages for those.
EXAMPLE FOR /etc/services FILE:
## ===========================================================
## /etc/services Modifications
## VNC services using ports 5900 thru 5999
## ---------------------------------------------------------
# name port/proto resolution screen number
# ------------ -------------- --------------- -------------
vnc 5900/tcp # site default :0
vnc-tiny 5901/tcp # 320x240 :1
vnc-small 5902/tcp # 640x480 :2
vnc-med 5903/tcp # 800x600 :3
vnc-large 5904/tcp # 1024x764 :4
vnc-xlrg 5905/tcp # 1280x1024 :5
vnc-huge 5906/tcp # 1600x1200 :6
vnc-cust 5907/tcp # 1160x960 :7
## ===========================================================
EXAMPLE FOR /etc/inetd.conf FILE:
# ============================================================
# Add to /etc/inetd.conf
# ===========================================================
# Start VNC services based on TCP port name.
#
# In this example, ports are named for their resolutions.
#
# All servers in this example uses a default pixel color depth of
# 24bpp.
#
# All servers currently run under username "netcusr".
#
# Port numbers are defined in /etc/services
#
# name resolution VNC screen
# ------------- ------------- ----------
# vnc 1160x960 :0
# vnc-tiny 320x240 :1
# vnc-small 640x480 :2
# vnc-med 800x600 :3
# vnc-large 1024x768 :4
# vnc-xlrg 1280x1024 :5
# vnc-huge 1600x1200 :6
# vnc-cust 1160x960 :7
#
# ===========================================================
vnc stream tcp nowait netcusr /usr/X11R6/bin/Xvnc Xvnc\
-geometry 1160x960 -depth 24 -desktop NetC\
-inetd -once -query localhost
vnc-tiny stream tcp nowait netcusr /usr/X11R6/bin/Xvnc Xvnc\
-geometry 320x240 -depth 24 -desktop NetC\
-inetd -once -query localhost
vnc-small stream tcp nowait netcusr /usr/X11R6/bin/Xvnc Xvnc\
-geometry 640x480 -depth 24 -desktop NetC\
-inetd -once -query localhost
vnc-med stream tcp nowait netcusr /usr/X11R6/bin/Xvnc Xvnc\
-geometry 800x600 -depth 24 -desktop NetC\
-inetd -once -query localhost
vnc-large stream tcp nowait netcusr /usr/X11R6/bin/Xvnc Xvnc\
-geometry 1024x768 -depth 24 -desktop NetC\
-inetd -once -query localhost
vnc-xlrg stream tcp nowait netcusr /usr/X11R6/bin/Xvnc Xvnc\
-geometry 1280x1024 -depth 24 -desktop NetC\
-inetd -once -query localhost
vnc-huge stream tcp nowait netcusr /usr/X11R6/bin/Xvnc Xvnc\
-geometry 1600x1200 -depth 24 -desktop NetC\
-inetd -once -query localhost
vnc-cust stream tcp nowait netcusr /usr/X11R6/bin/Xvnc Xvnc\
-geometry 1160x960 -depth 24 -desktop NetC\
-inetd -once -query localhost
# ===========================================================
ADDITIONAL CONFIGURATION AND EXTENSION INFORMATION:
From the XDM manual page:
"For X terminals that do not offer a menu of hosts to get display
management from, xdm can collect willing hosts and run the
chooser program to offer the user a menu. For X displays
attached to a host, this step is typically not used, as the local
host does the display management."
...this chooser behaviour may be automated server side such that it
could select a login host form a cluster of hosts based on e.g. load
balancing parameters.
Also from the manual page:
"After resetting the X server, xdm runs the Xsetup script to
assist in setting up the screen the user sees along with the
xlogin widget."
...the Xsetup script exists as /etc/X11/xdm/Xsetup - this is the
script to customize to control what the user sees on the login
screen.
Manual page, again:
"The xlogin widget, which xdm presents, offers the familiar login
and password prompts."
...the xlogin widget resources may be specified using standard X
resource specifications. This gives fine-grained control over the
appearance and behaviour of the login widget (which displays the
'Username:' and 'Password:' prompts)...
The manual page specifies the order in which the other session setup
scripts run:
"After the user logs in, xdm runs the Xstartup script as root.
"Then xdm runs the Xsession script as the user. This system
session file may do some additional startup and typically
runs the .xsession script in the user's home directory. When the
Xsession script exits, the session is over."
...note that the ~/.vnc session initialization scripts are not be
being used, here, since the VNC service is running at a system level,
allowing the user to log in using standard X login methods. This
means that, assuming the user logins in only using VNC (i.e. never
logs in locally), the standard startup scripts may be used to
initialize the session, even though some session initialization may
be VNC-specific.
"At the end of the session, the Xreset script is run to clean up,
the X server is reset, and the cycle starts over."
...so any session tear-down should be done in Xreset. There should
also be a user-specific version of this file. If there is not, one
should be added.
To summarize: VNC can be used to set up the connection and do
authentication, following which the XDM and standard X session
configurations can be used to control the what gets displayed on the
"desktop" that the user sees following the login authenitcation
sequence.
posted by 0x0000 #
13:43
Archives
2004/09 2005/03 2005/04 2005/05 2005/06 2005/07 2005/08 2005/09 2005/10 2005/11 2006/01 2006/02 2006/04 2006/05 2006/06 2008/01
Subscribe to Posts [Atom]