39023 2004-01-22 04:36 0000 tightvnc init.d script 2007-04-12 21:01:14 0000 1 1 1 Unclassified Gentoo Linux Applications unspecified All All RESOLVED FIXED P2 enhancement --- 1 lu_zero@gentoo.org lu_zero@gentoo.org matt@mattcaron.net lu_zero@gentoo.org 2004-01-22 04:36:44 0000 just a reminder, please take a look at the script I attach (the scripts aren't mine but from an user) lu_zero@gentoo.org 2004-01-22 04:37:32 0000 Created an attachment (id=24230) conf.d lu_zero@gentoo.org 2004-01-22 04:38:20 0000 Created an attachment (id=24231) init.d aliz@gentoo.org 2004-01-22 04:44:55 0000 http://forums.gentoo.org/viewtopic.php?t=72893 nigelenki@comcast.net 2004-01-31 13:19:35 0000 vncd hacks are an annoying thing. I just wrote my own actually, it takes a conf.d file that's just a bunch of lines of user,display,geometry and su's to the user, then runs vncserver $display -geometry $geometry. What we REALLY need is an actual vncd coded for tightvnc. It should require a username/password entry, and then track that, on connect. Here's how this would be done securely: - vncd service running, listening on port 5999 (vnc uses 5900 + display, this would equivalate to :99) - User connects with vncviewer to vnchost:99 - A new vncserver is spawned, on a new display, on a new port, and the connection is directed at it. This is the same as what apache does; the client port will be 5999 and the server port will be something else. - There is *no* password, screen immediately comes up with no authorisation. - vncd starts up vncdauth, an X program that demands that the user enter a username and password (just like xdm/gdm does). - vncd checks to see that the username/password is valid AND the user is in group vncusers, if not, kills the Xvnc that was started. - If the user is still connected (authorization approved), then it starts up gdm/kdm/xdm/xsession/etc. Optionally, the user may chose from a list of already running VNCs and connect to those without entering his password, but this will still cause the chosen VNC to request authorization for reconnect - VNC session operates as normal from then on - When other connections come directly in to a user's vnc, the vnc requests authorization as a normal vncserver would, from the vncpasswords in ~/.vnc - When the WM is exited, the Xvnc dies, connection is closed. This is the only real way to make something like this actually majorly useful for generalized remote logins; running a hundred VNCs for each of your users is impractical. matt@mattcaron.net 2004-06-26 14:21:27 0000 Hey, the scripts look better than mine (attached after this; basically ported from what FC1 uses to the gentoo init architecture). The one problem I have with these scripts is that I changed: su ${user%%:*} -c "PATH=$PATH:/usr/X11R6/bin vncserver :${user##*:} $VNC_OPTS" &>/dev/null and the ilk to su ${user%%:*} -c "vncserver :${user##*:} $VNC_OPTS" &>/dev/null See, when root's shell has been changed to TCSH, changing the path doesn't work correctly. So, either check and see what root's shell is, or don't set it at all. matt@mattcaron.net 2004-06-26 14:23:28 0000 Created an attachment (id=34227) redhat vncservers init script ported to gentoo init architecture matt@mattcaron.net 2004-06-26 14:23:57 0000 Created an attachment (id=34228) redhat vncservers config script ported to gentoo init architecture matt@mattcaron.net 2004-07-05 13:53:46 0000 Add - the init script needs modified depend section as follows: depend() { need net after netmount nfsmount } Because if you're NFS mounting home, it can only start after those are done... matt@mattcaron.net 2004-07-06 21:00:10 0000 Add - the init script needs to cd into the user's homedir when starting the server (the redhat one does this already). Otherwise, the default path that xterm gets when it starts is wrong (among other things). Something like: su ${user%%:*} -c "cd ~${USER} && vncserver :${user##*:} $VNC_OPTS" &>/dev/null works. gentoo-bugzilla@mcooper.demon.co.uk 2005-06-10 02:29:19 0000 Are these scripts in any of the tightvnc ebuilds yet? morfic@gentoo.org 2006-05-06 21:14:02 0000 go for it armin76@gentoo.org 2007-04-12 21:01:14 0000 Added the scripts to both tightvnc and vnc, thanks to the one who made them, and thanks Matthew for the info :) 24230 2004-01-22 04:37 0000 conf.d vnc text/plain IyBDb25maWcgZmlsZSBmb3IgL2V0Yy9pbml0LmQvdm5jCgojIFNwZWNpZnkgdGhlIHVzZXIocykg WHZuYygxKSBzaG91bGQgYmUgcnVuIGZvci4gVGhlIHN5bnRheCBpczogInVzZXJuYW1lOmRpc3Bs YXkiLgojIGV4YW1wbGU6ICJESVNQTEFZPSJmb286MSBiYXI6MiIgWW91IGNhbiBzcGVjaWZ5IG1v cmUgdXNlcnMgc2VwYXJhdGVkIGJ5IHNwYWNlLgpESVNQTEFZUz0ibHVfemVybzoxICIKCiMgU3Bl Y2lmeSBhbnkgb2Ygdm5jc2VydmVyKDEpIGFuZCBYdm5jKDEpIG9wdGlvbnMuIFNlZSB0aGUgcmVz cGVjdGl2ZSBtYW4gcGFnZXMgZm9yIG1vcmUgaW5mb3JtYXRpb24uCiMgVk5DX09QVFM9IiIK 24231 2004-01-22 04:38 0000 init.d vnc text/plain IyEvc2Jpbi9ydW5zY3JpcHQKIyBDb3B5cmlnaHQgMTk5OS0yMDAyIEdlbnRvbyBUZWNobm9sb2dp ZXMsIEluYy4KIyBEaXN0cmlidXRlZCB1bmRlciB0aGUgdGVybXMgb2YgdGhlIEdOVSBHZW5lcmFs IFB1YmxpYyBMaWNlbnNlLCB2MiBvciBsYXRlcgojICRIZWFkZXI6ICQKCmRlcGVuZCgpIHsKCW5l ZWQgbmV0Cn0KCmNoZWNrY29uZmlnKCkgewoJaWYgWyAtbiAiJHtESVNQTEFZU30iIF07IHRoZW4K CQlpZiBbICQxID0gInN0YXJ0IiBdOyB0aGVuCgkJCWxvY2FsIHVzZXIKCQkJZm9yIHVzZXIgaW4g JERJU1BMQVlTOyBkbwoJCQkJaWYgZXZhbCBbICEgLWYgIn4ke3VzZXIlJToqfS8udm5jL3Bhc3N3 ZCIgXTsgdGhlbgoJCQkJCWVlcnJvciAiVGhlcmUgYXJlIG5vIHBhc3N3b3JkcyBkZWZpbmVkIGZv ciB1c2VyICR7dXNlciUlOip9LiIKCQkJCQlyZXR1cm4gMQoJCQkJZWxpZiBbIC1lICIvdG1wLy5Y MTEtdW5peC9YJHt1c2VyIyMqOn0iIF07IHRoZW4KCQkJCQllZXJyb3IgIkRpc3BsYXkgOiR7dXNl ciMjKjp9IGFwcGVhcnMgdG8gYmUgYWxyZWFkeSBpbiB1c2UgYmVjYXVzZSBvZiAvdG1wLy5YMTEt dW5peC9YJHt1c2VyIyMqOn0iCgkJCQkJZWVycm9yICJSZW1vdmUgdGhpcyBmaWxlIGlmIHRoZXJl IGlzIG5vIFggc2VydmVyICRIT1NUTkFNRToke3VzZXIjIyo6fSIKCQkJCQlyZXR1cm4gMQoJCQkJ ZWxpZiBbIC1lICIvdG1wLy5YJHt1c2VyIyMqOn0tbG9jayIgXTsgdGhlbgoJCQkJCWVlcnJvciAi RGlzcGxheSA6JHt1c2VyIyMqOn0gYXBwZWFycyB0byBiZSBhbHJlYWR5IGluIHVzZSBiZWNhdXNl IG9mIC90bXAvLlgke3VzZXIjIyo6fS1sb2NrIgoJCQkJCWVlcnJvciAiUmVtb3ZlIHRoaXMgZmls ZSBpZiB0aGVyZSBpcyBubyBYIHNlcnZlciAkSE9TVE5BTUU6JHt1c2VyIyMqOn0iCgkJCQkJcmV0 dXJuIDEKCQkJCWZpCgkJCWRvbmUKCQlmaQoJCXJldHVybiAwCgllbHNlCgkJZWVycm9yICdQbGVh c2UgZGVmaW5lICRESVNQTEFZUyBpbiAvZXRjL2NvbmYuZC92bmMnCgkJcmV0dXJuIDEKCWZpCn0K CnN0YXJ0KCkgewoJY2hlY2tjb25maWcgc3RhcnQgfHwgcmV0dXJuIDEKCWViZWdpbiAiU3RhcnRp bmcgVGlnaHRWTkMgc2VydmVyIgoJZm9yIHVzZXIgaW4gJERJU1BMQVlTOyBkbwoJCXN1ICR7dXNl ciUlOip9IC1jICJQQVRIPSRQQVRIOi91c3IvWDExUjYvYmluIHZuY3NlcnZlciA6JHt1c2VyIyMq On0gJFZOQ19PUFRTIiAmPi9kZXYvbnVsbAoJZG9uZQoJZWVuZCAkPwp9CgpzdG9wICgpIHsKCWNo ZWNrY29uZmlnIHN0b3AgfHwgcmV0dXJuIDIKCWViZWdpbiAiU3RvcHBpbmcgVGlnaHRWTkMgc2Vy dmVyIgoJZm9yIHVzZXIgaW4gJERJU1BMQVlTOyBkbwoJCXN1ICR7dXNlciUlOip9IC1jICJQQVRI PSRQQVRIOi91c3IvWDExUjYvYmluIHZuY3NlcnZlciAta2lsbCA6JHt1c2VyIyMqOn0iICY+L2Rl di9udWxsCglkb25lCgllZW5kICQ/Cn0KCnJlc3RhcnQoKSB7CiAgICAgICAgc3ZjX3N0b3AKICAg ICAgICBzdmNfc3RhcnQKfQo= 34227 2004-06-26 14:23 0000 redhat vncservers init script ported to gentoo init architecture vncservers.init.d text/plain IyEvc2Jpbi9ydW5zY3JpcHQKCmRlcGVuZCgpIHsKIyBNQyAtIHVzZWQgdGhlIHNhbWUgZGVwZW5k KCkgYXMgc3NoCgl1c2UgbG9nZ2VyIGRucwoJbmVlZCBuZXQKfQoKc3RhcnQoKSB7CgllaW5mbyAi U3RhcnRpbmcgVk5DIHNlcnZlcnMuIgogICAgCVJFVFZBTD0wCiAgICAJZm9yIGRpc3BsYXkgaW4g JHtWTkNTRVJWRVJTfQogICAgCWRvCiAgICAgICAgCWVjaG8gLW4gIiR7ZGlzcGxheX0gIgoJCXVu c2V0IEJBU0hfRU5WIEVOVgoJCWV4cG9ydCBVU0VSPSIke2Rpc3BsYXkjIyo6fSIKICAgICAgICAJ c3UgJHtVU0VSfSAtYyAiY2QgfiR7VVNFUn0gJiYgWyAtZiAudm5jL3Bhc3N3ZCBdICYmIHZuY3Nl cnZlciA6JHtkaXNwbGF5JSU6Kn0iID4mIC9kZXYvbnVsbAogICAgICAgIAlSRVRWQUw9JD8KICAg ICAgICAJWyAiJFJFVFZBTCIgLW5lIDAgXSAmJiBicmVhawogICAgCWRvbmUKCWVjaG8gCgllZW5k ICQ/CQp9CgpzdG9wKCkgewoJZWJlZ2luICJTaHV0dGluZyBkb3duIFZOQyBzZXJ2ZXJzIgoJZm9y IGRpc3BsYXkgaW4gJHtWTkNTRVJWRVJTfQogICAJZG8KICAgICAgICAJZWNobyAtbiAiJHtkaXNw bGF5fSAiCgkJdW5zZXQgQkFTSF9FTlYgRU5WCgkJZXhwb3J0IFVTRVI9IiR7ZGlzcGxheSMjKjp9 IgoJICAgIAlzdSAke1VTRVJ9IC1jICJ2bmNzZXJ2ZXIgLWtpbGwgOiR7ZGlzcGxheSUlOip9IiA+ JiAvZGV2L251bGwKICAgIAlkb25lCiAgICAgICAgZWVuZCAkPwp9Cgo= 34228 2004-06-26 14:23 0000 redhat vncservers config script ported to gentoo init architecture vncservers.conf.d text/plain IyBDb25maWcgZmlsZSBmb3IgL2V0Yy9pbml0LmQvdm5jc2VydmVycwoKVk5DU0VSVkVSUz0iMTpt YXR0Igo=