TigerVNC on RHEL7/Centos7
10月 2nd, 2014,由 frank撰写
Install TigerVNC
[root@trex-161 ~]# yum install xterm xorg-x11-xinit
[root@trex-161 ~]# yum -y install tigervnc tigervnc-server
[root@trex-161 ~]# systemctl disable firewalld.service
[root@trex-161 ~]# systemctl stop firewalld.service
[root@trex-161 ~]# cp /lib/systemd/system/vncserver@.service /etc/systemd/system/vncserver@:1.service
[root@trex-161 ~]# vncpasswd
Password:
Verify:
Would you like to enter a view-only password (y/n)? n
A view-only password is not usedEnable TigerVNC – Way1
ps: follow content of ”vncserver@.service“ had changed
[root@trex-161 ~]# vim /etc/systemd/system/vncserver@:1.service
ExecStart=/sbin/runuser -l root -c "/usr/bin/vncserver %i -geometry 1024x768"
PIDFile=/home/root/.vnc/%H%i.pid[root@frank rc.d]# chmod 777 rc.local
[root@frank rc.d]# vim rc.local
/sbin/runuser -l root -c /usr/bin/vncserver :1Enable TigerVNC – Way2
Run vncserver and auto create “xstartup”:
[root@trex-161 ~]# vncserver
You will require a password to access your desktops.
Password:
Verify:
Would you like to enter a view-only password (y/n)? n
A view-only password is not used
xauth: file /root/.Xauthority does not exist
New 'trex-161:1 (root)' desktop is trex-161:1
Creating default startup script /root/.vnc/xstartup
Creating default config /root/.vnc/config
Starting applications specified in /root/.vnc/xstartup
Log file is /root/.vnc/trex-161:1.logReplace “xstartup” content with follow:
#!/bin/sh
[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
vncconfig -iconic &
dbus-launch --exit-with-session gnome-session &Keep the original file content of ”/etc/systemd/system/vncserver@:1.service“, just replace “user”:
[Unit]
Description=Remote desktop service (VNC)
After=syslog.target network.target
[Service]
Type=simple
# Clean any existing files in /tmp/.X11-unix environment
ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'
ExecStart=/usr/bin/vncserver_wrapper root %i
ExecStop=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'
[Install]
WantedBy=multi-user.targetEnable and start vncserver by systemctl:
[root@trex-161 ~]# systemctl daemon-reload
[root@trex-161 ~]# systemctl enable vncserver@:1.service
Created symlink from /etc/systemd/system/multi-user.target.wants/vncserver@:1.service to /etc/systemd/system/vncserver@:1.service.
[root@trex-161 ~]#
[root@trex-161 ~]# systemctl start vncserver@:1.serviceCheck vnc status:
[root@trex-161 ~]# ps -ef | grep vnc
root 10814 1 0 02:50 pts/0 00:00:00 /usr/bin/Xvnc :1 -auth /root/.Xauthority -desktop trex-161:1 (root) -fp catalogue:/etc/X11/fontpath.d -geometry 1024x768 -pn -rfbauth /root/.vnc/passwd -rfbport 5901 -rfbwait 30000
root 10825 1 0 02:50 pts/0 00:00:00 /bin/sh /root/.vnc/xstartup
root 13158 6681 0 02:58 pts/0 00:00:00 grep --color=auto vnc
[root@trex-161 ~]#
[root@trex-161 ~]# netstat -an | grep :590
tcp 0 0 0.0.0.0:5901 0.0.0.0:* LISTEN
tcp6 0 0 :::5901 :::* LISTEN Check status by systemctl, that maybe report failed, that mean already running as :1, you need to kill the old vnc process first, then start:
[root@trex-161 ~]# systemctl status vncserver@:1.service
● vncserver@:1.service - Remote desktop service (VNC)
Loaded: loaded (/etc/systemd/system/vncserver@:1.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Tue 2021-08-31 02:58:20 CST; 50min ago
Process: 13051 ExecStart=/usr/bin/vncserver_wrapper root %i (code=exited, status=2)
Process: 13044 ExecStartPre=/bin/sh -c /usr/bin/vncserver -kill %i > /dev/null 2>&1 || : (code=exited, status=0/SUCCESS)
Main PID: 13051 (code=exited, status=2)
Aug 31 02:58:20 trex-161 systemd[1]: Starting Remote desktop service (VNC)...
Aug 31 02:58:20 trex-161 systemd[1]: Started Remote desktop service (VNC).
Aug 31 02:58:20 trex-161 vncserver_wrapper[13051]: A VNC server is already running as :1
Aug 31 02:58:20 trex-161 vncserver_wrapper[13051]: FATAL: 'runuser -l root' failed!
Aug 31 02:58:20 trex-161 systemd[1]: vncserver@:1.service: main process exited, code=exited, status=2...UMENT
Aug 31 02:58:20 trex-161 systemd[1]: Unit vncserver@:1.service entered failed state.
Aug 31 02:58:20 trex-161 systemd[1]: vncserver@:1.service failed.
Hint: Some lines were ellipsized, use -l to show in full.Some time, that maybe report some alarm, you need to delete garbage file by follow cmd first, then start again:
[root@trex-161 ~]# cd /tmp
[root@trex-161 tmp]# rm -rf .X*
[root@trex-161 tmp]#
[root@trex-161 tmp]# systemctl start vncserver@:1.service
[root@trex-161 tmp]# systemctl status vncserver@:1.service
● vncserver@:1.service - Remote desktop service (VNC)
Loaded: loaded (/etc/systemd/system/vncserver@:1.service; enabled; vendor preset: disabled)
Active: active (running) since Tue 2021-09-07 03:18:02 CST; 5s ago
Process: 9488 ExecStartPre=/bin/sh -c /usr/bin/vncserver -kill %i > /dev/null 2>&1 || : (code=exited, status=0/SUCCESS)
Main PID: 9492 (vncserver_wrapp)
CGroup: /system.slice/system-vncserver.slice/vncserver@:1.service
├─ 9492 /bin/sh /usr/bin/vncserver_wrapper root :1
└─10123 sleep 0.1
Sep 07 03:18:02 trex-161 systemd[1]: Starting Remote desktop service (VNC)...
Sep 07 03:18:02 trex-161 systemd[1]: Started Remote desktop service (VNC).
Sep 07 03:18:05 trex-161 vncserver_wrapper[9492]: New 'trex-161:1 (root)' desktop is trex-161:1
Sep 07 03:18:05 trex-161 vncserver_wrapper[9492]: Starting applications specified in /root/.vnc/xstartup
Sep 07 03:18:05 trex-161 vncserver_wrapper[9492]: Log file is /root/.vnc/trex-161:1.logMulti-user VNC Server – 2021.8 Updated
Set up another user who have limited privilege, only access own home directory:
[root@trex-161 ~]# useradd -d /home/frank -m frank
[root@trex-161 ~]# passwd frank
[root@trex-161 ~]# chown frank -R /home/frank
[root@trex-161 ~]# su - frank
[frank@trex-161 ~]$ cd /opt
[frank@trex-161 opt]$ mkdir test
mkdir: cannot create directory ‘test’: Permission denied
[frank@trex-161 opt]$ cd ~
[frank@trex-161 ~]$ mkdir test
[frank@trex-161 ~]$ rm -rf testCopy 2nd vncserver profile for user “frank”:
[frank@trex-161 ~]$ vncpasswd
Password:
Verify:
Would you like to enter a view-only password (y/n)? n
A view-only password is not used
[frank@trex-161 ~]$
[root@trex-161 ~]# cp /lib/systemd/system/vncserver@.service /etc/systemd/system/vncserver@:2.service
[root@trex-161 ~]# more /etc/systemd/system/vncserver@:2.service
[Unit]
Description=Remote desktop service (VNC)
After=syslog.target network.target
[Service]
Type=simple
# Clean any existing files in /tmp/.X11-unix environment
ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'
ExecStart=/usr/bin/vncserver_wrapper frank %i
ExecStop=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'
[Install]
WantedBy=multi-user.targetCreate “xstartup” and replace content for “frank”:
[frank@trex-161 ~]$ vncserver
xauth: file /home/frank/.Xauthority does not exist
New 'trex-161:2 (frank)' desktop is trex-161:2
Creating default startup script /home/frank/.vnc/xstartup
Creating default config /home/frank/.vnc/config
Starting applications specified in /home/frank/.vnc/xstartup
Log file is /home/frank/.vnc/trex-161:2.log
[frank@trex-161 ~]$ more .vnc/xstartup
#!/bin/sh
[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
vncconfig -iconic &
dbus-launch --exit-with-session gnome-session &Enable and start vncserver by systemctl:
[root@trex-161 ~]# systemctl daemon-reload
[root@trex-161 ~]# systemctl enable vncserver@:2.service
Created symlink from /etc/systemd/system/multi-user.target.wants/vncserver@:2.service to /etc/systemd/system/vncserver@:2.service.
[root@trex-161 ~]#
[root@trex-161 ~]# systemctl start vncserver@:2.service
[root@trex-161 ~]# ps -ef | grep vnc
root 10814 1 0 02:50 pts/0 00:00:00 /usr/bin/Xvnc :1 -auth /root/.Xauthority -desktop trex-161:1 (root) -fp catalogue:/etc/X11/fontpath.d -geometry 1024x768 -pn -rfbauth /root/.vnc/passwd -rfbport 5901 -rfbwait 30000
root 10825 1 0 02:50 pts/0 00:00:00 /bin/sh /root/.vnc/xstartup
frank 11742 1 0 02:55 pts/0 00:00:00 /bin/Xvnc :2 -auth /home/frank/.Xauthority -desktop trex-161:2 (frank) -fp catalogue:/etc/X11/fontpath.d -geometry 1024x768 -pn -rfbauth /home/frank/.vnc/passwd -rfbport 5902 -rfbwait 30000
frank 11753 1 0 02:55 pts/0 00:00:00 /bin/sh /home/frank/.vnc/xstartup
root 13158 6681 0 02:58 pts/0 00:00:00 grep --color=auto vnc
[root@trex-161 ~]#
[root@trex-161 ~]# netstat -an | grep :590
tcp 0 0 0.0.0.0:5901 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:5902 0.0.0.0:* LISTEN
tcp6 0 0 :::5901 :::* LISTEN
tcp6 0 0 :::5902 :::* LISTEN Checking VNC for “root” and “frank” at same time:
Wrong JPEG library version – 2021.9 Updated
Server is Centos 7.9, after deployed tigervnc server by above procedure, vnc success enable:
[root@trex-core opt]# cat /etc/redhat-release
CentOS Linux release 7.9.2009 (Core)
[root@trex-core ~]# systemctl status vncserver@:1.service
● vncserver@:1.service - Remote desktop service (VNC)
Loaded: loaded (/etc/systemd/system/vncserver@:1.service; enabled; vendor preset: disabled)
Active: active (running) since Sun 2021-09-12 00:58:43 EDT; 43s ago
Process: 2516 ExecStartPre=/bin/sh -c /usr/bin/vncserver -kill %i > /dev/null 2>&1 || : (code=exited, status=0/SUCCESS)
Main PID: 2547 (vncserver_wrapp)
CGroup: /system.slice/system-vncserver.slice/vncserver@:1.service
├─2547 /bin/sh /usr/bin/vncserver_wrapper root :1
└─4833 sleep 5
Sep 12 00:58:42 trex-core systemd[1]: Starting Remote desktop service (VNC)...
Sep 12 00:58:43 trex-core systemd[1]: Started Remote desktop service (VNC).
Sep 12 00:58:46 trex-core vncserver_wrapper[2547]: New 'trex-core:1 (root)' desktop is trex-core:1
Sep 12 00:58:46 trex-core vncserver_wrapper[2547]: Starting applications specified in /root/.vnc/xstartup
Sep 12 00:58:46 trex-core vncserver_wrapper[2547]: Log file is /root/.vnc/trex-core:1.log
Sep 12 00:58:51 trex-core vncserver_wrapper[2547]: 'vncserver :1' has PID 2757, waiting until it exits ...But have follow alarms by TigerVNC Viewer 1.11.90/win:
“Exception on worker thread: Wrong JPEG library version: library is 90, caller expects 62”
Easy fixed by disable “JPEG compression”; If must enable the function on client, need to downgrade jpegsrc version, can reference the link: https://ccie.lol/knowledge-base/linux-centos-install-graphicsmagick/, but I didn’t try.
Change VNC Port – 2021.6 Updated
Due to only have 8080 port can be accessed on CentOS, so need to change default port 5900. (tigervnc-1.8.0-22.el7.x86_64)
Follow info before modified:
[root@localhost ~]# grep "59" /usr/bin/vncserver -n
21:# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
188:$vncPort = 5900 + $displayNumber;
500:# n is taken if something is listening on the VNC server port (5900+n) or the
519:# (5900+n) or the X server port (6000+n).
536: if (!bind(S, pack('S n x12', $AF_INET, 5900 + $n))) {Follow info after modified:
[root@localhost ~]# grep "80" /usr/bin/vncserver -n
188:$vncPort = 8078 + $displayNumber;
536: if (!bind(S, pack('S n x12', $AF_INET, 8078 + $n))) {After restart:
[root@localhost ~]# netstat -ntpl|grep vnc
tcp 0 0 0.0.0.0:5802 0.0.0.0:* LISTEN 2992/Xvnc
tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN 2992/Xvnc
tcp 0 0 0.0.0.0:6002 0.0.0.0:* LISTEN 2992/Xvnc
tcp6 0 0 :::5802 :::* LISTEN 2992/Xvnc
tcp6 0 0 :::8080 :::* LISTEN 2992/Xvnc
tcp6 0 0 :::6002 :::* LISTEN 2992/Xvnc