-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
This is my GDM-configuration: > root@bsdpcb:/usr/local/etc/gdm # cat custom.conf > # GDM configuration storage > > [daemon] > # Uncoment the line below to force the login screen to use Xorg > #WaylandEnable=false > > HaltCommand=/sbin/shutdown -p now > RebootCommand=/sbin/shutdown -r now > > [security] > DisallowTCP=false > > [xdmcp] > DisplaysPerHost=1 > Enable=true > > [chooser] > > [debug] > # Uncomment the line below to turn on debugging > #Enable=true > rc.conf: > root@bsdpcb:/usr/local/etc/gdm # cat /etc/rc.conf > clear_tmp_enable="YES" > syslogd_flags="-ss" > sendmail_enable="NONE" > hostname="bsdpcb" > keymap="de.noacc.kbd" > ifconfig_bge0="inet 192.168.0.110 netmask 255.255.255.0" > defaultrouter="192.168.0.231" > ifconfig_bge0_ipv6="inet6 accept_rtadv" > sshd_enable="YES" > moused_enable="YES" > ntpd_enable="YES" > powerd_enable="YES" > powerd_flags="-a minimum" > # Set dumpdev to "AUTO" to enable crash dumps, "NO" to disable > dumpdev="AUTO" > zfs_enable="YES" > dbus_enable="YES" > hald_enable="YES" > #sddm_enable="YES" > gdm_enable="YES" > kld_list="amdgpu" > gnome_enable="YES" > inetd_enable="YES" indetd: > root@bsdpcb:/usr/local/etc/gdm # cat /etc/inetd.conf > # $FreeBSD: releng/12.1/usr.sbin/inetd/inetd.conf 337687 2018-08-12 > 13:29:40Z brd $ # > # Internet server configuration database > # > # Define *both* IPv4 and IPv6 entries for dual-stack support. > # To disable a service, comment it out by prefixing the line with '#'. > # To enable a service, remove the '#' at the beginning of the line. > # > #ftp stream tcp nowait root /usr/libexec/ftpd ftpd -l > #ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -l > #ssh stream tcp nowait root /usr/sbin/sshd sshd -i -4 . . . > # > #auth stream tcp nowait root internal > #auth stream tcp6 nowait root internal > # > # Provide internally a real "ident" service which provides ~/.fakeid > support, # provides ~/.noident support, reports UNKNOWN as the operating > system type # and times out after 30 seconds. > # > #auth stream tcp nowait root internal auth -r -f -n -o > UNKNOWN -t 30 #auth stream tcp6 nowait root internal auth > -r -f -n -o UNKNOWN -t 30 # > # Example entry for an external ident server > # > #auth stream tcp wait root /usr/local/sbin/identd identd -w > -t120 # > # Example entry for the optional qmail MTA > # NOTE: This is no longer the correct way to handle incoming SMTP > # connections for qmail. Use tcpserver > (http://cr.yp.to/ucspi-tcp.html) # instead. > # > #smtp stream tcp nowait qmaild /var/qmail/bin/tcp-env > tcp-env /var/qmail/bin/qmail-smtpd # > # Enable the following two entries to enable samba startup from inetd > # (from the Samba documentation). Enable the third entry to enable the swat > # samba configuration tool. > # > #netbios-ssn stream tcp nowait root /usr/local/sbin/smbd smbd > #netbios-ns dgram udp wait root /usr/local/sbin/nmbd nmbd > #swat stream tcp nowait/400 root /usr/local/sbin/swat swat > # > # Example entry for the Prometheus sysctl metrics exporter > # > #prom-sysctl stream tcp nowait > nobody /usr/sbin/prometheus_sysctl_exporter prometheus_sysctl_exporter > -dgh > 5950 stream tcp nowait nobody /usr/local/bin/Xvnc Xvnc -inetd -query > localhost -once securitytypes=none (this was taken directly from Xvnc manpage): > In the nowait mode, Xvnc uses its standard input and output directly as > the connection to a viewer. It never has a listening socket, so > cannot accept further connections from viewers (it can however connect out to > listening viewers by use of the vncconfig program). Further viewer > connections to the same TCP port result in inetd spawning off a new > Xvnc to deal with each connection. When the connection to the viewer > dies, the Xvnc and any associated X clients die. This behaviour is > most useful when combined with the XDMCP options -query and -once. > An typical example in inetd.conf might be (all on one line): > > 5950 stream tcp nowait nobody /usr/local/bin/Xvnc Xvnc -inetd > -query localhost -once securitytypes=none > > In this example a viewer connection to :50 will result in a new Xvnc > for that connection which should display the standard XDM login > screen on that machine. Because the user needs to login via XDM, it is > usually OK to accept connections without a VNC password in this case. So why isn't this workable actually? [inetd was started and GDM has been restarted] Result: > andrew@a68n:~$ xvncviewer bsdpcb:50 > > TigerVNC Viewer 64-bit v1.9.0 > Built on: 2020-06-16 19:36 > Copyright (C) 1999-2018 TigerVNC Team and many others (see README.rst) > See http://www.tigervnc.org for information on TigerVNC. > > Fri Aug 28 10:57:48 2020 > DecodeManager: Detected 3 CPU core(s) > DecodeManager: Creating 3 decoder thread(s) > CConn: unable connect to socket: Connection refused (111) > andrew@a68n:~$ In comparison, nearly the same is in the debian-handbook: > https://debian-handbook.info/browse/stable/sect.remote-login.html > VNC also works for mobile users, or company executives, who occasionally > need to login from their home to access a remote desktop similar to the one > they use at work. The configuration of such a service is more complicated: > you first install the vnc4server package, change the configuration of the > display manager to accept XDMCP Query requests (for gdm3, this can be done > by adding Enable=true in the “xdmcp” section of /etc/gdm3/daemon.conf), and > finally, start the VNC server with inetd so that a session is automatically > started when a user tries to login. For example, you may add this line > to /etc/inetd.conf: 5950 stream tcp nowait nobody.tty /usr/bin/Xvnc > Xvnc -inetd -query localhost -once -geometry 1024x768 -depth 16 > securitytypes=none Redirecting incoming connections to the display manager > solves the problem of authentication, because only users with local > accounts will pass the gdm3 login screen (or equivalent kdm, xdm, etc.). As > this operation allows multiple simultaneous logins without any problem > (provided the server is powerful enough), it can even be used to provide > complete desktops for mobile users (or for less powerful desktop systems, > configured as thin clients). Users simply login to the server's screen > with vncviewer server:50, because the port used is 5950. And I remember, I did try this out once, and it did not work, but remote-login was workable rather with xinetd, which does not exist in FreeBSD. So: Any suggestions? No x2go-server port yet ? > WAS: Fw: FreeBSD 12-1 installed anew on my end-of-life home-server > Begin forwarded message: > > Date: Fri, 21 Aug 2020 15:25:35 +0200 > From: andrew glaeser <[email protected]> > To: [email protected] > Subject: Fw: FreeBSD 12-1 installed anew on my end-of-life home-server > > > Gold, excellent! > > but the criticism is really, that attachments get stripped, and as far as I > > can see, the amdgpu - ports twist of wickedness is not properly documented, > I > > found out only upon cracking my head over this for several hours, didn't I? > > And luckily I remembered. > > > > Begin forwarded message: > > Date: Thu, 20 Aug 2020 18:21:38 +0200 > From: andrew glaeser <[email protected]> > To: [email protected] > Subject: FreeBSD 12-1 installed anew on my end-of-life home-server > > > - - -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > > Graphics basically workable already, but software-rasterized, not > hardware accelerated. > > xorg had to be set up separately, and then I remember again, that AMD > drivers respective firmware had to be compiled from ports-collection, so > graphics become in fact hardware-accelerated, looking forward to it. -----BEGIN PGP SIGNATURE----- iF0EARECAB0WIQTF9uNaslvnJpWt8kXn6sEfJS3nCwUCX0jNTwAKCRDn6sEfJS3n C7MCAKCx+0yPzdA3y9mlNh6xgSVB7hSgOwCgroe2e7Lvc2C2DuxQwQECE7Pt5Vo= =bq5/ -----END PGP SIGNATURE-----
