John,

My most heartfelt thanks...  While I was strolling around
LinuxTag 2002 in Karlsruhe you were working on this vital
project.  Thank you!


> Well after spending most of my Saturday playing with
0xrfbserver source code I believe I have added the
> "-stealth" option. Here's how:
> 
> step 1:
>  Compile xclass version 0.63. Get it at:
> 
> http://sourceforge.net/projects/xclass
> 
> (this step is probably optional as older xclasses will
most likely work but just-in-case)

Or, if you are using SuSE, xclass might not be installed
(original 7.2 base distro).  I'd keep this step in...  :-)

> step 2:
>   Grab & untar x0rfbserver version 0.6.1 get it at:
> 
> http://download.hexonet.com/software/rfb
> 
> step 3:
>   Grab my patched files for:
> 
> x0rfbserver.cc
> OXServiceApplet.cc
> 
>   which replaces those in the x0rfbserver sub-directory
you untarred in step 2. (yes I know I should
> have made them differential patches!). Get those files
at:
> 
> www.sd73.bc.ca/tux/rfb

By not making them patches, you've essentially forked
x0rfbserver.  Now, I know the word "fork" carries a lot of
negative connotation in the Free/Open Source world, so
don't get excited, people!

All he's done is alter two files in a project.  We're still
at a point where it would be utterly simple to make diff
patches against the original files.  The question is then
the classic one.  Do we go on maintaining a set of patches
for this project as the main development progresses?  Or do
we submit our patches to the author with an explanatory
email and get them accepted into the main source?
 Obviously, the latter option is preferable as it requires
(almost?) no ongoing effort to maintain the desired
functionality.  Hopefully the author will accept these
patches.  Has anyone contacted him yet?

> step 4:
>   Compile as per normal as stated in the INSTALL file:
> make depend
> make
> 
> That'll do it. An "x0rfbserver -help" should reveal the
stealth option. This patch also includes the feature of
> a GLOBAL .x0rfbserver file. If .x0rfbserver exists in /
that will be used over ~/.x0rfbserver. This is useful for
those
> of us who run local apps and/or want the client to
activate the daemon themselves but not have them enter
their own password
> or options (like disable keyboard & mouse). This global
file needs to be placed in the root of the client. So in my
> case that would be /tftpboot/lts/ltsroot; for other's it
would be /opt/... If you issue a:

This didn't exist in the original version?  Maybe I'm
confusing two projects, but I thought it looked for a
global config file in <prefix>/etc/ (default
/usr/local/etc/).  But whatever program I'm thinking of
also allowed user-specific .x0rfbserver files to override
the global config file, the opposite of what your patch
accomplishes.  Now, since it is running as root on the
workstation and root's home directory is / (I think), the
original policy would seem to suit your current choice of
/.x0rfbserver just fine...

Anyhow, my take on this is that the file does not belong in
LTSP's root directory.  It either belongs in
<ltsproot>/etc/ or in <ltsproot>/usr/X11R6/etc/ (if this
dir exists).  I'm not familiar with the LSB, but I know
that Jim is trying to comply with it as much as possible.
 Also, the main configuration file should not be a hidden
file (i.e. should not start with a 'dot').

> x0rfbserver -stealth
> 
> and do not have either a /.x0rfbserver file or a
~/.x0rfbserver file the user will be prompted with the
options box so
> I would recommend running the daemon first without
stealth, entering the wanted password, then copying the
.x0rfbserver
> file from that users home directory and use it for your
global config.

Excellent.  Yes, if x0rfbserver cannot run usefully due to
a bad or missing configuration, then it should absolutely
appear and ask for the necessary info.

> I would launch the program as described in my previous
email with xinit like:
> 
> xinit /usr/bin/x0rfbserver -stealth >& /dev/null --
/ltsbin/XF86_SVGA -ac -query <ip of server>

Or perhaps Jim's new system under 3.1 will provide a better
way.  I believe he specifically implied that it would.

> There has been a very valid concern of running this
daemon when not needed and the overhead. Looking at the
> source it appears the client goes to sleep and does
nothing until there is a connection. Tests with 'top'
confirm
> this. Even with a connection the daemon's cpu usage is
typically less than 8%. Again in my tests running with
> xinit showed no speed difference while the daemon was
waiting and even with a connection it was
> barely noticeable on the workstation.

My test environment is still limited to a VMWare virtual
workstation and I cannot switch to a console once in
XWindows in the workstation because my *real* console
intercepts the keystrokes!  Doh!  :-)

So, can you please look into memory usage by x0rfbserver?
 This is great news about the light CPU-usage aspect, but
that isn't my primary concern.  If it likewise has a small
memory footprint, however, then this thing is a godsend!!
 :-)   We could actually let it run on all the stations
(option in lts.conf, of course) without noticable penalty!

The question then is about limiting the valid sources of
the connections  (probably in .x0rfbserver, which should be
immutable) and implementing simple authentication, such as
what you suggested about returning a random string and
writing it into the LTSP root directory, proving root
access on the LTSP server.

Thanks for spending a Saturday on this!  I hope you didn't
miss too nice of a day outside...  :-)

Jason

_______________________________________________________________

Don't miss the 2002 Sprint PCS Application Developer's Conference
August 25-28 in Las Vegas - 
http://devcon.sprintpcs.com/adp/index.cfm?source=osdntextlink

_____________________________________________________________________
Ltsp-discuss mailing list.   To un-subscribe, or change prefs, goto:
      https://lists.sourceforge.net/lists/listinfo/ltsp-discuss
For additional LTSP help,   try #ltsp channel on irc.openprojects.net

Reply via email to