Re: How to access Xauthority for VNC Server
Hi Stuart, Sorry for the slow response. I have created the file /home/aretter/.xsession with the mode 755 and the owner and group 'aretter'. The file contains the single line: x0vncserver -display :0 -PasswordFile ~/.vnc/passwd I rebooted the system, logged in on the console as `aretter` and ran `ps -A` unfortunately there is no `x0vncserver` running. I grep'd for `x0nvserver` in the log files within /var/log and found nothing. Any ideas, how can I figure out why this isn't working? > This would run as your uid and with X environment variables intact so no > faffing with XAUTHORITY needed. Does this mean that I should see an XAUTHORITY environment variable after I login on the console? If so, I don't see anything like that reported by `env`. Kind regards. Adam. On Wed, 3 Jan 2024 at 00:34, Stuart Henderson wrote: > > On 2024-01-02, Adam Retter wrote: > > > > XAUTHORITY=/etc/X11/xenodm/authdir/authfiles/A:0-r4dlnM x0vncserver > > -display :0 -PasswordFile ~/.vnc/passwd > > > > It is not clear to me how I can set this up so that x0vncserver can > > access the correctly named auth file each time the machine restarts, > > and also under which account it would be considered best practice to > > run x0vncserver... Should I run it under my user account, the `_x11` > > account, or an account created just for that purpose? > > Ideally the VNC Server would start during system startup also. > > It won't help for system startup, but you can add the x0vncserver > command (backgrounded with &) from .xsession to run after login. > This would run as your uid and with X environment variables intact so > no faffing with XAUTHORITY needed. > > (I would recommend listening to localhost only and connecting via ssh > port-forwarding; for unix VNC clients "-via $hostname localhost" runs > the ssh command for you). > > > > -- > Please keep replies on the mailing list. > -- Adam Retter skype: adam.retter tweet: adamretter http://www.adamretter.org.uk
Re: How to access Xauthority for VNC Server
Hello there • Adam Retter [2024-01-02 23:14]: > Apologies but I am a little bit unclear about how X authfiles should > work in OpenBSD. > > I have started with a fresh OpenBSD 7.4 install, and I opted to > install the X Window System. My goal is to be able to export my > display over VNC as I have no access to the mouse and keyboard of the > machine. > > I have installed the VNC Server software by running as root - pkg_add tigervnc > > To be able to run the VNC Server, it needs access to the X Authority > file. I want to ideally run the VNC Server under a non-root account. I > have found an authority file under /etc/X11/xenodm/authdir/authfiles/ > however its name seems to be randomly decided each time xenodm is > started during System boot. For example at present it is > /etc/X11/xenodm/authdir/authfiles/A:0-r4dlnM but that will change if > the system is rebooted. > > To run the VNC Server, I think I need to execute something like the > following command: > > XAUTHORITY=/etc/X11/xenodm/authdir/authfiles/A:0-r4dlnM x0vncserver > -display :0 -PasswordFile ~/.vnc/passwd > > It is not clear to me how I can set this up so that x0vncserver can > access the correctly named auth file each time the machine restarts, > and also under which account it would be considered best practice to > run x0vncserver... Should I run it under my user account, the `_x11` > account, or an account created just for that purpose? > Ideally the VNC Server would start during system startup also. > > I also note that the auth files such as > /etc/X11/xenodm/authdir/authfiles/A:0-r4dlnM are owned by the `_x11` > account and group, and are only readable by the owner (mode 0600). > > Please advise on the best way to set this up? You might want to look at Xvnc rather than x0vncserver. Xvnc is started by vncserver, which you can run as your normal user. > Kind regards. Adam. Here's a setup that used to work at some point, it could give you some ideas. Note how vncserver is started in the user's tmux session -- this way I can attach to it and see what is going on. To run at startup, you could either add a line to rc.local, or (ab)use crontab's @reboot facility. In /etc/rc.local echo -n ' VNC' su -l -c '/home//bin/runxvnc.sh 2>&1' >/dev/null & Then in /home//bin/runxvnc.sh #!/bin/sh tmux new-session -d -s Xvnc \ /usr/local/bin/vncserver :2 \ -geometry 1920x1080 \ -depth 32 \ -fg \ -xstartup ~/.vnc/xstartup \ -interface 127.0.0.1 \ -rfbport 5901 \ -rfbauth ~/.vnc/passwd \ -alwaysshared And in ~/.vnc/xstartup #!/bin/sh unset SESSION_MANAGER unset DBUS_SESSION_BUS_ADDRESS [ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources export LC_CTYPE="en_US.UTF-8" /usr/local/bin/startxfce4 > -- > Adam Retter > > skype: adam.retter > tweet: adamretter > http://www.adamretter.org.uk > -- -- Kirill Miazine
Re: How to access Xauthority for VNC Server
On 2024-01-02, Adam Retter wrote: > > XAUTHORITY=/etc/X11/xenodm/authdir/authfiles/A:0-r4dlnM x0vncserver > -display :0 -PasswordFile ~/.vnc/passwd > > It is not clear to me how I can set this up so that x0vncserver can > access the correctly named auth file each time the machine restarts, > and also under which account it would be considered best practice to > run x0vncserver... Should I run it under my user account, the `_x11` > account, or an account created just for that purpose? > Ideally the VNC Server would start during system startup also. It won't help for system startup, but you can add the x0vncserver command (backgrounded with &) from .xsession to run after login. This would run as your uid and with X environment variables intact so no faffing with XAUTHORITY needed. (I would recommend listening to localhost only and connecting via ssh port-forwarding; for unix VNC clients "-via $hostname localhost" runs the ssh command for you). -- Please keep replies on the mailing list.
How to access Xauthority for VNC Server
Apologies but I am a little bit unclear about how X authfiles should work in OpenBSD. I have started with a fresh OpenBSD 7.4 install, and I opted to install the X Window System. My goal is to be able to export my display over VNC as I have no access to the mouse and keyboard of the machine. I have installed the VNC Server software by running as root - pkg_add tigervnc To be able to run the VNC Server, it needs access to the X Authority file. I want to ideally run the VNC Server under a non-root account. I have found an authority file under /etc/X11/xenodm/authdir/authfiles/ however its name seems to be randomly decided each time xenodm is started during System boot. For example at present it is /etc/X11/xenodm/authdir/authfiles/A:0-r4dlnM but that will change if the system is rebooted. To run the VNC Server, I think I need to execute something like the following command: XAUTHORITY=/etc/X11/xenodm/authdir/authfiles/A:0-r4dlnM x0vncserver -display :0 -PasswordFile ~/.vnc/passwd It is not clear to me how I can set this up so that x0vncserver can access the correctly named auth file each time the machine restarts, and also under which account it would be considered best practice to run x0vncserver... Should I run it under my user account, the `_x11` account, or an account created just for that purpose? Ideally the VNC Server would start during system startup also. I also note that the auth files such as /etc/X11/xenodm/authdir/authfiles/A:0-r4dlnM are owned by the `_x11` account and group, and are only readable by the owner (mode 0600). Please advise on the best way to set this up? Kind regards. Adam. -- Adam Retter skype: adam.retter tweet: adamretter http://www.adamretter.org.uk
