123456789101112131415161718192021222324252627282930313233343536373839404142434445 |
- # The vncserver service unit file
- #
- # Quick HowTo:
- # 1. Copy this file to /etc/systemd/system/vncserver@.service
- # 2. Edit <USER> and vncserver parameters appropriately
- # ("runuser -l <USER> -c /usr/bin/vncserver %i -arg1 -arg2")
- # 3. Run `systemctl daemon-reload`
- # 4. Run `systemctl enable vncserver@:<display>.service`
- #
- # DO NOT RUN THIS SERVICE if your local area network is
- # untrusted! For a secure way of using VNC, you should
- # limit connections to the local host and then tunnel from
- # the machine you want to view VNC on (host A) to the machine
- # whose VNC output you want to view (host B)
- #
- # [user@hostA ~]$ ssh -v -C -L 590N:localhost:590M hostB
- #
- # this will open a connection on port 590N of your hostA to hostB's port 590M
- # (in fact, it ssh-connects to hostB and then connects to localhost (on hostB).
- # See the ssh man page for details on port forwarding)
- #
- # You can then point a VNC client on hostA at vncdisplay N of localhost and with
- # the help of ssh, you end up seeing what hostB makes available on port 590M
- #
- # Use "-nolisten tcp" to prevent X connections to your VNC server via TCP.
- #
- # Use "-localhost" to prevent remote VNC clients connecting except when
- # doing so through a secure tunnel. See the "-via" option in the
- # `man vncviewer' manual page.
-
-
- [Unit]
- Description=Remote desktop service (VNC)
- After=syslog.target network.target
-
- [Service]
- Type=forking
- # Clean any existing files in /tmp/.X11-unix environment
- ExecStartPre=/bin/sh -c '@BIN_DIR@/vncserver -kill %i > /dev/null 2>&1 || :'
- ExecStart=/usr/sbin/runuser -l <USER> -c "@BIN_DIR@/vncserver %i"
- PIDFile=/home/<USER>/.vnc/%H%i.pid
- ExecStop=/bin/sh -c '@BIN_DIR@/vncserver -kill %i > /dev/null 2>&1 || :'
-
- [Install]
- WantedBy=multi-user.target
|