diff options
| author | Pierre Ossman <ossman@cendio.se> | 2019-01-23 14:31:26 +0100 |
|---|---|---|
| committer | Pierre Ossman <ossman@cendio.se> | 2020-03-12 10:51:38 +0100 |
| commit | 1a4ebd8e72c77aefd1b0a03e999072df8453f33b (patch) | |
| tree | 5108ea4f1dbbd392fac5860c16561e933bfeeb28 /unix | |
| parent | c68196700ec88c349f919aa03b78766350fd7fff (diff) | |
| download | tigervnc-1a4ebd8e72c77aefd1b0a03e999072df8453f33b.tar.gz tigervnc-1a4ebd8e72c77aefd1b0a03e999072df8453f33b.zip | |
Don't accept arbitrary arguments to vncserver
We now have config files for more fine grained control of these
things, so avoid duplicating the functionality.
Diffstat (limited to 'unix')
| -rwxr-xr-x | unix/vncserver/vncserver | 182 | ||||
| -rw-r--r-- | unix/vncserver/vncserver.man | 71 | ||||
| -rw-r--r-- | unix/vncserver/vncserver@.service.in | 10 |
3 files changed, 19 insertions, 244 deletions
diff --git a/unix/vncserver/vncserver b/unix/vncserver/vncserver index bd24c4e3..054b2f28 100755 --- a/unix/vncserver/vncserver +++ b/unix/vncserver/vncserver @@ -1,5 +1,6 @@ #!/usr/bin/env perl # +# Copyright (C) 2015-2019 Pierre Ossman for Cendio AB # Copyright (C) 2009-2010 D. R. Commander. All Rights Reserved. # Copyright (C) 2005-2006 Sun Microsystems, Inc. All Rights Reserved. # Copyright (C) 2002-2003 Constantin Kaplinsky. All Rights Reserved. @@ -40,9 +41,6 @@ if($slashndx>=0) { # your site # -$geometry = "1024x768"; -#$depth = 16; - $vncUserDir = "$ENV{HOME}/.vnc"; $vncUserConfig = "$vncUserDir/config"; @@ -129,8 +127,8 @@ if ($fontPath eq "") { # Check command line options -&ParseOptions("-geometry",1,"-depth",1,"-pixelformat",1,"-name",1,"-kill",1, - "-help",0,"-h",0,"--help",0,"-fp",1,"-list",0,"-fg",0,"-autokill",0,"-noxstartup",0,"-xstartup",1); +&ParseOptions("-kill",1,"-help",0,"-h",0,"--help",0,"-list",0, + "-fg",0,"-autokill",0,"-noxstartup",0,"-xstartup",1); &Usage() if ($opt{'-help'} || $opt{'-h'} || $opt{'--help'}); @@ -138,32 +136,12 @@ if ($fontPath eq "") { &List() if ($opt{'-list'}); -# Uncomment this line if you want default geometry, depth and pixelformat -# to match the current X display: -# &GetXDisplayDefaults(); - -if ($opt{'-geometry'}) { - $geometry = $opt{'-geometry'}; -} -if ($opt{'-depth'}) { - $depth = $opt{'-depth'}; - $pixelformat = ""; -} -if ($opt{'-pixelformat'}) { - $pixelformat = $opt{'-pixelformat'}; -} if ($opt{'-noxstartup'}) { $skipxstartup = 1; } if ($opt{'-xstartup'}) { $xstartupFile = $opt{'-xstartup'}; } -if ($opt{'-fp'}) { - $fontPath = $opt{'-fp'}; - $fpArgSpecified = 1; -} - -&CheckGeometryAndDepth(); # Create the user's vnc directory if necessary. if (!(-e $vncUserDir)) { @@ -187,11 +165,7 @@ if ((@ARGV > 0) && ($ARGV[0] =~ /^:(\d+)$/)) { $vncPort = 5900 + $displayNumber; -if ($opt{'-name'}) { - $desktopName = $opt{'-name'}; -} else { - $desktopName = "$host:$displayNumber ($ENV{USER})"; -} +$desktopName = "$host:$displayNumber ($ENV{USER})"; my %default_opts; my %config; @@ -200,9 +174,6 @@ my %config; # override these where present. $default_opts{desktop} = "edString($desktopName); $default_opts{auth} = "edString($xauthorityFile); -$default_opts{geometry} = $geometry if ($geometry); -$default_opts{depth} = $depth if ($depth); -$default_opts{pixelformat} = $pixelformat if ($pixelformat); $default_opts{rfbwait} = 30000; $default_opts{rfbauth} = "$vncUserDir/passwd"; $default_opts{rfbport} = $vncPort; @@ -243,31 +214,10 @@ if ($config{'securitytypes'}) { } } } - -# ...and finally we check CLI args, which in the case of the topic at -# hand (VNC auth or not), override anything found in configuration files -# (even so-called "mandatory" settings). -for ($i = 0; $i < @ARGV; ++$i) { - # -SecurityTypes can be followed by a space or "=" - my @splitargs = split('=', $ARGV[$i]); - if (@splitargs <= 1 && $i < @ARGV - 1) { - push(@splitargs, $ARGV[$i + 1]); - } - if (lc(@splitargs[0]) eq "-securitytypes") { - if (@splitargs > 1) { - $securityTypeArgSpecified = 1; - } - foreach $arg2 (split(',', @splitargs[1])) { - if (grep {$_ eq lc($arg2)} @vncAuthStrings) { - $vncAuthEnabled = 1; - } - } - } - if ((lc(@splitargs[0]) eq "-password") - || (lc(@splitargs[0]) eq "-passwordfile" - || (lc(@splitargs[0]) eq "-rfbauth"))) { - $passwordArgSpecified = 1; - } +if ($config{'password'} || + $config{'passwordfile'} || + $config{'rfbauth'}) { + $passwordArgSpecified = 1; } if ((!$securityTypeArgSpecified || $vncAuthEnabled) && !$passwordArgSpecified) { @@ -323,14 +273,6 @@ foreach my $k (sort keys %default_opts) { $cmd .= " -$k $default_opts{$k}"; } -# Add color database stuff here, e.g.: -# $cmd .= " -co /usr/lib/X11/rgb"; - -foreach $arg (@ARGV) { - $cmd .= " " . "edString($arg); -} -$cmd .= " >> " . "edString($desktopLog) . " 2>&1"; - # Run $cmd and record the process ID. $pidFile = "$vncUserDir/$host:$displayNumber.pid"; system("$cmd & echo \$! >$pidFile"); @@ -469,30 +411,6 @@ sub LoadConfig { } } -# -# CheckGeometryAndDepth simply makes sure that the geometry and depth values -# are sensible. -# - -sub CheckGeometryAndDepth -{ - if ($geometry =~ /^(\d+)x(\d+)$/) { - $width = $1; $height = $2; - - if (($width<1) || ($height<1)) { - die "$prog: geometry $geometry is invalid\n"; - } - - $geometry = "${width}x$height"; - } else { - die "$prog: geometry $geometry is invalid\n"; - } - - if ($depth && (($depth < 8) || ($depth > 32))) { - die "Depth must be between 8 and 32\n"; - } -} - # # GetDisplayNumber gets the lowest available display number. A display number @@ -560,83 +478,6 @@ sub CheckDisplayNumber return 1; } - -# -# GetXDisplayDefaults uses xdpyinfo to find out the geometry, depth and pixel -# format of the current X display being used. If successful, it sets the -# options as appropriate so that the X VNC server will use the same settings -# (minus an allowance for window manager decorations on the geometry). Using -# the same depth and pixel format means that the VNC server won't have to -# translate pixels when the desktop is being viewed on this X display (for -# TrueColor displays anyway). -# - -sub GetXDisplayDefaults -{ - local (@lines, @matchlines, $width, $height, $defaultVisualId, $i, - $red, $green, $blue); - - $wmDecorationWidth = 4; # a guess at typical size for window manager - $wmDecorationHeight = 24; # decoration size - - return if (!defined($ENV{DISPLAY})); - - @lines = `xdpyinfo 2>/dev/null`; - - return if ($? != 0); - - @matchlines = grep(/dimensions/, @lines); - if (@matchlines) { - ($width, $height) = ($matchlines[0] =~ /(\d+)x(\d+) pixels/); - - $width -= $wmDecorationWidth; - $height -= $wmDecorationHeight; - - $geometry = "${width}x$height"; - } - - @matchlines = grep(/default visual id/, @lines); - if (@matchlines) { - ($defaultVisualId) = ($matchlines[0] =~ /id:\s+(\S+)/); - - for ($i = 0; $i < @lines; $i++) { - if ($lines[$i] =~ /^\s*visual id:\s+$defaultVisualId$/) { - if (($lines[$i+1] !~ /TrueColor/) || - ($lines[$i+2] !~ /depth/) || - ($lines[$i+4] !~ /red, green, blue masks/)) - { - return; - } - last; - } - } - - return if ($i >= @lines); - - ($depth) = ($lines[$i+2] =~ /depth:\s+(\d+)/); - ($red,$green,$blue) - = ($lines[$i+4] - =~ /masks:\s+0x([0-9a-f]+), 0x([0-9a-f]+), 0x([0-9a-f]+)/); - - $red = hex($red); - $green = hex($green); - $blue = hex($blue); - - if ($red > $blue) { - $red = int(log($red) / log(2)) - int(log($green) / log(2)); - $green = int(log($green) / log(2)) - int(log($blue) / log(2)); - $blue = int(log($blue) / log(2)) + 1; - $pixelformat = "rgb$red$green$blue"; - } else { - $blue = int(log($blue) / log(2)) - int(log($green) / log(2)); - $green = int(log($green) / log(2)) - int(log($red) / log(2)); - $red = int(log($red) / log(2)) + 1; - $pixelformat = "bgr$blue$green$red"; - } - } -} - - # # quotedString returns a string which yields the original string when parsed # by a shell. @@ -672,15 +513,12 @@ sub removeSlashes sub Usage { - die("\nusage: $prog [:<number>] [-name <desktop-name>] [-depth <depth>]\n". - " [-geometry <width>x<height>]\n". - " [-pixelformat rgbNNN|bgrNNN]\n". - " [-fp <font-path>]\n". + die("\nusage: $prog [:<number>]\n". " [-fg]\n". " [-autokill]\n". " [-noxstartup]\n". " [-xstartup <file>]\n". - " <Xvnc-options>...\n\n". + "\n". " $prog -kill <X-display>\n\n". " $prog -list\n\n"); } diff --git a/unix/vncserver/vncserver.man b/unix/vncserver/vncserver.man index 95f7960f..9ae43185 100644 --- a/unix/vncserver/vncserver.man +++ b/unix/vncserver/vncserver.man @@ -4,22 +4,11 @@ vncserver \- start or stop a VNC server .SH SYNOPSIS .B vncserver .RI [: display# ] -.RB [ \-name -.IR desktop-name ] -.RB [ \-geometry -.IR width x height ] -.RB [ \-depth -.IR depth ] -.RB [ \-pixelformat -.IR format ] -.RB [ \-fp -.IR font-path ] .RB [ \-fg ] .RB [ \-autokill ] .RB [ \-noxstartup ] .RB [ \-xstartup .IR script ] -.RI [ Xvnc-options... ] .br .BI "vncserver \-kill :" display# .br @@ -49,44 +38,8 @@ at startup (but note that this will not affect an existing VNC session.) .SH OPTIONS You can get a list of options by passing \fB\-h\fP as an option to vncserver. -In addition to the options listed below, any unrecognised options will be -passed to Xvnc - see the Xvnc man page, or "Xvnc \-help", for details. .TP -.B \-name \fIdesktop-name\fP -Each VNC desktop has a name which may be displayed by the viewer. The desktop -name defaults to "\fIhost\fP:\fIdisplay#\fP (\fIusername\fP)", but you can -change it with this option. The desktop name option is passed to the xstartup -script via the $VNCDESKTOP environment variable, which allows you to run a -different set of applications depending on the name of the desktop. -. -.TP -.B \-geometry \fIwidth\fPx\fIheight\fP -Specify the size of the VNC desktop to be created. Default is 1024x768. -. -.TP -.B \-depth \fIdepth\fP -Specify the pixel depth (in bits) of the VNC desktop to be created. Default is -24. Other possible values are 8, 15 and 16 - anything else is likely to cause -strange behaviour by applications. -. -.TP -.B \-pixelformat \fIformat\fP -Specify pixel format for Xvnc to use (BGRnnn or RGBnnn). The default for -depth 8 is BGR233 (meaning the most significant two bits represent blue, the -next three green, and the least significant three represent red), the default -for depth 16 is RGB565, and the default for depth 24 is RGB888. -. -.TP -.B \-cc 3 -As an alternative to the default TrueColor visual, this allows you to run an -Xvnc server with a PseudoColor visual (i.e. one which uses a color map or -palette), which can be useful for running some old X applications which only -work on such a display. Values other than 3 (PseudoColor) and 4 (TrueColor) -for the \-cc option may result in strange behaviour, and PseudoColor desktops -must have an 8-bit depth. -. -.TP .B \-kill :\fIdisplay#\fP This kills a VNC desktop previously started with vncserver. It does this by killing the Xvnc process, whose process ID is stored in the file @@ -97,22 +50,6 @@ argument. Thus, you can invoke "vncserver \-kill $DISPLAY", for example at the end of your xstartup file after a particular application exits. . .TP -.B \-fp \fIfont-path\fP -If the vncserver script detects that the X Font Server (XFS) is running, it -will attempt to start Xvnc and configure Xvnc to use XFS for font handling. -Otherwise, if XFS is not running, the vncserver script will attempt to start -Xvnc and allow Xvnc to use its own preferred method of font handling (which may -be a hard-coded font path or, on more recent systems, a font catalog.) In -any case, if Xvnc fails to start, the vncserver script will then attempt to -determine an appropriate X font path for this system and start Xvnc using -that font path. - -The -.B \-fp -argument allows you to override the above fallback logic and specify a font -path for Xvnc to use. -. -.TP .B \-fg Runs Xvnc as a foreground process. This has two effects: (1) The VNC server can be aborted with CTRL-C, and (2) the VNC server will exit as soon as the @@ -161,11 +98,9 @@ options defined in a user's $HOME/.vnc/config. This file offers a mechanism to establish some basic form of system-wide policy. WARNING! There is nothing stopping users from constructing their own vncserver-like script that calls Xvnc directly to bypass any options defined in -/etc/tigervnc/vncserver-config-mandatory. Likewise, any CLI arguments passed -to vncserver will override ANY config file setting of the same name. The -overall configuration file load order is: -/etc/tigervnc/vncserver-config-defaults, $HOME/.vnc/config, and then this file. -None are required to exist. +/etc/tigervnc/vncserver-config-mandatory. The overall configuration file load +order is: /etc/tigervnc/vncserver-config-defaults, $HOME/.vnc/config, and then +this file. None are required to exist. .TP $HOME/.vnc/config An optional server config file wherein options to be passed to Xvnc are listed diff --git a/unix/vncserver/vncserver@.service.in b/unix/vncserver/vncserver@.service.in index 07f1e517..d4ca9bf7 100644 --- a/unix/vncserver/vncserver@.service.in +++ b/unix/vncserver/vncserver@.service.in @@ -2,10 +2,12 @@ # # Quick HowTo: # 1. Copy this file to /etc/systemd/system/vncserver@.service -# 2. Edit <USER> and vncserver parameters appropriately -# ("runuser -l <USER> -c /usr/bin/vncserver %i -arg1 -arg2") -# 3. Run `systemctl daemon-reload` -# 4. Run `systemctl enable vncserver@:<display>.service` +# 2. Switches for vncserver should be entered in ~/.vnc/config rather than +# hard-coded into this unit file. See the vncserver(1) manpage. +# 3. Replace <USER> with the desired user +# ("runuser -l <USER> -c /usr/bin/vncserver %i") +# 4. Run `systemctl daemon-reload` +# 5. Run `systemctl enable vncserver@:<display>.service` # # DO NOT RUN THIS SERVICE if your local area network is # untrusted! For a secure way of using VNC, you should |