aboutsummaryrefslogtreecommitdiffstats
path: root/unix
Commit message (Collapse)AuthorAgeFilesLines
* Fix installation of vncsession.manPierre Ossman2020-10-021-1/+1
| | | | | It is now dynamically generated, so it will be in the build directory and not in the source directory.
* Merge branch 'systemd' of https://github.com/grulja/tigervncPierre Ossman2020-10-023-3/+3
|\
| * Use /run instead of /var/run which is just a symlinkJan Grulich2020-09-293-3/+3
| |
* | Merge branch 'sysconfdir' of https://github.com/metalefty/tigervncPierre Ossman2020-10-024-7/+8
|\ \ | |/ |/|
| * Replace some more hard-coded /etc with sysconfdirKoichiro IWAO2020-09-232-2/+2
| |
| * Do not assume sysconfdir is always /etcKoichiro IWAO2020-09-162-5/+6
| | | | | | | | Refer @CMAKE_INSTALL_FULL_SYSCONF@ instead.
* | Tolerate specifying -BoolParam 0 and similarPierre Ossman2020-09-184-4/+35
|/ | | | | | This is needed by vncserver which doesn't know which parameters are boolean, and it cannot use the -Param=Value form as that isn't tolerated by the Xorg code.
* Remove incorrect umask changePierre Ossman2020-09-071-3/+0
| | | | | Not sure why this got in there, but it is incorrect as it results in creating files with too liberal permissions.
* Change development version to 1.11.80Pierre Ossman2020-08-191-1/+1
|
* Comment on SELinux rule affect other commandsPierre Ossman2020-08-171-0/+1
| | | | | | This line affects every command run by the user, unlike everything else in our policy which is just for vncserver/vncsession. It's easy to miss this so add a comment pointing it out.
* Merge branch 'vnc_home' of https://github.com/wrabcak/tigervncPierre Ossman2020-08-172-5/+18
|\
| * [SELinux] Allow vnc session create ~/.vncLukas Vrabec2020-07-312-5/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Allow vnc session labeled with SELinux vnc_session_t domain to create directory in user homedir ~/.vnc labeled with SELinux label xdm_home_t. Because also process vncpasswd creates ~/.vnc directory, file transition that userdomain attribute SELinux domain (label for the process) can create the directory with the same label needs to be added. userdomain attribute contains following SELinux types: auditadm_t dbadm_t guest_t logadm_t secadm_t staff_t staff_wine_t sysadm_t unconfined_t user_t user_wine_t webadm_t xguest_t Signed-off-by: Lukas Vrabec <lvrabec@redhat.com>
* | vncserver: Display check should confirm UNIX domain socket is still validMark Mielke2020-07-291-3/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If the X server is not shut down cleanly, it can leave UNIX domain sockets around that "vncserver" has previously mis-identified as evidence that the display number is still in use. Instead of checking for existence of /tmp/.X11-unix/X<n>, the code will now attempt to connect to the socket to confirm that there is a server process listening on this UNIX domain socket. This will eliminate false positives in the case the UNIX domain socket still exists but is not associated with a listening Xorg server. The Xorg server does not have a problem with fixing this file when it next starts up. It is only important to avoid using the port if it is still in use.
* | vncserver: Display check should be re-factored for Perl 5Mark Mielke2020-07-291-36/+6
| | | | | | | | | | | | | | | | The display check and related setup code was complex due to compatibility with Perl 4. This included different ways of obtaining system constants and building system data structures. Perl 5 provides direct constants and utility methods to abstract this out of the vncserver code.
* | vncserver: Display check should confirm lock file is still validMark Mielke2020-07-291-3/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | If the X server is not shut down cleanly, it may leave lock files around that "vncserver" has previously mis-identified as evidence that the display number is still in use. Instead of checking for existence of /tmp/.X<n>-lock, the code will now extract the PID from the lock file and confirm that a process exists with the same PID. This will eliminate false positives in the case that this file references a PID that no longer exists. The Xorg server does not have a problem with fixing this file when it next starts up. It is only important to avoid using the port if it is still in use.
* | vncserver: Display check should avoid duplicate codeMark Mielke2020-07-291-14/+10
| | | | | | | | | | | | The display check had duplicate code to first check if the X11 port is not in use, and then check that the RFB port is not in use. Eliminate the duplicate code by using a for-loop.
* | vncserver: Display check should use named variablesMark Mielke2020-07-291-6/+13
| | | | | | | | | | | | | | Several calculated values such as file paths and port numbers were hard coded within strings or expressions, sometimes multiple times. These values should be extracted into named variables to improve self-documentation and avoid accidental divergence.
* | vncserver: Display check should check for lock file firstMark Mielke2020-07-291-6/+6
| | | | | | | | | | | | Checking for the existence of `/tmp/.X<n>-lock` is a fast read-only operation, while calls to bind() or connect() are more expensive and may have side effects. Perform the fast operation first.
* | vncserver: Remove legacy HP-UX supportMark Mielke2020-07-291-7/+0
|/ | | | | | The check for existence of `/usr/spool/sockets/X11/<n>` has been removed. This file is only relevant on HP-UX, and TigerVNC dropped support for HP-UX in commit 31e5aa3.
* Remove trailing spaces in user nameJan Grulich2020-07-031-1/+1
| | | | | | | It's quite easy to make a mistake and add an additional space when configuring users in the vncserver.users config file. You will then get an error that the user doesn't exist and it's hard to spot the mistake. Same applies for a space before the display number.
* Merge branch 'regions' of https://github.com/CendioOssman/tigervncPierre Ossman2020-06-155-157/+150
|\
| * Get rid of magical assignment to RegionPierre Ossman2020-05-183-23/+17
| | | | | | | | Might as well make these explicit so the cost is apparent.
| * Switch region code to pixmanPierre Ossman2020-05-011-2/+1
| | | | | | | | | | This is the current upstream so let's make use of it to get the latest in features and fixes.
| * Avoid using RegionInit() because of empty rectsPierre Ossman2020-05-011-26/+26
| | | | | | | | | | It creates an invalid region if given an empty rect. Fortunately RegionInitBoxes() handles that just fine, so use that instead.
| * Stop using legacy region macrosPierre Ossman2020-05-012-134/+134
| | | | | | | | | | We no longer support such old X servers so start using the current functions.
* | Catch errors resizing framebufferPierre Ossman2020-05-231-2/+7
| |
* | Add final line break to FatalError() callsPierre Ossman2020-05-232-7/+7
| | | | | | | | | | It expects the callers to include this, so make sure we're consistently providing one.
* | [SELinux] Allow vnc_session_t type execute itselfLukas Vrabec2020-05-061-0/+2
|/ | | | | | | | vncsession-start is running in SELinux vnc_session_t domain because of "SELinuxContext=system_u:system_r:vnc_session_t:s0" option in systemd vncserver@.service unit file. vncsession-start executing binary vncsession with SELinux label/type vnc_session_t. This access was not allowed in vncsession policy.
* Handle empty changes for every operationPierre Ossman2020-04-201-22/+16
| | | | | | It seems like many of the X11 operations can end up with no pixels actually changing. So instead of discovering and adding workarounds for each individually we'll just check very region added if it's empty.
* Remove legacy Xorg codePierre Ossman2020-04-027-459/+6
| | | | | We now require at least 1.16, so remove all code that handled older versions than that.
* Remove 8-bit support from documentationPierre Ossman2020-04-022-16/+4
| | | | | We removed support in the code ages ago, but overlooked this part of the documentation. Also remove some dead code in Xvnc on the same theme.
* Remove support for old Xorg versionsPierre Ossman2020-03-129-909/+0
| | | | No current distribution ship anything this ancient anyway.
* Use standard install dir variable namesPierre Ossman2020-03-128-20/+20
| | | | | This makes our builds directly compatible with most distributions without packagers/users having to specify extra flags.
* Add SELinux policy file for vncsessionPierre Ossman2020-03-125-0/+104
| | | | | | Running as a service on a SELinux system requires rules so we can transition to our own context. We also need the proper permissions to start new user sessions.
* Start sessions via PAMPierre Ossman2020-03-1212-144/+762
| | | | | | | | | This sets up a more correct session as there are key tasks that need to be performed by PAM. E.g. systemd will allocate cgroups and start base services. In order to easily handle this as a system service the mapping of displays is now done via a configuration file.
* Stop searching for XvncPierre Ossman2020-03-122-31/+3
| | | | | Assume we are part of a complete and proper installation and encode the full expected path in to the vncserver script.
* Start the sessions using xinitPierre Ossman2020-03-122-88/+20
| | | | | It keeps much better track of the X server and startup files than we can do.
* Make vncserver always run in the foregroundPierre Ossman2020-03-122-204/+8
| | | | | | We need to be started as a system service for things to work correctly anyway, so delegate the work of starting and stopping things to the system service manager (e.g. systemd).
* Start sessions using session desktop filePierre Ossman2020-03-122-88/+126
| | | | | This is how display managers (e.g. gdm or lightdm) start sessions and is necessary to get the proper set of environment variables.
* Don't create a default user configPierre Ossman2020-03-121-20/+0
| | | | | We don't want to create files in the users home directory unless we have to. Users can read about how this file works in our man pages.
* Don't accept arbitrary arguments to vncserverPierre Ossman2020-03-123-244/+19
| | | | | We now have config files for more fine grained control of these things, so avoid duplicating the functionality.
* Stop unsetting environment variablesPierre Ossman2020-03-121-2/+0
| | | | | These might contain values we want if we are start from a proper environment.
* Always install systemd servicesPierre Ossman2020-03-122-0/+51
| | | | | | | It is the most common init system these days so it should not be hidden in the contrib/ directory. This also removes all old SysV files from the contrib packages.
* Add default configuration filesPierre Ossman2020-03-126-3/+34
| | | | Install some example files to make things more easily discoverable.
* xserver: add no-op input thread init functionLinus Heckemann2020-02-011-0/+9
| | | | | | | | This allows Xvnc to build with xorg-server 1.20.7, which requires OS layers to implement a ddxInputThreadInit function when configured with --enable-input-thread (the default). relevant xorg-server commit: e3f26605d85d987da434640f52646d728f1fe919
* Update copyright year to 2020Pierre Ossman2020-01-161-1/+1
|
* Merge branch 'secfix' of https://github.com/CendioOssman/tigervncPierre Ossman2019-12-203-22/+13
|\
| * Encapsulate PixelBuffer internal detailsPierre Ossman2019-11-153-22/+13
| | | | | | | | | | | | Don't allow subclasses to just override dimensions or buffer details directly and instead force them to go via methods. This allows us to do sanity checks on the new values and catch bugs and attacks.
* | Don't background the main session commandPierre Ossman2019-12-091-1/+1
|/ | | | | | When used with -fg we expect the startup script to remain running until the session is over. This will not happen if the session command is put in the background using &.
* Change development version to 1.10.80Pierre Ossman2019-10-181-1/+1
|