Red Hat Bugzilla – Bug 173168
need some way to setup vnc by default
Last modified: 2009-07-14 12:52:29 EDT
With Xen in addition to various things like iSeries and s/390, it would be good
to have a way to set machines up to use VNC by default for their "x server" when
native hardware isn't available.
Created attachment 121038 [details]
launch gnome-session using Xvfb
I wouldn't be surprised if you just launched gnome-session in Xvfb (using
something like the script above which I did for the dogtail guys) and things
Note, vino would have to be installed and setup to run on startup and be setup
to allow connections without confirmation.
Or you could just use Xvnc...
Also, I'm sure Mark has a lot of insight to add here that I don't have, so I'm
adding him to the CC list.
What do you think Mark?
We don't want just a gnome session, though. We really want everything that
would have been graphical on the system also. Think firstboot, gdm, maybe even
So, what you might reasonably want is:
1) only root should be able remotely use rhgb/firstboot
2) anyone with an account on the box should be able login to a desktop
session (i.e. use gdm)
You could do (1) by starting rhgb/firstboot on an Xvnc which doesn't require a
password and only accepts connects from localhost. Then you'd run a client which
would start ssh, authenticate, open a tunnel to Xvnc through the ssh connection
and connect vncviewer to the tunnel.
Two problems with that scheme: a) anyone with an account would be able to
connect because Xvnc wouldn't be able to authenticate who was connecting over
the local tcp socket and b) you wouldn't be able to connect to firstboot until
sshd had started.
The easier way of doing (1) is to allow people to specify a password for Xvnc,
then run firstboot/rhgb on it and open the port on the firewall. Problems here:
a) VNC's auth scheme is too easy to crack and b) all keypresses etc. are
unencrypted. Not a big deal, we allow this with anaconda anyway, it just
shouldn't be the default config.
As for (2), the simplest thing would be to change GDM's config to use Xvnc as
its primary server, without a password, but with the -NeverShared option. So,
you'd connect to VNC, login through GDM and a session would be started.
The hair-brained idea for (2) is that, on the client you'd have a
gdm-flexiserver type thing - it would start Xnest, with a login screen - except
that when you authenticate, you're authenticating over SSH. Something like this:
When you authenticate, a vncviewer in listening mode is run, SSH opens a tunnel
pointing at that vncviewer, runs a command on the server which starts Xvnc in
reverse mode, which connects back over the tunnel and then runs whichever
session/language you selected from the login screen on that Xvnc.
Both ideas involving SSH obviously require a fair bit of work. The simpler
options in both cases basically just require the installer to munge the
appropriate configs. I've no great insight there ... so, I've a feeling all of
this blurb is no use at all :-)
CCing new VNC package maintainer.
*** Bug 179748 has been marked as a duplicate of this bug. ***
*** Bug 195259 has been marked as a duplicate of this bug. ***
Based on the date this bug was created, it appears to have been reported
against rawhide during the development of a Fedora release that is no
longer maintained. In order to refocus our efforts as a project we are
flagging all of the open bugs for releases which are no longer
maintained. If this bug remains in NEEDINFO thirty (30) days from now,
we will automatically close it.
If you can reproduce this bug in a maintained Fedora version (7, 8, or
rawhide), please change this bug to the respective version and change
the status to ASSIGNED. (If you're unable to change the bug's version
or status, add a comment to the bug and someone will change it for you.)
Thanks for your help, and we apologize again that we haven't handled
these issues to this point.
The process we're following is outlined here:
We will be following the process here:
http://fedoraproject.org/wiki/BugZappers/HouseKeeping to ensure this
doesn't happen again.
Still need the functionality
Changing version to '9' as part of upcoming Fedora 9 GA.
More information and reason for this action is here:
This message is a reminder that Fedora 9 is nearing its end of life.
Approximately 30 (thirty) days from now Fedora will stop maintaining
and issuing updates for Fedora 9. It is Fedora's policy to close all
bug reports from releases that are no longer maintained. At that time
this bug will be closed as WONTFIX if it remains open with a Fedora
'version' of '9'.
Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version'
to a later Fedora version prior to Fedora 9's end of life.
Bug Reporter: Thank you for reporting this issue and we are sorry that
we may not be able to fix it before Fedora 9 is end of life. If you
would still like to see this bug fixed and are able to reproduce it
against a later version of Fedora please change the 'version' of this
bug to the applicable version. If you are unable to change the version,
please add a comment here and someone will do it for you.
Although we aim to fix as many bugs as possible during every release's
lifetime, sometimes those efforts are overtaken by events. Often a
more recent Fedora release includes newer upstream software that fixes
bugs or makes them obsolete.
The process we are following is described here:
Fedora 9 changed to end-of-life (EOL) status on 2009-07-10. Fedora 9 is
no longer maintained, which means that it will not receive any further
security or bug fix updates. As a result we are closing this bug.
If you can reproduce this bug against a currently maintained version of
Fedora please feel free to reopen this bug against that version.
Thank you for reporting this bug and we are sorry it could not be fixed.