CentOS 7安装VNC Server

博客分类：
 linux-centos
 服务器

本文操作流程具体参考自https://docs.oracle.com/cd/E52668_01/E54669/html/ol7-vnc-config.html

系统版本

$ uname -a
Linux localhost.localdomain 3.10.0-327.el7.x86_64 #1 SMP Thu Nov 19 22:10:57 UTC 2015 x86_64 x86_64
内核

$ cat /etc/redhat-release
CentOS Linux release 7.2.1511 (Core)
当初安装时选择的是最小化的安装模式，所以如果你已经安装了图形化界面的系统可以跳过下面的X-Window安装，直接安装VNC Server

以下命令必须以 root 权限运行，要切换到 root，或者在想要执行操作的用户添加到sudo中，那每个命令前面都要加上sudo前缀表示当前用户临时拥有像root一样的执行权限

visudo

找到“root ALL=(ALL) ALL”，在下面添加一行：XXX ALL=(ALL) ALL，XXX为用户名
好了，废话不多说，开始安装VNC Server

1 首先需要安装X-Window

yum check-update

yum groupinstall “X Window System”

yum install gnome-classic-session gnome-terminal nautilus-open-terminal control-center liberation-mono-fonts

或者直接下面一条命令

yum groupinstall -y “GNOME Desktop”

2 安装 VNC 服务器（需要有网，如果没网的话，自己设置yum源为CD安装盘）

yun list|grep vnc #查看yum下相关的vnc包信息

rpm -qa|grep vnc #查看vnc是否安装

yum install tigervnc-server -y #CentOS/RHEL 6开始版本的安装

如果是CentOS/RHEL 5，则执行下面命令

yum install vnc-server -y

3 设置vncpasswd密码

vncpasswd

…输入该用户的登录密码，如果执行该命令没反应的话，建议最好重装vncserver
如果设置普通用户的登录密码，请先切换到普通用户下，再执行vncpasswd进行设置

在这里要科普下vnc的相关知识点

systemctl status vncserver@:.service

● vncserver@:.service - Remote desktop service (VNC)
Loaded: loaded (/usr/lib/systemd/system/vncserver@.service; disabled; vendor preset: disabled)
Active: inactive (dead)

systemctl is-enabled vncserver@.service

disabled
为什么会是不可使用呢?这是因为每个用户在VNC守护服务线程下，都是一个独立的实例；另一方面，VNC不能只运行一个单线程来处理每一个用户请求。
每一个用户连接到VNC时，VNC都会启动一个新的守护实例。CentOS 7使用systemd守护线程来初始化其他服务。每一个通过yum安装的服务都是运行在systemd下，并且各自的服务单元模块文件都存放于/lib/systemd/system目录下。
在/etc/systemd/system/目录下存放着一个跟相关服务的链接，在boot启动时，可以自动地根据链接来启动线程。
所以在这个案例中，你可以使用下面的命令看到该文件

ls -l /lib/systemd/system/vnc*

-rw-r–r--. 1 root root 1738 Apr 1 2016 /lib/systemd/system/vncserver@.service

ls -l /etc/systemd/system/.wants/vnc

ls: cannot access /etc/systemd/system/.wants/vnc.: No such file ore direcotry
所以可以直接复制vncserver@.service文件来作为各自实例的配置文件
参考自https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-vnc-remote-access-for-the-gnome-desktop-on-centos-7

4 创建VNC配置文件
正常安装好vncserver后，该文件/lib/systemd/system/vncserver@.service是有内容的，如果该文件的内容为空，建议重装vncserver，减少不必要的麻烦
这里的vncserver@:1.service为root用户的登录配置文件，vncserver@:2.service为普通用户的配置文件

cp /lib/systemd/system/vncserver@.service

/etc/systemd/system/vncserver@:1.service

cp /lib/systemd/system/vncserver@.service

/etc/systemd/system/vncserver@:2.service

vi /etc/systemd/vncserver@:1.service

The vncserver service unit file

Quick HowTo:

1. Copy this file to /etc/systemd/system/vncserver@.service

2. Edit and vncserver parameters appropriately

(“runuser -l -c /usr/bin/vncserver %i -arg1 -arg2”)

3. Run systemctl daemon-reload

4. Run systemctl enable vncserver@:<display>.service

DO NOT RUN THIS SERVICE if your local area network is

untrusted! For a secure way of using VNC, you should

limit connections to the local host and then tunnel from

the machine you want to view VNC on (host A) to the machine

whose VNC output you want to view (host B)

[user@hostA ~]$ ssh -v -C -L 590N:localhost:590M hostB

this will open a connection on port 590N of your hostA to hostB’s port 590M

(in fact, it ssh-connects to hostB and then connects to localhost (on hostB).

See the ssh man page for details on port forwarding)

You can then point a VNC client on hostA at vncdisplay N of localhost and with

the help of ssh, you end up seeing what hostB makes available on port 590M

Use “-nolisten tcp” to prevent X connections to your VNC server via TCP.

Use “-localhost” to prevent remote VNC clients connecting except when

doing so through a secure tunnel. See the “-via” option in the

`man vncviewer’ manual page.

[Unit]
Description=Remote desktop service (VNC)
After=syslog.target network.target

[Service]
Type=forking

Clean any existing files in /tmp/.X11-unix environment

ExecStartPre=/bin/sh -c ‘/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :’
ExecStart=/usr/sbin/runuser -l -c “/usr/bin/vncserver %i”
PIDFile=/home//.vnc/%H%i.pid
ExecStop=/bin/sh -c ‘/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :’

[Install]
WantedBy=multi-user.target
修改上面红色字体为用户名和所在的家目录即可，然后保存，执行下面命令使其生效

systemctl daemon-reload

5 启动VNCServer服务

systemctl start vncserver@:1.service

Job for vncserver@:1.service failed because the control process exited with error code. See “systemctl status vncserver@:1.service” and “journalctl -xe” for details.
出现错误，按照错误提示，执行下面命令

systemctl status vncserver@:1.service

● vncserver@:1.service - Remote desktop service (VNC)
Loaded: loaded (/etc/systemd/system/vncserver@:1.service; disabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Mon 2016-11-21 20:34:40 CST; 1min 32s ago
Process: 11295 ExecStart=/usr/sbin/runuser -l root -c /usr/bin/vncserver %i (code=exited, status=1/FAILURE)
Process: 11292 ExecStartPre=/bin/sh -c /usr/bin/vncserver -kill %i > /dev/null 2>&1 || : (code=exited, status=0/SUCCESS)

Nov 21 20:34:39 localhost.localdomain systemd[1]: Starting Remote desktop service (VNC)…
Nov 21 20:34:40 localhost.localdomain runuser[11295]: Password:
Nov 21 20:34:40 localhost.localdomain systemd[1]: vncserver@:1.service: control process exited, code=exited status=1
Nov 21 20:34:40 localhost.localdomain systemd[1]: Failed to start Remote desktop service (VNC).
Nov 21 20:34:40 localhost.localdomain systemd[1]: Unit vncserver@:1.service entered failed state.
Nov 21 20:34:40 localhost.localdomain systemd[1]: vncserver@:1.service failed.
看到上面的错误提示，注意到好像还没设置root用户的vncpasswd密码!!!

vncspasswd #设置root的vncpasswd密码 #:vncpasswd root(输入命令设置密码) 设置密码后还是报错 ，输入命令vncserver打开VNC 输入账号密码 在重启成功

su XXX

$ vncpasswd #设置XXX的vncpasswd密码

systemctl start vncserver@:1.service #启动vnc服务

systemctl stop vncserver@:1.service #关闭vnc服务

systemctl status vncserver@:1.service

● vncserver@:1.service - Remote desktop service (VNC)
Loaded: loaded (/etc/systemd/system/vncserver@:1.service; disabled; vendor preset: disabled)
Active: active (running) since Mon 2016-11-21 20:38:42 CST; 1min 55s ago
Process: 11346 ExecStart=/usr/sbin/runuser -l root -c /usr/bin/vncserver %i (code=exited, status=0/SUCCESS)
Process: 11343 ExecStartPre=/bin/sh -c /usr/bin/vncserver -kill %i > /dev/null 2>&1 || : (code=exited, status=0/SUCCESS)
Main PID: 11367 (Xvnc)
CGroup: /system.slice/system-vncserver.slice/vncserver@:1.service
‣ 11367 /usr/bin/Xvnc :1 -desktop localhost.localdomain:1 (root) -auth /root/.Xauthority -geometry 1024x7…

Nov 21 20:38:39 localhost.localdomain systemd[1]: Starting Remote desktop service (VNC)…
Nov 21 20:38:42 localhost.localdomain systemd[1]: Started Remote desktop service (VNC).
看到这种提示并显示active(running)说明vncserver启动成功了

systemctl enable vncserver@:1.service #设置开机自启动

Created symlink from /etc/systemd/system/multi-user.target.wants/vncserver@:1.service to /etc/systemd/system/vncserver@:1.service.

systemctl disable vncserver@:1.service #取消开机自启动

Removed symlink /etc/systemd/system/multi-user.target.wants/vncserver@:1.service.
注：如果有修改配置文件，都必须重新加载配置和重启服务

systemctl daemon-reload

systemctl restart vncserver@:1.service

6 配置防火墙
centos从7开始默认用的是firewalld，这个是基于iptables的，虽然有iptables的核心，但是iptables的服务是没安装的

firewall-cmd --state #查看防火墙的启动状态

running

systemctl start firewalld #如果没启动防火墙的话则启动，为了网络安全

firewall-cmd --zone=public --add-嗯 service=vnc-server --permanent #永久的把vnc-server服务加进防火墙

firewall-cmd --zone=public --list-services

firewall-cmd --zone=public --add-port=5901-5902/tcp --permanent #永久的把该端口添加进防火墙

success

firewall-cmd --zone=public --list-ports #查看开放的端口有哪些

firewall-cmd --reload #重启防火墙，让刚才的设置生效

7 配置VNC桌面(根据自己的偏好设置启动什么GUI)[可选]

vi ~/.vnc/xstartup

在末尾添加
startkde &
设置成链接时启动kde

systemctl restart vncserver@:1.service

8 在Windows下，安装VNC Viewer，输入正确IP地址、窗口号和密码，即可远程
或者使用SSH通道的客户端程序,如：PuTTY
参考自https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-vnc-remote-access-for-the-gnome-desktop-on-centos-7

在使用的过程中，VNC界面有时会没有反应，这时应该如何操作呢
通过SSH登录系统，然后通过命令重启自己的VNC Server
$ ls ~/.vnc/ #查看自己的端口号是多少
$ vncserver -kill :2 #结束VNC服务及远程桌面
$ vncserver :2 -geometry 1280x760
此时通过VNC Viewer登录试试，应该可以了
注意:vncserver只能由启动它的用户来关闭，即时是root也不能关闭其它用户开启的vncserver，除非用kill命令杀死进程

在安装的过程中，一开始用yum安装时显示complete，但在进行配置时发现配置文件是空，按照网上说的各种教程来设置时，也都出现各种其他问题，这时就要考虑是否卸载掉然后重新装过了，在该过程中遇到的错误有：

/bin/systemctl start vncserver.service#启动vncserver服务

出现:
Failed to start vncserver.service: Unit vncserver.service failed to load: No such file or directory.

systemctl enable vncserver.service

出现:
Failed to execute operation: Access denied

service vncserver status

Redirecting to /bin/systemctl status vncserver.service
● vncserver.service
Loaded: not-found (Reason: No such file or directory)
Active: inactive (dead)

systemctl status vncserver@:.service

● vncserver@:.service
Loaded: masked (/usr/lib/systemd/system/vncserver@.service; masked; vendor preset: disabled)
Active: inactive (dead)

systemctl is-enabled vncserver@.service

masked

systemctl enable vncserver@:1.service

The unit files have no [Install] section. They are not meant to be enabled
using systemctl.
Possible reasons for having this kind of units are:

1. A unit may be statically enabled by being symlinked from another unit’s
   .wants/ or .requires/ directory.
2. A unit’s purpose may be to act as a helper for some other unit which has
   a requirement dependency on it.
3. A unit may be started when needed via activation (socket, path, timer,
   D-Bus, udev, scripted systemctl call, …).
   http://lists.opensuse.org/opensuse-bugs/2013-11/msg04269.html
   Mailinglist Archive: opensuse-bugs (5295 mails)

systemctl start vncserver@:1.service

Job for vncserver@:1.service failed because a configured resource limit was exceeded.
See “systemctl status vncserver@:1.service” and “journalctl -xe” for details.

systemctl -l status vncserver@:1.service

● vncserver@:1.service - Remote desktop service (VNC)
Loaded: loaded (/etc/systemd/system/vncserver@:1.service; static; vendor preset: disabled)
Active: failed (Result: resources) since Mon 2016-11-21 18:49:42 CST; 12min ago
Process: 9809 ExecStart=/sbin/runuser -l root -c /usr/bin/vncserver %i -geometry 1280x760 (code=exited, status=0/SUCCESS)
Process: 9804 ExecStartPre=/bin/sh -c /usr/bin/vncserver -kill %i > /dev/null 2>&1 || : (code=exited, status=0/SUCCESS)

Nov 21 18:49:42 localhost.localdomain systemd[1]: Starting Remote desktop service (VNC)…
Nov 21 18:49:42 localhost.localdomain systemd[1]: PID file /root/.vnc/localhost.localdomain:1,pid not readable (yet?) after start.
Nov 21 18:49:42 localhost.localdomain systemd[1]: Failed to start Remote desktop service (VNC).
Nov 21 18:49:42 localhost.localdomain systemd[1]: Unit vncserver@:1.service entered failed state.
Nov 21 18:49:42 localhost.localdomain systemd[1]: vncserver@:1.service failed.

systemctl -l status vncserver@:1.service

● vncserver@:1.service - Remote desktop service (VNC)
Loaded: loaded (/etc/systemd/system/vncserver@:1.service; disabled; vendor preset: disabled)
Active: failed (Result: resources) since Mon 2016-11-21 18:49:42 CST; 40min ago

Nov 21 18:49:42 localhost.localdomain systemd[1]: vncserver@:1.service failed.
Nov 21 19:15:55 localhost.localdomain systemd[1]: [/etc/systemd/system/vncserver@:1.service:11] Unknown lvalue ‘ExectStop’ in section ‘Service’
Nov 21 19:15:55 localhost.localdomain systemd[1]: [/etc/systemd/system/vncserver@:1.service:13] Unknown section ‘install’. Ignoring.
Nov 21 19:20:35 localhost.localdomain systemd[1]: [/etc/systemd/system/vncserver@:1.service:11] Unknown lvalue ‘ExectStop’ in section ‘Service’
Nov 21 19:20:35 localhost.localdomain systemd[1]: [/etc/systemd/system/vncserver@:1.service:13] Unknown section ‘install’. Ignoring.
Nov 21 19:20:45 localhost.localdomain systemd[1]: [/etc/systemd/system/vncserver@:1.service:11] Unknown lvalue ‘ExectStop’ in section ‘Service’
Nov 21 19:20:45 localhost.localdomain systemd[1]: [/etc/systemd/system/vncserver@:1.service:13] Unknown section ‘install’. Ignoring.
Nov 21 19:21:10 localhost.localdomain systemd[1]: Stopped Remote desktop service (VNC).
Nov 21 19:21:22 localhost.localdomain systemd[1]: [/etc/systemd/system/vncserver@:1.service:11] Unknown lvalue ‘ExectStop’ in section ‘Service’
Nov 21 19:21:22 localhost.localdomain systemd[1]: [/etc/systemd/system/vncserver@:1.service:13] Unknown section ‘install’. Ignoring.
Warning: vncserver@:1.service changed on disk. Run ‘systemctl daemon-reload’ to reload units.

journalctl -xe|grep vncserver

…
– Subject: Unit vncserver@:1.service has begun start-up
– Unit vncserver@:1.service has begun starting up.
– Subject: Unit vncserver@:1.service has failed
– Unit vncserver@:1.service has failed.
Nov 21 19:32:48 localhost.localdomain systemd[1]: Unit vncserver@:1.service entered failed state.
Nov 21 19:32:48 localhost.localdomain systemd[1]: vncserver@:1.service failed.

systemctl -l status vncserver@:1.service

● vncserver@:1.service - Remote desktop service (VNC)
Loaded: loaded (/etc/systemd/system/vncserver@:1.service; disabled; vendor preset: disabled)
Active: failed (Result: resources) since Mon 2016-11-21 19:32:48 CST; 10min ago

Nov 21 19:32:47 localhost.localdomain systemd[1]: Starting Remote desktop service (VNC)…
Nov 21 19:32:48 localhost.localdomain systemd[1]: PID file /root/.vnc/localhost.localdomain:1,pid not readable (yet?) after start.
Nov 21 19:32:48 localhost.localdomain systemd[1]: Failed to start Remote desktop service (VNC).
Nov 21 19:32:48 localhost.localdomain systemd[1]: Unit vncserver@:1.service entered failed state.
Nov 21 19:32:48 localhost.localdomain systemd[1]: vncserver@:1.service failed.

systemctl -l status vncserver@:1.service

● vncserver@:1.service - Remote desktop service (VNC)
Loaded: loaded (/etc/systemd/system/vncserver@:1.service; enabled; vendor preset: disabled)
Active: failed (Result: resources) since Mon 2016-11-21 20:12:15 CST; 57s ago
Process: 10931 ExecStart=/sbin/runuser -l root -c /usr/bin/vncserver %i (code=exited, status=0/SUCCESS)
Process: 10926 ExecStartPre=/bin/sh -c /usr/bin/vncserver -kill %i > /dev/null 2>&1 || : (code=exited, status=0/SUCCESS)

Nov 21 20:12:15 localhost.localdomain systemd[1]: Starting Remote desktop service (VNC)…
Nov 21 20:12:15 localhost.localdomain systemd[1]: PID file /root/.vnc/localhost.localdomain:1.pid not readable (yet?) after start.
Nov 21 20:12:15 localhost.localdomain systemd[1]: Failed to start Remote desktop service (VNC).
Nov 21 20:12:15 localhost.localdomain systemd[1]: Unit vncserver@:1.service entered failed state.
Nov 21 20:12:15 localhost.localdomain systemd[1]: vncserver@:1.service failed.

journalctl -xn|grep vncserver #这个可以查看具体是什么错误信息

netstat -tulnp #查看vncserver启动状况

在设置的过程中要多看看错误信息，这样才能更好的对症下药，更快的解决问题

载掉vncserver

yum erase tigervnc*

rpm -qa|grep vnc #检查是否卸载掉

以上就是小弟我在安装VNC Server碰到的各种错误，不过最终还是靠自己努力搞定了，真的发自内心的开心~~~~，上面的见解纯属个人所见，如有不足之处，望指正，谢谢 :-）