redhat 8.3 的VNC 配置与其他的redhat 版本不太一样,其他版本在安装tigervnc tigervnc-server 后直接执行vncserver 就可以了, 8.3执行vncserver将会出现如下信息:
# vncserver
vncserver has been replaced by a systemd unit.
Please read /usr/share/doc/tigervnc/HOWTO.md for more information.
网上好多文章都说配置 vncserver@:1.service 里边内容大致为
[Unit]
Description=Remote desktop service (VNC)
After=syslog.target network.target
[Service]
Type=forking
WorkingDirectory=/root
User=root
Group=root
PIDFile=/root/.vnc/%H%i.pid
ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'
ExecStart=/usr/bin/vncserver -autokill %i
ExecStop=/usr/bin/vncserver -kill %i
[Install]
WantedBy=multi-user.target
但是在redhat8.3 中执行ExecStart 中的脚本 /usr/bin/vncserver 就不能成功,所以这个方法在这里不适用。
/usr/share/doc/tigervnc/HOWTO.md 已经对配置进行里讲解,HOWTO.md 内容如下:
# What has changed
The previous Tigervnc versions had a wrapper script called `vncserver` which
could be run as a user manually to start *Xvnc* process. The usage was quite
simple as you just run
```
$ vncserver :x [vncserver options] [Xvnc options]
```
and that was it. While this was working just fine, there were issues when users
wanted to start a Tigervnc server using *systemd*. For these reasons things were
completely changed and there is now a new way how this all is supposed to work.
# How to start Tigervnc server
## Add a user mapping
With this you can map a user to a particular port. The mapping should be done in
`/etc/tigervnc/vncserver.users` configuration file. It should be pretty
straightforward once you open the file as there are some examples, but basically
the mapping is in form
```
:x=user
```
For example you can have
```
:1=test
:2=vncuser
```
## Configure
options
To configure Xvnc parameters, you need to go to the same directory where you did
the user mapping and open `vncserver-config-defaults` configuration file. This
file is for the default Xvnc configuration and will be applied to every user
unless any of the following applies:
* The user has its own configuration in `$HOME/.vnc/config`
* The same option with different value is configured in
`vncserver-config-mandatory` configuration file, which replaces the default
configuration and has even a higher priority than the per-user configuration.
This option is for system administrators when they want to force particular
*Xvnc* options.
Format of the configuration file is also quite simple as the configuration is
in form of
```
option=value
option
```
for example
```
session=gnome
securitytypes=vncauth,tlsvnc
desktop=sandbox
geometry=2000x1200
localhost
alwaysshared
```
### Note:
There is one important option you need to set and that option is the session you
want to start. E.g when you want to start GNOME desktop, then you have to use
```
session=gnome
```
which should match the name of a session desktop file from `/usr/share/xsessions`
directory.
## Set VNC password
You need to set a password for each user in order to be able to start the
Tigervnc server. In order to create a password, you just run
```
$ vncpasswd
```
as the user you will be starting the server for.
### Note:
If you were using Tigervnc before for your user and you already created a
password, then you will have to make sure the `$HOME/.vnc` folder created by
`vncpasswd` will have the correct *SELinux* context. You either can delete this
folder and recreate it again by creating the password one more time, or
alternatively you can run
```
$ restorecon -RFv /home/<USER>/.vnc
```
## Start the Tigervnc server
Finally you can start the server using systemd service. To do so just run
```
$ systemctl start vncserver@:x
```
as root or
```
$ sudo systemctl start vncserver@:x
```
as a regular user in case it has permissions to run `sudo`. Don't forget to
replace the `:x` by the actual number you configured in the user mapping file.
Following our example by running
```
$ systemctl start vncserver@:1
```
you will start a Tigervnc server for user `test` with a GNOME session.
### Note:
If you were previously using Tigervnc and you were used to start it using
*systemd* then you will need to remove previous *systemd* configuration files,
those you most likely copied to `/etc/systemd/system/vncserver@.service`,
otherwise this service file will be preferred over the new one installed with
latest Tigervnc.
# Limitations
You will not be able to start a Tigervnc server for a user who is already
logged into a graphical session. Avoid running the server as the `root` user as
it's not a safe thing to do. While running the server as the `root` should work
in general, it's not recommended to do so and there might be some things which
are not working properly.
下边是我的操作 redhat 8.3 配置VNC 步骤:
1.安装vnc软件(假设已经配置yum源)
dnf install tigervnc tigervnc-server
2.修改vncserver-config-defaults , 如果添加一行localhost ,外部不能访问
vim /etc/tigervnc/vncserver-config-defaults
session=gnome
securitytypes=vncauth,tlsvnc
desktop=sandbox
geometry=2000x1200
alwaysshared
3.编辑vncserver.users
vim /etc/tigervnc/vncserver.users
:1=root
:2=admin
4.配置vnc密码
1.root用户下的vnc密码
[root@OS-redhat ~]# vncpasswd
Password:
Verify:
Would you like to enter a view-only password (y/n)? n
A view-only password is not used
1.admin用户下的vnc密码
[admin@OS-redhat ~]# vncpasswd
Password:
Verify:
Would you like to enter a view-only password (y/n)? n
A view-only password is not used
5.复制vncserver@x.service 文件
cp /lib/systemd/system/vncserver@.service /etc/systemd/system/vncserver@:1.service
cp /lib/systemd/system/vncserver@.service /etc/systemd/system/vncserver@:2.service
6.配置vnc开机自启服务
systemctl enable vncserver@:1
systemctl enable vncserver@:2
7.启动vnc服务
systemctl start vncserver@:1
systemctl start vncserver@:2
8.查看状态
[root@OS-redhat ~]# systemctl status vncserver@\:1
● vncserver@:1.service - Remote desktop service (VNC)
Loaded: loaded (/etc/systemd/system/vncserver@:1.service; enabled; vendor preset: disabled)
Active: active (running) (thawing) since Sun 2021-01-03 20:18:17 CST; 17min ago
Process: 3511 ExecStart=/usr/libexec/vncsession-start :1 (code=exited, status=0/SUCCESS)
Main PID: 3517 (vncsession)
Tasks: 1 (limit: 12096)
Memory: 1.3M
CGroup: /system.slice/system-vncserver.slice/vncserver@:1.service
‣ 3517 /usr/sbin/vncsession root :1
1月 03 20:18:17 OS-redhat systemd[1]: Starting Remote desktop service (VNC)...
1月 03 20:18:17 OS-redhat systemd[1]: Started Remote desktop service (VNC).
[root@OS-redhat ~]# systemctl status vncserver@\:2
● vncserver@:2.service - Remote desktop service (VNC)
Loaded: loaded (/etc/systemd/system/vncserver@:2.service; enabled; vendor preset: disabled)
Active: active (running) (thawing) since Sun 2021-01-03 20:18:14 CST; 17min ago
Process: 3258 ExecStart=/usr/libexec/vncsession-start :2 (code=exited, status=0/SUCCESS)
Main PID: 3264 (vncsession)
Tasks: 1 (limit: 12096)
Memory: 1.4M
CGroup: /system.slice/system-vncserver.slice/vncserver@:2.service
‣ 3264 /usr/sbin/vncsession admin :2
1月 03 20:18:14 OS-redhat systemd[1]: Starting Remote desktop service (VNC)...
1月 03 20:18:14 OS-redhat systemd[1]: Started Remote desktop service (VNC).
9.vncview客户端连接
略
总结.
Several VNC-related files are found in the directory $HOME/.vnc:
/etc/tigervnc/vncserver-config-defaults
The optional system-wide equivalent of $HOME/.vnc/config. If this file exists and defines options to be passed to Xvnc, they will be used as defaults for users. The user's $HOME/.vnc/config
overrides settings configured in this file. The overall configuration file load order is: this file, $HOME/.vnc/config, and then /etc/tigervnc/vncserver-config-mandatory. None are required
to exist.
/etc/tigervnc/vncserver-config-mandatory
The optional system-wide equivalent of $HOME/.vnc/config. If this file exists and defines options to be passed to Xvnc, they will override any of the same options defined in a user's
$HOME/.vnc/config. This file offers a mechanism to establish some basic form of system-wide policy. WARNING! There is nothing stopping users from constructing their own vncsession-like script
that calls Xvnc directly to bypass any options defined in /etc/tigervnc/vncserver-config-mandatory. The overall configuration file load order is: /etc/tigervnc/vncserver-config-defaults,
$HOME/.vnc/config, and then this file. None are required to exist.
$HOME/.vnc/config
An optional server config file wherein options to be passed to Xvnc are listed to avoid hard-coding them to the physical invocation. List options in this file one per line. For those requir‐
ing an argument, simply separate the option from the argument with an equal sign, for example: "geometry=2000x1200" or "securitytypes=vncauth,tlsvnc". Options without an argument are simply
listed as a single word, for example: "localhost" or "alwaysshared".
The special option session can be used to control which session type will be started. This should match one of the files in /usr/share/xsessions. E.g. if there is a file called "gnome.desk‐
top", then "session=gnome" would be set to use that session type.
$HOME/.vnc/passwd
The VNC password file.
$HOME/.vnc/host:display#.log
The log file for Xvnc and the session.
翻译如下:
/etc/tigervnc/vncserver-config-defaults
系统范围内的可选等价于$HOME/.vnc/config。如果该文件存在并定义了要传递给Xvnc的选项,则它们将被用作用户的默认选项。用户的$HOME/.vnc/config重写在此文件中配置的设置。
总的配置文件加载顺序是:/etc/tigervnc/vncserver-config-defaults-->$HOME/.vnc/config-->/etc/tigervnc/vncserver-config-mandatory。不是必要存在。
/etc/tigervnc/vncserver-config-mandatory
系统范围内的可选等价于$HOME/.vnc/config。如果这个文件存在并定义了要传递给Xvnc的选项,它们将重写在用户的选项中定义的任何相同选项$HOME/.vnc/config。该文件提供了一种机制,
用于建立系统范围策略的某种基本形式。警告:没有什么可以阻止用户构建自己的类似vncssession的脚本直接调用Xvnc绕过/etc/tigervnc/vncserver-config-mandatory中定义的选项。
总体配置文件的加载顺序是:/etc/tigervnc/vncserver-config-defaults-->$HOME/.vnc/config-->/etc/tigervnc/vncserver-config-mandatory。不是必要存在。
$HOME/.vnc/config
一个可选的服务器配置文件,其中列出了要传递给Xvnc的选项,以避免将它们硬编码到物理调用中。列出该文件中的选项,每行一个。
对于那些要求检测使用参数时,只需用等号将选项与参数分开,
例如:"geometry=2000x1200"或"securitytypes=vncauth,tlsvnc"。
没有参数的选项是简单的作为单个单词列出,例如:“localhost”或“always sshared”。
特殊选项会话可以用来控制将启动哪种会话类型。这应该与/usr/share/xsessions.中的一个文件匹配,例如,如果有一个文件名为“gnome.desktop”,然后“session=gnome”将被设置为使用该会话类型。
换句话说:
我们可以选择同时使用以下五种方案配置,用来定制我们需要的vncserver服务端桌面环境
1.配置/etc/tigervnc/vncserver-config-defaults文件
2.配置/etc/tigervnc/vncserver-config-defaults文件和$HOME/.vnc/config文件
3.配置$HOME/.vnc/config文件
4.配置$HOME/.vnc/config文件和/etc/tigervnc/vncserver-config-mandatory文件
5.配置/etc/tigervnc/vncserver-config-mandatory文件
然后配置vnc用户名和密码,创建vnc自启服务