Hello there
• Adam Retter [2024-01-02 23:14]:
> Apologies but I am a little bit unclear about how X authfiles should
> work in OpenBSD.
>
> I have started with a fresh OpenBSD 7.4 install, and I opted to
> install the X Window System. My goal is to be able to export my
> display over VNC as I have no access to the mouse and keyboard of the
> machine.
>
> I have installed the VNC Server software by running as root - pkg_add tigervnc
>
> To be able to run the VNC Server, it needs access to the X Authority
> file. I want to ideally run the VNC Server under a non-root account. I
> have found an authority file under /etc/X11/xenodm/authdir/authfiles/
> however its name seems to be randomly decided each time xenodm is
> started during System boot. For example at present it is
> /etc/X11/xenodm/authdir/authfiles/A:0-r4dlnM but that will change if
> the system is rebooted.
>
> To run the VNC Server, I think I need to execute something like the
> following command:
>
> XAUTHORITY=/etc/X11/xenodm/authdir/authfiles/A:0-r4dlnM x0vncserver
> -display :0 -PasswordFile ~/.vnc/passwd
>
> It is not clear to me how I can set this up so that x0vncserver can
> access the correctly named auth file each time the machine restarts,
> and also under which account it would be considered best practice to
> run x0vncserver... Should I run it under my user account, the `_x11`
> account, or an account created just for that purpose?
> Ideally the VNC Server would start during system startup also.
>
> I also note that the auth files such as
> /etc/X11/xenodm/authdir/authfiles/A:0-r4dlnM are owned by the `_x11`
> account and group, and are only readable by the owner (mode 0600).
>
> Please advise on the best way to set this up?
You might want to look at Xvnc rather than x0vncserver. Xvnc is started
by vncserver, which you can run as your normal user.
> Kind regards. Adam.
Here's a setup that used to work at some point, it could give you some
ideas. Note how vncserver is started in the user's tmux session -- this
way I can attach to it and see what is going on.
To run at startup, you could either add a line to rc.local, or (ab)use
crontab's @reboot facility.
In /etc/rc.local
echo -n ' VNC'
su -l <user> -c '/home/<user>/bin/runxvnc.sh 2>&1' >/dev/null &
Then in /home/<user>/bin/runxvnc.sh
#!/bin/sh
tmux new-session -d -s Xvnc \
/usr/local/bin/vncserver :2 \
-geometry 1920x1080 \
-depth 32 \
-fg \
-xstartup ~/.vnc/xstartup \
-interface 127.0.0.1 \
-rfbport 5901 \
-rfbauth ~/.vnc/passwd \
-alwaysshared
And in ~/.vnc/xstartup
#!/bin/sh
unset SESSION_MANAGER
unset DBUS_SESSION_BUS_ADDRESS
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
export LC_CTYPE="en_US.UTF-8"
/usr/local/bin/startxfce4
> --
> Adam Retter
>
> skype: adam.retter
> tweet: adamretter
> http://www.adamretter.org.uk
>
--
-- Kirill Miazine <k...@krot.org>
