nstvncadmin — NST script to administer virtual desktops.
nstvncadmin [
-m
TEXT
| --mode TEXT
] [
-d
INTEGER
| --display INTEGER
] [
-w
INTEGER
| --width INTEGER
] [
-t
INTEGER
| --height INTEGER
] [ --depth INTEGER
] [ --dpi INTEGER
] [
-l
[true]|false
| --localhost [true]|false
] [ --desktop TEXT
] [ --shared TEXT
] [ --dontdisconnect [true]|false
] [ --idletimeout INTEGER
] [ --all [true]|false
] [ --host HOSTNAME|IPv4ADDR
] [ --port PORT
] [
-u
TEXT
| --user TEXT
] [
-p
TEXT
| --passwd TEXT
] [ --passwd-reset [true]|false
] [ --rhost HOSTNAME|IPv4ADDR
] [ --rport PORT
] [ --ruser TEXT
] [ --rshared [true]|false
] [ --nmap [true]|false
] [ --rpath TEXT
] [ --desktopmgr TEXT
] [ --xhost TEXT
] [ --clipboard [true]|false
] [ --customxstartupapps FILENAME
] [ --loglevel INTEGER
] [ --listentcp [true]|false
] [ --su [true]|false
] [ --lightdm-cfg-mode TEXT
] [
-h
[true]|false
| --help [true]|false
] [
-H
[true]|false
| --help-long [true]|false
] [
-v
[true]|false
| --verbose [true]|false
] [ --version [true]|false
]
The nstvncadmin command is used in a NST
distribution to manage virtual desktops provided by the
VNC server included in the distribution. This
script has several modes of operation. The mode is controlled by
the --mode MODE command line option.
Try not to be intimidated by the number of available command line options, you rarely need to use many of them. They are provided mainly to make this script more "configurable" when invoked from other scripts.
To give you an idea of the power of this script, take a look at the following commands:
[root@probe ~]# nstvncadmin -m setup
[root@probe ~]# nstvncadmin -m setup -d 90 --user hsimpson
Password for new user (hsimpson):
Retype new password:
[root@probe ~]# nstvncadmin
7785 root :6 http://192.168.0.6:5806/
7983 hsimpson :90 http://192.168.0.6:5890/
[root@probe ~]# nstvncadmin -m connect --all
[root@probe ~]#
Here's the result of the above commands:
The first invocation uses the setup
mode to allocate a VNC display for the root
user as display :6 (the default).
The second invocation specifies a specific VNC display
(:90) and user account
(hsimpson). Since the Unix user account
hsimpson doesn't yet exist, we are prompted
to set the initial password for the account and connecting to
the VNC session.
The third invocation (without any options) simply lists what VNC sessions are currently available on the system.
Finally, the fourth invocation forwards ALL active VNC
sessions to the VNC viewer running in listen mode at
192.168.0.7.
The minimal amount of output has been shown. If we would
have included the -v option, the output
produced by each command would have been more verbose.
If you specify --mode list or -m
list on the command line (or if you omit the
--mode option entirely), this script will
display the list of active VNC desktops with the following
information:
The process ID of the VNC desktop.
The user ID of the owner of the VNC desktop.
The display ID of the VNC desktop.
The URL which one may connect to to view the virtual desktop.
Here is a example of using nstvncadmin in "list mode":
[root@probe ~]#nstvncadmin -vPID USER DISPLAY URL SERVER ===== ==== ======= ============================ =========== 21880 root :0 N/A vino-server 5240 root :1 N/A vino-server 16967 root :2 N/A vino-server 5101 root :6 http://10.222.222.117:5806/ Xvnc 16814 root :7 http://10.222.222.117:5807/ Xvnc[root@probe ~]#
The columns are tab delimited and the header line is
omitted (unless one includes the -v
option). This makes the output easier to parse/process by other
scripts.
If you specify --mode connections
or -m connections on the command line, this
script will display the list of connections to active VNC desktops
with the following information:
The process ID of the VNC desktop.
The user ID of the owner of the VNC desktop.
The display ID of the VNC desktop.
VNC server type: 'Xvnc' or 'vino-server'.
IP Address:Port of the connection to the VNC server.
Here is a example of using nstvncadmin in "connections mode":
[root@probe ~]#nstvncadmin --mode connections --verbosePID USER DISPLAY SERVER CONNECTION ===== ==== ======= =========== ============================ 21880 root :0 vino-server 10.222.222.103:3670 5240 root :1 vino-server None 16967 root :2 vino-server None 5101 root :6 Xvnc 10.222.222.103:1111 5101 root :6 Xvnc 10.222.222.15:59984 16814 root :7 Xvnc None[root@probe ~]#
The columns are tab delimited and the header line is
omitted (unless one includes the -v
option). This makes the output easier to parse/process by other
scripts.
If you specify --mode setup or
-m setup on the command line, this script will
attempt to start a new virtual desktop. There are several things to
consider in this mode of operation:
The display ID must be a integer value in the range of [1,99]. It defaults to 6 if omitted.
The display ID must not conflict with a existing virtual desktop (it is illegal to try and start more than one virtual desktop with the same display ID).
If the X font server is not yet running, we will
attempt to start it, but only if you run the script as
root (non-root users are not able to start
system services like the X font server).
We will start the virtual desktop even if the X font server isn't running. There may be some issues, but from our experience, the virtual desktop still seems to work sans the X font server.
Here is a example of using nstvncadmin to setup a virtual desktop
that fits nicely on a 1600x1200 laptop screen using
the fluxbox X Window Desktop Manager
on VNC display ID: 2 with the clipboard enabled
(i.e., copy and paste):
[root@probe ~]#nstvncadmin -m setup --display 2 --width 1600 --height 1200 \--desktopmgr fluxbox --clipboard true[root@probe ~]#
Though not required, you are free to use the following
options with setup mode:
--display, --width,
--height, --depth,
--dpi, --idletimeout,
--localhost, --shared,
--dontdisconnect,
--nolistentcp, --su,
--user,
--passwd, --xhost,
--desktopmgr and --clipboard.
While many of the options are obvious, We would like to call
your attention to a couple of interesting options. The
--user option allows one to setup
a VNC session for a different user (if you are
logged in as root). In addition, if the user account doesn't yet
exist on the system, it will be added. This makes setting
up VNC access for a new user
trivial. The --localhost option is useful when
you don't want other machines to be able to connect to
the VNC session directly. When enabled, a
remote machine will only be able to gain access to a VNC session
if they either establish a
ssh tunnel first, or if the client system puts
its VNC viewer into listen mode and the
vncconnect command is run on the server. For
the best security, the ssh tunnel method is
recommended.
If you specify --mode kill or -m
kill on the command line, this script will attempt to
kill one or all running VNC desktop(s). There
are several things to consider in this mode of operation:
The display ID must be a legal value (its
default value of 6 is legal), or --all must
be specified.
The display ID must match a display that is actually running on the system.
You can only kill virtual desktops owned by
other users if you run this script as
root.
Here is a example of using nstvncadmin to kill a VNC session on
display :2.
[root@probe ~]#nstvncadmin -m kill --display 2Killing Xvnc process ID 8180[root@probe ~]#
You can use the --display,
--all and --verbose options
in combination with the kill mode.
If you specify --mode connect or
-m connect on the command line, this script
will attempt forward one (or all) VNC desktop(s) to the specified
--host. There are several things to consider in
this mode of operation:
A VNC viewer operating in "listen" mode must be
running on the system specified by the --host
HOST option. Most VNC viewers are capable of operating
in "listen" mode.
The display ID must be a legal value (its
default value of 6 is legal), or --all must
be specified.
The display ID must match a display that is actually running on the system.
You can only connect virtual desktops owned by
other users if you run this script as
root.
Here is a example of using nstvncadmin to connect a VNC session
on display :6 to host
192.168.0.7.
[root@probe ~]#nstvncadmin -m connect -d 6 --host 192.168.0.7[root@probe ~]#
The --host option must always be included
when using the connect mode of operation. In
addition, you can use --display,
--all, --port and
--verbose options.
For secure connections, it is recommended that one uses
the tunnel mode of operation instead of the
connect mode (or direct client access mode)
as the VNC protocol is not encrypted.
The tunnel mode of operation is to support those skilled with the use of ssh, ssh-agent, and ssh-add. Assuming that the nstvncadmin is installed and functional on two systems, the tunnel mode allows one to securely access one or more VNC desktops on the remote system. There are several things to consider in this mode of operation:
This is the most secure way to access a VNC desktop as the network traffic will be encrypted.
If system "A" brings up a tunnel to system "B" and
system "A" wants to share its tunnel with other systems on its
LAN, the --rshared option must be
specified.
You must have access to the remote system. And
its highly recommended to make use of
ssh-agent and
ssh-add.
The display ID must be a legal value (its
default value of 6 is legal), or --all must
be specified. If --all is specified, we will
make an initial connection to the remote system to see what VNC
processes it has running and then create the necessary tunnel(s)
for ALL of the VNC desktops.
The display ID must match a display that is actually running on the system.
Just because you are able to tunnel a VNC desktop, doesn't mean that you will be able to access it. You will still be prompted for the VNC password when you connect to the desktop.
Here is a example of securely tunneling ALL of the VNC
desktops running on 192.168.0.6 to the local
system and then accessing desktop :6 using
127.0.0.1:6 as its address:
[root@probe ~]# nstvncadmin -m tunnel --all -v --rhost 192.168.0.6 &
Setting up the ssh tunnels via:
/usr/bin/ssh -p 22 -a -N -n -T -x -L 5806:127.0.0.1:5806 -L 5906:127.0.0.1:5906
-L 5890:127.0.0.1:5890 -L 5990:127.0.0.1:5990 root@192.168.0.6
[root@probe ~]# vncviewer 127.0.0.1:6 &
[root@probe ~]#
The --rhost option must always be
included when using the connect mode of
operation. In addition, you can use the
--display, --rshared,
--all and --verbose
options.
The install mode of operation is used to
install nstvncadmin,
vncpasswd-stdin, and
nstvncadmin.man.html onto another computer to
facilitate remote administration. When successful, this enables
the remote adminstration capability on the remote system. There
are several things to consider in this mode of operation:
root access to the remote
system is required, it is highly recommended to make use of
ssh-agent and
ssh-add.
The /usr/bin directory must
be writable, and it must be possible to create and write to
the /usr/share/doc/nstvncadmin-40
directory on the remote system.
Make sure that the hardware architecture is the same for
both the local and remote
system. Note: x86_64
binaries will not run on x86 hardware
platforms.
Here is a example of installing nstvncadmin
onto host 192.168.0.2 and then using the
list mode remotely to see what VNC sessions are
running on 192.168.0.2:
[root@probe ~]# nstvncadmin -m install -v --rhost 192.168.0.2
nstvncadmin 100% 60KB 8.4MB/s 00:00
vncpasswd-stdin 100% 8364 14.8MB/s 00:00
[root@probe ~]# nstvncadmin -v --rhost 192.168.0.2
Invoking the following remote command...
/usr/bin/ssh -p 22 192.168.0.2 'PATH=/usr/local/bin:/usr/bin:/bin:/sbin:/usr/sbin:/usr/local/sbin:/usr/X11R6/bin:${PATH}; nstvncadmin --mode list --verbose true'
PID USER DISPLAY URL
3651 megan :2 http://192.168.0.2:5802/
[root@probe ~]#
The --rhost option must always be
included when using the install mode of
operation. In addition, you can use the
--verbose option.
In order to install nstvncadmin onto another system. The other system should have the VNC package installed and be based on a Fedora Core 2 or above distribution. It may work with other Linux or Unix distributions, but there are no guarantees.
The nstvncadmin can be used to administer remote systems as
well as local systems. In order to turn a local command into a
remote command, the --rhost HOST option must be
supplied. All remote commands are done securely via
ssh and scp. There are
several things to consider when using nstvncadmin for remote
administration:
You must have ssh access to the remote system (typically involving a connection to port 22).
You must have a user account on the remote system, and
you will want root access if you are
responsible for the entire system.
The nstvncadmin script must be installed and
functional on the remote system (the install
mode is useful here).
The tunnel and
install modes of operation only work in
"remote" mode (if you fail to provide a --rhost
HOST option, they will report an error and
exit).
If the above conditions can be satisfied, you can do many interesting things. As an example, review the sample script below which is built on top of nstvncadmin:
#!/bin/bash
#
# vadmin HOST - Securely bring up root desktop from remote host.
#
# NOTE: This is only a rough script to give one an idea of what
# can be done.
HOST="${1}";
DISP=57;
RARGS="-v --rhost ${HOST} --ruser root"
# First setup/start display on remote host
SETUP_ARGS="--localhost --depth 16 --dpi 96 --width 1000 --height 800"
if ! nstvncadmin -m setup -d ${DISP} ${RARGS} ${SETUP_ARGS}; then
echo "***ERROR*** failed to setup VNC display ${DISP} on ${HOST}";
exit 1;
fi
# Second, bring up a ssh tunnel
nstvncadmin -m tunnel -d ${DISP} ${RARGS} &
TUNNEL_PID="${!}";
echo "Allowing 3 seconds for ssh tunnel establishment";
sleep 3
# Now bring up the desktop over ssh tunnel
vncviewer 127.0.0.1:${DISP};
# Shutdown tunnel and kill VNC server
kill ${TUNNEL_PID};
nstvncadmin -m kill -d ${DISP} ${RARGS};
Here is a example of using the above script to securely
administer the 192.168.0.2 system:
[pkb@salsa ~]$ vadmin 192.168.0.2
... Lots of verbose output as VNC is started on remote system,
ssh tunnel is created and vncviewer finally comes up ...
[pkb@salsa ~]$
The --rhost option must always be
included when using the install mode of
operation. In addition, you can use the
--verbose options.
In order to install nstvncadmin onto another system. The other system should have the VNC package installed and be based on a Fedora Core 2 or Fedora Core 3 distribution. It may work with other Linux or Unix distributions, but there are no guarantees.
xstartup ModeWhen one uses the setup mode,
the nstvncadmin script will create the file:
"$HOME/.vnc/xstartup" if it does not
exist. If you specify --mode xstartup
or -m xstartup on the command line, this script
will simply show the "$HOME/.vnc/xstartup"
which would have been generated by the script. This mode is really
designed to support other scripts (such as found in the NST WUI
or during the build process of the initial ISO
image).
No other command line options are required when this mode is used.
[pkb@salsa ~]$ nstvncadmin -m xstartup > xstartup
[pkb@salsa ~]$
xstartupapp ModeThis mode is typically designed to be used by other scripts
to get a example list of X Window Applications
that could be started up after a VNC session
has been created. For example: One might want to be presented with
an 'xterm' terminal window upon connection to
the VNC Desktop session.
The example applications listed will be commented out using
the # (pound) symbol. To use one of the example
applications, one needs to remove the comment. Each application
must be terminated using the & (ampersand)
symbol. The nstvncadmin script will include the list
of X Window Applications found in the default
file: "$HOME/.vnc/xstartupapps" into the
xstartup file: "$HOME/.vnc/xstartup". Use the
'--customxstartupapps FILE' option to set an
alternate file containing a list of X Window
Applications.
[pkb@salsa ~]$ nstvncadmin -m xstartupapps > $HOME/.vnc/xstartupapps
[pkb@salsa ~]$
The following command line options are available:
-m TEXT] | [--mode TEXT]
This option specifies an operational
nstvncadmin mode. Currently the following
modes are supported: 'list',
'connections', 'bash',
'kill', 'setup',
'connect', 'tunnel',
'install', 'xstartup',
'xstartupapps' or
'lightdmcfg'. If you specify
'list' (the default), it will list the active
VNC sessions from both the
'Xvnc' and 'vino-server'
VNC servers. Specify
'connections' to display a list of
connections to each active VNC
sessions. Specify 'bash' to display internal
'Bash' variables and array values specific to
nstvncadmin for 'Bash'
scripting integration. Specify 'setup' to
create setup and start a new VNC server
session. Specify 'kill' to remove a
VNC server session. Specify
'connect' to forward specify display (or all
displays) to a host running a VNC Viewer in
listen mode. Specify 'tunnel' to bring up
ssh tunnels to a remote system for secure
VNC access. Specify
'install' to transfer the
nstvncadmin onto the remote system. The
'xstartup' mode may be used to show (but not
create) the default: "$HOME/.vnc/xstartup"
which the script would create during the setup process (this
mode is typically used by other scripts). The
'xstartupapps' mode is used to display and
example set of X Window Applications that
could be started after the creation of the
VNCsession (this mode is typically used by
other scripts). Finally, the 'lightdmcfg'
mode is used to configure the lightdm display
manager for desktop X-Windows
TCP/IP Access
'listen/nolisten' control,
'enable/disable' VNC
NST desktop access or display
status information.
-d INTEGER] | [--display INTEGER]
Use this option to control which VNC display is created (or killed). It is a integer value in the range of 0-99 and defaults to 6 if omitted. The minimum value permitted is 0. The maximum value permitted is 99.
-w INTEGER] | [--width INTEGER]
Use this option with the --mode
setup option to specify the width (in pixels) for the
virtual desktop which is to be created. The minimum value permitted is 1. The maximum value permitted is 32000.
-t INTEGER] | [--height INTEGER]
Use this option with the --mode
setup option to specify the height (in pixels) for the
virtual desktop which is to be created. The minimum value permitted is 1. The maximum value permitted is 32000.
--depth INTEGER]
Use this option to adjust the number of bits used for colors. The default value of 24 provides true color. Common settings are 8, 16 and 24. The minimum value permitted is 8. The maximum value permitted is 32.
--dpi INTEGER]
By default, VNC sessions typically assume a default
pixel density of 75 dots per inch (DPI). If you intend to view
the VNC session on a system with a different pixel density, you
can use this option to adjust it. For example, a 15 inch LCD
running at 1600x1200 would want a DPI value of
134. Windows machines often default to
96 (check the General tab
in the Advanced display property
settings). The minimum value permitted is 16. The maximum value permitted is 1000.
-l [true]|false] | [--localhost [true]|false]
This option is used in setup
mode. When set to true, access will only be
granted to connections coming from the localhost. This means
that you won't be able to establish a connection unless you
setup a ssh tunnel, or use the
connect option to a
vncviewer running in
listen mode. NOTE: The default value for
this option is false.
--desktop TEXT]
The title name to appear in the window
frame of the VNC Viewer.
--shared TEXT]
This option is used in setup
mode. If set to client (the default), the VNC
viewer connection will be able to control whether the desktop is
shared or not. If set to always, the desktop
will always be shared (allow multiple VNC viewer
connections). If set to never, the desktop
will never be shared (permit only a single
connection).
--dontdisconnect [true]|false]
This option is used in setup
mode. If set to true, a VNC viewer will not
be able to disconnect other active VNC viewers. For example, if
you left a VNC viewer running at the office (in a non-shared mode),
you would not be able to access the desktop from home until someone
killed the active session at the office.
--idletimeout INTEGER]
Set the number of seconds after
which an idle VNC connection will be dropped. The default value
is zero (0) seconds which means no timeout. The minimum value permitted is 0. The maximum value permitted is 86400.
--all [true]|false]
Typically one performs operations with the
nstvncadmin script on a individual display
basis (using the --display ID option). If an
operation (like kill,
connect and tunnel)
permits it, you can apply the operation to ALL running VNC
servers.
--host HOSTNAME|IPv4ADDR]
This option is used by the
connect mode of operation to indicate the
remote machine to display the desktop on.
--port PORT]
The connect mode of operation
permits establishing VNC connections to remote systems. By
default, we will use port 5500 as this is typical for VNC
viewers operating in listen
mode. The minimum value permitted is 1. The maximum value permitted is 65535.
-u TEXT] | [--user TEXT]
This option allows one to administer VNC sessions
for other users on the system. If not specified, it defaults to
the special value SELF indicating that you
are administering your own session. In order to use this option,
you must be running nstvncadmin as
root.
-p TEXT] | [--passwd TEXT]
Before a VNC server can be
started, the user must exist on the system and a password file
for the VNC server must exist
at $HOME/.vnc/passwd. If either of these
conditions are not met, a VNC server can not
normally be started. If you specify this option, the
nstvncadmin script will attempt to add the
new user to the system (if necessary), and then create the
appropriate $HOME/.vnc/passwd
file. Note 1:
The vncpasswd-stdin program is required to be
installed on the system (which can be found in
the NST distribution) for password
creation. Note 2: If a new user is created
on the system, both their normal login password and VNC server
passwords will be identical. Note 3: If
this command line option is not used and a
new VNC user is created, the script will
prompt for a new password.
--passwd-reset [true]|false]
Use this command line switch
to reset (change) an
existing user's VNC password. The
"--passwd TEXT" parameter may also be
specified containing the new password with this command line
option. If it is not specfied, the script will prompt for a
new password. Note 1:
Only the user's VNC password is reset and not
the user's login password. Note 2: It is
not necessary to use this command line switch when creating
a new VNC
user.
--rhost HOSTNAME|IPv4ADDR]
Include this option to invoke your command on a
remote system instead of the one you are currently logged
into. When this option is set to something other than
OMITTED (the default), we will attempt to run
nstvncadmin on the host specified via
ssh. This allows one to manage many different
systems remotely. This option is required for the
tunnel and install modes
of operation.
--rport PORT]
This option is only used when the --rhost
HOST option has been specified. It allows one to
specify a different port for the ssh
command. Typically this option is omitted as the default value
of 22 is correct. The minimum value permitted is 1. The maximum value permitted is 65535.
--ruser TEXT]
When running the nstvncadmin
command to operate on a remote host, you can use this option to
specify the user ID to use on the remote system if necessary. If
you omit this option, it defaults to DEFAULT,
which tells us to run as your current user ID unless you are
attempting something that involve root access
(in which case we will automatically switch to
root).
--rshared [true]|false]
By default, any ssh connections
set up in tunnel mode are only available to
the local host. If you want to share the tunneled connections
with others systems on your LAN, include this argument on the
command line.
--nmap [true]|false]
Some operations (like --mode
connect) involve establishing a TCP
connection to a port. If the port being connected to is
protected by a firewall, it may take the VNC
application a long time to time out. If the
--nmap option is specified, a quick
nmap scan will be made to quickly verify that
a TCP port is open and accepting
connections. NOTE: The use of this option may trigger a error
message on the remote end of the connection.
--rpath TEXT]
The nstvncadmin script allows one to invoke commands on remote systems via the magic of ssh. This option allows one to specify additional directories on the remote system to search for commands. Typically you never need to specify this option as the default values work for normal installations. However, if you've installed the nstvncadmin in a non-standard directory on the remote system, you may need to use this option to specify the directory to search for on the remote system.
--desktopmgr TEXT]
This option allows one to select an available
X Window Desktop Manager from the configured
values located in directory:
"/usr/share/xsessions". Typically, either
the "Fluxbox" or
the "Gnome" Desktop Manager
are available, but others may be configured. If this option is
omitted, then the last X Window
Desktop Manager chosen for this VNC
User will be selected. Initially,
the Fluxbox Desktop
Manager is defined as
the default X Window Desktop
Manager for a new VNC User. Enter
a Desktop Manager name corresponding to the
"Name=" entry for a configured desktop. Names
are case insensitive: (i.e., one could enter either
"fluxbox" or "Fluxbox"
-or- "GNOME" or
"gnome").
--xhost TEXT]
Use this option to add one or more
'xhost' entries into in the xstartupapps
file for the names of hosts or users allowed/disallowed to
make connections to the VNC X server. To
allow all X Window
Clients to make connections, use the
'--xhost +' option. See
the xhost manual page for more
information. The nstvncadmin script
supports multiple xhost entries by
specifying them within double quotes and space delimited
(e.g., --xhost "+10.222.222.10 +10.222.222.11
-") An 'xhost' entry will only be
added to the VNC user's xstartupapps
file: $HOME/.vnc/xstartupapps if it does
not already exist.
--clipboard [true]|false]
Use this option to enable clipboard support (copy
and paste) transfer to and from a connected VNC viewer. This is
done by adding the 'vncconfig -nowin'
command entry (i.e., enable copy and paste support) to
the VNC user's xstartupapps
file: $HOME/.vnc/xstartupapps if it does
not already exist.
--customxstartupapps FILENAME]
Use this option to select an alternate path file name of a
file containing a list of X Window
Applications to be started up after
the VNC session has been
created. The nstvncadmin script by
default will look in the VNC user's
file: $HOME/.vnc/xstartupapps for a list
of X Window Applications to start. Make
sure that each application is terminated with
an & (ampersand) character.
--loglevel INTEGER]
Use this option to control the log verbosity level
output from the Xvnc server. The range is
between 0 and 100 with 100 meaning the most verbose
output. Typically, all log output from the
Xvnc server is directed toward the user's
log file:
~/.vnc/HOSTNAME:DISPNUM.log. The minimum value permitted is 0. The maximum value permitted is 100.
--listentcp [true]|false]
This option is used to enable the
TCP/IP transport associated with the
Xvnc - X Window Server. If enabled,
Xvnc will bind a TCP/IP
port (Port: 6000 + DISPNUM) to its process, thus allowing a
TCP/IP connection to be established. For example,
one would be able to render the
display of an X Application to this
Xvnc - X Window Server. If this option is not
used and implicit "--nolisten tcp" will be
passed to the Xvnc - X Window
Server.
--su [true]|false]
This option is used primarily used for the
NST WUI so that the user's VNC desktop will
not be destroyed when reloading the Apache Web
Server.
--lightdm-cfg-mode TEXT]
Selective 'lightdm'
configuration scenarios are available using this script. Use
this option when the "--mode lightdmcfg" mode
is specified to identify the configuration. Use configuration
mode: 'listentcp' to allow
'lightdm' to enable X-Windows
TCP/IP access to the desktop. Use mode:
'nolistentcp' to allow
'lightdm' to disable X-Windows
TCP/IP access to the desktop. Use mode:
'enablevnc' to allow
'lightdm' to enable VNC
access to an NST desktop session using port:
'5901'. Use mode:
'disablevnc' to allow
'lightdm' to disable VNC
access to an NST desktop session. Finally,
use mode: 'status' to display the current
'lightdm' configuration settings for both
X-Windows TCP/IP and VNC
desktop access.
-h [true]|false] | [--help [true]|false]
When this option is specified, nstvncadmin will display a short one line description of nstvncadmin, followed by a short description of each of the supported command line options. After displaying this information nstvncadmin will terminate.
-H [true]|false] | [--help-long [true]|false]
This option will attempt to pull up additional
nstvncadmin documentation within a text based
web browser. You can force which browser we use setting the
environment variable TEXTBROWSER, otherwise,
we will search for some common ones.
-v [true]|false] | [--verbose [true]|false]
When you set this option to true, nstvncadmin will produce additional output. This is typically used for diagnostic purposes to help track down when things go wrong.
--version [true]|false]
If this option is specified, the version number of the script is displayed.
/usr/bin/vncpasswd-stdinProgram used to generate a VNC desktop password (if one doesn't yet exist).
$HOME/.vnc/xstartupThe file for each VNC user containing the X Window Desktop Manager that will be used for the VNC session.
$HOME/.vnc/xstartupappsThe default file for each VNC user containing X Window Applications that are started up after the VNC session has been created.
TEXTBROWSERThis controls what text based browser is used to display help information about the script. If not set, we will search your system for available text-based browsers (Ex: elinks, lynx ...).
ssh(1), ssh-add(1), ssh-agent(1), vncserver(1), vncviewer(1), Xvnc(1), Network Security Toolkit