Configuring TigerVNC on CentOS 8
by cristi92b from LinuxQuestions.org on (#5ETQ8)
I am trying to configure TigerVNC server on CentOS 8 but when I try to start the server using systemctl it stops right after startup.
Please find below the steps that I did:
1) I installed tigervnc-server package:
Code:# dnf install tigervnc-server2) I edited the tigervnc-server config file adding my user:
Code:# nano /etc/tigervnc/vncserver.usersCode:# cat /etc/tigervnc/vncserver.users
# TigerVNC User assignment
#
# This file assigns users to specific VNC display numbers.
# The syntax is <display>=<username>. E.g.:
#
# :2=andrew
# :3=lisa
:2=cristianThe user that I added is in the sudoers (wheel) group:
Code:# cat /etc/group
root:x:0:
bin:x:1:
daemon:x:2:
sys:x:3:
adm:x:4:
tty:x:5:
disk:x:6:
lp:x:7:
mem:x:8:
kmem:x:9:
wheel:x:10:cristian
cdrom:x:11:
mail:x:12:
man:x:15:
dialout:x:18:
floppy:x:19:
games:x:20:
tape:x:33:
video:x:39:
ftp:x:50:
lock:x:54:
audio:x:63:
users:x:100:
nobody:x:65534:
dbus:x:81:
utmp:x:22:
utempter:x:35:
input:x:999:
kvm:x:36:qemu
render:x:998:
systemd-journal:x:190:
systemd-coredump:x:997:
systemd-resolve:x:193:
tss:x:59:
polkitd:x:996:
geoclue:x:995:
ssh_keys:x:994:
printadmin:x:993:
gluster:x:992:
rtkit:x:172:
pipewire:x:991:
pulse-access:x:990:
pulse-rt:x:989:
pulse:x:171:
libstoragemgmt:x:988:
qemu:x:107:
usbmuxd:x:113:
unbound:x:987:
rpc:x:32:
chrony:x:986:
avahi:x:70:
brlapi:x:985:
setroubleshoot:x:984:
saslauth:x:76:
cgred:x:983:
dnsmasq:x:982:
radvd:x:75:
sssd:x:981:
libvirt:x:980:
cockpit-ws:x:979:
cockpit-wsinstance:x:978:
flatpak:x:977:
colord:x:976:
rpcuser:x:29:
abrt:x:173:
gdm:x:42:
clevis:x:975:
gnome-initial-setup:x:974:
sshd:x:74:
slocate:x:21:
dip:x:40:
rngd:x:973:
tcpdump:x:72:
cristian:x:1000:3) I edited the default config file specifying the session type:
Code:# nano /etc/tigervnc/vncserver-config-defaultsCode:# cat /etc/tigervnc/vncserver-config-defaults
## Default settings for VNC servers started by the vncserver service
#
# Any settings given here will override the builtin defaults, but can
# also be overriden by ~/.vnc/config and vncserver-config-mandatory.
#
# See the following manpages for more details: vncserver(1) Xvnc(1)
#
# Several common settings are shown below. Uncomment and modify to your
# liking.
# securitytypes=vncauth,tlsvnc
# desktop=sandbox
# geometry=2000x1200
# localhost
# alwaysshared
session=gnome4) I set a VNC password for the user that I created:
Code:# su cristian
$ vncpasswd5) I enabled and started the service:
Code:# systemctl enable --now vncserver@:2But the service is inactive:
Code:# systemctl status vncserver@:2
vncserver@:2.service - Remote desktop service (VNC)
Loaded: loaded (/usr/lib/systemd/system/vncserver@.service; enabled; vendor preset: disabled)
Active: inactive (dead) since Tue 2021-03-02 01:53:47 PST; 2min 15s ago
Process: 38978 ExecStart=/usr/libexec/vncsession-start :2 (code=exited, status=0/SUCCESS)
Main PID: 38984 (code=exited, status=0/SUCCESS)
Mar 02 01:53:45 localhost.localdomain systemd[1]: Starting Remote desktop service (VNC)...
Mar 02 01:53:45 localhost.localdomain systemd[1]: Started Remote desktop service (VNC).
Mar 02 01:53:47 localhost.localdomain systemd[1]: vncserver@:2.service: Succeeded.I followed the steps here (the 5 steps above are the same steps): https://serverspace.us/support/help/...r-on-centos-8/
Should I create a config file for my service in /etc/systemd/system ?
If yes, then is this the correct template file: ?
Code:# cat /lib/systemd/system/vncserver@.service
# The vncserver service unit file
#
# Quick HowTo:
# 1. Add a user mapping to /etc/tigervnc/vncserver.users.
# 2. Adjust the global or user configuration. See the
# vncsession(8) manpage for details. (OPTIONAL)
# 3. Run `systemctl enable vncserver@:<display>.service`
# 4. Run `systemctl start vncserver@:<display>.service`
#
# DO NOT RUN THIS SERVICE if your local area network is
# untrusted! For a secure way of using VNC, you should
# limit connections to the local host and then tunnel from
# the machine you want to view VNC on (host A) to the machine
# whose VNC output you want to view (host B)
#
# [user@hostA ~]$ ssh -v -C -L 590N:localhost:590M hostB
#
# this will open a connection on port 590N of your hostA to hostB's port 590M
# (in fact, it ssh-connects to hostB and then connects to localhost (on hostB).
# See the ssh man page for details on port forwarding)
#
# You can then point a VNC client on hostA at vncdisplay N of localhost and with
# the help of ssh, you end up seeing what hostB makes available on port 590M
#
# Use "nolisten=tcp" to prevent X connections to your VNC server via TCP.
#
# Use "localhost" to prevent remote VNC clients connecting except when
# doing so through a secure tunnel. See the "-via" option in the
# `man vncviewer' manual page.
[Unit]
Description=Remote desktop service (VNC)
After=syslog.target network.target
[Service]
Type=forking
ExecStart=/usr/libexec/vncsession-start %i
PIDFile=/var/run/vncsession-%i.pid
SELinuxContext=system_u:system_r:vnc_session_t:s0
[Install]
WantedBy=multi-user.target
Please find below the steps that I did:
1) I installed tigervnc-server package:
Code:# dnf install tigervnc-server2) I edited the tigervnc-server config file adding my user:
Code:# nano /etc/tigervnc/vncserver.usersCode:# cat /etc/tigervnc/vncserver.users
# TigerVNC User assignment
#
# This file assigns users to specific VNC display numbers.
# The syntax is <display>=<username>. E.g.:
#
# :2=andrew
# :3=lisa
:2=cristianThe user that I added is in the sudoers (wheel) group:
Code:# cat /etc/group
root:x:0:
bin:x:1:
daemon:x:2:
sys:x:3:
adm:x:4:
tty:x:5:
disk:x:6:
lp:x:7:
mem:x:8:
kmem:x:9:
wheel:x:10:cristian
cdrom:x:11:
mail:x:12:
man:x:15:
dialout:x:18:
floppy:x:19:
games:x:20:
tape:x:33:
video:x:39:
ftp:x:50:
lock:x:54:
audio:x:63:
users:x:100:
nobody:x:65534:
dbus:x:81:
utmp:x:22:
utempter:x:35:
input:x:999:
kvm:x:36:qemu
render:x:998:
systemd-journal:x:190:
systemd-coredump:x:997:
systemd-resolve:x:193:
tss:x:59:
polkitd:x:996:
geoclue:x:995:
ssh_keys:x:994:
printadmin:x:993:
gluster:x:992:
rtkit:x:172:
pipewire:x:991:
pulse-access:x:990:
pulse-rt:x:989:
pulse:x:171:
libstoragemgmt:x:988:
qemu:x:107:
usbmuxd:x:113:
unbound:x:987:
rpc:x:32:
chrony:x:986:
avahi:x:70:
brlapi:x:985:
setroubleshoot:x:984:
saslauth:x:76:
cgred:x:983:
dnsmasq:x:982:
radvd:x:75:
sssd:x:981:
libvirt:x:980:
cockpit-ws:x:979:
cockpit-wsinstance:x:978:
flatpak:x:977:
colord:x:976:
rpcuser:x:29:
abrt:x:173:
gdm:x:42:
clevis:x:975:
gnome-initial-setup:x:974:
sshd:x:74:
slocate:x:21:
dip:x:40:
rngd:x:973:
tcpdump:x:72:
cristian:x:1000:3) I edited the default config file specifying the session type:
Code:# nano /etc/tigervnc/vncserver-config-defaultsCode:# cat /etc/tigervnc/vncserver-config-defaults
## Default settings for VNC servers started by the vncserver service
#
# Any settings given here will override the builtin defaults, but can
# also be overriden by ~/.vnc/config and vncserver-config-mandatory.
#
# See the following manpages for more details: vncserver(1) Xvnc(1)
#
# Several common settings are shown below. Uncomment and modify to your
# liking.
# securitytypes=vncauth,tlsvnc
# desktop=sandbox
# geometry=2000x1200
# localhost
# alwaysshared
session=gnome4) I set a VNC password for the user that I created:
Code:# su cristian
$ vncpasswd5) I enabled and started the service:
Code:# systemctl enable --now vncserver@:2But the service is inactive:
Code:# systemctl status vncserver@:2
vncserver@:2.service - Remote desktop service (VNC)
Loaded: loaded (/usr/lib/systemd/system/vncserver@.service; enabled; vendor preset: disabled)
Active: inactive (dead) since Tue 2021-03-02 01:53:47 PST; 2min 15s ago
Process: 38978 ExecStart=/usr/libexec/vncsession-start :2 (code=exited, status=0/SUCCESS)
Main PID: 38984 (code=exited, status=0/SUCCESS)
Mar 02 01:53:45 localhost.localdomain systemd[1]: Starting Remote desktop service (VNC)...
Mar 02 01:53:45 localhost.localdomain systemd[1]: Started Remote desktop service (VNC).
Mar 02 01:53:47 localhost.localdomain systemd[1]: vncserver@:2.service: Succeeded.I followed the steps here (the 5 steps above are the same steps): https://serverspace.us/support/help/...r-on-centos-8/
Should I create a config file for my service in /etc/systemd/system ?
If yes, then is this the correct template file: ?
Code:# cat /lib/systemd/system/vncserver@.service
# The vncserver service unit file
#
# Quick HowTo:
# 1. Add a user mapping to /etc/tigervnc/vncserver.users.
# 2. Adjust the global or user configuration. See the
# vncsession(8) manpage for details. (OPTIONAL)
# 3. Run `systemctl enable vncserver@:<display>.service`
# 4. Run `systemctl start vncserver@:<display>.service`
#
# DO NOT RUN THIS SERVICE if your local area network is
# untrusted! For a secure way of using VNC, you should
# limit connections to the local host and then tunnel from
# the machine you want to view VNC on (host A) to the machine
# whose VNC output you want to view (host B)
#
# [user@hostA ~]$ ssh -v -C -L 590N:localhost:590M hostB
#
# this will open a connection on port 590N of your hostA to hostB's port 590M
# (in fact, it ssh-connects to hostB and then connects to localhost (on hostB).
# See the ssh man page for details on port forwarding)
#
# You can then point a VNC client on hostA at vncdisplay N of localhost and with
# the help of ssh, you end up seeing what hostB makes available on port 590M
#
# Use "nolisten=tcp" to prevent X connections to your VNC server via TCP.
#
# Use "localhost" to prevent remote VNC clients connecting except when
# doing so through a secure tunnel. See the "-via" option in the
# `man vncviewer' manual page.
[Unit]
Description=Remote desktop service (VNC)
After=syslog.target network.target
[Service]
Type=forking
ExecStart=/usr/libexec/vncsession-start %i
PIDFile=/var/run/vncsession-%i.pid
SELinuxContext=system_u:system_r:vnc_session_t:s0
[Install]
WantedBy=multi-user.target