Fedora -- VNC installed to run all the time

November 3, 2020

Fedora 32 -- set up VNC to run all the time

NOTE This seemed to work at first, but there are several problems. The VNC session does not get the home diretory set properly (it ends up with "/"). Also with VNC enabled for a user, it is impossible for that user to login at at the console. I have more about this elsewhere.

First, install the vnc packages.

su
dnf -y install tigervnc tigervnc-server
firewall-cmd --add-service=vnc-server --permanent
firewall-cmd --reload

I am getting a lot of information from this pages, but it is out of date. Fedora has changed everything. The first link explains this (sort of), but I did not discover it until very late in the game.

Next I setup a user:

su
useradd -m pilot
passwd pilot
su - pilot
vncpasswd

I login as "pilot" and type "vncserver" -- lo and behold the command does not exist! Apparently you no longer launch it via vncserver, but use some systemd magic to do this, which may be what I want anyway. The vncserver command is hidden away in /usr/libexec/vncserver but you probably don't want to actually run that. So, I do this as instructed:

cp /lib/systemd/system/vncserver@.service /etc/systemd/system/vncserver@.service

Even the instructions in the Fedora document are out of date, the header of the above service file gives some tips:

1. Add a user mapping to /etc/tigervnc/vncserver.users.
2. Adjust the global or user configuration. See the
   vncsession(8) manpage for details. (OPTIONAL)
3. Run `systemctl enable vncserver@:.service`
4. Run `systemctl start vncserver@:.service`

I add the line ":1=pilot" to the vncserver.users file, skip (2) for now since they say it is optional, then:

systemctl enable vncserver@:1.service
systemctl start vncserver@:1.service

These seem to work without giving any error messages.

Set up a second service for a second user

Add another line to the vncserver.users file so it looks like this:

:1=marvin
:2=tom

Then start the server (which will run on port 5902) as follows:

systemctl enable vncserver@:2.service
systemctl start vncserver@:2.service

And it is just that simple.

Try it out

On another linux system, I type

vncviewer beef:1

And it works! I have a session logged in as user pilot (although I am a different user on the originating system). This looks OK, though it would be great if it was properly documented.

The default session gives me a 1024 by 768 desktop. Now how do I make it bigger? One way is to use /home/pilot/.vnc/config, but another is to edit settings in /etc/tigervnc/vncserver-config-defaults. I select the latter, and set:

geometry=1600x1200

A wrinkle

If I actually log out of the session, the server dies and must be restarted. I did actually have to log out and restart the server to get the new geometry.
So I added these two lines to the Service section of the service file.

Restart=on-failure
RestartSec=5s

And I did this after editing the file:

systemctl daemon-reload

This has not yet done it, as I see:

systemctl status vncserver@:1.service
Active: inactive (dead) since Tue 2020-11-03 17:42:10 MST; 3s ago

OK!! The following works, put this in the Service section:

Restart=always
RestartSec=5s

Another wrinkle

The vnc session comes up with "/" as the current directory rather than /home/pilot! This is simply inconvenient and typing "cd" in any window rectifies the problem, but it would be nice to fix this.

Actually this problem went away after starting and stopping VNC the first time, so never mind all of this.

The systemd "unit file" (there, I used the right jargon!) calls /usr/libexec/vncsession-start %i, passing the display number. This is a bash script, which gave me hope, but all it does is to use the /etc/systemd/system/vncserver@.service file to map the display number to the user name, which it then passes to:

exec "/usr/sbin/vncsession" "${USER}" "${DISPLAY}"

This is an elf executable, and gets launched running as root.

It is worth noting that /home/pilot/.vnc contains the passwd file as well as "pork:1.log", which is full of stuff, so in some way the vncsession program knows about /home/pilot.

Windows clients

My experts recommend either TigerVNC or RealVNC. TightVNC is also generally recommended.

RealVNC download link

Have any comments? Questions? Drop me a line!

Adventures in Computing / tom@mmto.org