Re: [rhel6-branch] VNC does not support runtime SecurityTypes changes (#670832)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




--

  Martin Gracik

----- Original Message -----
> Comments below.
> 
> On Mon, 24 Jan 2011, Martin Gracik wrote:
> 
> > New XVNC does not support changing of SecurityTypes when
> > it is already running with vncconfig. So we have to solve
> > all the password stuff first, and then run the XVNC with
> > either None or VncAuth.
> > ---
> > vnc.py | 60
> > ++++++++++++++++++++++++------------------------------------
> > 1 files changed, 24 insertions(+), 36 deletions(-)
> >
> > diff --git a/vnc.py b/vnc.py
> > index 6f9f4d3..f2034a8 100644
> > --- a/vnc.py
> > +++ b/vnc.py
> > @@ -76,23 +76,18 @@ class VncServer:
> >             self.password=""
> >
> >     def setVNCPassword(self):
> > - """Change the vnc server password. Output to file. """
> > -
> > - if len(self.password) == 0:
> > - self.setVNCParam("SecurityTypes", "None")
> > - self.setVNCParam("rfbauth","0")
> > - return
> > -
> > - # If there is a password the SecurityTypes = VncAuth for all
> > connections.
> > - self.setVNCParam("SecurityTypes", "VncAuth")
> > - self.setVNCParam("rfbauth",self.pw_file)
> > + """Set the vnc server password. Output to file. """
> >
> >         # password input combination.
> > - pwinput = "%s\n%s\n" % (self.password, self.password)
> > - vnccommand = [self.root+"/usr/bin/vncpasswd", self.pw_file]
> > - vncpswdo = subprocess.Popen(vnccommand, stdin=subprocess.PIPE,
> > stdout=subprocess.PIPE)# We pipe the output
> > - # so the user does not see it.
> > + pwinput = "%s\n" % self.password
> > + pwoutput = open(self.pw_file, "w")
> > +
> > + # the -f option makes sure vncpasswd does not ask for the password
> > again
> > + vnccommand = [self.root+"/usr/bin/vncpasswd", "-f"]
> > + vncpswdo = subprocess.Popen(vnccommand, stdin=subprocess.PIPE,
> > stdout=pwoutput)
> >         (out, err) = vncpswdo.communicate(input=pwinput)
> > + pwoutput.close()
> > +
> 
> Can we not use iutil.execWithCapture() here? Also, you should just be
> able to run "vncpasswd" and not have to specify the whole path.

Didn't you mean execWithRedirect? We want the output in a file,
which is then supplied to Xvnc. But with execWithRedirect,
I would have to write the input to a file too, here I can just
pass the password string to the communicate method.

You're right about the path though, I will change that.

> 
> >         return vncpswdo.returncode
> >
> >     def initialize(self):
> > @@ -147,16 +142,6 @@ class VncServer:
> >                            % {'productName': product.productName,
> >                               'productVersion':
> >                               product.productVersion}
> >
> > - def setVNCParam(self, param, value):
> > - """Set a parameter in the Xvnc server.
> > -
> > - Possible values for param and value. param=(values)
> > - SecurityTypes=(VncAuth,None)
> > - """
> > - vncconfigcommand = [self.root+"/usr/bin/vncconfig", "-display",
> > ":%s"%self.display , "-set" , "%s=%s" %(param, value)]
> > - vncconfo = subprocess.Popen(vncconfigcommand)# we dont want output
> > - return vncconfo.returncode
> > -
> >     def openlogfile(self):
> >         try:
> >             err = os.open(self.log_file, os.O_RDWR | os.O_CREAT)
> > @@ -216,13 +201,25 @@ class VncServer:
> >         # Lets call it from here for now.
> >         self.initialize()
> >
> > - # Lets start the xvnc regardless of vncconnecthost and password.
> > - # We can change the configuration on the fly later.
> > + if self.password and len(self.password) < 6:
> > + self.changeVNCPasswdWindow()
> > +
> > + if not self.password:
> > + SecurityTypes = "None"
> > + rfbauth = "0"
> > + else:
> > + SecurityTypes = "VncAuth"
> > + rfbauth = self.pw_file
> > + # Create the password file.
> > + rc = self.setVNCPassword()
> > +
> > + # Lets start the xvnc.
> >         xvnccommand = [ self.root + "/usr/bin/Xvnc", ":%s" %
> >         self.display, "-nevershared",
> 
> Also with the full path, we should just be able to exec "Xvnc".
> 
> >                         "-depth", "16", "-geometry", "800x600",
> >                         "-br",
> >                         "IdleTimeout=0", "-auth", "/dev/null",
> >                         "-once",
> >                         "DisconnectClients=false", "desktop=%s" %
> >                         (self.desktop,),
> > - "SecurityTypes=None"]
> > + "SecurityTypes=%s" % SecurityTypes, "rfbauth=%s" % rfbauth ]
> > +
> >         try:
> >             xvncp = subprocess.Popen(xvnccommand,
> >             stdout=self.openlogfile(), stderr=subprocess.STDOUT)
> >         except:
> > @@ -238,15 +235,6 @@ class VncServer:
> >         else:
> >             self.log.info(_("The VNC server is now running."))
> >
> > - # Lets look at the password stuff
> > - if self.password == "":
> > - pass
> > - elif len(self.password) < 6:
> > - self.changeVNCPasswdWindow()
> > -
> > - # Create the password file.
> > - self.setVNCPassword()
> > -
> >         # Lets tell the user what we are going to do.
> >         if self.vncconnecthost != "":
> >             self.log.warning(_("\n\nYou chose to connect to a
> >             listening vncviewer. \n"
> >
> 
> --
> David Cantrell <dcantrell@xxxxxxxxxx>
> Supervisor, Installer Engineering Team
> Red Hat, Inc. | Honolulu, HI | UTC-10
> 
> _______________________________________________
> Anaconda-devel-list mailing list
> Anaconda-devel-list@xxxxxxxxxx
> https://www.redhat.com/mailman/listinfo/anaconda-devel-list

_______________________________________________
Anaconda-devel-list mailing list
Anaconda-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/anaconda-devel-list


[Index of Archives]     [Kickstart]     [Fedora Users]     [Fedora Legacy List]     [Fedora Maintainers]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]
  Powered by Linux