On Feb 25, 2024, at 02:23, Samuel Sieb <samuel@xxxxxxxx> wrote:
What this means is that you can have your systemd service (I ran as a user, enabling linger) uses a socket file (I used one in XDG_RUNTIME_DIR because it’s private) when launching Xvnc by specifying `−rfbunixpath path` in the parameters to Xvnc. I think this is only available in somewhat recent TigerVNC, so it doesn’t work in Centos 7. What this means is there’s no TCP port listening for Xvnc, just a UNIX socket file. So two people or a local and remote session can’t have sessions interfering with each other. I played with using systemd socket activation too but that’s too complicated for this post. Then, for remote connections, I would forward the UNIX socket with SSH. If you are using a VNC client that doesn’t support UNIX sockets, you can tell OpenSSH to forward a remote socket to a local TCP socket, but you can also forward a remote to local socket to use with tigervnc’s client in Fedora. The great thing about it is that there’s never a listening tcp port on either side of the connection except ssh. When it’s set up, it’s just like having a remote VNC session with the upstream systemd units, but it doesn’t need a listening TCP port assigned to each user. Honestly, I kinda wish the TigerVNC project would just adopt this for their provided units. Maybe they can’t because Windows can’t use UNIX sockets? I wonder if the Windows 10 OpenSSH can forward sockets to a local tcp socket? (I’m not a windows user) -- Jonathan Billings |
-- _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
