Hardening VNC for unexpected reboots

The fun thing with Linux is making sure all your apps and network access are restored should the server reboot unexpectedly, or if the power went out and your system is set to reboot automatically in those cases.

I got very few hits through a Google search, but still got the info I was looking for here: JustLinux Forums – VNC set up

Run VNC as a service

To run VNC as a service in RedHat that starts before you log in, use the Service Configuration program from the GUI and check VNC to start at boot up.

Then, edit /etc/sysconfig/vncservers to reflect what vncserver you want to start. The remarks in the file provide plenty of instructions. There’s not much to configuring it. You basically enter a username and display number for the session.

After you edit the vncservers file, you should then start a vncserver session when logged in as the user listed in the vncservers file so that the password will be set.

When the Linux server boots up, a vncserver session will be started under the user name and display specified in vncservers. Whatever password is set for that user is what will be required for users that try to access that session.

As a result of this, you can restart your server from a VNC session remotely. The vncserver session will restart when the server reboots. There is a problem with this however.

The problem is that when the server shuts down without you killing the vncserver session manually, a file is left in /tmp called /tmp/.X11-unix/X# (the display number). When you reboot the server, the vncserver won’t restart because this file exists. Therefore, before you try to reboot the server remotely, delete this file from /tmp. An example command would be rm /tmp/.X11-unix/X1 . Then the vncserver will start properly when the server reboots.

You can delete this file automatically when the server reboots or shuts down by editing the files /etc/rc6.d/S01reboot and /etc/rc0.d/S01halt. Add the line rm –f /tmp/.X11-unix/* somewhere in these files before the partitions are unmounted. This will erase the tmp files if you shut down or reboot the server. Vncserver will then start OK when the server boots up.

If you don’t set up the files to automatically delete these tmp files during a shut down or reboot, remember to kill your vncserver sessions before you reboot or shutdown.

Laissez un commentaire