On Feb 25, 2024, at 02:23, Samuel Sieb <sam...@sieb.net> wrote: > > On 2/24/24 23:17, francis.montag...@inria.fr wrote: >>> It does have something to do with running from systemd, but I have no >>> idea what it is. >> Not sure at all of that. It seems to be instead an compatibility between >> vncsession and startxfce4. > > It's directly related to running from systemd while the user is already > logged in. If the user isn't logged in, it works fine from systemd. If the > user is logged in and you start it from the command line, it also works. So > it's only the combination. I did run a strace, but it's not clear what's > going on. It almost seems like it's something to do with the ssh agent, but > I wasn't motivated enough to really follow it.
I wish I had access to my internal git account I have at work, but I discovered that both OpenSSH and Xvnc support using UNIX sockets instead of listening on a port. What this means is that you can have your systemd service (I ran as a user, enabling linger) uses a socket file (I used one in XDG_RUNTIME_DIR because it’s private) when launching Xvnc by specifying `−rfbunixpath path` in the parameters to Xvnc. I think this is only available in somewhat recent TigerVNC, so it doesn’t work in Centos 7. What this means is there’s no TCP port listening for Xvnc, just a UNIX socket file. So two people or a local and remote session can’t have sessions interfering with each other. I played with using systemd socket activation too but that’s too complicated for this post. Then, for remote connections, I would forward the UNIX socket with SSH. If you are using a VNC client that doesn’t support UNIX sockets, you can tell OpenSSH to forward a remote socket to a local TCP socket, but you can also forward a remote to local socket to use with tigervnc’s client in Fedora. The great thing about it is that there’s never a listening tcp port on either side of the connection except ssh. When it’s set up, it’s just like having a remote VNC session with the upstream systemd units, but it doesn’t need a listening TCP port assigned to each user. Honestly, I kinda wish the TigerVNC project would just adopt this for their provided units. Maybe they can’t because Windows can’t use UNIX sockets? I wonder if the Windows 10 OpenSSH can forward sockets to a local tcp socket? (I’m not a windows user) -- Jonathan Billings
-- _______________________________________________ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
