x11vnc on Ubuntu 10.04

I wanted to create a virtual machine, serving as a kind of "Terminal server" for Linux. By the way: NeatX was not an option here, i would have preferred it. After several tests, trying to implement a stable x11vnc installation on Ubuntu 10.04, the installation was redone completely on a fresh virtual machine, using Ubuntu server instead of workstation. By default, Ubuntu Desktop installs too many unneeded packages by default, the server gives a more slim approach. This description gives a stable, secure multi user access via VNC.

• in my setup, x11vnc did not work with gnome (sporadic blank screens, sometimes worked, sometimes not, bunches of zombies)
• in my setup, x11vnc does not work with gdm (no display at all)
• For full functionality, we need the latest version of x11vnc, which needs to be compiled from source
• Several configurations and workarrounds jielded unstable access
• Use of xfce4 gave first success, no messing arround with gnome here...

• Install Ubuntu 10.04 server: English language, german keyboard
• Disk: Guided - Use entire disk (not LVM)
• During choose software:
  • OpenSSH server
• Install grub to MBR
• Reboot

apt-get update
apt-get install firefox xfce4 xdm mc
apt-get install xserver-xorg-video-dummy

• edit /etc/X11/xdm/xdm-config: comment the last line

! SECURITY: do not listen for XDMCP or Chooser requests
! Comment out this line if you want to manage X terminals with xdm
! DisplayManager.requestPort:   0

• edit /etc/X11/xdm/Xaccess: Uncomment the following line so all hosts get access:

*                                       #any host can get a login window

• restart xdm:

/etc/init.d/xdm restart

• Now xdmcp chooser is allready running, do a test from a second computer running XWindows (install Xnest if not present):

Xnest :1 -query <IP of server>

We need to compile at least x11vnc 0.9.12.

• Install dependencies, see http://www.karlrunge.com/x11vnc/#building for details

apt-get install build-essential libc6-dev libjpeg-dev libx11-dev x11proto-core-dev libxext-dev libxtst-dev libxdamage-dev libxfixes-dev libxrandr-dev \
libxinerama-dev libxss-dev zlib1g-dev  libssl-dev  libavahi-client-dev  linux-libc-dev

• Check additional dependencies from the x11vnc from Ubuntu: Pretend to install, abort, and install the dependencies only (evil, eh?)

root@server:~# apt-get install x11vnc
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following extra packages will be installed:
  libvncserver0 tcl tcl8.4 tk tk8.4
Suggested packages:
  libvncserver0-dbg tclreadline
The following NEW packages will be installed:
  libvncserver0 tcl tcl8.4 tk tk8.4 x11vnc
0 upgraded, 6 newly installed, 0 to remove and 55 not upgraded.
Need to get 3,874kB of archives.
After this operation, 9,269kB of additional disk space will be used.
Do you want to continue [Y/n]? n
Abort.
root@server:~# apt-get install libvncserver0 tcl tcl8.4 tk tk8.4

• Download x11vnc

wget "http://downloads.sourceforge.net/project/libvncserver/x11vnc/0.9.12/x11vnc-0.9.12.tar.gz?r=http%3A%2F%2Fsourceforge.net%2Fprojects%2Flibvncserver%2Ffiles%2Fx11vnc%2F0.9.12%2F&ts=1291311297&use_mirror=netcologne"

• Build and install

root@server:~# tar xvzf x11vnc-0.9.12.tar.gz
root@server:~# cd x11vnc-0.9.12
root@server:~/x11vnc-0.9.12# ./configure
...
root@server:~/x11vnc-0.9.12# make
...
root@server:~/x11vnc-0.9.12# make install
...

• create file /usr/local/bin/x11vnc_sh

#!/bin/sh

FIND_DISPLAY_NO_VT_FIND=1
export FIND_DISPLAY_NO_VT_FIND

# Set the following parameter, so no present sessions
# are searched for, instead, allways a new session is
# opened. This gives the possibility of multiple logons
# per user.
export X11VNC_FINDDISPLAY_ALWAYS_FAILS=1

FD_XDM=1
export FD_XDM

FD_XDMCP_IF=127.0.0.1
export FD_XDMCP_IF

FD_USERPREFS=x11vnc_create
export FD_USERPREFS

UNIXPW_DISABLE_LOCALHOST=1
export UNIXPW_DISABLE_LOCALHOST

UNIXPW_DISABLE_SSL=1
export UNIXPW_DISABLE_SSL

X11VNC_CREATE_GEOM=1248x900
export X11VNC_CREATE_GEOM

# CREATE_DISPLAY_OUTPUT=/tmp/mydebug.txt
# export CREATE_DISPLAY_OUTPUT

/usr/local/bin/x11vnc -inetd -ncache 0 -unixpw -users unixpw= -display WAIT:cmd=FINDCREATEDISPLAY-Xdummy.xdmcp -o /var/log/x11vnc.log -sloppy_keys \
-solid "#76848F" -nowireframe -clear_keys -skip_lockkeys -noxdamage

# above config, together with -unixpw_system_greeter, gives the option to press
# escape and get a system greeter. Not neccessary because the X login window is displayed anyway
# /usr/local/bin/x11vnc -inetd -ncache 0 -unixpw -users unixpw= -unixpw_system_greeter -display WAIT:cmd=FINDCREATEDISPLAY-Xdummy.xdmcp -o /var/log/x11vnc.log \
# -sloppy_keys -solid "#76848F" -nowireframe -clear_keys -skip_lockkeys -noxdamage
#
# create session on demand, works with xfce, remove above options FD_XDM and FD_XDMCP_IF
# attention: xinit runs as root this way, raising a security issue
#/usr/local/bin/x11vnc -inetd -ncache 0 -unixpw -users unixpw= -display WAIT:cmd=FINDCREATEDISPLAY-Xdummy -o /var/log/x11vnc.log -sloppy_keys -solid "#76848F" \
# -nowireframe  -listen <IP OF SERVER> -clear_keys -skip_lockkeys -noxdamage

• Set execute permissions

chmod ugo+x x11vnc_sh

• Download Xdummy from http://www.karlrunge.com/x11vnc/Xdummy, set permissions, install

cd /usr/local/bin
wget http://www.karlrunge.com/x11vnc/Xdummy
chmod ugo+x Xdummy
./Xdummy -install

• gnome-keyring-daemon process is often left over after logout, so remove it:

apt-get remove --purge gnome-keyring

• install xinetd

apt-get install xinetd

• Create file /etc/xinetd.d/x11vnc

service x11vnc
{
        type            = UNLISTED
        port            = 5900
        socket_type     = stream
        protocol        = tcp
        wait            = no
        user            = root
        server          = /usr/local/bin/x11vnc_sh
        disable         = no
}

• restart xinetd

/etc/init.d/xinetd restart

To make shure x11vnc and subsequent processes are not started as root, perform the following steps:

• edit /etc/xinetd.d/x11vnc
• change the line

user = root

to

user = nobody

• restart xinetd

/etc/init.d/xinetd restart

• edit /usr/local/bin/x11vnc_sh
• remove the option ”-users unixpw=”
• comment the debug options

#CREATE_DISPLAY_OUTPUT=/tmp/mydebug.txt
#export CREATE_DISPLAY_OUTPUT

• adjust permissions of /var/log/x11vnc.log

chown nobody /var/log/x11vnc.log

Memory consumption during logged in x11vnc xfce sessions:

→ about 50MB per session