文章目录
1. X server、Xvnc 和 VNC server X Window System X Server X Client X Window Manager Display Manager X Window启动方式 方式一:startx 方式二:(如果有启动 graphical.target) display manager 提供的登录界面
Xvnc
2. vncserver系统服务的配置和开启 2.1 配置root的VNC窗口 2.2 配置非root的其他用户的VNC窗口 2.3 设置客户端访问密码(可不设置): 2.4 常见问题 (1)enable失败: (2)发现之前的系统服务实际执行的文件都在/usr/lib/systemd/system/下,但按理来说应该在/etc/systemd/system/(优先级高于/usr/lib/systemd/system/)下。 (3)查看启动状态,发现启动失败(status=98、status=2/INVALIDARGUMENT): (4)远程VNC Vierwer连接192.168.213.193:5901,在客户端关闭VNC窗口时,会导致服务端的vncserver@:1.service也被关闭。 (5)系统服务启动失败(New main PID 5869 does not belong to service, and PID file is not owned by root. Refusing.): (6)非root用户启动错误(status=1/FAILURE)
3. xvnc.socket 和 gdm.service 3.1 xvnc.socket 和 vncserver 的区别 3.2 一次性 / 持续性 VNC 会话 3.3 xvnc.socket的启用 实现步骤: xvnc.socket 的 VNC 启动机制: systemd 中的 .socket 与 .service:
3.4 Rocky Linux 8 系统下 xvnc 的启用 3.5 常见问题 (1)xvnc.socket: Failed with result 'resources'.
参考文献
1. X server、Xvnc 和 VNC server
X Window System
Linux的图形接口,称为 X 或 X11。 包括 X Server、X Client。
X Server
管理键盘、鼠标、手写板、显示器、屏幕分辨率与颜色深度、显示适配器 (包含驱动程序) 与显示的字型等硬件。 https://linux.die.net/man/1/xserver
X Client
处理來自 X Server 的动作,将该动作处理成为绘图数据, 再将这些绘图数据传回给 X Server。
X Client 也称为 X Application (X 应用程序)。 每个 X Client 并不知道其他 X Client 的存在。
X Window Manager
特殊的 X Client ,负责管理所有的 X client 软件。
常见的窗口管理员:
GNOME (GNU Network Object Model Environment):http://www.gnome.org/ KDE (K Desktop Enviroment):http://kde.org/ twm (Tab Window Manager):http://xwinman.org/vtwm.php XFCE (XForms Common Environment):http://www.xfce.org/
Display Manager
提供登入的环境, 加载使用者选择的 Window Manager 和语系等资料。
X Window启动方式
方式一:startx
找到X server和X client的参数或配置文件
启动 X server
载入 X client
文字界面用户登录
startx
xinit
X :displaynumber
xterm -display :displaynumber
方式二:(如果有启动 graphical.target) display manager 提供的登录界面
主机上的 X 可能有多个同时存在,因此,当启动 X Server / Client 時, 应注明该 X Server / Client 主要是提供或接受哪个显示接口(:0、:1、…)。
Xvnc
Xvnc is the X VNC (Virtual Network Computing) server. It is based on a standard X server, but it has a “virtual” screen rather than a physical one. X applications display themselves on it as if it were a normal X display, but they can only be accessed via a VNC viewer .
By convention we have arranged that the VNC server display number will be the same as the X server display number, which means you can use eg. snoopy:2 to refer to display 2 on machine “snoopy” in both the X world and the VNC world.
xvnc(1) - Linux man page
2. vncserver系统服务的配置和开启
怎样在 CentOS 7.0 上安装和配置 VNC 服务器
2.1 配置root的VNC窗口
[ HEPS@localhost ~] $ sudo vi /etc/systemd/system/vncserver@.service
[ Unit]
Description = Remote desktop service ( VNC)
After = syslog.target network.target
[ Service]
Type = simple
ExecStartPre = /bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'
ExecStart = /sbin/runuser -l root -c "/usr/bin/vncserver %i -geometry 1280x1024"
PIDFile = /root/.vnc/%H%i.pid
ExecStop = /bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'
[ Install]
WantedBy = multi-user.target
[ HEPS@localhost ~] $ sudo systemctl enable vncserver@:1.service
Created symlink from /etc/systemd/system/multi-user.target.wants/vncserver@:1.service to /usr/lib/systemd/system/vncserver@:1.service.
[ HEPS@localhost ~] $ sudo systemctl start vncserver@:1.service
2.2 配置非root的其他用户的VNC窗口
[ HEPS@localhost ~] $ sudo vi /etc/systemd/system/vncserver@:2.service
[ Unit]
Description = Remote desktop service ( VNC)
After = syslog.target network.target
[ Service]
Type = simple
User = root
ExecStartPre = /bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'
ExecStart = /usr/bin/vncserver_wrapper HEPS %i
ExecStop = /bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'
[ Install]
WantedBy = multi-user.target
2.3 设置客户端访问密码(可不设置):
[ root@localhost HEPS]
Password:123456
Verify:123456
Would you like to enter a view-only password ( y/n) ? n
A view-only password is not used
2.4 常见问题
(1)enable失败:
[ HEPS@localhost ~] $ sudo systemctl enable vncserver@.service
Failed to execute operation: Unit name vncserver@.service is missing the instance name.
这是因为VNC可以开启多个窗口,例如:VNC 1号窗口意味着会以5901端口号开启服务。所以应在enable VNC服务时指定开启的窗口。
(2)发现之前的系统服务实际执行的文件都在/usr/lib/systemd/system/下,但按理来说应该在/etc/systemd/system/(优先级高于/usr/lib/systemd/system/)下。
这是因为/usr/lib/systemd/system/下有vncserver@:1.service和vncserver@:2.service ,而/etc/systemd/system/下只有vncserver@.service,当vncserver@:1.service和vncserver@:2.service文件名和systemctl enable和systemctl start 的服务名更匹配时,就优先运行这两个文件了。 移除/usr/lib/systemd/system/下的vncserver@:1.service和vncserver@:2.service ,当systemctl enable和systemctl start的时候,就会自动搜索到/etc/systemd/system/下的vncserver@.service,并将命令中@后面传入的数据代入到文件的%i变量。
(3)查看启动状态,发现启动失败(status=98、status=2/INVALIDARGUMENT):
[ HEPS@localhost ~] $ systemctl status vncserver@\ :1.service
● vncserver@:1.service - Remote desktop service ( VNC)
Loaded: loaded ( /usr/lib/systemd/system/vncserver@:1.service; enabled; vendor preset: disabled)
Active: failed ( Result: exit-code) since Mon 2022 -07-04 10 :45:18 CST; 1min 32s ago
Process: 8193 ExecStop = /bin/sh -c /usr/bin/vncserver -kill %i > /dev/null 2 >&1 || : ( code= exited, status = 0 /SUCCESS)
Process: 8157 ExecStart = /sbin/runuser -l root -c /usr/bin/vncserver %i ( code= exited, status = 98 )
Process: 8146 ExecStartPre = /bin/sh -c /usr/bin/vncserver -kill %i > /dev/null 2 >&1 || : ( code= exited, status = 0 /SUCCESS)
Main PID: 8157 ( code= exited, status = 98 )
这是因为早就开启了一个Xvnc,占用了5901端口,所以导致VNC 1号窗口无法启动 : )
[ HEPS@localhost ~] $ netstat -nlutp| grep vnc
tcp 0 0 0.0 .0.0:5901 0.0 .0.0:* LISTEN 3594 /Xvnc
tcp 0 0 0.0 .0.0:6001 0.0 .0.0:* LISTEN 3594 /Xvnc
tcp6 0 0 :::5901 :::* LISTEN 3594 /Xvnc
tcp6 0 0 :::6001 :::* LISTEN 3594 /Xvnc
或者报错:status=2/INVALIDARGUMENT,也是该原因:
[ HEPS@localhost ~] $ sudo systemctl status vncserver@:2.service
● vncserver@:2.service - Remote desktop service ( VNC)
Loaded: loaded ( /etc/systemd/system/vncserver@:2.service; enabled; vendor preset: disabled)
Active: failed ( Result: exit-code) since Wed 2022 -07-06 15 :01:18 CST; 18min ago
Process: 29946 ExecStop = /bin/sh -c /usr/bin/vncserver -kill %i > /dev/null 2 >&1 || : ( code= exited, status = 0 /SUCCESS)
Process: 29906 ExecStart = /usr/bin/vncserver_wrapper HEPS %i ( code= exited, status = 2 )
Process: 29891 ExecStartPre = /bin/sh -c /usr/bin/vncserver -kill %i > /dev/null 2 >&1 || : ( code= exited, status = 0 /SUCCESS)
Main PID: 29906 ( code= exited, status = 2 )
Jul 06 15 :01:17 localhost.localdomain systemd[ 1 ] : Starting Remote desktop service ( VNC) .. .
Jul 06 15 :01:17 localhost.localdomain systemd[ 1 ] : Started Remote desktop service ( VNC) .
Jul 06 15 :01:18 localhost.localdomain vncserver_wrapper[ 29906 ] : A VNC server is already running as :2
Jul 06 15 :01:18 localhost.localdomain vncserver_wrapper[ 29906 ] : FATAL: 'runuser -l HEPS' failed!
Jul 06 15 :01:18 localhost.localdomain systemd[ 1 ] : vncserver@:2.service: main process exited, code = exited, status = 2 /INVALIDARGUMENT
Jul 06 15 :01:18 localhost.localdomain systemd[ 1 ] : Unit vncserver@:2.service entered failed state.
Jul 06 15 :01:18 localhost.localdomain systemd[ 1 ] : vncserver@:2.service failed.
[ HEPS@localhost ~] $ netstat -nlutp| grep 5902
tcp 0 0 0.0 .0.0:5902 0.0 .0.0:* LISTEN 17012 /Xvnc
tcp6 0 0 :::5902 :::* LISTEN 17012 /Xvnc
(4)远程VNC Vierwer连接192.168.213.193:5901,在客户端关闭VNC窗口时,会导致服务端的vncserver@:1.service也被关闭。
过了几小时又试了下,发现客户端关闭VNC窗口时,不会导致服务端的vncserver@:1.service也被关闭。所以客户端不会影响服务端,之前是偶然现象。后来又发现这现象,感觉应该不是偶然。有时候虽然系统服务关闭了,但是Xvnc还活着。不知道什么原因。
[ HEPS@localhost ~] $ sudo systemctl status vncserver@:2.service
● vncserver@:2.service - Remote desktop service ( VNC)
Loaded: loaded ( /etc/systemd/system/vncserver@:2.service; enabled; vendor preset: disabled)
Active: inactive ( dead) since Wed 2022 -07-06 10 :58:15 CST; 4min 34s ago
Process: 13287 ExecStop = /bin/sh -c /usr/bin/vncserver -kill %i > /dev/null 2 >&1 || : ( code= exited, status = 0 /SUCCESS)
Process: 11915 ExecStart = /usr/bin/vncserver %I ( code= exited, status = 0 /SUCCESS)
Process: 11893 ExecStartPre = /bin/sh -c /usr/bin/vncserver -kill %i > /dev/null 2 >&1 || : ( code= exited, status = 0 /SUCCESS)
Main PID: 11915 ( code= exited, status = 0 /SUCCESS)
Jul 06 10 :58:15 localhost.localdomain org.gtk.vfs.Daemon[ 11942 ] : A connection to the bus can't be made
Jul 06 10:58:15 localhost.localdomain org.gtk.vfs.Daemon[11942]: A connection to the bus can' t be made
Jul 06 10 :58:15 localhost.localdomain tracker-miner-fs.desktop[ 12786 ] : Received signal:15-> 'Terminated'
Jul 06 10 :58:15 localhost.localdomain tracker-miner-f[ 12786 ] : Error while sending AddMatch( ) message: The connection is closed
Jul 06 10 :58:15 localhost.localdomain tracker-miner-f[ 12786 ] : Error while sending AddMatch( ) message: The connection is closed
Jul 06 10 :58:15 localhost.localdomain tracker-miner-f[ 12786 ] : Error while sending AddMatch( ) message: The connection is closed
Jul 06 10 :58:15 localhost.localdomain tracker-miner-apps.desktop[ 12787 ] : Received signal:15-> 'Terminated'
Jul 06 10 :58:15 localhost.localdomain tracker-miner-apps.desktop[ 12787 ] : OK
Jul 06 10 :58:15 localhost.localdomain tracker-extract.desktop[ 12785 ] : Received signal:15-> 'Terminated'
Jul 06 10 :58:15 localhost.localdomain tracker-miner-fs.desktop[ 12786 ] : OK
(5)系统服务启动失败(New main PID 5869 does not belong to service, and PID file is not owned by root. Refusing.):
[ HEPS@localhost ~] $ sudo systemctl status vncserver@:2.service
● vncserver@:2.service - Remote desktop service ( VNC)
Loaded: loaded ( /usr/lib/systemd/system/vncserver@:2.service; enabled; vendor preset: disabled)
Active: inactive ( dead) since Tue 2022 -07-05 17 :53:14 CST; 3s ago
Process: 5886 ExecStop = /bin/sh -c /usr/bin/vncserver -kill %i > /dev/null 2 >&1 || : ( code= exited, status = 0 /SUCCESS)
Process: 5837 ExecStart = /sbin/runuser -l HEPS -c /usr/bin/vncserver %i ( code= exited, status = 0 /SUCCESS)
Process: 5833 ExecStartPre = /bin/sh -c /usr/bin/vncserver -kill %i > /dev/null 2 >&1 || : ( code= exited, status = 0 /SUCCESS)
Main PID: 5837 ( code= exited, status = 0 /SUCCESS)
Jul 05 17 :53:11 localhost.localdomain systemd[ 1 ] : Starting Remote desktop service ( VNC) .. .
Jul 05 17 :53:11 localhost.localdomain systemd[ 1 ] : Started Remote desktop service ( VNC) .
Jul 05 17 :53:14 localhost.localdomain systemd[ 1 ] : New main PID 5869 does not belong to service, and PID file is not owned by root. Refusing.
VNC系统服务未启动成功,但是vncserver自身启动成功了。
[ HEPS@localhost ~] $ netstat -nlutp| grep 5902
tcp 0 0 0.0 .0.0:5902 0.0 .0.0:* LISTEN 5869 /Xvnc
tcp6 0 0 :::5902 :::* LISTEN 5869 /Xvnc
应该是centos特定系统版本中systemd对PID文件的处理方式导致了该错误。
[ HEPS@localhost ~] $ cat /etc/centos-release
CentOS Linux release 7.7 .1908 ( Core)
参考: VNC服务器错误:新的主PID 不属于服务 OL 7.7 systemd: New main PID xxxx does not belong to service… CVE-2018-16888: 而启动命令中,将vncserver的执行者设置为HEPS,PID文件也在HEPS家目录下:
ExecStart = /sbin/runuser -l HEPS -c "/usr/bin/vncserver %i -geometry 1280x1024"
PIDFile = /home/HEPS/.vnc/%H%i.pid
这可能就违反了CentOS 7.7中systemd对PID文件的限制。
runuser的功能:
runuser - run a command with substitute user and group ID
-, -l, --login
Starts the shell as login shell with an environment similar to a real login:
o clears all environment variables except for TERM
o initializes the environment variables HOME , SHELL , USER , LOGNAME , PATH
o changes to the target user's home directory
o sets argv[0] of the shell to ' -' in order to make the shell a login shell
对于该报错,这是一种处理方式: 也就是:
[ Service]
User = HEPS
.. .
ExecStart = /usr/bin/vncserver %i
PIDFile = /home/HEPS/.vnc/%H%i.pid
还可以这样处理,将PIDFile注释掉:
[ Service]
User = root
.. .
ExecStart = /sbin/runuser -l HEPS -c "/usr/bin/vncserver %i -geometry 1280x1024"
(6)非root用户启动错误(status=1/FAILURE)
[ HEPS@localhost ~] $ sudo systemctl status vncserver@:2.service
● vncserver@:2.service - Remote desktop service ( VNC)
Loaded: loaded ( /etc/systemd/system/vncserver@:2.service; enabled; vendor preset: disabled)
Active: failed ( Result: exit-code) since Wed 2022 -07-06 11 :38:22 CST; 5s ago
Process: 15953 ExecStop = /bin/sh -c /usr/bin/vncserver -kill %i > /dev/null 2 >&1 || : ( code= exited, status = 0 /SUCCESS)
Process: 15950 ExecStart = /sbin/runuser -l HEPS -c /usr/bin/vncserver %i ( code= exited, status = 1 /FAILURE)
Process: 15940 ExecStartPre = /bin/sh -c /usr/bin/vncserver -kill %i > /dev/null 2 >&1 || : ( code= exited, status = 0 /SUCCESS)
Main PID: 15950 ( code= exited, status = 1 /FAILURE)
Jul 06 11 :38:22 localhost.localdomain systemd[ 1 ] : Starting Remote desktop service ( VNC) .. .
Jul 06 11 :38:22 localhost.localdomain systemd[ 1 ] : Started Remote desktop service ( VNC) .
Jul 06 11 :38:22 localhost.localdomain systemd[ 1 ] : vncserver@:2.service: main process exited, code = exited, status = 1 /FAILURE
Jul 06 11 :38:22 localhost.localdomain systemd[ 1 ] : Unit vncserver@:2.service entered failed state.
Jul 06 11 :38:22 localhost.localdomain systemd[ 1 ] : vncserver@:2.service failed.
这是因为将系统服务的User设置为了非root:
[ Service]
Type = simple
User = HEPS
将User=HEPS改为User=root即可。
3. xvnc.socket 和 gdm.service
3.1 xvnc.socket 和 vncserver 的区别
https://linux.die.net/man/1/vncserver
vncserver is a Perl script which simplifies the process of starting an Xvnc server. It runs Xvnc with appropriate options and starts a window manager on the VNC desktop.
运行vncserver,实质上是加载了一些配置参数,并运行xvnc。
https://linux.die.net/man/1/xvnc
The best way of starting Xvnc is via the vncserver script. This sets up the environment appropriately and runs some X applications to get you going.
3.2 一次性 / 持续性 VNC 会话
xvnc.socket用于配置一次性 VNC 会话,启用后自动监听5900端口,且可以多用户登录; vncserver用于持续 VNC 会话,执行了/usr/bin/Xvnc命令,也就是使用了Xvnc server,启用后监听的端口号根据服务开启的窗口号而定,只可以单用户登录。
一次性会话由远程客户端启动。它在服务器上启动图形登录屏幕。这样您可以选择启动会话的用户,并且如果登录管理器支持,还可以选择桌面环境。终止与此类 VNC 会话的客户端连接时,此会话中启动的所有应用程序也将终止。一次性 VNC 会话不能共享,但可以在一台主机上同时存在多个会话。
可以从多个客户端同时访问持续会话。该会话和其上启动的所有应用程序运行时不考虑客户端连接,直到会话被终止。
根据使用经验,一次性 VNC 会话和持续 VNC 会话的区别在于:当通过一次性 VNC 会话登录某一用户的VNC界面,在此界面上的各项操作并不会同步到该用户的其他VNC界面上,更不会同步到该用户在主机上的界面,也就是说,一次性 VNC 会话过程是独立的,客户端之间不会相互影响。而通过持续 VNC 会话登录某一用户的VNC界面,在此界面上的各项操作会同步到该用户的其他VNC界面上,也就是说,持续 VNC 会话过程不是独立的,客户端之间会相互影响。
一次性 / 持续性 VNC 会话的实现机制——借助 inetd 的 wait/nowait 模式
inetd 超级服务器 linux超级服务器inetd详解
inetd(常被称为“网络超级服务”)是一个服务器服务。它按需求运行一些不常用的服务,而且不需要连续运行。
对于TCP服务器,inetd监听在应用程序已知的端口上,监听链接请求,接受连接,映射链接到标准输入、标准输出和标准错误输出,启动适当的服务器。 对于UDP服务器,当UDP服务器的已知端口上数据可读时,inetd要求操作系统通知它。直到inetd启动的服务器中止,inetd再在已知端口上进行下一步操作。
nowait 模式下,每当有新的客户端申请连接,都会生成新的 Xvnc 进程。因此,同一 VNC 端口可以多客户端同时访问。(每个客户端不共享 VNC 会话,会话终止则该会话下进程结束)5950 stream tcp nowait nobody /usr/local/bin/Xvnc Xvnc-inetd -query localhost -once securitytypes = none
wait 模式下,第一个客户端申请连接时,生成的 Xvnc 进程会独占监听端口。只有该进程停止,该端口下才能生成新的 Xvnc 进程。新的客户端申请连接也只会连接到该进程。若有客户端终止会话连接,该进程也不会停止。(多个客户端共享 VNC 会话,某个客户端终止连接时,该会话下进程不结束)5951 stream tcp wait james /usr/local/bin/Xvnc Xvnc -inetd -query localhost passwordFile = /home/james/.vnc/passwd
参数选项中的 -once
功能:客户端与 Xvnc 服务进程以正常方式 终止会话连接后,该 Xvnc 服务进程和相应的 X client 会停止。
If this is used with the XDMCP options -query and -once, the Xvnc and associated X clients will die when the user logs out of the X session in the normal way.
xvnc(1) - Linux man page
3.3 xvnc.socket的启用
实现步骤:
不需要修改/usr/lib/systemd/system/xvnc.socket文件,直接enable和start即可。
[ HEPS@localhost ~] $ sudo systemctl enable xvnc.socket
Created symlink from /etc/systemd/system/sockets.target.wants/xvnc.socket to /usr/lib/systemd/system/xvnc.socket.
[ HEPS@localhost ~] $ sudo systemctl start xvnc.socket
[ HEPS@localhost ~] $ sudo systemctl status xvnc.socket
● xvnc.socket - XVNC Server
Loaded: loaded ( /usr/lib/systemd/system/xvnc.socket; enabled; vendor preset: disabled)
Active: active ( listening) since Wed 2022 -07-06 15 :39:03 CST; 45s ago
Listen: [ ::] :5900 ( Stream)
Accepted: 0 ; Connected: 0
Jul 06 15 :39:03 localhost.localdomain systemd[ 1 ] : Listening on XVNC Server.
查看5900端口的服务配置信息:
[ HEPS@localhost ~] $ sudo cat /etc/services | grep 5900
rfb 5900 /tcp
rfb 5900 /udp
此时VNC Viewer可以连接到192.168.213.193:5900上,但是并没有出现GDM界面,而是黑屏,显然GDM并未加载出来。参考Chapter 13. TigerVNC中的“13.1.4. VNC setup based on xinetd with XDMCP for GDM”,得知这是因为并未开启XDMCP。开启XDMCP服务:
[ HEPS@localhost ~] $ sudo vi /etc/gdm/custom.conf
[ xdmcp]
Enable = true
由于更改了gdm的配置,需将其重启(无需重启graphical.target图形化界面):
[ HEPS@localhost ~] $ sudo systemctl restart gdm.service
此时XDMCP服务监听的UDP端口177已开启:
[ HEPS@localhost ~] $ netstat -nlutp| grep 177
udp 0 0 0.0 .0.0:177 0.0 .0.0:* -
这时再通过VNC Viewer连接到192.168.213.193:5900上,就会出现GDM界面,可以任意选择用户进行登录。
xvnc.socket 的 VNC 启动机制:
xvnc.socket 的功能:监听5900(默认)端口,当有客户端申请连接时,唤醒 xvnc@.service 服务。(类似 inetd 的功能) xvnc@.service 的功能:启动 /usr/bin/Xvnc 进程。
因此,当没有客户端连接5900端口时,无法查询到 xvnc@.service 服务状态;有客户端连接时,可以查看到 xvnc@.service 服务状态。
当启用了xvnc.socket后,实际的依赖顺序为:xvnc.socket 依赖 sockets.target 依赖 gdm.service(GNOME Display Manager)依赖 graphical.target(=init 5,图形化界面环境)。
[ HEPS@localhost ~] $ systemctl list-dependencies xvnc.socket --reverse | grep socket
xvnc.socket
● └─sockets.target
[ HEPS@localhost ~] $ systemctl list-dependencies sockets.target --reverse | grep gdm
● ├─gdm.service
[ HEPS@localhost ~] $ systemctl list-dependencies gdm.service --reverse
gdm.service
● └─graphical.target
systemd 中的 .socket 与 .service:
可能是史上最全面易懂的 Systemd 服务管理教程!
.service:封装守护进程的启动、停止、重启和重载操作,是最常见的一种 Unit 文件 .socket:监控来自于系统或网络的数据消息,用于实现基于数据自动触发服务启动
systemd 带@的服务文件以及以.socket结尾的服务文件
systemd.socket 中文手册
以 “.socket” 为后缀的单元文件, 封装了一个用于进程间通信的套接字(socket)或管道(FIFO), 以支持基于套接字的启动。 每个套接字单元都必须有一个与其匹配的服务单元,以处理该套接字上的接入流量。 匹配的 .service 单元名称默认与对应的 .socket 单元相同, 但是也可以通过 Service=
选项明确指定。 如果 Accept=no
, 那么匹配的 .service 单元必须要么与 .socket 单元同名, 要么必须通过 Service=
选项明确指定。 如果 Accept=yes
, 那么匹配的 .service 单元必须是与 .socket 单元同名的模版单元。 注意, 要想配置为基于套接字启动, .service 单元必须有能力从 systemd 接手已经创建好的套接字。 这既可以通过调 sd_listen_fds 接口实现,也可以通过传统的 inetd 风格的套接字传递方式实现(需要在服务单元文件中设置 StandardInput=socket
)。
https://www.freedesktop.org/software/systemd/man/systemd.socket.html
3.4 Rocky Linux 8 系统下 xvnc 的启用
Rocky Linux 8.5 系统中,并未自带 VNC 相关程序和服务配置文件,因此需自己安装、配置。
下载安装包
sudo yum install tigervnc
新建 xvnc.socket 文件
sudo vi /usr/lib/systemd/system/xvnc.socket
向其中写入如下内容:
[ Unit]
Description = XVNC Server
[ Socket]
ListenStream = 5900
Accept = yes
[ Install]
WantedBy = sockets.target
新建 xvnc@.service 文件,作为 xvnc.socket 对应的系统服务
sudo vi /usr/lib/systemd/system/xvnc@.service
向其中写入如下内容:
[ Unit]
Description = XVNC Per-Connection Daemon
[ Service]
ExecStart = -/usr/bin/Xvnc -inetd -query localhost -geometry 1920x1200 -depth 24 -once -SecurityTypes = None
User = nobody
StandardInput = socket
StandardError = syslog
开启 VNC 端口监听服务
sudo systemctl daemon-reload
sudo systemctl enable xvnc.socket
sudo systemctl start xvnc.socket
开启防火墙相关端口
sudo firewall-cmd --permanent --zone = public --add-port= 5900 /tcp
sudo firewall-cmd --reload
启用 XDMCP
sudo sed -i 's/^\[xdmcp\]/&\nEnable=true/' /etc/gdm/custom.conf
sudo systemctl restart gdm.service
3.5 常见问题
(1)xvnc.socket: Failed with result ‘resources’.
VNC Viewer 客户端申请连接不成功,并且 xvnc.socket 状态为 failed:
$ systemctl status xvnc.socket
● xvnc.socket - XVNC Server
Loaded: loaded ( /usr/lib/systemd/system/xvnc.socket; enabled; vendor preset: disabled)
Active: failed ( Result: resources) since Thu 2023 -02-23 17 :51:20 CST; 31s ago
Listen: [ ::] :5900 ( Stream)
Accepted: 1 ; Connected: 0 ;
Feb 23 17 :33:29 localhost.localdomain systemd[ 1 ] : Listening on XVNC Server.
Feb 23 17 :51:20 localhost.localdomain systemd[ 1 ] : xvnc.socket: Failed to queue service startup job ( Maybe the service file is missing or not a template unit
Feb 23 17 :51:20 localhost.localdomain systemd[ 1 ] : xvnc.socket: Failed with result 'resources' .
查看报错日志:
$ journalctl
.. .
Feb 23 17 :38:42 localhost.localdomain sudo[ 331767 ] : user : TTY = pts/0 ; PWD = /home/user ; USER = root ; COMMAND = /bin/vi /usr/lib/systemd/system/xvnc@.service
Feb 23 17 :44:14 localhost.localdomain sudo[ 331934 ] : user : TTY = pts/0 ; PWD = /home/user ; USER = root ; COMMAND = /bin/systemctl daemon-reload
Feb 23 17 :44:14 localhost.localdomain systemd[ 1 ] : Reloading.
Feb 23 17 :44:14 localhost.localdomain systemd[ 1 ] : /usr/lib/systemd/system/xvnc@.service:5: Unknown lvalue 'ExeStart' in section 'Service'
Feb 23 17 :44:14 localhost.localdomain systemd[ 1 ] : xvnc@0.service: Service lacks both ExecStart = and ExecStop = setting. Refusing.
Feb 23 17 :51:20 localhost.localdomain systemd[ 1 ] : /usr/lib/systemd/system/xvnc@.service:5: Unknown lvalue 'ExeStart' in section 'Service'
Feb 23 17 :51:20 localhost.localdomain systemd[ 1 ] : xvnc@0.service: Service lacks both ExecStart = and ExecStop = setting. Refusing.
Feb 23 17 :51:20 localhost.localdomain systemd[ 1 ] : xvnc.socket: Failed to queue service startup job ( Maybe the service file is missing or not a template unit?) : Invalid argument
Feb 23 17 :51:20 localhost.localdomain systemd[ 1 ] : xvnc.socket: Failed with result 'resources' .
原来是“ExecStart”写错,写成了“ExeStart”,导致该服务实例 xvnc@0.service 无法正确启动。 修改正确后,重启 xvnc.socket 即可。
参考文献
《鸟哥的Linux私房菜(第四版)》 Chapter 13. TigerVNC Red Hat Enterprise Linux 7 | Red Hat Customer Portal xvnc(1): X VNC server - Linux man page (die.net) 使用 VNC 远程访问 | 管理指南 | SUSE Linux Enterprise Server 12 SP4 VNC服务器错误:新的主PID 不属于服务 | 码农俱乐部 - Golang中国 - Go语言中文社区 (mlog.club) OL 7.7 systemd: New main PID xxxx does not belong to service… — oracle-tech Linux - VNC的安装、配置与使用 - Anliven - 博客园 (cnblogs.com) 系统运维|怎样在 CentOS 7.0 上安装和配置 VNC 服务器 (linux.cn) CentOS7安装vncserver(启动失败及连接黑屏解决办法)_Fang20160214的博客-CSDN博客 CentOS 7 Xinetd服务安装配置 centos 中没有xinetd.conf文件 在Rocky Linux 8中安装VNC服务器 Install VNC Server on Rocky Linux 8 如何使用 journalctl 查看和分析 systemd 日志(附实例)
本文内容由网友自发贡献,版权归原作者所有,本站不承担相应法律责任。如您发现有涉嫌抄袭侵权的内容,请联系:hwhale#tublm.com(使用前将#替换为@)