Bidouillage Technique et Développement Admin Sys FreeBSD FreeBSD : Connexion VNC vers un bureau graphique installé dans un jail

FreeBSD : Connexion VNC vers un bureau graphique installé dans un jail

Lien :
https://www.truenas.com/community/threads/guide-setup-secure-gui-control-on-a-jail-using-either-vnc-or-x11.98572/

1/ Sur l'hôte, se connecter en root.

[util01@station173 ~]$ sudo su
root@station173:/usr/home/util01

2/ Démarrer le jail.

root@station173:/usr/home/util01 # service jail start web.reseau01.local
Starting jails: web_reseau01_local.
root@station173:/usr/home/util01 #

3/ Lister les jails disponibles.

root@station173:/usr/home/util01 # jls
   JID  IP Address      Hostname                      Path
     1  127.0.1.11      web.reseau01.local            /jail/web.reseau01.local
root@station173:/usr/home/util01 #

4/ Se connecter sur le jail via ssh.

root@station173:/usr/home/util01 # ssh util01@192.168.1.211
(util01@192.168.1.211) Password for util01@web.reseau01.local:
util01@web:~ $

5/ Dans le jail, passer en root.

util01@web:~ $ sudo su
Password:
root@web:/usr/home/util01 #

6/ Mettre-à-jour la liste des paquets.

root@web:/usr/home/util01 # pkg update -f

7/ Installer le serveur X.

root@web:/usr/home/util01 # pkg install xorg

8/ Installer VNC.

root@web:/usr/home/util01 # pkg install tigervnc-server

9/ Passer en root.

root@web:/usr/home/util01 # su - util01
util01@web:~ $

10/ Lancer le serveur VNC.

util01@web:~ $ vncserver

You will require a password to access your desktops.

Password:
Verify:
Would you like to enter a view-only password (y/n)? n
A view-only password is not used
xauth:  file /home/util01/.Xauthority does not exist
xauth: (stdin):1:  bad display name "web.reseau01.local:1" in "add" command

New 'web.reseau01.local:1 (util01)' desktop is web.reseau01.local:1

Creating default startup script /home/util01/.vnc/xstartup
Creating default config /home/util01/.vnc/config
Starting applications specified in /home/util01/.vnc/xstartup
Log file is /home/util01/.vnc/web.reseau01.local:1.log

util01@web:~ $

Modifier le mot de passe de VNC :

util01@web:~ $ rm ~/.vnc/passwd
util01@web:~ $ vncpasswd
Password:
Verify:
Would you like to enter a view-only password (y/n)? n
A view-only password is not used
util01@web:~ $

Tuer le serveur VNC :

util01@web:~ $ vncserver -kill :1
Killing Xvnc process ID 5459
util01@web:~ $

Configuration du démarrage :

Ouvrir :

~/.vnc/xstartup

Remplacer tout par :

#!/bin/sh

# Options: gnome, xfce, kde
desktop="xfce"

# xsetroot: is a program that allows you to tailor the appearance of the background ("root")
# window on a workstation display running X (xorg). Any X dialog will have that look
unset SESSION_MANAGER
unset DBUS_SESSION_BUS_ADDRESS
OS=$(uname -s)
if [ "$OS" = 'Linux' ]; then
  case "$WINDOWMANAGER" in
    *gnome*)
      if [ -e /etc/SuSE-release ]; then
        PATH=$PATH:/opt/gnome/bin
        export PATH
      fi
      ;;
  esac
fi
if [ -x /etc/X11/xinit/xinitrc ]; then
  exec /etc/X11/xinit/xinitrc
fi
if [ -f /etc/X11/xinit/xinitrc ]; then
  exec sh /etc/X11/xinit/xinitrc
fi

# Start and bind to desktop
if [ "$desktop" = "gnome3" ]; then
    # Start Gnome 3 Desktop
    [ -r "$HOME/.Xresources" ] && xrdb "$HOME/.Xresources"
    vncconfig -iconic &
        dbus-launch --exit-with-session gnome-session &
elif [ "$desktop" = "xfce" ]; then
    # Start xfce GUI
    [ -r "$HOME/.Xresources" ] && xrdb "$HOME/.Xresources"
    xsetroot -solid grey
    startxfce4 &
elif [ "$desktop" = "kde" ]; then
    # Start KDE Plasama
    [ -r "$HOME/.Xresources" ] && xrdb "$HOME/.Xresources"
    xsetroot -solid grey
    startplasma-x11 &
else
    # Start default xterm with twm
    [ -r "$HOME/.Xresources" ] && xrdb "$HOME/.Xresources"
    xsetroot -solid grey
    xterm -geometry 80x24+10+10 -ls -title "$VNCDESKTOP Desktop" &
        twm &
fi

}

11/ Installation de XFCE.

root@web:/usr/home/util01 # pkg install -y xfce
root@web:/usr/home/util01 # pkg install -y slim 
root@web:/usr/home/util01 # pkg install -y slim-themes
root@web:/usr/home/util01 # pkg install -y xfce4-goodies
root@web:/usr/home/util01 # pkg install -y xfce4-pulseaudio-plugin

11/ Configuration de XFCE.

Ouvrir :

/usr/local/etc/polkit-1/rules.d/shutdown.rules

Ajouter :

# Shutdown
polkit.addRule(function (action, subject) {
if ((action.id == "org.freedesktop.consolekit.system.restart" ||
action.id == "org.freedesktop.consolekit.system.stop")
&& subject.isInGroup("wheel")) {
return polkit.Result.YES;
}
});

# Suspend
polkit.addRule(function (action, subject) {
if (action.id == "org.freedesktop.consolekit.system.suspend"
&& subject.isInGroup("wheel")) {
return polkit.Result.YES;
}
});

12/ Post-configuration.

root@web:/usr/home/util01 # sysrc dbus_enable=yes
dbus_enable:  -> yes
root@web:/usr/home/util01 # sysrc hald_enable=yes
hald_enable:  -> yes
root@web:/usr/home/util01 # sysrc slim_enable=yes
slim_enable:  -> yes
root@web:/usr/home/util01 # sysrc sound_load=yes
sound_load:  -> yes
root@web:/usr/home/util01 # sysrc snd_hda_load=yes
snd_hda_load:  -> yes

13/ Passer sous l'utilisateur normal.

root@web:/usr/home/util01 # su - util01
util01@web:~ $

14/ Configuration du démarrage de XFCE.

Créer :

/home/util01/.xinitrc

Ajouter

exec startxfce4

15/ Lancement du serveur VNC.

util01@web:~ $ vncserver :5 -depth 24 -geometry 1920x1080 -localhost no
xauth: (stdin):1:  bad display name "web.reseau01.local:5" in "add" command

New 'web.reseau01.local:5 (util01)' desktop is web.reseau01.local:5

Starting applications specified in /home/util01/.vnc/xstartup
Log file is /home/util01/.vnc/web.reseau01.local:5.log

util01@web:~ $

16/ A partir d'un ordinateur du réseau, connexion vers le serveur VNC du jail.

util01@station66:~$ xtightvncviewer 192.168.1.211:5
Connected to RFB server, using protocol version 3.8
Performing standard VNC authentication
Password: 
Authentication successful
Desktop name "web.reseau01.local:5 (util01)"
VNC server default format:
  32 bits per pixel.
  Least significant byte first in each pixel.
  True colour: max red 255 green 255 blue 255, shift red 16 green 8 blue 0
Warning: Cannot convert string "-*-helvetica-bold-r-*-*-16-*-*-*-*-*-*-*" to type FontStruct
Using default colormap which is TrueColor.  Pixel format:
  32 bits per pixel.
  Least significant byte first in each pixel.
  True colour: max red 255 green 255 blue 255, shift red 16 green 8 blue 0

17/ A partir de l'ordinateur où est installé Bastille.

[util01@station173 ~]$ vncviewer 192.168.1.221:5

18/ Si problème de connexion :

Depuis le jail :

util01@web:~ $ vncserver :1 -depth 24 -geometry 1024x768 -localhost no

Depuis un ordinateur du réseau :

[util01@station173 ~]$ vncviewer 192.168.1.221:1