VNC

Configure VNC Server on CentOS 7 / RHEL 7

Let’s start. If you don’t have desktop environment ( X windows ), issue the below commands one by one to install. It will take few minutes to install packages.

[root@world ~]# yum check-update

[root@world ~]# yum groupinstall "X Window System"

[root@world ~]# yum install gnome-classic-session gnome-terminal nautilus-open-terminal control-center liberation-mono-fonts

[root@world ~]# unlink /etc/systemd/system/default.target

[root@world ~]# ln -sf /lib/systemd/system/graphical.target /etc/systemd/system/default.target

[root@world ~]# reboot

After reboot, you will get Centos 7 desktop .

[root@server ~]# yum groupinstall "GNOME Desktop" "Graphical Administration Tools"

                                        ----X----

# yum -y install tigervnc-server xorg-x11-fonts-Type1 xinetd xrdp

# yum install tigervnc-server xorg-x11-fonts-Type1 -y

                              IF Problem 

# yum -y install xrdp --enablerepo=cr

 # cp /lib/systemd/system/vncserver@.service /etc/systemd/system/vncserver@:1.service

 # vi /etc/systemd/system/vncserver@:1.service

At the end of the file, you will find the lines like below.

Now open /etc/systemd/system/vncserver@:1.service file and replace with your username .

                                   ---------------------------------------------------------

[Unit]Description=Remote desktop service (VNC)After=syslog.target network.target
[Service]Type=simple
# Clean any existing files in /tmp/.X11-unix environment#ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'#ExecStart=/usr/bin/vncserver_wrapper <USER> %i#ExecStop=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'
ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'ExecStart=/usr/sbin/runuser -l root -c "/usr/bin/vncserver %i"PIDFile=/home/root/.vnc/%H%i.pidExecStop=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'

[Install]WantedBy=multi-user.target

                                       ---------------------------------------------------------

Find these lines:

ExecStart=/sbin/runuser -l <USER> -c "/usr/bin/vncserver %i"PIDFile=/home/<USER>/.vnc/%H%i.pid
Replace (username as faruq ):ExecStart=/sbin/runuser -l faruq -c "/usr/bin/vncserver %i"PIDFile=/home/faruq/.vnc/%H%i.pid
Or root user:ExecStart=/sbin/runuser -l root -c "/usr/bin/vncserver %i"PIDFile=/root/.vnc/%H%i.pid

31 # `man vncviewer' manual page.323334 [Unit]35 Description=Remote desktop service (VNC)36 After=syslog.target network.target3738 [Service]39 Type=forking
40 # Clean any existing files in /tmp/.X11-unix environment41 ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'42 #ExecStart=/usr/sbin/runuser -l <USER> -c "/usr/bin/vncserver %i"43 #PIDFile=/home/<USER>/.vnc/%H%i.pid44 ExecStart=/sbin/runuser -l root -c "/usr/bin/vncserver %i -geometry 1280x1024"45 PIDFile=/home/root/.vnc/%H%i.pid46 ExecStop=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'4748 [Install]49 WantedBy=multi-user.target
Replace <USER> with your real user, in my case, i replaced with a user called “root” .

       

Line Edit ---------------

40    ExecStart=/sbin/runuser -l root -c "/usr/bin/vncserver %i"

41    PIDFile=/root/.vnc/%H%i.pid

       

-----OR-------

[Unit]

Description=Remote desktop service (VNC)

After=syslog.target network.target


[Service]

Type=simple


# Clean any existing files in /tmp/.X11-unix environment

ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'

ExecStart=/usr/sbin/runuser -l root -c "/usr/bin/vncserver %i"

PIDFile=/home/root/.vnc/%H%i.pid

ExecStop=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'


[Install]

WantedBy=multi-user.target



# systemctl daemon-reload

# vncpasswd

#  c

systemctl enable vncserver@:1.service

systemctl start vncserver@:1.service

systemctl restart vncserver@:1.service

 systemctl start xrdp.service

 systemctl enable xrdp.service

 systemctl start vncserver@:display_number.service

 systemctl enable vncserver@:display_number.service

Firewall settings:

# firewall-cmd --permanent --zone=public --add-service vnc-server

# firewall-cmd --reload

# systemctl restart firewalld.service

Additional Commands :

» To stop VNC service .

[root@world ~]# systemctl stop vncserver@:1.service

» To disable VNC service from startup ( permanent ).

[root@world ~]# systemctl disable vncserver@:1.service

» To stop firewall ( For troubleshooting ).

[root@world ~]# systemctl stop firewalld.service


 systemctl daemon-reload

 systemctl start vncserver@:1

 systemctl status vncserver@:1

 systemctl enable vncserver@:1


In order to list the opened ports that are in the listening state, run the ss command as below.

# ss -tulpn| grep vnc

Then to allow external VNC clients to connect to the VNC server in CentOS, ensure that the proper VNC open ports are allowed to pass through your firewall.

# firewall-cmd --add-port=5901/tcp

# firewall-cmd --add-port=5901/tcp --permanent

Connecting to CentOS Desktop via VNC Client

yum -y install vinagre

#  ss -tlpn| grep Xvnc

3. Now, remotely connect to CentOS Desktop using this new VNC session, supply the IP: port combination (192.168.1.23:5903) in VNC client

Then to stop the VNC server instances, run the below command.


# killall Xvnc

# vncserver -kill :1 




-------------Config VNC  --------------

Install the tigervnc server, X11 fonts and xinetd.

[root@server ~]# yum install tigervnc-server xorg-x11-fonts-Type1 xinetd

Enable the XDMCP.

[root@server ~]# vi /etc/gdm/custom.conf

Add the following content.

[security] AllowRemoteRoot=true DisallowTCP=false   [xdmcp] Enable=true MaxSessions=30

Create Xinetd service.

[root@server ~]#  vi /etc/xinetd.d/vncserver

Place the following content on the above file.

service vncserver { disable = no socket_type = stream protocol = tcp group = tty wait = no user = nobody server = /usr/bin/Xvnc server_args = -inetd -query localhost -geometry 1024×768 -depth 16 -once -fp /usr/share/X11/fonts/misc -securitytypes=none }

Create VNC service.

[root@server ~]# vi /etc/services

Add the following line at the end of file.

vncserver 5900/tcp # VNC and GDM

Restart xinetd service

[root@server ~]# systemctl restart xinetd.service

Add firewall rules to allow the VNC connection, the following rule is set as per the port-offset mentioned in the previous step.

[root@server ~]# firewall-cmd --permanent --zone=public --add-port=5900/tcp [root@server ~]# firewall-cmd --reload

Reboot the machine, if required.

[root@server ~]# reboot

Use VNC viewer to connect.

ipaddress:5900

###################################################################################

------------XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX____________XXXXXXXXXXXXXXXXXXXXXXXX______________________

CentOS 7.4

[root@dlp ~]# yum -y install tigervnc-server

[root@dlp ~]# su - user1 # switch to a user you'd like to config VNC

[cent@dlp ~]$ vncpasswd # set VNC password

Password:# input

Verify:# confirm

# run with diplay number '1', screen resolution '800x600', color depth '24'

[cent@dlp ~]$ vncserver :1 -geometry 1200x786 -depth 24

[srijan@world ~]$ 

 Configuring Your Firewall

Next, we will need to configure the firewall to allow VNC traffic through ports 5904 and 5905 only. CentOS 7 uses Dynamic Firewall through the firewalld daemon; the service doesn't need to restart for changes to take effect.

The firewalld service should start automatically at system boot time, but it's always good to check:

# firewall-cmd --state

This should show:

running

If the state is "not running" for any reason, execute the following command to make sure it's running:

# systemctl start firewalld

Now add the rules for ports 5904 and 5905:

# firewall-cmd --permanent --zone=public --add-port=5904-5905/tcp

OR

# firewall-cmd --permanent --zone=public --add-port=5905/tcp

Output:

success

Reload the firewall:

# firewall-cmd --reload

Output:

success

 

-----------------------ERROR

VNC won't start CentOS 7

# rm -f /tmp/.X4-lock 

# rm -f /tmp/.X11-unix/X4

This worked for me on Centos7:

$ rm /tmp/.X11-unix/*

# systemctl restart vncserver@:1.service

Automatic (recommended):

Install EPEL and nux Desktop repository rpms.

# rpm -Uvh https://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-5.noarch.rpm # rpm -Uvh http://li.nux.ro/download/nux/dextop/el7/x86_64/nux-dextop-release-0-1.el7.nux.noarch.rpm

Manual:

Create a repository file.

# vi /etc/yum.repos.d/xrdp.repo

Place the following content. Once added, save and close the file.

[xrdp] name=xrdp baseurl=http://li.nux.ro/download/nux/dextop/el7/x86_64/ enabled=1 gpgcheck=0

---------------------------------------------

As a temporary fix you could delete them:

rm -i /tmp/.X11-unix/X4

rm /tmp/Xn

rm -rf /tmp/.X11-unix/Xn (where n is the port/socket number)

For a more permanent solution, you can add this line under the "ExecStartPre" line:

ExecStartPre=/bin/sh -c 'rm -rf /tmp/.X11-unix/X* > /dev/null 2>&1 || :'

After doing either of these steps, you should either (re)start the vnc daemon or reboot.

------------------------------

# vncserver -kill :1

# vncserver -kill :#

# vi ~/.vnc/xstartup

# Uncomment the following two lines for normal desktop: unset SESSION_MANAGER exec /etc/X11/xinit/xinitrc

----------OR-------

####### Content of home/USERNAME/.vnc/xstartup, owned by USERNAME #!/bin/sh unset SESSION_MANAGER unset DBUS_SESSION_BUS_ADDRESS

exec /etc/X11/xinit/xinitrc &

----------------------