diff options
author | runge <[email protected]> | 2009-12-24 18:00:59 -0500 |
---|---|---|
committer | runge <[email protected]> | 2009-12-24 18:00:59 -0500 |
commit | c96107783c89359781581cacc2fa46f8a979fc98 (patch) | |
tree | 60216b14e9d719a66a02f0e2b29eaa3598b75403 /x11vnc | |
parent | 9659bc129f520b635b7056cf5d746a35003a6b80 (diff) | |
download | libtdevnc-c96107783c89359781581cacc2fa46f8a979fc98.tar.gz libtdevnc-c96107783c89359781581cacc2fa46f8a979fc98.zip |
x11vnc: prepare_x11vnc_dist.sh for 0.9.10. -xdummy_xvfb,
-svc_xdummy_xvfb and -create_x shorthand. lxde session.
Xdummy improvements and root no longer required.
Diffstat (limited to 'x11vnc')
-rw-r--r-- | x11vnc/ChangeLog | 5 | ||||
-rw-r--r-- | x11vnc/README | 108 | ||||
-rw-r--r-- | x11vnc/help.c | 46 | ||||
-rwxr-xr-x | x11vnc/misc/Xdummy | 646 | ||||
-rw-r--r-- | x11vnc/ssltools.h | 142 | ||||
-rw-r--r-- | x11vnc/unixpw.c | 9 | ||||
-rw-r--r-- | x11vnc/user.c | 12 | ||||
-rw-r--r-- | x11vnc/x11vnc.1 | 58 | ||||
-rw-r--r-- | x11vnc/x11vnc.c | 39 | ||||
-rw-r--r-- | x11vnc/x11vnc_defs.c | 2 |
10 files changed, 770 insertions, 297 deletions
diff --git a/x11vnc/ChangeLog b/x11vnc/ChangeLog index c3c8382..e6188e5 100644 --- a/x11vnc/ChangeLog +++ b/x11vnc/ChangeLog @@ -1,3 +1,8 @@ +2009-12-24 Karl Runge <[email protected]> + * x11vnc: prepare_x11vnc_dist.sh for 0.9.10. -xdummy_xvfb, + -svc_xdummy_xvfb and -create_x shorthand. lxde session. + Xdummy improvements and root no longer required. + 2009-12-21 Karl Runge <[email protected]> * x11vnc: -DENC_HAVE_OPENSSL=0 to disable enc.h but still have ssl. Tweak ps command in find_display. Try to handle diff --git a/x11vnc/README b/x11vnc/README index 685f9a6..42a6f54 100644 --- a/x11vnc/README +++ b/x11vnc/README @@ -2,7 +2,7 @@ Copyright (C) 2002-2009 Karl J. Runge <[email protected]> All rights reserved. -x11vnc README file Date: Mon Dec 21 00:00:59 EST 2009 +x11vnc README file Date: Thu Dec 24 16:08:39 EST 2009 The following information is taken from these URLs: @@ -586,12 +586,12 @@ vncviewer -via $host localhost:0 # must be TightVNC vncviewer. SourceForge.net. I use libvncserver for all of the VNC aspects; I couldn't have done without it. The full source code may be found and downloaded (either file-release tarball or GIT tree) from the above - link. As of Jul 2009, the [91]x11vnc-0.9.8.tar.gz source package is - released (recommended download). The [92]x11vnc 0.9.8 release notes. + link. As of Dec 2009, the [91]x11vnc-0.9.9.tar.gz source package is + released (recommended download). The [92]x11vnc 0.9.9 release notes. The x11vnc package is the subset of the libvncserver package needed to build the x11vnc program. Also, you can get a copy of my latest, - bleeding edge [93]x11vnc-0.9.9.tar.gz tarball to build the most up to + bleeding edge [93]x11vnc-0.9.10.tar.gz tarball to build the most up to date one. Precompiled Binaries/Packages: See the [94]FAQ below for information @@ -629,13 +629,13 @@ vncviewer -via $host localhost:0 # must be TightVNC vncviewer. them by default.) If your OS has libjpeg.so and libz.so in standard locations you can - build as follows (example given for the 0.9.8 release of x11vnc: + build as follows (example given for the 0.9.9 release of x11vnc: replace with the version you downloaded): (un-tar the x11vnc+libvncserver tarball) -# gzip -dc x11vnc-0.9.8.tar.gz | tar -xvf - +# gzip -dc x11vnc-0.9.9.tar.gz | tar -xvf - (cd to the source directory) -# cd x11vnc-0.9.8 +# cd x11vnc-0.9.9 (run configure and then run make) # ./configure @@ -886,13 +886,13 @@ make I'd appreciate any additional testing very much. Thanks to those who suggested features and helped beta test x11vnc - 0.9.8 released in Jul 2009! + 0.9.9 released in Dec 2009! - Please help test and debug the 0.9.9 version for release sometime in - 2009. + Please help test and debug the 0.9.10 version for release sometime in + Spring 2010. - The version 0.9.9 beta tarball is kept here: - [114]x11vnc-0.9.9.tar.gz + The version 0.9.10 beta tarball is kept here: + [114]x11vnc-0.9.10.tar.gz There are also some Linux, Solaris, Mac OS X, and other OS test binaries [115]here. Please kick the tires and report bugs, performance @@ -909,7 +909,11 @@ make Encryption Plugin' settings panel.) - Here are some features that will appear in the 0.9.9 release: + Here are some features that will appear in the 0.9.10 release: + * Coming Soon. + + + Here are some features that appeared in the 0.9.9 release: * The [122]-unixpw_system_greeter option, when used in combined unixpw and XDMCP FINDCREATEDISPLAY mode (e.g. [123]-xdmsvc), enables the user to press Escape to jump directly to the @@ -1507,7 +1511,7 @@ LAY description of the [294]-create option that does all of this automatically for you. Also, a faster and more accurate way is to use the "dummy" - XFree86/Xorg device driver (or our Xdummy wrapper script.) See + Xorg/XFree86 device driver (or our Xdummy wrapper script.) See [295]this FAQ for details. * Somewhat surprisingly, the X11 mouse (cursor) shape is write-only and cannot be queried from the X server. So traditionally in @@ -1629,9 +1633,9 @@ References 88. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-tunnel-int 89. http://www.karlrunge.com/x11vnc/ssvnc.html 90. http://sourceforge.net/projects/libvncserver/ - 91. http://sourceforge.net/project/showfiles.php?group_id=32584&package_id=119006&release_id=695585 - 92. http://sourceforge.net/project/shownotes.php?group_id=32584&release_id=695585 - 93. http://x11vnc.sourceforge.net/dev/x11vnc-0.9.9.tar.gz + 91. http://sourceforge.net/projects/libvncserver/files/x11vnc/0.9.9/ + 92. http://sourceforge.net/projects/libvncserver/files/x11vnc/0.9.9/release-notes-0.9.9.txt/view + 93. http://x11vnc.sourceforge.net/dev/x11vnc-0.9.10.tar.gz 94. http://www.karlrunge.com/x11vnc/faq.html#faq-binaries 95. http://www.tightvnc.com/download.html 96. http://www.realvnc.com/products/free/4.1/download.html @@ -1652,7 +1656,7 @@ References 111. http://www.karlrunge.com/x11vnc/faq.html#faq-solaris251build 112. http://www.karlrunge.com/x11vnc/faq.html#faq-macosx 113. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-tunnel-int - 114. http://x11vnc.sourceforge.net/dev/x11vnc-0.9.9.tar.gz + 114. http://x11vnc.sourceforge.net/dev/x11vnc-0.9.10.tar.gz 115. http://www.karlrunge.com/x11vnc/bins 116. mailto:[email protected] 117. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-tunnel-int @@ -5314,9 +5318,11 @@ xpw= FINDDISPLAY method it will create an X server session for the user (i.e. desktop/terminal server.) This is the only time x11vnc actually tries to start up an X server. By default it will only try to start up - virtual (non-hardware) X servers: first [439]Xdummy and if that is not - available then Xvfb. Note that Xdummy requires root permission and - only works on Linux whereas Xvfb works just about everywhere. + virtual (non-hardware) X servers: first [439]Xvfb and if that is not + available then Xdummy. Note that Xdummy only works on Linux whereas + Xvfb works just about everywhere (and in some situations Xdummy must + be run as root.) An advantage of Xdummy over Xvfb is that Xdummy + supports RANDR dynamic screen resizing. So an inetd(8) example might look like: 5900 stream tcp nowait root /usr/sbin/tcpd /usr/local/bin/x11vnc -inetd \ @@ -5693,9 +5699,8 @@ xmodmap -e "add Mod1 = Alt_L Alt_R Meta_L" server that turn off the VT usage in the X server. Update: As of Jul/2005 we have an LD_PRELOAD script [470]Xdummy that allows you to use a stock (i.e. unpatched) Xorg or XFree86 server with the "dummy" - driver and not have any VT switching problems! Currently Xdummy needs - to be run as root, but with some luck that may be relaxed in the - future. + driver and not have any VT switching problems! An advantage of Xdummy + over Xvfb is that Xdummy supports RANDR dynamic screen resizing. The standard way to start the "dummy" driver would be: startx -- :1 -config /etc/X11/xorg.conf.dummy @@ -12914,7 +12919,7 @@ x11vnc: a VNC server for real X displays Here are all of x11vnc command line options: % x11vnc -opts (see below for -help long descriptions) -x11vnc: allow VNC connections to real X11 displays. 0.9.9 lastmod: 2009-12-21 +x11vnc: allow VNC connections to real X11 displays. 0.9.10 lastmod: 2009-12-24 x11vnc options: -display disp -auth file -N @@ -12938,8 +12943,9 @@ x11vnc options: -unixpw_nis [list] -unixpw_cmd cmd -find -finddpy -listdpy -findauth [disp] -create -xdummy -xvnc - -xvnc_redirect -svc -svc_xdummy - -svc_xvnc -xdmsvc -sshxdmsvc + -xvnc_redirect -xdummy_xvfb -create_x str + -svc -svc_xdummy -svc_xvnc + -svc_xdummy_xvfb -xdmsvc -sshxdmsvc -unixpw_system_greeter -redirect port -display WAIT:... -vencrypt mode -anontls mode -sslonly -dhparams file -nossl -ssl [pem] @@ -13041,7 +13047,7 @@ libvncserver-tight-extension options: % x11vnc -help -x11vnc: allow VNC connections to real X11 displays. 0.9.9 lastmod: 2009-12-21 +x11vnc: allow VNC connections to real X11 displays. 0.9.10 lastmod: 2009-12-24 (type "x11vnc -opts" to just list the options.) @@ -14091,6 +14097,11 @@ Options: -xdummy As in -create, except Xdummy instead of Xvfb. -xvnc As in -create, except Xvnc instead of Xvfb. -xvnc_redirect As in -create, except Xvnc.redirect instead of Xvfb. +-xdummy_xvfb Sets WAIT:cmd=FINDCREATEDISPLAY-Xdummy,Xvfb + +-create_x str Sets WAIT:cmd=FINDCREATEDISPLAY-<str> Can be on cmdline + after anything that sets WAIT:.. and other things + (e.g. -svc, -xdmsvc) to adjust the X server list. -svc Terminal services mode based on SSL access. Alias for -display WAIT:cmd=FINDCREATEDISPLAY-Xvfb -unixpw -users @@ -14098,6 +14109,7 @@ Options: -svc_xdummy As -svc except Xdummy instead of Xvfb. -svc_xvnc As -svc except Xvnc instead of Xvfb. +-svc_xdummy_xvfb As -svc with Xdummy,Xvfb. -xdmsvc Display manager Terminal services mode based on SSL. Alias for -display WAIT:cmd=FINDCREATEDISPLAY-Xvfb.xdmcp @@ -14269,11 +14281,13 @@ Options: mode when a virtual X server such as Xvfb is going to be created. It sets the width and height of the new display, and optionally the color depth as - well. You can also supply "gnome", "kde", "twm", + well. + + You can also supply "gnome", "kde", "twm", "fvwm", "mwm", "dtwm", "wmaker", "xfce", - "enlightenment", "Xsession", or "failsafe" - (same as "xterm") to have the created display use - that mode for the user session. + "lxde", "enlightenment", "Xsession", or + "failsafe" (same as "xterm") to have the created + display use that mode for the user session. Specify "tag=..." to set the unique FD_TAG desktop session tag described below. Note: this option will @@ -14373,17 +14387,21 @@ Options: Xdummy: The Xdummy wrapper is part of the x11vnc source code - (x11vnc/misc/Xdummy) It should be available in PATH and - have run "Xdummy -install" once to create the shared - library. Xdummy requires root permission and only works - on Linux. (Note: specify FD_XDUMMY_NOROOT=1 to skip - a check for the root id; evidently your sudo(1) will - take care of everything. The -xdummy and -svc_xdummy - options imply FD_XDUMMY_NOROOT=1). + (x11vnc/misc/Xdummy) It should be available in PATH + and have run "Xdummy -install" once to create the + shared library. Xdummy only works on Linux. As of + 12/2009 it no longer needs to be run as root, and the + default is to not run as root. In some circumstances + permissions may require running it as root, in these + cases specify FD_XDUMMY_RUN_AS_ROOT=1, this is the same + as supplying -root to the Xdummy cmdline. Xvfb is available on most platforms and does not require root. + An advantage of Xdummy over Xvfb is that Xdummy supports + RANDR dynamic screen resizing. + When x11vnc exits (i.e. user disconnects) the X server session stays running in the background. The FINDDISPLAY will find it directly next time. @@ -14441,13 +14459,11 @@ Options: More FD tricks: FD_CUPS=port or FD_CUPS=host:port will set the cups printing environment. Similarly for FD_ESD=port or FD_ESD=host:port for esddsp sound - redirection. FD_XDUMMY_NOROOT means the Xdummy - server does not need to be started as root (e.g. it - will sudo automatically). Set FD_EXTRA to a command - to be run a few seconds after the X server starts up. - Set FD_TAG to be a unique name for the session, it is - set as an X property, that makes FINDDISPLAY only find - sessions with that tag value. + redirection. Set FD_EXTRA to a command to be run a + few seconds after the X server starts up. Set FD_TAG + to be a unique name for the session, it is set as an + X property, that makes FINDDISPLAY only find sessions + with that tag value. If you want the FINDCREATEDISPLAY session to contact an XDMCP login manager (xdm/gdm/kdm) on the same machine, diff --git a/x11vnc/help.c b/x11vnc/help.c index d360e7a..40fd3ec 100644 --- a/x11vnc/help.c +++ b/x11vnc/help.c @@ -1117,6 +1117,11 @@ void print_help(int mode) { "-xdummy As in -create, except Xdummy instead of Xvfb.\n" "-xvnc As in -create, except Xvnc instead of Xvfb.\n" "-xvnc_redirect As in -create, except Xvnc.redirect instead of Xvfb.\n" +"-xdummy_xvfb Sets WAIT:cmd=FINDCREATEDISPLAY-Xdummy,Xvfb\n" +"\n" +"-create_x str Sets WAIT:cmd=FINDCREATEDISPLAY-<str> Can be on cmdline\n" +" after anything that sets WAIT:.. and other things\n" +" (e.g. -svc, -xdmsvc) to adjust the X server list.\n" "\n" "-svc Terminal services mode based on SSL access. Alias for\n" " -display WAIT:cmd=FINDCREATEDISPLAY-Xvfb -unixpw -users\n" @@ -1124,6 +1129,7 @@ void print_help(int mode) { "\n" "-svc_xdummy As -svc except Xdummy instead of Xvfb.\n" "-svc_xvnc As -svc except Xvnc instead of Xvfb.\n" +"-svc_xdummy_xvfb As -svc with Xdummy,Xvfb.\n" "\n" "-xdmsvc Display manager Terminal services mode based on SSL.\n" " Alias for -display WAIT:cmd=FINDCREATEDISPLAY-Xvfb.xdmcp\n" @@ -1295,11 +1301,13 @@ void print_help(int mode) { " mode when a virtual X server such as Xvfb is going\n" " to be created. It sets the width and height of\n" " the new display, and optionally the color depth as\n" -" well. You can also supply \"gnome\", \"kde\", \"twm\",\n" +" well.\n" +"\n" +" You can also supply \"gnome\", \"kde\", \"twm\",\n" " \"fvwm\", \"mwm\", \"dtwm\", \"wmaker\", \"xfce\",\n" -" \"enlightenment\", \"Xsession\", or \"failsafe\"\n" -" (same as \"xterm\") to have the created display use\n" -" that mode for the user session.\n" +" \"lxde\", \"enlightenment\", \"Xsession\", or\n" +" \"failsafe\" (same as \"xterm\") to have the created\n" +" display use that mode for the user session.\n" "\n" " Specify \"tag=...\" to set the unique FD_TAG desktop\n" " session tag described below. Note: this option will\n" @@ -1398,17 +1406,21 @@ void print_help(int mode) { " Xdummy:\n" "\n" " The Xdummy wrapper is part of the x11vnc source code\n" -" (x11vnc/misc/Xdummy) It should be available in PATH and\n" -" have run \"Xdummy -install\" once to create the shared\n" -" library. Xdummy requires root permission and only works\n" -" on Linux. (Note: specify FD_XDUMMY_NOROOT=1 to skip\n" -" a check for the root id; evidently your sudo(1) will\n" -" take care of everything. The -xdummy and -svc_xdummy\n" -" options imply FD_XDUMMY_NOROOT=1).\n" +" (x11vnc/misc/Xdummy) It should be available in PATH\n" +" and have run \"Xdummy -install\" once to create the\n" +" shared library. Xdummy only works on Linux. As of\n" +" 12/2009 it no longer needs to be run as root, and the\n" +" default is to not run as root. In some circumstances\n" +" permissions may require running it as root, in these\n" +" cases specify FD_XDUMMY_RUN_AS_ROOT=1, this is the same\n" +" as supplying -root to the Xdummy cmdline.\n" "\n" " Xvfb is available on most platforms and does not\n" " require root.\n" "\n" +" An advantage of Xdummy over Xvfb is that Xdummy supports\n" +" RANDR dynamic screen resizing.\n" +"\n" " When x11vnc exits (i.e. user disconnects) the X\n" " server session stays running in the background.\n" " The FINDDISPLAY will find it directly next time.\n" @@ -1466,13 +1478,11 @@ void print_help(int mode) { " More FD tricks: FD_CUPS=port or FD_CUPS=host:port\n" " will set the cups printing environment. Similarly for\n" " FD_ESD=port or FD_ESD=host:port for esddsp sound\n" -" redirection. FD_XDUMMY_NOROOT means the Xdummy\n" -" server does not need to be started as root (e.g. it\n" -" will sudo automatically). Set FD_EXTRA to a command\n" -" to be run a few seconds after the X server starts up.\n" -" Set FD_TAG to be a unique name for the session, it is\n" -" set as an X property, that makes FINDDISPLAY only find\n" -" sessions with that tag value.\n" +" redirection. Set FD_EXTRA to a command to be run a\n" +" few seconds after the X server starts up. Set FD_TAG\n" +" to be a unique name for the session, it is set as an\n" +" X property, that makes FINDDISPLAY only find sessions\n" +" with that tag value.\n" "\n" " If you want the FINDCREATEDISPLAY session to contact an\n" " XDMCP login manager (xdm/gdm/kdm) on the same machine,\n" diff --git a/x11vnc/misc/Xdummy b/x11vnc/misc/Xdummy index 77617e4..84e77a3 100755 --- a/x11vnc/misc/Xdummy +++ b/x11vnc/misc/Xdummy @@ -1,15 +1,16 @@ #!/bin/sh # -# Xdummy: an LD_PRELOAD hack to run a stock XFree86(1) or Xorg(1) server +# Xdummy: an LD_PRELOAD hack to run a stock Xorg(1) or XFree86(1) server # with the "dummy" video driver to make it avoid Linux VT switching, etc. # # Run "Xdummy -help" for more info. # xserver="" geom="" +geom="" install="" uninstall="" -root=1 +root="" debug="" strace="" runit=1 @@ -24,31 +25,42 @@ program=`basename "$0"` help () { ${PAGER:-more} << END -$program: a hack to run a stock XFree86(1) or Xorg(1) server with the +$program: a hack to run a stock Xorg(1) or XFree86(1) X server with the "dummy" video driver such that it AVOIDS the Linux VT switching, keyboard mouse conflicts, etc associated with normal use of "dummy". -In other words, try to make XFree86/Xorg with the Device "dummy" driver +In other words, try to make Xorg/XFree86 with the Device "dummy" driver act more like Xvfb(1). To achieve this, while running the real Xserver $program intercepts system and library calls via the LD_PRELOAD method and modifies the behavior to make it work correctly (i.e. avoid the VT stuff). LD_PRELOAD tricks -are usually "clever hacks" and so might not work in all circumstances. +are usually "clever hacks" and so might not work in all situations or +break when something changes. The primary motivation for the Xdummy script is to provide a virtual X server for x11vnc but with more features than Xvfb (or Xvnc), however it could be used for other reasons (e.g. better automated testing than -with Xvfb). +with Xvfb). A nice by-product is the dummy server supports RANDR dynamic +resizing while Xvfb does not. So, for example x11vnc+Xdummy terminal +services are a little better than x11vnc+Xvfb. -Currently this program needs to be run as root, since it is too difficult -to trick it otherwise. Hopefully this will be relaxed at a later date -if the needed tricks are discovered. +This program does not need to be run as root as of 12/2009. However, +if there are problems for certain situations it may perform better +if run as root (-root option.) Also, gcc/cc is required to compile the LD_PRELOAD shared object. See -install and -uninstall described below. +Your Linux distribution may not install the dummy driver by default, e.g: + + /usr/lib/xorg/modules/drivers/dummy_drv.so + +some have it in a package named xserver-xorg-video-dummy you need +to install. + + Usage: $program <${program}-args> [--] <Xserver-args> @@ -66,8 +78,8 @@ startx example: startx -e bash -- $program :2 -depth 16 - (startx needs to be run as root, you can su(1) to a normal user - in the bash shell and then launch ~/.xinitrc or ~/.xsession, + (if startx needs to be run as root, you can su(1) to a normal + user in the bash shell and then launch ~/.xinitrc or ~/.xsession, gnome-session, startkde, startxfce4, etc.) xdm example: @@ -89,9 +101,12 @@ gdm/kdm example: Root permission and x11vnc: - This program needs to be run as root. One could run x11vnc as - root with -unixpw (it switches to the user that logs in) and - that may be OK, some other ideas: + Update: as of 12/2009 this program no longer must be run as root. + + However, in some circumstances program may need to be run as + root. If so, one could run x11vnc as root with -unixpw (it + switches to the user that logs in) and that may be OK, some + other ideas: - add this to sudo via visudo: @@ -147,6 +162,8 @@ Options: :N The DISPLAY can be the first $program argument. It is passed to the real X server. This is to aid use with startx(1), xinit(1), xdm(1), etc. + If one is not provided it tries to choose one + automatically. -geom geom1[,geom2...] Take the geometry (e.g. 1024x768) or list of geometries and insert them into the @@ -156,10 +173,13 @@ Options: -tmpdir dir Specify a temporary directory, owned by you and only writable by you. This is used in place of - /tmp/Xdummy.\$USER/ to placed the $program.so + /tmp/Xdummy.\$USER/.. to place the $program.so shared object, tweaked config files, etc. - -nonroot Try to run in non-root mode (XXX NOT yet working). + -nonroot Run in non-root mode (working 12/2009, now default) + + -root Run as root (may still be needed in some + environments.) -nosudo Do not try to use sudo(1) when re-running as root, use su(1) instead. @@ -188,14 +208,14 @@ Options: -debug Extra debugging output. - -strace strace(1) the Xserver process (for debugging). + -strace strace(1) the Xserver process (for troubleshooting). -h, -help Print out this help. Xserver-args: - Most of the XFree86 and Xorg options will work. Important ones + Most of the Xorg and XFree86 options will work. Important ones that may be supplied if missing: :N X Display number for server to use. @@ -212,8 +232,9 @@ Options: Notes: - The XFree86/Xorg "dummy" driver is currently undocmented. It works - well in this mode, but it is evidently not intended for end users. + The Xorg/XFree86 "dummy" driver is currently undocumented. It works + well in this mode, but it is evidently not intended for end-users. + So it could be removed or broken at any time. If the display Xserver-arg (e.g. :1) is not given, or ":" or ":9999" is given that indicates $program should try to find a free one. @@ -221,10 +242,10 @@ Notes: If the display virtual terminal, VT, (e.g. vt9) is not given that indicates $program should try to find a free one (or guess a high one). - This program is not completely secure WRT files in /tmp (but it - tries to some degree). Better is to use the -tmpdir option to supply a - directory only writable by you. Even better is to get rid of users on - the local machine you do not trust :-) + This program is not completely secure WRT files in /tmp (but it tries + to a good degree). Better is to use the -tmpdir option to supply a + directory only writable by you. Even better is to get rid of users + on the local machine you do not trust :-) END } @@ -232,7 +253,10 @@ END warn() { echo "$*" 1>&2 } -#set -xv + +if [ "X$XDUMMY_SET_XV" != "X" ]; then + set -xv +fi if [ "X$XDUMMY_UID" = "X" ]; then XDUMMY_UID=`id -u` @@ -245,20 +269,34 @@ if [ "X$XDUMMY_UID" = "X0" ]; then fi fi -#warn "id: `id -u`" -# See if it needs to be run as root: -if [ "X$XDUMMY_SU_EXEC" = "X" -a "X`id -u`" != "X0" ]; then - dosu=1 - nosudo="" +# check if root=1 first: +# +if [ "X$XDUMMY_RUN_AS_ROOT" = "X1" ]; then + root=1 +fi +for arg in $* +do + if [ "X$arg" = "X-nonroot" ]; then + root="" + elif [ "X$arg" = "X-root" ]; then + root=1 + fi +done + +# See if it really needs to be run as root: +# +if [ "X$XDUMMY_SU_EXEC" = "X" -a "X$root" = "X1" -a "X`id -u`" != "X0" ]; then + # this is to prevent infinite loop in case su/sudo doesn't work: XDUMMY_SU_EXEC=1 export XDUMMY_SU_EXEC + + dosu=1 + nosudo="" + for arg in $* do - #echo "arg=$arg" if [ "X$arg" = "X-nonroot" ]; then dosu="" - elif [ "X$arg" = "X-noroot" ]; then - dosu="" elif [ "X$arg" = "X-nosudo" ]; then nosudo="1" elif [ "X$arg" = "X-help" ]; then @@ -278,7 +316,7 @@ if [ "X$XDUMMY_SU_EXEC" = "X" -a "X`id -u`" != "X0" ]; then fi done if [ $dosu ]; then - warn "$program: currently needs to be run as root to work." + # we need to restart it with su/sudo: if type sudo > /dev/null 2>&1; then : else @@ -303,9 +341,13 @@ if [ "X$XDUMMY_SU_EXEC" = "X" -a "X`id -u`" != "X0" ]; then fi fi -#warn "args: $*" +# This will hold the X display, e.g. :20 +# disp="" +args="" + # Process Xdummy args: +# while [ "X$1" != "X" ] do case $1 in @@ -315,9 +357,19 @@ do ;; "-uninstall") uninstall=1 ;; + "-n") runit="" + ;; + "-no") runit="" + ;; + "-norun") runit="" + ;; + "-prconf") prconf=1 + ;; + "-noconf") noconf=1 + ;; "-nonroot") root="" ;; - "-noroot") root="" + "-root") root=1 ;; "-nosudo") nosudo=1 ;; @@ -328,15 +380,9 @@ do ;; "-geom"*) geom="$2"; shift ;; - "-tmpdir") XDUMMY_TMPDIR="$2"; shift - ;; - "-n") runit="" - ;; - "-no") runit="" - ;; - "-prconf") prconf=1 + "-depth") depth="$2"; shift ;; - "-noconf") noconf=1 + "-tmpdir") XDUMMY_TMPDIR="$2"; shift ;; "-debug") debug=1 ;; @@ -348,13 +394,14 @@ do ;; "--") shift; break ;; - *) break + *) args="$args $1" ;; esac shift done # Try to get a username for use in our tmp directory, etc. +# user="" if [ X`id -u` = "X0" ]; then user=root # this will also be used below for id=0 @@ -363,7 +410,9 @@ elif [ "X$USER" != "X" ]; then elif [ "X$LOGNAME" != "X" ]; then user=$LOGNAME fi -# keep trying... + +# Keep trying... +# if [ "X$user" = "X" ]; then user=`whoami 2>/dev/null` fi @@ -374,14 +423,15 @@ if [ "X$user" = "X" -o "X$user" = "X." ]; then user="u$$" fi -if [ "X$debug" = "X1" ]; then +if [ "X$debug" = "X1" -a "X$runit" != "X" ]; then echo "" echo "/usr/bin/env:" - env + env | egrep -v '^(LS_COLORS|TERMCAP)' | sort echo "" fi # Function to compile the LD_PRELOAD shared object: +# make_so() { # extract code embedded in this script into a tmp C file: @@ -396,7 +446,6 @@ make_so() { warn "$tmp still exists." exit 1 fi - #tail +$n1 $0 | head -$dn > $tmp tail -n +$n1 $0 | head -n $dn > $tmp # compile it to Xdummy.so: @@ -404,7 +453,7 @@ make_so() { touch $SO if [ ! -f $SO ]; then SO=$tdir/Xdummy.$user.so - warn "warning switch LD_PRELOAD shared object to: $SO" + warn "warning switching LD_PRELOAD shared object to: $SO" fi rm -f $SO @@ -417,7 +466,7 @@ make_so() { exit 1 fi if [ "X$debug" != "X" -o "X$install" != "X" ]; then - warn "$program: created $SO" + warn "$program: created $SO" ls -l "$SO" fi } @@ -434,11 +483,10 @@ fi SO=$0.so if [ "X$install" != "X" -o "X$uninstall" != "X" ]; then if [ -e $SO -o -h $SO ]; then - warn "removing $SO" + warn "$program: removing $SO" fi rm -f $SO if [ -e $SO -o -h $SO ]; then - # not good... warn "warning: $SO still exists." exit 1 fi @@ -452,12 +500,31 @@ if [ "X$install" != "X" -o "X$uninstall" != "X" ]; then fi # We need a tmp directory for the .so, tweaked config file, and for -# redirecting filenames we cannot create (under -nonroot, not yet -# working). +# redirecting filenames we cannot create (under -nonroot) # +tack="" if [ "X$XDUMMY_TMPDIR" = "X" ]; then XDUMMY_TMPDIR="/tmp/Xdummy.$user" + + # try to tack on a unique subdir (display number or pid) + # to allow multiple instances + # + if [ "X$disp" != "X" ]; then + t0=$disp + else + t0=$1 + fi + tack=`echo "$t0" | sed -e 's/^.*://'` + if echo "$tack" | grep '^[0-9][0-9]*$' > /dev/null; then + : + else + tack=$$ + fi + if [ "X$tack" != "X" ]; then + XDUMMY_TMPDIR="$XDUMMY_TMPDIR/$tack" + fi fi + tmp=$XDUMMY_TMPDIR if echo "$tmp" | grep '^/tmp' > /dev/null; then if [ "X$tmp" != "X/tmp" -a "X$tmp" != "X/tmp/" ]; then @@ -472,8 +539,12 @@ fi mkdir -p $XDUMMY_TMPDIR chmod 700 $XDUMMY_TMPDIR +if [ "X$tack" != "X" ]; then + chmod 700 `dirname "$XDUMMY_TMPDIR"` 2>/dev/null +fi -# see if we can write something there: +# See if we can write something there: +# tfile="$XDUMMY_TMPDIR/test.file" touch $tfile if [ ! -f $tfile ]; then @@ -486,52 +557,100 @@ rm -f $tfile export XDUMMY_TMPDIR -# compile the LD_PRELOAD shared object if needed: +# Compile the LD_PRELOAD shared object if needed (needs XDUMMY_TMPDIR) +# if [ ! -f $SO ]; then SO="$XDUMMY_TMPDIR/Xdummy.so" make_so fi -# decide which X server to use: +# Decide which X server to use: +# if [ "X$xserver" = "X" ]; then if type Xorg >/dev/null 2>&1; then xserver="Xorg" elif type XFree86 >/dev/null 2>&1; then xserver="XFree86" - elif -x /usr/X11R6/bin/Xorg; then - xserver="/usr/X11R6/bin/Xorg" elif -x /usr/bin/Xorg; then xserver="/usr/bin/Xorg" + elif -x /usr/X11R6/bin/Xorg; then + xserver="/usr/X11R6/bin/Xorg" elif -x /usr/X11R6/bin/XFree86; then xserver="/usr/X11R6/bin/XFree86" fi if [ "X$xserver" = "X" ]; then # just let it fail below. - xserver="/usr/X11R6/bin/Xorg" + xserver="/usr/bin/Xorg" warn "$program: cannot locate a stock Xserver... assuming $xserver" fi fi -# see if the binary is suid or not readable under -nonroot (XXX not yet useful): -xserver_path=`type -p $xserver 2>/dev/null` +# See if the binary is suid or not readable under -nonroot mode: +# +if [ "X$BASH_VERSION" != "X" ]; then + xserver_path=`type -p $xserver 2>/dev/null` +else + xserver_path=`type $xserver 2>/dev/null | awk '{print $NF}'` +fi if [ -e "$xserver_path" -a "X$root" = "X" -a "X$runit" != "X" ]; then - if [ ! -r $xserver_path -o -u $xserver_path ]; then + if [ ! -r $xserver_path -o -u $xserver_path -o -g $xserver_path ]; then # XXX not quite correct with rm -rf $XDUMMY_TMPDIR ... + # we keep on a filesystem we know root can write to. base=`basename "$xserver_path"` - #new="$tdir/$base.$user" - new="/tmp/$base.$user" - if [ ! -e $new ]; then - warn "NEED TO COPY UNREADABLE $xserver_path to $new as root:" - warn "" - ls -l $xserver_path 1>&2 - warn "" - warn "This only needs to be done once." - warn "Please supply root passwd to 'su -c'" + new="/tmp/$base.$user.bin" + if [ -e $new ]; then + snew=`ls -l $new | awk '{print $5}' | grep '^[0-9][0-9]*$'` + sold=`ls -l $xserver_path | awk '{print $5}' | grep '^[0-9][0-9]*$'` + if [ "X$snew" != "X" -a "X$sold" != "X" -a "X$sold" != "X$snew" ]; then + warn "removing different sized copy:" + ls -l $new $xserver_path + rm -f $new + fi + fi + if [ ! -e $new -o ! -s $new ]; then + rm -f $new touch $new || exit 1 chmod 700 $new || exit 1 - su -c "cat $xserver_path > $new" + if [ ! -r $xserver_path ]; then + warn "" + warn "NEED TO COPY UNREADABLE $xserver_path to $new as root:" + warn "" + ls -l $xserver_path 1>&2 + warn "" + warn "This only needs to be done once:" + warn " cat $xserver_path > $new" + warn "" + nos=$nosudo + if type sudo > /dev/null 2>&1; then + : + else + nos=1 + fi + if [ "X$nos" = "X1" ]; then + warn "Please supply root passwd to 'su -c'" + su -c "cat $xserver_path > $new" + else + warn "Please supply the sudo passwd if asked:" + sudo /bin/sh -c "cat $xserver_path > $new" + fi + else + warn "" + warn "COPYING SETUID $xserver_path to $new" + warn "" + ls -l $xserver_path 1>&2 + warn "" + cat $xserver_path > $new + fi ls -l $new - warn "Please restart." + if [ -s $new ]; then + : + else + rm -f $new + ls -l $new + exit 1 + fi + warn "" + warn "Please restart Xdummy now." exit 0 elif [ ! -O $new ]; then warn "file \"$new\" not owned by us!" @@ -542,7 +661,8 @@ if [ -e "$xserver_path" -a "X$root" = "X" -a "X$runit" != "X" ]; then fi fi -# work out display: +# Work out display: +# if [ "X$disp" != "X" ]; then : elif [ "X$1" != "X" ]; then @@ -556,6 +676,7 @@ elif [ "X$1" != "X" ]; then fi if [ "X$disp" = "X" -o "X$disp" = "X:" ]; then # try to find an open display port: + # (tcp outdated...) ports=`netstat -ant | grep LISTEN | awk '{print $4}' | sed -e 's/^.*://'` n=0 while [ $n -le 20 ] @@ -572,7 +693,8 @@ if [ "X$disp" = "X" -o "X$disp" = "X:" ]; then done fi -# work out which vt to use, try to find an open one if necessary. +# Work out which vt to use, try to find/guess an open one if necessary. +# vt="" for arg in $* do @@ -604,13 +726,14 @@ if [ "X$vt" = "X" ]; then if [ "X$vt" = "X" ]; then # take a wild guess... vt=vt16 - warn "$program: selected VT $vt" + warn "$program: selected fallback VT $vt" fi else vt="" fi -# decide flavor of Xserver: +# Decide flavor of Xserver: +# stype=`basename "$xserver"` if echo "$stype" | grep -i xorg > /dev/null; then stype=xorg @@ -618,7 +741,8 @@ else stype=xfree86 fi -# work out config file and tweak it. +# Work out config file and tweak it. +# next="" config="" got_config="" @@ -630,29 +754,39 @@ do break fi if [ "X$arg" = "X-xf86config" ]; then - stype="xfree86" + if [ "X$stype" = "X" ]; then + stype="xfree86" + fi next=1 elif [ "X$arg" = "X-config" ]; then - stype="xorg" + if [ "X$stype" = "X" ]; then + stype="xorg" + fi next=1 fi done tweak_config() { in="$1" - config2="$XDUMMY_TMPDIR/xconfig" + config2="$XDUMMY_TMPDIR/xdummy_modified_xconfig.conf" if [ "X$disp" != "X" ]; then - d=`echo "$disp" | sed -e 's,/,,g' -e 's/:/_:/g'` + d=`echo "$disp" | sed -e 's,/,,g' -e 's/:/_/g'` config2="$config2$d" fi # perl script to tweak the config file... add/delete options, etc. - XDUMMY_GEOM=$geom; export XDUMMY_GEOM - perl > $config2 < $in -e ' + # + env XDUMMY_GEOM=$geom \ + XDUMMY_DEPTH=$depth \ + perl > $config2 < $in -e ' $n = 0; - $geom = $ENV{XDUMMY_GEOM}; + $geom = $ENV{XDUMMY_GEOM}; + $depth = $ENV{XDUMMY_DEPTH}; + $videoram = "24000"; + $HorizSync = "30.0 - 130.0"; + $VertRefresh = "50.0 - 250.0"; if ($geom ne "") { - $tmp = ""; + my $tmp = ""; foreach $g (split(/,/, $geom)) { $tmp .= "\"$g\" "; } @@ -675,7 +809,7 @@ tweak_config() { print; next; } - if (/^\s*EndSection/) { + if (/^\s*EndSection/i) { # end of Section if ($sect eq "serverflags") { if (!$got_DontVTSwitch) { @@ -697,13 +831,63 @@ tweak_config() { } if (!$got_VideoRam) { print " ##Xdummy:##\n"; - print " VideoRam 16000\n"; + print " VideoRam $videoram\n"; + } + } elsif ($sect eq "screen") { + if ($depth ne "" && !got_DefaultDepth) { + print " ##Xdummy:##\n"; + print " DefaultDepth $depth\n"; + } + if ($got_Monitor eq "") { + print " ##Xdummy:##\n"; + print " Monitor \"Monitor0\"\n"; + } + } elsif ($sect eq "monitor") { + if (!got_HorizSync) { + print " ##Xdummy:##\n"; + print " HorizSync $HorizSync\n"; + } + if (!got_VertRefresh) { + print " ##Xdummy:##\n"; + print " VertRefresh $VertRefresh\n"; } } $sect = ""; print; next; } + + if (/^\s*SubSection\s+(\S+)/i) { + # start of Section + $subsect = $1; + $subsect =~ s/\W//g; + $subsect =~ y/A-Z/a-z/; + $subsects{$subsect} = 1; + if ($sect eq "screen" && $subsect eq "display") { + $got_Mode = 0; + } + print; + next; + } + if (/^\s*EndSubSection/i) { + # end of SubSection + if ($sect eq "screen") { + if ($subsect eq "display") { + if ($depth ne "" && !$set_Depth) { + print " ##Xdummy:##\n"; + print " Depth\t$depth\n"; + } + if ($geom ne "" && ! $got_Mode) { + print " ##Xdummy:##\n"; + print " Modes\t$geom\n"; + } + } + } + $subsect = ""; + print; + next; + } + $l = $_; $l =~ s/#.*$//; if ($sect eq "serverflags") { @@ -725,6 +909,14 @@ tweak_config() { $_ = "##Xdummy## $_"; } } + if ($sect eq "monitor") { + if ($l =~ /^\s*HorizSync/i) { + $got_HorizSync = 1; + } + if ($l =~ /^\s*VertRefresh/i) { + $got_VertRefresh = 1; + } + } if ($sect eq "device") { if ($l =~ /^(\s*Driver)\b/i) { $_ = "$1 \"dummy\"\n"; @@ -741,11 +933,34 @@ tweak_config() { } } if ($sect eq "screen") { - if ($geom ne "") { - if ($l =~ /^(\s*Modes)\b/i) { - $_ = "$1 $geom\n"; + if ($l =~ /^\s*DefaultDepth\s+(\d+)/i) { + if ($depth ne "") { print " ##Xdummy:##\n"; - $got_Modes = 1; + $_ = " DefaultDepth\t$depth\n"; + } + $got_DefaultDepth = 1; + } + if ($l =~ /^\s*Monitor\s+(\S+)/i) { + $got_Monitor = $1; + $got_Monitor =~ s/"//g; + } + if ($subsect eq "display") { + if ($geom ne "") { + if ($l =~ /^(\s*Modes)\b/i) { + print " ##Xdummy:##\n"; + $_ = "$1 $geom\n"; + $got_Modes = 1; + } + } + if ($l =~ /^\s*Depth\s+(\d+)/i) { + my $d = $1; + if (!$set_Depth && $depth ne "") { + $set_Depth = 1; + if ($depth != $d) { + print " ##Xdummy:##\n"; + $_ = " Depth\t$depth\n"; + } + } } } } @@ -765,15 +980,15 @@ tweak_config() { print "Section \"Device\"\n"; print " Identifier \"Videocard0\"\n"; print " Driver \"dummy\"\n"; - print " VideoRam 16000\n"; + print " VideoRam $videoram\n"; print "EndSection\n"; } if (! exists($sects{monitor})) { print "\n##Xdummy:##\n"; print "Section \"Monitor\"\n"; print " Identifier \"Monitor0\"\n"; - print " HorizSync 30.0 - 130.0\n"; - print " VertRefresh 50.0 - 250.0\n"; + print " HorizSync $HorizSync\n"; + print " VertRefresh $VertRefresh\n"; print "EndSection\n"; } if (! exists($sects{screen})) { @@ -781,19 +996,30 @@ tweak_config() { print "Section \"Screen\"\n"; print " Identifier \"Screen0\"\n"; print " Device \"Videocard0\"\n"; - print " Monitor \"Monitor0\"\n"; - print " DefaultDepth 16\n"; + if ($got_Monitor ne "") { + print " Monitor \"$got_Monitor\"\n"; + } else { + print " Monitor \"Monitor0\"\n"; + } + if ($depth ne "") { + print " DefaultDepth $depth\n"; + } else { + print " DefaultDepth 24\n"; + } print " SubSection \"Display\"\n"; print " Viewport 0 0\n"; - print " Depth 16\n"; - print " Modes \"1024x768\" \"800x600\" \"640x480\"\n"; + print " Depth 24\n"; + if ($geom ne "") { + print " Modes $geom\n"; + } else { + print " Modes \"1280x1024\" \"1024x768\" \"800x600\"\n"; + } print " EndSubSection\n"; print "EndSection\n"; } '; } -args="$*" if [ ! $noconf ]; then # tweaked config will be put in $config2: config2="" @@ -823,13 +1049,77 @@ if [ ! $noconf ]; then fi fi + if [ ! -f $config ]; then + config="$XDUMMY_TMPDIR/xorg.conf" + cat > $config <<END + +Section "ServerLayout" + Identifier "Layout0" + Screen 0 "Screen0" + InputDevice "Keyboard0" "CoreKeyboard" + InputDevice "Mouse0" "CorePointer" +EndSection + +Section "Files" +EndSection + +Section "Module" + Load "dbe" + Load "extmod" + Load "freetype" + Load "glx" +EndSection + +Section "InputDevice" + Identifier "Mouse0" + Driver "mouse" + Option "Protocol" "auto" + Option "Device" "/dev/psaux" + Option "Emulate3Buttons" "no" + Option "ZAxisMapping" "4 5" +EndSection + +Section "InputDevice" + Identifier "Keyboard0" + Driver "kbd" +EndSection + +Section "Monitor" + Identifier "Monitor0" + VendorName "Unknown" + ModelName "Unknown" + HorizSync 30.0 - 130.0 + VertRefresh 50.0 - 250.0 + Option "DPMS" +EndSection + +Section "Device" + Identifier "Device0" + Driver "foovideo" + VendorName "foovideo Corporation" +EndSection + +Section "Screen" + Identifier "Screen0" + Device "Device0" + Monitor "Monitor0" + DefaultDepth 24 + SubSection "Display" + Depth 24 + Modes "1280x1024" + EndSubSection +EndSection + +END + fi + if [ -f $config ]; then tweak_config $config fi # now we need to get our tweaked config file onto the command line: if [ ! $got_config ]; then - # append: + # append to cmdline (FUBAR will be substituted below.) if [ "X$stype" = "Xxorg" ]; then args="$args -config FUBAR" else @@ -838,9 +1128,14 @@ if [ ! $noconf ]; then fi if [ "X$config2" != "X" ]; then # or modify $args: + c2=$config2 + if [ "X$root" = "X" ]; then + # ordinary user cannot use absolute path. + c2=`basename $config2` + fi args=`echo "$args" | sed \ - -e "s,-config *[^ ][^ ]*,-config $config2,g" \ - -e "s,-xf86config *[^ ][^ ]*,-xf86config $config2,g"` + -e "s,-config *[^ ][^ ]*,-config $c2,g" \ + -e "s,-xf86config *[^ ][^ ]*,-xf86config $c2,g"` fi fi @@ -850,10 +1145,11 @@ if [ $prconf ]; then warn "" if [ "X$config2" = "X" ]; then warn "NO CONFIG GENERATED." + exit 1 else cat "$config2" fi - exit + exit 0 fi if [ $debug ]; then @@ -865,8 +1161,18 @@ if [ $root ]; then export XDUMMY_ROOT fi -# finally, run it: +# Finally, run it: +# if [ "X$debug" != "X" -o "X$runit" = "X" ]; then + if [ ! $runit ]; then + echo "" + echo "/usr/bin/env:" + env | egrep -v '^(LS_COLORS|TERMCAP)' | sort + echo "" + echo "XDUMMY*:" + env | grep '^XDUMMY' | sort + echo "" + fi warn "" warn "The command to run is:" warn "" @@ -886,6 +1192,7 @@ if [ "X$debug" != "X" -o "X$runit" = "X" ]; then exit 0 fi fi + if [ $strace ]; then strace -f env LD_PRELOAD=$SO $xserver $disp $args $vt else @@ -893,6 +1200,7 @@ else fi exit $? + ######################################################################### code() { @@ -923,19 +1231,17 @@ code() { #define __USE_GNU #include <dlfcn.h> -static char tmpdir[1024]; -static char str1[1024]; -static char str2[1024]; +static char tmpdir[4096]; +static char str1[4096]; +static char str2[4096]; static char devs[256][1024]; static int debug = -1; static int root = -1; static int changed_uid = 0; static int saw_fonts = 0; +static int saw_lib_modules = 0; -#if 0 -typedef long time_t; -#endif static time_t start = 0; void check_debug(void) { @@ -945,11 +1251,13 @@ void check_debug(void) { } else { debug = 0; } + /* prevent other processes using the preload: */ putenv("LD_PRELOAD="); } } void check_root(void) { if (root < 0) { + /* script tells us if we are root */ if (getenv("XDUMMY_ROOT") != NULL) { root = 1; } else { @@ -961,14 +1269,15 @@ void check_root(void) { void check_uid(void) { if (start == 0) { start = time(NULL); - if (debug) fprintf(stderr, "START: %d\n", start); + if (debug) fprintf(stderr, "START: %u\n", (unsigned int) start); return; } else if (changed_uid == 0) { if (saw_fonts || time(NULL) > start + 20) { if (getenv("XDUMMY_UID")) { int uid = atoi(getenv("XDUMMY_UID")); - if (debug) fprintf(stderr, "SETREUID: %d\n", uid); + if (debug) fprintf(stderr, "SETREUID: %d saw_fonts=%d\n", uid, saw_fonts); if (uid >= 0) { + /* this will simply fail in -nonroot mode: */ setreuid(uid, -1); } } @@ -1024,15 +1333,23 @@ int open(const char *pathname, int flags, unsigned short mode) { dlsym(RTLD_NEXT, "open"); } - if (! root) { - if (!strcmp(pathname, "/dev/mem")) { - ; - } else if (!strcmp(pathname, "/dev/tty")) { - ; - } else if (strstr(pathname, "/dev") == pathname) { + if (strstr(pathname, "lib/modules/")) { + /* not currently used. */ + saw_lib_modules = 1; + } + + if (!root) { + if (strstr(pathname, "/dev/") == pathname) { store_dev = strdup(pathname); + } + if (strstr(pathname, "/dev/tty") == pathname && strcmp(pathname, "/dev/tty")) { pathname = tmpdir_path(pathname); - if (debug) fprintf(stderr, "OPEN: -> %s\n", pathname); + if (debug) fprintf(stderr, "OPEN: %s -> %s (as FIFO)\n", store_dev, pathname); + /* we make it a FIFO so ioctl on it does not fail */ + unlink(pathname); + mkfifo(pathname, 0666); + } else if (0) { + /* we used to handle more /dev files ... */ fd = real_open(pathname, O_WRONLY|O_CREAT, 0777); close(fd); } @@ -1040,11 +1357,10 @@ int open(const char *pathname, int flags, unsigned short mode) { fd = real_open(pathname, flags, mode); - if (debug) fprintf(stderr, "OPEN: %s %d %d fd=%d\n", - pathname, flags, mode, fd); + if (debug) fprintf(stderr, "OPEN: %s %d %d fd=%d\n", pathname, flags, mode, fd); if (! root) { - if (store_dev && fd < 256) { + if (store_dev) { if (fd < 256) { strcpy(devs[fd], store_dev); } @@ -1065,6 +1381,28 @@ int open64(const char *pathname, int flags, unsigned short mode) { return(fd); } +int rename(const char *oldpath, const char *newpath) { + static int (*real_rename)(const char *, const char *) = NULL; + + CHECKIT + if (! real_rename) { + real_rename = (int (*)(const char *, const char *)) + dlsym(RTLD_NEXT, "rename"); + } + + if (debug) fprintf(stderr, "RENAME: %s %s\n", oldpath, newpath); + + if (root) { + return(real_rename(oldpath, newpath)); + } + + if (strstr(oldpath, "/var/log") == oldpath) { + if (debug) fprintf(stderr, "RENAME: returning 0\n"); + return 0; + } + return(real_rename(oldpath, newpath)); +} + FILE *fopen(const char *pathname, const char *mode) { static FILE* (*real_fopen)(const char *, const char *) = NULL; char *str; @@ -1084,8 +1422,20 @@ FILE *fopen(const char *pathname, const char *mode) { real_fopen = (FILE* (*)(const char *, const char *)) dlsym(RTLD_NEXT, "fopen"); } + if (debug) fprintf(stderr, "FOPEN: %s %s\n", pathname, mode); + if (strstr(pathname, "xdummy_modified_xconfig.conf")) { + /* make our config appear to be in /etc/X11, etc. */ + char *q = strrchr(pathname, '/'); + if (q != NULL && getenv("XDUMMY_TMPDIR") != NULL) { + strcpy(str1, getenv("XDUMMY_TMPDIR")); + strcat(str1, q); + if (debug) fprintf(stderr, "FOPEN: %s -> %s\n", pathname, str1); + pathname = str1; + } + } + if (root) { return(real_fopen(pathname, mode)); } @@ -1093,9 +1443,9 @@ FILE *fopen(const char *pathname, const char *mode) { str = (char *) pathname; if (strstr(pathname, "/var/log") == pathname) { str = tmpdir_path(pathname); - if (debug) fprintf(stderr, "FOPEN: -> %s\n", str); + if (debug) fprintf(stderr, "FOPEN: %s -> %s\n", pathname, str); } - + return(real_fopen(str, mode)); } @@ -1134,6 +1484,8 @@ int ioctl(int fd, int req, void *ptr) { RETURN0 } else if (req == KDGKBMODE) { RETURN0 + } else if (req == KDSKBMODE) { + RETURN0 } else if (req == VT_ACTIVATE) { RETURN0 } else if (req == VT_WAITACTIVE) { @@ -1181,7 +1533,7 @@ int close(int fd) { } if (debug) fprintf(stderr, "CLOSE: %d\n", fd); - if (! root) { + if (!root) { if (fd < 256) { devs[fd][0] = '\0'; } @@ -1221,11 +1573,6 @@ int stat64(const char *path, struct stat *buf) { return(real_stat64(path, buf)); } -/* - * Note: the following just call the real function if root is - * true. They will be used if -nonroot is ever figured out. - */ - int chown(const char *path, uid_t owner, gid_t group) { static int (*real_chown)(const char *, uid_t, gid_t) = NULL; @@ -1252,11 +1599,13 @@ int chown(const char *path, uid_t owner, gid_t group) { int ioperm(unsigned long from, unsigned long num, int turn_on) { static int (*real_ioperm)(unsigned long, unsigned long, int) = NULL; + CHECKIT if (! real_ioperm) { real_ioperm = (int (*)(unsigned long, unsigned long, int)) dlsym(RTLD_NEXT, "ioperm"); } + if (debug) fprintf(stderr, "IOPERM: %d %d %d\n", (int) from, (int) num, turn_on); if (root) { return(real_ioperm(from, num, turn_on)); } @@ -1265,16 +1614,25 @@ int ioperm(unsigned long from, unsigned long num, int turn_on) { int iopl(int level) { static int (*real_iopl)(int) = NULL; + CHECKIT if (! real_iopl) { real_iopl = (int (*)(int)) dlsym(RTLD_NEXT, "iopl"); } + if (debug) fprintf(stderr, "IOPL: %d\n", level); if (root) { return(real_iopl(level)); } return 0; } +#if 0 + +/* + * we got things to work w/o pretending to be root. + * so we no longer interpose getuid(), etc. + */ + uid_t getuid(void) { static uid_t (*real_getuid)(void) = NULL; CHECKIT @@ -1299,6 +1657,21 @@ uid_t geteuid(void) { if (debug) fprintf(stderr, "GETEUID: 0\n"); return 0; } +uid_t geteuid_kludge1(void) { + static uid_t (*real_geteuid)(void) = NULL; + CHECKIT + if (! real_geteuid) { + real_geteuid = (uid_t (*)(void)) dlsym(RTLD_NEXT, "geteuid"); + } + if (debug) fprintf(stderr, "GETEUID: 0 saw_libmodules=%d\n", saw_lib_modules); + if (root && !saw_lib_modules) { + return(real_geteuid()); + } else { + saw_lib_modules = 0; + return 0; + } +} + uid_t getuid32(void) { static uid_t (*real_getuid32)(void) = NULL; CHECKIT @@ -1372,15 +1745,10 @@ gid_t getegid32(void) { if (debug) fprintf(stderr, "GETEGID32: 0\n"); return 0; } - -#if 0 -int xf86PathIsSafe(char *path) { - fprintf(stderr, "xf86pathIsSafe: %s\n", path); - return 1; -} #endif #if 0 +/* maybe we need to interpose on strcmp someday... here is the template */ int strcmp(const char *s1, const char *s2) { static int (*real_strcmp)(const char *, const char *) = NULL; CHECKIT diff --git a/x11vnc/ssltools.h b/x11vnc/ssltools.h index 1be120f..98aa1ff 100644 --- a/x11vnc/ssltools.h +++ b/x11vnc/ssltools.h @@ -1537,6 +1537,9 @@ char create_display[] = " elif [ \"X$have_startkde\" != \"X\" -a \"X$FD_SESS\" = \"Xkde\" ]; then\n" " echo \"$have_startkde\"\n" " return\n" +" elif [ \"X$have_startlxde\" != \"X\" -a \"X$FD_SESS\" = \"Xlxde\" ]; then\n" +" echo \"$have_startlxde\"\n" +" return\n" " elif [ \"X$have_twm\" != \"X\" -a \"X$FD_SESS\" = \"Xtwm\" ]; then\n" " echo \"$have_twm\"\n" " return\n" @@ -1605,6 +1608,12 @@ char create_display[] = " return\n" " fi\n" " fi\n" +" if [ \"X$have_startlxde\" != \"X\" ]; then\n" +" if egrep -i 'Session=lxde' \"$home/.dmrc\" > /dev/null; then\n" +" echo \"$have_startlxde\"\n" +" return\n" +" fi\n" +" fi\n" " if [ \"X$have_gnome_session\" != \"X\" ]; then\n" " if egrep -i 'Session=gnome' \"$home/.dmrc\" > /dev/null; then\n" " echo \"$have_gnome_session\"\n" @@ -1990,19 +1999,6 @@ char create_display[] = " fi\n" "}\n" "\n" -"try_Xdummy() {\n" -" if [ \"X$have_Xdummy\" = \"X\" ]; then\n" -" return\n" -" fi\n" -" if [ \"X$FD_XDUMMY_NOROOT\" != \"X\" ]; then\n" -" :\n" -" elif [ \"X$have_root\" = \"X\" ]; then\n" -" return\n" -" fi\n" -"\n" -" server $have_Xdummy :$N -geometry $geom -depth $depth\n" -"}\n" -"\n" "try_Xvnc() {\n" " if [ \"X$have_Xvnc\" = \"X\" ]; then\n" " return\n" @@ -2019,6 +2015,57 @@ char create_display[] = " server $FD_XSRV :$N -geometry $geom -depth $depth\n" "}\n" "\n" +"add_modmap() {\n" +" if [ \"X$have_root\" = \"X\" ]; then\n" +" $have_nohup sh -c \"(\n" +" sleep 10;\n" +" $have_xmodmap -display :$N -e 'keycode any = Shift_R' \\\n" +" -e 'add Shift = Shift_L Shift_R' \\\n" +" -e 'keycode any = Control_R' \\\n" +" -e 'add Control = Control_L Control_R' \\\n" +" -e 'keycode any = Alt_L' \\\n" +" -e 'keycode any = Alt_R' \\\n" +" -e 'keycode any = Meta_L' \\\n" +" -e 'clear Mod1' \\\n" +" -e 'add Mod1 = Alt_L Alt_R Meta_L';\n" +" if uname | grep SunOS > /dev/null; then\n" +" for sym in SunAudioMute SunAudioLowerVolume SunAudioRaiseVolume\n" +" do\n" +" if $have_xmodmap -pk | grep -w \\$sym > /dev/null; then\n" +" :\n" +" else\n" +" $have_xmodmap -e \\\"keycode any = \\$sym\\\"\n" +" fi\n" +" done\n" +" fi\n" +"\n" +" )\" 1>&2 &\n" +" else\n" +" (\n" +" sleep 6;\n" +" $have_xmodmap -display :$N -e 'keycode any = Shift_R' \\\n" +" -e 'add Shift = Shift_L Shift_R' \\\n" +" -e 'keycode any = Control_R' \\\n" +" -e 'add Control = Control_L Control_R' \\\n" +" -e 'keycode any = Alt_L' \\\n" +" -e 'keycode any = Alt_R' \\\n" +" -e 'keycode any = Meta_L' \\\n" +" -e 'clear Mod1' \\\n" +" -e 'add Mod1 = Alt_L Alt_R Meta_L';\n" +" # this is to workaround a bug with JDS Solaris 10 gnome-session-daemon.\n" +" if uname | grep SunOS > /dev/null; then\n" +" for sym in SunAudioMute SunAudioLowerVolume SunAudioRaiseVolume\n" +" do\n" +" if $have_xmodmap -pk | grep -w $sym > /dev/null; then\n" +" :\n" +" else\n" +" $have_xmodmap -e \"keycode any = $sym\"\n" +" fi\n" +" done\n" +" fi\n" +" ) 1>&2 &\n" +" fi\n" +"}\n" "\n" "try_Xvfb() {\n" " if [ \"X$have_Xvfb\" = \"X\" ]; then\n" @@ -2045,58 +2092,27 @@ char create_display[] = " server $have_Xvfb :$N $sarg 0 ${geom}x${depth} $margs\n" "\n" " if [ \"X$result\" = \"X1\" -a \"X$have_xmodmap\" != \"X\" ]; then\n" -" if [ \"X$have_root\" = \"X\" ]; then\n" -" $have_nohup sh -c \"(\n" -" sleep 10;\n" -" $have_xmodmap -display :$N -e 'keycode any = Shift_R' \\\n" -" -e 'add Shift = Shift_L Shift_R' \\\n" -" -e 'keycode any = Control_R' \\\n" -" -e 'add Control = Control_L Control_R' \\\n" -" -e 'keycode any = Alt_L' \\\n" -" -e 'keycode any = Alt_R' \\\n" -" -e 'keycode any = Meta_L' \\\n" -" -e 'clear Mod1' \\\n" -" -e 'add Mod1 = Alt_L Alt_R Meta_L';\n" -" if uname | grep SunOS > /dev/null; then\n" -" for sym in SunAudioMute SunAudioLowerVolume SunAudioRaiseVolume\n" -" do\n" -" if $have_xmodmap -pk | grep -w \\$sym > /dev/null; then\n" -" :\n" -" else\n" -" $have_xmodmap -e \\\"keycode any = \\$sym\\\"\n" -" fi\n" -" done\n" -" fi\n" +" add_modmap\n" +" fi\n" +"}\n" "\n" -" )\" 1>&2 &\n" -" else\n" -" (\n" -" sleep 6;\n" -" $have_xmodmap -display :$N -e 'keycode any = Shift_R' \\\n" -" -e 'add Shift = Shift_L Shift_R' \\\n" -" -e 'keycode any = Control_R' \\\n" -" -e 'add Control = Control_L Control_R' \\\n" -" -e 'keycode any = Alt_L' \\\n" -" -e 'keycode any = Alt_R' \\\n" -" -e 'keycode any = Meta_L' \\\n" -" -e 'clear Mod1' \\\n" -" -e 'add Mod1 = Alt_L Alt_R Meta_L';\n" -" # this is to workaround a bug with JDS Solaris 10 gnome-session-daemon.\n" -" if uname | grep SunOS > /dev/null; then\n" -" for sym in SunAudioMute SunAudioLowerVolume SunAudioRaiseVolume\n" -" do\n" -" if $have_xmodmap -pk | grep -w $sym > /dev/null; then\n" -" :\n" -" else\n" -" $have_xmodmap -e \"keycode any = $sym\"\n" -" fi\n" -" done\n" -" fi\n" -" ) 1>&2 &\n" -" fi\n" +"try_Xdummy() {\n" +" if [ \"X$have_Xdummy\" = \"X\" ]; then\n" +" return\n" +" fi\n" +" if [ \"X$FD_XDUMMY_RUN_AS_ROOT\" != \"X\" -a \"X$have_root\" = \"X\" ]; then\n" +" return\n" +" fi\n" +"\n" +" server $have_Xdummy :$N -geometry $geom -depth $depth\n" +" \n" +" if [ \"X$result\" = \"X1\" -a \"X$have_xprop\" != \"X\" ]; then\n" +" (sleep 1; $have_xprop -display :$N -root -f X11VNC_TRAP_XRANDR 8s -set X11VNC_TRAP_XRANDR 1 >/dev/null 2>&1) &\n" +" sleep 1\n" " fi\n" "}\n" "\n" +"\n" "cookie() {\n" " cookie=\"\"\n" " if [ \"X$have_mcookie\" != \"X\" ]; then\n" @@ -2234,7 +2250,7 @@ char create_display[] = " USER=`whoami`\n" "fi\n" "\n" -"PATH=$PATH:/usr/X11R6/bin:/usr/bin/X11:/usr/openwin/bin:/usr/dt/bin:/opt/kde4/bin:/opt/kde3/bin:/opt/gnome/bin:/usr/bin:/bin:/usr/sfw/bin\n" +"PATH=$PATH:/usr/X11R6/bin:/usr/bin/X11:/usr/openwin/bin:/usr/dt/bin:/opt/kde4/bin:/opt/kde3/bin:/opt/gnome/bin:/usr/bin:/bin:/usr/sfw/bin:/usr/local/bin\n" "\n" "have_root=\"\"\n" "id0=`id`\n" @@ -2247,7 +2263,7 @@ char create_display[] = " p_ok=1\n" "fi\n" "\n" -"for prog in startx xinit xdm gdm kdm xterm Xdummy Xvfb Xvnc xauth xdpyinfo mcookie md5sum xmodmap startkde dbus-launch gnome-session blackbox fvwm2 mwm openbox twm windowmaker wmaker enlightenment metacity X Xorg XFree86 Xsun Xsession dtwm netstat nohup esddsp konsole gnome-terminal x-terminal-emulator perl startxfce4 startxfce\n" +"for prog in startx xinit xdm gdm kdm xterm Xdummy Xvfb Xvnc xauth xdpyinfo mcookie md5sum xmodmap startkde startlxde dbus-launch gnome-session blackbox fvwm2 mwm openbox twm windowmaker wmaker enlightenment metacity X Xorg XFree86 Xsun Xsession dtwm netstat nohup esddsp konsole gnome-terminal x-terminal-emulator perl startxfce4 startxfce xprop\n" "do\n" " p2=`echo \"$prog\" | sed -e 's/-/_/g'`\n" " eval \"have_$p2=''\"\n" diff --git a/x11vnc/unixpw.c b/x11vnc/unixpw.c index ef28ef2..3bedfcf 100644 --- a/x11vnc/unixpw.c +++ b/x11vnc/unixpw.c @@ -1272,8 +1272,11 @@ int su_verify(char *user, char *pass, char *cmd, char *rbuf, int *rbuf_size, int sprintf(luser, "%s's", user); lowercase(luser); + if (db) fprintf(stderr, "\nAIX luser compare: \"%s\" to \"%s\"\n", luser, instr); if (strstr(luser, instr) == luser) { + if (db) fprintf(stderr, "AIX luser compare: strstr OK.\n"); if (!strcmp(luser, instr)) { + if (db) fprintf(stderr, "AIX luser compare: strings equal.\n"); i = -1; j = 0; memset(instr, 0, sizeof(instr)); @@ -1286,6 +1289,7 @@ int su_verify(char *user, char *pass, char *cmd, char *rbuf, int *rbuf_size, int continue; } } else { + if (db) fprintf(stderr, "AIX luser compare: problem=1\n"); problem = 1; } free(luser); @@ -1297,7 +1301,6 @@ int su_verify(char *user, char *pass, char *cmd, char *rbuf, int *rbuf_size, int } if (problem) { - if (db) { fprintf(stderr, "\"Password:\" did not " "appear: '%s'" " n=%d\n", instr, n); @@ -1319,7 +1322,7 @@ int su_verify(char *user, char *pass, char *cmd, char *rbuf, int *rbuf_size, int return 0; } - if (db > 2) fprintf(stderr, "\nsending passwd: %s\n", pass); + if (db) fprintf(stderr, "\nsending passwd: %s\n", db > 2 ? pass : "****"); usleep(100 * 1000); if (slow_pw) { unsigned int k; @@ -1703,7 +1706,7 @@ void unixpw_keystroke(rfbBool down, rfbKeySym keysym, int init) { char h3[] = " scale=... (n/m); scale_cursor=... (sc=); solid (so); id=; repeat; clear_mods (cm); clear_keys (ck);"; char h4[] = " clear_all (ca); speeds=... (sp=); readtimeout=... (rd=) rotate=... (ro=); noncache (nc) (nc=n);"; char h5[] = " geom=WxHxD (ge=); nodisplay=... (nd=); viewonly (vo); tag=...; gnome kde twm fvwm mwm dtwm wmaker"; - char h6[] = " xfce enlightenment Xsession failsafe. Examples: fred:3/4,so,cm wilma:geom=1024x768x16,kde"; + char h6[] = " xfce lxde enlightenment Xsession failsafe. Examples: fred:3/4,so,cm wilma:geom=1024x768x16,kde"; int ch = 13, p; if (f1_help) { p = black_pixel(); diff --git a/x11vnc/user.c b/x11vnc/user.c index c459f34..1b1cfba 100644 --- a/x11vnc/user.c +++ b/x11vnc/user.c @@ -1988,6 +1988,8 @@ static char *build_create_cmd(char *cmd, int *saw_xdmcp, char *usslpeer, char *t sprintf(fdsess, "gnome"); } else if (strstr(t, "kde")) { sprintf(fdsess, "kde"); + } else if (strstr(t, "lxde")) { + sprintf(fdsess, "lxde"); } else if (strstr(t, "twm")) { sprintf(fdsess, "twm"); } else if (strstr(t, "fvwm")) { @@ -2120,8 +2122,8 @@ static char *build_create_cmd(char *cmd, int *saw_xdmcp, char *usslpeer, char *t if (fdtag[0] == '\0' && getenv("FD_TAG")) { snprintf(fdtag, 120, "%s", getenv("FD_TAG")); } - if (fdxdum[0] == '\0' && getenv("FD_XDUMMY_NOROOT")) { - snprintf(fdxdum, 120, "%s", getenv("FD_XDUMMY_NOROOT")); + if (fdxdum[0] == '\0' && getenv("FD_XDUMMY_RUN_AS_ROOT")) { + snprintf(fdxdum, 120, "%s", getenv("FD_XDUMMY_RUN_AS_ROOT")); } if (getenv("CREATE_DISPLAY_OUTPUT")) { snprintf(cdout, 120, "CREATE_DISPLAY_OUTPUT='%s'", getenv("CREATE_DISPLAY_OUTPUT")); @@ -2151,7 +2153,7 @@ static char *build_create_cmd(char *cmd, int *saw_xdmcp, char *usslpeer, char *t set_env("FD_NAS", fdnas); set_env("FD_SMB", fdsmb); set_env("FD_TAG", fdtag); - set_env("FD_XDUMMY_NOROOT", fdxdum); + set_env("FD_XDUMMY_RUN_AS_ROOT", fdxdum); set_env("FD_SESS", fdsess); if (usslpeer || (unixpw && keep_unixpw_user)) { @@ -2174,7 +2176,7 @@ static char *build_create_cmd(char *cmd, int *saw_xdmcp, char *usslpeer, char *t + strlen("FD_NAS='' ") + strlen("FD_SMB='' ") + strlen("FD_TAG='' ") - + strlen("FD_XDUMMY_NOROOT='' ") + + strlen("FD_XDUMMY_RUN_AS_ROOT='' ") + strlen("FD_SESS='' /bin/sh ") + strlen(uu) + 1 + strlen(fdgeom) + 1 @@ -2194,7 +2196,7 @@ static char *build_create_cmd(char *cmd, int *saw_xdmcp, char *usslpeer, char *t sprintf(create_cmd, "env USER='%s' FD_GEOM='%s' FD_SESS='%s' " "FD_OPTS='%s' FD_EXTRA='%s' FD_PROG='%s' FD_XSRV='%s' FD_CUPS='%s' " "FD_ESD='%s' FD_NAS='%s' FD_SMB='%s' FD_TAG='%s' " - "FD_XDUMMY_NOROOT='%s' %s /bin/sh %s %s", + "FD_XDUMMY_RUN_AS_ROOT='%s' %s /bin/sh %s %s", uu, fdgeom, fdsess, fdopts, fdextra, fdprog, fdxsrv, fdcups, fdesd, fdnas, fdsmb, fdtag, fdxdum, cdout, tmp, opts); } else { diff --git a/x11vnc/x11vnc.1 b/x11vnc/x11vnc.1 index 68c73c3..a1ac9bc 100644 --- a/x11vnc/x11vnc.1 +++ b/x11vnc/x11vnc.1 @@ -2,7 +2,7 @@ .TH X11VNC "1" "December 2009" "x11vnc " "User Commands" .SH NAME x11vnc - allow VNC connections to real X11 displays - version: 0.9.9, lastmod: 2009-12-21 + version: 0.9.10, lastmod: 2009-12-24 .SH SYNOPSIS .B x11vnc [OPTION]... @@ -1247,6 +1247,16 @@ As in \fB-create,\fR except Xvnc instead of Xvfb. .IP As in \fB-create,\fR except Xvnc.redirect instead of Xvfb. .PP +\fB-xdummy_xvfb\fR +.IP +Sets WAIT:cmd=FINDCREATEDISPLAY-Xdummy,Xvfb +.PP +\fB-create_x\fR \fIstr\fR +.IP +Sets WAIT:cmd=FINDCREATEDISPLAY-<str> Can be on cmdline +after anything that sets WAIT:.. and other things +(e.g. \fB-svc,\fR \fB-xdmsvc)\fR to adjust the X server list. +.PP \fB-svc\fR .IP Terminal services mode based on SSL access. Alias for @@ -1261,6 +1271,10 @@ As \fB-svc\fR except Xdummy instead of Xvfb. .IP As \fB-svc\fR except Xvnc instead of Xvfb. .PP +\fB-svc_xdummy_xvfb\fR +.IP +As \fB-svc\fR with Xdummy,Xvfb. +.PP \fB-xdmsvc\fR .IP Display manager Terminal services mode based on SSL. @@ -1444,11 +1458,13 @@ ge=). This only has an effect in FINDCREATEDISPLAY mode when a virtual X server such as Xvfb is going to be created. It sets the width and height of the new display, and optionally the color depth as -well. You can also supply "gnome", "kde", "twm", +well. +.IP +You can also supply "gnome", "kde", "twm", "fvwm", "mwm", "dtwm", "wmaker", "xfce", -"enlightenment", "Xsession", or "failsafe" -(same as "xterm") to have the created display use -that mode for the user session. +"lxde", "enlightenment", "Xsession", or +"failsafe" (same as "xterm") to have the created +display use that mode for the user session. .IP Specify "tag=..." to set the unique FD_TAG desktop session tag described below. Note: this option will @@ -1552,19 +1568,21 @@ By default FINDCREATEDISPLAY will try Xvfb and then Xdummy: .IP The Xdummy wrapper is part of the x11vnc source code -(x11vnc/misc/Xdummy) It should be available in PATH and -have run "Xdummy \fB-install"\fR once to create the shared -library. Xdummy requires root permission and only works -on Linux. (Note: specify FD_XDUMMY_NOROOT=1 to skip -a check for the root id; evidently your -.IR sudo (1) -will -take care of everything. The \fB-xdummy\fR and \fB-svc_xdummy\fR -options imply FD_XDUMMY_NOROOT=1). +(x11vnc/misc/Xdummy) It should be available in PATH +and have run "Xdummy \fB-install"\fR once to create the +shared library. Xdummy only works on Linux. As of +12/2009 it no longer needs to be run as root, and the +default is to not run as root. In some circumstances +permissions may require running it as root, in these +cases specify FD_XDUMMY_RUN_AS_ROOT=1, this is the same +as supplying \fB-root\fR to the Xdummy cmdline. .IP Xvfb is available on most platforms and does not require root. .IP +An advantage of Xdummy over Xvfb is that Xdummy supports +RANDR dynamic screen resizing. +.IP When x11vnc exits (i.e. user disconnects) the X server session stays running in the background. The FINDDISPLAY will find it directly next time. @@ -1629,13 +1647,11 @@ be the full path to the session/windowmanager program. More FD tricks: FD_CUPS=port or FD_CUPS=host:port will set the cups printing environment. Similarly for FD_ESD=port or FD_ESD=host:port for esddsp sound -redirection. FD_XDUMMY_NOROOT means the Xdummy -server does not need to be started as root (e.g. it -will sudo automatically). Set FD_EXTRA to a command -to be run a few seconds after the X server starts up. -Set FD_TAG to be a unique name for the session, it is -set as an X property, that makes FINDDISPLAY only find -sessions with that tag value. +redirection. Set FD_EXTRA to a command to be run a +few seconds after the X server starts up. Set FD_TAG +to be a unique name for the session, it is set as an +X property, that makes FINDDISPLAY only find sessions +with that tag value. .IP If you want the FINDCREATEDISPLAY session to contact an XDMCP login manager (xdm/gdm/kdm) on the same machine, diff --git a/x11vnc/x11vnc.c b/x11vnc/x11vnc.c index d6429e3..28db622 100644 --- a/x11vnc/x11vnc.c +++ b/x11vnc/x11vnc.c @@ -2221,10 +2221,20 @@ int main(int argc, char* argv[]) { use_dpy = strdup("WAIT:cmd=FINDCREATEDISPLAY-Xvfb"); continue; } + if (!strcmp(arg, "-create_x")) { + CHECK_ARGC + use_dpy = (char *) malloc(strlen(argv[i+1])+100); + sprintf(use_dpy, "WAIT:cmd=FINDCREATEDISPLAY-%s", argv[++i]); + continue; + } if (!strcmp(arg, "-xdummy")) { use_dpy = strdup("WAIT:cmd=FINDCREATEDISPLAY-Xdummy"); continue; } + if (!strcmp(arg, "-xdummy_xvfb")) { + use_dpy = strdup("WAIT:cmd=FINDCREATEDISPLAY-Xdummy,Xvfb"); + continue; + } if (!strcmp(arg, "-xvnc")) { use_dpy = strdup("WAIT:cmd=FINDCREATEDISPLAY-Xvnc"); continue; @@ -2557,7 +2567,14 @@ int main(int argc, char* argv[]) { users_list = strdup("unixpw="); use_openssl = 1; openssl_pem = strdup("SAVE"); - set_env("FD_XDUMMY_NOROOT", "1"); + continue; + } + if (!strcmp(arg, "-svc_xdummy_xvfb")) { + use_dpy = strdup("WAIT:cmd=FINDCREATEDISPLAY-Xdummy,Xvfb"); + unixpw = 1; + users_list = strdup("unixpw="); + use_openssl = 1; + openssl_pem = strdup("SAVE"); continue; } if (!strcmp(arg, "-svc_xvnc")) { @@ -4924,6 +4941,15 @@ int main(int argc, char* argv[]) { } else if (use_dpy && strstr(use_dpy, "WAIT:") == use_dpy) { char *mcm = multiple_cursors_mode; + if (strstr(use_dpy, "Xdummy")) { + if (!xrandr && !got_noxrandr) { + if (! quiet) { + rfbLog("Enabling -xrandr for possible use of Xdummy server.\n"); + } + xrandr = 1; + } + } + waited_for_client = wait_for_client(&argc_vnc, argv_vnc, try_http && ! got_httpdir); @@ -4933,6 +4959,7 @@ int main(int argc, char* argv[]) { } } + if (auth_file) { check_guess_auth_file(); if (auth_file != NULL) { @@ -4990,6 +5017,16 @@ int main(int argc, char* argv[]) { exit(0); } + if (dpy && !xrandr && !got_noxrandr) { + Atom trap_xrandr = XInternAtom(dpy, "X11VNC_TRAP_XRANDR", True); + if (trap_xrandr != None) { + if (! quiet) { + rfbLog("Enabling -xrandr due to X11VNC_TRAP_XRANDR atom.\n"); + } + xrandr = 1; + } + } + #ifdef MACOSX if (! dpy && ! raw_fb_str) { raw_fb_str = strdup("console"); diff --git a/x11vnc/x11vnc_defs.c b/x11vnc/x11vnc_defs.c index 351fea7..d2a0ae3 100644 --- a/x11vnc/x11vnc_defs.c +++ b/x11vnc/x11vnc_defs.c @@ -47,7 +47,7 @@ int xtrap_base_event_type = 0; int xdamage_base_event_type = 0; /* date +'lastmod: %Y-%m-%d' */ -char lastmod[] = "0.9.9 lastmod: 2009-12-21"; +char lastmod[] = "0.9.10 lastmod: 2009-12-24"; /* X display info */ |