Introduction to Linux System Administrator (II)

Author Li Wanpeng
 
Previous Article: Introduction to Linux System Administrator (1)
 
 
VNC server Construction
Red Hat Enterprise Linux Server 6.2
 
 
1. Install VNC
 
 
1. First mount the ISO image to a directory:
Sudo mount-t iso9660 RHEL6.2-20111117.0-Server-x86_64-DVD1.iso/mnt
 
2. Copy the following RHEL6.2-20111117.0-Server-x86_64-DVD1/Packeges packages:
Gtk-vnc-0.3.10-3.el6.i686.rpm
Libvncserver-0.9.7-4.el6.x86_64.rpm
Tigervnc-1.0.90-0.17.20110314svn4359.el6.x86_64.rpm
Tigervnc-server-1.0.90-0.17.20110314svn4359.el6.x86_64.rpm
Xorg-x11-fonts-misc-7.2-9.1.el6.noarch.rpm
 
3. Because each package in the image on the server cannot be installed, a message such as failure is prompted. Therefore, first place the package locally and then upload the package to the server:
Scp tigervnc-1.0.90-0.17.20110314svn4359.el6.x86_64.rpm:/root/
 
4. Run the command rpm to install each package.
Rpm-ivh xxxx
 
5. rpm-qa | grep vnc
 
 
[Root @ chinaltcdragon ~] # Rpm-qa | grep vnc
Tigervnc-server-1.0.90-0.17.20110314svn4359.el6.x86_64
Gtk-vnc-python-0.3.10-3.el6.x86_64
Tigervnc-1.0.90-0.17.20110314svn4359.el6.x86_64
Gtk-vnc-0.3.10-3.el6.x86_64
Libvncserver-0.9.7-4.el6.x86_64
 
 
You can see that vnc has been successfully installed.
 
 
 
 
Ii. VNC Configuration
 
 
 
 
1. Configure the/etc/sysconfig/vncserver file and add it at the bottom:
 
VNCSERVERS = "1: root"
VNCSERVERARGS [1] = "-geometry 1400x1000"
 
 
The 1400*1000 is the size of the window you see through vncviewer.
 
 
 
 
2. Configure the. vnc/xstartup file in the current user directory:
 
For gnome desktop, add:
 
Gnome-session &
 
Remove startkde & a line
 
If it is kde desktop, the opposite is true.
 
 
3. configure the firewall to enable the port used by vnc desktop. The firewall is enabled by default, So enter it on the terminal;
 
Vncviewer 9.186.9.18: 1
 
It cannot be logged on. It is shown as follows:
 
Hacker @ hacker :~ $ Vncviewer 9.186.9.18: 1
Vncviewer: ConnectToTcpAddr: connect: No route to host
Unable to connect to VNC server
 
If the firewall is completely disabled:
 
[Root @ chinaltcdragon ~] #/Etc/rc. d/init. d/iptables stop
Iptables: clear firewall rules: [OK]
Iptables: Set the chain to policy ACCEPT: filter [OK]
Iptables: uninstalling module: [OK]
 
You can use vncviewer for normal access. Of course, it is not safe to completely disable the firewall. Here, you can re-enable the firewall and only open the port used by vnc desktop:
 
[Root @ chinaltcdragon ~] #/Etc/rc. d/init. d/iptables start
Iptables: Application Firewall Rules: [OK]
 
 
[Root @ chinaltcdragon ~] # Iptables-I INPUT-p tcp -- dport 5901-j ACCEPT
 
 
Now you can use vncviewer for normal access.
 
Relationship between the port number used by the VNC service and the desktop Number:
 
The port number used by the VNC service is related to the desktop number. The VNC uses the TCP port starting from 5900. The corresponding relationship is as follows:
 
Desktop number is "1" --- port number is 5901
 
Desktop number is "2" --- port number is 5902
 
Desktop number is "3" --- port number is 5903
 
 
 
 
4. manually start and disable vncserver:
 
Start:
 
[Root @ chinaltcdragon ~] # Vncserver: 1
New 'chinaltcdragon .cn.ibm.com: 1 (root) 'desktop is chinaltcdragon.cn.ibm.com: 1
Starting applications specified in/root/. vnc/xstartup
Log file is/root/. vnc/chinaltcdragon.cn.ibm.com: 1.log
[Root @ chinaltcdragon ~] # Ps-e | grep vnc
31681 pts/1 00:00:00 Xvnc
31687 pts/1 00:00:00 vncconfig
 
 
Close:
 
[Root @ chinaltcdragon ~] # Ps-e | grep vnc
4887? 00:01:14 Xvnc
4893? 00:00:00 vncconfig <defunct>
[Root @ chinaltcdragon ~] # Vncserver-kill: 1
Killing Xvnc process ID 4887.
[Root @ chinaltcdragon ~] # Ps-e | grep vnc
 
 
 
 
 
4. self-starting vncserver
 
Runlevel:
 
#0-stop (never set initdefault to 0)
#1-single-user mode
#2-multiple users without NFS
#3-full multi-user mode (Standard Operation Level)
#4-useless
#5-X11 (xwindow)
#6-Restart
 
 
Here we will start the vncserver service on runlevel 3 and 5, and use chkconfig (used to update (start or stop) and query system running level information ):
 
[Root @ chinaltcdragon ~] # Ls-l/etc/rc *. d/* vncserver
Lrwxrwxrwx. 1 root 19 aug 17 12:57/etc/rc0.d/K35vncserver->.../init. d/vncserver
Lrwxrwxrwx. 1 root 19 aug 17 12:57/etc/rc1.d/K35vncserver->.../init. d/vncserver
Lrwxrwxrwx. 1 root 19 aug 17 12:57/etc/rc2.d/K35vncserver->.../init. d/vncserver
Lrwxrwxrwx. 1 root 19 aug 17 12:57/etc/rc3.d/K35vncserver->.../init. d/vncserver
Lrwxrwxrwx. 1 root 19 aug 17 12:57/etc/rc4.d/K35vncserver->.../init. d/vncserver
Lrwxrwxrwx. 1 root 19 aug 17 12:57/etc/rc5.d/K35vncserver->.../init. d/vncserver
Lrwxrwxrwx. 1 root 19 aug 17 12:57/etc/rc6.d/K35vncserver->.../init. d/vncserver
[Root @ chinaltcdragon ~] # Chkconfig -- level 35 vncserver on
[Root @ chinaltcdragon ~] # Ls-l/etc/rc *. d/* vncserver
Lrwxrwxrwx. 1 root 19 aug 17 09:24/etc/rc0.d/K35vncserver->.../init. d/vncserver
Lrwxrwxrwx. 1 root 19 aug 17 09:24/etc/rc1.d/K35vncserver->.../init. d/vncserver
Lrwxrwxrwx. 1 root 19 aug 17 09:24/etc/rc2.d/K35vncserver->.../init. d/vncserver
Lrwxrwxrwx. 1 root 19 aug 17 09:24/etc/rc3.d/S91vncserver->.../init. d/vncserver
Lrwxrwxrwx. 1 root 19 aug 17 09:24/etc/rc4.d/K35vncserver->.../init. d/vncserver
Lrwxrwxrwx. 1 root 19 aug 17 09:24/etc/rc5.d/S91vncserver->.../init. d/vncserver
Lrwxrwxrwx. 1 root 19 aug 17 09:24/etc/rc6.d/K35vncserver->.../init. d/vncserver
 
 
6. automatically open the port upon startup
 
Add the following content to the/etc/sysconfig/iptables file:
 
-A RH-Firewall-1-INPUT-m state -- state NEW-m tcp-p tcp -- dport 5901-j ACCEPT
 
Service iptables restart takes effect
 
 
 
 
The effect is as follows: