Page tree
Skip to end of metadata
Go to start of metadata



Synopsis


The Dialogic Gate Control Element Management System (GCEMS) can be accessed remotely using the Virtual Network Computing (VNC) application.

By default Redhat will install with VNC (vncserver) not running as it is a potential security risk.

A single instance of vncserver can be started by logging in as the excelsw user and running the following command:
 

vncserver :1



This will start a single instance of vncserver as screen 1 (port 5901) and will prompt the user for a password, which in this case would be the password for the excelsw user.

To stop the vncserver process, log in as the excelsw user and use the command:
 

vncserver –kill :1



Limitations of this method of running VNC:

Unless you run and configure multiple 'screens', only one user can log in at a time.


How to configure VNC to allow multiple users and different screen resolutions or color depths
:

This article describes a method that allows multiple users to log in at a time using xinetd to run a new VNC instance whenever a connection is detected. 

Different ports can be configured to give the user a different screen resolution or colour depth.

This allows multiple agents to log in through the same port and will give each a ‘fresh’ session. The agents can log in using the same username and password.

Solution


xinetd must be installed as this is the tool we will use to monitor for external calls.


Check if xinetd  is installed with the command:
 

whereis xinetd



It should say that xinetd is installed in /usr/sbin/ or some similar directory.

The main configuration file for Xinetd is /etc/xinetd.conf. If we open this, we should check if there is a line like "only_from = localhost"  that we should either comment out (with a #) or remove completely to allow access from outside. 

It is also possible to modify this line with a space delimited list of hosts that we want to allow to access this machine.

An example xinetd.conf file looks like this:

defaults
{
        instances               = 60
        log_type                = SYSLOG authpriv
        log_on_success          = HOST PID
        log_on_failure          = HOST
        cps                     = 25 30
}

includedir /etc/xinetd.d



The next step is to tell xinetd which ports it should be monitoring and which service it maps to. We achieve this by adding entries to the /etc/services file. 

The following example adds 15 services on consecutive tcp ports. These service instances are mapped to real VNC configurations in the next step.

The service name corresponds to the resolution and colour depth of the VNC instance which will run when you connect to the specified port.  This allows us to choose the resolution/colour depth we want to run on a connection by connection basis:
 

vnc-640x480x8 5950/tcp
vnc-800x600x8 5951/tcp
vnc-1024x768x8 5952/tcp
vnc-1280x1024x8 5953/tcp
vnc-1600x1200x8 5954/tcp

vnc-640x480x16 5960/tcp
vnc-800x600x16 5961/tcp
vnc-1024x768x16 5962/tcp
vnc-1280x1024x16 5963/tcp
vnc-1600x1200x16 5964/tcp

vnc-640x480x24 5970/tcp
vnc-800x600x24 5971/tcp
vnc-1024x768x24 5972/tcp
vnc-1280x1024x24 5973/tcp
vnc-1600x1200x24 5974/tcp



Create (or edit) the /etc/xinetd.d/vncserver file. In fact, the filename does not matter as xinetd will simply load all files in /etc/xinetd.d  but it makes sense to have the filename match what is contained inside. Each of the individual sections in this file is a mapping of service name from /etc/services to what is actually run when a connection is made. Make sure that there are no line breaks on the long "server_args" line. 

This file will look like this to match the above /etc/services entries:
 

service vnc-640x480x8
{
          protocol = tcp
          socket_type = stream
          wait = no
          user = nobody
          server = /usr/bin/Xvnc
          server_args = -inetd -query localhost -once -geometry 640x480 -depth 8 -SecurityTypes=None
}

service vnc-800x600x8
{
          protocol = tcp
          socket_type = stream
          wait = no
          user = nobody
          server = /usr/bin/Xvnc
          server_args = -inetd -query localhost -once -geometry 800x600 -depth 8 -SecurityTypes=None
}

service vnc-1024x768x8
{
          protocol = tcp
          socket_type = stream
          wait = no
          user = nobody
          server = /usr/bin/Xvnc
          server_args = -inetd -query localhost -once -geometry 1024x768 -depth 8 -SecurityTypes=None
}

service vnc-1280x1024x8
{
          protocol = tcp
          socket_type = stream
          wait = no
          user = nobody
          server = /usr/bin/Xvnc
          server_args = -inetd -query localhost -once -geometry 1280x1024 -depth 8 -SecurityTypes=None
}

service vnc-1600x1200x8
{
          protocol = tcp
          socket_type = stream
          wait = no
          user = nobody
          server = /usr/bin/Xvnc
          server_args = -inetd -query localhost -once -geometry 1600x1200 -depth 8 -SecurityTypes=None
}

service vnc-640x480x16
{
          protocol = tcp
          socket_type = stream
          wait = no
          user = nobody
          server = /usr/bin/Xvnc
          server_args = -inetd -query localhost -once -geometry 640x480 -depth 16
}

service vnc-800x600x16
{
          protocol = tcp
          socket_type = stream
          wait = no
          user = nobody
          server = /usr/bin/Xvnc
          server_args = -inetd -query localhost -once -geometry 800x600 -depth 16 -SecurityTypes=None
}

service vnc-1024x768x16
{
          protocol = tcp
          socket_type = stream
          wait = no
          user = nobody
          server = /usr/bin/Xvnc
          server_args = -inetd -query localhost -once -geometry 1024x768 -depth 16 -SecurityTypes=None
}

service vnc-1280x1024x16
{
          protocol = tcp
          socket_type = stream
          wait = no
          user = nobody
          wait = no
          user = nobody
          server = /usr/bin/Xvnc
          server_args = -inetd -query localhost -once -geometry 1280x1024 -depth 16 -SecurityTypes=None
}

service vnc-1600x1200x16
{
          protocol = tcp
          socket_type = stream
          wait = no
          user = nobody
          server = /usr/bin/Xvnc
          server_args = -inetd -query localhost -once -geometry 1600x1200 -depth 16 -SecurityTypes=None
}

service vnc-640x480x24
{
          protocol = tcp
          socket_type = stream
          wait = no
          user = nobody
          server = /usr/bin/Xvnc
          server_args = -inetd -query localhost -once -geometry 640x480 -depth 24 -SecurityTypes=None
}

service vnc-800x600x24
{
          protocol = tcp
          socket_type = stream
          wait = no
          user = nobody
          server = /usr/bin/Xvnc
          server_args = -inetd -query localhost -once -geometry 800x600 -depth 24 -SecurityTypes=None
}

service vnc-1024x768x24
{
          protocol = tcp
          socket_type = stream
          wait = no
          user = nobody
          server = /usr/bin/Xvnc
          server_args = -inetd -query localhost -once -geometry 1024x768 -depth 24 -SecurityTypes=None
}

service vnc-1280x1024x24
{
          protocol = tcp
          socket_type = stream
          wait = no
          user = nobody
          server = /usr/bin/Xvnc
          server_args = -inetd -query localhost -once -geometry 1280x1024 -depth 24 -SecurityTypes=None
}

service vnc-1600x1200x24
{
          protocol = tcp
          socket_type = stream
          wait = no
          user = nobody
          server = /usr/bin/Xvnc
          server_args = -inetd -query localhost -once -geometry 1600x1200 -depth 24 -SecurityTypes=None
}



Assuming you are using the default "Gnome" windows manager, edit /etc/X11/gdm/gdm.conf to uncomment the following line:
 

[xdmcp]
# Add or alter the following line
Enable=True



Finally, make sure that the xinetd service starts automatically on bootup and restart it:
 

chkconfig xinetd on
service xinetd restart



You should now be able to point your VNC client at the IP address of the server with one of the port numbers configured above and get a normal "Gnome" login screen.

Product List


Dialogic GateControl Element Management System (GCEMS) server running Redhat Linux ES 4

  • No labels