Github messages for voidlinux
 help / color / mirror / Atom feed
* [PR PATCH] tigervnc: update to 1.13.1, add service directory
@ 2023-07-29  6:11 zmudc
  2023-07-29 16:21 ` [PR REVIEW] " classabbyamp
                   ` (41 more replies)
  0 siblings, 42 replies; 43+ messages in thread
From: zmudc @ 2023-07-29  6:11 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 1560 bytes --]

There is a new pull request by zmudc against master on the void-packages repository

https://github.com/zmudc/void-packages tigervnc-update
https://github.com/void-linux/void-packages/pull/45307

tigervnc: update to 1.13.1, add service directory
In addition to updating to the latest version, this commit also fixes multiple issues with this package:

- Upstream only provides a systemd service, but Void needs a runit service
- Upstream presumes a system with SELinux and systemd, but Void does not have SELinux and uses elogind, not systemd
- Upstream requires an Xsession script that is not always present on Void systems
- Upstream only provides a forking and detaching vncsession daemon which is not very compatible with runit

This PR addresses all of the above issues by adding the necessary tweaks for Void:

- Void-compatible PAM configuration for systems without SELinux and elogind instead of systemd
- a fallback Xsession wrapper script
- define conf_files that should not be overwritten on upgrades
- add a README.voidlinux file
- patch vncsession.c to prevent it from forking

The patch to vncsession.c hopefully will be accepted upstream to fix upstream issue: https://github.com/TigerVNC/tigervnc/issues/1649

<!-- Uncomment relevant sections and delete options which are not applicable -->

#### Testing the changes
- I tested the changes in this PR: **YES** Tested on x86_64-musl, also built for x86_64, checked xlint which passed

A patch file from https://github.com/void-linux/void-packages/pull/45307.patch is attached

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-tigervnc-update-45307.patch --]
[-- Type: text/x-diff, Size: 10204 bytes --]

From d9875909c081f05871aee625388cfb133fa62369 Mon Sep 17 00:00:00 2001
From: Chuck Zmudzinski <brchuckz@aol.com>
Date: Sat, 29 Jul 2023 01:39:01 -0400
Subject: [PATCH] tigervnc: update to 1.13.1, add service directory

Also add necessary customizations:
    - Void-compatible PAM configuration
    - fallback Xsession wrapper script
    - define conf_files
    - README.voidlinux file
    - patch vncsession.c to prevent it from forking

The patch to vncsession.c hopefully will be accepted upstream to fix
upstream issue #1649: https://github.com/TigerVNC/tigervnc/issues/1649

Signed-off-by: Chuck Zmudzinski <brchuckz@aol.com>
---
 srcpkgs/tigervnc/files/README.voidlinux       | 56 +++++++++++++
 srcpkgs/tigervnc/files/vncserver-1/log/run    |  5 ++
 srcpkgs/tigervnc/files/vncserver-1/run        | 28 +++++++
 .../tigervnc/patches/vncsession-no-fork.patch | 82 +++++++++++++++++++
 srcpkgs/tigervnc/template                     | 24 +++++-
 5 files changed, 193 insertions(+), 2 deletions(-)
 create mode 100644 srcpkgs/tigervnc/files/README.voidlinux
 create mode 100755 srcpkgs/tigervnc/files/vncserver-1/log/run
 create mode 100644 srcpkgs/tigervnc/files/vncserver-1/run
 create mode 100644 srcpkgs/tigervnc/patches/vncsession-no-fork.patch

diff --git a/srcpkgs/tigervnc/files/README.voidlinux b/srcpkgs/tigervnc/files/README.voidlinux
new file mode 100644
index 0000000000000..e0610b315b2b1
--- /dev/null
+++ b/srcpkgs/tigervnc/files/README.voidlinux
@@ -0,0 +1,56 @@
+The system service /etc/sv/vncserver-1 runs a TigerVNC server on DISPLAY :1
+
+A. Quick start
+
+1. Map a user to display :1 in /etc/tigervnc/vncserver.users
+2. Configure session, geometry, security, etc. - see man pages for details
+3. Enable the service: $ sudo ln -s /etc/sv/vncserver-1 /var/service
+
+B: Creating more services
+
+The administrator can create services for other displays. For example:
+
+$ sudo mkdir -p /etc/sv/vncserver-2/log
+$ sudo ln -s /etc/sv/vncserver-1/run /etc/sv/vncserver-2/run
+$ sudo ln -s /etc/sv/vncserver-1/log/run /etc/sv/vncserver-2/log/run
+
+creates a system service on display :2.
+
+C: Enabling a service
+
+$ sudo ln -s /etc/sv/vncserver-1 /var/service
+
+Do not enable a service for a display before that display is mapped
+to a user in /etc/tigervnc/vncserver.users.
+
+D. Security warning
+
+Please read the comments in the /etc/sv/vncserver-1/run script which reproduces
+the security warning and a workaround that upstream provides in its systemd unit
+file. This warning and workaround is moved to the run script because Void does
+not use systemd units.
+
+E: The Xsession wrapper script
+
+The upstream TigerVNC server requires a system-wide Xsession wrapper script at
+/etc/X11/xinit/Xsession or /etc/X11/Xsession, but not all Void systems have
+such a file.
+
+So the tigervnc package provides a minimal Xsession wrapper script
+in /etc/tigervnc/Xsession-fallback. It is only used if neither
+/etc/X11/xinit/Xsession nor /etc/X11/Xsession exists. Currently, this
+is the Xsession script provided by the lightdm display manager package.
+
+This way, if there is an Xsession wrapper script where upstream
+TigerVNC expects it to be, that script will be used instead of
+the minimal wrapper provided by the Void tigervnc package.
+
+As an alternative to the minimal Xsession wrapper script, one
+can use any other suitable Xsession script. For example, do:
+
+$ sudo ln -s /etc/lxdm/Xsession /etc/X11/xinit/Xsession
+
+and the TigerVNC server will use the lxdm Xsession script instead.
+
+The administrator can also write any suitable Xsession script for
+custom needs and install it under /etc/X11/xinit or /etc/X11.
diff --git a/srcpkgs/tigervnc/files/vncserver-1/log/run b/srcpkgs/tigervnc/files/vncserver-1/log/run
new file mode 100755
index 0000000000000..51bf2146434f8
--- /dev/null
+++ b/srcpkgs/tigervnc/files/vncserver-1/log/run
@@ -0,0 +1,5 @@
+#!/bin/sh
+PARENT_DIR=$(cd .. && echo $PWD)
+# Display number
+i=${PARENT_DIR##*-}
+exec vlogger -t vncserver-$i -p daemon
diff --git a/srcpkgs/tigervnc/files/vncserver-1/run b/srcpkgs/tigervnc/files/vncserver-1/run
new file mode 100644
index 0000000000000..28224ffb7e9c6
--- /dev/null
+++ b/srcpkgs/tigervnc/files/vncserver-1/run
@@ -0,0 +1,28 @@
+#!/bin/sh
+#
+# DO NOT RUN THIS SERVICE if your local area network is
+# untrusted!  For a secure way of using VNC, you should
+# limit connections to the local host and then tunnel from
+# the machine you want to view VNC on (host A) to the machine
+# whose VNC output you want to view (host B)
+#
+# [user@hostA ~]$ ssh -v -C -L 590N:localhost:590M hostB
+#
+# this will open a connection on port 590N of your hostA to hostB's port 590M
+# (in fact, it ssh-connects to hostB and then connects to localhost (on hostB).
+# See the ssh man page for details on port forwarding)
+#
+# You can then point a VNC client on hostA at vncdisplay N of localhost and with
+# the help of ssh, you end up seeing what hostB makes available on port 590M
+#
+# Use "nolisten=tcp" to prevent X connections to your VNC server via TCP.
+#
+# Use "localhost" to prevent remote VNC clients connecting except when
+# doing so through a secure tunnel.  See the "-via" option in the
+# 'man vncviewer' manual page.
+#
+sv check dbus >/dev/null || exit 1
+# Display number
+i=${PWD##*-}
+exec 2>&1
+exec /usr/libexec/vncsession-start ":$i"
diff --git a/srcpkgs/tigervnc/patches/vncsession-no-fork.patch b/srcpkgs/tigervnc/patches/vncsession-no-fork.patch
new file mode 100644
index 0000000000000..d54c4b24ed70e
--- /dev/null
+++ b/srcpkgs/tigervnc/patches/vncsession-no-fork.patch
@@ -0,0 +1,82 @@
+Add option to run as a non-forking daemon
+
+See upstream issue: https://github.com/TigerVNC/tigervnc/issues/1649
+
+--- a/unix/vncserver/vncsession.c	2021-11-09 02:51:28.000000000 -0500
++++ b/unix/vncserver/vncsession.c	2023-07-27 17:43:26.711000000 -0400
+@@ -506,14 +506,23 @@
+ 
+     const char *username, *display;
+ 
+-    if ((argc != 3) || (argv[2][0] != ':')) {
++    int forking = 1;
++    if (argc == 4) {
++        if ((getopt(argc, argv, "D") == 'D') && (argv[3][0] == ':'))
++            forking = 0;
++        else {
++            fprintf(stderr, "Syntax:\n");
++            fprintf(stderr, "    %s [-D] <username> <display>\n", argv[0]);
++            return EX_USAGE;
++        }
++    } else if ((argc != 3) || (argv[2][0] != ':')) {
+         fprintf(stderr, "Syntax:\n");
+-        fprintf(stderr, "    %s <username> <display>\n", argv[0]);
++        fprintf(stderr, "    %s [-D] <username> <display>\n", argv[0]);
+         return EX_USAGE;
+     }
+ 
+-    username = argv[1];
+-    display = argv[2];
++    username = argv[argc - 2];
++    display = argv[argc - 1];
+ 
+     if (geteuid() != 0) {
+         fprintf(stderr, "This program needs to be run as root!\n");
+@@ -529,8 +538,10 @@
+         return EX_OSERR;
+     }
+ 
+-    if (begin_daemon() == -1)
+-        return EX_OSERR;
++    if (forking) {
++        if (begin_daemon() == -1)
++            return EX_OSERR;
++    }
+ 
+     openlog("vncsession", LOG_PID, LOG_AUTH);
+ 
+@@ -581,7 +592,8 @@
+         fclose(f);
+     }
+ 
+-    finish_daemon();
++    if (forking)
++        finish_daemon();
+ 
+     while (1) {
+         int status;
+--- a/unix/vncserver/vncsession.man.in	2023-07-27 22:03:56.095000000 -0400
++++ b/unix/vncserver/vncsession.man.in	2023-07-27 22:11:53.605000000 -0400
+@@ -3,6 +3,7 @@
+ vncsession \- start a VNC server
+ .SH SYNOPSIS
+ .B vncsession
++.RI [-D]
+ .RI < username >
+ .RI <: display# >
+ .SH DESCRIPTION
+@@ -16,6 +17,14 @@
+ is rarely called directly and is normally started by the system service
+ manager.
+ 
++.SH -D OPTION
++.B vncsession
++by default forks and detaches so it normally is a systemd Type=forking service.
++If the -D option is used, it does not fork and detach. This option is provided
++for use with other types of systemd services such as Type=simple and Type=exec
++and for use with non-systemd system service managers that are not compatible
++with Type=forking services.
++
+ .SH FILES
+ Several VNC-related files are found in the directory $HOME/.vnc:
+ .TP
diff --git a/srcpkgs/tigervnc/template b/srcpkgs/tigervnc/template
index a4eb2bab648f1..ea0763c503df8 100644
--- a/srcpkgs/tigervnc/template
+++ b/srcpkgs/tigervnc/template
@@ -1,6 +1,6 @@
 # Template file for 'tigervnc'
 pkgname=tigervnc
-version=1.12.0
+version=1.13.1
 revision=1
 _xorg_version=1.20.0
 create_wrksrc=yes
@@ -16,10 +16,14 @@ license="GPL-2.0-or-later"
 homepage="https://www.tigervnc.org"
 distfiles="https://github.com/TigerVNC/tigervnc/archive/v${version}.tar.gz
  ${XORG_SITE}/xserver/xorg-server-${_xorg_version}.tar.bz2"
-checksum="9ff3f3948f2a4e8cc06ee598ee4b1096beb62094c13e0b1462bff78587bed789
+checksum="b7c5b8ed9e4e2c2f48c7b2c9f21927db345e542243b4be88e066b2daa3d1ae25
  9d967d185f05709274ee0c4f861a4672463986e550ca05725ce27974f550d3e6"
 conflicts="turbovnc>=0"
 skip_extraction="xorg-server-${_xorg_version}.tar.gz"
+conf_files="
+	/etc/tigervnc/vncserver-config-defaults
+	/etc/tigervnc/vncserver-config-mandatory
+	/etc/tigervnc/vncserver.users"
 
 post_extract() {
 	mv tigervnc-${version}/* .
@@ -33,6 +37,16 @@ post_patch() {
 	patch -p1 <../xserver${_xorg_version}.patch
 	# glvnd changed versioning
 	vsed -i configure.ac -e '/LIBGL/s/[79]\..\.0/1.2/'
+	# Essential Void customizations
+	cd ../vncserver
+	# Void-compatible PAM configuration
+	vsed -i tigervnc.pam -e "s/systemd/elogind/; /pam_selinux/s/required/optional/"
+	# Provide a fallback Xsession wrapper
+	vsed -i vncserver.in -e s.sion\"\).sion\",\"/etc/tigervnc/Xsession-fallback\"\).
+	# Fix whitespace
+	vsed -i vncserver.in -e "s/\",\"/\", \"/g"
+	# Use the -D option of vncsession to prevent it from forking / detaching
+	vsed -i vncsession-start.in -e "s/vncsession\"/vncsession\" -D/"
 }
 
 post_configure() {
@@ -58,6 +72,12 @@ post_build() {
 }
 
 post_install() {
+	# More Void customizations
+	cd ${FILESDIR}/../..
+	vinstall lightdm/files/xsession 755 etc/tigervnc Xsession-fallback
+	# runit unit for display 1
+	vsv vncserver-1
+	vdoc "${FILESDIR}/README.voidlinux"
 	cd ${wrksrc}/unix/xserver/hw/vnc
 	make TIGERVNC_BUILDDIR=${wrksrc}/build DESTDIR=${DESTDIR} install
 }

^ permalink raw reply	[flat|nested] 43+ messages in thread

end of thread, other threads:[~2023-08-17 20:02 UTC | newest]

Thread overview: 43+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-07-29  6:11 [PR PATCH] tigervnc: update to 1.13.1, add service directory zmudc
2023-07-29 16:21 ` [PR REVIEW] " classabbyamp
2023-07-29 16:21 ` classabbyamp
2023-07-29 16:21 ` classabbyamp
2023-07-29 16:21 ` classabbyamp
2023-07-29 16:21 ` classabbyamp
2023-07-29 16:21 ` classabbyamp
2023-07-29 16:21 ` classabbyamp
2023-07-29 16:21 ` classabbyamp
2023-07-29 16:46 ` zmudc
2023-07-29 16:56 ` zmudc
2023-07-29 16:59 ` zmudc
2023-07-29 17:01 ` zmudc
2023-07-29 17:09 ` [PR REVIEW] " zmudc
2023-07-29 17:15 ` zmudc
2023-07-29 17:17 ` zmudc
2023-07-29 17:20 ` zmudc
2023-07-30 19:27 ` [PR PATCH] [Updated] " zmudc
2023-07-30 19:57 ` zmudc
2023-07-30 22:39 ` zmudc
2023-07-30 22:48 ` zmudc
2023-07-30 22:48 ` zmudc
2023-07-30 23:31 ` [PR REVIEW] " zmudc
2023-07-30 23:32 ` zmudc
2023-07-30 23:33 ` zmudc
2023-07-30 23:34 ` zmudc
2023-07-30 23:39 ` zmudc
2023-07-30 23:46 ` zmudc
2023-07-31  2:05 ` zmudc
2023-07-31  2:38 ` [PR PATCH] [Updated] " zmudc
2023-07-31  2:49 ` zmudc
2023-07-31  3:43 ` [PR PATCH] [Updated] " zmudc
2023-08-01  0:07 ` zmudc
2023-08-01  0:10 ` zmudc
2023-08-07 15:16 ` zmudc
2023-08-11  2:48 ` zmudc
2023-08-11  2:56 ` zmudc
2023-08-17 19:33 ` [PR PATCH] [Updated] " zmudc
2023-08-17 19:46 ` ahesford
2023-08-17 19:56 ` [PR PATCH] [Updated] " zmudc
2023-08-17 20:00 ` zmudc
2023-08-17 20:00 ` [PR PATCH] [Closed]: " zmudc
2023-08-17 20:02 ` zmudc

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).