diff options
| author | root <root@rshg054.dnsready.net> | 2012-11-05 01:22:33 -0800 |
|---|---|---|
| committer | root <root@rshg054.dnsready.net> | 2012-11-05 01:22:33 -0800 |
| commit | c973e7aa43bb6c3bb4e25503eea40ddee63fcefd (patch) | |
| tree | e85abee1aa1274c3d6a6f317c1a7f9df28e483f4 /community/tigervnc/vncserver.service | |
| parent | 2030e810a5cfd4d3ff6e0f8930560c96f2990eb2 (diff) | |
Mon Nov 5 01:19:20 PST 2012
Diffstat (limited to 'community/tigervnc/vncserver.service')
| -rw-r--r-- | community/tigervnc/vncserver.service | 42 |
1 files changed, 13 insertions, 29 deletions
diff --git a/community/tigervnc/vncserver.service b/community/tigervnc/vncserver.service index 85f77b9a0..a5bb02ade 100644 --- a/community/tigervnc/vncserver.service +++ b/community/tigervnc/vncserver.service @@ -1,33 +1,17 @@ # The vncserver service unit file # -# Quick HowTo: # 1. Copy this file to /etc/systemd/system/vncserver@:<display>.service -# 2. Edit <USER> and vncserver parameters appropriately -# ("su <USER> -c /usr/bin/vncserver %i -arg1 -arg2") -# 3. Run `systemctl daemon-reload` -# 4. Run `systemctl enable vncserver@:<display>.service` +# 2. Edit User= +# ("User=foo") +# 3. Edit and vncserver parameters appropriately +# ("/usr/bin/vncserver %i -arg1 -arg2 -argn") +# 4. Run `systemctl --system daemon-reload` +# 5. Run `systemctl enable vncserver@:<display>.service` # -# DO NOT RUN THIS SERVICE if your local area network is -# untrusted! For a secure way of using VNC, you should -# limit connections to the local host and then tunnel from -# the machine you want to view VNC on (host A) to the machine -# whose VNC output you want to view (host B) +# DO NOT RUN THIS SERVICE if your local area network is untrusted! # -# [user@hostA ~]$ ssh -v -C -L 590N:localhost:590M hostB -# -# this will open a connection on port 590N of your hostA to hostB's port 590M -# (in fact, it ssh-connects to hostB and then connects to localhost (on hostB). -# See the ssh man page for details on port forwarding) -# -# You can then point a VNC client on hostA at vncdisplay N of localhost and with -# the help of ssh, you end up seeing what hostB makes available on port 590M -# -# Use "-nolisten tcp" to prevent X connections to your VNC server via TCP. -# -# Use "-localhost" to prevent remote VNC clients connecting except when -# doing so through a secure tunnel. See the "-via" option in the -# `man vncviewer' manual page. - +# See the wiki page for more on security +# https://wiki.archlinux.org/index.php/Vncserver [Unit] Description=Remote desktop service (VNC) @@ -35,10 +19,10 @@ After=syslog.target network.target [Service] Type=forking -# Clean any existing files in /tmp/.X11-unix environment -ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || true' -ExecStart=/bin/su <USER> -c "/usr/bin/vncserver %i" -ExecStop=/bin/su <USER> -c "/usr/bin/vncserver -kill %i" +User= + +ExecStart=/usr/bin/vncserver %i +ExecStop=/usr/bin/vncserver -kill %i [Install] WantedBy=multi-user.target |