x11vnc -users, fix -solid on gnome/kde, configure.ac pwd.h wait.h and utmpx.h

ChangeLog

@@ -1,3 +1,7 @@
+2005-02-09  Karl Runge <runge@karlrunge.com>
+	* x11vnc: -users, fix -solid on gnome and kde.
+	* configure.ac: add pwd.h, wait.h, and utmpx.h checks.
+
 2005-02-06  Karl Runge <runge@karlrunge.com>
 	* configure.ac: add /usr/sfw on Solaris when XFIXES, add
 	  --with-jpeg=DIR --with-zlib=DIR, workaround bug when

configure.ac

@@ -213,7 +213,7 @@ AC_SUBST(WSOCKLIB)
 
 # Checks for header files.
 AC_HEADER_STDC
-AC_CHECK_HEADERS([arpa/inet.h fcntl.h netdb.h netinet/in.h stdlib.h string.h sys/socket.h sys/time.h sys/timeb.h syslog.h unistd.h])
+AC_CHECK_HEADERS([arpa/inet.h fcntl.h netdb.h netinet/in.h stdlib.h string.h sys/socket.h sys/time.h sys/timeb.h syslog.h unistd.h pwd.h sys/wait.h utmpx.h])
 
 # Checks for typedefs, structures, and compiler characteristics.
 AC_C_CONST
@@ -234,7 +234,7 @@ AC_FUNC_VPRINTF
 AC_FUNC_FORK
 AC_CHECK_LIB(nsl,gethostbyname)
 AC_CHECK_LIB(socket,socket)
-AC_CHECK_FUNCS([ftime gethostbyname gethostname gettimeofday inet_ntoa memmove memset mkfifo select socket strchr strcspn strdup strerror strstr setsid])
+AC_CHECK_FUNCS([ftime gethostbyname gethostname gettimeofday inet_ntoa memmove memset mkfifo select socket strchr strcspn strdup strerror strstr setsid getpwuid getpwnam getuid geteuid setuid waitpid setutxent])
 
 # check, if shmget is in cygipc.a
 AC_CHECK_LIB(cygipc,shmget)

x11vnc/ChangeLog

@@ -1,3 +1,8 @@
+2005-02-09  Karl Runge <runge@karlrunge.com>
+	* Add -users switch user mechanism and related utilities.
+	* fix -solid for gnome and kde.
+	* exit earlier on trapped XIO errors.
+
 2005-02-05  Karl Runge <runge@karlrunge.com>
 	* -solid solid color background when clients are connected. 
 	* -opts/-? to show option names only.

x11vnc/README

@@ -1,5 +1,5 @@
 
-x11vnc README file                         Date: Sat Feb  5 12:56:36 EST 2005
+x11vnc README file                         Date: Wed Feb  9 00:21:28 EST 2005
 
 The following information is taken from these URLs:
 
@@ -354,16 +354,34 @@ vncviewer -via $host localhost:0      # must be TightVNC vncviewer.
    TightVNC encoding gives very good compression and performance, it even
    makes a noticeable difference over a fast LAN)
 
+   Shortcut: On Solaris 10 you can pick up everything just by insuring
+   that your PATH has /usr/sfw/bin (for gcc) and /usr/ccs/bin (for other
+   build tools), e.g.:
+
+  env PATH=/usr/sfw/bin:/usr/ccs/bin:$PATH sh -c './configure; make'
+
    libjpeg is included in Solaris 9 and later (/usr/sfw/include and
    /usr/sfw/lib), and zlib in Solaris 8 and later (/usr/include and
-   /usr/lib). To get the source for these libraries: libjpeg is available
-   at [36]ftp://ftp.uu.net/graphics/jpeg/ and zlib at
+   /usr/lib).
+
+   So on Solaris 9 you can pick up everything with something like this:
+  env PATH=/usr/local/bin:/usr/ccs/bin:$PATH CPPFLAGS='-I /usr/sfw/include' LDF
+LAGS='-L/usr/sfw/lib -R/usr/sfw/lib' sh -c './configure; make'
+
+   assuming your gcc is in /usr/local/bin. That is getting pretty long,
+   see those assignments split up in the build script below.
+
+   If your system does not have these libraries you can get the source
+   for these libraries to build them: libjpeg is available at
+   [36]ftp://ftp.uu.net/graphics/jpeg/ and zlib at
    [37]http://www.gzip.org/zlib/. See also
    [38]http://www.sunfreeware.com/ for Solaris binary packages of these
-   libraries.
+   libraries as well as for gcc. Normally they will install into
+   /usr/local.
 
    Here is a build script that indicates one way to pass the library
-   locations information to the libvncserver configuration:
+   locations information to the libvncserver configuration via the
+   CPPFLAGS and LDFLAGS environmental variables:
 #!/bin/sh
 
 # Build script for Solaris, etc, with gcc, libjpeg and libz in
@@ -511,11 +529,12 @@ ls -l ./x11vnc/x11vnc
 
    SunRay Gotcha #1:   Note that even though your SunRay X11 DISPLAY is
    something like :137, x11vnc still tries for port 5900 as its listening
-   if it can get it, in which case the VNC display (i.e. the information
-   you supply to the VNC viewer) is something like sunray-server:0
-   (note the :0 corresponding to port 5900, it is not :137). If it cannot
-   get 5900, it tries for 5901, and so on. You can also try to force the
-   port (and thereby the VNC display) using the -rfbport NNNN option.
+   port if it can get it, in which case the VNC display (i.e. the
+   information you supply to the VNC viewer) is something like
+   sunray-server:0   (note the :0 corresponding to port 5900, it is not
+   :137). If it cannot get 5900, it tries for 5901, and so on. You can
+   also try to force the port (and thereby the VNC display) using the
+   -rfbport NNNN option.
 
     Limitations:
 
@@ -530,8 +549,8 @@ ls -l ./x11vnc/x11vnc
      * A rate limiting factor for x11vnc performance is that video
        hardware is optimized for writing, not reading (x11vnc reads the
        video framebuffer for the screen image data). The difference can
-       be a factor of 10-50, and it usually takes about 0.5-1 sec to read
-       in the whole video hardware framebuffer (5MB for 1280x1024 at
+       be a factor of 10-200, and it usually takes about 0.5-1 sec to
+       read in the whole video hardware framebuffer (5MB for 1280x1024 at
        depth 24). So whenever activity changes most of the screen there
        is a delay of 0.5-1 sec while x11vnc reads the changed regions in.
        To get a sense of the read and write speeds of your video card,
@@ -540,7 +559,7 @@ ls -l ./x11vnc/x11vnc
        direct graphics access the dga command (press "b" to run the
        benchmark and then after a few seconds press "q" to quit).
        On XFree86 it is actually possible to increase the framebuffer
-       read speed considerably (5-50 times) by using the Shadow
+       read speed considerably (5-100 times) by using the Shadow
        Framebuffer (a copy of the framebuffer is kept in main memory and
        this can be read much more quickly). To do this one puts the line
        Option "ShadowFB" "true" (and depending on video card driver,

x11vnc/tkx11vnc

@@ -1660,6 +1660,7 @@ proc split_query {query} {
 proc set_x11_display {name} {
 	global x11_display
 	set x11_display "x11vnc X display: $name"
+	wm title . "tkx11vnc - $name"
 }
 proc set_vnc_display {name} {
 	global vnc_display
@@ -1671,6 +1672,7 @@ proc set_vnc_url {name} {
 }
 proc no_x11_display {} {
 	set_x11_display "(*none*)"
+	wm title . "tkx11vnc"
 }
 proc no_vnc_display {} {
 	set_vnc_display "(*none*)"
@@ -2391,6 +2393,7 @@ proc start_x11vnc {} {
 
 proc run_remote_cmd {opts} {
 	global menu_var x11vnc_prog x11vnc_cmdline x11vnc_xdisplay
+	global x11vnc_auth_file
 
 	set debug [in_debug_mode]
 
@@ -2413,6 +2416,10 @@ proc run_remote_cmd {opts} {
 		lappend cmd "-display"
 		lappend cmd $x11vnc_xdisplay
 	}
+	if {$x11vnc_auth_file != ""} {
+		lappend cmd "-auth"
+		lappend cmd $x11vnc_auth_file
+	}
 	lappend cmd "-sync"
 	foreach word $opts {
 		lappend cmd $word
@@ -2501,6 +2508,7 @@ proc try_connect {} {
 # main:
 
 global env x11vnc_prog x11vnc_cmdline x11vnc_xdisplay x11vnc_connect;
+global x11vnc_auth_file
 global helpall helptext helpremote helplabel hostname;
 global all_settings reply_xdisplay always_update
 global max_text_height max_text_width
@@ -2585,6 +2593,13 @@ if {[info exists env(X11VNC_XDISPLAY)]} {
 	set x11vnc_xdisplay ":0";
 }
 
+if {[info exists env(X11VNC_AUTH_FILE)]} {
+	set x11vnc_auth_file $env(X11VNC_AUTH_FILE)
+} else {
+	set x11vnc_auth_file ""
+}
+
+
 set hostname [exec uname -n]
 #puts [exec env]
 #puts "x11vnc_xdisplay: $x11vnc_xdisplay"

x11vnc/tkx11vnc.h

@@ -1666,6 +1666,7 @@
 "proc set_x11_display {name} {\n"
 "	global x11_display\n"
 "	set x11_display \"x11vnc X display: $name\"\n"
+"	wm title . \"tkx11vnc - $name\"\n"
 "}\n"
 "proc set_vnc_display {name} {\n"
 "	global vnc_display\n"
@@ -1677,6 +1678,7 @@
 "}\n"
 "proc no_x11_display {} {\n"
 "	set_x11_display \"(*none*)\"\n"
+"	wm title . \"tkx11vnc\"\n"
 "}\n"
 "proc no_vnc_display {} {\n"
 "	set_vnc_display \"(*none*)\"\n"
@@ -2397,6 +2399,7 @@
 "\n"
 "proc run_remote_cmd {opts} {\n"
 "	global menu_var x11vnc_prog x11vnc_cmdline x11vnc_xdisplay\n"
+"	global x11vnc_auth_file\n"
 "\n"
 "	set debug [in_debug_mode]\n"
 "\n"
@@ -2419,6 +2422,10 @@
 "		lappend cmd \"-display\"\n"
 "		lappend cmd $x11vnc_xdisplay\n"
 "	}\n"
+"	if {$x11vnc_auth_file != \"\"} {\n"
+"		lappend cmd \"-auth\"\n"
+"		lappend cmd $x11vnc_auth_file\n"
+"	}\n"
 "	lappend cmd \"-sync\"\n"
 "	foreach word $opts {\n"
 "		lappend cmd $word\n"
@@ -2507,6 +2514,7 @@
 "# main:\n"
 "\n"
 "global env x11vnc_prog x11vnc_cmdline x11vnc_xdisplay x11vnc_connect;\n"
+"global x11vnc_auth_file\n"
 "global helpall helptext helpremote helplabel hostname;\n"
 "global all_settings reply_xdisplay always_update\n"
 "global max_text_height max_text_width\n"
@@ -2591,6 +2599,13 @@
 "	set x11vnc_xdisplay \":0\";\n"
 "}\n"
 "\n"
+"if {[info exists env(X11VNC_AUTH_FILE)]} {\n"
+"	set x11vnc_auth_file $env(X11VNC_AUTH_FILE)\n"
+"} else {\n"
+"	set x11vnc_auth_file \"\"\n"
+"}\n"
+"\n"
+"\n"
 "set hostname [exec uname -n]\n"
 "#puts [exec env]\n"
 "#puts \"x11vnc_xdisplay: $x11vnc_xdisplay\"\n"

x11vnc/x11vnc.1

@@ -2,7 +2,7 @@
 .TH X11VNC "1" "February 2005" "x11vnc " "User Commands"
 .SH NAME
 x11vnc - allow VNC connections to real X11 displays
-         version: 0.7.1pre, lastmod: 2005-02-05
+         version: 0.7.1pre, lastmod: 2005-02-08
 .SH SYNOPSIS
 .B x11vnc
 [OPTION]...
@@ -58,11 +58,11 @@ environment variable to \fIdisp\fR.
 .IP
 Set the X authority file to be \fIfile\fR, equivalent to
 setting the XAUTHORITY environment variable to \fIfile\fR
-before startup.  See 
+before startup.  Same as \fB-xauth\fR file.  See 
 .IR Xsecurity (7)
-, 
+,
 .IR xauth (1)
-man pages.
+man pages for more info.
 .PP
 \fB-id\fR \fIwindowid\fR
 .IP
@@ -210,10 +210,17 @@ Note: if you are not redirecting stderr to a log file
 For use with "vncviewer -listen" reverse connections.
 If \fIstring\fR has the form "host" or "host:port"
 the connection is made once at startup.  Use commas
-for a list of host's and host:port's.  If \fIstring\fR
-contains "/" it is instead interpreted as a file to
-periodically check for new hosts.  The first line is
-read and then the file is truncated.
+for a list of host's and host:port's.
+.IP
+If \fIstring\fR contains "/" it is instead interpreted
+as a file to periodically check for new hosts.
+The first line is read and then the file is truncated.
+Be careful for this usage mode if x11vnc is running as
+root (e.g. via 
+.IR inetd (1)
+or 
+.IR gdm (1)
+).
 .PP
 \fB-vncconnect,\fR \fB-novncconnect\fR
 .IP
@@ -277,6 +284,17 @@ external command returns 0 the client is accepted,
 otherwise the client is rejected.  See below for an
 extension to accept a client view-only.
 .IP
+If x11vnc is running as root (say from 
+.IR inetd (1)
+or from
+display managers 
+.IR xdm (1)
+, 
+.IR gdm (1)
+, etc), think about the
+security implications carefully before supplying this
+option (likewise for the \fB-gone\fR option).
+.IP
 Environment: The RFB_CLIENT_IP environment variable will
 be set to the incoming client IP number and the port
 in RFB_CLIENT_PORT (or -1 if unavailable).  Similarly,
@@ -332,6 +350,61 @@ set to "gone" and the other RFB_* variables are as
 in \fB-accept.\fR  Unlike \fB-accept,\fR the command return code
 is not interpreted by x11vnc.  Example: \fB-gone\fR 'xlock &'
 .PP
+\fB-users\fR \fIlist\fR
+.IP
+If x11vnc is started as root (say from 
+.IR inetd (1)
+or
+from display managers 
+.IR xdm (1)
+, 
+.IR gdm (1)
+, etc), then as
+soon as possible after connections to the display are
+established try to switch to one of the users in the
+comma separated \fIlist\fR.  If x11vnc is not running as
+root this option is ignored.
+.IP
+Why use this option?  In general it is not needed
+since x11vnc is already connected to the display and
+can perform its primary functions.  It was added to
+make some of the *external* utility commands x11vnc
+occasionally runs work properly.  In particular under
+GNOME and KDE to implement the "\fB-solid\fR \fIcolor\fR" feature
+external commands (gconftool-2 and dcop) must be run as
+the user owning the desktop session.  This option also
+affects the userid used to run the processes for the
+\fB-accept\fR and \fB-gone\fR options.  It also affects the ability
+to read files for options such as \fB-connect,\fR \fB-allow,\fR and
+\fB-remap.\fR Note that the \fB-connect\fR file is also written to.
+.IP
+So be careful with this option since in many situations
+its use can decrease security.
+.IP
+The switch to a user will only take place if the display
+can still be opened as that user (this is primarily to
+try to guess the actual owner of the session). Example:
+"\fB-users\fR \fIfred,wilma,betty\fR".  Note that a malicious
+user "barney" by quickly using "xhost +" when
+logging in can get x11vnc to switch to user "fred".
+What happens next?
+.IP
+Under display managers it may be a long time before
+the switch succeeds (i.e. a user logs in).  To make
+it switch immediately regardless if the display can
+be reopened or not prefix the username with the +
+character. E.g. "\fB-users\fR \fI+bob\fR" or "\fB-users\fR \fI+nobody\fR".
+The latter is probably the only use of this option
+that increases security.  To switch to a user *before*
+connections to the display are made or any files opened
+use the "=" character: "\fB-users\fR \fI=username\fR".
+.IP
+The special user "guess" means to examine the utmpx
+database looking for a user attached to the display
+number and try him/her.  To limit the list of guesses,
+use: "\fB-users\fR \fIguess=bob,fred\fR".  Be especially careful
+using this mode.
+.PP
 \fB-noshm\fR
 .IP
 Do not use the MIT-SHM extension for the polling.
@@ -357,15 +430,22 @@ To improve performance, when VNC clients are connected
 try to change the desktop background to a solid color.
 The [color] is optional: the default color is "cyan4".
 For a different one specify the X color (rgb.txt name,
-e.g. "darkblue" or numerical "#RRGGBB"). Currently
-this option only works on GNOME, KDE, and classic X
-(i.e. with the background image on the root window).
-The "gconftool-2" and "dcop" external commands are
-run for GNOME and KDE respectively.  Other desktops
-won't work, e.g. XFCE (send us the corresponding
-commands if you find them).  If x11vnc guesses your
-desktop incorrectly, you can force it by prefixing
-color with "gnome:", "kde:", or "root:".
+e.g. "darkblue" or numerical "#RRGGBB").
+.IP
+Currently this option only works on GNOME, KDE, and
+classic X (i.e. with the background image on the root
+window).  The "gconftool-2" and "dcop" external
+commands are run for GNOME and KDE respectively.
+Other desktops won't work, e.g. XFCE (send us the
+corresponding commands if you find them).  If x11vnc
+is running as root (
+.IR inetd (1)
+or 
+.IR gdm (1)
+), the \fB-users\fR
+option may be needed for GNOME and KDE.  If x11vnc
+guesses your desktop incorrectly, you can force it by
+prefixing color with "gnome:", "kde:", or "root:".
 .PP
 \fB-blackout\fR \fIstring\fR
 .IP
@@ -930,8 +1010,7 @@ the gui to come back to you via your ssh redirected X
 display (e.g. localhost:10).
 .IP
 Examples: "x11vnc \fB-gui",\fR "x11vnc \fB-gui\fR localhost:10",
-"x11vnc \fB-gui\fR :10", "x11vnc \fB-gui\fR wait,:10",
-"x11vnc \fB-gui\fR <x11vnc-opts...>"
+"x11vnc \fB-gui\fR :10", "x11vnc \fB-gui\fR conn,host:10",
 .IP
 If you do not specify a gui X display in "gui-opts"
 then the DISPLAY environment variable and \fB-display\fR
@@ -1361,7 +1440,7 @@ noalwaysshared nevershared noalwaysshared dontdisconnect
 nodontdisconnect desktop noremote
 .IP
 aro=  display vncdisplay desktopname http_url auth
-rootshift scale_str scaled_x scaled_y scale_numer
+users rootshift scale_str scaled_x scaled_y scale_numer
 scale_denom scale_fac scaling_noblend scaling_nomult4
 scaling_pad scaling_interpolate inetd safer unsafe
 passwdfile using_shm logfile o rc norc h help V version