|
|
|
@ -2,7 +2,7 @@
|
|
|
|
|
.TH X11VNC "1" "February 2005" "x11vnc " "User Commands"
|
|
|
|
|
.SH NAME
|
|
|
|
|
x11vnc - allow VNC connections to real X11 displays
|
|
|
|
|
version: 0.7.1pre, lastmod: 2005-02-05
|
|
|
|
|
version: 0.7.1pre, lastmod: 2005-02-08
|
|
|
|
|
.SH SYNOPSIS
|
|
|
|
|
.B x11vnc
|
|
|
|
|
[OPTION]...
|
|
|
|
@ -58,11 +58,11 @@ environment variable to \fIdisp\fR.
|
|
|
|
|
.IP
|
|
|
|
|
Set the X authority file to be \fIfile\fR, equivalent to
|
|
|
|
|
setting the XAUTHORITY environment variable to \fIfile\fR
|
|
|
|
|
before startup. See
|
|
|
|
|
before startup. Same as \fB-xauth\fR file. See
|
|
|
|
|
.IR Xsecurity (7)
|
|
|
|
|
,
|
|
|
|
|
,
|
|
|
|
|
.IR xauth (1)
|
|
|
|
|
man pages.
|
|
|
|
|
man pages for more info.
|
|
|
|
|
.PP
|
|
|
|
|
\fB-id\fR \fIwindowid\fR
|
|
|
|
|
.IP
|
|
|
|
@ -210,10 +210,17 @@ Note: if you are not redirecting stderr to a log file
|
|
|
|
|
For use with "vncviewer -listen" reverse connections.
|
|
|
|
|
If \fIstring\fR has the form "host" or "host:port"
|
|
|
|
|
the connection is made once at startup. Use commas
|
|
|
|
|
for a list of host's and host:port's. If \fIstring\fR
|
|
|
|
|
contains "/" it is instead interpreted as a file to
|
|
|
|
|
periodically check for new hosts. The first line is
|
|
|
|
|
read and then the file is truncated.
|
|
|
|
|
for a list of host's and host:port's.
|
|
|
|
|
.IP
|
|
|
|
|
If \fIstring\fR contains "/" it is instead interpreted
|
|
|
|
|
as a file to periodically check for new hosts.
|
|
|
|
|
The first line is read and then the file is truncated.
|
|
|
|
|
Be careful for this usage mode if x11vnc is running as
|
|
|
|
|
root (e.g. via
|
|
|
|
|
.IR inetd (1)
|
|
|
|
|
or
|
|
|
|
|
.IR gdm (1)
|
|
|
|
|
).
|
|
|
|
|
.PP
|
|
|
|
|
\fB-vncconnect,\fR \fB-novncconnect\fR
|
|
|
|
|
.IP
|
|
|
|
@ -277,6 +284,17 @@ external command returns 0 the client is accepted,
|
|
|
|
|
otherwise the client is rejected. See below for an
|
|
|
|
|
extension to accept a client view-only.
|
|
|
|
|
.IP
|
|
|
|
|
If x11vnc is running as root (say from
|
|
|
|
|
.IR inetd (1)
|
|
|
|
|
or from
|
|
|
|
|
display managers
|
|
|
|
|
.IR xdm (1)
|
|
|
|
|
,
|
|
|
|
|
.IR gdm (1)
|
|
|
|
|
, etc), think about the
|
|
|
|
|
security implications carefully before supplying this
|
|
|
|
|
option (likewise for the \fB-gone\fR option).
|
|
|
|
|
.IP
|
|
|
|
|
Environment: The RFB_CLIENT_IP environment variable will
|
|
|
|
|
be set to the incoming client IP number and the port
|
|
|
|
|
in RFB_CLIENT_PORT (or -1 if unavailable). Similarly,
|
|
|
|
@ -332,6 +350,61 @@ set to "gone" and the other RFB_* variables are as
|
|
|
|
|
in \fB-accept.\fR Unlike \fB-accept,\fR the command return code
|
|
|
|
|
is not interpreted by x11vnc. Example: \fB-gone\fR 'xlock &'
|
|
|
|
|
.PP
|
|
|
|
|
\fB-users\fR \fIlist\fR
|
|
|
|
|
.IP
|
|
|
|
|
If x11vnc is started as root (say from
|
|
|
|
|
.IR inetd (1)
|
|
|
|
|
or
|
|
|
|
|
from display managers
|
|
|
|
|
.IR xdm (1)
|
|
|
|
|
,
|
|
|
|
|
.IR gdm (1)
|
|
|
|
|
, etc), then as
|
|
|
|
|
soon as possible after connections to the display are
|
|
|
|
|
established try to switch to one of the users in the
|
|
|
|
|
comma separated \fIlist\fR. If x11vnc is not running as
|
|
|
|
|
root this option is ignored.
|
|
|
|
|
.IP
|
|
|
|
|
Why use this option? In general it is not needed
|
|
|
|
|
since x11vnc is already connected to the display and
|
|
|
|
|
can perform its primary functions. It was added to
|
|
|
|
|
make some of the *external* utility commands x11vnc
|
|
|
|
|
occasionally runs work properly. In particular under
|
|
|
|
|
GNOME and KDE to implement the "\fB-solid\fR \fIcolor\fR" feature
|
|
|
|
|
external commands (gconftool-2 and dcop) must be run as
|
|
|
|
|
the user owning the desktop session. This option also
|
|
|
|
|
affects the userid used to run the processes for the
|
|
|
|
|
\fB-accept\fR and \fB-gone\fR options. It also affects the ability
|
|
|
|
|
to read files for options such as \fB-connect,\fR \fB-allow,\fR and
|
|
|
|
|
\fB-remap.\fR Note that the \fB-connect\fR file is also written to.
|
|
|
|
|
.IP
|
|
|
|
|
So be careful with this option since in many situations
|
|
|
|
|
its use can decrease security.
|
|
|
|
|
.IP
|
|
|
|
|
The switch to a user will only take place if the display
|
|
|
|
|
can still be opened as that user (this is primarily to
|
|
|
|
|
try to guess the actual owner of the session). Example:
|
|
|
|
|
"\fB-users\fR \fIfred,wilma,betty\fR". Note that a malicious
|
|
|
|
|
user "barney" by quickly using "xhost +" when
|
|
|
|
|
logging in can get x11vnc to switch to user "fred".
|
|
|
|
|
What happens next?
|
|
|
|
|
.IP
|
|
|
|
|
Under display managers it may be a long time before
|
|
|
|
|
the switch succeeds (i.e. a user logs in). To make
|
|
|
|
|
it switch immediately regardless if the display can
|
|
|
|
|
be reopened or not prefix the username with the +
|
|
|
|
|
character. E.g. "\fB-users\fR \fI+bob\fR" or "\fB-users\fR \fI+nobody\fR".
|
|
|
|
|
The latter is probably the only use of this option
|
|
|
|
|
that increases security. To switch to a user *before*
|
|
|
|
|
connections to the display are made or any files opened
|
|
|
|
|
use the "=" character: "\fB-users\fR \fI=username\fR".
|
|
|
|
|
.IP
|
|
|
|
|
The special user "guess" means to examine the utmpx
|
|
|
|
|
database looking for a user attached to the display
|
|
|
|
|
number and try him/her. To limit the list of guesses,
|
|
|
|
|
use: "\fB-users\fR \fIguess=bob,fred\fR". Be especially careful
|
|
|
|
|
using this mode.
|
|
|
|
|
.PP
|
|
|
|
|
\fB-noshm\fR
|
|
|
|
|
.IP
|
|
|
|
|
Do not use the MIT-SHM extension for the polling.
|
|
|
|
@ -357,15 +430,22 @@ To improve performance, when VNC clients are connected
|
|
|
|
|
try to change the desktop background to a solid color.
|
|
|
|
|
The [color] is optional: the default color is "cyan4".
|
|
|
|
|
For a different one specify the X color (rgb.txt name,
|
|
|
|
|
e.g. "darkblue" or numerical "#RRGGBB"). Currently
|
|
|
|
|
this option only works on GNOME, KDE, and classic X
|
|
|
|
|
(i.e. with the background image on the root window).
|
|
|
|
|
The "gconftool-2" and "dcop" external commands are
|
|
|
|
|
run for GNOME and KDE respectively. Other desktops
|
|
|
|
|
won't work, e.g. XFCE (send us the corresponding
|
|
|
|
|
commands if you find them). If x11vnc guesses your
|
|
|
|
|
desktop incorrectly, you can force it by prefixing
|
|
|
|
|
color with "gnome:", "kde:", or "root:".
|
|
|
|
|
e.g. "darkblue" or numerical "#RRGGBB").
|
|
|
|
|
.IP
|
|
|
|
|
Currently this option only works on GNOME, KDE, and
|
|
|
|
|
classic X (i.e. with the background image on the root
|
|
|
|
|
window). The "gconftool-2" and "dcop" external
|
|
|
|
|
commands are run for GNOME and KDE respectively.
|
|
|
|
|
Other desktops won't work, e.g. XFCE (send us the
|
|
|
|
|
corresponding commands if you find them). If x11vnc
|
|
|
|
|
is running as root (
|
|
|
|
|
.IR inetd (1)
|
|
|
|
|
or
|
|
|
|
|
.IR gdm (1)
|
|
|
|
|
), the \fB-users\fR
|
|
|
|
|
option may be needed for GNOME and KDE. If x11vnc
|
|
|
|
|
guesses your desktop incorrectly, you can force it by
|
|
|
|
|
prefixing color with "gnome:", "kde:", or "root:".
|
|
|
|
|
.PP
|
|
|
|
|
\fB-blackout\fR \fIstring\fR
|
|
|
|
|
.IP
|
|
|
|
@ -930,8 +1010,7 @@ the gui to come back to you via your ssh redirected X
|
|
|
|
|
display (e.g. localhost:10).
|
|
|
|
|
.IP
|
|
|
|
|
Examples: "x11vnc \fB-gui",\fR "x11vnc \fB-gui\fR localhost:10",
|
|
|
|
|
"x11vnc \fB-gui\fR :10", "x11vnc \fB-gui\fR wait,:10",
|
|
|
|
|
"x11vnc \fB-gui\fR <x11vnc-opts...>"
|
|
|
|
|
"x11vnc \fB-gui\fR :10", "x11vnc \fB-gui\fR conn,host:10",
|
|
|
|
|
.IP
|
|
|
|
|
If you do not specify a gui X display in "gui-opts"
|
|
|
|
|
then the DISPLAY environment variable and \fB-display\fR
|
|
|
|
@ -1361,7 +1440,7 @@ noalwaysshared nevershared noalwaysshared dontdisconnect
|
|
|
|
|
nodontdisconnect desktop noremote
|
|
|
|
|
.IP
|
|
|
|
|
aro= display vncdisplay desktopname http_url auth
|
|
|
|
|
rootshift scale_str scaled_x scaled_y scale_numer
|
|
|
|
|
users rootshift scale_str scaled_x scaled_y scale_numer
|
|
|
|
|
scale_denom scale_fac scaling_noblend scaling_nomult4
|
|
|
|
|
scaling_pad scaling_interpolate inetd safer unsafe
|
|
|
|
|
passwdfile using_shm logfile o rc norc h help V version
|
|
|
|
|