Tigervnc-server on Fedora 17

While VNC server used to be quite easy to set up, changes in Fedora 17, and systemd have made the old method of adding or uncommented a few lines in /etc/sysconfig/vncserver obsolete. Now, if one installs tigervnc-server, the typical VNC server from the repos, and looks at /etc/sysconfig/vncservers, they are told that the file has been replaced by /lib/systemd/system/vncserver@.service.

If one goes to that file, they are given instructions, which, judging from the forums, don't always work. So, these are the steps that, after trial and error, worked for me. I'm not going to bother saying, "As it says in the vncserver@.service file," because I assume that if you're reading this, you'll have figured that out. A thread on Fedora Forums goes through some of the trials and tribulations folks have gone through. Page 3 offers some solutions. (Much thanks to the user MotherDawg, who did most of the work.)

In our case, we will have a user with the login of john. His vncserver password will be 123456. (Tigervnc-server requires a minimum of 6 characters, though it will truncate anything longer than 8 characters.)

We will first install vncserver, then create a password. So, as root or with root privilege
yum -y install tigervnc-server

Once it's installed, as user john just type
vncserver

You will be asked to create a password, so just type 123456 and type it again when asked. (It is assumed that the reader would actually use a better password.)

You should now see that vncserver is starting on display :1. Using system-config-firewall or whatever method you usually use, open port 5901 tcp in iptables. The more advanced user is probably familiar with using the command line. The user who prefers GUI tools will find this article useful as far as configuring the firewall. The article itself is from 2009, so the rest of it may no longer be relevant. The part about using the GUI firewall configuration tool begins around the last third of the page--search for system-config-security on the page.

The command line option would be, run as root or with sudo
iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 5901 -j ACCEPT

Once this is all done, let's test it. Assuming it's on your local network and has an IP address of 192.168.1.7 try
vncviewer 192.168.1.7:1

You should be asked for a password. Put in 123456 or whatever password you set, and you should be in the default desktop. (Sometimes, depending upon your machine's graphics, you may, if your default is Gnome, get an error that Gnome failed, and you are using fallback mode.)

If all you want to do is connect from time to time when you can log in and manually start vncserver, your work is done. However, we'll assume that you want vncserver to start on boot. So, now that testing is done, first we stop vncserver.
pkill vnc

We will want his vncsession to be on display :1. First, we copy /lib/systemd/system/vncserver@.service to /etc/systemd/system/vncserver@:1.service. If we wanted it on display :2, we would have called our new file vncserver@:2.service--the :1 or :2 refers to the display that we're using.

Now we edit the file. We look for these lines in the file
ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'
ExecStart=/sbin/runuser -l  -c "/usrbin/vncserver %i"
ExecStop=/sbin/runuser -l  -c "/usr/bin/vncserver -kill %i"

That first line is important. The comment above it explains that it kills any existing tmp files in tmp/.X11-unix. If you're running vncserver and you look in /tmp/.X11-unix, you'll see that there's a socket file X1. If that file doesn't get cleaned--and while it should, sometimes, it doesn't, when you next start vnc it will fail to start because it sees that there's already an existing socket on X1. If you start it manually, and that file exists, it will start a display on :2, rather than :1.

If the file doesn't get cleaned out on reboot, and in my experience, it often didn't, and you are using the vncserver:1 to start it manually at boot, it will fail. Therefore, that ExecStartPre line is quite important.

As most Fedora users know, the old, simple sysv has been replaced with systemd. So, rather than the old chkconfig vncserver on, enable the service to start at boot with
systemctl enable vncserver@:1.service

You should see a message that a symlink to multil-user.target.wants has been created.

Test it with
systemctl start vncserver@:1.service

Once again, still assuming our vncserver is at 192.168.1.7, test with
vncviewer 192.168.1.7:1 

You should be asked for the password and able to connect after putting in 123456.

You may decide you want a different desktop or window manager for your vnc sessions. Assuming the desktop is installed, this can be done by editing your $HOME/.vnc/xstartup file. So, if I am logged in as john, I may decide I'd like to use the minimalist tiling window manager dwm.

I go to my home directory and open the .vnc/xstartup file. Note the period before vnc, it's a hidden file. It looks somewhat complex. I don't know if that's all necessary for Gnome or not--one can see that the script checks to see if your system is running SuSE. At any rate, I copy it over, in case I make mistakes, then replace it with an extremely simple script. So, first we cd to the directory and open up the file.
cd ~/.vnc
mv xstartup xstartup.bak
vi xstartup

In my example I use vi. The reader can use nano, gedit, emacs, or other editor of choice. If you are not familiar with the ~, the tilde, it represents your home directory in Linux and other Unix and Unix like systems.

Now we write the new xstartup. It reads
#!/bin/sh
exec dwm

Now, if I restart vncserver with systemctl restart vncserver@:1.service, and again connect with vncviewer, I should see dwm running.

Once again, many thanks to Fedora Forum user MotherDawg.