Azure end customer were requesting "headless" VNC access while having "DISPLAY :0" variable set , I think it would be useful adding this to SUSE Public Cloud Guide: https://documentation.suse.com/sle-public-cloud/all/single-html/public-cloud/
Setup Guide - VNC access through port "5900" setting "DISPLAY :0"
Tested on Azure based SLES-15-SP4 Gen2 instance - Details:
tux@sles-15-sp4-gen2:~> azuremetadata
compute:
name: sles-15-sp4-gen2
offer: sles-15-sp4
sku: gen2
version: 2023.05.06
SUSE official VNC Doc: https://documentation.suse.com/sles/15-SP4/html/SLES-all/cha-vnc.html
NOTE: This VNC connection is NOT secure without using a SSH tunnel !!!
Steps:
1- Activate "PackageHub" repository - Packages from this repository are unsupported:
tux@sles-15-sp4-gen2:~> sudo SUSEConnect -p PackageHub/15.4/x86_64
Registering system to registration proxy https://smt-azure.susecloud.net
Updating system details on https://smt-azure.susecloud.net ...
Activating PackageHub 15.4 x86_64 ...
-> Adding service to system ...
-> Installing release package ...
Successfully registered system
2- Install "xfce" pattern:
tux@sles-15-sp4-gen2:~> sudo zypper -n in -t pattern xfce
3- Set Systemd default target:
tux@sles-15-sp4-gen2:~> sudo systemctl set-default multi-user.target
Created symlink /etc/systemd/system/default.target → /usr/lib/systemd/system/multi-user.target.
4- CSP specific - Please adjust it to your needs - Make sure Azure network security group (NSG) rules added to open TCP port 5900:
Example:
tux@sles-15-sp4-gen2:~> az network nsg rule create --resource-group <rg name> --nsg-name <nsg name> --name VNC-allow-5900 --protocol tcp --priority 100 --destination-port-ranges 5900 --access Allow --source-address-prefixes <my-ip-address>
5- Reboot the instance
tux@sles-15-sp4-gen2:~> sudo reboot
6- Make sure port 5900 is not already used - Show all listening TCP connections:
tux@sles-15-sp4-gen2:~> ss -tlpn
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
7- Make sure there is no other X server running - Search for already running X servers:
tux@sles-15-sp4-gen2:~> ps aux | grep X
tux 1781 0.0 0.0 8200 804 pts/0 S+ 08:08 0:00 grep --color=auto X
8- Make sure "multi-user.target" is set - See current systemd target:
tux@sles-15-sp4-gen2:~> sudo systemctl get-default
multi-user.target
9- First test and used to create a new VNC password - Initiate manually a VNC session as local user "tux":
Doc: https://documentation.suse.com/sles/15-SP4/html/SLES-all/cha-vnc.html#vnc-persistent-vncserver
tux@sles-15-sp4-gen2:~> WINDOWMANAGER=icewm vncserver :0 -alwaysshared -geometry 1280x1024 -depth 32
You will require a password to access your desktops.
Password:
Verify:
Would you like to enter a view-only password (y/n)? n
xauth: file /home/tux/.Xauthority does not exist
New 'sles-15-sp4-gen2:0 (tux)' desktop is sles-15-sp4-gen2:0
Creating default startup script /home/tux/.vnc/xstartup
Creating default config /home/tux/.vnc/config
Starting applications specified in /home/tux/.vnc/xstartup
Log file is /home/tux/.vnc/sles-15-sp4-gen2:0.log
10 - Access VNC session from Linux client:
dmich@yoda:~> vncviewer <azure-pub-ip>:0
-> "VNC Authentication" window will be opened
-> Password: <Enter VNC password>
-> Open a terminal using the VNC session
tux@sles-15-sp4-gen2:~> echo $DISPLAY
:0
11- Verify running VNC session:
tux@sles-15-sp4-gen2:~> vncserver -list
TigerVNC server sessions:
X DISPLAY # PROCESS ID
:0 2101
tux@sles-15-sp4-gen2:~> ps -ef |grep X
tux 2101 1 0 13:48 pts/0 00:00:00 /usr/bin/Xvnc :0 -auth /home/tux/.Xauthority -depth 32 -desktop sles-15-sp4-gen2:0 (tux) -fp /usr/share/fonts/misc,/usr/share/fonts/75dpi,/usr/share/fonts/100dpi,/usr/share/fonts/Type1 -geometry 1280x1024 -pn -rfbauth /home/tux/.vnc/passwd -rfbport 5900 -rfbwait 30000 -alwaysshared
tux 2108 1 0 13:48 pts/0 00:00:00 dbus-launch --exit-with-x11 /etc/X11/xinit/xinitrc
tux@sles-15-sp4-gen2:~> ss -ltpn
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 5 0.0.0.0:5900 0.0.0.0:* users:(("Xvnc",pid=2101,fd=6))
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 5 [::]:5900 [::]:* users:(("Xvnc",pid=2101,fd=7))
12- Terminate VNC session:
tux@sles-15-sp4-gen2:~> vncserver -kill :0
Killing Xvnc process ID 2101
13- Manually reinitiate a VNC session after reboot:
tux@sles-15-sp4-gen2:~> WINDOWMANAGER=icewm vncserver :0 -alwaysshared -geometry 1280x1024 -depth 32
New 'sles-15-sp4-gen2:0 (tux)' desktop is sles-15-sp4-gen2:0
Starting applications specified in /home/tux/.vnc/xstartup
Log file is /home/tux/.vnc/sles-15-sp4-gen2:0.log
14- Create systemd unit file for starting a "headless" VNC server during boot:
tux@sles-15-sp4-gen2:~> sudo vi /etc/systemd/system/vncserver@.service
tux@sles-15-sp4-gen2:~> cat /etc/systemd/system/vncserver@.service
[Unit]
Description=Remote desktop service (VNC)
After=network-online.target
[Service]
Type=simple
User=tux
Group=users
WorkingDirectory=/home/tux
PIDFile=/home/tux/.vnc/%H:%i.pid
# Clean any existing files in /tmp/.X11-unix environment
ExecStartPre=-/usr/bin/vncserver -kill :%i > /dev/null 2>&1
ExecStart=/usr/bin/vncserver -geometry 1920x1080 -depth 16 -fg -autokill :%i
ExecStop=/usr/bin/vncserver -kill :%i
[Install]
WantedBy=multi-user.target
tux@sles-15-sp4-gen2:~> sudo systemctl enable vncserver@0.service
Created symlink /etc/systemd/system/multi-user.target.wants/vncserver@0.service → /etc/systemd/system/vncserver@.service.
15- Modify the configuration file: $HOME/.vnc/xstartup
**Windowmanager => XFCE**
tux@sles-15-sp4-gen2:~> vi .vnc/xstartup
tux@sles-15-sp4-gen2:~/.vnc> cat xstartup
#!/bin/sh
unset SESSION_MANAGER
unset DBUS_SESSION_BUS_ADDRESS
exec startxfce4
**Windowmanager => ICEWM (No unsupported packages from PackageHub repository used !!!)**
tux@sles-15-sp4-gen2:~> vi .vnc/xstartup
tux@sles-15-sp4-gen2:~/.vnc> cat xstartup
#!/bin/bash
xrdb $HOME/.Xresources
xsetroot -solid grey
# Fix to make GNOME work
export XKL_XMODMAP_DISABLE=1
icewm
16- Reboot the instance:
tux@sles-15-sp4-gen2:~> sudo reboot
Verify running VNC session:
17 - Verify running VNC session:
tux@sles-15-sp4-gen2:~> vncserver -list
TigerVNC server sessions:
X DISPLAY # PROCESS ID
:0 1423
tux@sles-15-sp4-gen2:~> ss -ltpn
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 5 0.0.0.0:5900 0.0.0.0:* users:(("Xvnc",pid=1423,fd=6))
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 5 [::]:5900 [::]:* users:(("Xvnc",pid=1423,fd=7))
LISTEN 0 128 [::]:22 [::]:*
tux@sles-15-sp4-gen2:~> ps aux |grep X
tux 1423 0.1 3.8 263948 74980 ? S 14:12 0:00 /usr/bin/Xvnc :0 -auth /home/tux/.Xauthority -depth 16 -desktop sles-15-sp4-gen2:0 (tux) -fp /usr/share/fonts/misc,/usr/share/fonts/75dpi,/usr/share/fonts/100dpi,/usr/share/fonts/Type1 -geometry 1920x1080 -pn -rfbauth /home/tux/.vnc/passwd -rfbport 5900 -rfbwait 30000
tux 1626 0.0 2.0 505528 40604 ? Sl 14:12 0:00 /usr/lib/xfce4/panel/wrapper-2.0 /usr/lib64/xfce4/panel/plugins/libnotification-plugin.so 10 18874378 notification-plugin Notification Plugin Notification plugin for the Xfce panel
tux 1727 0.1 5.0 5421932 99228 ? Sl 14:12 0:00 /usr/lib64/qt5/libexec/QtWebEngineProcess --type=renderer --disable-speech-api --enable-threaded-compositing --enable-features=AllowContentInitiatedDataUrlNavigations,NetworkServiceInProcess,TracingServiceInProcess --disable-features=BackgroundFetch,ConsolidatedMovementXY,DnsOverHttpsUpgrade,FontSrcLocalMatching,InstalledApp,MojoVideoCapture,PictureInPicture,SmsReceiver,UseSkiaRenderer,WebPayments,WebUSB --lang=en --webengine-schemes=qrc:sLVF;aqrc:sLVF --num-raster-threads=1 --renderer-client-id=3 --shared-files
Additional information's:
While the local user "tux" is logged in using the xfce based VNC session:
tux@sles-15-sp4-gen2:~> env
LS_COLORS=no=00:fi=00:di=01;34:ln=00;36:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=41;33;01:ex=00;32:*.cmd=00;32:*.exe=01;32:*.com=01;32:*.bat=01;32:*.btm=01;32:*.dll=01;32:*.tar=00;31:*.tbz=00;31:*.tgz=00;31:*.rpm=00;31:*.deb=00;31:*.arj=00;31:*.taz=00;31:*.lzh=00;31:*.lzma=00;31:*.zip=00;31:*.zoo=00;31:*.z=00;31:*.Z=00;31:*.gz=00;31:*.bz2=00;31:*.tb2=00;31:*.tz2=00;31:*.tbz2=00;31:*.xz=00;31:*.avi=01;35:*.bmp=01;35:*.dl=01;35:*.fli=01;35:*.gif=01;35:*.gl=01;35:*.jpg=01;35:*.jpeg=01;35:*.mkv=01;35:*.mng=01;35:*.mov=01;35:*.mp4=01;35:*.mpg=01;35:*.pcx=01;35:*.pbm=01;35:*.pgm=01;35:*.png=01;35:*.ppm=01;35:*.svg=01;35:*.tga=01;35:*.tif=01;35:*.webm=01;35:*.webp=01;35:*.wmv=01;35:*.xbm=01;35:*.xcf=01;35:*.xpm=01;35:*.aiff=00;32:*.ape=00;32:*.au=00;32:*.flac=00;32:*.m4a=00;32:*.mid=00;32:*.mp3=00;32:*.mpc=00;32:*.ogg=00;32:*.voc=00;32:*.wav=00;32:*.wma=00;32:*.wv=00;32:
XDG_MENU_PREFIX=xfce-
LANG=en_US.UTF-8
SYSTEMD_EXEC_PID=3468
DISPLAY=:0.0
VNCDESKTOP=sles-15-sp4-gen2:0 (tux)
INVOCATION_ID=a0042cf1883643a394a31c8c3903ad35
GPG_TTY=/dev/pts/1
COLORTERM=truecolor
SSH_AUTH_SOCK=/tmp/ssh-at8HnXcXRhZR/agent.3514
USER=tux
PANEL_GDK_CORE_DEVICE_EVENTS=0
DESKTOP_SESSION=xfce
PWD=/home/tux
HOME=/home/tux
JOURNAL_STREAM=8:35818
SSH_AGENT_PID=3515
XDG_DATA_DIRS=/var/lib/flatpak/exports/share:/usr/local/share/:/usr/share/:/usr/share
PIDFILE=/home/tux/.vnc/sles-15-sp4-gen2:0.pid
VTE_VERSION=6602
SHELL=/bin/bash
TERM=xterm-256color
LS_OPTIONS=-N --color=tty -T 0
XDG_CURRENT_DESKTOP=XFCE
SHLVL=2
WINDOWID=37748739
LOGNAME=tux
DBUS_SESSION_BUS_ADDRESS=unix:abstract=/tmp/dbus-GTbAjZzBuT,guid=c426347cde89869b2085c7b064b7c727
XDG_CONFIG_DIRS=/etc/xdg
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
SESSION_MANAGER=local/sles-15-sp4-gen2:@/tmp/.ICE-unix/3482,unix/sles-15-sp4-gen2:/tmp/.ICE-unix/3482
_=/usr/bin/env
tux@sles-15-sp4-gen2:~> echo $DISPLAY
:0.0
Azure end customer were requesting "headless" VNC access while having "DISPLAY :0" variable set , I think it would be useful adding this to SUSE Public Cloud Guide: https://documentation.suse.com/sle-public-cloud/all/single-html/public-cloud/
Setup Guide - VNC access through port "5900" setting "DISPLAY :0"
Tested on Azure based SLES-15-SP4 Gen2 instance - Details:
SUSE official VNC Doc: https://documentation.suse.com/sles/15-SP4/html/SLES-all/cha-vnc.html
NOTE: This VNC connection is NOT secure without using a SSH tunnel !!!
Steps:
1- Activate "PackageHub" repository - Packages from this repository are unsupported:
2- Install "xfce" pattern:
3- Set Systemd default target:
4- CSP specific - Please adjust it to your needs - Make sure Azure network security group (NSG) rules added to open TCP port 5900:
5- Reboot the instance
6- Make sure port 5900 is not already used - Show all listening TCP connections:
7- Make sure there is no other X server running - Search for already running X servers:
8- Make sure "multi-user.target" is set - See current systemd target:
9- First test and used to create a new VNC password - Initiate manually a VNC session as local user "tux":
10 - Access VNC session from Linux client:
11- Verify running VNC session:
12- Terminate VNC session:
13- Manually reinitiate a VNC session after reboot:
14- Create systemd unit file for starting a "headless" VNC server during boot:
15- Modify the configuration file: $HOME/.vnc/xstartup
16- Reboot the instance:
17 - Verify running VNC session:
Additional information's:
While the local user "tux" is logged in using the xfce based VNC session: