diff --git a/CHANGELOG.md b/CHANGELOG.md index 878243a..5067a91 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,17 @@ *** +### Version 19.05 + +- Fixed [Issue #8](https://github.com/accetto/ubuntu-vnc-xfce/issues/8) (Error if changing default user) +- **Dockerfile** updated + - new intermediate stage `stage-wrapper` added + - some commands moved out from `stage-wrapper` to `stage-final` + - user permissions set using `set_user_permissions.sh` script + - **STARTUPDIR** changed from `/boot/dockerstartup` to `/dockerstartup` +- Launchers for **Vim** and **TigerVNC Viewer** added to the desktop +- Utility `util-hdx.sh` updated (using [accetto/argbash-docker][accetto-docker-argbash-docker]) + ### Version 19.04 - **noVNC** updated to version **1.1.0** (formerly 1.0.0) @@ -29,14 +40,14 @@ ### Version 18.10 -- Fixed **Issue #7** (Problem with foreground mode) +- Fixed [Issue #7](https://github.com/accetto/ubuntu-vnc-xfce/issues/7) (Problem with foreground mode) - supported startup options: `--wait` (default), `--skip`, `--debug` (also `--tail-log`) and `--help` - getting help: `docker run --rm accetto/ubuntu-vnc-xfce --help` - README file is extended ### Version 18.06.1 -- Fixed **Issue #6** ("--wait: /boot/dockerstartup/vnc_startup.sh: Permission denied" on startup) +- Fixed [Issue #6](https://github.com/accetto/ubuntu-vnc-xfce/issues/6) ("--wait: /boot/dockerstartup/vnc_startup.sh: Permission denied" on startup) - Only automated builds have been plagued by this issue. ### Version 18.06 @@ -73,11 +84,11 @@ (April 2018) -- Quick-fix **Issue #4**: Volume '/headless/Documents' owned by 'root' +- Quick-fix [Issue #4](https://github.com/accetto/ubuntu-vnc-xfce/issues/4) (Volume '/headless/Documents' owned by 'root') - Essentially a rollback to the previous version - **VOLUME** instructions removed - Environment variables **LANG**, **LANGUAGE** and **LC_ALL** declared at the previous place -- **Issue #5** mitigated by setting the lite noVNC client as the default one. Full client can be used by navigating to *vnc.html*. +- [Issue #5](https://github.com/accetto/ubuntu-vnc-xfce/issues/5) mitigated by setting the lite noVNC client as the default one. Full client can be used by navigating to *vnc.html*. - This is the final version of generation 1 before repository split and version numbering change - Branch **18.04** keeps this stage which will not be developed any more @@ -93,15 +104,15 @@ (April 2018) -- Fixed **Issue #1**: Occasional VNC Viewer connection problem ("Too many security failures") +- Fixed [Issue #1](https://github.com/accetto/ubuntu-vnc-xfce/issues/1) (Occasional VNC Viewer connection problem "Too many security failures") - **Ubuntu 18.04 LTS** (bionic) as **ubuntu:latest** ### Version 1.4.0 (April 2018) -- Warning, the **issue #1** is unfortunately back in this release. -- Fixed **Issue #3**: Default Firefox profile not initialized on external volumes +- Warning, the [issue #1](https://github.com/accetto/ubuntu-vnc-xfce/issues/1) is unfortunately back in this release. +- Fixed [Issue #3](https://github.com/accetto/ubuntu-vnc-xfce/issues/3) (Default Firefox profile not initialized on external volumes) - Handling of Firefox profiles has been improved - Firefox proto-profile **profile0.default** is created also on external volumes if there is no Firefox profile yet - Proto-profile is backed-up as folder **/headless/firefox.backup** @@ -114,7 +125,7 @@ (April 2018) - Handling of Firefox profiles has been redesigned - - The folder **profile0.default** for the default Firefox profile has been pre-created and initialized with the **user.js** file, which includes the fix of the issue #2 (see the version 1.2.0). + - The folder **profile0.default** for the default Firefox profile has been pre-created and initialized with the **user.js** file, which includes the fix of the [issue #2](https://github.com/accetto/ubuntu-vnc-xfce/issues/2) (see the version 1.2.0). - The actual Firefox profile is created on the first Firefox start. - The non-root **VNC user** got permissions to modify the **user.js** file and the whole profile. - The backup copy **user.js.txt** is in the folder **/headless/.mozilla/firefox**, so the default profile can be safely deleted. @@ -128,7 +139,7 @@ - **noVNC** updated to version **1.0.0** (was 0.6.2) - **Firefox Quantum** updated to version **59.0.2** (64-bit) - **vim** editor has been installed back -- Fixed: **Issue #2**: Firefox tab crashes "Gah. Your tab just crashed." +- Fixed: [Issue #2](https://github.com/accetto/ubuntu-vnc-xfce/issues/2) (Firefox tab crashes "Gah. Your tab just crashed.") - Mitigated by forcing the following Firefox preferences: - **browser.tabs.remote.autostart = false** - **browser.tabs.remote.autostart.2 = false** @@ -137,7 +148,7 @@ (March 2018) -- Fixed **Issue #1**: Occasional VNC Viewer connection problem ("Too many security failures") +- Fixed [Issue #1](https://github.com/accetto/ubuntu-vnc-xfce/issues/1) (Occasional VNC Viewer connection problem "Too many security failures") - VNC parameter **BlacklistTimeout** set to **0** - VNC parameter **BlacklistThreshold** set to **20** - both VNC parameters configurable through the new build arguments and environment variables **BLACKLIST_TIMEOUT** and **BLACKLIST_THRESHOLD** @@ -209,6 +220,9 @@ Created the following set of images: [accetto-github-ubuntu-vnc-xfce-firefox]: https://github.com/accetto/ubuntu-vnc-xfce-firefox [accetto-github-ubuntu-vnc-xfce-firefox-plus]: https://github.com/accetto/ubuntu-vnc-xfce-firefox-plus +[accetto-docker-argbash-docker]: https://hub.docker.com/r/accetto/argbash-docker +[accetto-github-argbash-docker]: https://github.com/accetto/argbash-docker + [docker-ubuntu]: https://hub.docker.com/_/ubuntu/ [microbadger]: https://microbadger.com/ diff --git a/Dockerfile b/Dockerfile index 64f8875..cfecaca 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,12 @@ # docker build -t accetto/ubuntu-vnc-xfce . # docker build -t accetto/ubuntu-vnc-xfce:dev . +# docker build --target stage-ubuntu -t dev/ubuntu-vnc-xfce:stage-ubuntu . +# docker build --target stage-xfce -t dev/ubuntu-vnc-xfce:stage-xfce . +# docker build --target stage-vnc -t dev/ubuntu-vnc-xfce:stage-vnc . +# docker build --target stage-novnc -t dev/ubuntu-vnc-xfce:stage-novnc . +# docker build --target stage-wrapper -t dev/ubuntu-vnc-xfce:stage-wrapper . +# docker build --target stage-final -t dev/ubuntu-vnc-xfce:stage-final . +# docker build -t dev/ubuntu-vnc-xfce . # docker build --build-arg ARG_VNC_RESOLUTION=1360x768 -t accetto/ubuntu-vnc-xfce . # docker build --build-arg BASETAG=rolling -t accetto/ubuntu-vnc-xfce:rolling . @@ -19,8 +26,12 @@ RUN apt-get update && apt-get install -y \ vim \ && rm -rf /var/lib/apt/lists/* -### supports testing, should be overriden -#ENTRYPOINT ["tail", "-f", "/dev/null"] +### next ENTRYPOINT command supports development and should be overriden or disabled +### it allows running detached containers created from intermediate images, for example: +### docker build --target stage-vnc -t dev/ubuntu-vnc-xfce:stage-vnc . +### docker run -d --name test-stage-vnc dev/ubuntu-vnc-xfce:stage-vnc +### docker exec -it test-stage-vnc bash +# ENTRYPOINT ["tail", "-f", "/dev/null"] FROM stage-ubuntu as stage-xfce @@ -85,7 +96,16 @@ RUN echo \ "" \ > ${NO_VNC_HOME}/index.html -FROM stage-novnc as stage-final +FROM stage-novnc as stage-wrapper + +### 'apt-get clean' runs automatically +### Install nss-wrapper to be able to execute image as non-root user +RUN apt-get update && apt-get install -y \ + gettext \ + libnss-wrapper \ + && rm -rf /var/lib/apt/lists/* + +FROM stage-wrapper as stage-final LABEL \ any.accetto.description="Headless Ubuntu VNC/noVNC container with Xfce desktop" \ @@ -104,7 +124,7 @@ ENV \ DISPLAY=:1 \ HOME=${ARG_HOME:-/home/headless} \ NO_VNC_PORT="6901" \ - STARTUPDIR=/boot/dockerstartup \ + STARTUPDIR=/dockerstartup \ VNC_BLACKLIST_THRESHOLD=${ARG_VNC_BLACKLIST_THRESHOLD:-20} \ VNC_BLACKLIST_TIMEOUT=${ARG_VNC_BLACKLIST_TIMEOUT:-0} \ VNC_COL_DEPTH=24 \ @@ -118,28 +138,20 @@ WORKDIR ${HOME} COPY [ "./src/startup", "${STARTUPDIR}/" ] -### 'apt-get clean' runs automatically -### Install nss-wrapper to be able to execute image as non-root user -### 'generate_container_user' has to be sourced to hold all env vars correctly -RUN apt-get update && apt-get install -y \ - gettext \ - libnss-wrapper \ - && echo 'source $STARTUPDIR/generate_container_user' >> ${HOME}/.bashrc \ - && rm -rf /var/lib/apt/lists/* \ - && chmod +x ${STARTUPDIR}/*.sh - ### Preconfigure Xfce COPY [ "./src/home/Desktop", "./Desktop/" ] COPY [ "./src/home/config/xfce4/panel", "./.config/xfce4/panel/" ] COPY [ "./src/home/config/xfce4/xfconf/xfce-perchannel-xml", "./.config/xfce4/xfconf/xfce-perchannel-xml/" ] -RUN chmod 755 ./Desktop/*.desktop \ - && chmod 700 ./.config/xfce4/panel/launcher* \ - && chmod 644 ./.config/xfce4/panel/launcher*/*.desktop \ - && chmod 644 ./.config/xfce4/xfconf/xfce-perchannel-xml/*.xml + +### 'generate_container_user' has to be sourced to hold all env vars correctly +RUN echo 'source $STARTUPDIR/generate_container_user' >> ${HOME}/.bashrc + +RUN chmod +x ${STARTUPDIR}/set_user_permissions.sh \ + && ${STARTUPDIR}/set_user_permissions.sh $STARTUPDIR $HOME EXPOSE ${VNC_PORT} ${NO_VNC_PORT} -ENV REFRESHED_AT 2019-05-16 +ENV REFRESHED_AT 2019-05-26 ### Issue #7: Mitigating problems with foreground mode WORKDIR ${STARTUPDIR} diff --git a/src/home/Desktop/vim.desktop b/src/home/Desktop/vim.desktop new file mode 100644 index 0000000..d4ab844 --- /dev/null +++ b/src/home/Desktop/vim.desktop @@ -0,0 +1,81 @@ +[Desktop Entry] +Name=Vim +GenericName=Text Editor +GenericName[de]=Texteditor +Comment=Edit text files +Comment[af]=Redigeer tekslêers +Comment[am]=የጽሑፍ ፋይሎች ያስተካክሉ +Comment[ar]=حرّر ملفات نصية +Comment[az]=Mətn fayllarını redaktə edin +Comment[be]=Рэдагаваньне тэкставых файлаў +Comment[bg]=Редактиране на текстови файлове +Comment[bn]=টেক্স্ট ফাইল এডিট করুন +Comment[bs]=Izmijeni tekstualne datoteke +Comment[ca]=Edita fitxers de text +Comment[cs]=Úprava textových souborů +Comment[cy]=Golygu ffeiliau testun +Comment[da]=Redigér tekstfiler +Comment[de]=Textdateien bearbeiten +Comment[el]=Επεξεργασία αρχείων κειμένου +Comment[en_CA]=Edit text files +Comment[en_GB]=Edit text files +Comment[es]=Edita archivos de texto +Comment[et]=Redigeeri tekstifaile +Comment[eu]=Editatu testu-fitxategiak +Comment[fa]=ویرایش پرونده‌های متنی +Comment[fi]=Muokkaa tekstitiedostoja +Comment[fr]=Édite des fichiers texte +Comment[ga]=Eagar comhad Téacs +Comment[gu]=લખાણ ફાઇલોમાં ફેરફાર કરો +Comment[he]=ערוך קבצי טקסט +Comment[hi]=पाठ फ़ाइलें संपादित करें +Comment[hr]=Uređivanje tekstualne datoteke +Comment[hu]=Szövegfájlok szerkesztése +Comment[id]=Edit file teks +Comment[it]=Modifica file di testo +Comment[ja]=テキストファイルを編集します +Comment[kn]=ಪಠ್ಯ ಕಡತಗಳನ್ನು ಸಂಪಾದಿಸು +Comment[ko]=텍스트 파일을 편집합니다 +Comment[lt]=Redaguoti tekstines bylas +Comment[lv]=Rediģēt teksta failus +Comment[mk]=Уреди текстуални фајлови +Comment[ml]=വാചക രചനകള് തിരുത്തുക +Comment[mn]=Текст файл боловсруулах +Comment[mr]=गद्य फाइल संपादित करा +Comment[ms]=Edit fail teks +Comment[nb]=Rediger tekstfiler +Comment[ne]=पाठ फाइललाई संशोधन गर्नुहोस् +Comment[nl]=Tekstbestanden bewerken +Comment[nn]=Rediger tekstfiler +Comment[no]=Rediger tekstfiler +Comment[or]=ପାଠ୍ଯ ଫାଇଲଗୁଡ଼ିକୁ ସମ୍ପାଦନ କରନ୍ତୁ +Comment[pa]=ਪਾਠ ਫਾਇਲਾਂ ਸੰਪਾਦਨ +Comment[pl]=Edytor plików tekstowych +Comment[pt]=Editar ficheiros de texto +Comment[pt_BR]=Edite arquivos de texto +Comment[ro]=Editare fişiere text +Comment[ru]=Редактор текстовых файлов +Comment[sk]=Úprava textových súborov +Comment[sl]=Urejanje datotek z besedili +Comment[sq]=Përpuno files teksti +Comment[sr]=Измени текстуалне датотеке +Comment[sr@Latn]=Izmeni tekstualne datoteke +Comment[sv]=Redigera textfiler +Comment[ta]=உரை கோப்புகளை தொகுக்கவும் +Comment[th]=แก้ไขแฟ้มข้อความ +Comment[tk]=Metin faýllary editle +Comment[tr]=Metin dosyalarını düzenle +Comment[uk]=Редактор текстових файлів +Comment[vi]=Soạn thảo tập tin văn bản +Comment[wa]=Asspougnî des fitchîs tecses +Comment[zh_CN]=编辑文本文件 +Comment[zh_TW]=編輯文字檔 +TryExec=vim +Exec=vim %F +Terminal=true +Type=Application +Keywords=Text;editor; +Icon=gvim +Categories=Utility;TextEditor; +StartupNotify=false +MimeType=text/english;text/plain;text/x-makefile;text/x-c++hdr;text/x-c++src;text/x-chdr;text/x-csrc;text/x-java;text/x-moc;text/x-pascal;text/x-tcl;text/x-tex;application/x-shellscript;text/x-c;text/x-c++; diff --git a/src/home/Desktop/vncviewer.desktop b/src/home/Desktop/vncviewer.desktop new file mode 100644 index 0000000..e69881a --- /dev/null +++ b/src/home/Desktop/vncviewer.desktop @@ -0,0 +1,53 @@ +[Desktop Entry] +Name[bg]=Визуализатор на TigerVNC +Name[cs]=Prohlížeč TigerVNC +Name[da]=TigerVNC-fremviser +Name[de]=TigerVNC-Betrachter +Name[el]=Θεατής TigerVNC +Name[eo]=Rigardilo TigerVNC +Name[es]=Visor TigerVNC +Name[fi]=TigerVNC-selain +Name[fr]=Visionneuse TigerVNC +Name[fur]=Visualizadôr TigerVNC +Name[hu]=TigerVNC megjelenítő +Name[id]=Penampil TigerVNC +Name[nl]=TigerVNC-viewer +Name[pt_BR]=Visualizador TigerVNC +Name[ru]=TigerVNC Viewer +Name[sr]=Прегледач ТигарВНЦ +Name[sv]=VNC-visare +Name[tr]=TigerVNC Görüntüleyici +Name[uk]=Засіб перегляду TigerVNC +Name[vi]=Bộ xem TigerVNC +Name[zh_CN]=TigerVNC 查看器 +Name=TigerVNC Viewer +GenericName[cs]=Prohlížeč vzdálené plochy +GenericName[pt_BR]=Visualização de área de trabalho remota +GenericName[ru]=Просмотр удалённых рабочих столов +GenericName[sv]=Fjärrskrivbordsvisare +GenericName[uk]=Засіб перегляду віддаленої стільниці +GenericName[vi]=Trình xem màn hình từ xa +GenericName=Remote Desktop Viewer +Comment[cs]=Připojí se k severu VNC a zobrazí vzdálenou plochu +Comment[da]=Opret forbindelse til VNC-server og vis fjern-skrivebord +Comment[fr]=Se connecter à un serveur VNC et afficher le bureau distant +Comment[pt_BR]=Conecte a um servidor VNC e exiba a área de trabalho remota +Comment[ru]=Подключиться к серверу VNC и показать удалённый рабочий стол +Comment[sv]=Anslut till en VNC-server och visa ett fjärrskrivbord +Comment[uk]=З'єднання із сервером VNC і показ віддаленої стільниці +Comment[vi]=Kết nối đến máy phục vụ VNC và hiển thị màn hình từ xa +Comment=Connect to VNC server and display remote desktop +Exec=/usr/bin/vncviewer +Icon[cs]=tigervnc +Icon[pt_BR]=tigervnc +Icon[ru]=tigervnc +Icon[sv]=tigervnc +Icon[uk]=tigervnc +Icon[vi]=tigervnc +Icon=preferences-desktop-remote-desktop +Terminal=false +Type=Application +StartupWMClass=TigerVNC Viewer: Connection Details +Categories=Network;RemoteAccess; +Path= +StartupNotify=false diff --git a/src/startup/set_user_permissions.sh b/src/startup/set_user_permissions.sh new file mode 100644 index 0000000..daec7b6 --- /dev/null +++ b/src/startup/set_user_permissions.sh @@ -0,0 +1,29 @@ +#!/bin/bash +### every exit != 0 fails the script +set -e +#set -u # do not use + +echo "Current user:" +id + +[[ -n $DEBUG ]] && _verbose="-v" || _verbose="" + +for i in "$@" +do + echo "Fixing permissions for: $i" + + ### all users are allowed to execute '*.sh' scripts in the folder (recursively) + find "$i"/ -name '*.sh' -exec chmod $_verbose a+x {} + + + ### all users are allowed to execute launchers in the folder (recursively) + find "$i"/ -name '*.desktop' -exec chmod $_verbose a+x {} + + + ### folder content belongs to the 'root' group (recursively) + chgrp -R 0 "$i" + + ### all users have write permissions to the folder content (recursively) + chmod -R $_verbose a+rw "$i" + + ### all users have execute permissions to all folder directories (recursively) + find "$i" -type d -exec chmod $_verbose a+x {} + +done \ No newline at end of file diff --git a/src/startup/vnc_startup.sh b/src/startup/vnc_startup.sh index 2dbfac8..a37aa48 100644 --- a/src/startup/vnc_startup.sh +++ b/src/startup/vnc_startup.sh @@ -42,7 +42,8 @@ if [[ $1 =~ -h|--help ]]; then exit 0 fi -### should also source '$STARTUPDIR/generate_container_user.sh' +### '.bashrc' will also source '$STARTUPDIR/generate_container_user' +### (see 'stage-final' in Dockerfile) source "$HOME"/.bashrc ### add `--skip` to startup args, to skip the VNC startup procedure @@ -68,6 +69,16 @@ trap cleanup SIGINT SIGTERM ### resolve_vnc_connection VNC_IP=$(hostname -i) +### DEV +if [[ $DEBUG ]] ; then + echo "DEBUG:" + id + echo "DEBUG: ls -la /" + ls -la / + echo "DEBUG: ls -la ." + ls -la . +fi + ### change vnc password echo -e "\n------------------ change VNC password ------------------" ### first entry is control, second is view (if only one is valid for both) diff --git a/ubuntu-vnc-xfce.jpg b/ubuntu-vnc-xfce.jpg index 90500c7..51c730d 100644 Binary files a/ubuntu-vnc-xfce.jpg and b/ubuntu-vnc-xfce.jpg differ