Oracle Solaris Trusted Extensions Administrator's Procedures

ProcedureHow to Use Xvnc to Remotely Access a Trusted Extensions System

Virtual Network Computing (vnc) technology connects a client to a remote server, then displays the desktop of the remote server in a window on the client. Xvnc is the UNIX version of vnc, which is based on a standard X server. In Trusted Extensions, a client on any platform can connect to an Xvnc that is running Trusted Extensions software, log in to the Xvnc server, then display and work on a multilevel desktop.

Before You Begin

You have installed and configured Trusted Extensions software on the system that is going to be used as the Xvnc server. You have created and booted the labeled zones. Your Xvnc server recognizes the vnc clients by hostname or IP address.

You are superuser in the global zone of the system that is going to be used as the Xvnc server.

  1. Configure the Xvnc server.

    For more information, see the Xvnc(1) and vncconfig(1) man pages.

    Caution – Caution –

    If you are running the Solaris 10 10/08 or the Solaris 10 5/08 release, you must patch your system before configuring the server. For a SPARC system, install the latest version of patch 125719. For an x86 system, install the latest version of patch 125720.

    1. Create the Xservers configuration directory.

      # mkdir -p /etc/dt/config
    2. Copy the /usr/dt/config/Xservers file to the /etc/dt/config directory.

      # cp /usr/dt/config/Xservers /etc/dt/config/Xservers
    3. Edit the /etc/dt/config/Xservers file to start up the Xvnc program instead of Xserver or Xorg.

      In this example, the entry is configured to log in to the server without a password. To successfully log in the desktop, the local UID must be none instead of console.

      The entry is split for display purposes. The entry must be on one line.

      #   :0  Local local_uid@console root /usr/X11/bin/Xserver :0 -nobanner
        :0  Local local_uid@none root /usr/X11/bin/Xvnc :0 -nobanner 
        -AlwaysShared -SecurityTypes None -geometry 1024x768x24 -depth 24

      Note –

      A safer configuration is to require a password by using the -SecurityTypes VncAuth parameter. The Xvnc(1) man page describes password requirements.

    4. Reboot the server or start the Xvnc server.

      # reboot

      After reboot, verify that the Xvnc program is running.

      # ps -ef | grep Xvnc
        root  2145  932  0  Jan 18 ?  6:15 /usr/X11/bin/Xvnc :0 -nobanner 
        -AlwaysShared -SecurityTypes None -geometry 1024
  2. On every vnc client of the Trusted Extensions Xvnc server, install vnc client software.

    For the client system, you have a choice of software. This example uses the Sun vnc software.

    # cd SUNW-pkg-directory
    # pkgadd -d . SUNWvncviewer
  3. In a terminal window on a vnc client, connect to the server.

    % /usr/bin/vncviewer Xvnc-server-hostname
  4. In the window that displays, type your name and password.

    Continue with the login procedure. For a description of the remaining steps, see Logging In to Trusted Extensions in Oracle Solaris Trusted Extensions User’s Guide.

    If you logged in to the server as superuser, you can administer the server immediately. If you logged in to the server as a user, you must assume a role to administer the system.