On 2/27/2014 15:37, Patrick Dupre wrote:
> OK, I restarted it:
If you look below, I have removed all the chains that didn't reference
SSH. Notice that the VNC ports you were trying to access are not listed
in these chains. That's why you aren't getting access to them remotely.
Now that we have solved that part of the problem, it's worth restating
that encrypting your VNC sessions is a really good idea I would strongly
recommend. Tunneling via SSH is an option and so is creating a VPN
tunnel between the server and your remote system.
But then what?
It appears that every time I have to change the owner of /run/user/1000/user!
I need to do something for that.
and this is the log file:
Xvnc TigerVNC 1.2.80 - built Mar 14 2013 18:53:14
Copyright (C) 1999-2011 TigerVNC Team and many others (see README.txt)
See
http://www.tigervnc.org for information on TigerVNC.
Underlying X server release 11303000, The X.Org Foundation
Initializing built-in extension Generic Event Extension
Initializing built-in extension SHAPE
Initializing built-in extension MIT-SHM
Initializing built-in extension XInputExtension
Initializing built-in extension XTEST
Initializing built-in extension BIG-REQUESTS
Initializing built-in extension SYNC
Initializing built-in extension XKEYBOARD
Initializing built-in extension XC-MISC
Initializing built-in extension XFIXES
Initializing built-in extension RENDER
Initializing built-in extension RANDR
Initializing built-in extension COMPOSITE
Initializing built-in extension DAMAGE
Initializing built-in extension MIT-SCREEN-SAVER
Initializing built-in extension DOUBLE-BUFFER
Initializing built-in extension RECORD
Initializing built-in extension DPMS
Initializing built-in extension X-Resource
Initializing built-in extension XVideo
Initializing built-in extension XVideo-MotionCompensation
Initializing built-in extension VNC-EXTENSION
Initializing built-in extension GLX
Thu Feb 27 22:45:21 2014
vncext: VNC extension running!
vncext: Listening for VNC connections on all interface(s), port 5901
vncext: created VNC server for screen 0
GNOME_KEYRING_CONTROL=/run/user/1000/keyring-6F9GPG
GPG_AGENT_INFO=/run/user/1000/keyring-6F9GPG/gpg:0:1
GNOME_KEYRING_PID=849
GNOME_KEYRING_CONTROL=/run/user/1000/keyring-6F9GPG
GPG_AGENT_INFO=/run/user/1000/keyring-6F9GPG/gpg:0:1
GNOME_KEYRING_CONTROL=/run/user/1000/keyring-6F9GPG
GPG_AGENT_INFO=/run/user/1000/keyring-6F9GPG/gpg:0:1
SSH_AUTH_SOCK=/run/user/1000/keyring-6F9GPG/ssh
GNOME_KEYRING_CONTROL=/run/user/1000/keyring-6F9GPG
GPG_AGENT_INFO=/run/user/1000/keyring-6F9GPG/gpg:0:1
SSH_AUTH_SOCK=/run/user/1000/keyring-6F9GPG/ssh
(gnome-settings-daemon:835): power-plugin-WARNING **: Failed set DPMS mode: Display is not
DPMS capable
Fontconfig warning: "/etc/fonts/conf.d/50-user.conf", line 9: reading
configurations from ~/.fonts.conf is deprecated.
gnome-session[589]: WARNING: Application 'gnome-settings-daemon.desktop' failed to
register before timeout
Fontconfig warning: "/etc/fonts/conf.d/50-user.conf", line 9: reading
configurations from ~/.fonts.conf is deprecated.
gnome-session[589]: WARNING: Application 'pulseaudio.desktop' failed to register
before timeout
(gnome-settings-daemon:835): power-plugin-WARNING **: Unable to inhibit lid switch:
GDBus.Error:org.freedesktop.DBus.Error.AccessDenied: Operation not permitted
(gnome-settings-daemon:835): media-keys-plugin-WARNING **: Unable to inhibit keypresses:
GDBus.Error:org.freedesktop.DBus.Error.AccessDenied: Operation not permitted
(gnome-settings-daemon:835): color-plugin-WARNING **: failed to get edid: unable to get
EDID for output
(gnome-settings-daemon:835): color-plugin-WARNING **: failed to create device: failed to
obtain org.freedesktop.color-manager.create-device auth
(gnome-settings-daemon:835): color-plugin-WARNING **: failed to obtain
org.freedesktop.color-manager.create-profile auth
The XKEYBOARD keymap compiler (xkbcomp) reports:
Warning: Type "ONE_LEVEL" has 1 levels, but
<RALT> has 2 symbols
Ignoring extra symbols
Errors from xkbcomp are not fatal to the X
server
The XKEYBOARD keymap compiler (xkbcomp) reports:
Warning: Compat map for group 2 redefined
Using new definition
Warning: Compat map for group 3 redefined
Using new definition
Warning: Compat map for group 4 redefined
Using new definition
Errors from xkbcomp are not fatal to the X
server
Fontconfig warning: "/etc/fonts/conf.d/50-user.conf", line 9: Failed to play
sound: File or data not found
Fontconfig warning: "/etc/fonts/conf.d/50-user.conf", line 9: reading
configurations from ~/.fonts.conf is deprecated.
reading configurations from ~/.fonts.conf is deprecated.
** Message: applet now removed from the notification area
(gnome-shell:968): Bluetooth-WARNING **: Could not open RFKILL control device, please
verify your installation
Fontconfig warning: "/etc/fonts/conf.d/50-user.conf", line 9: reading
configurations from ~/.fonts.conf is deprecated.
> Chain IN_dmz_allow (1 references)
> target prot opt source destination
> ACCEPT tcp -- anywhere anywhere tcp dpt:ssh ctstate NEW
>
> Chain IN_external_allow (1 references)
> target prot opt source destination
> ACCEPT tcp -- anywhere anywhere tcp dpt:ssh ctstate NEW
>
> Chain IN_home_allow (1 references)
> target prot opt source destination
> ACCEPT tcp -- anywhere anywhere tcp dpt:ssh ctstate NEW
> ACCEPT udp -- anywhere anywhere udp dpt:ipp ctstate NEW
> ACCEPT udp -- anywhere 224.0.0.251 udp dpt:mdns ctstate NEW
> ACCEPT udp -- anywhere anywhere udp dpt:netbios-ns ctstate NEW
> ACCEPT udp -- anywhere anywhere udp dpt:netbios-dgm ctstate NEW
>
> Chain IN_internal_allow (1 references)
> target prot opt source destination
> ACCEPT tcp -- anywhere anywhere tcp dpt:ssh ctstate NEW
> ACCEPT udp -- anywhere anywhere udp dpt:ipp ctstate NEW
> ACCEPT udp -- anywhere 224.0.0.251 udp dpt:mdns ctstate NEW
> ACCEPT udp -- anywhere anywhere udp dpt:netbios-ns ctstate NEW
> ACCEPT udp -- anywhere anywhere udp dpt:netbios-dgm ctstate NEW
>
> Chain IN_public_allow (1 references)
> target prot opt source destination
> ACCEPT udp -- anywhere anywhere udp dpt:ipp ctstate NEW
> ACCEPT udp -- anywhere 224.0.0.251 udp dpt:mdns ctstate NEW
> ACCEPT tcp -- anywhere anywhere tcp dpt:ipp ctstate NEW
> ACCEPT udp -- anywhere anywhere udp dpt:ipp ctstate NEW
> ACCEPT tcp -- anywhere anywhere tcp dpt:ssh ctstate NEW
>
> Chain IN_work_allow (1 references)
> target prot opt source destination
> ACCEPT tcp -- anywhere anywhere tcp dpt:ssh ctstate NEW
> ACCEPT udp -- anywhere 224.0.0.251 udp dpt:mdns ctstate NEW
> ACCEPT udp -- anywhere anywhere udp dpt:ipp ctstate NEW
Tom
--
users mailing list
users(a)lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct:
http://fedoraproject.org/code-of-conduct
Guidelines:
http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away:
http://ask.fedoraproject.org
===========================================================================
Patrick DUPRÉ | | email: pdupre(a)gmx.com
Laboratoire de Physico-Chimie de l'Atmosphère | |
Université du Littoral-Côte d'Opale | |
Tel. (33)-(0)3 28 23 76 12 | | Fax: 03 28 65 82 44
189A, avenue Maurice Schumann | | 59140 Dunkerque, France
===========================================================================