Share your Linux desktop with x11vnc

x11vnc is a pretty useful program that you can use to share your Linux desktop with someone far away. To start x11vnc while using X11 windows, issue the following command:

x11vnc -display :0

This command will work in most cases, assuming there is only one instance of X11 Windows server running. However, the display number could be different. To be sure, type the following command:

xdpyinfo | head

x11vnc will output a lot of information, including the port number it runs on:

The VNC desktop is:      bootcd:2
PORT=5902

Subtracting 5900 from the port number (5902), you'll get the display number (2). Use this number to connect to your desktop remotely. I use gvncviewer.

gvncviewer 192.168.200.83:2

Administrator To Monitor Someone's Desktop with X11VNC

Let's assume that you are a system administrator with root privilege and want to monitor a user's X11 Windows desktop. You can't just run “x11vnc -display :0” because you are not the user currently using display :0. In that case, you need access to the X11 Windows' xauth file which is located at one of the following locations:

• /var/lib/gdm
  
• /var/lib/kdm
  
• /var/lib/xdm/authdir/authfiles
  
• /home/USER/.Xauthority
  

Once you locate the xauth file associated with the user's X11 desktop, you can use x11vnc to monitor his desktop activity.

x11vnc -display :0 -auth /var/lib/gdm/\:0.Xauth

Then, on your desktop as administrator, connect to the user's desktop with a vnc client.

gvncviewer 192.168.200.83:2

x11vnc with SSL

x11vnc supports various connection schemes, including SSL. On Debian and Ubuntu, type the following command to create a SSL certificate for use with x11vnc.

cat /etc/ssl/private/ssl-cert-snakeoil.key /etc/ssl/certs/ssl-cert-snakeoil.pem > /tmp/x11vnc.pem

Then, start x11vnc with -ssl option to run x11vnc in secure mode.

x11vnc -display :0 -auth /var/lib/gdm/\:0.Xauth -ssl /tmp/x11vnc.pem

ssvnc and gvncviewer can be used to connect to x11vnc via SSL connection. The following example command starts x11vnc in anonymous SSL mode that doesn't require X509 exchange.

x11vnc -display :0 -xauth /var/lib/xdm/authdir/authfiles/A\:0-R2x5Db -xkb -nopw -nc_cr -ssl /tmp/x11vnc.pem -vencrypt newdh:nox509:support

Setting Up XDM on Debian/Ubuntu Linux

XDM, short for X Display Manager, is my favorite login manager for its simplicity. Sure, gdm and kdm are visually pleasant, but why do I have to install all the dependencies if xdm provides the same functionality as them? After all, xdm can launch GNOME and KDE for you — you just need to fix your ~/.xsession file. This post will serve as my notes on installation, configuration and customization of xdm.

All configuration of xdm, except for distribution-specific settings, is done by modifying the files in the /etc/X11/xdm directory. For now, I'll just go over what I have in my xdm files.

/etc/X11/xdm/Xaccess

This file is used to tell xdm who can use xdm. Therefore, if you are happy to let anyone access the X-Windows desktop locally or remotely, then you would just put an asterisk (*) in Xaccess as I did.

*

If you are very keen on security, you would put only the following in Xaccess. This only allows local users to have access to xdm.

localhost
127.0.0.1

However, even if Xaccess is set up as above, remote xdm login may still be possible with SSH X11 forwarding.

/etc/X11/xdm/Xresources

Xresources file is used to fine-tune the behavior and appearance of XDM. Here is what I put in my Xresources file:

Xcursor.theme: redglass

xlogin*login.translations: #override \
 Ctrl<Key>R: abort-display()\n\
 <Key>F1: set-session-argument(failsafe) finish-field()\n\
 <Key>Delete: delete-character()\n\
 <Key>Left: move-backward-character()\n\
 <Key>Right: move-forward-character()\n\
 <Key>Home: move-to-begining()\n\
 <Key>End: move-to-end()\n\
 Ctrl<Key>KP_Enter: set-session-argument(failsafe) finish-field()\n\
 <Key>KP_Enter: set-session-argument() finish-field()\n\
 Ctrl<Key>Return: set-session-argument(failsafe) finish-field()\n\
 <Key>Return: set-session-argument() finish-field()

xlogin*greeting: Welcome to CLIENTHOST
xlogin*namePrompt: Login:\040
xlogin*passwdPrompt: Password:\040
xlogin*fail: Login incorrect

xlogin*greetFace: Serif-21:bold:italic
xlogin*face: Sans-15
xlogin*promptFace: Sans-15:bold
xlogin*failFace: Sans-16:bold

xlogin*geometry: 600x400
xlogin*borderWidth: 1
xlogin*frameWidth: 5
xlogin*innerFramesWidth: 2
xlogin*shdColor: grey30
xlogin*hiColor: grey90
xlogin*background: grey
xlogin*greetColor: Blue3
xlogin*failColor: red
*Foreground: black
*Background: #fffff0

xlogin*logoFileName: /usr/share/X11/xdm/pixmaps/penguin_doll_200x300.xpm
xlogin*useShape: true
xlogin*logoPadding: 10

I think the settings are self-explanatory. This is how xdm would look with the above settings. The penguin image was taken from here.

/etc/X11/xdm/Xresources

The Xresources file allows you to specify how many X servers to run and their command arguments. In my case, I run Xorg and Xvfb. Xorg is the standard X server, and Xvfb is a server that runs totally in memory without depending on the video hardware. To see what's going on with Xvfb, I use x11vnc and gvncviewer.

# Default X.org server
:0 local /usr/bin/Xorg :0 vt7 -br -dpi 96 -nolisten TCP

:1 local /usr/local/bin/Xvfb :1 -dpi 96 -screen 0 1024x768x16

/etc/X11/xdm/Xsetup

Xsetup allows you to write any command to run when xdm displays the login screen. In my case, I run gm to set up the background image and run x11vnc to remotely access Xvfb via VNC.

#!/bin/sh
#
# This script is run as root before showing login widget.

gm display -window root /usr/share/wallpapers/Board_Tile_Gray.jpg
xkbcomp -dflts -I/usr/share/X11/xkb /etc/X11/xkb/server-0.xkm $DISPLAY

PID_XVFB=$(pidof Xvfb)
PID_X11VNC=$(pidof x11vnc)
if [ -n "$PID_XVFB" -a -z "$PID_X11VNC" ]; then
  x11vnc -display :1 -bg -xkb -nopw -nc_cr -forever -listen localhost -auth $(find /var/lib/xdm/authdir/authfiles -name \*:1\*) > /var/log/x11vnc.log 2>&1
fi

/etc/X11/xdm/xdm-config

In xdm-config, there is only one line that I bother to change. This line enables remote xdm logins.

! SECURITY: do not listen for XDMCP or Chooser requests
! Comment out this line if you want to manage X terminals with xdm
DisplayManager.requestPort:     177

/etc/X11/xdm/xdm-options

I think xdm-options is Debian specific. I don't think I made any change in this file.

# configuration options for xdm
# See xdm.options(5) for an explanation of the available options.

no-ignore-nologin
no-restart-on-upgrade
no-start-on-install
use-sessreg

Resetting XDM

There are other files in /etc/X11/xdm directory that you can safely leave as is. After you make any change with the files, have xdm reread the config files.

kill -1 $(pidof xdm)

If you want to force xdm to kill all running sessions and restart, enter the following command.

/etc/init.d/xdm restart

That's all I have to write about xdm for now. In summary, xdm is a simple, yet functional login manager that is easy to set up.

Using GraphicsMagick to Set the Background

GraphicsMagick is a powerful graphics tool that can be used to set the background on Linux. I've been using xsetbg from the xloadimage package to set X-Windows background. However, I realized that GraphicsMagick can replace xloadimage and netpbm that I've used for setting background and converting images.

So far I just learned a few tricks for setting background with GraphicsMagick. To tile an image on the background, type a command like this:

gm display -window root background.jpg

To fill the background with an image smaller than the screen size, use the -geometry option:

gm display -window root -geometry 1440x960 Background.jpg

You can also use the percentage (%) sign to zoom in or out the image and place it on the background.

gm display -window root -geometry 300x200% background.jpg

You can add the -gamma option to darken or brighten the image. If gamma is less than 1, the output image will be darker. If gamma is greater than 1, the image will be brighter.

gm display -window root -gamma 0.5 BG_pix.jpg

There are many more options that you can use with GraphicsMagick, for example, -crop, -dither, -trim etc. Read the manual page of GraphicsMagick and documentation for further information.

Disk Cloning / Imaging over Network with SSH, Netcat, DD and XZ

Today we have affordable, ample storage and faster bandwidth to facilitate partition imaging and disk cloning over network. Nowadays, it's common and feasible to take the image of a whole partition for various reasons. Compared to file-based backups using tar, disk imaging provides the following advantages.

• The boot sector is preserved so that it's easy to make it bootable after the restore.
  
• Information such as UUID and LABEL is presered, which helps identify the partition in booting and mounting.
  
• Information such as ACL and XATTR is preserved, which helps restrict file access and secure the system.
  
• Every bit in the unused sectors is preserved, which may assist in digital forensics to uncover deleted or hidden information.
  

There are commercial programs for disk imaging and backup (Norton Ghost, Acronis True Image). However, Linux users can use readily available tools to get things done. For disk cloning/imaging, we can use ssh, netcat, dd and xz. Note that dd will fail on physically damaged disks. For such disks, use ddrescue instead.

For security and compression, we are going to use ssh and xz in this tutorial. If you don't like xz, feel free to substitute xz with gzip, bzip2 or lzop. Also, netcat is used to stream the dd output over the network. On Debian and Ubuntu derivatives, you need the following packages.

• bzip2, gzip, lzop, lzma OR xz-utils
  
• dd
  
• netcat
  
• ssh
  

We are making these assumptions in the following scenarios.

• Sending computer S
  
  This computer has IP address 192.168.1.1 and needs to back up partition /dev/sda1.
  
• Sending Port
  
  We'll send using port 5525.
  
• Receiving computer T
  
  This computer has IP address 192.168.1.2 and needs to restore partition /dev/sda2.
  
• Receiving Port
  
  We'll receive at port 7749.
  

Disk Cloning using dd, xz, netcat and ssh

In this scenario, we will clone a disk partition, simultaneously sending an image of the source partition /dev/sda1 from computer S (192.168.1.1) and restoring it at /dev/sda2 on computer T (192.168.1.2). Make sure that the source partition is not mounted or is mounted read-only. Also, make sure that the target partition size is greater than or equal to the source partition size.

1. At the sending computer, compress the source partition /dev/sda1 with xz and set up netcat to send it at port 5525:
   
   

   dd if=/dev/sda1 bs=16M | xz | nc -l 5525

   
   
2. At the receiving computer, set up a SSH tunnel to the sending computer (192.168.1.1):
   
   

   ssh -f -N -L 7749:127.0.0.1:5525 username@192.168.1.1

   
   
3. At the receiving computer, type the following command to receive the partition image and restore it at /dev/sda2:
   
   

   nc 127.0.0.1 7749 | xz -d | dd of=/dev/sda2 bs=16M

   
   

Alternatively, we could take the following steps to achieve the same thing. However, we start at the receiving computer.

1. At the receiving computer with the target partition /dev/sda2, type the following command to receive the partition image:
   
   

   nc -l 7749 | xz -d | dd of=/dev/sda2 bs=16M

   
   
2. At the sending computer with the source partition /dev/sda1, set up a SSH tunnel to the receiving computer (192.168.1.2):
   
   

   ssh -f -N -L 5525:127.0.0.1:7749 username@192.168.1.2

   
   
3. At the sending computer, type the following command to compress the source partition /dev/sda1 and transmit it over the SSH tunnel:
   
   

   dd if=/dev/sda1 bs=16M | xz | nc 127.0.0.1 5525

   
   

   Note that the transfer may take many hours for a large partition.

   
   

Disk Imaging using dd, xz, netcat and ssh

In this scenario, we will just send an image of the source partition /dev/sda1 to the receiving computer T (192.168.1.2) without restoring it. Make sure that the source partition is not mounted or is mounted read-only. A question remains whether to compress the image at the sending or receiving computer. The answer depends on which computer is more powerful. For this example, we'll compress at the sending computer (for network bandwidth reason).

1. At the sending computer, compress the source partition /dev/sda1 with xz and stream it using netcat:
   
   

   dd if=/dev/sda1 bs=16M | xz | nc -l 5525

   
   
2. At the receiving computer, set up a SSH tunnel to the sending computer (192.168.1.1):
   
   

   ssh -f -N -L 7749:127.0.0.1:5525 username@192.168.1.1

   
   
3. At the receiving computer, type the following command to receive the file:
   
   

   nc 127.0.0.1 7749 > partimg.xz

   
   

Alternatively, we could take the following steps to achieve the same thing.

1. At the receiving computer, set up netcat to listen at port 7749 and save the incoming data to a file partimg.xz.
   
   

   nc -l 7749 | dd of=partimg.xz bs=16M

   
   
2. At the sending computer, establish a SSH tunnel to the receiving computer (192.168.1.2) first:
   
   

   ssh -f -N -L 5525:192.168.1.2:7749 username@192.168.1.2

   
   
3. At the sending computer, type the following command to compress the source partition /dev/sda1 and transmit it over the SSH tunnel:
   
   

   dd if=/dev/sda1 bs=16M | xz | nc 127.0.0.1 5525

   
   

   Note that the transfer may take many hours for a large partiiton.

   
   

Alternative Simple Commands for Disk Cloning / Imaging

I don't like these methods for some reason, but here I show the simpler methods where netcat is not needed. For disk cloning, type something like this:

dd if=/dev/sda1 bs=16M | xz | ssh username@192.168.1.2 "xz -d | dd of=/dev/sda2 bs=16M"

Just to send an image file, run a command as follows:

dd if=/dev/sda1 bs=16M | xz | ssh username@192.168.1.2 "dd of=partimg.xz bs=16M"

Also Read:

• Linux: Using dd To Back Up Hard Drive Partitions.
  
• Backing up Hard Disk Partitions in Linux
  

Checking Integrity of A Debian/Ubuntu System

Sometimes, a Linux filesystem becomes corrupted, system files are damaged, or some crucial files get lost. This often happens, regardless of which filesystem (ext2, ext3, ext4, jfs, reiserfs, reiser4, or xfs) is used. There are many possible reasons, such as:

• Unstable hardware, for example, memory or hard drive problem
  
• Overheat, power surge, quake or another environmental disaster
  
• Buggy software, such as a bug in the kernel or the filesystem driver
  
• Compromised security, for example, network intrusion or attack
  
• Worm or virus infection

Files in Linux systems can be categorized into the following three:

1. Verifiable System Files
   
   In Linux systems that are managed by packages (such as Debian and Ubuntu), these files are installed by packages and make up the bulk of the filesystem. These files reside in such directories as /bin, /lib, /sbin and /usr. They are usually static, which means they don't normally change except when the system is updated, or locally compiled binaries are installed.
   
2. Changeable System Files
   
   These files are auxiliary system files for system configuration, initialization or customization, and system data (such as logs and cache). They reside in /boot, /etc, /opt, /srv and /var.
   
3. User Data
   
   These files are created and used by superuser (a.k.a root) and normal users, or software-generated during casual user activities. Typically, they are in /home, /media, /mnt and /root.
   

This post focuses on verifiable system files (installed by packages). When the filesystem becomes corrupted (but not completely unreadable), it is possible to verify and restore the system integrity by using package checksums. Before you continue, make sure to fsck the filesystem.

e2fsck -r -v /dev/sda7

In this example, /dev/sda7 points to an ext2 partition we're going to check. Be aware that you cannot fsck a mounted filesystem. Therefore, boot with a Debian Live CD (or a Ubuntu CD) and run fsck. After you've performed fsck, there may be some files created in the /lost+found directory. We'll deal with them later. First, mount the filesystem.

mount -t ext2 /dev/sda7 /mnt

Go to /var/lib/dpkg/info. Then, concatenate all the md5sums files. Most, if not all, Debian and Ubuntu packages come with a md5sum file that we can use to check the integrity of the package and the files installed by the package.

cd /var/lib/dpkg/info
cat *.md5sums | sort > /dev/shm/all.md5

all.md5 has md5 checksums of all the files installed on the system. Now, check the files on the Debian/Ubuntu system against the concatenated md5sums file.

cd /
md5sum -c /dev/shm/all.md5 > /dev/shm/check.txt 2>&1

/dev/shm/check.txt now contains the results of the integrity check. It looks like this:

bin/bash: OK
bin/bunzip2: OK
bin/bzcat: FAILED

In this example, /bin/bzcat is damaged. To find all the missing or damaged files, use a command like this one:

grep -v ': OK$' /dev/shm/check.txt

Let's reinstall this file. First, find out which package this file belongs to.

dpkg -S /bin/bzcat

We'll see the following result.

bzip2: /bin/bzcat

Now we know that we need to reinstall bzip2. Let's download the package.

dpkg -p bzip2 | grep 'Filename: '

This command will let us know the name of the package to download. Use wget to download it.

wget ftp://ftp.us.debian.org/debian/pool/main/b/bzip2/bzip2_1.0.5-4_i386.deb

You can just reinstall the package.

dpkg -i bzip2_1.0.5-4_i386.deb

Or, you can just extract one file:

dpkg --fsys-tarfile bzip2_1.0.5-4_i386.deb | tar xf - ./bin/bzcat

Alternatively,

dpkg --fsys-tarfile bzip2_1.0.5-4_i386.deb | tar xOf - ./bin/bzcat > /mnt/bin/bzcat

To restore a file from the /lost+found directory, you can also use the MD5SUMS file. First, run md5sum on files in /lost+found.

cd /lost+found
md5sum *

You may get an output like this.

9aaa2176d20c1b1203e3abbac55a2513  #124531

To find out what #124531 file is originally, find its md5 checksum from the all.md5 file above.

grep 9aaa /dev/shm/all.md5

You'll get a result like this.

9aaa2176d20c1b1203e3abbac55a2513  bin/bzip2

Now you can just move it to its place.

mv \#124531 /mnt/bin/bzip2

After you restore all damaged files and restore files from /lost+found, you can find missing files in the system. Go to /var/lib/dpkg/info again and concatenate all the list files.

cd /var/lib/dpkg/info
cat *.list | sort | uniq > /dev/shm/all.txt

The .list files in the /var/lib/dpkg/info directore show the list of files installed by packages. Let's find what's missing from the system.

cd /
for f in $(cat /dev/shm/all.txt ); do test -e "$f" || echo "$f" >> /dev/shm/nonexist.txt ; done

The file /dev/shm/nonexist.txt will show which files are missing from the system. You can then replace the missing files as done previously.

Setting the Background with xsetbg

This is just my 2 cents on setting the wallpaper on your X Windows desktop. There are many tools for setting the background — technically called the root window. If you use KDE or GNOME, setting up the background is automatic as it is done by the friendly GUI. However, if you are one of those people — including me — who prefer light and minimalist X-Windows environment, you'll put a command in your .xsession file to set your background.

Here, I introduce you to a nice nifty tool called xsetbg. It belongs to a package called xloadimage. I find it attractive just because it doesn't have many dependencies. This is how I use xsetbg in my .xsession file to place my lotus wallpaper on the desktop:

/usr/bin/xsetbg -center -xzoom 115 -yzoom 128 /usr/share/pixmaps/5469_G.jpg

The nice thing about it is that it lets you zoom the width and height separately and center the image at the same time. Pratically, this feature allows you to hide unwanted edges from the screen. For example, the picture below has unnecessary edges around it.

The following command sets this image as the desktop wallpaper without the unwanted edges (assuming your screen is in 800x600 resolution). Change the zoom percentages as necessary for your screen resolution.

xsetbg -center -xzoom 67 -yzoom 85 Sanctuary.jpg