Accepting request 528672 from home:michalsrb:branches:fate323880

- Add tigervnc-x11vnc wrapper for x0vncserver that replaces x11vnc. (fate#323207) - Replace java applet with novnc as web-based VNC viewer. (fate#323880) - Convert xinetd services to systemd socket activated services. (bnc#1058460) OBS-URL: https://build.opensuse.org/request/show/528672 OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/tigervnc?expand=0&rev=120
2017-09-25 15:11:16 +00:00 · 2017-09-25 15:11:16 +00:00 · 920bd1a9b6
commit 920bd1a9b6
parent f1e184ebab
9 changed files with 368 additions and 232 deletions
--- a/tigervnc.changes
+++ b/tigervnc.changes
@ -1,3 +1,15 @@
 -------------------------------------------------------------------
 Mon Sep 25 08:36:07 UTC 2017 - msrb@suse.com
 - Add tigervnc-x11vnc wrapper for x0vncserver that replaces x11vnc.
  (fate#323207)
 - Replace java applet with novnc as web-based VNC viewer.
  (fate#323880)
 - Convert xinetd services to systemd socket activated services.
  (bnc#1058460)
 -------------------------------------------------------------------
 Mon Sep 11 14:12:30 UTC 2017 - fstrba@suse.com
--- a/tigervnc.spec
+++ b/tigervnc.spec
@ -22,6 +22,8 @@
 %define tlskey  %{_sysconfdir}/vnc/tls.key
 %define tlscert %{_sysconfdir}/vnc/tls.cert
 %define _unitdir %{_prefix}/lib/systemd/system
 Name:           tigervnc
 Version:        1.8.0
 Release:        0
@ -53,6 +55,7 @@ BuildRequires:  libgpg-error-devel
 BuildRequires:  mozilla-nss
 BuildRequires:  pam-devel
 BuildRequires:  pkg-config
 BuildRequires:  systemd-rpm-macros
 BuildRequires:  xmlto
 BuildRequires:  xorg-x11-libICE-devel
 BuildRequires:  xorg-x11-libSM-devel
@ -101,16 +104,20 @@ Summary:        A high-performance, platform-neutral implementation of VNC
 License:        GPL-2.0 and MIT
 Group:          System/X11/Servers/XF86_4
 Source1:        https://github.com/TigerVNC/tigervnc/archive/v%{version}.tar.gz
 Source3:        vnc.xinetd
 Source4:        10-libvnc.conf
 Source5:        vnc-server.firewall
 Source6:        vnc-httpd.firewall
-Source7:        vnc_inetd_httpd
+Source7:        vnc.reg
-Source8:        vnc.reg
+Source8:        vncpasswd.arg
-Source9:        vncpasswd.arg
+Source9:        vnc.pam
-Source10:       vnc.pam
+Source10:       with-vnc-key.sh
-Source11:       with-vnc-key.sh
+Source11:       index.vnc
-Source12:       index.vnc
+Source12:       x11vnc
 Source13:       xvnc@.service
 Source14:       xvnc.socket
 Source15:       xvnc-novnc.service
 Source16:       xvnc-novnc.socket
 Patch1:         tigervnc-newfbsize.patch
 Patch2:         tigervnc-clean-pressed-key-on-exit.patch
 Patch3:         u_tigervnc-ignore-epipe-on-write.patch
@ -135,18 +142,15 @@ Requires(post): /usr/sbin/useradd
 Requires(post): /usr/sbin/groupadd
 # Needed to generate certificates
 Requires:       openssl
 # Needed to serve java applet
 Requires:       python
 Requires:       python-pyOpenSSL
 Requires:       windowmanager
 Requires:       xauth
 Requires:       xinetd
 Requires:       xinit
 Requires:       xkbcomp
 Requires:       xkeyboard-config
 Requires:       xorg-x11-fonts-core
 # For the with-vnc-key.sh script
 Requires:       /bin/hostname
 %{?systemd_requires}
 Provides:       xorg-x11-Xvnc:/usr/lib/vnc/with-vnc-key.sh
 Summary:        TigerVNC implementation of Xvnc
 Group:          System/X11/Servers/XF86_4
@ -154,6 +158,34 @@ Group:          System/X11/Servers/XF86_4
 %description -n xorg-x11-Xvnc
 This is the TigerVNC implementation of Xvnc.
 %package -n xorg-x11-Xvnc-novnc
 Requires:       novnc
 Requires:       python-websockify
 Requires:       xorg-x11-Xvnc
 %{?systemd_requires}
 Summary:        NoVNC service for Xvnc
 Group:          System/X11/Servers/XF86_4
 BuildArch:      noarch
 %description -n xorg-x11-Xvnc-novnc
 A service that starts noVNC linked to Xvnc server.
 %package -n xorg-x11-Xvnc-java
 # Needed to serve java applet
 # Requires:       python
 # Requires:       python-pyOpenSSL
 # TODO: Requires?
 BuildArch:      noarch
 %{?systemd_requires}
 Summary:        VNC viewer in java
 Group:          System/X11/Servers/XF86_4
 %description -n xorg-x11-Xvnc-java
 A VNC client written in java that can be used as standalone application or as
 an applet inside web page.
 %package -n libXvnc1
 Summary:        X extension to control VNC module
 Group:          System/Libraries
@ -169,6 +201,19 @@ Requires:       libXvnc1 = %version
 %description -n libXvnc-devel
 Xvnc extension allows X clients to read and change VNC configuration.
 %package x11vnc
 Summary:        Wrapper that starts x0vncserver
 Group:          System/X11/Servers/XF86_4
 Requires:       python
 Requires:       xorg-x11-Xvnc
 Provides:       x11vnc
 Conflicts:      x11vnc
 BuildArch:      noarch
 %description x11vnc
 This is a wrapper that looks like x11vnc, but starts x0vncserver instead.
 It maps common x11vnc arguments to x0vncserver arguments.
 %prep
 %setup -T -b1 -q
 cp -r /usr/src/xserver/* unix/xserver/
@ -242,36 +287,40 @@ mkdir -p $RPM_BUILD_ROOT%{_datadir}/vnc/classes
 install -m755 VncViewer.jar $RPM_BUILD_ROOT%{_datadir}/vnc/classes
 popd
 install -D -m 644 %{SOURCE3} $RPM_BUILD_ROOT/etc/xinetd.d/vnc
 %ifnarch s390x
 install -D -m 644 %{SOURCE4} $RPM_BUILD_ROOT/etc/X11/xorg.conf.d/10-libvnc.conf
 %endif
 install -D -m 644 %{SOURCE5} $RPM_BUILD_ROOT/etc/sysconfig/SuSEfirewall2.d/services/vnc-server
 install -D -m 644 %{SOURCE6} $RPM_BUILD_ROOT/etc/sysconfig/SuSEfirewall2.d/services/vnc-httpd
-install -D -m 755 %{SOURCE7} $RPM_BUILD_ROOT%{_bindir}/vnc_inetd_httpd
+install -D -m 644 %{SOURCE7} $RPM_BUILD_ROOT/etc/slp.reg.d/vnc.reg
-install -D -m 644 %{SOURCE8} $RPM_BUILD_ROOT/etc/slp.reg.d/vnc.reg
+install -D -m 755 %{SOURCE8} $RPM_BUILD_ROOT%{_bindir}/vncpasswd.arg
-install -D -m 755 %{SOURCE9} $RPM_BUILD_ROOT%{_bindir}/vncpasswd.arg
+install -D -m 644 %{SOURCE9} $RPM_BUILD_ROOT/etc/pam.d/vnc
-install -D -m 644 %{SOURCE10} $RPM_BUILD_ROOT/etc/pam.d/vnc
+install -D -m 644 %{SOURCE11} $RPM_BUILD_ROOT%{_datadir}/vnc/classes
 install -D -m 644 %{SOURCE12} $RPM_BUILD_ROOT%{_datadir}/vnc/classes
 %if 0%{?suse_version} >= 1315
 ln -s -f %{_sysconfdir}/alternatives/vncviewer $RPM_BUILD_ROOT%{_bindir}/vncviewer
 ln -s -f %{_sysconfdir}/alternatives/vncviewer.1.gz $RPM_BUILD_ROOT%{_mandir}/man1/vncviewer.1.gz
 %endif
 mkdir -p %{buildroot}%{_sbindir}
 ln -sf %{_sbindir}/service %{buildroot}%{_sbindir}/rcxvnc
 ln -sf %{_sbindir}/service %{buildroot}%{_sbindir}/rcxvnc-novnc
 mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/vnc
 mkdir -p $RPM_BUILD_ROOT%{_libexecdir}/vnc
-install -D -m 755 %{SOURCE11} $RPM_BUILD_ROOT%{_libexecdir}/vnc
+install -D -m 755 %{SOURCE10} $RPM_BUILD_ROOT%{_libexecdir}/vnc
 install -D -m 755 %{SOURCE12} $RPM_BUILD_ROOT%{_bindir}/x11vnc
 install -D %{SOURCE13} -m 0444 %{buildroot}%{_unitdir}/xvnc@.service
 install -D %{SOURCE14} -m 0444 %{buildroot}%{_unitdir}/xvnc.socket
 install -D %{SOURCE15} -m 0444 %{buildroot}%{_unitdir}/xvnc-novnc.service
 install -D %{SOURCE16} -m 0444 %{buildroot}%{_unitdir}/xvnc-novnc.socket
 rm -rf $RPM_BUILD_ROOT/usr/share/doc/tigervnc-*
 %find_lang '%{name}'
 %pre -n xorg-x11-Xvnc
 getent group %{vncgroup} > /dev/null || groupadd -r %{vncgroup} || :
 getent passwd %{vncuser} > /dev/null || useradd -r -g %{vncgroup} -d /var/lib/empty -s /sbin/nologin -c "user for VNC" %{vncuser} || :
 usermod -G shadow -a %{vncuser} || :
 %post
 %if 0%{?suse_version} >= 1315
 %_sbindir/update-alternatives \
@ -286,6 +335,42 @@ if [ "$1" = 0 ] ; then
 fi
 %endif
 %pre -n xorg-x11-Xvnc
 # %service_add_pre xvnc@.service
 %service_add_pre xvnc.socket
 getent group %{vncgroup} > /dev/null || groupadd -r %{vncgroup} || :
 getent passwd %{vncuser} > /dev/null || useradd -r -g %{vncgroup} -d /var/lib/empty -s /sbin/nologin -c "user for VNC" %{vncuser} || :
 usermod -G shadow -a %{vncuser} || :
 %post -n xorg-x11-Xvnc
 # %service_add_post xvnc@.service
 %service_add_post xvnc.socket
 %preun -n xorg-x11-Xvnc
 # %service_del_preun xvnc@.service
 %service_del_preun xvnc.socket
 %postun -n xorg-x11-Xvnc
 # %service_del_postun xvnc@.service
 %service_del_postun xvnc.socket
 %pre -n xorg-x11-Xvnc-novnc
 %service_add_pre xvnc-novnc.service
 %service_add_pre xvnc-novnc.socket
 %post -n xorg-x11-Xvnc-novnc
 %service_add_post xvnc-novnc.service
 %service_add_post xvnc-novnc.socket
 %preun -n xorg-x11-Xvnc-novnc
 %service_del_preun xvnc-novnc.service
 %service_del_preun xvnc-novnc.socket
 %postun -n xorg-x11-Xvnc-novnc
 %service_del_postun xvnc-novnc.service
 %service_del_postun xvnc-novnc.socket
 %post -n libXvnc1 -p /sbin/ldconfig
 %postun -n libXvnc1 -p /sbin/ldconfig
@ -330,7 +415,6 @@ fi
 %{_bindir}/vncpasswd.arg
 %{_bindir}/vncserver
 %{_bindir}/x0vncserver
 %{_bindir}/vnc_inetd_httpd
 %exclude %{_mandir}/man1/Xserver.1*
 %{_mandir}/man1/Xvnc.1*
@ -339,6 +423,10 @@ fi
 %{_mandir}/man1/vncserver.1*
 %{_mandir}/man1/x0vncserver.1*
 %{_unitdir}/xvnc@.service
 %{_unitdir}/xvnc.socket
 %{_sbindir}/rcxvnc
 %exclude /usr/%{_lib}/xorg/protocol.txt
 %exclude /usr/%{_lib}/xorg/modules/extensions/libvnc.la
 %ifnarch s390 s390x
@ -359,7 +447,6 @@ fi
 %else
 %exclude /etc/X11/xorg.conf.d
 %endif
 %config(noreplace) /etc/xinetd.d/vnc
 %dir /etc/slp.reg.d
 %config(noreplace) /etc/slp.reg.d/vnc.reg
@ -369,15 +456,21 @@ fi
 %exclude /usr/lib/debug/.*
 %exclude /usr/src/debug
 %doc java/com/tigervnc/vncviewer/README
 %{_datadir}/vnc
 %dir %attr(0755,%{vncuser},%{vncuser}) %{_sysconfdir}/vnc
 %ghost %attr(0600,%{vncuser},%{vncuser}) %config(noreplace) %{tlskey}
 %ghost %attr(0644,%{vncuser},%{vncuser}) %config(noreplace) %{tlscert}
 %{_libexecdir}/vnc
 %files -n xorg-x11-Xvnc-novnc
 %{_unitdir}/xvnc-novnc.service
 %{_unitdir}/xvnc-novnc.socket
 %{_sbindir}/rcxvnc-novnc
 %files -n xorg-x11-Xvnc-java
 %doc java/com/tigervnc/vncviewer/README
 %{_datadir}/vnc
 %files -n libXvnc1
 %defattr(-,root,root)
 %{_libdir}/libXvnc.so.1*
@ -387,4 +480,8 @@ fi
 %{_libdir}/libXvnc.so
 %{_includedir}/X11/extensions/Xvnc.h
 %files x11vnc
 %defattr(-,root,root)
 %{_bindir}/x11vnc
 %changelog
--- a/vnc.xinetd
+++ b/vnc.xinetd
@ -1,90 +0,0 @@
 # default: off
 # description: This serves out a VNC connection which starts at a KDM login \
 #	prompt. This VNC connection has a resolution of 1024x768, 16bit depth.
 service vnc1
 {
 	type		= UNLISTED
 	port		= 5901
 	socket_type	= stream
 	protocol	= tcp
 	wait		= no
 	user		= vnc
 	server		= /usr/lib/vnc/with-vnc-key.sh
 	server_args	= /usr/bin/Xvnc -noreset -inetd -once -query localhost -geometry 1024x768 -securitytypes X509None,None -X509Key /etc/vnc/tls.key -X509Cert /etc/vnc/tls.cert -log *:syslog:30 -extension MIT-SHM
 	disable		= yes
 }
 # default: off
 # description: This serves out a VNC connection which starts at a KDM login \
 #	prompt. This VNC connection has a resolution of 1280x1024, 16bit depth.
 service vnc2
 {
 	type		= UNLISTED
 	port		= 5902
 	socket_type	= stream
 	protocol	= tcp
 	wait		= no
 	user		= vnc
 	server		= /usr/lib/vnc/with-vnc-key.sh
 	server_args	= /usr/bin/Xvnc -noreset -inetd -once -query localhost -geometry 1280x1024 -securitytypes X509None,None -X509Key /etc/vnc/tls.key -X509Cert /etc/vnc/tls.cert -log *:syslog:30 -extension MIT-SHM
 	disable		= yes
 }
 # default: off
 # description: This serves out a VNC connection which starts at a KDM login \
 #	prompt. This VNC connection has a resolution of 1600x1200, 16bit depth.
 service vnc3
 {
 	type		= UNLISTED
 	port		= 5903
 	socket_type	= stream
 	protocol	= tcp
 	wait		= no
 	user		= vnc
 	server		= /usr/lib/vnc/with-vnc-key.sh
 	server_args	= /usr/bin/Xvnc -noreset -inetd -once -query localhost -geometry 1600x1200 -securitytypes X509None,None -X509Key /etc/vnc/tls.key -X509Cert /etc/vnc/tls.cert -log *:syslog:30 -extension MIT-SHM
 	disable		= yes
 }
 # default: off
 # description: This serves out the vncviewer Java applet for the VNC \
 #	server running on port 5901, (vnc port 1).
 service vnchttpd1
 {
 	type		= UNLISTED
 	port		= 5801
 	socket_type	= stream
 	protocol	= tcp
 	wait		= no
 	user		= vnc
 	server		= /usr/lib/vnc/with-vnc-key.sh
 	server_args	= /usr/bin/vnc_inetd_httpd 1024 768 5901
 	disable		= yes
 }
 # default: off
 # description: This serves out the vncviewer Java applet for the VNC \
 #	server running on port 5902, (vnc port 2).
 service vnchttpd2
 {
 	type		= UNLISTED
 	port		= 5802
 	socket_type	= stream
 	protocol	= tcp
 	wait		= no
 	user		= vnc
 	server		= /usr/lib/vnc/with-vnc-key.sh
 	server_args	= /usr/bin/vnc_inetd_httpd 1280 1024 5902
 	disable		= yes
 }
 # default: off
 # description: This serves out the vncviewer Java applet for the VNC \
 #	server running on port 5902, (vnc port 3).
 service vnchttpd3
 {
 	type		= UNLISTED
 	port		= 5803
 	socket_type	= stream
 	protocol	= tcp
 	wait		= no
 	user		= vnc
 	server		= /usr/lib/vnc/with-vnc-key.sh
 	server_args	= /usr/bin/vnc_inetd_httpd 1600 1200 5903
 	disable		= yes
 }
--- a/114
+++ b/114
@ -1,114 +0,0 @@
 #!/usr/bin/env python
 # This is simple stupid WWW server intended to serve VNC java applet.
 # It is made to be called by xinetd.
 # It handles both HTTP and HTTPS on the same port. If HTTPS is allowed, any HTTP requests is responded with redirect to HTTPS.
 import re
 import sys
 import socket
 import time
 from OpenSSL import SSL, crypto
 TLS_KEY = "/etc/vnc/tls.key"
 TLS_CERT = "/etc/vnc/tls.cert"
 JAR_FILE = "/usr/share/vnc/classes/VncViewer.jar"
 TIMEOUT = 10
 WIDTH = int(sys.argv[1])
 HEIGHT = int(sys.argv[2])
 VNC_PORT = int(sys.argv[3])
 USE_HTTPS = not (len(sys.argv) >= 5 and sys.argv[4] == "NoHTTPS")
 # Take the stdin as our input socket (given from xinetd)
 conn = sock = socket.fromfd(sys.stdin.fileno(), socket.AF_INET, socket.SOCK_STREAM)
 # If we are supposed to use HTTPS, load certificate and replace conn with SSL connection.
 if USE_HTTPS:
  cert = crypto.load_certificate(crypto.FILETYPE_PEM, open(TLS_CERT, 'r').read())
  context = SSL.Context(SSL.SSLv23_METHOD)
  context.use_privatekey_file(TLS_KEY)
  context.use_certificate(cert)
  conn = SSL.Connection(context, sock)
  conn.set_accept_state()
 # Send normal response
 def send_response(connection, ctype, response):
  connection.sendall(
    "HTTP/1.0 200 OK\n" +
    "Content-Type: " + ctype + "\n" +
    "Content-Length: " + str(len(response)) + "\n" +
    "Connection: close\n" +
    "\n" +
    response
  )
 # Send redirect
 def send_redirect(connection, ctype, response, location):
  connection.sendall(
    "HTTP/1.0 301 Moved Permanently\n" +
    "Location: " + location + "\n" +
    "Content-Type: " + ctype + "\n" +
    "Content-Length: " + str(len(response)) + "\n" +
    "Connection: close\n" +
    "\n" +
    response
  )
 # Try to read and parse HTTP request
 try:
  start_time = time.time()
  buffer = ''
  while True:
    buffer += conn.recv(1024)
    if buffer.endswith("\r\n\r\n") or start_time + TIMEOUT < time.time():
      break
  method, url = buffer.split(" ", 2)[0:2]
  if url == '/VncViewer.jar':
    with open(JAR_FILE, 'r') as file:
      send_response(conn, "application/octet-stream", file.read())
  else:
    response = \
    """<html>
        <head>
          <title>Remote Desktop</title>
        </head>
        <body>
          <embed type="application/x-java-applet;version=1.6" code="com.tigervnc.vncviewer.VncViewer" archive="VncViewer.jar" width="%d" height="%d"
            Port="%d"
            Embed="true"
            AlwaysShowServerDialog="false"
            SecurityTypes="%s"
            x509autoaccept="%s"
          >
        </body>
      </html>
    """%(WIDTH, HEIGHT, VNC_PORT, 'X509None' if USE_HTTPS else 'TLSNone', cert.digest('SHA1') if USE_HTTPS else '')
    send_response(conn, "text/html", response)
 except SSL.Error:
  # If SSL failed, it is most probably because the browser is actually trying to do normal HTTP request.
  # We have now a partially consumed HTTP request in sock, let's try if we can get Host header out of it
  partial_request = sock.recv(8000) # Arbitrary big number, if the request is longer than this, we will just skip the rest.
  host = None
  match = re.search(r"\r\nHost: ([^\r]+)\r\n", partial_request)
  if match:
    host = match.group(1)
  if host:
    # If we got host header, we can redirect nicely with HTTP 301.
    send_redirect(sock, "text.html", "<html><body>Use https.</body></html>", "https://" + host)
  else:
    # If we don't know the host header, redirect using javascript.
    send_response(sock, "text.html", "<html><head><script>document.location.protocol = 'https';</script></head><body>Use https.</body></html>")
--- a/194
+++ b/194
@ -0,0 +1,194 @@
 #!/usr/bin/env python
 # This is wrapper for x0vncserver that translate most common x11vnc arguments
 # to x0vncserver's arguments
 import argparse
 import socket
 import os
 import sys
 def is_port_free(port):
    try:
        sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
        sock.bind(('', port))
        sock.close()
        return True
    except socket.error as e:
        return False
 def find_free_port(starting_port):
    for port in range(starting_port, 6000):
        if is_port_free(port):
            return port
    return None
 parser = argparse.ArgumentParser(add_help=False)
 parser.add_argument('-help', '-h', action='help')
 parser.add_argument('--version', '-V', action='store_true')
 parser.add_argument('-storepasswd', nargs=2)
 parser.add_argument('-display')
 parser.add_argument('-auth')
 parser.add_argument('-N', action='store_true')
 parser.add_argument('-rfbport', type=int)
 parser.add_argument('-autoport', type=int, default=5900)
 parser.add_argument('-6', dest='yes6', action='store_true')
 parser.add_argument('-no6', action='store_true')
 #parser.add_argument('-once', action='store_true') # TODO: Add support to x0vncserver
 parser.add_argument('-forever', '-many', action='store_true')
 parser.add_argument('-viewonly', action='store_true')
 #parser.add_argument('-shared', action='store_true') # TODO?
 parser.add_argument('-alwaysshared', action='store_true')
 parser.add_argument('-nevershared', action='store_true')
 parser.add_argument('-dontdisconnect', action='store_true')
 #parser.add_argument('-timeout', nargs=1, type=int) # TODO?
 parser.add_argument('-clip')
 parser.add_argument('-deferupdate', type=int)
 parser.add_argument('-noshm', action='store_true')
 #parser.add_argument('-allow', nargs=1) # TODO?
 #parser.add_argument('-localhost') # TODO?
 parser.add_argument('-rfbauth')
 parser.add_argument('-nopw', action='store_true')
 parser.add_argument('-unixpw')
 # Accepted, but ignored arguments
 ignored_arguments = ['-v', '-verbose', '-q', '-quiet']
 parser.add_argument(*ignored_arguments, dest='ignored_argument', action='store_true')
 print('Warning: x11vnc is deprecated in favor of x0vncserver.')
 print('         This is a wrapper that maps the most common set of x11vnc')
 print('         arguments to x0vncserver arguments.')
 print()
 print('         Use x0vncserver directly if you want encrypted connection.')
 print()
 args = parser.parse_args()
 # Warnings
 if args.ignored_argument:
    print('Warning: x11vnc wrapper accepts but ignores following arguments:')
    print(', '.join(ignored_arguments))
 # vncpasswd
 if args.storepasswd:
    (password, passwdfile) = args.storepasswd
    os.execlp('vncpasswd.arg', 'vncpasswd.arg', passwdfile, password)
 # x0vncserver
 new_args = ['x0vncserver']
 default_security_type = 'None'
 security_type = default_security_type
 if args.version:
    new_args.append('-version')
 if args.display:
    new_args.append('-display')
    new_args.append(args.display)
 if args.auth:
    os.environ['XAUTHORITY'] = args.auth
 if args.N:
    display = args.display or os.environ['DISPLAY']
    if not display:
        print('No display set')
        sys.exit(1)
    port = int(display.split(':')[-1]) + 5900
    if is_port_free(port):
        new_args.append('-rfbport')
        new_args.append(str(port))
    else:
        print('Port %d is already used'%port)
        sys.exit(1)
 if args.rfbport:
    new_args.append('-rfbport')
    new_args.append(str(args.rfbport))
 else:
    port = find_free_port(args.autoport)
    new_args.append('-rfbport')
    new_args.append(str(port))
 if args.yes6:
    new_args.append('-UseIPv6')
 if args.no6:
    new_args.append('-UseIPv6=0')
 if args.forever:
    # This is default in x0vncserver
    pass
 if args.viewonly:
    new_args.append('-AcceptKeyEvents=0')
    new_args.append('-AcceptPointerEvents=0')
    new_args.append('-AcceptCutText=0')
    new_args.append('-AcceptSetDesktopSize=0')
 if args.alwaysshared:
    new_args.append('-AlwaysShared')
 if args.nevershared:
    new_args.append('-NeverShared')
 if args.dontdisconnect:
    new_args.append('-DisconnectClients=0')
 else:
    new_args.append('-DisconnectClients')
 if args.clip:
    new_args.append('-Geometry')
    new_args.append(args.clip)
 if args.deferupdate:
    new_args.append('-DeferUpdate')
    new_args.append(str(args.deferupdate))
 if args.noshm:
    new_args.append('-UseSHM=0')
 if args.rfbauth:
    security_type = 'VncAuth'
    new_args.append('-PasswordFile')
    new_args.append(args.rfbauth)
 if args.unixpw:
    security_type = 'Plain'
    new_args.append('-PlainUsers')
    new_args.append(args.unixpw)
 new_args.append('-SecurityTypes')
 new_args.append(security_type)
 if not args.nopw:
    # Note: This is the same warning as the original x11vnc gives
    if security_type == default_security_type:
        print("""
 #@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@#
 #@                                                           @#
 #@  **  WARNING  **  WARNING  **  WARNING  **  WARNING  **   @#
 #@                                                           @#
 #@        YOU ARE RUNNING X11VNC WITHOUT A PASSWORD!!        @#
 #@                                                           @#
 #@  This means anyone with network access to this computer   @#
 #@  may be able to view and control your desktop.            @#
 #@                                                           @#
 #@ >>> If you did not mean to do this Press CTRL-C now!! <<< @#
 #@                                                           @#
 #@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@#
 """)
 os.execvp('x0vncserver', new_args)
--- a/xvnc-novnc.service
+++ b/xvnc-novnc.service
@ -0,0 +1,10 @@
 [Unit]
 Description=noVNC Web Server
 Requires=xvnc.socket
 After=xvnc.socket
 [Service]
 ExecStart=/usr/lib/vnc/with-vnc-key.sh /usr/bin/websockify --key /etc/vnc/tls.key --cert /etc/vnc/tls.cert --web /usr/share/novnc --inetd localhost:5901
 User=vnc
 StandardInput=socket
 StandardError=syslog
--- a/xvnc-novnc.socket
+++ b/xvnc-novnc.socket
@ -0,0 +1,9 @@
 [Unit]
 Description=noVNC Web Server
 [Socket]
 ListenStream=5801
 Accept=False
 [Install]
 WantedBy=sockets.target
--- a/xvnc.socket
+++ b/xvnc.socket
@ -0,0 +1,9 @@
 [Unit]
 Description=Xvnc Server
 [Socket]
 ListenStream=5901
 Accept=yes
 [Install]
 WantedBy=sockets.target
--- a/xvnc@.service
+++ b/xvnc@.service
@ -0,0 +1,9 @@
 [Unit]
 Description=Xvnc Server
 [Service]
 ExecStart=/usr/lib/vnc/with-vnc-key.sh /usr/bin/Xvnc -noreset -inetd -once -query localhost -geometry 1024x768 -securitytypes X509None,None -X509Key /etc/vnc/tls.key -X509Cert /etc/vnc/tls.cert -log *:syslog:30 -extension MIT-SHM
 User=vnc
 StandardInput=socket
 StandardOutput=socket
 StandardError=syslog