diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..e052dcf --- /dev/null +++ b/.dockerignore @@ -0,0 +1 @@ +builder/build diff --git a/.gitignore b/.gitignore index 63463c4..ccb6180 100644 --- a/.gitignore +++ b/.gitignore @@ -14,3 +14,10 @@ config.h builder/build/ builder/www/ + +# Deb building artefacts +debian/.debhelper/ +debian/files +debian/kasmvncserver.substvars +debian/kasmvncserver/ +.pc diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 90eadc1..c72a155 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -18,8 +18,7 @@ build: - bash builder/build-tarball - bash builder/build-deb - mkdir output - - cp builder/build/kasmvncserver_*.deb output/ - - cp builder/build/kasmvnc.*.tar.gz output/ + - cp -r builder/build/* output/ artifacts: paths: - output/ diff --git a/LICENCE.TXT b/LICENCE.TXT index ae3b531..d159169 100644 --- a/LICENCE.TXT +++ b/LICENCE.TXT @@ -1,12 +1,12 @@ - GNU GENERAL PUBLIC LICENSE - Version 2, June 1991 + GNU GENERAL PUBLIC LICENSE + Version 2, June 1991 - Copyright (C) 1989, 1991 Free Software Foundation, Inc. - 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + Copyright (C) 1989, 1991 Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. - Preamble + Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public @@ -15,7 +15,7 @@ software--to make sure the software is free for all its users. This General Public License applies to most of the Free Software Foundation's software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by -the GNU Library General Public License instead.) You can apply it to +the GNU Lesser General Public License instead.) You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not @@ -55,8 +55,8 @@ patent must be licensed for everyone's free use or not licensed at all. The precise terms and conditions for copying, distribution and modification follow. - - GNU GENERAL PUBLIC LICENSE + + GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License applies to any program or other work which contains @@ -110,7 +110,7 @@ above, provided that you also meet all of these conditions: License. (Exception: if the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.) - + These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in @@ -168,7 +168,7 @@ access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code. - + 4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is @@ -225,7 +225,7 @@ impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. - + 8. If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License @@ -255,7 +255,7 @@ make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. - NO WARRANTY + NO WARRANTY 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN @@ -277,9 +277,9 @@ YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. - END OF TERMS AND CONDITIONS - - Appendix: How to Apply These Terms to Your New Programs + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it @@ -291,7 +291,7 @@ convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. - Copyright (C) 19yy + Copyright (C) This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -303,17 +303,16 @@ the "copyright" line and a pointer to where the full notice is found. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, - USA. + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: - Gnomovision version 69, Copyright (C) 19yy name of author + Gnomovision version 69, Copyright (C) year name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. @@ -336,5 +335,5 @@ necessary. Here is a sample; alter the names: This General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the -library. If this is what you want to do, use the GNU Library General +library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. diff --git a/builder/build-deb b/builder/build-deb index d068f8e..73751ef 100755 --- a/builder/build-deb +++ b/builder/build-deb @@ -3,11 +3,14 @@ set -e cd "$(dirname "$0")/.." +. builder/os_ver_cli.sh -docker build -t debbuilder_ubuntu:18.04 -f \ - builder/dockerfile.ubuntu1804.deb.build . +docker build -t debbuilder_${os}:${os_codename} -f \ + builder/dockerfile.${os}_${os_codename}.deb.build . deb_output_dir=$(cd .. && echo $PWD) L_UID=$(id -u) #Ubuntu already has UID env var, but this should work on all Linix systems L_GID=$(id -g) -docker run --rm -v "$deb_output_dir":/src --user $L_UID:$L_GID debbuilder_ubuntu:18.04 /bin/bash -c '/src/*/builder/build-deb-inside-docker' +docker run --rm -v "$deb_output_dir":/src --user $L_UID:$L_GID \ + debbuilder_${os}:${os_codename} /bin/bash -c \ + '/src/*/builder/build-deb-inside-docker' diff --git a/builder/build-deb-inside-docker b/builder/build-deb-inside-docker index 43c4e3a..faca5d0 100755 --- a/builder/build-deb-inside-docker +++ b/builder/build-deb-inside-docker @@ -4,6 +4,11 @@ set -e cd "$(dirname "$0")/.." +os=$(lsb_release -is | tr '[:upper:]' '[:lower:]') +os_codename=$(lsb_release -cs) +os_dir="builder/build/${os_codename}" + dpkg-buildpackage -us -uc -b -cp ../*.deb builder/build +mkdir -p "$os_dir" +cp ../*.deb "$os_dir" lintian ../*.deb || true diff --git a/builder/build-rpm b/builder/build-rpm new file mode 100755 index 0000000..39724d5 --- /dev/null +++ b/builder/build-rpm @@ -0,0 +1,16 @@ +#!/bin/bash + +set -e + +cd "$(dirname "$0")/.." +. builder/os_ver_cli.sh + +docker build -t kasmvnc_rpmbuilder_${os}:${os_codename} -f \ + builder/dockerfile.${os}_${os_codename}.rpm.build . + +source_dir=$(echo $PWD) +L_UID=$(id -u) #Ubuntu already has UID env var, but this should work on all Linix systems +L_GID=$(id -g) +docker run --rm -v "$source_dir":/src --user $L_UID:$L_GID \ + kasmvnc_rpmbuilder_${os}:${os_codename} /bin/bash -c \ + '/src/builder/build-rpm-inside-docker' diff --git a/builder/build-rpm-inside-docker b/builder/build-rpm-inside-docker new file mode 100755 index 0000000..5f51cd1 --- /dev/null +++ b/builder/build-rpm-inside-docker @@ -0,0 +1,30 @@ +#!/bin/bash + +set -e + +prepare_build_env() { + rpmdev-setuptree + copy_spec_and_tar_with_binaries +} + +copy_spec_and_tar_with_binaries() { + cp /src/centos/kasmvncserver.spec ~/rpmbuild/SPECS/ + cp /src/builder/build/kasmvnc.${os}_${os_codename}.tar.gz \ + ~/rpmbuild/SOURCES/ +} + +copy_rpm_to_build_dir() { + cd /src/builder && \ + mkdir -p "$os_dir" && cp ~/rpmbuild/RPMS/*/*.rpm ${os_dir} +} + +cd "$(dirname "$0")/.." + +os=$(lsb_release -is | tr '[:upper:]' '[:lower:]') +os_codename=$(lsb_release -cs | tr '[:upper:]' '[:lower:]') +os_dir="build/${os}_${os_codename}" + +prepare_build_env +rpmbuild -ba ~/rpmbuild/SPECS/kasmvncserver.spec +copy_rpm_to_build_dir +rpmlint "$os_dir"/*.rpm || true diff --git a/builder/build-tarball b/builder/build-tarball index ec85a4b..a070eaa 100755 --- a/builder/build-tarball +++ b/builder/build-tarball @@ -10,15 +10,17 @@ build_www_dir() { shared_with_docker_dir=${GITLAB_SHARED_DIND_DIR:-/tmp} cd "$(dirname "$0")/.." +. builder/os_ver_cli.sh build_www_dir -docker pull ubuntu:18.04 -docker build -t kasmvncbuilder:18.04 -f builder/dockerfile.ubuntu1804.build . +docker build -t kasmvncbuilder:$os_codename \ + -f builder/dockerfile.${os}_${os_codename}.build . mkdir -p builder/build -docker run -v $shared_with_docker_dir:/build --rm kasmvncbuilder:18.04 +docker run -v $shared_with_docker_dir:/build --rm kasmvncbuilder:$os_codename L_GID=$(id -g) L_UID=$(id -u) -chown $L_UID:$L_GID $shared_with_docker_dir/kasmvnc.ubuntu_18.04.tar.gz -mv $shared_with_docker_dir/kasmvnc.ubuntu_18.04.tar.gz $PWD/builder/build/ +tarball_name="kasmvnc.${os}_${os_codename}.tar.gz" +chown $L_UID:$L_GID $shared_with_docker_dir/$tarball_name +mv $shared_with_docker_dir/$tarball_name $PWD/builder/build/ diff --git a/builder/build.sh b/builder/build.sh index 63be78d..73a7b34 100755 --- a/builder/build.sh +++ b/builder/build.sh @@ -1,5 +1,12 @@ #!/bin/sh -e +detect_quilt() { + if which quilt 1>/dev/null; then + QUILT_PRESENT=1 + export QUILT_PATCHES=debian/patches + fi +} + # For build-dep to work, the apt sources need to have the source server #sudo apt-get build-dep xorg-server @@ -23,7 +30,7 @@ sed -i -e '/find_package(FLTK/s@^@#@' \ -e '/add_subdirectory(tests/s@^@#@' \ CMakeLists.txt -cmake . +cmake -D CMAKE_BUILD_TYPE=RelWithDebInfo . make -j5 tar -C unix/xserver -xvf /tmp/xorg-server-${XORG_VER}.tar.bz2 --strip-components=1 @@ -59,12 +66,17 @@ touch man/man1/Xserver.1 touch man/man1/Xvnc.1 mkdir lib cd lib -ln -s /usr/lib/x86_64-linux-gnu/dri dri +if [ -d /usr/lib/x86_64-linux-gnu/dri ]; then + ln -s /usr/lib/x86_64-linux-gnu/dri dri +else + ln -s /usr/lib64/dri dri +fi cd /src -sed $'s#pushd $TMPDIR/inst#CWD=$(pwd)\\\ncd $TMPDIR/inst#' release/maketarball > release/maketarball2 -sed $'s#popd#cd $CWD#' release/maketarball2 > release/maketarball3 -mv release/maketarball3 release/maketarball +detect_quilt +if [ -n "$QUILT_PRESENT" ]; then + quilt push -a +fi make servertarball -cp kasmvnc*.tar.gz /build/kasmvnc.${KASMVNC_BUILD_OS}_${KASMVNC_BUILD_OS_VER}.tar.gz +cp kasmvnc*.tar.gz /build/kasmvnc.${KASMVNC_BUILD_OS}_${KASMVNC_BUILD_OS_CODENAME}.tar.gz diff --git a/builder/dockerfile.centos7.build b/builder/dockerfile.centos7.build deleted file mode 100644 index 288db42..0000000 --- a/builder/dockerfile.centos7.build +++ /dev/null @@ -1,20 +0,0 @@ -FROM centos:centos7 - -RUN yum install -y build-dep xorg-server libxfont-dev sudo -RUN yum install -y cmake git libjpeg-dev libgnutls28-dev vim wget tightvncserver -RUN yum install -y libjpeg-dev libpng-dev libtiff-dev libgif-dev libavcodec-dev libssl-dev - -# Additions for webp -RUN cd /tmp && wget https://storage.googleapis.com/downloads.webmproject.org/releases/webp/libwebp-1.0.2.tar.gz -RUN cd /tmp && tar -xzvf /tmp/libwebp-* -RUN cd /tmp/libwebp-1.0.2 && \ - ./configure --enable-static --disable-shared && \ - make && make install - -RUN useradd -m docker && echo "docker:docker" | chpasswd && adduser docker sudo - -COPY . /src -RUN chown -R docker:docker /src - -USER docker -ENTRYPOINT ["/src/builder/build.sh"] diff --git a/builder/dockerfile.centos_core.barebones.rpm.test b/builder/dockerfile.centos_core.barebones.rpm.test new file mode 100644 index 0000000..3852d29 --- /dev/null +++ b/builder/dockerfile.centos_core.barebones.rpm.test @@ -0,0 +1,20 @@ +FROM centos:centos7 + +RUN yum install -y epel-release && yum install -y openbox xterm +RUN yum erase -y pm-utils xscreensaver* +RUN yum install -y vim less + +ARG KASMVNC_PACKAGE_DIR +COPY $KASMVNC_PACKAGE_DIR/*.rpm /tmp +RUN yum localinstall -y /tmp/*.rpm + +RUN useradd -m foo + +USER foo:kasmvnc + +RUN mkdir -p ~/.config/openbox && echo xterm > ~/.config/openbox/autostart && chmod +x ~/.config/openbox/autostart +RUN mkdir ~/.vnc && echo '/usr/bin/openbox-session &' >> ~/.vnc/xstartup && \ + chmod +x ~/.vnc/xstartup +RUN echo bar | kasmvncpasswd -f > $HOME/.kasmpasswd && chmod 0600 $HOME/.kasmpasswd + +ENTRYPOINT bash -c "vncserver :1 -interface 0.0.0.0 && vncserver -kill :1 && vncserver :1 -depth 24 -geometry 1280x1050 -websocketPort 8443 -cert /etc/pki/tls/private/kasmvnc.pem -sslOnly -FrameRate=24 -interface 0.0.0.0 -httpd /usr/share/kasmvnc/www && tail -f $HOME/.vnc/*.log " diff --git a/builder/dockerfile.centos_core.build b/builder/dockerfile.centos_core.build new file mode 100644 index 0000000..06dad21 --- /dev/null +++ b/builder/dockerfile.centos_core.build @@ -0,0 +1,29 @@ +FROM centos:centos7 + +ENV KASMVNC_BUILD_OS centos +ENV KASMVNC_BUILD_OS_CODENAME core + +RUN yum install -y build-dep xorg-server libxfont-dev sudo +RUN yum install -y gcc cmake git libjpeg-dev libgnutls28-dev vim wget tightvncserver +RUN yum install -y libjpeg-dev libpng-dev libtiff-dev libgif-dev libavcodec-dev openssl-devel +RUN yum install -y make +RUN yum group install -y "Development Tools" +RUN yum install -y xorg-x11-server-devel zlib-devel libjpeg-turbo-devel +RUN yum install -y libxkbfile-devel libXfont2-devel xorg-x11-font-utils \ + xorg-x11-xtrans-devel xorg-x11-xkb-utils-devel +RUN yum install -y mesa-dri-drivers + +# Additions for webp +RUN cd /tmp && wget https://storage.googleapis.com/downloads.webmproject.org/releases/webp/libwebp-1.0.2.tar.gz +RUN cd /tmp && tar -xzvf /tmp/libwebp-* +RUN cd /tmp/libwebp-1.0.2 && \ + ./configure --enable-static --disable-shared && \ + make && make install + +RUN useradd -m docker && echo "docker:docker" | chpasswd + +COPY . /src +RUN chown -R docker:docker /src + +USER docker +ENTRYPOINT ["/src/builder/build.sh"] diff --git a/builder/dockerfile.centos_core.rpm.build b/builder/dockerfile.centos_core.rpm.build new file mode 100644 index 0000000..7a4e208 --- /dev/null +++ b/builder/dockerfile.centos_core.rpm.build @@ -0,0 +1,12 @@ +FROM centos:centos7 + +RUN yum install -y rpm* gpg* rng-tools rpmlint +RUN yum install -y tree vim less +RUN yum install -y redhat-lsb-core + +COPY centos/*.spec /tmp +RUN yum-builddep -y /tmp/*.spec + +RUN useradd -m docker && echo "docker:docker" | chpasswd + +USER docker diff --git a/builder/dockerfile.centos_core.rpm.test b/builder/dockerfile.centos_core.rpm.test new file mode 100644 index 0000000..ec02208 --- /dev/null +++ b/builder/dockerfile.centos_core.rpm.test @@ -0,0 +1,61 @@ +FROM centos:centos7 + +ENV DISPLAY=:1 \ + VNC_PORT=8443 \ + VNC_RESOLUTION=1280x720 \ + MAX_FRAME_RATE=24 \ + VNCOPTIONS="-PreferBandwidth -DynamicQualityMin=4 -DynamicQualityMax=7" \ + HOME=/home/user \ + TERM=xterm \ + STARTUPDIR=/dockerstartup \ + INST_SCRIPTS=/dockerstartup/install \ + KASM_RX_HOME=/dockerstartup/kasmrx \ + DEBIAN_FRONTEND=noninteractive \ + VNC_COL_DEPTH=24 \ + VNC_RESOLUTION=1280x1024 \ + VNC_PW=vncpassword \ + VNC_USER=user \ + VNC_VIEW_ONLY_PW=vncviewonlypassword \ + LD_LIBRARY_PATH=/usr/local/lib/ \ + OMP_WAIT_POLICY=PASSIVE \ + SHELL=/bin/bash \ + SINGLE_APPLICATION=0 \ + KASMVNC_BUILD_OS=centos \ + KASMVNC_BUILD_OS_CODENAME=core + +EXPOSE $VNC_PORT + +WORKDIR $HOME + +### REQUIRED STUFF ### + +RUN yum install -y openssl xterm gettext wget +RUN yum install -y centos-release-scl-rh && yum install -y nss_wrapper +RUN yum install -y xorg-x11-server xorg-x11-xauth xorg-x11-xkb-utils \ + xkeyboard-config xorg-x11-server-utils +RUN yum install -y epel-release && yum groupinstall xfce -y +RUN yum erase -y pm-utils xscreensaver* +RUN yum install -y redhat-lsb-core +RUN yum install -y vim less + +RUN echo 'source $STARTUPDIR/generate_container_user' >> $HOME/.bashrc + +RUN mkdir -p $STARTUPDIR +COPY startup/ $STARTUPDIR + +### START CUSTOM STUFF #### + +ARG KASMVNC_PACKAGE_DIR +COPY $KASMVNC_PACKAGE_DIR/*.rpm /tmp +RUN yum localinstall -y /tmp/*.rpm + +### END CUSTOM STUFF ### + +RUN chown -R 1000:0 $HOME +USER 1000:kasmvnc +WORKDIR $HOME + +RUN mkdir ~/.vnc && echo '/usr/bin/xfce4-session &' >> ~/.vnc/xstartup && \ + chmod +x ~/.vnc/xstartup + +ENTRYPOINT [ "/dockerstartup/vnc_startup.sh" ] diff --git a/builder/dockerfile.debian_bullseye.build b/builder/dockerfile.debian_bullseye.build new file mode 100644 index 0000000..3c19f4c --- /dev/null +++ b/builder/dockerfile.debian_bullseye.build @@ -0,0 +1,31 @@ +FROM debian:bullseye-slim + +ENV KASMVNC_BUILD_OS debian +ENV KASMVNC_BUILD_OS_CODENAME bullseye +ENV XORG_VER 1.20.10 +ENV DEBIAN_FRONTEND noninteractive + +RUN grep '^deb' /etc/apt/sources.list | sed 's#^deb#deb-src#' >> /etc/apt/sources.list + +RUN apt-get update && \ + apt-get -y install sudo + +RUN DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends tzdata +RUN apt-get update && apt-get -y build-dep xorg-server libxfont-dev +RUN apt-get update && apt-get -y install cmake git libjpeg-dev libgnutls28-dev vim wget tightvncserver +RUN apt-get update && apt-get -y install libjpeg-dev libpng-dev libtiff-dev libgif-dev libavcodec-dev libssl-dev + +# Additions for webp +RUN cd /tmp && wget https://storage.googleapis.com/downloads.webmproject.org/releases/webp/libwebp-1.0.2.tar.gz +RUN cd /tmp && tar -xzvf /tmp/libwebp-* +RUN cd /tmp/libwebp-1.0.2 && \ + ./configure --enable-static --disable-shared && \ + make && make install + +RUN useradd -m docker && echo "docker:docker" | chpasswd && adduser docker sudo + +COPY . /src +RUN chown -R docker:docker /src + +USER docker +ENTRYPOINT ["/src/builder/build.sh"] diff --git a/builder/dockerfile.debian_bullseye.deb.build b/builder/dockerfile.debian_bullseye.deb.build new file mode 100644 index 0000000..7cc3b16 --- /dev/null +++ b/builder/dockerfile.debian_bullseye.deb.build @@ -0,0 +1,12 @@ +FROM debian:bullseye + +ENV DEBIAN_FRONTEND noninteractive + +RUN apt-get update && \ + apt-get -y install vim build-essential devscripts equivs + +# Install build-deps for the package. +COPY ./debian/control /tmp +RUN echo YYY | mk-build-deps --install --remove /tmp/control + +USER 1000 diff --git a/builder/dockerfile.debian_bullseye.deb.test b/builder/dockerfile.debian_bullseye.deb.test new file mode 100644 index 0000000..5749f4e --- /dev/null +++ b/builder/dockerfile.debian_bullseye.deb.test @@ -0,0 +1,53 @@ +FROM debian:bullseye-slim + +ENV DISPLAY=:1 \ + VNC_PORT=8443 \ + VNC_RESOLUTION=1280x720 \ + MAX_FRAME_RATE=24 \ + VNCOPTIONS="-PreferBandwidth -DynamicQualityMin=4 -DynamicQualityMax=7" \ + HOME=/home/user \ + TERM=xterm \ + STARTUPDIR=/dockerstartup \ + INST_SCRIPTS=/dockerstartup/install \ + KASM_RX_HOME=/dockerstartup/kasmrx \ + DEBIAN_FRONTEND=noninteractive \ + VNC_COL_DEPTH=24 \ + VNC_RESOLUTION=1280x1024 \ + VNC_PW=vncpassword \ + VNC_USER=user \ + VNC_VIEW_ONLY_PW=vncviewonlypassword \ + LD_LIBRARY_PATH=/usr/local/lib/ \ + OMP_WAIT_POLICY=PASSIVE \ + SHELL=/bin/bash \ + SINGLE_APPLICATION=0 \ + KASMVNC_BUILD_OS=debian \ + KASMVNC_BUILD_OS_CODENAME=buster + +EXPOSE $VNC_PORT + +WORKDIR $HOME + +### REQUIRED STUFF ### + +RUN apt-get update && apt-get install -y supervisor xfce4 xfce4-terminal xterm libnss-wrapper gettext wget +RUN apt-get purge -y pm-utils xscreensaver* +RUN apt-get update && apt-get install -y vim less + +RUN echo 'source $STARTUPDIR/generate_container_user' >> $HOME/.bashrc + +RUN mkdir -p $STARTUPDIR +COPY startup/ $STARTUPDIR + +### START CUSTOM STUFF #### + +ARG KASMVNC_PACKAGE_DIR +COPY $KASMVNC_PACKAGE_DIR/kasmvncserver_*.deb /tmp +RUN dpkg -i /tmp/*.deb; apt-get -yf install + +### END CUSTOM STUFF ### + +RUN chown -R 1000:0 $HOME +USER 1000:ssl-cert +WORKDIR $HOME + +ENTRYPOINT [ "/dockerstartup/vnc_startup.sh" ] diff --git a/builder/dockerfile.debian_buster.barebones.deb.test b/builder/dockerfile.debian_buster.barebones.deb.test new file mode 100644 index 0000000..f219d8b --- /dev/null +++ b/builder/dockerfile.debian_buster.barebones.deb.test @@ -0,0 +1,12 @@ +FROM debian:buster-slim + +ARG KASMVNC_PACKAGE_DIR +COPY $KASMVNC_PACKAGE_DIR/kasmvncserver_*.deb /tmp +RUN apt-get update && dpkg -i /tmp/*.deb; apt-get -yf install +RUN apt-get update && apt-get -y install x11-xserver-utils xterm twm + +RUN useradd -m docker && addgroup docker ssl-cert + +USER docker + +ENTRYPOINT bash -c "vncserver :1 -interface 0.0.0.0 && vncserver -kill :1 && vncserver :1 -depth 24 -geometry 1280x1050 -websocketPort 8443 -cert /etc/ssl/certs/ssl-cert-snakeoil.pem -key /etc/ssl/private/ssl-cert-snakeoil.key -sslOnly -FrameRate=24 -interface 0.0.0.0 -httpd /usr/share/kasmvnc/www && tail -f $HOME/.vnc/*.log " diff --git a/builder/dockerfile.debian10.build b/builder/dockerfile.debian_buster.build similarity index 96% rename from builder/dockerfile.debian10.build rename to builder/dockerfile.debian_buster.build index 99cfd10..721b1a6 100644 --- a/builder/dockerfile.debian10.build +++ b/builder/dockerfile.debian_buster.build @@ -1,7 +1,7 @@ FROM debian:buster ENV KASMVNC_BUILD_OS debian -ENV KASMVNC_BUILD_OS_VER 10 +ENV KASMVNC_BUILD_OS_CODENAME buster ENV XORG_VER 1.20.10 ENV DEBIAN_FRONTEND noninteractive diff --git a/builder/dockerfile.debian_buster.deb.build b/builder/dockerfile.debian_buster.deb.build new file mode 100644 index 0000000..d3d4e9b --- /dev/null +++ b/builder/dockerfile.debian_buster.deb.build @@ -0,0 +1,12 @@ +FROM debian:buster + +ENV DEBIAN_FRONTEND noninteractive + +RUN apt-get update && \ + apt-get -y install vim build-essential devscripts equivs + +# Install build-deps for the package. +COPY ./debian/control /tmp +RUN echo YYY | mk-build-deps --install --remove /tmp/control + +USER 1000 diff --git a/builder/dockerfile.debian_buster.deb.test b/builder/dockerfile.debian_buster.deb.test new file mode 100644 index 0000000..53d6b5d --- /dev/null +++ b/builder/dockerfile.debian_buster.deb.test @@ -0,0 +1,53 @@ +FROM debian:buster-slim + +ENV DISPLAY=:1 \ + VNC_PORT=8443 \ + VNC_RESOLUTION=1280x720 \ + MAX_FRAME_RATE=24 \ + VNCOPTIONS="-PreferBandwidth -DynamicQualityMin=4 -DynamicQualityMax=7" \ + HOME=/home/user \ + TERM=xterm \ + STARTUPDIR=/dockerstartup \ + INST_SCRIPTS=/dockerstartup/install \ + KASM_RX_HOME=/dockerstartup/kasmrx \ + DEBIAN_FRONTEND=noninteractive \ + VNC_COL_DEPTH=24 \ + VNC_RESOLUTION=1280x1024 \ + VNC_PW=vncpassword \ + VNC_USER=user \ + VNC_VIEW_ONLY_PW=vncviewonlypassword \ + LD_LIBRARY_PATH=/usr/local/lib/ \ + OMP_WAIT_POLICY=PASSIVE \ + SHELL=/bin/bash \ + SINGLE_APPLICATION=0 \ + KASMVNC_BUILD_OS=debian \ + KASMVNC_BUILD_OS_CODENAME=buster + +EXPOSE $VNC_PORT + +WORKDIR $HOME + +### REQUIRED STUFF ### + +RUN apt-get update && apt-get install -y supervisor xfce4 xfce4-terminal xterm libnss-wrapper gettext wget +RUN apt-get purge -y pm-utils xscreensaver* +RUN apt-get update && apt-get install -y vim less + +RUN echo 'source $STARTUPDIR/generate_container_user' >> $HOME/.bashrc + +RUN mkdir -p $STARTUPDIR +COPY startup/ $STARTUPDIR + +### START CUSTOM STUFF #### + +ARG KASMVNC_PACKAGE_DIR +COPY $KASMVNC_PACKAGE_DIR/kasmvncserver_*.deb /tmp +RUN dpkg -i /tmp/*.deb; apt-get -yf install + +### END CUSTOM STUFF ### + +RUN chown -R 1000:0 $HOME +USER 1000:ssl-cert +WORKDIR $HOME + +ENTRYPOINT [ "/dockerstartup/vnc_startup.sh" ] diff --git a/builder/dockerfile.kali_kali-rolling.build b/builder/dockerfile.kali_kali-rolling.build new file mode 100644 index 0000000..6087895 --- /dev/null +++ b/builder/dockerfile.kali_kali-rolling.build @@ -0,0 +1,31 @@ +FROM kalilinux/kali-rolling:latest + +ENV KASMVNC_BUILD_OS kali +ENV KASMVNC_BUILD_OS_CODENAME kali-rolling +ENV XORG_VER 1.20.10 +ENV DEBIAN_FRONTEND noninteractive + +RUN grep '^deb' /etc/apt/sources.list | sed 's#^deb#deb-src#' >> /etc/apt/sources.list + +RUN apt-get update && \ + apt-get -y install sudo + +RUN DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends tzdata +RUN apt-get update && apt-get -y build-dep xorg-server libxfont-dev +RUN apt-get update && apt-get -y install cmake git libjpeg-dev libgnutls28-dev vim wget tightvncserver +RUN apt-get update && apt-get -y install libjpeg-dev libpng-dev libtiff-dev libgif-dev libavcodec-dev libssl-dev + +# Additions for webp +RUN cd /tmp && wget https://storage.googleapis.com/downloads.webmproject.org/releases/webp/libwebp-1.0.2.tar.gz +RUN cd /tmp && tar -xzvf /tmp/libwebp-* +RUN cd /tmp/libwebp-1.0.2 && \ + ./configure --enable-static --disable-shared && \ + make && make install + +RUN useradd -m docker && echo "docker:docker" | chpasswd && adduser docker sudo + +COPY . /src +RUN chown -R docker:docker /src + +USER docker +ENTRYPOINT ["/src/builder/build.sh"] diff --git a/builder/dockerfile.kali_kali-rolling.deb.build b/builder/dockerfile.kali_kali-rolling.deb.build new file mode 100644 index 0000000..8f0a2c5 --- /dev/null +++ b/builder/dockerfile.kali_kali-rolling.deb.build @@ -0,0 +1,12 @@ +FROM kalilinux/kali-rolling:latest + +ENV DEBIAN_FRONTEND noninteractive + +RUN apt-get update && \ + apt-get -y install vim build-essential devscripts equivs + +# Install build-deps for the package. +COPY ./debian/control /tmp +RUN echo YYY | mk-build-deps --install --remove /tmp/control + +USER 1000 diff --git a/builder/dockerfile.ubuntu1804.deb.test b/builder/dockerfile.kali_kali-rolling.deb.test similarity index 90% rename from builder/dockerfile.ubuntu1804.deb.test rename to builder/dockerfile.kali_kali-rolling.deb.test index 4172490..9ee469c 100644 --- a/builder/dockerfile.ubuntu1804.deb.test +++ b/builder/dockerfile.kali_kali-rolling.deb.test @@ -1,4 +1,4 @@ -FROM ubuntu:18.04 +FROM kalilinux/kali-rolling:latest ENV DISPLAY=:1 \ VNC_PORT=8443 \ @@ -40,13 +40,14 @@ COPY startup/ $STARTUPDIR ### START CUSTOM STUFF #### -COPY build/*.deb /tmp +ARG KASMVNC_PACKAGE_DIR +COPY $KASMVNC_PACKAGE_DIR/kasmvncserver_*.deb /tmp RUN dpkg -i /tmp/*.deb; apt-get -yf install ### END CUSTOM STUFF ### RUN chown -R 1000:0 $HOME -USER 1000:kasmvnc +USER 1000:ssl-cert WORKDIR $HOME ENTRYPOINT [ "/dockerstartup/vnc_startup.sh" ] diff --git a/builder/dockerfile.ubuntu1804.build b/builder/dockerfile.ubuntu_bionic.build similarity index 97% rename from builder/dockerfile.ubuntu1804.build rename to builder/dockerfile.ubuntu_bionic.build index 6c48eed..a21a716 100644 --- a/builder/dockerfile.ubuntu1804.build +++ b/builder/dockerfile.ubuntu_bionic.build @@ -1,7 +1,7 @@ FROM ubuntu:18.04 ENV KASMVNC_BUILD_OS ubuntu -ENV KASMVNC_BUILD_OS_VER 18.04 +ENV KASMVNC_BUILD_OS_CODENAME bionic RUN sed -i 's$# deb-src$deb-src$' /etc/apt/sources.list diff --git a/builder/dockerfile.ubuntu1804.deb.build b/builder/dockerfile.ubuntu_bionic.deb.build similarity index 92% rename from builder/dockerfile.ubuntu1804.deb.build rename to builder/dockerfile.ubuntu_bionic.deb.build index 3125fec..9063fd9 100644 --- a/builder/dockerfile.ubuntu1804.deb.build +++ b/builder/dockerfile.ubuntu_bionic.deb.build @@ -1,4 +1,4 @@ -FROM ubuntu:18.04 +FROM ubuntu:bionic RUN apt-get update && \ apt-get -y install vim build-essential devscripts equivs diff --git a/builder/dockerfile.ubuntu_bionic.deb.test b/builder/dockerfile.ubuntu_bionic.deb.test new file mode 100644 index 0000000..9a0db27 --- /dev/null +++ b/builder/dockerfile.ubuntu_bionic.deb.test @@ -0,0 +1,53 @@ +FROM ubuntu:bionic + +ENV DISPLAY=:1 \ + VNC_PORT=8443 \ + VNC_RESOLUTION=1280x720 \ + MAX_FRAME_RATE=24 \ + VNCOPTIONS="-PreferBandwidth -DynamicQualityMin=4 -DynamicQualityMax=7" \ + HOME=/home/user \ + TERM=xterm \ + STARTUPDIR=/dockerstartup \ + INST_SCRIPTS=/dockerstartup/install \ + KASM_RX_HOME=/dockerstartup/kasmrx \ + DEBIAN_FRONTEND=noninteractive \ + VNC_COL_DEPTH=24 \ + VNC_RESOLUTION=1280x1024 \ + VNC_PW=vncpassword \ + VNC_USER=user \ + VNC_VIEW_ONLY_PW=vncviewonlypassword \ + LD_LIBRARY_PATH=/usr/local/lib/ \ + OMP_WAIT_POLICY=PASSIVE \ + SHELL=/bin/bash \ + SINGLE_APPLICATION=0 \ + KASMVNC_BUILD_OS=ubuntu \ + KASMVNC_BUILD_OS_CODENAME=bionic + +EXPOSE $VNC_PORT + +WORKDIR $HOME + +### REQUIRED STUFF ### + +RUN apt-get update && apt-get install -y supervisor xfce4 xfce4-terminal xterm libnss-wrapper gettext wget +RUN apt-get purge -y pm-utils xscreensaver* +RUN apt-get update && apt-get install -y vim less + +RUN echo 'source $STARTUPDIR/generate_container_user' >> $HOME/.bashrc + +RUN mkdir -p $STARTUPDIR +COPY startup/ $STARTUPDIR + +### START CUSTOM STUFF #### + +ARG KASMVNC_PACKAGE_DIR +COPY $KASMVNC_PACKAGE_DIR/kasmvncserver_*.deb /tmp +RUN dpkg -i /tmp/*.deb; apt-get -yf install + +### END CUSTOM STUFF ### + +RUN chown -R 1000:0 $HOME +USER 1000:ssl-cert +WORKDIR $HOME + +ENTRYPOINT [ "/dockerstartup/vnc_startup.sh" ] diff --git a/builder/dockerfile.ubuntu1804.test b/builder/dockerfile.ubuntu_bionic.test similarity index 89% rename from builder/dockerfile.ubuntu1804.test rename to builder/dockerfile.ubuntu_bionic.test index a734c58..35470ff 100644 --- a/builder/dockerfile.ubuntu1804.test +++ b/builder/dockerfile.ubuntu_bionic.test @@ -21,7 +21,7 @@ ENV DISPLAY=:1 \ SHELL=/bin/bash \ SINGLE_APPLICATION=0 \ KASMVNC_BUILD_OS=ubuntu \ - KASMVNC_BUILD_OS_VER=18.04 + KASMVNC_BUILD_OS_CODENAME=bionic EXPOSE $VNC_PORT @@ -39,8 +39,8 @@ COPY startup/ $STARTUPDIR ### START CUSTOM STUFF #### -COPY build/kasmvnc.${KASMVNC_BUILD_OS}_${KASMVNC_BUILD_OS_VER}.tar.gz /tmp/ -RUN tar -xzvf /tmp/kasmvnc.${KASMVNC_BUILD_OS}_${KASMVNC_BUILD_OS_VER}.tar.gz --strip 1 -C / +COPY build/kasmvnc.${KASMVNC_BUILD_OS}_${KASMVNC_BUILD_OS_CODENAME}.tar.gz /tmp/ +RUN tar -xzvf /tmp/kasmvnc.${KASMVNC_BUILD_OS}_${KASMVNC_BUILD_OS_CODENAME}.tar.gz --strip 1 -C / ### END CUSTOM STUFF ### diff --git a/builder/dockerfile.ubuntu2004.build b/builder/dockerfile.ubuntu_focal.build similarity index 87% rename from builder/dockerfile.ubuntu2004.build rename to builder/dockerfile.ubuntu_focal.build index 5540232..9c52a77 100644 --- a/builder/dockerfile.ubuntu2004.build +++ b/builder/dockerfile.ubuntu_focal.build @@ -1,7 +1,7 @@ -FROM ubuntu:20.04 +FROM ubuntu:focal ENV KASMVNC_BUILD_OS ubuntu -ENV KASMVNC_BUILD_OS_VER 20.04 +ENV KASMVNC_BUILD_OS_CODENAME focal ENV XORG_VER 1.20.8 ENV DEBIAN_FRONTEND noninteractive @@ -10,7 +10,7 @@ RUN sed -i 's$# deb-src$deb-src$' /etc/apt/sources.list RUN apt-get update && \ apt-get -y install sudo -RUN DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends tzdata +RUN apt-get update && apt-get install -y --no-install-recommends tzdata RUN apt-get update && apt-get -y build-dep xorg-server libxfont-dev RUN apt-get update && apt-get -y install cmake git libjpeg-dev libgnutls28-dev vim wget tightvncserver RUN apt-get update && apt-get -y install libjpeg-dev libpng-dev libtiff-dev libgif-dev libavcodec-dev libssl-dev diff --git a/builder/dockerfile.ubuntu_focal.deb.build b/builder/dockerfile.ubuntu_focal.deb.build new file mode 100644 index 0000000..703ce2b --- /dev/null +++ b/builder/dockerfile.ubuntu_focal.deb.build @@ -0,0 +1,12 @@ +FROM ubuntu:focal + +ENV DEBIAN_FRONTEND noninteractive + +RUN apt-get update && \ + apt-get -y install vim build-essential devscripts equivs + +# Install build-deps for the package. +COPY ./debian/control /tmp +RUN echo YYY | mk-build-deps --install --remove /tmp/control + +USER 1000 diff --git a/builder/dockerfile.ubuntu_focal.deb.test b/builder/dockerfile.ubuntu_focal.deb.test new file mode 100644 index 0000000..4d1c50b --- /dev/null +++ b/builder/dockerfile.ubuntu_focal.deb.test @@ -0,0 +1,53 @@ +FROM ubuntu:focal + +ENV DISPLAY=:1 \ + VNC_PORT=8443 \ + VNC_RESOLUTION=1280x720 \ + MAX_FRAME_RATE=24 \ + VNCOPTIONS="-PreferBandwidth -DynamicQualityMin=4 -DynamicQualityMax=7" \ + HOME=/home/user \ + TERM=xterm \ + STARTUPDIR=/dockerstartup \ + INST_SCRIPTS=/dockerstartup/install \ + KASM_RX_HOME=/dockerstartup/kasmrx \ + DEBIAN_FRONTEND=noninteractive \ + VNC_COL_DEPTH=24 \ + VNC_RESOLUTION=1280x1024 \ + VNC_PW=vncpassword \ + VNC_USER=user \ + VNC_VIEW_ONLY_PW=vncviewonlypassword \ + LD_LIBRARY_PATH=/usr/local/lib/ \ + OMP_WAIT_POLICY=PASSIVE \ + SHELL=/bin/bash \ + SINGLE_APPLICATION=0 \ + KASMVNC_BUILD_OS=ubuntu \ + KASMVNC_BUILD_OS_CODENAME=bionic + +EXPOSE $VNC_PORT + +WORKDIR $HOME + +### REQUIRED STUFF ### + +RUN apt-get update && apt-get install -y supervisor xfce4 xfce4-terminal xterm libnss-wrapper gettext wget +RUN apt-get purge -y pm-utils xscreensaver* +RUN apt-get update && apt-get install -y vim less + +RUN echo 'source $STARTUPDIR/generate_container_user' >> $HOME/.bashrc + +RUN mkdir -p $STARTUPDIR +COPY startup/ $STARTUPDIR + +### START CUSTOM STUFF #### + +ARG KASMVNC_PACKAGE_DIR +COPY $KASMVNC_PACKAGE_DIR/kasmvncserver_*.deb /tmp +RUN dpkg -i /tmp/*.deb; apt-get -yf install + +### END CUSTOM STUFF ### + +RUN chown -R 1000:0 $HOME +USER 1000:ssl-cert +WORKDIR $HOME + +ENTRYPOINT [ "/dockerstartup/vnc_startup.sh" ] diff --git a/builder/dockerfile.ubuntu2004.test b/builder/dockerfile.ubuntu_focal.test similarity index 87% rename from builder/dockerfile.ubuntu2004.test rename to builder/dockerfile.ubuntu_focal.test index 37da8e8..18bf413 100644 --- a/builder/dockerfile.ubuntu2004.test +++ b/builder/dockerfile.ubuntu_focal.test @@ -1,4 +1,4 @@ -FROM ubuntu:20.04 +FROM ubuntu:focal ENV DISPLAY=:1 \ VNC_PORT=8443 \ @@ -21,7 +21,7 @@ ENV DISPLAY=:1 \ SHELL=/bin/bash \ SINGLE_APPLICATION=0 \ KASMVNC_BUILD_OS=ubuntu \ - KASMVNC_BUILD_OS_VER=20.04 + KASMVNC_BUILD_OS_CODENAME=focal EXPOSE $VNC_PORT @@ -39,8 +39,8 @@ COPY startup/ $STARTUPDIR ### START CUSTOM STUFF #### -COPY build/kasmvnc.${KASMVNC_BUILD_OS}_${KASMVNC_BUILD_OS_VER}.tar.gz /tmp/ -RUN tar -xzvf /tmp/kasmvnc.${KASMVNC_BUILD_OS}_${KASMVNC_BUILD_OS_VER}.tar.gz --strip 1 -C / +COPY build/kasmvnc.${KASMVNC_BUILD_OS}_${KASMVNC_BUILD_OS_CODENAME}.tar.gz /tmp/ +RUN tar -xzvf /tmp/kasmvnc.${KASMVNC_BUILD_OS}_${KASMVNC_BUILD_OS_CODENAME}.tar.gz --strip 1 -C / ### END CUSTOM STUFF ### diff --git a/builder/os_ver_cli.sh b/builder/os_ver_cli.sh new file mode 100644 index 0000000..e1e230f --- /dev/null +++ b/builder/os_ver_cli.sh @@ -0,0 +1,8 @@ +default_os=ubuntu +default_os_codename=bionic + +os=${1:-$default_os} +os_codename=${2:-$default_os_codename} +os_image="$os:$os_codename" + +echo "Building for $os_image" diff --git a/builder/startup/generate_container_user b/builder/startup/generate_container_user index b259e7c..cbda373 100755 --- a/builder/startup/generate_container_user +++ b/builder/startup/generate_container_user @@ -1,3 +1,19 @@ +detect_libnss_wrapper() { + if $(which dpkg &>/dev/null); then + libnss_wrapper_file=$(dpkg -S libnss_wrapper.so | awk -F' ' '{ print $2 }') + return + fi + + if [ -r /usr/lib/libnss_wrapper.so ]; then + libnss_wrapper_file=/usr/lib/libnss_wrapper.so + elif [ -r /usr/lib64/libnss_wrapper.so ]; then + libnss_wrapper_file=/usr/lib64/libnss_wrapper.so + else + echo "no libnss_wrapper.so installed!" + exit 1 + fi +} + # Set current user in nss_wrapper USER_ID=$(id -u) GROUP_ID=$(id -g) @@ -24,14 +40,7 @@ if [ x"$USER_ID" != x"0" ]; then export NSS_WRAPPER_PASSWD export NSS_WRAPPER_GROUP - if [ -r /usr/lib/libnss_wrapper.so ]; then - LD_PRELOAD=/usr/lib/libnss_wrapper.so - elif [ -r /usr/lib64/libnss_wrapper.so ]; then - LD_PRELOAD=/usr/lib64/libnss_wrapper.so - else - echo "no libnss_wrapper.so installed!" - exit 1 - fi - echo "nss_wrapper location: $LD_PRELOAD" - export LD_PRELOAD + detect_libnss_wrapper + echo "nss_wrapper location: $libnss_wrapper_file" + export LD_PRELOAD="$libnss_wrapper_file" fi diff --git a/builder/startup/vnc_startup.sh b/builder/startup/vnc_startup.sh index 27e8f66..b2c3c59 100755 --- a/builder/startup/vnc_startup.sh +++ b/builder/startup/vnc_startup.sh @@ -21,16 +21,17 @@ detect_www_dir() { detect_cert_location() { local tarball_cert="$HOME/.vnc/self.pem" - local package_cert="/etc/kasmvnc/server.pem" - local use_cert= - - if [[ -f "$package_cert" ]]; then - use_cert="$package_cert" + local deb_cert="/etc/ssl/certs/ssl-cert-snakeoil.pem" + local deb_key="/etc/ssl/private/ssl-cert-snakeoil.key" + local rpm_cert="/etc/pki/tls/private/kasmvnc.pem" + + if [[ -f "$deb_cert" ]]; then + cert_option="-cert $deb_cert -key $deb_key" + elif [[ -f "$rpm_cert" ]]; then + cert_option="-cert $rpm_cert" else - use_cert="$tarball_cert" + cert_option="-cert $tarball_cert" fi - - cert_option="-cert $use_cert" } ## resolve_vnc_connection diff --git a/builder/test-deb b/builder/test-deb index 231b9ee..dacd3d0 100755 --- a/builder/test-deb +++ b/builder/test-deb @@ -3,6 +3,10 @@ set -e cd "$(dirname "$0")" +. ./os_ver_cli.sh -docker build -t kasmvnctester-deb:18.04 -f dockerfile.ubuntu1804.deb.test . -#docker run -it -p 443:8443 --rm -e "VNC_USER=username" -e "VNC_PW=password123" kasmvnctester-deb:18.04 +docker build --build-arg KASMVNC_PACKAGE_DIR="build/${os_codename}" \ + -t kasmvnctester_${os}:$os_codename \ + -f dockerfile.${os}_${os_codename}.deb.test . +echo docker run -it -p 443:8443 --rm -e "VNC_USER=foo" -e "VNC_PW=bar" \ + kasmvnctester_${os}:$os_codename diff --git a/builder/test-deb-barebones b/builder/test-deb-barebones new file mode 100755 index 0000000..36010bb --- /dev/null +++ b/builder/test-deb-barebones @@ -0,0 +1,14 @@ +#!/bin/bash + +set -e + +cd "$(dirname "$0")" +os="debian" +os_codename="buster" + +docker build --build-arg KASMVNC_PACKAGE_DIR="build/${os_codename}" \ + -t kasmvnctester_barebones_${os}:$os_codename \ + -f dockerfile.${os}_${os_codename}.barebones.deb.test . +echo +echo "You will be asked to set password. User name is docker." +docker run -it -p 443:8443 --rm kasmvnctester_barebones_${os}:$os_codename diff --git a/builder/test-rpm b/builder/test-rpm new file mode 100755 index 0000000..b352962 --- /dev/null +++ b/builder/test-rpm @@ -0,0 +1,14 @@ +#!/bin/bash + +set -e + +cd "$(dirname "$0")" +. ./os_ver_cli.sh + +echo kasmvnctester_${os}:$os_codename +docker build --build-arg \ + KASMVNC_PACKAGE_DIR="build/${os}_${os_codename}" \ + -t kasmvnctester_${os}:$os_codename \ + -f dockerfile.${os}_${os_codename}.rpm.test . +echo docker run -it -p 443:8443 --rm -e "VNC_USER=foo" -e "VNC_PW=bar" \ + kasmvnctester_${os}:$os_codename diff --git a/builder/test-rpm-barebones b/builder/test-rpm-barebones new file mode 100755 index 0000000..e8ba9cd --- /dev/null +++ b/builder/test-rpm-barebones @@ -0,0 +1,13 @@ +#!/bin/bash + +set -e + +cd "$(dirname "$0")" +os="centos" +os_codename="core" + +docker build --build-arg KASMVNC_PACKAGE_DIR="build/${os}_${os_codename}" \ + -t kasmvnctester_barebones_${os}:$os_codename \ + -f dockerfile.${os}_${os_codename}.barebones.rpm.test . +docker run -it -p 443:8443 --rm -e "VNC_USER=foo" -e "VNC_PW=bar" \ + kasmvnctester_barebones_${os}:$os_codename diff --git a/centos/kasmvncserver.spec b/centos/kasmvncserver.spec new file mode 100644 index 0000000..c456a2b --- /dev/null +++ b/centos/kasmvncserver.spec @@ -0,0 +1,81 @@ +Name: kasmvncserver +Version: 0.9.1~beta +Release: 1%{?dist} +Summary: Lorem ipsum + +License: GPLv2+ +URL: https://github.com/kasmtech/KasmVNC + +BuildRequires: rsync +Requires: xorg-x11-xauth, xorg-x11-xkb-utils, xkeyboard-config, xorg-x11-server-utils, openssl, perl +Conflicts: tigervnc-server + +%description + +Lorem ipsum + +%prep + +%install +rm -rf $RPM_BUILD_ROOT +DESTDIR=$RPM_BUILD_ROOT make -f /src/debian/Makefile.to_fakebuild_tar_package install + +%files +/usr/bin/* +/usr/share/man/man1/* +/usr/share/kasmvnc/www + +%license /usr/share/doc/kasmvncserver/LICENCE.TXT +%doc /usr/share/doc/kasmvncserver/README.md + +%changelog +* Fri Feb 12 2021 KasmTech - 0.9.1~beta-1 +- Initial release of the rpm package. + +%post + bindir=/usr/bin + mandir=/usr/share/man + commands="kasmvncserver kasmvncpasswd kasmvncconfig Xkasmvnc" + + for kasm_command in $commands; do + generic_command=`echo "$kasm_command" | sed -e 's/kasm//'`; + update-alternatives --install "$bindir/$generic_command" \ + "$generic_command" "$bindir/$kasm_command" 90 \ + --slave "$mandir/man1/$generic_command.1.gz" "$generic_command.1.gz" \ + "$mandir/man1/$kasm_command.1.gz" + done + + kasmvnc_group="kasmvnc" + + create_kasmvnc_group() { + if ! getent group "$kasmvnc_group" >/dev/null; then + groupadd --system "$kasmvnc_group" + fi + } + + make_self_signed_certificate() { + local cert_file=/etc/pki/tls/private/kasmvnc.pem + [ -f "$cert_file" ] && return 0 + + openssl req -x509 -nodes -days 3650 -newkey rsa:2048 \ + -keyout "$cert_file" \ + -out "$cert_file" -subj \ + "/C=US/ST=VA/L=None/O=None/OU=DoFu/CN=kasm/emailAddress=none@none.none" + chgrp "$kasmvnc_group" "$cert_file" + chmod 640 "$cert_file" + } + + create_kasmvnc_group + make_self_signed_certificate + +%postun + bindir=/usr/bin + mandir=/usr/share/man + commands="kasmvncserver kasmvncpasswd kasmvncconfig Xkasmvnc" + + for kasm_command in $commands; do + generic_command=`echo "$kasm_command" | sed -e 's/kasm//'`; + update-alternatives --remove "$generic_command" "$bindir/$kasm_command" + done + + rm -f /etc/pki/tls/private/kasmvnc.pem diff --git a/common/network/TcpSocket.cxx b/common/network/TcpSocket.cxx index ab05eeb..de667d0 100644 --- a/common/network/TcpSocket.cxx +++ b/common/network/TcpSocket.cxx @@ -1,15 +1,15 @@ /* Copyright (C) 2002-2005 RealVNC Ltd. All Rights Reserved. - * + * * This is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. - * + * * This software is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. - * + * * You should have received a copy of the GNU General Public License * along with this software; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, @@ -38,6 +38,7 @@ #include #include #include +#include #include #include "websocket.h" diff --git a/common/network/websocket.c b/common/network/websocket.c index 3bc3b7f..6585402 100644 --- a/common/network/websocket.c +++ b/common/network/websocket.c @@ -160,12 +160,14 @@ ws_ctx_t *ws_socket_ssl(ws_ctx_t *ctx, int socket, char * certfile, char * keyfi } - ctx->ssl_ctx = SSL_CTX_new(TLSv1_server_method()); + ctx->ssl_ctx = SSL_CTX_new(SSLv23_server_method()); if (ctx->ssl_ctx == NULL) { ERR_print_errors_fp(stderr); fatal("Failed to configure SSL context"); } + SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3); + if (SSL_CTX_use_PrivateKey_file(ctx->ssl_ctx, use_keyfile, SSL_FILETYPE_PEM) <= 0) { sprintf(msg, "Unable to load private key file %s\n", use_keyfile); diff --git a/debian/Makefile.to_fakebuild_tar_package b/debian/Makefile.to_fakebuild_tar_package index 966afcf..f6d3f7f 100644 --- a/debian/Makefile.to_fakebuild_tar_package +++ b/debian/Makefile.to_fakebuild_tar_package @@ -1,4 +1,11 @@ -TARBALL := builder/build/kasmvnc.ubuntu_18.04.tar.gz +TARGET_OS := $(shell lsb_release -is | tr '[:upper:]' '[:lower:]') +TARGET_OS_CODENAME := $(shell lsb_release -cs | tr '[:upper:]' '[:lower:]') +ifeq ($(TARGET_OS), centos) + TARBALL_DIR := $$RPM_SOURCE_DIR +else + TARBALL_DIR := builder/build +endif +TARBALL := $(TARBALL_DIR)/kasmvnc.$(TARGET_OS)_$(TARGET_OS_CODENAME).tar.gz TAR_DATA := $(shell mktemp -d) SRC := $(TAR_DATA)/usr/local SRC_BIN := $(SRC)/bin @@ -15,8 +22,7 @@ install: unpack_tarball cp $(SRC_BIN)/kasmvncpasswd $(DESTDIR)/usr/bin/ cp -r $(SRC)/share/doc/kasmvnc*/* $(DESTDIR)/usr/share/doc/kasmvncserver/ rsync -r --exclude '.git*' --exclude po2js --exclude xgettext-html \ - --exclude genkeysymdef.js --exclude use_require.js \ - --exclude .eslintrc \ + --exclude www/utils/ --exclude .eslintrc \ $(SRC)/share/kasmvnc $(DESTDIR)/usr/share cp $(SRC)/man/man1/Xvnc.1 $(DESTDIR)/usr/share/man/man1/Xkasmvnc.1 cp $(SRC)/share/man/man1/vncserver.1 $(DST_MAN)/kasmvncserver.1 diff --git a/debian/control b/debian/control index 6f6f82a..979b52e 100644 --- a/debian/control +++ b/debian/control @@ -3,7 +3,7 @@ Section: x11 Priority: optional Maintainer: Kasm Technologies LLC Build-Depends: debhelper (>= 11), rsync, libjpeg-dev, libjpeg-dev, libpng-dev, - libtiff-dev, libgif-dev, libavcodec-dev, libssl-dev, libgl1, libxfont2 + libtiff-dev, libgif-dev, libavcodec-dev, libssl-dev, libgl1, libxfont2, libsm6 Standards-Version: 4.1.3 Homepage: https://github.com/kasmtech/KasmVNC #Vcs-Browser: https://salsa.debian.org/debian/kasmvnc @@ -11,7 +11,8 @@ Homepage: https://github.com/kasmtech/KasmVNC Package: kasmvncserver Architecture: amd64 -Depends: ${shlibs:Depends}, ${misc:Depends}, ${perl:Depends}, ssl-cert, python, xauth +Depends: ${shlibs:Depends}, ${misc:Depends}, ${perl:Depends}, ssl-cert, xauth, + x11-xkb-utils, xkb-data, procps Provides: vnc-server Description: virtual network computing server with web interface Lorem ipsum diff --git a/debian/dirs b/debian/dirs deleted file mode 100644 index ae5bbdc..0000000 --- a/debian/dirs +++ /dev/null @@ -1 +0,0 @@ -etc/kasmvnc diff --git a/debian/patches/fix-kasmvncserver-perl-hashbang.patch b/debian/patches/fix-kasmvncserver-perl-hashbang.patch new file mode 100644 index 0000000..4fa9c69 --- /dev/null +++ b/debian/patches/fix-kasmvncserver-perl-hashbang.patch @@ -0,0 +1,10 @@ +Description: Lintian complains about #!/usr/bin/env perl. +Author: Dmitry Maksyoma +--- a/unix/vncserver ++++ b/unix/vncserver +@@ -1,4 +1,4 @@ +-#!/usr/bin/env perl ++#!/usr/bin/perl + # + # Copyright (C) 2009-2010 D. R. Commander. All Rights Reserved. + # Copyright (C) 2005-2006 Sun Microsystems, Inc. All Rights Reserved. diff --git a/debian/patches/series b/debian/patches/series new file mode 100644 index 0000000..7312ab9 --- /dev/null +++ b/debian/patches/series @@ -0,0 +1 @@ +fix-kasmvncserver-perl-hashbang.patch diff --git a/debian/postinst b/debian/postinst index c92f80a..8a1f407 100644 --- a/debian/postinst +++ b/debian/postinst @@ -17,27 +17,6 @@ set -e # for details, see https://www.debian.org/doc/debian-policy/ or # the debian-policy package -kasmvnc_group="kasmvnc" - -create_kasmvnc_group() { - if ! getent group "$kasmvnc_group" >/dev/null; then - addgroup --quiet --system "$kasmvnc_group" - fi -} - -make_self_signed_certificate() { - local cert_file=/etc/kasmvnc/server.pem - [ -f "$cert_file" ] && return 0 - - openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout "$cert_file" \ - -out "$cert_file" -subj \ - "/C=US/ST=VA/L=None/O=None/OU=DoFu/CN=kasm/emailAddress=none@none.none" - chgrp "$kasmvnc_group" "$cert_file" - chmod g+r "$cert_file" -} - -create_kasmvnc_group - case "$1" in configure) bindir=/usr/bin @@ -51,8 +30,6 @@ case "$1" in --slave "$mandir/man1/$generic_command.1.gz" "$generic_command.1.gz" \ "$mandir/man1/$kasm_command.1.gz" done - - make_self_signed_certificate ;; abort-upgrade|abort-remove|abort-deconfigure) diff --git a/debian/postrm b/debian/postrm.ex similarity index 95% rename from debian/postrm rename to debian/postrm.ex index 2d34fa5..9f9ec2c 100644 --- a/debian/postrm +++ b/debian/postrm.ex @@ -20,9 +20,6 @@ set -e case "$1" in - purge) - rm -r /etc/kasmvnc - ;; purge|remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear) ;; diff --git a/unix/vncserver b/unix/vncserver index c19fd3e..04c758e 100644 --- a/unix/vncserver +++ b/unix/vncserver @@ -16,10 +16,9 @@ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # -# You should have received a copy of the GNU General Public License -# along with this software; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, -# USA. +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # #