From 35cf095a31b5dbfeaa5e66b0c87b48c63ed0d45d Mon Sep 17 00:00:00 2001 From: Dmitry Maksyoma Date: Tue, 19 Jan 2021 22:44:32 +1300 Subject: [PATCH 01/35] Deb: create Ubuntu 20.04 tarball and deb --- builder/build-deb | 7 ++-- builder/build-tarball | 13 +++--- builder/dockerfile.ubuntu2004.build | 2 +- builder/dockerfile.ubuntu2004.deb.build | 12 ++++++ builder/dockerfile.ubuntu2004.deb.test | 52 ++++++++++++++++++++++++ builder/os_ver_cli.sh | 9 ++++ builder/test-deb | 4 +- debian/Makefile.to_fakebuild_tar_package | 4 +- 8 files changed, 92 insertions(+), 11 deletions(-) create mode 100644 builder/dockerfile.ubuntu2004.deb.build create mode 100644 builder/dockerfile.ubuntu2004.deb.test create mode 100644 builder/os_ver_cli.sh diff --git a/builder/build-deb b/builder/build-deb index d068f8e..60fff46 100755 --- a/builder/build-deb +++ b/builder/build-deb @@ -3,11 +3,12 @@ set -e cd "$(dirname "$0")/.." +. builder/os_ver_cli.sh -docker build -t debbuilder_ubuntu:18.04 -f \ - builder/dockerfile.ubuntu1804.deb.build . +docker build -t debbuilder_${os}:${os_ver} -f \ + builder/dockerfile.${os}${os_ver_dockerfile}.deb.build . deb_output_dir=$(cd .. && echo $PWD) L_UID=$(id -u) #Ubuntu already has UID env var, but this should work on all Linix systems L_GID=$(id -g) -docker run --rm -v "$deb_output_dir":/src --user $L_UID:$L_GID debbuilder_ubuntu:18.04 /bin/bash -c '/src/*/builder/build-deb-inside-docker' +docker run --rm -v "$deb_output_dir":/src --user $L_UID:$L_GID debbuilder_${os}:${os_ver} /bin/bash -c '/src/*/builder/build-deb-inside-docker' diff --git a/builder/build-tarball b/builder/build-tarball index 2c96ace..3733bd6 100755 --- a/builder/build-tarball +++ b/builder/build-tarball @@ -8,15 +8,18 @@ build_www_dir() { } cd "$(dirname "$0")/.." +. builder/os_ver_cli.sh build_www_dir -docker pull ubuntu:18.04 -docker build -t kasmvncbuilder:18.04 -f builder/dockerfile.ubuntu1804.build . +docker pull "$os_image" +docker build -t kasmvncbuilder:$os_ver \ +-f builder/dockerfile.ubuntu${os_ver_dockerfile}.build . mkdir -p builder/build -docker run -v /tmp:/build --rm kasmvncbuilder:18.04 +docker run -v /tmp:/build --rm kasmvncbuilder:$os_ver L_GID=$(id -g) L_UID=$(id -u) -chown $L_UID:$L_GID /tmp/kasmvnc.ubuntu_18.04.tar.gz -mv /tmp/kasmvnc.ubuntu_18.04.tar.gz $PWD/builder/build/ +tarball_name="kasmvnc.${os}_${os_ver}.tar.gz" +chown $L_UID:$L_GID /tmp/$tarball_name +mv /tmp/$tarball_name $PWD/builder/build/ diff --git a/builder/dockerfile.ubuntu2004.build b/builder/dockerfile.ubuntu2004.build index 5540232..148e4d6 100644 --- a/builder/dockerfile.ubuntu2004.build +++ b/builder/dockerfile.ubuntu2004.build @@ -10,7 +10,7 @@ RUN sed -i 's$# deb-src$deb-src$' /etc/apt/sources.list RUN apt-get update && \ apt-get -y install sudo -RUN DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends tzdata +RUN apt-get update && apt-get install -y --no-install-recommends tzdata RUN apt-get update && apt-get -y build-dep xorg-server libxfont-dev RUN apt-get update && apt-get -y install cmake git libjpeg-dev libgnutls28-dev vim wget tightvncserver RUN apt-get update && apt-get -y install libjpeg-dev libpng-dev libtiff-dev libgif-dev libavcodec-dev libssl-dev diff --git a/builder/dockerfile.ubuntu2004.deb.build b/builder/dockerfile.ubuntu2004.deb.build new file mode 100644 index 0000000..9011a55 --- /dev/null +++ b/builder/dockerfile.ubuntu2004.deb.build @@ -0,0 +1,12 @@ +FROM ubuntu:20.04 + +ENV DEBIAN_FRONTEND noninteractive + +RUN apt-get update && \ + apt-get -y install vim build-essential devscripts equivs + +# Install build-deps for the package. +COPY ./debian/control /tmp +RUN echo YYY | mk-build-deps --install --remove /tmp/control + +USER 1000 diff --git a/builder/dockerfile.ubuntu2004.deb.test b/builder/dockerfile.ubuntu2004.deb.test new file mode 100644 index 0000000..2a60b88 --- /dev/null +++ b/builder/dockerfile.ubuntu2004.deb.test @@ -0,0 +1,52 @@ +FROM ubuntu:20.04 + +ENV DISPLAY=:1 \ + VNC_PORT=8443 \ + VNC_RESOLUTION=1280x720 \ + MAX_FRAME_RATE=24 \ + VNCOPTIONS="-PreferBandwidth -DynamicQualityMin=4 -DynamicQualityMax=7" \ + HOME=/home/user \ + TERM=xterm \ + STARTUPDIR=/dockerstartup \ + INST_SCRIPTS=/dockerstartup/install \ + KASM_RX_HOME=/dockerstartup/kasmrx \ + DEBIAN_FRONTEND=noninteractive \ + VNC_COL_DEPTH=24 \ + VNC_RESOLUTION=1280x1024 \ + VNC_PW=vncpassword \ + VNC_USER=user \ + VNC_VIEW_ONLY_PW=vncviewonlypassword \ + LD_LIBRARY_PATH=/usr/local/lib/ \ + OMP_WAIT_POLICY=PASSIVE \ + SHELL=/bin/bash \ + SINGLE_APPLICATION=0 \ + KASMVNC_BUILD_OS=ubuntu \ + KASMVNC_BUILD_OS_VER=18.04 + +EXPOSE $VNC_PORT + +WORKDIR $HOME + +### REQUIRED STUFF ### + +RUN apt-get update && apt-get install -y supervisor xfce4 xfce4-terminal xterm libnss-wrapper gettext wget +RUN apt-get purge -y pm-utils xscreensaver* +RUN apt-get update && apt-get install -y vim less + +RUN echo 'source $STARTUPDIR/generate_container_user' >> $HOME/.bashrc + +RUN mkdir -p $STARTUPDIR +COPY startup/ $STARTUPDIR + +### START CUSTOM STUFF #### + +COPY build/*.deb /tmp +RUN dpkg -i /tmp/*.deb; apt-get -yf install + +### END CUSTOM STUFF ### + +RUN chown -R 1000:0 $HOME +USER 1000:kasmvnc +WORKDIR $HOME + +ENTRYPOINT [ "/dockerstartup/vnc_startup.sh" ] diff --git a/builder/os_ver_cli.sh b/builder/os_ver_cli.sh new file mode 100644 index 0000000..823e3b4 --- /dev/null +++ b/builder/os_ver_cli.sh @@ -0,0 +1,9 @@ +default_os=ubuntu +default_os_ver=18.04 + +os=${1:-$default_os} +os_ver=${2:-$default_os_ver} +os_ver_dockerfile=`echo $os_ver | sed 's/\.//g'` +os_image="$os:$os_ver" + +echo "Building for $os_image" diff --git a/builder/test-deb b/builder/test-deb index 231b9ee..582fe69 100755 --- a/builder/test-deb +++ b/builder/test-deb @@ -3,6 +3,8 @@ set -e cd "$(dirname "$0")" +. ./os_ver_cli.sh -docker build -t kasmvnctester-deb:18.04 -f dockerfile.ubuntu1804.deb.test . +docker build -t kasmvnctester-deb:$os_ver \ + -f dockerfile.${os}${os_ver_dockerfile}.deb.test . #docker run -it -p 443:8443 --rm -e "VNC_USER=username" -e "VNC_PW=password123" kasmvnctester-deb:18.04 diff --git a/debian/Makefile.to_fakebuild_tar_package b/debian/Makefile.to_fakebuild_tar_package index 966afcf..6e2eaf6 100644 --- a/debian/Makefile.to_fakebuild_tar_package +++ b/debian/Makefile.to_fakebuild_tar_package @@ -1,4 +1,6 @@ -TARBALL := builder/build/kasmvnc.ubuntu_18.04.tar.gz +TARGET_OS := $(shell lsb_release -is | tr '[:upper:]' '[:lower:]') +TARGET_OS_VER := $(shell lsb_release -rs) +TARBALL := builder/build/kasmvnc.$(TARGET_OS)_$(TARGET_OS_VER).tar.gz TAR_DATA := $(shell mktemp -d) SRC := $(TAR_DATA)/usr/local SRC_BIN := $(SRC)/bin From fbeed1da7299f8af451595bb989f67a10f7c4ea4 Mon Sep 17 00:00:00 2001 From: Dmitry Maksyoma Date: Tue, 19 Jan 2021 23:02:49 +1300 Subject: [PATCH 02/35] Deb: put debs under _ directories --- builder/build-deb-inside-docker | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/builder/build-deb-inside-docker b/builder/build-deb-inside-docker index 4dd7095..aa0651b 100755 --- a/builder/build-deb-inside-docker +++ b/builder/build-deb-inside-docker @@ -4,6 +4,11 @@ set -e cd "$(dirname "$0")/.." +os=$(lsb_release -is | tr '[:upper:]' '[:lower:]') +os_ver=$(lsb_release -rs) +os_dir="builder/build/${os}_${os_ver}" + dpkg-buildpackage -us -uc -b -cp ../*.deb builder/build +mkdir -p "$os_dir" +cp ../*.deb "$os_dir" lintian ../*.deb From a6d37c2a3181418593441eb1e736b2a6eebe859a Mon Sep 17 00:00:00 2001 From: Dmitry Maksyoma Date: Tue, 19 Jan 2021 23:23:33 +1300 Subject: [PATCH 03/35] Deb: update test-deb to use debs in _ dirs --- builder/dockerfile.ubuntu1804.deb.test | 3 ++- builder/dockerfile.ubuntu2004.deb.test | 3 ++- builder/test-deb | 3 ++- 3 files changed, 6 insertions(+), 3 deletions(-) diff --git a/builder/dockerfile.ubuntu1804.deb.test b/builder/dockerfile.ubuntu1804.deb.test index 4172490..c436631 100644 --- a/builder/dockerfile.ubuntu1804.deb.test +++ b/builder/dockerfile.ubuntu1804.deb.test @@ -40,7 +40,8 @@ COPY startup/ $STARTUPDIR ### START CUSTOM STUFF #### -COPY build/*.deb /tmp +ARG KASMVNC_PACKAGE_DIR +COPY $KASMVNC_PACKAGE_DIR/*.deb /tmp RUN dpkg -i /tmp/*.deb; apt-get -yf install ### END CUSTOM STUFF ### diff --git a/builder/dockerfile.ubuntu2004.deb.test b/builder/dockerfile.ubuntu2004.deb.test index 2a60b88..c5e5632 100644 --- a/builder/dockerfile.ubuntu2004.deb.test +++ b/builder/dockerfile.ubuntu2004.deb.test @@ -40,7 +40,8 @@ COPY startup/ $STARTUPDIR ### START CUSTOM STUFF #### -COPY build/*.deb /tmp +ARG KASMVNC_PACKAGE_DIR +COPY $KASMVNC_PACKAGE_DIR/*.deb /tmp RUN dpkg -i /tmp/*.deb; apt-get -yf install ### END CUSTOM STUFF ### diff --git a/builder/test-deb b/builder/test-deb index 582fe69..11d1eac 100755 --- a/builder/test-deb +++ b/builder/test-deb @@ -5,6 +5,7 @@ set -e cd "$(dirname "$0")" . ./os_ver_cli.sh -docker build -t kasmvnctester-deb:$os_ver \ +docker build --build-arg KASMVNC_PACKAGE_DIR="build/${os}_${os_ver}" \ + -t kasmvnctester-deb:$os_ver \ -f dockerfile.${os}${os_ver_dockerfile}.deb.test . #docker run -it -p 443:8443 --rm -e "VNC_USER=username" -e "VNC_PW=password123" kasmvnctester-deb:18.04 From 0d47d4890abf77fc20f1aa3002c28485f4dad831 Mon Sep 17 00:00:00 2001 From: Lauri Kasanen Date: Wed, 14 Oct 2020 14:39:33 +0300 Subject: [PATCH 04/35] Enable TLS 1.1 and 1.2 --- common/network/websocket.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/common/network/websocket.c b/common/network/websocket.c index 3bc3b7f..6585402 100644 --- a/common/network/websocket.c +++ b/common/network/websocket.c @@ -160,12 +160,14 @@ ws_ctx_t *ws_socket_ssl(ws_ctx_t *ctx, int socket, char * certfile, char * keyfi } - ctx->ssl_ctx = SSL_CTX_new(TLSv1_server_method()); + ctx->ssl_ctx = SSL_CTX_new(SSLv23_server_method()); if (ctx->ssl_ctx == NULL) { ERR_print_errors_fp(stderr); fatal("Failed to configure SSL context"); } + SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3); + if (SSL_CTX_use_PrivateKey_file(ctx->ssl_ctx, use_keyfile, SSL_FILETYPE_PEM) <= 0) { sprintf(msg, "Unable to load private key file %s\n", use_keyfile); From a479b2fcd4ba334939b91f00011886e5b931f9db Mon Sep 17 00:00:00 2001 From: Dmitry Maksyoma Date: Wed, 20 Jan 2021 23:56:50 +1300 Subject: [PATCH 05/35] Use snakeoil certificate if available --- builder/dockerfile.ubuntu1804.deb.test | 2 +- builder/dockerfile.ubuntu2004.deb.test | 2 +- builder/startup/vnc_startup.sh | 9 ++++----- 3 files changed, 6 insertions(+), 7 deletions(-) diff --git a/builder/dockerfile.ubuntu1804.deb.test b/builder/dockerfile.ubuntu1804.deb.test index c436631..a656de6 100644 --- a/builder/dockerfile.ubuntu1804.deb.test +++ b/builder/dockerfile.ubuntu1804.deb.test @@ -47,7 +47,7 @@ RUN dpkg -i /tmp/*.deb; apt-get -yf install ### END CUSTOM STUFF ### RUN chown -R 1000:0 $HOME -USER 1000:kasmvnc +USER 1000:ssl-cert WORKDIR $HOME ENTRYPOINT [ "/dockerstartup/vnc_startup.sh" ] diff --git a/builder/dockerfile.ubuntu2004.deb.test b/builder/dockerfile.ubuntu2004.deb.test index c5e5632..ed573b1 100644 --- a/builder/dockerfile.ubuntu2004.deb.test +++ b/builder/dockerfile.ubuntu2004.deb.test @@ -47,7 +47,7 @@ RUN dpkg -i /tmp/*.deb; apt-get -yf install ### END CUSTOM STUFF ### RUN chown -R 1000:0 $HOME -USER 1000:kasmvnc +USER 1000:ssl-cert WORKDIR $HOME ENTRYPOINT [ "/dockerstartup/vnc_startup.sh" ] diff --git a/builder/startup/vnc_startup.sh b/builder/startup/vnc_startup.sh index 27e8f66..b2980ce 100755 --- a/builder/startup/vnc_startup.sh +++ b/builder/startup/vnc_startup.sh @@ -21,16 +21,15 @@ detect_www_dir() { detect_cert_location() { local tarball_cert="$HOME/.vnc/self.pem" - local package_cert="/etc/kasmvnc/server.pem" + local package_cert="/etc/ssl/certs/ssl-cert-snakeoil.pem" + local package_key="/etc/ssl/private/ssl-cert-snakeoil.key" local use_cert= if [[ -f "$package_cert" ]]; then - use_cert="$package_cert" + cert_option="-cert $package_cert -key $package_key" else - use_cert="$tarball_cert" + cert_option="-cert $tarball_cert" fi - - cert_option="-cert $use_cert" } ## resolve_vnc_connection From 2b9a4d0d8b2398ea8a838c629733aa18a9896e6d Mon Sep 17 00:00:00 2001 From: Dmitry Maksyoma Date: Thu, 21 Jan 2021 00:14:30 +1300 Subject: [PATCH 06/35] Deb: remove /etc/kasmvnc and cert generation as we use snakeoil now --- debian/dirs | 1 - debian/postinst | 23 ----------------------- debian/postrm | 3 --- 3 files changed, 27 deletions(-) delete mode 100644 debian/dirs diff --git a/debian/dirs b/debian/dirs deleted file mode 100644 index ae5bbdc..0000000 --- a/debian/dirs +++ /dev/null @@ -1 +0,0 @@ -etc/kasmvnc diff --git a/debian/postinst b/debian/postinst index c92f80a..8a1f407 100644 --- a/debian/postinst +++ b/debian/postinst @@ -17,27 +17,6 @@ set -e # for details, see https://www.debian.org/doc/debian-policy/ or # the debian-policy package -kasmvnc_group="kasmvnc" - -create_kasmvnc_group() { - if ! getent group "$kasmvnc_group" >/dev/null; then - addgroup --quiet --system "$kasmvnc_group" - fi -} - -make_self_signed_certificate() { - local cert_file=/etc/kasmvnc/server.pem - [ -f "$cert_file" ] && return 0 - - openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout "$cert_file" \ - -out "$cert_file" -subj \ - "/C=US/ST=VA/L=None/O=None/OU=DoFu/CN=kasm/emailAddress=none@none.none" - chgrp "$kasmvnc_group" "$cert_file" - chmod g+r "$cert_file" -} - -create_kasmvnc_group - case "$1" in configure) bindir=/usr/bin @@ -51,8 +30,6 @@ case "$1" in --slave "$mandir/man1/$generic_command.1.gz" "$generic_command.1.gz" \ "$mandir/man1/$kasm_command.1.gz" done - - make_self_signed_certificate ;; abort-upgrade|abort-remove|abort-deconfigure) diff --git a/debian/postrm b/debian/postrm index 2d34fa5..9f9ec2c 100644 --- a/debian/postrm +++ b/debian/postrm @@ -20,9 +20,6 @@ set -e case "$1" in - purge) - rm -r /etc/kasmvnc - ;; purge|remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear) ;; From 85f2ed4f714fc744cbe2f570363f4abe7a945f56 Mon Sep 17 00:00:00 2001 From: Dmitry Maksyoma Date: Thu, 21 Jan 2021 00:20:02 +1300 Subject: [PATCH 07/35] Gitignore deb building tmp files --- .gitignore | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.gitignore b/.gitignore index 63463c4..ffe48c7 100644 --- a/.gitignore +++ b/.gitignore @@ -14,3 +14,9 @@ config.h builder/build/ builder/www/ + +# Deb building artefacts +debian/.debhelper/ +debian/files +debian/kasmvncserver.substvars +debian/kasmvncserver/ From e456357c6821b162c88d5a61d502eaa12debe1d5 Mon Sep 17 00:00:00 2001 From: Dmitry Maksyoma Date: Thu, 21 Jan 2021 00:24:59 +1300 Subject: [PATCH 08/35] Deb: empty postrm -> postrm.ex --- debian/{postrm => postrm.ex} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename debian/{postrm => postrm.ex} (100%) diff --git a/debian/postrm b/debian/postrm.ex similarity index 100% rename from debian/postrm rename to debian/postrm.ex From 3c3eed0e462ef51e303aca537d01fb274e417a5f Mon Sep 17 00:00:00 2001 From: Dmitry Maksyoma Date: Thu, 21 Jan 2021 23:35:56 +1300 Subject: [PATCH 09/35] Deb: exclude www/utils, instead of individual files --- debian/Makefile.to_fakebuild_tar_package | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/debian/Makefile.to_fakebuild_tar_package b/debian/Makefile.to_fakebuild_tar_package index 6e2eaf6..780d727 100644 --- a/debian/Makefile.to_fakebuild_tar_package +++ b/debian/Makefile.to_fakebuild_tar_package @@ -17,8 +17,7 @@ install: unpack_tarball cp $(SRC_BIN)/kasmvncpasswd $(DESTDIR)/usr/bin/ cp -r $(SRC)/share/doc/kasmvnc*/* $(DESTDIR)/usr/share/doc/kasmvncserver/ rsync -r --exclude '.git*' --exclude po2js --exclude xgettext-html \ - --exclude genkeysymdef.js --exclude use_require.js \ - --exclude .eslintrc \ + --exclude www/utils/ --exclude .eslintrc \ $(SRC)/share/kasmvnc $(DESTDIR)/usr/share cp $(SRC)/man/man1/Xvnc.1 $(DESTDIR)/usr/share/man/man1/Xkasmvnc.1 cp $(SRC)/share/man/man1/vncserver.1 $(DST_MAN)/kasmvncserver.1 From 085174136081a569883d209907a82f5c436112de Mon Sep 17 00:00:00 2001 From: Dmitry Maksyoma Date: Fri, 22 Jan 2021 21:52:05 +1300 Subject: [PATCH 10/35] Deb: Debian 10 building requires package libsm6 --- debian/control | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/debian/control b/debian/control index 6f6f82a..1a18812 100644 --- a/debian/control +++ b/debian/control @@ -3,7 +3,7 @@ Section: x11 Priority: optional Maintainer: Kasm Technologies LLC Build-Depends: debhelper (>= 11), rsync, libjpeg-dev, libjpeg-dev, libpng-dev, - libtiff-dev, libgif-dev, libavcodec-dev, libssl-dev, libgl1, libxfont2 + libtiff-dev, libgif-dev, libavcodec-dev, libssl-dev, libgl1, libxfont2, libsm6 Standards-Version: 4.1.3 Homepage: https://github.com/kasmtech/KasmVNC #Vcs-Browser: https://salsa.debian.org/debian/kasmvnc From b6f16eabb77b6c7a667ba8080a9e83e17296d64c Mon Sep 17 00:00:00 2001 From: Dmitry Maksyoma Date: Fri, 22 Jan 2021 21:53:52 +1300 Subject: [PATCH 11/35] Deb: woraroudn dbgsym package that's created now --- builder/dockerfile.ubuntu1804.deb.test | 2 +- builder/dockerfile.ubuntu2004.deb.test | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/builder/dockerfile.ubuntu1804.deb.test b/builder/dockerfile.ubuntu1804.deb.test index a656de6..5a19c05 100644 --- a/builder/dockerfile.ubuntu1804.deb.test +++ b/builder/dockerfile.ubuntu1804.deb.test @@ -41,7 +41,7 @@ COPY startup/ $STARTUPDIR ### START CUSTOM STUFF #### ARG KASMVNC_PACKAGE_DIR -COPY $KASMVNC_PACKAGE_DIR/*.deb /tmp +COPY $KASMVNC_PACKAGE_DIR/kasmvncserver_*.deb /tmp RUN dpkg -i /tmp/*.deb; apt-get -yf install ### END CUSTOM STUFF ### diff --git a/builder/dockerfile.ubuntu2004.deb.test b/builder/dockerfile.ubuntu2004.deb.test index ed573b1..c7f2311 100644 --- a/builder/dockerfile.ubuntu2004.deb.test +++ b/builder/dockerfile.ubuntu2004.deb.test @@ -41,7 +41,7 @@ COPY startup/ $STARTUPDIR ### START CUSTOM STUFF #### ARG KASMVNC_PACKAGE_DIR -COPY $KASMVNC_PACKAGE_DIR/*.deb /tmp +COPY $KASMVNC_PACKAGE_DIR/kasmvncserver_*.deb /tmp RUN dpkg -i /tmp/*.deb; apt-get -yf install ### END CUSTOM STUFF ### From c5061e67b42572dcd069d0e0125e6342dfe07b8a Mon Sep 17 00:00:00 2001 From: Dmitry Maksyoma Date: Fri, 22 Jan 2021 21:54:22 +1300 Subject: [PATCH 12/35] Deb: Debian 10 support --- builder/build-tarball | 2 +- builder/dockerfile.debian10.deb.build | 12 ++++++ builder/dockerfile.debian10.deb.test | 53 +++++++++++++++++++++++++++ builder/test-deb | 4 +- 4 files changed, 68 insertions(+), 3 deletions(-) create mode 100644 builder/dockerfile.debian10.deb.build create mode 100644 builder/dockerfile.debian10.deb.test diff --git a/builder/build-tarball b/builder/build-tarball index 3733bd6..ba4bc8d 100755 --- a/builder/build-tarball +++ b/builder/build-tarball @@ -14,7 +14,7 @@ build_www_dir docker pull "$os_image" docker build -t kasmvncbuilder:$os_ver \ --f builder/dockerfile.ubuntu${os_ver_dockerfile}.build . +-f builder/dockerfile.${os}${os_ver_dockerfile}.build . mkdir -p builder/build docker run -v /tmp:/build --rm kasmvncbuilder:$os_ver diff --git a/builder/dockerfile.debian10.deb.build b/builder/dockerfile.debian10.deb.build new file mode 100644 index 0000000..d3d4e9b --- /dev/null +++ b/builder/dockerfile.debian10.deb.build @@ -0,0 +1,12 @@ +FROM debian:buster + +ENV DEBIAN_FRONTEND noninteractive + +RUN apt-get update && \ + apt-get -y install vim build-essential devscripts equivs + +# Install build-deps for the package. +COPY ./debian/control /tmp +RUN echo YYY | mk-build-deps --install --remove /tmp/control + +USER 1000 diff --git a/builder/dockerfile.debian10.deb.test b/builder/dockerfile.debian10.deb.test new file mode 100644 index 0000000..0273917 --- /dev/null +++ b/builder/dockerfile.debian10.deb.test @@ -0,0 +1,53 @@ +FROM debian:buster-slim + +ENV DISPLAY=:1 \ + VNC_PORT=8443 \ + VNC_RESOLUTION=1280x720 \ + MAX_FRAME_RATE=24 \ + VNCOPTIONS="-PreferBandwidth -DynamicQualityMin=4 -DynamicQualityMax=7" \ + HOME=/home/user \ + TERM=xterm \ + STARTUPDIR=/dockerstartup \ + INST_SCRIPTS=/dockerstartup/install \ + KASM_RX_HOME=/dockerstartup/kasmrx \ + DEBIAN_FRONTEND=noninteractive \ + VNC_COL_DEPTH=24 \ + VNC_RESOLUTION=1280x1024 \ + VNC_PW=vncpassword \ + VNC_USER=user \ + VNC_VIEW_ONLY_PW=vncviewonlypassword \ + LD_LIBRARY_PATH=/usr/local/lib/ \ + OMP_WAIT_POLICY=PASSIVE \ + SHELL=/bin/bash \ + SINGLE_APPLICATION=0 \ + KASMVNC_BUILD_OS=ubuntu \ + KASMVNC_BUILD_OS_VER=18.04 + +EXPOSE $VNC_PORT + +WORKDIR $HOME + +### REQUIRED STUFF ### + +RUN apt-get update && apt-get install -y supervisor xfce4 xfce4-terminal xterm libnss-wrapper gettext wget procps +RUN apt-get purge -y pm-utils xscreensaver* +RUN apt-get update && apt-get install -y vim less + +RUN echo 'source $STARTUPDIR/generate_container_user' >> $HOME/.bashrc + +RUN mkdir -p $STARTUPDIR +COPY startup/ $STARTUPDIR + +### START CUSTOM STUFF #### + +ARG KASMVNC_PACKAGE_DIR +COPY $KASMVNC_PACKAGE_DIR/kasmvncserver_*.deb /tmp +RUN dpkg -i /tmp/*.deb; apt-get -yf install + +### END CUSTOM STUFF ### + +RUN chown -R 1000:0 $HOME +USER 1000:ssl-cert +WORKDIR $HOME + +ENTRYPOINT [ "/dockerstartup/vnc_startup.sh" ] diff --git a/builder/test-deb b/builder/test-deb index 11d1eac..f451714 100755 --- a/builder/test-deb +++ b/builder/test-deb @@ -6,6 +6,6 @@ cd "$(dirname "$0")" . ./os_ver_cli.sh docker build --build-arg KASMVNC_PACKAGE_DIR="build/${os}_${os_ver}" \ - -t kasmvnctester-deb:$os_ver \ + -t kasmvnctester_${os}:$os_ver \ -f dockerfile.${os}${os_ver_dockerfile}.deb.test . -#docker run -it -p 443:8443 --rm -e "VNC_USER=username" -e "VNC_PW=password123" kasmvnctester-deb:18.04 +echo docker run -it -p 443:8443 --rm -e "VNC_USER=foo" -e "VNC_PW=bar" kasmvnctester_${os}:$os_ver From acd9f18f640702202a8e70101b699fdda78c008b Mon Sep 17 00:00:00 2001 From: Dmitry Maksyoma Date: Fri, 22 Jan 2021 22:10:02 +1300 Subject: [PATCH 13/35] Deb: remove python dependency Programs in www/utils are no longer included, and nothing else uses it. --- debian/control | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/debian/control b/debian/control index 1a18812..b20c42d 100644 --- a/debian/control +++ b/debian/control @@ -11,7 +11,7 @@ Homepage: https://github.com/kasmtech/KasmVNC Package: kasmvncserver Architecture: amd64 -Depends: ${shlibs:Depends}, ${misc:Depends}, ${perl:Depends}, ssl-cert, python, xauth +Depends: ${shlibs:Depends}, ${misc:Depends}, ${perl:Depends}, ssl-cert, xauth Provides: vnc-server Description: virtual network computing server with web interface Lorem ipsum From 7a6067e081871bf1e1df5a06d5f7fd3bccc3897d Mon Sep 17 00:00:00 2001 From: Dmitry Maksyoma Date: Tue, 26 Jan 2021 21:43:19 +1300 Subject: [PATCH 14/35] Deb: add Xorg-related dependencies --- builder/dockerfile.debian10.deb.test | 2 +- debian/control | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/builder/dockerfile.debian10.deb.test b/builder/dockerfile.debian10.deb.test index 0273917..99cc08b 100644 --- a/builder/dockerfile.debian10.deb.test +++ b/builder/dockerfile.debian10.deb.test @@ -29,7 +29,7 @@ WORKDIR $HOME ### REQUIRED STUFF ### -RUN apt-get update && apt-get install -y supervisor xfce4 xfce4-terminal xterm libnss-wrapper gettext wget procps +RUN apt-get update && apt-get install -y supervisor xfce4 xfce4-terminal xterm libnss-wrapper gettext wget RUN apt-get purge -y pm-utils xscreensaver* RUN apt-get update && apt-get install -y vim less diff --git a/debian/control b/debian/control index b20c42d..979b52e 100644 --- a/debian/control +++ b/debian/control @@ -11,7 +11,8 @@ Homepage: https://github.com/kasmtech/KasmVNC Package: kasmvncserver Architecture: amd64 -Depends: ${shlibs:Depends}, ${misc:Depends}, ${perl:Depends}, ssl-cert, xauth +Depends: ${shlibs:Depends}, ${misc:Depends}, ${perl:Depends}, ssl-cert, xauth, + x11-xkb-utils, xkb-data, procps Provides: vnc-server Description: virtual network computing server with web interface Lorem ipsum From e5b8d4df11bba3c33b1b7780b110e90759059e01 Mon Sep 17 00:00:00 2001 From: Dmitry Maksyoma Date: Tue, 26 Jan 2021 21:45:33 +1300 Subject: [PATCH 15/35] Deb: add barebones testing image for Debian 10 --- builder/dockerfile.debian10.barebones.deb.test | 12 ++++++++++++ builder/test-deb-barebones | 15 +++++++++++++++ 2 files changed, 27 insertions(+) create mode 100644 builder/dockerfile.debian10.barebones.deb.test create mode 100755 builder/test-deb-barebones diff --git a/builder/dockerfile.debian10.barebones.deb.test b/builder/dockerfile.debian10.barebones.deb.test new file mode 100644 index 0000000..f219d8b --- /dev/null +++ b/builder/dockerfile.debian10.barebones.deb.test @@ -0,0 +1,12 @@ +FROM debian:buster-slim + +ARG KASMVNC_PACKAGE_DIR +COPY $KASMVNC_PACKAGE_DIR/kasmvncserver_*.deb /tmp +RUN apt-get update && dpkg -i /tmp/*.deb; apt-get -yf install +RUN apt-get update && apt-get -y install x11-xserver-utils xterm twm + +RUN useradd -m docker && addgroup docker ssl-cert + +USER docker + +ENTRYPOINT bash -c "vncserver :1 -interface 0.0.0.0 && vncserver -kill :1 && vncserver :1 -depth 24 -geometry 1280x1050 -websocketPort 8443 -cert /etc/ssl/certs/ssl-cert-snakeoil.pem -key /etc/ssl/private/ssl-cert-snakeoil.key -sslOnly -FrameRate=24 -interface 0.0.0.0 -httpd /usr/share/kasmvnc/www && tail -f $HOME/.vnc/*.log " diff --git a/builder/test-deb-barebones b/builder/test-deb-barebones new file mode 100755 index 0000000..6174b63 --- /dev/null +++ b/builder/test-deb-barebones @@ -0,0 +1,15 @@ +#!/bin/bash + +set -e + +cd "$(dirname "$0")" +os="debian" +os_ver="10" +os_ver_dockerfile="10" + +docker build --build-arg KASMVNC_PACKAGE_DIR="build/${os}_${os_ver}" \ + -t kasmvnctester_barebones_${os}:$os_ver \ + -f dockerfile.${os}${os_ver_dockerfile}.barebones.deb.test . +echo +echo "You will be asked to set password. User name is docker." +docker run -it -p 443:8443 --rm kasmvnctester_barebones_${os}:$os_ver From 070458d3028ab0cc1950d84877b0dbc32c9af436 Mon Sep 17 00:00:00 2001 From: Dmitry Maksyoma Date: Thu, 28 Jan 2021 22:10:46 +1300 Subject: [PATCH 16/35] Deb: release numbers (18.04) -> codenames (bionic) --- builder/build-deb | 8 +++++--- builder/build-deb-inside-docker | 4 ++-- builder/build-tarball | 8 ++++---- builder/build.sh | 2 +- ...st => dockerfile.debian_buster.barebones.deb.test} | 0 ....debian10.build => dockerfile.debian_buster.build} | 2 +- ...0.deb.build => dockerfile.debian_buster.deb.build} | 0 ...804.deb.test => dockerfile.debian_buster.deb.test} | 6 +++--- ...buntu1804.build => dockerfile.ubuntu_bionic.build} | 2 +- ...4.deb.build => dockerfile.ubuntu_bionic.deb.build} | 2 +- ...004.deb.test => dockerfile.ubuntu_bionic.deb.test} | 4 ++-- ....ubuntu1804.test => dockerfile.ubuntu_bionic.test} | 6 +++--- ...ubuntu2004.build => dockerfile.ubuntu_focal.build} | 4 ++-- ...04.deb.build => dockerfile.ubuntu_focal.deb.build} | 2 +- ...an10.deb.test => dockerfile.ubuntu_focal.deb.test} | 4 ++-- ...e.ubuntu2004.test => dockerfile.ubuntu_focal.test} | 8 ++++---- builder/os_ver_cli.sh | 7 +++---- builder/test-deb | 9 +++++---- builder/test-deb-barebones | 11 +++++------ debian/Makefile.to_fakebuild_tar_package | 4 ++-- 20 files changed, 47 insertions(+), 46 deletions(-) rename builder/{dockerfile.debian10.barebones.deb.test => dockerfile.debian_buster.barebones.deb.test} (100%) rename builder/{dockerfile.debian10.build => dockerfile.debian_buster.build} (96%) rename builder/{dockerfile.debian10.deb.build => dockerfile.debian_buster.deb.build} (100%) rename builder/{dockerfile.ubuntu1804.deb.test => dockerfile.debian_buster.deb.test} (93%) rename builder/{dockerfile.ubuntu1804.build => dockerfile.ubuntu_bionic.build} (97%) rename builder/{dockerfile.ubuntu1804.deb.build => dockerfile.ubuntu_bionic.deb.build} (92%) rename builder/{dockerfile.ubuntu2004.deb.test => dockerfile.ubuntu_bionic.deb.test} (95%) rename builder/{dockerfile.ubuntu1804.test => dockerfile.ubuntu_bionic.test} (89%) rename builder/{dockerfile.ubuntu2004.build => dockerfile.ubuntu_focal.build} (94%) rename builder/{dockerfile.ubuntu2004.deb.build => dockerfile.ubuntu_focal.deb.build} (93%) rename builder/{dockerfile.debian10.deb.test => dockerfile.ubuntu_focal.deb.test} (95%) rename builder/{dockerfile.ubuntu2004.test => dockerfile.ubuntu_focal.test} (87%) diff --git a/builder/build-deb b/builder/build-deb index 60fff46..73751ef 100755 --- a/builder/build-deb +++ b/builder/build-deb @@ -5,10 +5,12 @@ set -e cd "$(dirname "$0")/.." . builder/os_ver_cli.sh -docker build -t debbuilder_${os}:${os_ver} -f \ - builder/dockerfile.${os}${os_ver_dockerfile}.deb.build . +docker build -t debbuilder_${os}:${os_codename} -f \ + builder/dockerfile.${os}_${os_codename}.deb.build . deb_output_dir=$(cd .. && echo $PWD) L_UID=$(id -u) #Ubuntu already has UID env var, but this should work on all Linix systems L_GID=$(id -g) -docker run --rm -v "$deb_output_dir":/src --user $L_UID:$L_GID debbuilder_${os}:${os_ver} /bin/bash -c '/src/*/builder/build-deb-inside-docker' +docker run --rm -v "$deb_output_dir":/src --user $L_UID:$L_GID \ + debbuilder_${os}:${os_codename} /bin/bash -c \ + '/src/*/builder/build-deb-inside-docker' diff --git a/builder/build-deb-inside-docker b/builder/build-deb-inside-docker index aa0651b..995b717 100755 --- a/builder/build-deb-inside-docker +++ b/builder/build-deb-inside-docker @@ -5,8 +5,8 @@ set -e cd "$(dirname "$0")/.." os=$(lsb_release -is | tr '[:upper:]' '[:lower:]') -os_ver=$(lsb_release -rs) -os_dir="builder/build/${os}_${os_ver}" +os_codename=$(lsb_release -cs) +os_dir="builder/build/${os_codename}" dpkg-buildpackage -us -uc -b mkdir -p "$os_dir" diff --git a/builder/build-tarball b/builder/build-tarball index ba4bc8d..20f8621 100755 --- a/builder/build-tarball +++ b/builder/build-tarball @@ -13,13 +13,13 @@ cd "$(dirname "$0")/.." build_www_dir docker pull "$os_image" -docker build -t kasmvncbuilder:$os_ver \ --f builder/dockerfile.${os}${os_ver_dockerfile}.build . +docker build -t kasmvncbuilder:$os_codename \ +-f builder/dockerfile.${os}_${os_codename}.build . mkdir -p builder/build -docker run -v /tmp:/build --rm kasmvncbuilder:$os_ver +docker run -v /tmp:/build --rm kasmvncbuilder:$os_codename L_GID=$(id -g) L_UID=$(id -u) -tarball_name="kasmvnc.${os}_${os_ver}.tar.gz" +tarball_name="kasmvnc.${os}_${os_codename}.tar.gz" chown $L_UID:$L_GID /tmp/$tarball_name mv /tmp/$tarball_name $PWD/builder/build/ diff --git a/builder/build.sh b/builder/build.sh index 63be78d..b1287bc 100755 --- a/builder/build.sh +++ b/builder/build.sh @@ -67,4 +67,4 @@ mv release/maketarball3 release/maketarball make servertarball -cp kasmvnc*.tar.gz /build/kasmvnc.${KASMVNC_BUILD_OS}_${KASMVNC_BUILD_OS_VER}.tar.gz +cp kasmvnc*.tar.gz /build/kasmvnc.${KASMVNC_BUILD_OS}_${KASMVNC_BUILD_OS_CODENAME}.tar.gz diff --git a/builder/dockerfile.debian10.barebones.deb.test b/builder/dockerfile.debian_buster.barebones.deb.test similarity index 100% rename from builder/dockerfile.debian10.barebones.deb.test rename to builder/dockerfile.debian_buster.barebones.deb.test diff --git a/builder/dockerfile.debian10.build b/builder/dockerfile.debian_buster.build similarity index 96% rename from builder/dockerfile.debian10.build rename to builder/dockerfile.debian_buster.build index 99cfd10..721b1a6 100644 --- a/builder/dockerfile.debian10.build +++ b/builder/dockerfile.debian_buster.build @@ -1,7 +1,7 @@ FROM debian:buster ENV KASMVNC_BUILD_OS debian -ENV KASMVNC_BUILD_OS_VER 10 +ENV KASMVNC_BUILD_OS_CODENAME buster ENV XORG_VER 1.20.10 ENV DEBIAN_FRONTEND noninteractive diff --git a/builder/dockerfile.debian10.deb.build b/builder/dockerfile.debian_buster.deb.build similarity index 100% rename from builder/dockerfile.debian10.deb.build rename to builder/dockerfile.debian_buster.deb.build diff --git a/builder/dockerfile.ubuntu1804.deb.test b/builder/dockerfile.debian_buster.deb.test similarity index 93% rename from builder/dockerfile.ubuntu1804.deb.test rename to builder/dockerfile.debian_buster.deb.test index 5a19c05..53d6b5d 100644 --- a/builder/dockerfile.ubuntu1804.deb.test +++ b/builder/dockerfile.debian_buster.deb.test @@ -1,4 +1,4 @@ -FROM ubuntu:18.04 +FROM debian:buster-slim ENV DISPLAY=:1 \ VNC_PORT=8443 \ @@ -20,8 +20,8 @@ ENV DISPLAY=:1 \ OMP_WAIT_POLICY=PASSIVE \ SHELL=/bin/bash \ SINGLE_APPLICATION=0 \ - KASMVNC_BUILD_OS=ubuntu \ - KASMVNC_BUILD_OS_VER=18.04 + KASMVNC_BUILD_OS=debian \ + KASMVNC_BUILD_OS_CODENAME=buster EXPOSE $VNC_PORT diff --git a/builder/dockerfile.ubuntu1804.build b/builder/dockerfile.ubuntu_bionic.build similarity index 97% rename from builder/dockerfile.ubuntu1804.build rename to builder/dockerfile.ubuntu_bionic.build index 6c48eed..a21a716 100644 --- a/builder/dockerfile.ubuntu1804.build +++ b/builder/dockerfile.ubuntu_bionic.build @@ -1,7 +1,7 @@ FROM ubuntu:18.04 ENV KASMVNC_BUILD_OS ubuntu -ENV KASMVNC_BUILD_OS_VER 18.04 +ENV KASMVNC_BUILD_OS_CODENAME bionic RUN sed -i 's$# deb-src$deb-src$' /etc/apt/sources.list diff --git a/builder/dockerfile.ubuntu1804.deb.build b/builder/dockerfile.ubuntu_bionic.deb.build similarity index 92% rename from builder/dockerfile.ubuntu1804.deb.build rename to builder/dockerfile.ubuntu_bionic.deb.build index 3125fec..9063fd9 100644 --- a/builder/dockerfile.ubuntu1804.deb.build +++ b/builder/dockerfile.ubuntu_bionic.deb.build @@ -1,4 +1,4 @@ -FROM ubuntu:18.04 +FROM ubuntu:bionic RUN apt-get update && \ apt-get -y install vim build-essential devscripts equivs diff --git a/builder/dockerfile.ubuntu2004.deb.test b/builder/dockerfile.ubuntu_bionic.deb.test similarity index 95% rename from builder/dockerfile.ubuntu2004.deb.test rename to builder/dockerfile.ubuntu_bionic.deb.test index c7f2311..9a0db27 100644 --- a/builder/dockerfile.ubuntu2004.deb.test +++ b/builder/dockerfile.ubuntu_bionic.deb.test @@ -1,4 +1,4 @@ -FROM ubuntu:20.04 +FROM ubuntu:bionic ENV DISPLAY=:1 \ VNC_PORT=8443 \ @@ -21,7 +21,7 @@ ENV DISPLAY=:1 \ SHELL=/bin/bash \ SINGLE_APPLICATION=0 \ KASMVNC_BUILD_OS=ubuntu \ - KASMVNC_BUILD_OS_VER=18.04 + KASMVNC_BUILD_OS_CODENAME=bionic EXPOSE $VNC_PORT diff --git a/builder/dockerfile.ubuntu1804.test b/builder/dockerfile.ubuntu_bionic.test similarity index 89% rename from builder/dockerfile.ubuntu1804.test rename to builder/dockerfile.ubuntu_bionic.test index a734c58..35470ff 100644 --- a/builder/dockerfile.ubuntu1804.test +++ b/builder/dockerfile.ubuntu_bionic.test @@ -21,7 +21,7 @@ ENV DISPLAY=:1 \ SHELL=/bin/bash \ SINGLE_APPLICATION=0 \ KASMVNC_BUILD_OS=ubuntu \ - KASMVNC_BUILD_OS_VER=18.04 + KASMVNC_BUILD_OS_CODENAME=bionic EXPOSE $VNC_PORT @@ -39,8 +39,8 @@ COPY startup/ $STARTUPDIR ### START CUSTOM STUFF #### -COPY build/kasmvnc.${KASMVNC_BUILD_OS}_${KASMVNC_BUILD_OS_VER}.tar.gz /tmp/ -RUN tar -xzvf /tmp/kasmvnc.${KASMVNC_BUILD_OS}_${KASMVNC_BUILD_OS_VER}.tar.gz --strip 1 -C / +COPY build/kasmvnc.${KASMVNC_BUILD_OS}_${KASMVNC_BUILD_OS_CODENAME}.tar.gz /tmp/ +RUN tar -xzvf /tmp/kasmvnc.${KASMVNC_BUILD_OS}_${KASMVNC_BUILD_OS_CODENAME}.tar.gz --strip 1 -C / ### END CUSTOM STUFF ### diff --git a/builder/dockerfile.ubuntu2004.build b/builder/dockerfile.ubuntu_focal.build similarity index 94% rename from builder/dockerfile.ubuntu2004.build rename to builder/dockerfile.ubuntu_focal.build index 148e4d6..9c52a77 100644 --- a/builder/dockerfile.ubuntu2004.build +++ b/builder/dockerfile.ubuntu_focal.build @@ -1,7 +1,7 @@ -FROM ubuntu:20.04 +FROM ubuntu:focal ENV KASMVNC_BUILD_OS ubuntu -ENV KASMVNC_BUILD_OS_VER 20.04 +ENV KASMVNC_BUILD_OS_CODENAME focal ENV XORG_VER 1.20.8 ENV DEBIAN_FRONTEND noninteractive diff --git a/builder/dockerfile.ubuntu2004.deb.build b/builder/dockerfile.ubuntu_focal.deb.build similarity index 93% rename from builder/dockerfile.ubuntu2004.deb.build rename to builder/dockerfile.ubuntu_focal.deb.build index 9011a55..703ce2b 100644 --- a/builder/dockerfile.ubuntu2004.deb.build +++ b/builder/dockerfile.ubuntu_focal.deb.build @@ -1,4 +1,4 @@ -FROM ubuntu:20.04 +FROM ubuntu:focal ENV DEBIAN_FRONTEND noninteractive diff --git a/builder/dockerfile.debian10.deb.test b/builder/dockerfile.ubuntu_focal.deb.test similarity index 95% rename from builder/dockerfile.debian10.deb.test rename to builder/dockerfile.ubuntu_focal.deb.test index 99cc08b..4d1c50b 100644 --- a/builder/dockerfile.debian10.deb.test +++ b/builder/dockerfile.ubuntu_focal.deb.test @@ -1,4 +1,4 @@ -FROM debian:buster-slim +FROM ubuntu:focal ENV DISPLAY=:1 \ VNC_PORT=8443 \ @@ -21,7 +21,7 @@ ENV DISPLAY=:1 \ SHELL=/bin/bash \ SINGLE_APPLICATION=0 \ KASMVNC_BUILD_OS=ubuntu \ - KASMVNC_BUILD_OS_VER=18.04 + KASMVNC_BUILD_OS_CODENAME=bionic EXPOSE $VNC_PORT diff --git a/builder/dockerfile.ubuntu2004.test b/builder/dockerfile.ubuntu_focal.test similarity index 87% rename from builder/dockerfile.ubuntu2004.test rename to builder/dockerfile.ubuntu_focal.test index 37da8e8..18bf413 100644 --- a/builder/dockerfile.ubuntu2004.test +++ b/builder/dockerfile.ubuntu_focal.test @@ -1,4 +1,4 @@ -FROM ubuntu:20.04 +FROM ubuntu:focal ENV DISPLAY=:1 \ VNC_PORT=8443 \ @@ -21,7 +21,7 @@ ENV DISPLAY=:1 \ SHELL=/bin/bash \ SINGLE_APPLICATION=0 \ KASMVNC_BUILD_OS=ubuntu \ - KASMVNC_BUILD_OS_VER=20.04 + KASMVNC_BUILD_OS_CODENAME=focal EXPOSE $VNC_PORT @@ -39,8 +39,8 @@ COPY startup/ $STARTUPDIR ### START CUSTOM STUFF #### -COPY build/kasmvnc.${KASMVNC_BUILD_OS}_${KASMVNC_BUILD_OS_VER}.tar.gz /tmp/ -RUN tar -xzvf /tmp/kasmvnc.${KASMVNC_BUILD_OS}_${KASMVNC_BUILD_OS_VER}.tar.gz --strip 1 -C / +COPY build/kasmvnc.${KASMVNC_BUILD_OS}_${KASMVNC_BUILD_OS_CODENAME}.tar.gz /tmp/ +RUN tar -xzvf /tmp/kasmvnc.${KASMVNC_BUILD_OS}_${KASMVNC_BUILD_OS_CODENAME}.tar.gz --strip 1 -C / ### END CUSTOM STUFF ### diff --git a/builder/os_ver_cli.sh b/builder/os_ver_cli.sh index 823e3b4..e1e230f 100644 --- a/builder/os_ver_cli.sh +++ b/builder/os_ver_cli.sh @@ -1,9 +1,8 @@ default_os=ubuntu -default_os_ver=18.04 +default_os_codename=bionic os=${1:-$default_os} -os_ver=${2:-$default_os_ver} -os_ver_dockerfile=`echo $os_ver | sed 's/\.//g'` -os_image="$os:$os_ver" +os_codename=${2:-$default_os_codename} +os_image="$os:$os_codename" echo "Building for $os_image" diff --git a/builder/test-deb b/builder/test-deb index f451714..dacd3d0 100755 --- a/builder/test-deb +++ b/builder/test-deb @@ -5,7 +5,8 @@ set -e cd "$(dirname "$0")" . ./os_ver_cli.sh -docker build --build-arg KASMVNC_PACKAGE_DIR="build/${os}_${os_ver}" \ - -t kasmvnctester_${os}:$os_ver \ - -f dockerfile.${os}${os_ver_dockerfile}.deb.test . -echo docker run -it -p 443:8443 --rm -e "VNC_USER=foo" -e "VNC_PW=bar" kasmvnctester_${os}:$os_ver +docker build --build-arg KASMVNC_PACKAGE_DIR="build/${os_codename}" \ + -t kasmvnctester_${os}:$os_codename \ + -f dockerfile.${os}_${os_codename}.deb.test . +echo docker run -it -p 443:8443 --rm -e "VNC_USER=foo" -e "VNC_PW=bar" \ + kasmvnctester_${os}:$os_codename diff --git a/builder/test-deb-barebones b/builder/test-deb-barebones index 6174b63..36010bb 100755 --- a/builder/test-deb-barebones +++ b/builder/test-deb-barebones @@ -4,12 +4,11 @@ set -e cd "$(dirname "$0")" os="debian" -os_ver="10" -os_ver_dockerfile="10" +os_codename="buster" -docker build --build-arg KASMVNC_PACKAGE_DIR="build/${os}_${os_ver}" \ - -t kasmvnctester_barebones_${os}:$os_ver \ - -f dockerfile.${os}${os_ver_dockerfile}.barebones.deb.test . +docker build --build-arg KASMVNC_PACKAGE_DIR="build/${os_codename}" \ + -t kasmvnctester_barebones_${os}:$os_codename \ + -f dockerfile.${os}_${os_codename}.barebones.deb.test . echo echo "You will be asked to set password. User name is docker." -docker run -it -p 443:8443 --rm kasmvnctester_barebones_${os}:$os_ver +docker run -it -p 443:8443 --rm kasmvnctester_barebones_${os}:$os_codename diff --git a/debian/Makefile.to_fakebuild_tar_package b/debian/Makefile.to_fakebuild_tar_package index 780d727..b5970e8 100644 --- a/debian/Makefile.to_fakebuild_tar_package +++ b/debian/Makefile.to_fakebuild_tar_package @@ -1,6 +1,6 @@ TARGET_OS := $(shell lsb_release -is | tr '[:upper:]' '[:lower:]') -TARGET_OS_VER := $(shell lsb_release -rs) -TARBALL := builder/build/kasmvnc.$(TARGET_OS)_$(TARGET_OS_VER).tar.gz +TARGET_OS_CODENAME := $(shell lsb_release -cs) +TARBALL := builder/build/kasmvnc.$(TARGET_OS)_$(TARGET_OS_CODENAME).tar.gz TAR_DATA := $(shell mktemp -d) SRC := $(TAR_DATA)/usr/local SRC_BIN := $(SRC)/bin From 6d6ebffeaeafad2f10bdfbaa6ecae216b65f2c26 Mon Sep 17 00:00:00 2001 From: Dmitry Maksyoma Date: Thu, 28 Jan 2021 22:45:36 +1300 Subject: [PATCH 17/35] Package building: compile with debug symbols for deb purposes --- builder/build.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/builder/build.sh b/builder/build.sh index b1287bc..e929564 100755 --- a/builder/build.sh +++ b/builder/build.sh @@ -23,7 +23,7 @@ sed -i -e '/find_package(FLTK/s@^@#@' \ -e '/add_subdirectory(tests/s@^@#@' \ CMakeLists.txt -cmake . +cmake -D CMAKE_BUILD_TYPE=RelWithDebInfo . make -j5 tar -C unix/xserver -xvf /tmp/xorg-server-${XORG_VER}.tar.bz2 --strip-components=1 From ead31ae2e7363cf01eddd95f455b2d110108a894 Mon Sep 17 00:00:00 2001 From: Dmitry Maksyoma Date: Thu, 28 Jan 2021 23:35:57 +1300 Subject: [PATCH 18/35] Pkg test: use dpkg to find libnss_wrapper.so --- builder/startup/generate_container_user | 26 +++++++++++++++++-------- 1 file changed, 18 insertions(+), 8 deletions(-) diff --git a/builder/startup/generate_container_user b/builder/startup/generate_container_user index b259e7c..1fd9e86 100755 --- a/builder/startup/generate_container_user +++ b/builder/startup/generate_container_user @@ -1,3 +1,20 @@ +detect_libnss_wrapper() { + if $(which dpkg &>/dev/null); then + libnss_wrapper_file=$(dpkg -S libnss_wrapper.so | awk -F' ' '{ print $2 }') + LD_PRELOAD="$libnss_wrapper_file" + return + fi + + if [ -r /usr/lib/libnss_wrapper.so ]; then + LD_PRELOAD=/usr/lib/libnss_wrapper.so + elif [ -r /usr/lib64/libnss_wrapper.so ]; then + LD_PRELOAD=/usr/lib64/libnss_wrapper.so + else + echo "no libnss_wrapper.so installed!" + exit 1 + fi +} + # Set current user in nss_wrapper USER_ID=$(id -u) GROUP_ID=$(id -g) @@ -24,14 +41,7 @@ if [ x"$USER_ID" != x"0" ]; then export NSS_WRAPPER_PASSWD export NSS_WRAPPER_GROUP - if [ -r /usr/lib/libnss_wrapper.so ]; then - LD_PRELOAD=/usr/lib/libnss_wrapper.so - elif [ -r /usr/lib64/libnss_wrapper.so ]; then - LD_PRELOAD=/usr/lib64/libnss_wrapper.so - else - echo "no libnss_wrapper.so installed!" - exit 1 - fi + detect_libnss_wrapper echo "nss_wrapper location: $LD_PRELOAD" export LD_PRELOAD fi From 9eb9664bcf3732815f01c390b48a3b34159649a3 Mon Sep 17 00:00:00 2001 From: Dmitry Maksyoma Date: Thu, 28 Jan 2021 23:44:25 +1300 Subject: [PATCH 19/35] Pkg test: refactor for readability --- builder/startup/generate_container_user | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/builder/startup/generate_container_user b/builder/startup/generate_container_user index 1fd9e86..cbda373 100755 --- a/builder/startup/generate_container_user +++ b/builder/startup/generate_container_user @@ -1,14 +1,13 @@ detect_libnss_wrapper() { if $(which dpkg &>/dev/null); then libnss_wrapper_file=$(dpkg -S libnss_wrapper.so | awk -F' ' '{ print $2 }') - LD_PRELOAD="$libnss_wrapper_file" return fi if [ -r /usr/lib/libnss_wrapper.so ]; then - LD_PRELOAD=/usr/lib/libnss_wrapper.so + libnss_wrapper_file=/usr/lib/libnss_wrapper.so elif [ -r /usr/lib64/libnss_wrapper.so ]; then - LD_PRELOAD=/usr/lib64/libnss_wrapper.so + libnss_wrapper_file=/usr/lib64/libnss_wrapper.so else echo "no libnss_wrapper.so installed!" exit 1 @@ -42,6 +41,6 @@ if [ x"$USER_ID" != x"0" ]; then export NSS_WRAPPER_GROUP detect_libnss_wrapper - echo "nss_wrapper location: $LD_PRELOAD" - export LD_PRELOAD + echo "nss_wrapper location: $libnss_wrapper_file" + export LD_PRELOAD="$libnss_wrapper_file" fi From 2e98b08cec327954c4614b046d62af97e94b8829 Mon Sep 17 00:00:00 2001 From: Dmitry Maksyoma Date: Thu, 28 Jan 2021 23:46:21 +1300 Subject: [PATCH 20/35] Deb: add Kali kali-rolling support --- builder/build-tarball | 3 +- builder/dockerfile.kali_kali-rolling.build | 31 +++++++++++ .../dockerfile.kali_kali-rolling.deb.build | 12 +++++ builder/dockerfile.kali_kali-rolling.deb.test | 53 +++++++++++++++++++ 4 files changed, 97 insertions(+), 2 deletions(-) create mode 100644 builder/dockerfile.kali_kali-rolling.build create mode 100644 builder/dockerfile.kali_kali-rolling.deb.build create mode 100644 builder/dockerfile.kali_kali-rolling.deb.test diff --git a/builder/build-tarball b/builder/build-tarball index 20f8621..c5f3f2f 100755 --- a/builder/build-tarball +++ b/builder/build-tarball @@ -12,9 +12,8 @@ cd "$(dirname "$0")/.." build_www_dir -docker pull "$os_image" docker build -t kasmvncbuilder:$os_codename \ --f builder/dockerfile.${os}_${os_codename}.build . + -f builder/dockerfile.${os}_${os_codename}.build . mkdir -p builder/build docker run -v /tmp:/build --rm kasmvncbuilder:$os_codename diff --git a/builder/dockerfile.kali_kali-rolling.build b/builder/dockerfile.kali_kali-rolling.build new file mode 100644 index 0000000..6087895 --- /dev/null +++ b/builder/dockerfile.kali_kali-rolling.build @@ -0,0 +1,31 @@ +FROM kalilinux/kali-rolling:latest + +ENV KASMVNC_BUILD_OS kali +ENV KASMVNC_BUILD_OS_CODENAME kali-rolling +ENV XORG_VER 1.20.10 +ENV DEBIAN_FRONTEND noninteractive + +RUN grep '^deb' /etc/apt/sources.list | sed 's#^deb#deb-src#' >> /etc/apt/sources.list + +RUN apt-get update && \ + apt-get -y install sudo + +RUN DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends tzdata +RUN apt-get update && apt-get -y build-dep xorg-server libxfont-dev +RUN apt-get update && apt-get -y install cmake git libjpeg-dev libgnutls28-dev vim wget tightvncserver +RUN apt-get update && apt-get -y install libjpeg-dev libpng-dev libtiff-dev libgif-dev libavcodec-dev libssl-dev + +# Additions for webp +RUN cd /tmp && wget https://storage.googleapis.com/downloads.webmproject.org/releases/webp/libwebp-1.0.2.tar.gz +RUN cd /tmp && tar -xzvf /tmp/libwebp-* +RUN cd /tmp/libwebp-1.0.2 && \ + ./configure --enable-static --disable-shared && \ + make && make install + +RUN useradd -m docker && echo "docker:docker" | chpasswd && adduser docker sudo + +COPY . /src +RUN chown -R docker:docker /src + +USER docker +ENTRYPOINT ["/src/builder/build.sh"] diff --git a/builder/dockerfile.kali_kali-rolling.deb.build b/builder/dockerfile.kali_kali-rolling.deb.build new file mode 100644 index 0000000..8f0a2c5 --- /dev/null +++ b/builder/dockerfile.kali_kali-rolling.deb.build @@ -0,0 +1,12 @@ +FROM kalilinux/kali-rolling:latest + +ENV DEBIAN_FRONTEND noninteractive + +RUN apt-get update && \ + apt-get -y install vim build-essential devscripts equivs + +# Install build-deps for the package. +COPY ./debian/control /tmp +RUN echo YYY | mk-build-deps --install --remove /tmp/control + +USER 1000 diff --git a/builder/dockerfile.kali_kali-rolling.deb.test b/builder/dockerfile.kali_kali-rolling.deb.test new file mode 100644 index 0000000..9ee469c --- /dev/null +++ b/builder/dockerfile.kali_kali-rolling.deb.test @@ -0,0 +1,53 @@ +FROM kalilinux/kali-rolling:latest + +ENV DISPLAY=:1 \ + VNC_PORT=8443 \ + VNC_RESOLUTION=1280x720 \ + MAX_FRAME_RATE=24 \ + VNCOPTIONS="-PreferBandwidth -DynamicQualityMin=4 -DynamicQualityMax=7" \ + HOME=/home/user \ + TERM=xterm \ + STARTUPDIR=/dockerstartup \ + INST_SCRIPTS=/dockerstartup/install \ + KASM_RX_HOME=/dockerstartup/kasmrx \ + DEBIAN_FRONTEND=noninteractive \ + VNC_COL_DEPTH=24 \ + VNC_RESOLUTION=1280x1024 \ + VNC_PW=vncpassword \ + VNC_USER=user \ + VNC_VIEW_ONLY_PW=vncviewonlypassword \ + LD_LIBRARY_PATH=/usr/local/lib/ \ + OMP_WAIT_POLICY=PASSIVE \ + SHELL=/bin/bash \ + SINGLE_APPLICATION=0 \ + KASMVNC_BUILD_OS=ubuntu \ + KASMVNC_BUILD_OS_VER=18.04 + +EXPOSE $VNC_PORT + +WORKDIR $HOME + +### REQUIRED STUFF ### + +RUN apt-get update && apt-get install -y supervisor xfce4 xfce4-terminal xterm libnss-wrapper gettext wget +RUN apt-get purge -y pm-utils xscreensaver* +RUN apt-get update && apt-get install -y vim less + +RUN echo 'source $STARTUPDIR/generate_container_user' >> $HOME/.bashrc + +RUN mkdir -p $STARTUPDIR +COPY startup/ $STARTUPDIR + +### START CUSTOM STUFF #### + +ARG KASMVNC_PACKAGE_DIR +COPY $KASMVNC_PACKAGE_DIR/kasmvncserver_*.deb /tmp +RUN dpkg -i /tmp/*.deb; apt-get -yf install + +### END CUSTOM STUFF ### + +RUN chown -R 1000:0 $HOME +USER 1000:ssl-cert +WORKDIR $HOME + +ENTRYPOINT [ "/dockerstartup/vnc_startup.sh" ] From 9fbda8e518a710ec72419d69497cad9961710076 Mon Sep 17 00:00:00 2001 From: Dmitry Maksyoma Date: Fri, 29 Jan 2021 21:29:04 +1300 Subject: [PATCH 21/35] Deb: add Bullseye support --- builder/dockerfile.debian_bullseye.build | 31 ++++++++++++ builder/dockerfile.debian_bullseye.deb.build | 12 +++++ builder/dockerfile.debian_bullseye.deb.test | 53 ++++++++++++++++++++ 3 files changed, 96 insertions(+) create mode 100644 builder/dockerfile.debian_bullseye.build create mode 100644 builder/dockerfile.debian_bullseye.deb.build create mode 100644 builder/dockerfile.debian_bullseye.deb.test diff --git a/builder/dockerfile.debian_bullseye.build b/builder/dockerfile.debian_bullseye.build new file mode 100644 index 0000000..3c19f4c --- /dev/null +++ b/builder/dockerfile.debian_bullseye.build @@ -0,0 +1,31 @@ +FROM debian:bullseye-slim + +ENV KASMVNC_BUILD_OS debian +ENV KASMVNC_BUILD_OS_CODENAME bullseye +ENV XORG_VER 1.20.10 +ENV DEBIAN_FRONTEND noninteractive + +RUN grep '^deb' /etc/apt/sources.list | sed 's#^deb#deb-src#' >> /etc/apt/sources.list + +RUN apt-get update && \ + apt-get -y install sudo + +RUN DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends tzdata +RUN apt-get update && apt-get -y build-dep xorg-server libxfont-dev +RUN apt-get update && apt-get -y install cmake git libjpeg-dev libgnutls28-dev vim wget tightvncserver +RUN apt-get update && apt-get -y install libjpeg-dev libpng-dev libtiff-dev libgif-dev libavcodec-dev libssl-dev + +# Additions for webp +RUN cd /tmp && wget https://storage.googleapis.com/downloads.webmproject.org/releases/webp/libwebp-1.0.2.tar.gz +RUN cd /tmp && tar -xzvf /tmp/libwebp-* +RUN cd /tmp/libwebp-1.0.2 && \ + ./configure --enable-static --disable-shared && \ + make && make install + +RUN useradd -m docker && echo "docker:docker" | chpasswd && adduser docker sudo + +COPY . /src +RUN chown -R docker:docker /src + +USER docker +ENTRYPOINT ["/src/builder/build.sh"] diff --git a/builder/dockerfile.debian_bullseye.deb.build b/builder/dockerfile.debian_bullseye.deb.build new file mode 100644 index 0000000..7cc3b16 --- /dev/null +++ b/builder/dockerfile.debian_bullseye.deb.build @@ -0,0 +1,12 @@ +FROM debian:bullseye + +ENV DEBIAN_FRONTEND noninteractive + +RUN apt-get update && \ + apt-get -y install vim build-essential devscripts equivs + +# Install build-deps for the package. +COPY ./debian/control /tmp +RUN echo YYY | mk-build-deps --install --remove /tmp/control + +USER 1000 diff --git a/builder/dockerfile.debian_bullseye.deb.test b/builder/dockerfile.debian_bullseye.deb.test new file mode 100644 index 0000000..5749f4e --- /dev/null +++ b/builder/dockerfile.debian_bullseye.deb.test @@ -0,0 +1,53 @@ +FROM debian:bullseye-slim + +ENV DISPLAY=:1 \ + VNC_PORT=8443 \ + VNC_RESOLUTION=1280x720 \ + MAX_FRAME_RATE=24 \ + VNCOPTIONS="-PreferBandwidth -DynamicQualityMin=4 -DynamicQualityMax=7" \ + HOME=/home/user \ + TERM=xterm \ + STARTUPDIR=/dockerstartup \ + INST_SCRIPTS=/dockerstartup/install \ + KASM_RX_HOME=/dockerstartup/kasmrx \ + DEBIAN_FRONTEND=noninteractive \ + VNC_COL_DEPTH=24 \ + VNC_RESOLUTION=1280x1024 \ + VNC_PW=vncpassword \ + VNC_USER=user \ + VNC_VIEW_ONLY_PW=vncviewonlypassword \ + LD_LIBRARY_PATH=/usr/local/lib/ \ + OMP_WAIT_POLICY=PASSIVE \ + SHELL=/bin/bash \ + SINGLE_APPLICATION=0 \ + KASMVNC_BUILD_OS=debian \ + KASMVNC_BUILD_OS_CODENAME=buster + +EXPOSE $VNC_PORT + +WORKDIR $HOME + +### REQUIRED STUFF ### + +RUN apt-get update && apt-get install -y supervisor xfce4 xfce4-terminal xterm libnss-wrapper gettext wget +RUN apt-get purge -y pm-utils xscreensaver* +RUN apt-get update && apt-get install -y vim less + +RUN echo 'source $STARTUPDIR/generate_container_user' >> $HOME/.bashrc + +RUN mkdir -p $STARTUPDIR +COPY startup/ $STARTUPDIR + +### START CUSTOM STUFF #### + +ARG KASMVNC_PACKAGE_DIR +COPY $KASMVNC_PACKAGE_DIR/kasmvncserver_*.deb /tmp +RUN dpkg -i /tmp/*.deb; apt-get -yf install + +### END CUSTOM STUFF ### + +RUN chown -R 1000:0 $HOME +USER 1000:ssl-cert +WORKDIR $HOME + +ENTRYPOINT [ "/dockerstartup/vnc_startup.sh" ] From b224addecec8841e7ca0bc12ebbda387b4cdea42 Mon Sep 17 00:00:00 2001 From: Dmitry Maksyoma Date: Fri, 29 Jan 2021 22:12:43 +1300 Subject: [PATCH 22/35] Deb: add first quilt patch --- .gitignore | 1 + debian/patches/fix-kasmvncserver-perl-hashbang.patch | 10 ++++++++++ debian/patches/series | 1 + 3 files changed, 12 insertions(+) create mode 100644 debian/patches/fix-kasmvncserver-perl-hashbang.patch create mode 100644 debian/patches/series diff --git a/.gitignore b/.gitignore index ffe48c7..ccb6180 100644 --- a/.gitignore +++ b/.gitignore @@ -20,3 +20,4 @@ debian/.debhelper/ debian/files debian/kasmvncserver.substvars debian/kasmvncserver/ +.pc diff --git a/debian/patches/fix-kasmvncserver-perl-hashbang.patch b/debian/patches/fix-kasmvncserver-perl-hashbang.patch new file mode 100644 index 0000000..4fa9c69 --- /dev/null +++ b/debian/patches/fix-kasmvncserver-perl-hashbang.patch @@ -0,0 +1,10 @@ +Description: Lintian complains about #!/usr/bin/env perl. +Author: Dmitry Maksyoma +--- a/unix/vncserver ++++ b/unix/vncserver +@@ -1,4 +1,4 @@ +-#!/usr/bin/env perl ++#!/usr/bin/perl + # + # Copyright (C) 2009-2010 D. R. Commander. All Rights Reserved. + # Copyright (C) 2005-2006 Sun Microsystems, Inc. All Rights Reserved. diff --git a/debian/patches/series b/debian/patches/series new file mode 100644 index 0000000..7312ab9 --- /dev/null +++ b/debian/patches/series @@ -0,0 +1 @@ +fix-kasmvncserver-perl-hashbang.patch From b98a9eb5fa0a503c1b404d5c5da30d8fc42db459 Mon Sep 17 00:00:00 2001 From: Dmitry Maksyoma Date: Fri, 29 Jan 2021 22:52:10 +1300 Subject: [PATCH 23/35] Pkg build: patch with quilt if it's present --- builder/build.sh | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/builder/build.sh b/builder/build.sh index e929564..d8dc253 100755 --- a/builder/build.sh +++ b/builder/build.sh @@ -1,5 +1,12 @@ #!/bin/sh -e +detect_quilt() { + if which quilt 1>/dev/null; then + QUILT_PRESENT=1 + export QUILT_PATCHES=debian/patches + fi +} + # For build-dep to work, the apt sources need to have the source server #sudo apt-get build-dep xorg-server @@ -65,6 +72,10 @@ sed $'s#pushd $TMPDIR/inst#CWD=$(pwd)\\\ncd $TMPDIR/inst#' release/maketarball sed $'s#popd#cd $CWD#' release/maketarball2 > release/maketarball3 mv release/maketarball3 release/maketarball +detect_quilt +if [ -n "$QUILT_PRESENT" ]; then + quilt push -a +fi make servertarball cp kasmvnc*.tar.gz /build/kasmvnc.${KASMVNC_BUILD_OS}_${KASMVNC_BUILD_OS_CODENAME}.tar.gz From a6512a7801e7ae70e8e1003bb0be3f40be35a6b9 Mon Sep 17 00:00:00 2001 From: Dmitry Maksyoma Date: Fri, 5 Feb 2021 23:40:44 +1300 Subject: [PATCH 24/35] Docker copy will ignore builder/build, where debs are --- .dockerignore | 1 + .../{dockerfile.centos7.build => dockerfile.centos_core.build} | 0 2 files changed, 1 insertion(+) create mode 100644 .dockerignore rename builder/{dockerfile.centos7.build => dockerfile.centos_core.build} (100%) diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..e052dcf --- /dev/null +++ b/.dockerignore @@ -0,0 +1 @@ +builder/build diff --git a/builder/dockerfile.centos7.build b/builder/dockerfile.centos_core.build similarity index 100% rename from builder/dockerfile.centos7.build rename to builder/dockerfile.centos_core.build From 90101a7e913ab957559f1429022d559d06a67d79 Mon Sep 17 00:00:00 2001 From: Dmitry Maksyoma Date: Fri, 5 Feb 2021 23:49:47 +1300 Subject: [PATCH 25/35] Rpm: CentOS dfart. Rpm building isn't automated yet. --- builder/build-rpm | 16 +++++ builder/build.sh | 9 +-- .../dockerfile.centos_core.barebones.rpm.test | 17 ++++++ builder/dockerfile.centos_core.build | 15 ++++- builder/dockerfile.centos_core.rpm.build | 10 +++ builder/dockerfile.centos_core.rpm.test | 61 +++++++++++++++++++ builder/test-rpm | 14 +++++ builder/test-rpm-barebones | 14 +++++ centos/kasmvncserver.spec | 53 ++++++++++++++++ common/network/TcpSocket.cxx | 7 ++- debian/Makefile.to_fakebuild_tar_package | 10 ++- 11 files changed, 214 insertions(+), 12 deletions(-) create mode 100755 builder/build-rpm create mode 100644 builder/dockerfile.centos_core.barebones.rpm.test create mode 100644 builder/dockerfile.centos_core.rpm.build create mode 100644 builder/dockerfile.centos_core.rpm.test create mode 100755 builder/test-rpm create mode 100755 builder/test-rpm-barebones create mode 100644 centos/kasmvncserver.spec diff --git a/builder/build-rpm b/builder/build-rpm new file mode 100755 index 0000000..e5cdfe8 --- /dev/null +++ b/builder/build-rpm @@ -0,0 +1,16 @@ +#!/bin/bash + +set -e + +cd "$(dirname "$0")/.." +. builder/os_ver_cli.sh + +docker build -t kasmvnc_rpmbuilder_${os}:${os_codename} -f \ + builder/dockerfile.${os}_${os_codename}.rpm.build . + +rpm_output_dir=$(cd .. && echo $PWD) +L_UID=$(id -u) #Ubuntu already has UID env var, but this should work on all Linix systems +L_GID=$(id -g) +docker run --rm -v "$rpm_output_dir":/src --user $L_UID:$L_GID \ + kasmvnc_rpmbuilder_${os}:${os_codename} /bin/bash -c \ + '/src/*/builder/build-rpm-inside-docker' diff --git a/builder/build.sh b/builder/build.sh index d8dc253..73a7b34 100755 --- a/builder/build.sh +++ b/builder/build.sh @@ -66,11 +66,12 @@ touch man/man1/Xserver.1 touch man/man1/Xvnc.1 mkdir lib cd lib -ln -s /usr/lib/x86_64-linux-gnu/dri dri +if [ -d /usr/lib/x86_64-linux-gnu/dri ]; then + ln -s /usr/lib/x86_64-linux-gnu/dri dri +else + ln -s /usr/lib64/dri dri +fi cd /src -sed $'s#pushd $TMPDIR/inst#CWD=$(pwd)\\\ncd $TMPDIR/inst#' release/maketarball > release/maketarball2 -sed $'s#popd#cd $CWD#' release/maketarball2 > release/maketarball3 -mv release/maketarball3 release/maketarball detect_quilt if [ -n "$QUILT_PRESENT" ]; then diff --git a/builder/dockerfile.centos_core.barebones.rpm.test b/builder/dockerfile.centos_core.barebones.rpm.test new file mode 100644 index 0000000..3831119 --- /dev/null +++ b/builder/dockerfile.centos_core.barebones.rpm.test @@ -0,0 +1,17 @@ +FROM centos:centos7 + +RUN yum install -y epel-release && yum groupinstall xfce -y +RUN yum install -y xterm perl + +ARG KASMVNC_PACKAGE_DIR +COPY $KASMVNC_PACKAGE_DIR/*.rpm /tmp +RUN yum localinstall -y /tmp/*.rpm + +RUN useradd -m docker + +USER docker + +RUN mkdir ~/.vnc && echo '/usr/bin/xfce4-session &' >> ~/.vnc/xstartup && \ + chmod +x ~/.vnc/xstartup + +ENTRYPOINT bash -c "vncserver :1 -interface 0.0.0.0 && vncserver -kill :1 && vncserver :1 -depth 24 -geometry 1280x1050 -websocketPort 8443 -cert /etc/ssl/certs/ssl-cert-snakeoil.pem -key /etc/ssl/private/ssl-cert-snakeoil.key -sslOnly -FrameRate=24 -interface 0.0.0.0 -httpd /usr/share/kasmvnc/www && tail -f $HOME/.vnc/*.log " diff --git a/builder/dockerfile.centos_core.build b/builder/dockerfile.centos_core.build index 288db42..06dad21 100644 --- a/builder/dockerfile.centos_core.build +++ b/builder/dockerfile.centos_core.build @@ -1,8 +1,17 @@ FROM centos:centos7 +ENV KASMVNC_BUILD_OS centos +ENV KASMVNC_BUILD_OS_CODENAME core + RUN yum install -y build-dep xorg-server libxfont-dev sudo -RUN yum install -y cmake git libjpeg-dev libgnutls28-dev vim wget tightvncserver -RUN yum install -y libjpeg-dev libpng-dev libtiff-dev libgif-dev libavcodec-dev libssl-dev +RUN yum install -y gcc cmake git libjpeg-dev libgnutls28-dev vim wget tightvncserver +RUN yum install -y libjpeg-dev libpng-dev libtiff-dev libgif-dev libavcodec-dev openssl-devel +RUN yum install -y make +RUN yum group install -y "Development Tools" +RUN yum install -y xorg-x11-server-devel zlib-devel libjpeg-turbo-devel +RUN yum install -y libxkbfile-devel libXfont2-devel xorg-x11-font-utils \ + xorg-x11-xtrans-devel xorg-x11-xkb-utils-devel +RUN yum install -y mesa-dri-drivers # Additions for webp RUN cd /tmp && wget https://storage.googleapis.com/downloads.webmproject.org/releases/webp/libwebp-1.0.2.tar.gz @@ -11,7 +20,7 @@ RUN cd /tmp/libwebp-1.0.2 && \ ./configure --enable-static --disable-shared && \ make && make install -RUN useradd -m docker && echo "docker:docker" | chpasswd && adduser docker sudo +RUN useradd -m docker && echo "docker:docker" | chpasswd COPY . /src RUN chown -R docker:docker /src diff --git a/builder/dockerfile.centos_core.rpm.build b/builder/dockerfile.centos_core.rpm.build new file mode 100644 index 0000000..cff6ae9 --- /dev/null +++ b/builder/dockerfile.centos_core.rpm.build @@ -0,0 +1,10 @@ +FROM centos:centos7 + +RUN yum install -y rpm* gpg* rng-tools + +RUN useradd -m docker && echo "docker:docker" | chpasswd + +COPY . /src +RUN chown -R docker:docker /src + +USER docker diff --git a/builder/dockerfile.centos_core.rpm.test b/builder/dockerfile.centos_core.rpm.test new file mode 100644 index 0000000..d9738e4 --- /dev/null +++ b/builder/dockerfile.centos_core.rpm.test @@ -0,0 +1,61 @@ +FROM centos:centos7 + +ENV DISPLAY=:1 \ + VNC_PORT=8443 \ + VNC_RESOLUTION=1280x720 \ + MAX_FRAME_RATE=24 \ + VNCOPTIONS="-PreferBandwidth -DynamicQualityMin=4 -DynamicQualityMax=7" \ + HOME=/home/user \ + TERM=xterm \ + STARTUPDIR=/dockerstartup \ + INST_SCRIPTS=/dockerstartup/install \ + KASM_RX_HOME=/dockerstartup/kasmrx \ + DEBIAN_FRONTEND=noninteractive \ + VNC_COL_DEPTH=24 \ + VNC_RESOLUTION=1280x1024 \ + VNC_PW=vncpassword \ + VNC_USER=user \ + VNC_VIEW_ONLY_PW=vncviewonlypassword \ + LD_LIBRARY_PATH=/usr/local/lib/ \ + OMP_WAIT_POLICY=PASSIVE \ + SHELL=/bin/bash \ + SINGLE_APPLICATION=0 \ + KASMVNC_BUILD_OS=centos \ + KASMVNC_BUILD_OS_CODENAME=core + +EXPOSE $VNC_PORT + +WORKDIR $HOME + +### REQUIRED STUFF ### + +RUN yum install -y openssl xterm gettext wget +RUN yum install -y centos-release-scl-rh && yum install -y nss_wrapper +RUN yum install -y xorg-x11-server xorg-x11-xauth xorg-x11-xkb-utils \ + xkeyboard-config xorg-x11-server-utils +RUN yum install -y epel-release && yum groupinstall xfce -y +RUN yum erase -y pm-utils xscreensaver* +RUN yum install -y redhat-lsb-core +RUN yum install -y vim less + +RUN echo 'source $STARTUPDIR/generate_container_user' >> $HOME/.bashrc + +RUN mkdir -p $STARTUPDIR +COPY startup/ $STARTUPDIR + +### START CUSTOM STUFF #### + +ARG KASMVNC_PACKAGE_DIR +COPY $KASMVNC_PACKAGE_DIR/*.rpm /tmp +RUN yum localinstall -y /tmp/*.rpm + +### END CUSTOM STUFF ### + +RUN chown -R 1000:0 $HOME +USER 1000 +WORKDIR $HOME + +RUN mkdir ~/.vnc && echo '/usr/bin/xfce4-session &' >> ~/.vnc/xstartup && \ + chmod +x ~/.vnc/xstartup + +ENTRYPOINT [ "/dockerstartup/vnc_startup.sh" ] diff --git a/builder/test-rpm b/builder/test-rpm new file mode 100755 index 0000000..0249658 --- /dev/null +++ b/builder/test-rpm @@ -0,0 +1,14 @@ +#!/bin/bash + +set -e + +cd "$(dirname "$0")" +. ./os_ver_cli.sh + +echo kasmvnctester_${os}:$os_codename +docker build --build-arg \ + KASMVNC_PACKAGE_DIR="build" \ + -t kasmvnctester_${os}:$os_codename \ + -f dockerfile.${os}_${os_codename}.rpm.test . +echo docker run -it -p 443:8443 --rm -e "VNC_USER=foo" -e "VNC_PW=bar" \ + kasmvnctester_${os}:$os_codename diff --git a/builder/test-rpm-barebones b/builder/test-rpm-barebones new file mode 100755 index 0000000..608142e --- /dev/null +++ b/builder/test-rpm-barebones @@ -0,0 +1,14 @@ +#!/bin/bash + +set -e + +cd "$(dirname "$0")" +os="centos" +os_codename="core" + +docker build --build-arg KASMVNC_PACKAGE_DIR="build" \ + -t kasmvnctester_barebones_${os}:$os_codename \ + -f dockerfile.${os}_${os_codename}.barebones.rpm.test . +echo +echo "You will be asked to set password. User name is docker." +docker run -it -p 443:8443 --rm kasmvnctester_barebones_${os}:$os_codename diff --git a/centos/kasmvncserver.spec b/centos/kasmvncserver.spec new file mode 100644 index 0000000..b26e824 --- /dev/null +++ b/centos/kasmvncserver.spec @@ -0,0 +1,53 @@ +Name: kasmvncserver +Version: 0.9.1~beta +Release: 1%{?dist} +Summary: Lorem ipsum + +License: GPLv2+ +URL: https://github.com/kasmtech/KasmVNC +Source0: kasmvnc.centos_core.tar.gz + +%description + +Lorem ipsum + +%prep + +%install +rm -rf $RPM_BUILD_ROOT +DESTDIR=$RPM_BUILD_ROOT make -f /src/KasmVNC/debian/Makefile.to_fakebuild_tar_package install + +%files +/usr/bin/* +/usr/share/man/man1 +/usr/share/kasmvnc/www + +%doc /usr/share/doc/kasmvncserver + + + +%changelog + +%post + bindir=/usr/bin + mandir=/usr/share/man + commands="kasmvncserver kasmvncpasswd kasmvncconfig Xkasmvnc" + + for kasm_command in $commands; do + generic_command=`echo "$kasm_command" | sed -e 's/kasm//'`; + update-alternatives --install "$bindir/$generic_command" \ + "$generic_command" "$bindir/$kasm_command" 90 \ + --slave "$mandir/man1/$generic_command.1.gz" "$generic_command.1.gz" \ + "$mandir/man1/$kasm_command.1.gz" + done +;; + +%postun + bindir=/usr/bin + mandir=/usr/share/man + commands="kasmvncserver kasmvncpasswd kasmvncconfig Xkasmvnc" + + for kasm_command in $commands; do + generic_command=`echo "$kasm_command" | sed -e 's/kasm//'`; + update-alternatives --remove "$generic_command" "$bindir/$kasm_command" + done diff --git a/common/network/TcpSocket.cxx b/common/network/TcpSocket.cxx index ab05eeb..de667d0 100644 --- a/common/network/TcpSocket.cxx +++ b/common/network/TcpSocket.cxx @@ -1,15 +1,15 @@ /* Copyright (C) 2002-2005 RealVNC Ltd. All Rights Reserved. - * + * * This is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. - * + * * This software is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. - * + * * You should have received a copy of the GNU General Public License * along with this software; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, @@ -38,6 +38,7 @@ #include #include #include +#include #include #include "websocket.h" diff --git a/debian/Makefile.to_fakebuild_tar_package b/debian/Makefile.to_fakebuild_tar_package index b5970e8..f1466e5 100644 --- a/debian/Makefile.to_fakebuild_tar_package +++ b/debian/Makefile.to_fakebuild_tar_package @@ -1,6 +1,12 @@ TARGET_OS := $(shell lsb_release -is | tr '[:upper:]' '[:lower:]') -TARGET_OS_CODENAME := $(shell lsb_release -cs) -TARBALL := builder/build/kasmvnc.$(TARGET_OS)_$(TARGET_OS_CODENAME).tar.gz +TARGET_OS_CODENAME := $(shell lsb_release -cs | tr '[:upper:]' '[:lower:]') +TARBALL_DIR := +ifeq ($(TARGET_OS), centos) + TARBALL_DIR := $$RPM_SOURCE_DIR +else + TARBALL_DIR := builder/build +endif +TARBALL := $(TARBALL_DIR)/kasmvnc.$(TARGET_OS)_$(TARGET_OS_CODENAME).tar.gz TAR_DATA := $(shell mktemp -d) SRC := $(TAR_DATA)/usr/local SRC_BIN := $(SRC)/bin From a8507afb21f99365ddbd3f1006d20fe129d4badc Mon Sep 17 00:00:00 2001 From: Dmitry Maksyoma Date: Thu, 11 Feb 2021 20:43:21 +1300 Subject: [PATCH 26/35] Rpm: add runtime dependencies --- centos/kasmvncserver.spec | 2 ++ 1 file changed, 2 insertions(+) diff --git a/centos/kasmvncserver.spec b/centos/kasmvncserver.spec index b26e824..27da9a7 100644 --- a/centos/kasmvncserver.spec +++ b/centos/kasmvncserver.spec @@ -7,6 +7,8 @@ License: GPLv2+ URL: https://github.com/kasmtech/KasmVNC Source0: kasmvnc.centos_core.tar.gz +Requires: xorg-x11-xauth, xorg-x11-xkb-utils, xkeyboard-config, xorg-x11-server-utils, openssl + %description Lorem ipsum From 49996f91e60e58a76e5b458aff52f62a1d62f335 Mon Sep 17 00:00:00 2001 From: Dmitry Maksyoma Date: Thu, 11 Feb 2021 20:44:08 +1300 Subject: [PATCH 27/35] Rpm: trim cruft in spec file --- centos/kasmvncserver.spec | 3 --- 1 file changed, 3 deletions(-) diff --git a/centos/kasmvncserver.spec b/centos/kasmvncserver.spec index 27da9a7..ca41e6e 100644 --- a/centos/kasmvncserver.spec +++ b/centos/kasmvncserver.spec @@ -5,7 +5,6 @@ Summary: Lorem ipsum License: GPLv2+ URL: https://github.com/kasmtech/KasmVNC -Source0: kasmvnc.centos_core.tar.gz Requires: xorg-x11-xauth, xorg-x11-xkb-utils, xkeyboard-config, xorg-x11-server-utils, openssl @@ -26,8 +25,6 @@ DESTDIR=$RPM_BUILD_ROOT make -f /src/KasmVNC/debian/Makefile.to_fakebuild_tar_pa %doc /usr/share/doc/kasmvncserver - - %changelog %post From 69efc52614f96bacc6b5c97b1bbf5be3cc598f97 Mon Sep 17 00:00:00 2001 From: Dmitry Maksyoma Date: Thu, 11 Feb 2021 20:45:01 +1300 Subject: [PATCH 28/35] Rpm: add test-rpm-barebones with Openbox Twm wasn't available. --- .../dockerfile.centos_core.barebones.rpm.test | 16 ++++++++++------ builder/test-rpm-barebones | 3 ++- 2 files changed, 12 insertions(+), 7 deletions(-) diff --git a/builder/dockerfile.centos_core.barebones.rpm.test b/builder/dockerfile.centos_core.barebones.rpm.test index 3831119..7f001ca 100644 --- a/builder/dockerfile.centos_core.barebones.rpm.test +++ b/builder/dockerfile.centos_core.barebones.rpm.test @@ -1,17 +1,21 @@ FROM centos:centos7 -RUN yum install -y epel-release && yum groupinstall xfce -y -RUN yum install -y xterm perl +RUN yum install -y epel-release && yum install -y openbox xterm +RUN yum erase -y pm-utils xscreensaver* +RUN yum install -y vim less ARG KASMVNC_PACKAGE_DIR COPY $KASMVNC_PACKAGE_DIR/*.rpm /tmp RUN yum localinstall -y /tmp/*.rpm -RUN useradd -m docker +RUN useradd -m foo -USER docker +USER foo -RUN mkdir ~/.vnc && echo '/usr/bin/xfce4-session &' >> ~/.vnc/xstartup && \ +RUN mkdir -p ~/.config/openbox && echo xterm > ~/.config/openbox/autostart && chmod +x ~/.config/openbox/autostart +RUN mkdir ~/.vnc && echo '/usr/bin/openbox-session &' >> ~/.vnc/xstartup && \ chmod +x ~/.vnc/xstartup +RUN openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout $HOME/.vnc/self.pem -out $HOME/.vnc/self.pem -subj "/C=US/ST=VA/L=None/O=None/OU=DoFu/CN=kasm/emailAddress=none@none.none" +RUN echo bar | kasmvncpasswd -f > $HOME/.kasmpasswd && chmod 0600 $HOME/.kasmpasswd -ENTRYPOINT bash -c "vncserver :1 -interface 0.0.0.0 && vncserver -kill :1 && vncserver :1 -depth 24 -geometry 1280x1050 -websocketPort 8443 -cert /etc/ssl/certs/ssl-cert-snakeoil.pem -key /etc/ssl/private/ssl-cert-snakeoil.key -sslOnly -FrameRate=24 -interface 0.0.0.0 -httpd /usr/share/kasmvnc/www && tail -f $HOME/.vnc/*.log " +ENTRYPOINT bash -c "vncserver :1 -interface 0.0.0.0 && vncserver -kill :1 && vncserver :1 -depth 24 -geometry 1280x1050 -websocketPort 8443 -cert $HOME/.vnc/self.pem -sslOnly -FrameRate=24 -interface 0.0.0.0 -httpd /usr/share/kasmvnc/www && tail -f $HOME/.vnc/*.log " diff --git a/builder/test-rpm-barebones b/builder/test-rpm-barebones index 608142e..485cd7e 100755 --- a/builder/test-rpm-barebones +++ b/builder/test-rpm-barebones @@ -11,4 +11,5 @@ docker build --build-arg KASMVNC_PACKAGE_DIR="build" \ -f dockerfile.${os}_${os_codename}.barebones.rpm.test . echo echo "You will be asked to set password. User name is docker." -docker run -it -p 443:8443 --rm kasmvnctester_barebones_${os}:$os_codename +docker run -it -p 443:8443 --rm -e "VNC_USER=foo" -e "VNC_PW=bar" \ + kasmvnctester_barebones_${os}:$os_codename From d658f2b8a3ebf1c03e028c10a7f4f3157dccdae3 Mon Sep 17 00:00:00 2001 From: Dmitry Maksyoma Date: Thu, 11 Feb 2021 20:46:05 +1300 Subject: [PATCH 29/35] Deb: trim cruft from Makefile --- debian/Makefile.to_fakebuild_tar_package | 1 - 1 file changed, 1 deletion(-) diff --git a/debian/Makefile.to_fakebuild_tar_package b/debian/Makefile.to_fakebuild_tar_package index f1466e5..f6d3f7f 100644 --- a/debian/Makefile.to_fakebuild_tar_package +++ b/debian/Makefile.to_fakebuild_tar_package @@ -1,6 +1,5 @@ TARGET_OS := $(shell lsb_release -is | tr '[:upper:]' '[:lower:]') TARGET_OS_CODENAME := $(shell lsb_release -cs | tr '[:upper:]' '[:lower:]') -TARBALL_DIR := ifeq ($(TARGET_OS), centos) TARBALL_DIR := $$RPM_SOURCE_DIR else From b97633ca10016b9923a16aff2a2449431cc7c450 Mon Sep 17 00:00:00 2001 From: Dmitry Maksyoma Date: Thu, 11 Feb 2021 21:50:14 +1300 Subject: [PATCH 30/35] Rpm: automate rpm building with build-rpm --- builder/build-rpm | 6 ++--- builder/build-rpm-inside-docker | 29 ++++++++++++++++++++++++ builder/dockerfile.centos_core.rpm.build | 8 ++++--- builder/test-rpm | 2 +- builder/test-rpm-barebones | 2 +- centos/kasmvncserver.spec | 3 ++- 6 files changed, 41 insertions(+), 9 deletions(-) create mode 100755 builder/build-rpm-inside-docker diff --git a/builder/build-rpm b/builder/build-rpm index e5cdfe8..39724d5 100755 --- a/builder/build-rpm +++ b/builder/build-rpm @@ -8,9 +8,9 @@ cd "$(dirname "$0")/.." docker build -t kasmvnc_rpmbuilder_${os}:${os_codename} -f \ builder/dockerfile.${os}_${os_codename}.rpm.build . -rpm_output_dir=$(cd .. && echo $PWD) +source_dir=$(echo $PWD) L_UID=$(id -u) #Ubuntu already has UID env var, but this should work on all Linix systems L_GID=$(id -g) -docker run --rm -v "$rpm_output_dir":/src --user $L_UID:$L_GID \ +docker run --rm -v "$source_dir":/src --user $L_UID:$L_GID \ kasmvnc_rpmbuilder_${os}:${os_codename} /bin/bash -c \ - '/src/*/builder/build-rpm-inside-docker' + '/src/builder/build-rpm-inside-docker' diff --git a/builder/build-rpm-inside-docker b/builder/build-rpm-inside-docker new file mode 100755 index 0000000..1e856c6 --- /dev/null +++ b/builder/build-rpm-inside-docker @@ -0,0 +1,29 @@ +#!/bin/bash + +set -e + +prepare_build_env() { + rpmdev-setuptree + copy_spec_and_tar_with_binaries +} + +copy_spec_and_tar_with_binaries() { + cp /src/centos/kasmvncserver.spec ~/rpmbuild/SPECS/ + cp /src/builder/build/kasmvnc.${os}_${os_codename}.tar.gz \ + ~/rpmbuild/SOURCES/ +} + +copy_rpm_to_build_dir() { + cd /src/builder && \ + mkdir -p "$os_dir" && cp ~/rpmbuild/RPMS/*/*.rpm ${os_dir} +} + +cd "$(dirname "$0")/.." + +os=$(lsb_release -is | tr '[:upper:]' '[:lower:]') +os_codename=$(lsb_release -cs | tr '[:upper:]' '[:lower:]') +os_dir="build/${os}_${os_codename}" + +prepare_build_env +rpmbuild -ba ~/rpmbuild/SPECS/kasmvncserver.spec +copy_rpm_to_build_dir diff --git a/builder/dockerfile.centos_core.rpm.build b/builder/dockerfile.centos_core.rpm.build index cff6ae9..925eee4 100644 --- a/builder/dockerfile.centos_core.rpm.build +++ b/builder/dockerfile.centos_core.rpm.build @@ -1,10 +1,12 @@ FROM centos:centos7 RUN yum install -y rpm* gpg* rng-tools +RUN yum install -y tree vim less +RUN yum install -y redhat-lsb-core -RUN useradd -m docker && echo "docker:docker" | chpasswd +COPY centos/*.spec /tmp +RUN yum-builddep -y /tmp/*.spec -COPY . /src -RUN chown -R docker:docker /src +RUN useradd -m docker && echo "docker:docker" | chpasswd USER docker diff --git a/builder/test-rpm b/builder/test-rpm index 0249658..b352962 100755 --- a/builder/test-rpm +++ b/builder/test-rpm @@ -7,7 +7,7 @@ cd "$(dirname "$0")" echo kasmvnctester_${os}:$os_codename docker build --build-arg \ - KASMVNC_PACKAGE_DIR="build" \ + KASMVNC_PACKAGE_DIR="build/${os}_${os_codename}" \ -t kasmvnctester_${os}:$os_codename \ -f dockerfile.${os}_${os_codename}.rpm.test . echo docker run -it -p 443:8443 --rm -e "VNC_USER=foo" -e "VNC_PW=bar" \ diff --git a/builder/test-rpm-barebones b/builder/test-rpm-barebones index 485cd7e..3b528e5 100755 --- a/builder/test-rpm-barebones +++ b/builder/test-rpm-barebones @@ -6,7 +6,7 @@ cd "$(dirname "$0")" os="centos" os_codename="core" -docker build --build-arg KASMVNC_PACKAGE_DIR="build" \ +docker build --build-arg KASMVNC_PACKAGE_DIR="build/${os}_${os_codename}" \ -t kasmvnctester_barebones_${os}:$os_codename \ -f dockerfile.${os}_${os_codename}.barebones.rpm.test . echo diff --git a/centos/kasmvncserver.spec b/centos/kasmvncserver.spec index ca41e6e..6135904 100644 --- a/centos/kasmvncserver.spec +++ b/centos/kasmvncserver.spec @@ -6,6 +6,7 @@ Summary: Lorem ipsum License: GPLv2+ URL: https://github.com/kasmtech/KasmVNC +BuildRequires: rsync Requires: xorg-x11-xauth, xorg-x11-xkb-utils, xkeyboard-config, xorg-x11-server-utils, openssl %description @@ -16,7 +17,7 @@ Lorem ipsum %install rm -rf $RPM_BUILD_ROOT -DESTDIR=$RPM_BUILD_ROOT make -f /src/KasmVNC/debian/Makefile.to_fakebuild_tar_package install +DESTDIR=$RPM_BUILD_ROOT make -f /src/debian/Makefile.to_fakebuild_tar_package install %files /usr/bin/* From e9e7ecd74d794737eed8f0e14ca7849587ba7ca3 Mon Sep 17 00:00:00 2001 From: Dmitry Maksyoma Date: Fri, 12 Feb 2021 18:11:27 +1300 Subject: [PATCH 31/35] Rpm: create certificate on postinst, remove on postrm --- .../dockerfile.centos_core.barebones.rpm.test | 5 ++-- builder/dockerfile.centos_core.rpm.test | 2 +- builder/startup/vnc_startup.sh | 14 +++++----- builder/test-rpm-barebones | 2 -- centos/kasmvncserver.spec | 26 ++++++++++++++++++- 5 files changed, 36 insertions(+), 13 deletions(-) diff --git a/builder/dockerfile.centos_core.barebones.rpm.test b/builder/dockerfile.centos_core.barebones.rpm.test index 7f001ca..3852d29 100644 --- a/builder/dockerfile.centos_core.barebones.rpm.test +++ b/builder/dockerfile.centos_core.barebones.rpm.test @@ -10,12 +10,11 @@ RUN yum localinstall -y /tmp/*.rpm RUN useradd -m foo -USER foo +USER foo:kasmvnc RUN mkdir -p ~/.config/openbox && echo xterm > ~/.config/openbox/autostart && chmod +x ~/.config/openbox/autostart RUN mkdir ~/.vnc && echo '/usr/bin/openbox-session &' >> ~/.vnc/xstartup && \ chmod +x ~/.vnc/xstartup -RUN openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout $HOME/.vnc/self.pem -out $HOME/.vnc/self.pem -subj "/C=US/ST=VA/L=None/O=None/OU=DoFu/CN=kasm/emailAddress=none@none.none" RUN echo bar | kasmvncpasswd -f > $HOME/.kasmpasswd && chmod 0600 $HOME/.kasmpasswd -ENTRYPOINT bash -c "vncserver :1 -interface 0.0.0.0 && vncserver -kill :1 && vncserver :1 -depth 24 -geometry 1280x1050 -websocketPort 8443 -cert $HOME/.vnc/self.pem -sslOnly -FrameRate=24 -interface 0.0.0.0 -httpd /usr/share/kasmvnc/www && tail -f $HOME/.vnc/*.log " +ENTRYPOINT bash -c "vncserver :1 -interface 0.0.0.0 && vncserver -kill :1 && vncserver :1 -depth 24 -geometry 1280x1050 -websocketPort 8443 -cert /etc/pki/tls/private/kasmvnc.pem -sslOnly -FrameRate=24 -interface 0.0.0.0 -httpd /usr/share/kasmvnc/www && tail -f $HOME/.vnc/*.log " diff --git a/builder/dockerfile.centos_core.rpm.test b/builder/dockerfile.centos_core.rpm.test index d9738e4..ec02208 100644 --- a/builder/dockerfile.centos_core.rpm.test +++ b/builder/dockerfile.centos_core.rpm.test @@ -52,7 +52,7 @@ RUN yum localinstall -y /tmp/*.rpm ### END CUSTOM STUFF ### RUN chown -R 1000:0 $HOME -USER 1000 +USER 1000:kasmvnc WORKDIR $HOME RUN mkdir ~/.vnc && echo '/usr/bin/xfce4-session &' >> ~/.vnc/xstartup && \ diff --git a/builder/startup/vnc_startup.sh b/builder/startup/vnc_startup.sh index b2980ce..b2c3c59 100755 --- a/builder/startup/vnc_startup.sh +++ b/builder/startup/vnc_startup.sh @@ -21,12 +21,14 @@ detect_www_dir() { detect_cert_location() { local tarball_cert="$HOME/.vnc/self.pem" - local package_cert="/etc/ssl/certs/ssl-cert-snakeoil.pem" - local package_key="/etc/ssl/private/ssl-cert-snakeoil.key" - local use_cert= - - if [[ -f "$package_cert" ]]; then - cert_option="-cert $package_cert -key $package_key" + local deb_cert="/etc/ssl/certs/ssl-cert-snakeoil.pem" + local deb_key="/etc/ssl/private/ssl-cert-snakeoil.key" + local rpm_cert="/etc/pki/tls/private/kasmvnc.pem" + + if [[ -f "$deb_cert" ]]; then + cert_option="-cert $deb_cert -key $deb_key" + elif [[ -f "$rpm_cert" ]]; then + cert_option="-cert $rpm_cert" else cert_option="-cert $tarball_cert" fi diff --git a/builder/test-rpm-barebones b/builder/test-rpm-barebones index 3b528e5..e8ba9cd 100755 --- a/builder/test-rpm-barebones +++ b/builder/test-rpm-barebones @@ -9,7 +9,5 @@ os_codename="core" docker build --build-arg KASMVNC_PACKAGE_DIR="build/${os}_${os_codename}" \ -t kasmvnctester_barebones_${os}:$os_codename \ -f dockerfile.${os}_${os_codename}.barebones.rpm.test . -echo -echo "You will be asked to set password. User name is docker." docker run -it -p 443:8443 --rm -e "VNC_USER=foo" -e "VNC_PW=bar" \ kasmvnctester_barebones_${os}:$os_codename diff --git a/centos/kasmvncserver.spec b/centos/kasmvncserver.spec index 6135904..91f0849 100644 --- a/centos/kasmvncserver.spec +++ b/centos/kasmvncserver.spec @@ -40,7 +40,29 @@ DESTDIR=$RPM_BUILD_ROOT make -f /src/debian/Makefile.to_fakebuild_tar_package in --slave "$mandir/man1/$generic_command.1.gz" "$generic_command.1.gz" \ "$mandir/man1/$kasm_command.1.gz" done -;; + + kasmvnc_group="kasmvnc" + + create_kasmvnc_group() { + if ! getent group "$kasmvnc_group" >/dev/null; then + groupadd --system "$kasmvnc_group" + fi + } + + make_self_signed_certificate() { + local cert_file=/etc/pki/tls/private/kasmvnc.pem + [ -f "$cert_file" ] && return 0 + + openssl req -x509 -nodes -days 3650 -newkey rsa:2048 \ + -keyout "$cert_file" \ + -out "$cert_file" -subj \ + "/C=US/ST=VA/L=None/O=None/OU=DoFu/CN=kasm/emailAddress=none@none.none" + chgrp "$kasmvnc_group" "$cert_file" + chmod 640 "$cert_file" + } + + create_kasmvnc_group + make_self_signed_certificate %postun bindir=/usr/bin @@ -51,3 +73,5 @@ DESTDIR=$RPM_BUILD_ROOT make -f /src/debian/Makefile.to_fakebuild_tar_package in generic_command=`echo "$kasm_command" | sed -e 's/kasm//'`; update-alternatives --remove "$generic_command" "$bindir/$kasm_command" done + + rm -f /etc/pki/tls/private/kasmvnc.pem From 0d0f8afceb01345a8e22f63f09adb973d72fb56e Mon Sep 17 00:00:00 2001 From: Dmitry Maksyoma Date: Fri, 12 Feb 2021 22:57:56 +1300 Subject: [PATCH 32/35] Update FSF address in licences to please rpmlint --- LICENCE.TXT | 43 +++++++++++++++++++++---------------------- unix/vncserver | 7 +++---- 2 files changed, 24 insertions(+), 26 deletions(-) diff --git a/LICENCE.TXT b/LICENCE.TXT index ae3b531..d159169 100644 --- a/LICENCE.TXT +++ b/LICENCE.TXT @@ -1,12 +1,12 @@ - GNU GENERAL PUBLIC LICENSE - Version 2, June 1991 + GNU GENERAL PUBLIC LICENSE + Version 2, June 1991 - Copyright (C) 1989, 1991 Free Software Foundation, Inc. - 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + Copyright (C) 1989, 1991 Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. - Preamble + Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public @@ -15,7 +15,7 @@ software--to make sure the software is free for all its users. This General Public License applies to most of the Free Software Foundation's software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by -the GNU Library General Public License instead.) You can apply it to +the GNU Lesser General Public License instead.) You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not @@ -55,8 +55,8 @@ patent must be licensed for everyone's free use or not licensed at all. The precise terms and conditions for copying, distribution and modification follow. - - GNU GENERAL PUBLIC LICENSE + + GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License applies to any program or other work which contains @@ -110,7 +110,7 @@ above, provided that you also meet all of these conditions: License. (Exception: if the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.) - + These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in @@ -168,7 +168,7 @@ access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code. - + 4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is @@ -225,7 +225,7 @@ impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. - + 8. If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License @@ -255,7 +255,7 @@ make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. - NO WARRANTY + NO WARRANTY 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN @@ -277,9 +277,9 @@ YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. - END OF TERMS AND CONDITIONS - - Appendix: How to Apply These Terms to Your New Programs + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it @@ -291,7 +291,7 @@ convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. - Copyright (C) 19yy + Copyright (C) This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -303,17 +303,16 @@ the "copyright" line and a pointer to where the full notice is found. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, - USA. + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: - Gnomovision version 69, Copyright (C) 19yy name of author + Gnomovision version 69, Copyright (C) year name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. @@ -336,5 +335,5 @@ necessary. Here is a sample; alter the names: This General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the -library. If this is what you want to do, use the GNU Library General +library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. diff --git a/unix/vncserver b/unix/vncserver index c19fd3e..04c758e 100644 --- a/unix/vncserver +++ b/unix/vncserver @@ -16,10 +16,9 @@ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # -# You should have received a copy of the GNU General Public License -# along with this software; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, -# USA. +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # # From 0aeffaf2ef84736e3a37837137a77c36f3f8f7c9 Mon Sep 17 00:00:00 2001 From: Dmitry Maksyoma Date: Fri, 12 Feb 2021 23:07:03 +1300 Subject: [PATCH 33/35] Rpm: run rpmlint after building rpm --- builder/build-rpm-inside-docker | 1 + builder/dockerfile.centos_core.rpm.build | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/builder/build-rpm-inside-docker b/builder/build-rpm-inside-docker index 1e856c6..5f51cd1 100755 --- a/builder/build-rpm-inside-docker +++ b/builder/build-rpm-inside-docker @@ -27,3 +27,4 @@ os_dir="build/${os}_${os_codename}" prepare_build_env rpmbuild -ba ~/rpmbuild/SPECS/kasmvncserver.spec copy_rpm_to_build_dir +rpmlint "$os_dir"/*.rpm || true diff --git a/builder/dockerfile.centos_core.rpm.build b/builder/dockerfile.centos_core.rpm.build index 925eee4..7a4e208 100644 --- a/builder/dockerfile.centos_core.rpm.build +++ b/builder/dockerfile.centos_core.rpm.build @@ -1,6 +1,6 @@ FROM centos:centos7 -RUN yum install -y rpm* gpg* rng-tools +RUN yum install -y rpm* gpg* rng-tools rpmlint RUN yum install -y tree vim less RUN yum install -y redhat-lsb-core From 4f561568a3f6d98c4af665844c1f027a3f9a2418 Mon Sep 17 00:00:00 2001 From: Dmitry Maksyoma Date: Fri, 12 Feb 2021 23:07:53 +1300 Subject: [PATCH 34/35] Rpm: make rpmlint happier --- centos/kasmvncserver.spec | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/centos/kasmvncserver.spec b/centos/kasmvncserver.spec index 91f0849..c456a2b 100644 --- a/centos/kasmvncserver.spec +++ b/centos/kasmvncserver.spec @@ -7,7 +7,8 @@ License: GPLv2+ URL: https://github.com/kasmtech/KasmVNC BuildRequires: rsync -Requires: xorg-x11-xauth, xorg-x11-xkb-utils, xkeyboard-config, xorg-x11-server-utils, openssl +Requires: xorg-x11-xauth, xorg-x11-xkb-utils, xkeyboard-config, xorg-x11-server-utils, openssl, perl +Conflicts: tigervnc-server %description @@ -21,12 +22,15 @@ DESTDIR=$RPM_BUILD_ROOT make -f /src/debian/Makefile.to_fakebuild_tar_package in %files /usr/bin/* -/usr/share/man/man1 +/usr/share/man/man1/* /usr/share/kasmvnc/www -%doc /usr/share/doc/kasmvncserver +%license /usr/share/doc/kasmvncserver/LICENCE.TXT +%doc /usr/share/doc/kasmvncserver/README.md %changelog +* Fri Feb 12 2021 KasmTech - 0.9.1~beta-1 +- Initial release of the rpm package. %post bindir=/usr/bin From 7bcf8ebf1f5c370be2d7ec638fc98dfe0f9b2aed Mon Sep 17 00:00:00 2001 From: Dmitry Maksyoma Date: Sun, 14 Feb 2021 19:20:13 +1300 Subject: [PATCH 35/35] Update GitLab pipeline to use new build/ structure --- .gitlab-ci.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 90eadc1..c72a155 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -18,8 +18,7 @@ build: - bash builder/build-tarball - bash builder/build-deb - mkdir output - - cp builder/build/kasmvncserver_*.deb output/ - - cp builder/build/kasmvnc.*.tar.gz output/ + - cp -r builder/build/* output/ artifacts: paths: - output/