freenx hint and patches updated

Jaap Struyk japie at deserver.nl
Sat Jan 21 11:47:31 PST 2006


AUTHOR: Jaap Struyk <japie at deserver.nl>

DATE: 2005-11-29

LICENSE:  GPL, MIT/X11 for X11 bits

SYNOPSIS: Setup an FreeNX server on a (H)LFS system.

DESCRIPTION: Setup a secure remote X-window connection using FreeNX and
sshd.

SYSTEM: x86, 32bit, 2.6 kernel, Glibc-2.3.x.

PREREQUISITES:

  * expat
    --> http://expat.sourceforge.net/

  * audiofile
    --> http://www.68k.org/~michael/audiofile

  * openssl
    --> http://www.openssl.org

  * libjpeg
    --> http://www.ijg.org

  * libpng
    --> http://www.libpng.org/pub/png/libpng.html

  * XFree86/Xorg
    --> http://www.xfree86.org
    --> http://www.x.org

  * openssh
    --> http://www.openssh.com
    	You need to have sshd setup listening on your external and loopback
network!

  * netcat
    --> http://netcat.sourceforge.net

  * expect
    --> http://expect.nist.gov

  * perl
    --> http://www.cpan.org

FILES:

  * The NX core
    --> http://www.nomachine.com/sources.php
    
    nx-X11-1.5.0-21.tar.gz
    nxagent-1.5.0-112.tar.gz
    nxcomp-1.5.0-80.tar.gz
    nxcompext-1.5.0-20.tar.gz
    nxdesktop-1.5.0-78.tar.gz
    nxproxy-1.5.0-9.tar.gz
    nxscripts-1.5.0-11.tar.gz
    nxviewer-1.5.0-15.tar.gz

  * The FreeNX scripts
    --> http://freenx.berlios.de
    
    http://debian.tu-bs.de/knoppix/nx/freenx-0.4.4.tar.gz
    or
    http://www.iem.pw.edu.pl/ftp/distfiles/freenx-0.4.4.tar.gz

  * Latest version of this hint available at 
    
    http://www.linuxfromscratch.org/hints/downloads/files/freenx.txt
    or
    http://www.japie.deserver.nl/ftp/HLFS/freenx.hint
    
NEEDED PATCHES:

  * Patch for the NX packages

   
http://www.linuxfromscratch.org/hints/downloads/attachments/freenx/NX-lfs_hint.diff
    or
    http://www.japie.deserver.nl/ftp/HLFS/NX-lfs_hint.diff

  * Patch for freenx

   
http://www.linuxfromscratch.org/hints/downloads/attachments/freenx/freenx-lfs_hint.diff
    or
    http://www.japie.deserver.nl/ftp/HLFS/freenx-lfs_hint.diff

HINT:

=========
CONTENTS:
=========

        1. Introduction
        2. Installation
        3. Configuration
        4. Setup client
        5. References

================
1. INTRODUCTION:
================

This is a proper and secure way to setup a thin client system on a linux
server.
In comparison to a standard remote X session it's very fast and is even
workable
on bandwiths off 40k (ISDN).
You can use any X-window manager, kde, gnome whatever.
As server U can use any configuration, but since that machine will do
the X+apps.
part and the encryption I would suggest 1Ghz. 512Mb. for several users.
(that's a personal opinion)

================
2. INSTALLATION:
================

# start with unpacking all the tar.gz files...
find . -name "*tar.gz" -exec tar -zxf {} \;
rm *.tar.gz

# apply the NX patch...
patch -p0 < NX-lfs_hint.diff

# modify the configure scripts...
perl -pi -e"s|CXXFLAGS=.-O.*|CXXFLAGS=\"$CXXFLAGS\"|" */configure

# build X11 Support Libraries and Agents...
pushd nx-X11
  make World
popd

# build Proxy Library...
pushd nxproxy
  ./configure --prefix=/srv/NX
  make
popd

# build RFB Agent...
pushd nxviewer
  xmkmf -a
  cp -a /usr/X11R6/lib/libXp.so* ../nx-X11/exports/lib/
  make 2> /dev/null
popd

# build RDP Agent...
pushd nxdesktop
  ./configure --prefix=/srv/NX --sharedir=/srv/NX/share
  make
popd

# create some directory's...
mkdir -p /srv/NX/bin
mkdir -p /srv/NX/lib
mkdir -p /srv/NX/man/man1
mkdir -p /srv/NX/share/doc

# install X11 Support Libraries and Agents...
cp -a nx-X11/lib/X11/libX11.so.* nx-X11/lib/Xext/libXext.so.*
nx-X11/lib/Xrender/libXrender.so.* /srv/NX/lib
install -m 755 nx-X11/programs/Xserver/nxagent /srv/NX/lib

# create a custom nxagent script that handles all programs...
cat > nxagent << "EOF"
#!/bin/sh

NXCOMMAND=$(basename $0)

export LD_LIBRARY_PATH=/srv/NX/lib:$LD_LIBRARY_PATH
exec /srv/NX/lib/$NXCOMMAND ${1+"$@"}
EOF

# install that script...
install -m 755 nxagent /srv/NX/bin

# install Compression Libraries and Proxy...
cp -a nxcomp/libXcomp.so.* /srv/NX/lib
cp -a nxcompext/libXcompext.so.* /srv/NX/lib
install -m 755 nxproxy/nxproxy /srv/NX/lib
ln -snf nxagent /srv/NX/bin/nxproxy

# install RFB Agent...
pushd nxviewer
  make install DESTDIR=/srv/NX
  mv /srv/NX/usr/X11R6/bin/nxviewer /srv/NX/lib
  ln -snf nxagent /srv/NX/bin/nxviewer
  chmod 755 /srv/NX/bin/nxviewer
  mv /srv/NX/usr/X11R6/bin/nxpasswd /srv/NX/bin
popd

# install RDP Agent...
pushd nxdesktop
  make install
  mv /srv/NX/bin/nxdesktop /srv/NX/lib
  ln -snf nxagent /srv/NX/bin/nxdesktop
  chmod 755 /srv/NX/bin/nxdesktop
  rm -rf /srv/NX/usr
popd

# install scripts...
cp -r nxscripts /srv/NX/share/doc

# install FreeNX
mkdir -p /srv/NX/etc
mkdir -p /srv/NX/var
mkdir -p /srv/NX/var/db
mkdir -p /srv/NX/home
mkdir -p /srv/NX/home/nx
pushd freenx-0.4.4
# apply the freenx patch...
patch -p0 < ../freenx-lfs_hint.diff
cp -a nxnode /srv/NX/bin
cp -a nxserver /srv/NX/bin
cp -a nxsetup /srv/NX/bin
cp -a nxkeygen /srv/NX/bin
cp -a nxnode-login /srv/NX/bin
cp -a nxloadconfig /srv/NX/bin
cp -a nxclient /srv/NX/bin
cp -a nxprint /srv/NX/bin
install -m 755 node.conf.sample /srv/NX/etc
popd

=================
3. CONFIGURATION:
=================

# add user and group and check the gid of your nx is allowed by grsec
tpe_gid...
groupadd -g 77 nx
useradd -c 'FreeNX user' -d /srv/NX/home/nx -g nx -s /bin/bash -u 77 nx
passwd -u nx
chown -R root.root /srv/NX
chown -R nx.nx /srv/NX/home/nx 
/srv/NX/bin/nxsetup --install --uid 77 --gid 77

# check if server is running...
/srv/NX/bin/nxserver --status

# Should provide something like:
NX> 100 NXSERVER - Version 1.4.0-44 OS (GPL)
NX> 110 NX Server is running
NX> 999 Bye

# setup the config file...
mv /srv/NX/etc/node.conf.sample /srv/NX/etc/node.conf
Open that file in your favorite editor and change line 339 so it
matches:
ENABLE_1_5_0_BACKEND="1" (don't forget to remove the coment)

# user setup...
The first thing is to lett freenx find a way to auth your user, the
easyest is using your own ssh setup.
Edit /srv/NX/etc/node.conf:
ENABLE_SSH_AUTHENTICATION="1"
And don't forget to remove the # from this line ;-)
copy /srv/NX/home/nx/.ssh/client.id_dsa.key to your local machine for
import in your nxclient.

================
4. SETUP CLIENT:
================

# client setup...
http://64.34.161.181/download/1.5.0/client/xft/nxclient-1.5.0-113.i386.tar.gz
extract to /opt and add the path /opt/NX/bin to your profile.
Pitty it needs libstdc++-libc6.2-2.so.3 so you have to compile gcc-2.9x
and find it.
Start with: "nxclient --wizard" and follow the steps, at the end choose
for
"Advanced configuration Dialog" where you can import the
client.id_dsa.key from above.
Now you would be able to login as any user would via ssh.
Have fun!

==============
5. REFERENCES:
==============

http://www.gnomeuser.org/documents/howto/nx.html
http://fedoranews.org/contributors/rick_stout/freenx/
Rick Stout's spec file.

CHANGELOG:
[2005-11-29]
  * Initial hint.
[2005-12-27]
  * Upgraded some packages.
  * Eased up build order.
[2006-01-05]
  * Fixed some problems with installing freenx scripts.
  * Fixed the freenx patch.
  * Unlock the nx user.
  * Minor changes.
[2006-01-21]
  * Added download location for the patches.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: freenx-lfs_hint.diff
Type: text/x-patch
Size: 1526 bytes
Desc: not available
URL: <http://lists.linuxfromscratch.org/pipermail/hints/attachments/20060121/f555f337/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: NX-lfs_hint.diff
Type: text/x-patch
Size: 3683 bytes
Desc: not available
URL: <http://lists.linuxfromscratch.org/pipermail/hints/attachments/20060121/f555f337/attachment-0001.bin>


More information about the hints mailing list