[Bug 2088433] Re: Problems with tigervncserver copying credential files to /tmp
Juha Aatrokoski
2088433 at bugs.launchpad.net
Tue Nov 19 08:46:58 UTC 2024
Huh, I did not mean to report this for systemd but for tigervnc (only),
but looks like the "Report a bug" link at the top-right of an existing
bug forces the package, even though it later lets you specify the
affected package... Anyway, I guess it's ok now(?)
And yeah, I can fix it for myself but not for others, hence the bug
report. Also, fixing the problem with tmpfiles does not address the
second problem of stale credential files.
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/2088433
Title:
Problems with tigervncserver copying credential files to /tmp
Status in systemd package in Ubuntu:
Won't Fix
Status in tigervnc package in Ubuntu:
New
Bug description:
(Ubuntu 24.04.1, TigerVNC 1.13.1+dfsg-2build2)
On startup, tigervncserver (via Wrapper.pm) copies ~/.vnc/passwd (and
other credential files) into /tmp/tigervnc.XXXXXX directory and tells
Xtigervnc to use those instead. There are at least two problems with
this:
1: On Ubuntu, automatic age-based cleaning of /tmp is enabled by
default. This is problematic in general (see bug #2088268), but
specifically the /tmp/tigervnc.XXXXXX directory can get removed. If
/tmp has the noatime mount option, the removal always happens 30 days
after the VNC server is started. Without noatime, the removal happens
if there is a 30 day period without any new connections to the VNC
server. When the directory is removed, the VNC server becomes
inaccessible.
2: If the credential files (e.g. password) in ~/.vnc/ are changed, the
running VNC server will not pick this up and will continue to use the
old cached credential files.
I think there should at least be a mechanism to enable/disable this
caching behavior via a configuration file (or a command line
argument). Also, if such caching is done, I think the proper location
would be under $XDG_RUNTIME_DIR instead of /tmp.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/2088433/+subscriptions
More information about the foundations-bugs
mailing list