[11.2RC2] vnc accessible desktop within a jail

[seedz]

Hi everyone !

I'm currently trying to set up a jail to do one thing :
getting an always running desktop running Xfce4 accessible through a browser with the help of the guacamole.apache applet (which is running fine in its own jail)

i've tried several things, but as i can't seem to search google right, i couldn't find the answers on my use case.
I've stumbled upon several ways to do it with X11forwarding with SSHD, but as i want to use guacamole, i need either VNC or RDP
i've got this one that's related : https://www.howtoforge.com/creating-a-jail-with-vnc-server-on-freebsd
but it seems to reference some obsolete packages

What i've arrived at :
x11vnc + xorg_vfb + XFCE

Code:

root@XFCE_Desktop:~ # Xvfb :1 & startxfce4 :1 & x11vnc -display :1 -bg -nopw -xkb -ncache 10
[1] 39760
[2] 39761
/usr/local/bin/startxfce4: Starting X server

18/11/2018 20:16:59 x11vnc version: 0.9.13 lastmod: 2011-08-10  pid: 39762
18/11/2018 20:16:59 XOpenDisplay(":1") failed.
18/11/2018 20:16:59 Trying again with XAUTHLOCALHOSTNAME=localhost ...

X.Org X Server 1.18.4
Release Date: 2016-07-19
X Protocol Version 11, Revision 0
Build Operating System: FreeBSD 11.2-RELEASE-p4 amd64
Current Operating System: FreeBSD XFCE_Desktop 11.2-STABLE FreeBSD 11.2-STABLE #0 r325575+3a9793238ff(freenas/11.2-stable): Thu Nov 15 13:51:02 EST 2018	 root@nemesis.tn.ixsystems.com:/freenas-11.2-releng/freenas/_BE/objs/freenas-11.2-releng/freenas/_BE/os/sys/FreeNAS.amd64 amd64
Build Date: 01 November 2018  04:19:02AM

Current version of pixman: 0.34.0
		Before reporting problems, check http://wiki.x.org
		to make sure that you have the latest version.
Markers: (--) probed, (**) from config file, (==) default setting,
		(++) from command line, (!!) notice, (II) informational,
		(WW) warning, (EE) error, (NI) not implemented, (??) unknown.
(==) Log file: "/var/log/Xorg.0.log", Time: Sun Nov 18 20:16:59 2018
(==) Using default built-in configuration (30 lines)
(EE)
Fatal server error:
(EE) xf86OpenConsole: No console driver found
		Supported drivers: pccons (with X support), syscons, pcvt
		Check your kernel's console driver configuration and /dev entries(EE)
(EE)
Please consult the The X.Org Foundation support
		 at http://wiki.x.org
 for help.
(EE) Please also check the log file at "/var/log/Xorg.0.log" for additional information.
(EE)
(EE) Server terminated with error (1). Closing log file.
18/11/2018 20:16:59 Using X display :1
18/11/2018 20:16:59 rootwin: 0x269 reswin: 0x200001 dpy: 0x4a4c000
18/11/2018 20:16:59
18/11/2018 20:16:59 ------------------ USEFUL INFORMATION ------------------
18/11/2018 20:16:59 X DAMAGE available on display, using it for polling hints.
18/11/2018 20:16:59   To disable this behavior use: '-noxdamage'
18/11/2018 20:16:59
18/11/2018 20:16:59   Most compositing window managers like 'compiz' or 'beryl'
18/11/2018 20:16:59   cause X DAMAGE to fail, and so you may not see any screen
18/11/2018 20:16:59   updates via VNC.  Either disable 'compiz' (recommended) or
18/11/2018 20:16:59   supply the x11vnc '-noxdamage' command line option.
18/11/2018 20:16:59
18/11/2018 20:16:59 Wireframing: -wireframe mode is in effect for window moves.
18/11/2018 20:16:59   If this yields undesired behavior (poor response, painting
18/11/2018 20:16:59   errors, etc) it may be disabled:
18/11/2018 20:16:59	- use '-nowf' to disable wireframing completely.
18/11/2018 20:16:59	- use '-nowcr' to disable the Copy Rectangle after the
18/11/2018 20:16:59	  moved window is released in the new position.
18/11/2018 20:16:59   Also see the -help entry for tuning parameters.
18/11/2018 20:16:59   You can press 3 Alt_L's (Left "Alt" key) in a row to
18/11/2018 20:16:59   repaint the screen, also see the -fixscreen option for
18/11/2018 20:16:59   periodic repaints.
18/11/2018 20:16:59
18/11/2018 20:16:59 XFIXES available on display, resetting cursor mode
18/11/2018 20:16:59   to: '-cursor most'.
18/11/2018 20:16:59   to disable this behavior use: '-cursor arrow'
18/11/2018 20:16:59   or '-noxfixes'.
18/11/2018 20:16:59 using XFIXES for cursor drawing.
18/11/2018 20:16:59 GrabServer control via XTEST.
18/11/2018 20:16:59
18/11/2018 20:16:59 Scroll Detection: -scrollcopyrect mode is in effect to
18/11/2018 20:16:59   use RECORD extension to try to detect scrolling windows
18/11/2018 20:16:59   (induced by either user keystroke or mouse input).
18/11/2018 20:16:59   If this yields undesired behavior (poor response, painting
18/11/2018 20:16:59   errors, etc) it may be disabled via: '-noscr'
18/11/2018 20:16:59   Also see the -help entry for tuning parameters.
18/11/2018 20:16:59   You can press 3 Alt_L's (Left "Alt" key) in a row to
18/11/2018 20:16:59   repaint the screen, also see the -fixscreen option for
18/11/2018 20:16:59   periodic repaints.
18/11/2018 20:16:59
18/11/2018 20:16:59 Client Side Caching: -ncache mode is in effect to provide
18/11/2018 20:16:59   client-side pixel data caching.  This speeds up
18/11/2018 20:16:59   iconifying/deiconifying windows, moving and raising
18/11/2018 20:16:59   windows, and reposting menus.  In the simple CopyRect
18/11/2018 20:16:59   encoding scheme used (no compression) a huge amount
18/11/2018 20:16:59   of extra memory (20-100MB) is used on both the server and
18/11/2018 20:16:59   client sides.  This mode works with any VNC viewer.
18/11/2018 20:16:59   However, in most you can actually see the cached pixel
18/11/2018 20:16:59   data by scrolling down, so you need to re-adjust its size.
18/11/2018 20:16:59   See http://www.karlrunge.com/x11vnc/faq.html#faq-client-caching.
18/11/2018 20:16:59   If this mode yields undesired behavior (poor response,
18/11/2018 20:16:59   painting errors, etc) it may be disabled via: '-ncache 0'
18/11/2018 20:16:59   You can press 3 Alt_L's (Left "Alt" key) in a row to
18/11/2018 20:16:59   repaint the screen, also see the -fixscreen option for
18/11/2018 20:16:59   periodic repaints.
18/11/2018 20:16:59 X FBPM extension not supported.
18/11/2018 20:16:59 X display is not capable of DPMS.
18/11/2018 20:16:59 --------------------------------------------------------
18/11/2018 20:16:59
18/11/2018 20:16:59 Default visual ID: 0x21
18/11/2018 20:16:59 Read initial data from X display into framebuffer.
18/11/2018 20:16:59 initialize_screen: fb_depth/fb_bpp/fb_Bpl 8/8/1280
18/11/2018 20:16:59
18/11/2018 20:16:59 X display :1 is 8bpp indexed color, depth=8
18/11/2018 20:16:59
18/11/2018 20:16:59 In 8bpp PseudoColor mode if you experience color
18/11/2018 20:16:59 problems you may want to enable following the
18/11/2018 20:16:59 changing colormap by using the -flashcmap option.
18/11/2018 20:16:59
18/11/2018 20:16:59 set_colormap: number of cells: 256, ncolor(8) is 256.
18/11/2018 20:16:59
18/11/2018 20:16:59 Autoprobing TCP port
18/11/2018 20:16:59 Autoprobing selected port 5900
18/11/2018 20:16:59 Listening also on IPv6 port 5900 (socket 10)
18/11/2018 20:16:59
18/11/2018 20:16:59 Xinerama is present and active (e.g. multi-head).
18/11/2018 20:16:59 Xinerama: number of sub-screens: 1
18/11/2018 20:16:59 Xinerama: no blackouts needed (only one sub-screen)
18/11/2018 20:16:59
18/11/2018 20:16:59 fb read rate: 314 MB/sec
18/11/2018 20:16:59 fast read: reset -wait  ms to: 10
18/11/2018 20:16:59 fast read: reset -defer ms to: 10
18/11/2018 20:16:59 The X server says there are 10 mouse buttons.
18/11/2018 20:16:59 screen setup finished.
18/11/2018 20:16:59

The VNC desktop is:	  XFCE_Desktop:0
PORT=5900

and with a screen size thrown into Xvfb, here is what happens :

Code:

root@XFCE_Desktop:~ # Xvfb :1 -screen 0 1280x1024x24 & startxfce4 :1 & x11vnc -display :1 -bg -nopw -xkb -ncache 10
[1] 41000
[2] 41001
/usr/local/bin/startxfce4: Starting X server

18/11/2018 20:20:28 x11vnc version: 0.9.13 lastmod: 2011-08-10  pid: 41002
18/11/2018 20:20:28 XOpenDisplay(":1") failed.
18/11/2018 20:20:28 Trying again with XAUTHLOCALHOSTNAME=localhost ...

X.Org X Server 1.18.4
Release Date: 2016-07-19
X Protocol Version 11, Revision 0
Build Operating System: FreeBSD 11.2-RELEASE-p4 amd64
Current Operating System: FreeBSD XFCE_Desktop 11.2-STABLE FreeBSD 11.2-STABLE #0 r325575+3a9793238ff(freenas/11.2-stable): Thu Nov 15 13:51:02 EST 2018	 root@nemesis.tn.ixsystems.com:/freenas-11.2-releng/freenas/_BE/objs/freenas-11.2-releng/freenas/_BE/os/sys/FreeNAS.amd64 amd64
Build Date: 01 November 2018  04:19:02AM

Current version of pixman: 0.34.0
		Before reporting problems, check http://wiki.x.org
		to make sure that you have the latest version.
Markers: (--) probed, (**) from config file, (==) default setting,
		(++) from command line, (!!) notice, (II) informational,
		(WW) warning, (EE) error, (NI) not implemented, (??) unknown.
(==) Log file: "/var/log/Xorg.0.log", Time: Sun Nov 18 20:20:28 2018
(==) Using default built-in configuration (30 lines)
(EE)
Fatal server error:
(EE) xf86OpenConsole: No console driver found
		Supported drivers: pccons (with X support), syscons, pcvt
		Check your kernel's console driver configuration and /dev entries(EE)
(EE)
Please consult the The X.Org Foundation support
		 at http://wiki.x.org
 for help.
(EE) Please also check the log file at "/var/log/Xorg.0.log" for additional information.
(EE)
(EE) Server terminated with error (1). Closing log file.
18/11/2018 20:20:28 Using X display :1
18/11/2018 20:20:28 rootwin: 0x34c reswin: 0x200001 dpy: 0x4a4c000
18/11/2018 20:20:28
18/11/2018 20:20:28 ------------------ USEFUL INFORMATION ------------------
18/11/2018 20:20:28 X DAMAGE available on display, using it for polling hints.
18/11/2018 20:20:28   To disable this behavior use: '-noxdamage'
18/11/2018 20:20:28
18/11/2018 20:20:28   Most compositing window managers like 'compiz' or 'beryl'
18/11/2018 20:20:28   cause X DAMAGE to fail, and so you may not see any screen
18/11/2018 20:20:28   updates via VNC.  Either disable 'compiz' (recommended) or
18/11/2018 20:20:28   supply the x11vnc '-noxdamage' command line option.
18/11/2018 20:20:28
18/11/2018 20:20:28 Wireframing: -wireframe mode is in effect for window moves.
18/11/2018 20:20:28   If this yields undesired behavior (poor response, painting
18/11/2018 20:20:28   errors, etc) it may be disabled:
18/11/2018 20:20:28	- use '-nowf' to disable wireframing completely.
18/11/2018 20:20:28	- use '-nowcr' to disable the Copy Rectangle after the
18/11/2018 20:20:28	  moved window is released in the new position.
18/11/2018 20:20:28   Also see the -help entry for tuning parameters.
18/11/2018 20:20:28   You can press 3 Alt_L's (Left "Alt" key) in a row to
18/11/2018 20:20:28   repaint the screen, also see the -fixscreen option for
18/11/2018 20:20:28   periodic repaints.
18/11/2018 20:20:28
18/11/2018 20:20:28 XFIXES available on display, resetting cursor mode
18/11/2018 20:20:28   to: '-cursor most'.
18/11/2018 20:20:28   to disable this behavior use: '-cursor arrow'
18/11/2018 20:20:28   or '-noxfixes'.
18/11/2018 20:20:28 using XFIXES for cursor drawing.
18/11/2018 20:20:28 GrabServer control via XTEST.
18/11/2018 20:20:28
18/11/2018 20:20:28 Scroll Detection: -scrollcopyrect mode is in effect to
18/11/2018 20:20:28   use RECORD extension to try to detect scrolling windows
18/11/2018 20:20:28   (induced by either user keystroke or mouse input).
18/11/2018 20:20:28   If this yields undesired behavior (poor response, painting
18/11/2018 20:20:28   errors, etc) it may be disabled via: '-noscr'
18/11/2018 20:20:28   Also see the -help entry for tuning parameters.
18/11/2018 20:20:28   You can press 3 Alt_L's (Left "Alt" key) in a row to
18/11/2018 20:20:28   repaint the screen, also see the -fixscreen option for
18/11/2018 20:20:28   periodic repaints.
18/11/2018 20:20:28
18/11/2018 20:20:28 Client Side Caching: -ncache mode is in effect to provide
18/11/2018 20:20:28   client-side pixel data caching.  This speeds up
18/11/2018 20:20:28   iconifying/deiconifying windows, moving and raising
18/11/2018 20:20:28   windows, and reposting menus.  In the simple CopyRect
18/11/2018 20:20:28   encoding scheme used (no compression) a huge amount
18/11/2018 20:20:28   of extra memory (20-100MB) is used on both the server and
18/11/2018 20:20:28   client sides.  This mode works with any VNC viewer.
18/11/2018 20:20:28   However, in most you can actually see the cached pixel
18/11/2018 20:20:28   data by scrolling down, so you need to re-adjust its size.
18/11/2018 20:20:28   See http://www.karlrunge.com/x11vnc/faq.html#faq-client-caching.
18/11/2018 20:20:28   If this mode yields undesired behavior (poor response,
18/11/2018 20:20:28   painting errors, etc) it may be disabled via: '-ncache 0'
18/11/2018 20:20:28   You can press 3 Alt_L's (Left "Alt" key) in a row to
18/11/2018 20:20:28   repaint the screen, also see the -fixscreen option for
18/11/2018 20:20:28   periodic repaints.
18/11/2018 20:20:28 X FBPM extension not supported.
18/11/2018 20:20:28 X display is not capable of DPMS.
18/11/2018 20:20:28 --------------------------------------------------------
18/11/2018 20:20:28
18/11/2018 20:20:28 Default visual ID: 0x21
18/11/2018 20:20:28 Read initial data from X display into framebuffer.
18/11/2018 20:20:28 initialize_screen: fb_depth/fb_bpp/fb_Bpl 24/32/5120
18/11/2018 20:20:28
18/11/2018 20:20:28 X display :1 is 32bpp depth=24 true color
18/11/2018 20:20:28
18/11/2018 20:20:28 Autoprobing TCP port
18/11/2018 20:20:28 Autoprobing selected port 5900
18/11/2018 20:20:28 Listening also on IPv6 port 5900 (socket 10)
18/11/2018 20:20:28
18/11/2018 20:20:28 Xinerama is present and active (e.g. multi-head).
18/11/2018 20:20:28 Xinerama: number of sub-screens: 1
18/11/2018 20:20:28 Xinerama: no blackouts needed (only one sub-screen)
18/11/2018 20:20:28
18/11/2018 20:20:28 fb read rate: 520 MB/sec
18/11/2018 20:20:28 fast read: reset -wait  ms to: 10
18/11/2018 20:20:28 fast read: reset -defer ms to: 10
18/11/2018 20:20:28 The X server says there are 10 mouse buttons.
18/11/2018 20:20:28 screen setup finished.
18/11/2018 20:20:28

The VNC desktop is:	  XFCE_Desktop:0
PORT=5900
root@XFCE_Desktop:~ # xinit: giving up
xinit: unable to connect to X server: Connection refused
xinit: server error

Guacamole gets a connection, and only shows a black screen, with a tiny center part where the mouse cursor changes and is no longer opening the browser menu on a right clic
any attempt to exit and go back with the guacamole UI loses the connection entirely


I know i'm missing something, but i don't really know what.
Xfce4 complains about xinit, but xinit is xorg, which in turn complains a lack of device to display to (which is normal in a headless setup)... and this is probably the fault of Xfce which is trying to run with xorg / xinit instead of xorg_xvfb
Problem is, i can't seem to find the pages on how to set up each piece of the puzzle to tell them to work together

 

[seedz]

I've stumbled upon Xdummy, but it doesn't seem to be supported on FreeBSD as it throws errors around.

I've also tried x2rdp.
accessing the login screen is possible, but since it relies on xorg after, doesn't work either.
I'll try searching around to see where to set it up.... but i still have the same problem with Xfce which i have no clue where to set it so that it uses xorg_vfb instead of xorg.

As anyone attempted this ?
Is it - still - possible in an iocage jail ?

 

[gt2416]

Looking at your console logs and some google-ing it seems that the FreeNAS kernal does not have the drivers for hardware acceleration for your system. I tried to do this after reading your post, it would be AWESOME to have a gnome environment in a jail, but it gives the same error about drivers.
FreeNAS 11.2-U1 will bring gfx drivers to FreeNAS as well as the ability to pass through the device to iocage. When the beta of u1 is released you can see if it works.

 

[seedz]

hum... GFX drivers meaning... what exactly ?
would it mean "being able to plug a Nvidia card and use CUDA in a jail" or simply "have a working display and input source in jails to make X work" ?

Thing is, i thought it could work with zero drivers with the help of xorg_vfb but i have no clue how to set it up :p

 

[gt2416]

The FreeNAS kernel itself does not have the drivers to use the nvidia or intel cards and also currently you cannot pass through a device to an iocage jail from FreeNAS, but theres hope !
Like I said, it will be built into 11.2-u1, then installing x11vnc + xorg_vfb + XFCE should work.
https://redmine.ixsystems.com/issues/33399
(See related issues for all the stuff they did to add that feature)