1. stop firewalld
systemctl stop firewalld
&& systemctl disable firewalld
&& setenforce 0
&& sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/sysconfig/selinux
2. set repo
mkdir /etc/yum.repos.d/bak
&& mv /etc/yum.repos.d/*.repo /etc/yum.repos.d/bak
&& curl -o /etc/yum.repos.d/CentOS-base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
&& curl -o /etc/yum.repos.d/CentOS-Epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
&& yum clean all && yum makecache
3. install desktop
yum group install -y "GNOME Desktop"
systemctl set-default graphical.target
init 5
4. install vncserver
yum install -y tigervnc-server
5. create users
# if you want to create some users, do it.
users=(user1 user2)
for ((id=0; id<${#users[@]}; id++))
do
useradd ${users[${id}]}
passwd ${users[${id}]}
done
6. set root vnc
# run in root env, and then copy to other user dir
# if not, you should change all users, and run this command. because vnc client need vnc passwd to sign in
vncpasswd
7. start vnc
users=(user1 user2)
for ((id=0; id<${#users[@]}; id++))
do
# set userid, username
userid=`expr $id + 1` # if userid = 1, then vnc port = 5901. if userid =2, then vnc port = 5902 ...
username=${users[${id}]}
# mkdir user`s vnc path
sudo mkdir /home/${username}/.vnc
# copy root`s vnc passwd to users`s vnc passwd
sudo /bin/cp /root/.vnc/passwd /home/${username}/.vnc
# change vnc path owner
sudo chmod -R 755 /home/${username}/.vnc
sudo chown -R ${username}:${username} /home/${username}/.vnc
# create service and set enable
sudo /bin/cp /lib/systemd/system/vncserver@.service /lib/systemd/system/vncserver@:${userid}.service
&& sed -i "s//${username}/g" /lib/systemd/system/vncserver@:${userid}.service
&& sudo systemctl enable vncserver@:${userid}
# start
sudo systemctl start vncserver@:${userid}
done
8. to jumpserver
1. 设置多个主机资产,主机IP相同,端口不同
2. 设置多个系统用户
3. 设置多个授权
