cgoldberg
commented
11 years ago hi miljank, thanks for the pull request. what's a use case for wanting to use -nolisten ? I've never used that option before.
Closed miljank closed 11 years ago
cgoldberg
commented
11 years ago hi miljank, thanks for the pull request. what's a use case for wanting to use -nolisten ? I've never used that option before.
miljank
commented
11 years ago Hi Corey,
By default Xvfb listens on all sockets. This can be a potential security risk and is unnecessary if all the connections will come from the localhost. With -nolisten tcp Xvfb will listen just on the UNIX socket, thus it will be accessible only from the localhost.
Hope that makes sense.
Thanks, Miljan
cgoldberg
commented
11 years ago Miljan, makes perfect sense... good idea.
btw, I noticed there are a lot of options that Xvfb can use. do you commonly use any other options? (I'm not super savvy with virtual X... I just use this in a project with defaults.).
I see 2 ways to deal with options.
which do you think is better?
-Corey
p.s. full list of options for Xvfb on my machine (Xvfb 1.11.4 package on Ubuntu):
-a # default pointer acceleration (factor) -ac disable access control restrictions -audit int set audit trail level -auth file select authorization file -br create root window with black background +bs enable any backing store support -bs disable any backing store support -c turns off key-click c # key-click volume (0-100) -cc int default color visual class -nocursor disable the cursor -core generate core dump on fatal error -dpi int screen resolution in dots per inch -dpms disables VESA DPMS monitor control -deferglyphs [none|all|16] defer loading of [no|all|16-bit] glyphs -f # bell base (0-100) -fc string cursor font -fn string default font name -fp string default font path -help prints message with these options -I ignore all remaining arguments -ld int limit data space to N Kb -lf int limit number of open files to N -ls int limit stack space to N Kb -nolock disable the locking mechanism -nolisten string don't listen on protocol -noreset don't reset after last client exists -background [none] create root window with no background -nr (Ubuntu-specific) Synonym for -background none -reset reset after last client exists -p # screen-saver pattern duration (minutes) -pn accept failure to listen on all ports -nopn reject failure to listen on all ports -r turns off auto-repeat r turns on auto-repeat -render [default|mono|gray|color] set render color alloc policy -retro start with classic stipple and cursor -s # screen-saver timeout (minutes) -t # default pointer threshold (pixels/t) -terminate terminate at server reset -to # connection time out -tst disable testing extensions ttyxx server started from init on /dev/ttyxx v video blanking for screen-saver -v screen-saver without video blanking -wm WhenMapped default backing-store -wr create root window with white background -maxbigreqsize set maximal bigrequest size +xinerama Enable XINERAMA extension -xinerama Disable XINERAMA extension -dumbSched Disable smart scheduling, enable old behavior -schedInterval int Set scheduler interval in msec -sigstop Enable SIGSTOP based startup +extension name Enable extension -extension name Disable extension -query host-name contact named host for XDMCP -broadcast broadcast for XDMCP -multicast [addr [hops]] IPv6 multicast for XDMCP -indirect host-name contact named host for indirect XDMCP -port port-num UDP port number to send messages to -from local-address specify the local address to connect from -once Terminate server after one session -class display-class specify display class to send in manage -cookie xdm-auth-bits specify the magic cookie for XDMCP -displayID display-id manufacturer display ID for request [+-]accessx [ timeout [ timeout_mask [ feedback [ options_mask] ] ] ] enable/disable accessx key sequences -ardelay set XKB autorepeat delay -arinterval set XKB autorepeat interval -screen scrn WxHxD set screen's width, height, depth -pixdepths list-of-int support given pixmap depths +/-render turn on/off RENDER extension support(default on) -linebias n adjust thin line pixelization -blackpixel n pixel value for black -whitepixel n pixel value for white -fbdir directory put framebuffers in mmap'ed files in directory -shmem put framebuffers in shared memory
miljank
commented
11 years ago Thanks for considering this. :)
My pull request is a bit too specific to the case I had yesterday, so it would be great idea to make it more generic. I would definitely go with **kwargs as it the most flexible approach.
miljank
commented
11 years ago I was a bit lazy so it took me some time to finish this. The commit above allows for arbitrary options to be passed to the Xvfb.
cgoldberg
commented
11 years ago thanks! I'm merging this now, and will follow it up (in trunk) with a unit test and a note in the README about arbitrary args.
-Corey
Following commit adds nolisten Xvfb option. E.g. -nolisten tcp.