With Fedora 28 and probably Fedora 27 there have been some changes to the recommended TigerVNC configuration. If you have an earlier version go to Getting Tiger VNC to Work on Linux. These changes occurred because the previous configuration started having problems around Fedora 26. It was running afoul of SELinux and issues with runserver. This resulted in Tiger VNC throwing odd, and unhelpful, exit errors when starting using systemd.
At the time of this writing the directions in the Fedora Documentation hasn’t been updated to reflect the changes. If you have a fresh install of Fedora you can skip the first three steps. If you have upgraded your Fedora from version 26 and earlier then we want to start by uninstalling Tiger VNC and all of its configuration files.
The first step is to stop Tiger VNC if it is running. Despite the systemd startup errors it may indeed be running. I have used Tiger VNC for several months despite the systemd startup errors. While you should be able to stop it using systemctl I found that if the startup had errors, stopping it with systemctl doesn’t work. You may need to kill the process.
Stop Tiger VNC
The first step is to remove Tiger VNC.
Uninstall Tiger VNC
The second step is to remove any unused dependencies. The output was unwieldy and has been truncated in sections.
Remove unneeded dependencies
Our third step is to clean things up.
Clean up any left over mess
With Tiger VNC removed from our system we can now proceed with putting it back on the system. Normally I would expect the service file to automatically be installed when the server is installed. It isn’t and the next bit touches on why. The Systemd service file for TigerVNC looks different than other service files. As shown below Tiger VNC’s service file has an “@” symbol in its name. Without going into the details, the result is that you start can multiple instances of Tiger VNC by passing different display numbers to the service file during startup. The next step is to install Tigeer VNC.
Install Tiger VNC
Next we copy over a service file from the libraries to our Systemd service directory.
copy service file
Now we need to edit the vncserver@.service file to add your our name. The contents of this file is one part that has changed. I have provided a before and after look of the file. In my case I edit the file replacing with my login name "chris".
The file you copied is owned by the root user and you will want to “sudo vim vncserver@.service” when editing the file. Or use whatever editor you prefer in place of Vim. If you use Vim you can run the command ":%s/<User>/username/g" to place your username in the correct places. Replace “username” with our user account name.
Now we want to set a VNC password for our user. The following commands need to be run as the user which you added to the vncserver@.service file.
Set VNC password
Next we want to reload the Systemd configuration. This is in case you already had Tiger VNC
configured. This command has Systemd reread its configurations.
Reload Systemd configuration
The next step is to start Tiger VNC service, verify its running and check its status.
Restart Tiger VNC
Now lets make sure that our server starts when our workstation starts up.
Configure Tiger VNC to automaticall start on boot
After all that it is still possible that Tiger VNC will not start. If you look in /var/log/messages there may be a line saying thate systemd cannot write to a PID file. This could be due to SELinux and you can fix it by changing the SELinux properties for systemd as shown below. The commands below will not work prop
Change .vnc SELinux properties
The last step of the server setup is to open up your firewall. If you are using firewalld you can run firewall-config and select “vnc-server” under services in the runtime and permanent configurations. If you are using a different firewall you will probably want to open up ports 5900 to 6000.
The next step is to download the Tiger VNC Client from their GitHub site. From there you can follow the links to the latest download site. The client is a straight binary executable without an install program. Drop it in a folder and run it. The last tricky bit is you will need to add a “:1” to the end of your DNS/IP address to tell the client which display number to connect to.