Software Engineering & Security Notes

Installing XSpice (xf86-video-qxl-0.1.0) onto Redhat Enterprise Server 6 RHEL6

I have been working on getting XSpice enabled on x64 RHEL6. XSpice is an X11 driver that allows for remote connections much like VNC. This install is not trivial as XSpice is still an experimental product so there are only packaged / repoed versions of it for Fedora Core.

Firstly RHEL optional RPMS must be enabled

#nano /etc/yum.repos.d/redhat.repo

enable rhel-6-server-optional-rpms

Now install a bunch of packages.

#yum install kdebase
#yum install xorg*
#yum install spice-server-devel
#yum install python-argparse
#yum install xorg-x11-util-macros*
#yum install spice-server-devel spice-protocol

Now download / make / install randr:

#wget http://cgit.freedesktop.org/xorg/driver/xf86-video-qxl/snapshot/wip/randr12.v1.tar.gz
#tar zxvf randr12.v1.tar.gz
#cd wip/randr12.v1
#./autogen.sh
#./configure
#make install

Now get xf86-video-qxl-0.1.1 and xf86-video-qxl-0.1.0

#wget http://cgit.freedesktop.org/xorg/driver/xf86-video-qxl/snapshot/xf86-video-qxl-0.1.1.tar.gz
#tar zxvf xf86-video-qxl-0.1.1.tar.gz

#wget http://cgit.freedesktop.org/xorg/driver/xf86-video-qxl/snapshot/xf86-video-qxl-0.1.0.tar.gz
#tar zxvf xf86-video-qxl-0.1.0.tar.gz

Compile the 0.1.0 version (the 0.1.1 would not configure / make due to a library dependency issue with RHEL6)

#cd xf86-video-qxl-0.1.0
#autoreconf -i && ./configure --enable-xspice && make
#make install
#cp src/.libs/spiceqxl_drv.so /usr/lib64/xorg/modules/drivers/

I copied the XSpice startup script and X11 config from xf86-video-qxl-0.1.1 because it has more startup options yet is backwards compatible with xf86-video-qxl-0.1.0

#cd ..
#cp xf86-video-qxl-0.1.1/scripts/Xspice /home/normal_user_account/
#cp xf86-video-qxl-0.1.1/examples/spiceqxl.xorg.conf.example /etc/X11/spiceqxl.xorg.conf
chown normaluser.normaluser /home/normal_user_account/Xspice


Now add iptable rules if you have iptables enabled

#nano /etc/sysconfig/iptables
-F INPUT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 5900:5950 -j ACCEPT
#service iptables restart

Now drop back to a normal, non-root account and run the XSpice script:

#exit
#cd ~
#./Xspice --port 5903 :4.0 --xsession /usr/bin/startkde --disable-ticketing

I am starting a KDE session instead of a GNOME because there seems to be a bug preventing GNOME from working with Xspice (https://bugzilla.redhat.com/show_bug.cgi?id=970622)

Warning:
Do not run this as root! there is no password and it should just be used for testing unless you enable stronger authentication.

You can now connect using the virt-viewer client (http://www.spice-space.org/download.html)