VNC Monitoring - 2 minute howto

Ok, Ok stop the abuse! I know monitoring sucks! But, its a couple of users who seem to be surfing porn sites. I just wanted to confirm and prove that they actually are spending a huge amount of the company's work time surfing porn or chatting. Ok, there should have been restrictions, but i believed that every user is responsible enough and would respect the freedom given to them. It clearly was not the case!( That theory would probably work in an organization having like minded people with equal progressive pay structures - a weird but kind of ideal concept that sandeep would know :) .)

Anyways, enough of the blah blah. All user machines are configured to network boot and have no hard disks. The operating system for all users is Debian GNU/Linux. The management wanted to visually monitor what the user was doing. VNC was the first thing to come to my mind. With Debian all around, it was just a matter of apt-get and some shell scripting. No log outs, reboots( reboot would be insane....what about my uptime? ) etc to get this whole thingy working.

Here, user will be the machine which is to be monitored and mymachine will be the machine from which monitoring can happen.

On, user's machine

apt-get install x11vnc

Well, thats all that needs to be done for vnc. But, the problem is that x11vnc needs to be started by the user logged in whose X session we wish to view. Basically, x11vnc reads the environment variable $XAUTHORITY from which it gets this information.

So, if i could get the currently logged in user's $XAUTHORITY variable i could get x11vnc to connect to the user's X session. After this, its just a matter of starting x11vnc in the background. This script does exactly that.
On user's machine still, i called this script "/usr/bin/getx"


export XAUTHORITY=`ps wwwweaux | tr ' ' '\n' | grep XAUTHORITY \
 | grep work | uniq | sed -e 's/XAUTHORITY=//g'`

x11vnc -display :0 -bg

The grep work applies to my organization as all users home directory is in /users/work directory.

On, mymachine

apt-get install xvncviewer

And to monitor any users machine this script would be handy. I called it /usr/bin/monitor


ssh $1 "/usr/bin/getx"
vncviewer -viewonly $1:0

Thats it. I could monitor any users machine by typing something like

monitor u1
monitor u2

where u1, u2 are hostnames.

The script ssh's to the machine to be monitored, so it would prompt for a password. To avoid the password prompt, one can setup rsa/dsa keys and add to ~/.ssh/authorized_keys.

Taking it a bit further, i wanted to record the whole session. My work machine is FreeBSD, so searched the ports collection and found vnc2swf. It can be found in /usr/ports/net/vnc2swf

Installing it is nothing more than

cd /usr/ports/net/vnc2swf && sudo make install clean

And then, quickly wrote /usr/local/bin/recordx


ssh $1 "/neuralit/getx"
vnc2swf -viewonly -startrecording /home/vinay/record-$1.swf $1:0

Change /home/vinay to whichever directory you want to store the recording to, or probably take it as an argument to the script.
So to record any users X session i would call something like

recordx u1
recordx u2