NOTE: This is a draft.
NOTE2: From these notes we should create steps to setup VNC for developers

Password

It lives in slave-passwords.txt.gpg

Windows

It works right away.

When a machine is moved to a loaner_ou (organizational unit) it sets a default password for the loan.

Ubuntu

VNC is not running by default. ssh as root and run this:

start x11vnc

Mac OS X

How to connect

From a Mac client

NOTE: Do not use Apple's Remote Desktop unless necessary; Use Chicken

• Use Chicken
• Use the FQDN, e.g: vnc://talos-r4-snow-001.build.mozilla.org

From a Linux client

Remmina Desktop Client and xtightvncviewer have been tested as a Linux client that managed to connect to Mountain Lion. Other versions have not been tested.

• [jmaher] - Remmina would connect and then terminate immediately for me, I ended up getting in with xtightvncviewer (the first try had a keychain issue, the second try worked)

For Linux clients, you will have to enable "legacy VNC" instead of Mac's version before you can connect as well as setting the password. See the section "Enable legacy VNC and set the password".

Once you run those commands you will be able to VNC and you will have to use your cltbld credentials. You might have to connect a second time for the connection to stick.

From a Windows client

TightVNC has been tested by Honza to work to connect from Windows to a Mountain Lion releng machine. Honza has determined that real VNC free is faulty

VNC status as-is

Each of our Mac versions have slight differences with regards as to which user to login with once you have VNC'ed into the machine.

This section just documents the current status if you try to VNC to a machine.

You might need to go through the section "Enable legacy VNC and set the password" depending on the version of Mac.

Mac OS X 10.6 - Snow Leopard

Login as the root user with the root password. It will take you to the Builder's session.

Mac OS X 10.7 - Lion

Rarely needed since these are now only used as builders.

Login as the root user with the root password. It will take you to the Builder's session.

Mac OS X 10.8 - Mountain Lion

NOTE: Do not use Apple Remote Desktop

You might be able to VNC to the machine as-is (TODO: Someone from releng check this) Follow the "Enable legacy VNC and set the password" if you can't VNC with a VNC client.

Mac OS X 10.10 - Yosemite

Setup for loaning

NOTE: Please add notes once you figure it out.

Mac OS X 10.6 - Snow Leopard

Instructions cribbed from: http://osxdaily.com/2012/10/10/remote-control-mac-screen-sharing-os-x/

Changing the cltbld password, e.g. for a slave loan, messes up the auto-login (on purpose). To connect via VNC, you'll need to login as root, and then select the "Builder" user to login to the desktop.

Mac OS X 10.7 - Lion

This is valid for a bld-lion-r5 machine.

Follow the steps from "Enable legacy VNC and set the password". If you use Remmina to connect change the colors to 24-bit, otherwise, it will crash.

Mac OS X 10.8 - Mountain Lion

Note: not actually verified

VNC in Mountain Lion is has issues. You need to run these commands on your loaner machine to fix vnc while logged in via ssh

/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -configure -allowAccessFor -specifiedUsers
/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -access -on -users cltbld -privs -all -restart -agent -menu

see here for more details https://wiki.mozilla.org/ReferencePlatforms/Test/MountainLion

Mac OS X 10.10 - Yosemite

If you're using a Mac locally, Apple's remote desktop connection works by default. Use Command-K in your local Finder window to initiate a connection.

For other local OSes, follow the legacy VNC instructions below.

Enable legacy VNC and set the password

NOTE: Change the -vncpwd supersecret to something meaningful.

Verified working on: talos-r4-snow-139

We have to enable legacy VNC and set a new password (as I can't figure out what the current password is):

# root@t-yosemite-r5-0001
vncpw=supersecret
/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart \
 -configure -allowAccessFor -allUsers -privs -all
/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart \
 -configure -clientopts -setvnclegacy -vnclegacy yes
/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart \
 -configure -clientopts -setvncpw -vncpw ${vncpw}
/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart \
 -restart -agent -console

This is all based on this article.

More info about the command (for the curious):

-activate:
 enable service com.apple.screensharing

-access -on - included in ARD_AllLocalUsersPrivs, below

-privs -all:
 defaults write ${TargetDisk}Library/Preferences/com.apple.RemoteManagement ARD_AllLocalUsersPrivs -integer 0x400000ff

-allowAccessFor -allUsers:
 defaults write /Library/Preferences/com.apple.RemoteManagement ARD_AllLocalUsers -boolean TRUE

FAQ

Q: I'm trying to connect from Linux with Remmina Desktop to a Mac machine but when I connect I get kicked out immediately (I see a window pop up for a second and then goes away)
A: Try changing the color setings (256 colors was causing this for armenzg)

Tip: xtightvncviewer can first have a keychain issue and the second try would work.

Login in with Apple's Remote Desktop will render this issue:

You can login with the root user, however, you will be starting root's VNC
session without being able to see what is happening under Builder/cltbld.
You can try the Builder user, however, it will only be a request that will
require an authorization and there's no one on the other side to grant you the access.
See https://bugzilla.mozilla.org/show_bug.cgi?id=733534 for details.