[mdlug] Disabling TightVNC Ubuntu 18.04

Sat Nov 7 10:11:16 EST 2020

On 11/6/20 12:22 PM, Carl T. Miller wrote:
> Hey Peter,
>
> I feel your frustration.  You are right about a normal user
> not being able to do admin tasks like installing software.
> The bit I'm wondering about is your VPN.  It's possible that
> it is giving permissions to the VPN server to do things.
>
> I'd check the contents of /etc/suders and /etc/suders.d
> first.  Then I would check what user is running the VPN
> and check what permissions it has.

/etc/sudoers.d has only one file is it: 99-snapd.conf, and it appears empty:

# Allow snap-provided applications to work with sudo

Defaults    secure_path += /snap/bin

The contents of /etc/sudoers appears normal as well (just the lines that 
were not commented out):

Defaults        env_reset
Defaults        mail_badpass
Defaults 
secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin"

# User privilege specification
root    ALL=(ALL:ALL) ALL

# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL

# Allow members of group sudo to execute any command
%sudo   ALL=(ALL:ALL) ALL

The groups the user belongs to is only the user itself. The user runs 
Gnome Networkmanager OpenConnect plugin to connect to the corporate VPN. 
I'm having trouble figuring out the permissions bit, are you talking 
about the user permissions or the VPN permissions? And how to list all 
files the user has permissions to? I'm using ls -l to list current 
directory and permissions, but a user has permissions to files in a 
directory the user does not have permission (root and /home/user) so I'm 
having trouble figuring that one out. Or am I ok at this point? Running 
cat /etc/group in a console shows in part: nm-openconnect:x:128:

>
> Also try running "ps -ef | grep -i tightvnc" to check if it
> is running locally.
>
> Let us know what you find out.
>
> c
This is what I get:

/home$ ps -ef | grep -i tightvnc
peter     7734  2320  0 09:47 pts/0    00:00:00 grep --color=auto -i 
tightvnc

When I run tightserver in a console I get this:

/home$ tightvncserver

Command 'tightvncserver' not found, but can be installed with:

sudo apt install tightvncserver

Hi Carl and thanks! It appears to be much ado about nothing.My guess is 
that corporate did try and push something out to all employees, but it 
failed on my system. AFAIK, all other employees are using Win or Mac. I 
also checked for the files tightVNC would have created such as 
/home/user/.vnc/xxx and so on. I found nothing. I also searched Synaptik 
for vnc and checked to see if the installed vino and remmina were 
running,  I think remmina was not because whenI start it there are no 
entries in last time used or anywhere else in the Remmina window. I 
think vino is not because I think I found it in the gui under 
settings>sharing. Sharing is off.