Having the devil of a job getting XRDP working! Can anyone offer any advice?
It is a clean install of 11.1 and I then added the XRDP components using the YaST software manager. After some (quite a lot actually) debugging, I have this information. Is it enough?
On 09/30/2009 08:26 PM, martinprowe wrote:
>
> Having the devil of a job getting XRDP working! Can anyone offer any
> advice?
> It is a clean install of 11.1 and I then added the XRDP components
> using the YaST software manager. After some (quite a lot actually)
> debugging, I have this information. Is it enough?
<snip>
> I guess there is a problem around the “Starting Xvnc…” area?
>
> Once again any advice would be most appreciated. What a pity such a
> useful tool is spoilt by a lack of documentation?
>
> Regards, Martin
>
>
Thanks for the link. Not seen the Ausie connections before. Very attractive.
However, the only new information I can glean from that author is regarding installing from the two Repos. Anyway, I have done as he/she suggested … But, you guessed it! It only seems to have made a marginal difference?
The difference I can detect is in the user credential screen - you can now change the session type field without clearing username/passwd. Neat. But what has not changed is the underlying authentication/connection issue?
Now the remote log records an extra (to that shown in the earlier posting) connection to itself on port 5910. My suspicion is that this is just an improvement in the status display and only indicates that the xrdp wrapper is linking to the vnc service? http://www.mpr75.talktalk.net/rdpClient1.png
but the server logs still shows:
“starting Xvnc session… pam_open_session failed: Cannot make/remove an entry for the specified session”
supermicro:~ # xrdp-sesman -n
starting sesman in foregroud...
sesman config:
ListenAddress: 127.0.0.1
ListenPort: 3350
EnableUserWindowManager: 1
UserWindowManager: startwm.sh
DefaultWindowManager: startwm.sh
AuthFilePath: disabled
Xvnc parameters:
Parameter 00 -bs
X11rdp parameters:
Parameter 00 -bs
Xdmx parameters:
Parameter 00 -noreset
Parameter 01 -br
Parameter 02 -nolisten
Parameter 03 tcp
Parameter 04 --
Parameter 05 /usr/bin/Xfake
logging configuration:
LogFile: /var/log/xrdp-sesman.log
LogLevel: 4
EnableSyslog: 1
SyslogLevel: 3
security configuration:
AllowRootLogin: 1
MaxLoginRetry: 4
TSUsersGroup: 1000
TSAdminsGroup: 1001
session configuration:
MaxSessions: 10
KillDisconnected: 0
IdleTimeLimit: 0
DisconnectedTimeLimit: 0
[20090930-18:51:11] [WARN ] [init:45] libscp initialized
[20090930-18:51:11] [CORE ] starting sesman with pid 6296
[20090930-18:51:11] [INFO ] listening...
[20090930-18:51:42] [INFO ] granted TS access to user mprowe
[20090930-18:51:42] [INFO ] starting Xvnc session...
pam_open_session failed: Cannot make/remove an entry for the specified session
_XSERVTransSocketOpenCOTSServer: Unable to open socket for inet6
_XSERVTransOpen: transport open failed for inet6/supermicro:10
_XSERVTransMakeAllCOTSServerListeners: failed to open listener for inet6
_XSERVTransSocketINETCreateListener: ...SocketCreateListener() failed
_XSERVTransMakeAllCOTSServerListeners: server already running
Fatal server error:
Cannot establish any listening sockets - Make sure an X server isn't already running
[20090930-18:51:42] [CORE ] error X server died - user mprowe - pid 6303
If anyone can point me at where to look to fix this problem, I’d be most grateful. I am really pleased th hear from anyone, but reports that their “light bulb is working” is not all that helpful!
As a throwaway comment - does anyone think that having an LDAP service (although the xrdp test users are local) on this host is likly to be significant?
On 10/01/2009 11:46 AM, martinprowe wrote:
>
> Christian Riechers;2046122 Wrote:
>>
>> This procedure worked for me:
>> ‘Windows Linux RDP Remote Desktop Connections using openSUSE as Client
>> or Server (terminal server)’ (http://opensuse.swerdna.org/suserdp.html)
>
> However, the only new information I can glean from that author is
> regarding installing from the two Repos. Anyway, I have done as he/she
> suggested … But, you guessed it! It only seems to have made a marginal
> difference?
>
> The difference I can detect is in the user credential screen - you can
> now change the session type field without clearing username/passwd.
> Neat. But what has not changed is the underlying
> authentication/connection issue?
>
> Now the remote log records an extra (to that shown in the earlier
> posting) connection to itself on port 5910. My suspicion is that this is
> just an improvement in the status display and only indicates that the
> xrdp wrapper is linking to the vnc service?
> [image: http://www.mpr75.talktalk.net/rdpClient1.png]
>
> but the server logs still shows:
> “starting Xvnc session… pam_open_session failed: Cannot make/remove
> an entry for the specified session”
>
I’m not exactly sure what you’re trying to achieve with running
‘xrdp-sesman’. Have you tested to connect to the server using
‘rdesktop’? E.g. like:
> rdesktop localhost -z
I’m also confused about seeing ‘Xvnc session’ in your logs. VNC and RDP
should be two different things, even though they do provide similar
functionality.
The important bit is the “-n” switch (no daemon). And the reason for this is to try and get as much information as possible.
With xrdp-sesman run in the background, the only information I get is piped to /var/log/xrdp-sesman.log and this is limmited.
Have you tested to connect to the server using rdesktop’? E.g. like:> rdesktop localhost -z
I’m also confused about seeing ‘Xvnc session’ in your logs.
That makes two of us!
VNC and RDP should be two different things, even though they do provide similar functionality.
Ahhh… maybe I can add some light here? RDP has a quite distinct definition: It is a proprietary Microsoft Protocol (based on ITU-t T128) for the display of remote desktops (hence the name). On the other hand VNC is a generic term for Virtual Network Computing and is implemented in various flavours: TightVNC, Xvnc etc.
In this situation, the XRDP designers seem to be following the Open Source philosophy of using what is already there and not reinventing the wheel. So (and I am not party to any inside information), the RDP client talks to an XRDP wrapper on the server. The XRDP then translated the RDP traffic to VNC (a RBF) protocol and forwards it on to the local VNC server. And in this case the VNC server is called Xvnc and therefore reason why we are seeing messages from it in the logs.
Anyway. none of this gets me any further towards a working XRDP server. As additional information, I have tried several new installs of SuSE 11.1+XRDP with exactly the same (depressing) results.
On 10/02/2009 12:16 PM, martinprowe wrote:
>
> Christian Riechers;2046466 Wrote:
>
>> I’m also confused about seeing ‘Xvnc session’ in your logs.
> That makes two of us!
Looking at my xrdp-sesman.log, this is a successful session:
[20091002-17:31:14] [WARN ] [init:45] libscp initialized
[20091002-17:31:16] [CORE ] starting sesman with pid 2842
[20091002-17:31:16] [INFO ] listening…
[20091002-18:18:02] [INFO ] granted TS access to user christ1
[20091002-18:18:02] [INFO ] starting Xdmx session…
[20091002-18:18:02] [CORE ] X server running - user christ1 - pid 5792
[20091002-18:18:02] [INFO ] starting xrdp-sessvc - xpid=5792 - wmpid=5797
Note, there isn’t any Xvnc in the logs. I understand you do start
‘xrdp-sesman’ with the no daemon option, in order to get a more detailed
log.
But how (i.e. which client) do you connect to the RDP server?
>
>> VNC and RDP should be two different things, even though they do provide
>> similar functionality.
> Ahhh… maybe I can add some light here? RDP has a quite distinct
> definition: It is a proprietary Microsoft Protocol (based on ITU-t T128)
> for the display of remote desktops (hence the name). On the other hand
> VNC is a generic term for Virtual Network Computing and is implemented
> in various flavours: TightVNC, Xvnc etc.
> In this situation, the XRDP designers seem to be following the Open
> Source philosophy of using what is already there and not reinventing the
> wheel. So (and I am not party to any inside information), the RDP client
> talks to an XRDP wrapper on the server. The XRDP then translated the RDP
> traffic to VNC (a RBF) protocol and forwards it on to the local VNC
> server. And in this case the VNC server is called Xvnc and therefore
> reason why we are seeing messages from it in the logs.
>
I don’t know about the bits and pieces of RDP and VNC. But what I can
tell is that you do not need a VNC server running for RDP. I do not have
VNC installed on my machine, and RDP works beautifully from both, a
Windows (Vista) client, and the local Linux machine towards the Linux
server.
Having said that, there is a VNC module available for xrdp called
libvnc. But I think that’s a different story.
Thanks for staying with this problem. It is much appriciated.
Note, there isn’t any Xvnc in the logs.
Ah??? That interesting…
So, I have been back through the YaST software manager and removed the Xvnc module! It did this without complaint.
So, feeling encouraged, I gave it a try. Darn it … Different but not working.
My logs (xrdp-sesman -n) now shows this, when I try to log in with a known user and valid password:
supermicro:~ # xrdp-sesman -n
starting sesman in foregroud...
sesman config:
ListenAddress: 127.0.0.1
ListenPort: 3350
EnableUserWindowManager: 1
UserWindowManager: startwm.sh
DefaultWindowManager: startwm.sh
AuthFilePath: disabled
}
}...Abridged
}
session configuration:
MaxSessions: 10
KillDisconnected: 0
IdleTimeLimit: 0
DisconnectedTimeLimit: 0
[20091003-19:18:39] [WARN ] [init:45] libscp initialized
[20091003-19:18:39] [CORE ] starting sesman with pid 5028
[20091003-19:18:39] [INFO ] listening...
[20091003-19:20:06] [INFO ] granted TS access to user root
[20091003-19:20:06] [INFO ] starting Xdmx session...
pam_open_session failed: Cannot make/remove an entry for the specified session
Unrecognized option: --
use: X :<display>] [option]
}
}...Abridged text from - "I don't know?"
}
Fatal server error:
Unrecognized option: --
[20091003-19:20:06] [CORE ] error X server died - user root - pid 5037
Any ideas on which PAM module I need to try removing next?
Looking forward to hearing any thoughts you may have …
On 10/03/2009 08:56 PM, martinprowe wrote:
>
> [20091003-19:20:06] [CORE ] error X server died - user root - pid 5037
>
> Any ideas on which PAM module I need to try removing next?
>
> Looking forward to hearing any thoughts you may have …
>
Remote root login is disabled per default in SuSE. Try with a different
user than root first.
Hi Christian,
Hmmmm… I don’t think that that is always the case? I have used xrdp as root in the past.
But anyway, yes I have tried other users (both local and LDAP) which is why I was sticking to root to avoid any permissions problems.
I have also tried to understand which groups do and do not have xrdp (remote) access. So far without success. What is the consequence of the two entries
I only have a telnet connection to the delinquent box for the next 8 hours. If it is important that I confirm the source, is there a cmd line that will give me that info?
I am running 11.1.
Lastly (in this over) is the difference between the two sets of numbers (7.3.99-9.1 & 7.3.99-7.1) that significant?
In a long struggle getting hostapd (wireless access point) working, I though I was told by Akoellh that the digits to the left of the “-” is the code version and that to the right is the package version. Please correct me if I’ve got it all mixed up.
Your RPMs are not in that Repository but mine are – I just did a thorough search of it. You’ve got the wrong RPMs. The difference between the 9.1 and 7.1 might be significant – you’ll only know by trying it again with the RPMs that are known to work. You should attach the dreveman repo in Yast → Software → Software Repositories. Then uninstall the RPMs that you have previously installed and reinstall them according to the split up I laid out in my tutorial. I tested that list to-day and it is still current.
Whether that will solve your problem or not – I can’t say. But it’s quite suspicious that you are using newer RPMs than the RPMs in the dreveman repo for openSUSE 11.1. Maybe they came from the milestone 11.2 repo (to be so new)? But hey, try it and see – they work for me.
On 10/05/2009 09:56 AM, martinprowe wrote:
>
> Christian Riechers;2047045 Wrote:
>> On 10/03/2009 08:56 PM,
>>
>> Remote root login is disabled per default in SuSE. Try with a different
>> user than root first.
>
> Hi Christian,
> Hmmmm… I don’t think that that is always the case? I have used xrdp
> as root in the past.
> But anyway, yes I have tried other users (both local and LDAP) which is
> why I was sticking to root to avoid any permissions problems.
You’re correct, RDP allows root login by default. I was referring to
telnet, which is usually not allowed for root.
>
> I have also tried to understand which groups do and do not have xrdp
> (remote) access. So far without success. What is the consequence of the
> two entries
>
> Code:
> --------------------
> TerminalServerUsers=tsusers
> TerminalServerAdmins=tsadminin
> --------------------
>
> in sesman.ini?
>
There’s a manpage for sesman.ini. Have a look there. This is just taken
from the man page:
TerminalServerUsers=tsusers
Only the users belonging to the group tsusers are allowed
to login on terminal server.
If unset or set to an invalid or non-existent group,
login for all users is enabled.
On my system the group tsusers doesn’t exist, so anyone with a valid
local account can login via RDP.
I can’t suggest much more than what swerdna did earlier, i.e.
re-installing the RPM’s. Also make sure to remove or rename any
customized config files before installing the RPM’s again. Then follow
the steps from the tutorial. It worked for me too, without the need for
any more configuration tweaks.
I can post my config files, if you think this is useful.
Often “no news is good news”. Not in this case.
As suggested, I have tried uninstall/reinstalls - with no luck. I then tried complete rebuilds on several hardware platforms. Also to no avail!
What is worse, is that there does not seem to be any repeatability in any of the failure patterns!!
So, after several months work, I’m giving up. It is just toooo difficult for me to make any progress. I’ll leave this field to you experts.
Thanks for all your help. Maybe, I’ll see you on the other side of 11.2?
Just a very quick last question (if you are still monitoring this): can you confirm that you opened the firewall for xrdp or that you have the network connection on the internal zone? I only ask since I had no trouble with xrdp apart from trying to establish a Failsafe Terminal connection from the session type list. However KDE4 sessions worked fine.
It’s a pity that it won’t work for you. Since you started this thread I’ve rechecked twice to see if the method still works, with fresh installs of KDE and Gnome on a spare partition. Worked both times for me.
But it does stop working if I add both Desktop Environments (KDE and Gnome) concurrently and try to switch from one to the other.
Xrdp in openSUSE as crafted for the “Nomad” project has some wrinkles to be got out yet, so maybe versions 11.2 or 11.3 will see it performing properly.
