Hello,
my older computer is a Core2Quad with 4 GB RAM had a hard disk with a Windows 10
what I did: - I plugged this harddisk as harddisk 2 and added an empty harddisk as harddisk 1
- I downloaded Fedora 25 KDE (Fedora-KDE-Live-x86_64-25-1.3.iso) and burnt this to a DVD
- I installed this onto harddisk 1, the boot menu entry for the 2nd harddisk with Windows 10 was added automatically I gave fixed IPv4 (an RFC1918 addr) and IPv6 (my HE tunnel range) addresses
- after the first login I had to enable sshd - why isn't this automatically? - with systemctl enable sshd systemctl start sshd now I could do SSH from my newer computer (Windows)
- I did an yum update and this updated more than 800 packages and downloaded nearly 1 GByte after this I rebootet
- I successfully installed postfix as MTA and logwatch, works as expected - why is the logwatch mail 'precedence bulk'?
- I also needed the graphical connection and found this: https://www.server-world.info/en/note?os=Fedora_24&p=desktop&f=7 there I have a strange phenomen
after the connection with mstsc, I get a window where I can select between Xvnc and Xorg, when selecting Xvnc and entering userid and password the window is closed and session blown away ... when I select Xorg and enter userid and password the window stays 'green' forever
/var/log/xrdp.log shows this:
[20170604-21:40:08] [INFO ] starting xrdp with pid 1406 [20170604-21:40:10] [INFO ] listening to port 3389 on 0.0.0.0 [20170604-21:42:07] [INFO ] Socket 12: AF_INET connection received from 172.23.2.7 port 4333 [20170604-21:42:07] [DEBUG] Closed socket 12 (AF_INET 172.23.1.7:3389) [20170604-21:42:07] [DEBUG] Closed socket 11 (AF_INET 0.0.0.0:3389) [20170604-21:42:07] [INFO ] Using default X.509 certificate: /etc/xrdp/cert.pem [20170604-21:42:07] [INFO ] Using default X.509 key file: /etc/xrdp/key.pem [20170604-21:42:07] [DEBUG] TLSv1.2 enabled [20170604-21:42:07] [DEBUG] TLSv1.1 enabled [20170604-21:42:07] [DEBUG] TLSv1 enabled [20170604-21:42:07] [DEBUG] Security layer: requested 1, selected 1 [20170604-21:42:07] [INFO ] connected client computer name: XP64WALDI01-W01 [20170604-21:42:07] [INFO ] TLS connection established from 172.23.2.7 port 4333: TLSv1 with cipher DES-CBC3-SHA [20170604-21:42:07] [DEBUG] xrdp_00000604_wm_login_mode_event_00000001 [20170604-21:42:07] [INFO ] Cannot find keymap file /etc/xrdp/km-00020409.ini [20170604-21:42:07] [INFO ] Loading keymap file /etc/xrdp/km-00000409.ini [20170604-21:42:07] [WARN ] local keymap file for 0x00020409 found and doesn't match built in keymap, using local keymap file [20170604-21:42:16] [DEBUG] xrdp_wm_log_msg: connecting to sesman ip 127.0.0.1 port 3350 [20170604-21:42:17] [INFO ] xrdp_wm_log_msg: sesman connect ok [20170604-21:42:17] [DEBUG] xrdp_wm_log_msg: sending login info to session manager, please wait... [20170604-21:42:17] [DEBUG] return value from xrdp_mm_connect 0 [20170604-21:42:17] [INFO ] xrdp_wm_log_msg: login successful for display 10 [20170604-21:42:17] [DEBUG] xrdp_wm_log_msg: VNC started connecting [20170604-21:42:18] [DEBUG] xrdp_wm_log_msg: VNC connecting to 127.0.0.1 5910 [20170604-21:42:20] [DEBUG] xrdp_wm_log_msg: VNC tcp connected [20170604-21:42:20] [DEBUG] xrdp_wm_log_msg: VNC security level is 2 (1 = none, 2 = standard) [20170604-21:42:20] [DEBUG] xrdp_wm_log_msg: VNC password ok [20170604-21:42:20] [DEBUG] xrdp_wm_log_msg: VNC sending share flag [20170604-21:42:20] [DEBUG] xrdp_wm_log_msg: VNC receiving server init [20170604-21:42:20] [DEBUG] xrdp_wm_log_msg: VNC receiving pixel format [20170604-21:42:20] [DEBUG] xrdp_wm_log_msg: VNC receiving name length [20170604-21:42:20] [DEBUG] xrdp_wm_log_msg: VNC receiving name [20170604-21:42:20] [DEBUG] xrdp_wm_log_msg: VNC sending pixel format [20170604-21:42:20] [DEBUG] xrdp_wm_log_msg: VNC sending encodings [20170604-21:42:21] [DEBUG] xrdp_wm_log_msg: VNC sending framebuffer update request [20170604-21:42:21] [DEBUG] xrdp_wm_log_msg: VNC sending cursor
[20170604-21:42:21] [DEBUG] xrdp_wm_log_msg: VNC connection complete, connected ok [20170604-21:42:21] [INFO ] The following channel is allowed: rdpdr (0) [20170604-21:42:21] [INFO ] The following channel is allowed: rdpsnd (1) [20170604-21:42:21] [INFO ] The following channel is allowed: drdynvc (2) [20170604-21:42:21] [INFO ] The following channel is allowed: cliprdr (3) [20170604-21:42:21] [DEBUG] The allow channel list now initialized for this session [20170604-21:42:21] [DEBUG] xrdp_wm_log_msg: connected ok [20170604-21:42:21] [DEBUG] xrdp_mm_connect_chansrv: chansrv connect successful [20170604-21:42:21] [DEBUG] Closed socket 18 (AF_INET 127.0.0.1:55588) [20170604-21:42:22] [DEBUG] VNC got clip data [20170604-21:42:22] [DEBUG] Closed socket 12 (AF_INET 172.23.1.7:3389) [20170604-21:42:22] [DEBUG] xrdp_mm_module_cleanup [20170604-21:42:22] [DEBUG] VNC mod_exit [20170604-21:42:23] [DEBUG] Closed socket 19 (AF_INET 127.0.0.1:57730) [20170604-21:42:23] [DEBUG] Closed socket 20 (AF_UNIX) [20170604-21:42:23] [ERROR] Listening socket is in wrong state, terminating listener [20170604-21:42:23] [CORE ] shutting down log subsystem...
/var/log/xrdp-sesman.log shows this:
[20170604-21:40:08] [DEBUG] libscp initialized [20170604-21:40:09] [INFO ] starting xrdp-sesman with pid 1405 [20170604-21:40:10] [INFO ] listening to port 3350 on 127.0.0.1 [20170604-21:42:16] [INFO ] A connection received from 127.0.0.1 port 55588 [20170604-21:42:17] [INFO ] ++ created session (access granted): username walter, ip 172.23.2.7:4333 - socket: 12 [20170604-21:42:17] [INFO ] starting Xvnc session... [20170604-21:42:17] [DEBUG] Closed socket 9 (AF_INET 0.0.0.0:5910) [20170604-21:42:17] [DEBUG] Closed socket 9 (AF_INET 0.0.0.0:6010) [20170604-21:42:17] [DEBUG] Closed socket 9 (AF_INET 0.0.0.0:6210) [20170604-21:42:17] [DEBUG] Closed socket 8 (AF_INET 127.0.0.1:3350) [20170604-21:42:17] [DEBUG] Closed socket 7 (AF_INET 127.0.0.1:3350) [20170604-21:42:17] [DEBUG] Closed socket 8 (AF_INET 127.0.0.1:3350) [20170604-21:42:18] [INFO ] Xvnc :10 -auth .Xauthority -geometry 1600x1200 -depth 32 -rfbauth/home/walter/.vnc/sesman_walter_passwd:10 -bs -nolisten tcp -localhost -dpi 96 [20170604-21:42:18] [CORE ] waiting for window manager (pid 1552) to exit
the 1600x1200 is a little bit bigger as the monitor of the older computer itself, the newer has a 2560x1440
/etc/xrdp/sesman.ini has some weird content
[Xvnc] param=Xvnc param=-bs param=-nolisten param=tcp param=-localhost param=-dpi param=96
[Xorg] param=Xorg param=-config param=xrdp/xorg.conf param=-noreset param=-nolisten param=tcp param=-logfile param=.xorgxrdp.%s.log
shouldn't this look like
[Xvnc] param=-bs param=-nolisten tcp param=-localhost param=-dpi 96
[Xorg] param=-config xrdp/xorg.conf param=-noreset param=-nolisten tcp param=-logfile .xorgxrdp.%s.log
the next strange thing in connection with firefox ...
when setting a proxy with DNS name, I get errors, that the proxy is not found; entering the IPv4 or IPv6 address this works ... (entering host proxy.local it gives the IPv4 and IPv6 address - my DNS is working properly)
Thanks for help or some explanation
Walter
On 06/05/17 04:37, Walter H. wrote:
Hello,
my older computer is a Core2Quad with 4 GB RAM had a hard disk with a Windows 10
what I did:
- I plugged this harddisk as harddisk 2 and added an empty harddisk as
harddisk 1
- I downloaded Fedora 25 KDE (Fedora-KDE-Live-x86_64-25-1.3.iso) and
burnt this to a DVD
- I installed this onto harddisk 1, the boot menu entry for the 2nd
harddisk with Windows 10 was added automatically I gave fixed IPv4 (an RFC1918 addr) and IPv6 (my HE tunnel range) addresses
- after the first login I had to enable sshd - why isn't this
automatically? - with
The philosophy is to enable the minimal amount of network services.
systemctl enable sshd systemctl start sshd now I could do SSH from my newer computer (Windows)
- I did an yum update and this updated more than 800 packages and
downloaded nearly 1 GByte after this I rebootet
- I successfully installed postfix as MTA and logwatch, works as
expected - why is the logwatch mail 'precedence bulk'?
- I also needed the graphical connection and found this: https://www.server-world.info/en/note?os=Fedora_24&p=desktop&f=7 there I have a strange phenomen
FWIW, in the past I've found it easier to run a Vnc client on windows and a Vnc Server on the Linux side...
That being said....
after the connection with mstsc, I get a window where I can select between Xvnc and Xorg, when selecting Xvnc and entering userid and password the window is closed and session blown away ... when I select Xorg and enter userid and password the window stays 'green' forever
I would not bother with trying to get Xorg to work with xrdp. Just a personal preference for which I'm sure I had a reason to reach but don't recall what it was.
As far as xrdp working with Xvnc. It works just fine for me.
I have made no changes to any xrdp configuration files.
I believe my log files show pretty much the same thing....
xrdp.log
[20170605-07:30:26] [INFO ] Socket 12: AF_INET connection received from 192.168.1.224 port 51889 [20170605-07:30:26] [DEBUG] Closed socket 12 (AF_INET 192.168.1.198:3389) [20170605-07:30:26] [DEBUG] Closed socket 11 (AF_INET 0.0.0.0:3389) [20170605-07:30:26] [INFO ] Using default X.509 certificate: /etc/xrdp/cert.pem [20170605-07:30:26] [INFO ] Using default X.509 key file: /etc/xrdp/key.pem [20170605-07:30:26] [DEBUG] TLSv1.2 enabled [20170605-07:30:26] [DEBUG] TLSv1.1 enabled [20170605-07:30:26] [DEBUG] TLSv1 enabled [20170605-07:30:26] [DEBUG] Security layer: requested 11, selected 1 [20170605-07:30:26] [DEBUG] Closed socket 12 (AF_INET 192.168.1.198:3389) [20170605-07:30:26] [ERROR] Listening socket is in wrong state, terminating listener [20170605-07:30:26] [CORE ] shutting down log subsystem... [20170605-07:30:26] [INFO ] Socket 12: AF_INET connection received from 192.168.1.224 port 51890 [20170605-07:30:26] [DEBUG] Closed socket 12 (AF_INET 192.168.1.198:3389) [20170605-07:30:26] [DEBUG] Closed socket 11 (AF_INET 0.0.0.0:3389) [20170605-07:30:26] [INFO ] Using default X.509 certificate: /etc/xrdp/cert.pem [20170605-07:30:26] [INFO ] Using default X.509 key file: /etc/xrdp/key.pem [20170605-07:30:26] [DEBUG] TLSv1.2 enabled [20170605-07:30:26] [DEBUG] TLSv1.1 enabled [20170605-07:30:26] [DEBUG] TLSv1 enabled [20170605-07:30:26] [DEBUG] Security layer: requested 11, selected 1 [20170605-07:30:26] [INFO ] connected client computer name: WIN10 [20170605-07:30:26] [INFO ] TLS connection established from 192.168.1.224 port 51890: TLSv1.2 with cipher AES256-GCM-SHA384 [20170605-07:30:26] [DEBUG] xrdp_000045e4_wm_login_mode_event_00000001 [20170605-07:30:26] [INFO ] Loading keymap file /etc/xrdp/km-00000409.ini [20170605-07:30:26] [WARN ] local keymap file for 0x00000409 found and doesn't match built in keymap, using local keymap file [20170605-07:30:28] [DEBUG] Closed socket 19 (AF_UNIX) [20170605-07:30:31] [DEBUG] Closed socket 19 (AF_UNIX) [20170605-07:30:35] [DEBUG] Closed socket 19 (AF_UNIX) [20170605-07:30:36] [DEBUG] xrdp_wm_log_msg: connecting to sesman ip 127.0.0.1 port 3350 [20170605-07:30:36] [INFO ] xrdp_wm_log_msg: sesman connect ok [20170605-07:30:36] [DEBUG] xrdp_wm_log_msg: sending login info to session manager, please wait... [20170605-07:30:36] [DEBUG] return value from xrdp_mm_connect 0 [20170605-07:30:36] [INFO ] xrdp_wm_log_msg: login successful for display 11 [20170605-07:30:36] [DEBUG] xrdp_wm_log_msg: VNC started connecting [20170605-07:30:36] [DEBUG] xrdp_wm_log_msg: VNC connecting to 127.0.0.1 5911 [20170605-07:30:38] [DEBUG] xrdp_wm_log_msg: VNC tcp connected [20170605-07:30:38] [DEBUG] xrdp_wm_log_msg: VNC security level is 2 (1 = none, 2 = standard) [20170605-07:30:38] [DEBUG] xrdp_wm_log_msg: VNC password ok [20170605-07:30:38] [DEBUG] xrdp_wm_log_msg: VNC sending share flag [20170605-07:30:38] [DEBUG] xrdp_wm_log_msg: VNC receiving server init [20170605-07:30:38] [DEBUG] xrdp_wm_log_msg: VNC receiving pixel format [20170605-07:30:38] [DEBUG] xrdp_wm_log_msg: VNC receiving name length [20170605-07:30:38] [DEBUG] xrdp_wm_log_msg: VNC receiving name [20170605-07:30:38] [DEBUG] xrdp_wm_log_msg: VNC sending pixel format [20170605-07:30:38] [DEBUG] xrdp_wm_log_msg: VNC sending encodings [20170605-07:30:38] [DEBUG] xrdp_wm_log_msg: VNC sending framebuffer update request [20170605-07:30:38] [DEBUG] xrdp_wm_log_msg: VNC sending cursor [20170605-07:30:38] [DEBUG] xrdp_wm_log_msg: VNC connection complete, connected ok [20170605-07:30:38] [INFO ] The following channel is allowed: rdpdr (0) [20170605-07:30:38] [INFO ] The following channel is allowed: rdpsnd (1) [20170605-07:30:38] [INFO ] The following channel is allowed: cliprdr (2) [20170605-07:30:38] [INFO ] The following channel is allowed: drdynvc (3) [20170605-07:30:38] [DEBUG] The allow channel list now initialized for this session [20170605-07:30:38] [DEBUG] xrdp_wm_log_msg: connected ok [20170605-07:30:38] [DEBUG] Closed socket 19 (AF_UNIX) [20170605-07:30:38] [DEBUG] xrdp_mm_connect_chansrv: chansrv connect successful [20170605-07:30:38] [DEBUG] Closed socket 18 (AF_INET 127.0.0.1:43080) [20170605-07:30:42] [DEBUG] Closed socket 19 (AF_UNIX) [20170605-07:30:46] [DEBUG] Closed socket 19 (AF_UNIX) [20170605-07:30:49] [DEBUG] Closed socket 19 (AF_UNIX) [20170605-07:30:53] [DEBUG] Closed socket 19 (AF_UNIX) [20170605-07:30:57] [DEBUG] Closed socket 19 (AF_UNIX) [20170605-07:31:01] [DEBUG] Closed socket 19 (AF_UNIX) [20170605-07:31:04] [DEBUG] Closed socket 19 (AF_UNIX) [20170605-07:31:08] [DEBUG] Closed socket 19 (AF_UNIX) [20170605-07:31:12] [DEBUG] Closed socket 19 (AF_UNIX) [20170605-07:31:16] [DEBUG] Closed socket 19 (AF_UNIX) [20170605-07:31:20] [DEBUG] Closed socket 19 (AF_UNIX) [20170605-07:31:23] [DEBUG] Closed socket 19 (AF_UNIX) [20170605-07:31:27] [DEBUG] Closed socket 19 (AF_UNIX) [20170605-07:31:31] [DEBUG] Closed socket 19 (AF_UNIX) [20170605-07:31:34] [DEBUG] xrdp_wm_log_msg: connection problem, giving up [20170605-07:31:34] [DEBUG] Closed socket 19 (AF_UNIX) [20170605-07:31:34] [DEBUG] xrdp_wm_log_msg: some problem [20170605-07:31:34] [DEBUG] xrdp_mm_module_cleanup [20170605-07:31:34] [DEBUG] Closed socket 18 (AF_INET 127.0.0.1:43076) [20170605-07:31:34] [DEBUG] Closed socket 12 (AF_INET 192.168.1.198:3389) [20170605-07:31:34] [DEBUG] xrdp_mm_module_cleanup [20170605-07:31:34] [ERROR] Listening socket is in wrong state, terminating listener [20170605-07:31:34] [CORE ] shutting down log subsystem...
Hello,
On 05.06.2017 01:52, Ed Greshko wrote:
On 06/05/17 04:37, Walter H. wrote: FWIW, in the past I've found it easier to run a Vnc client on windows and a Vnc Server on the Linux side...
That being said....
how do I this?
after the connection with mstsc, I get a window where I can select between Xvnc and Xorg, when selecting Xvnc and entering userid and password the window is closed and session blown away ... when I select Xorg and enter userid and password the window stays 'green' forever
I would not bother with trying to get Xorg to work with xrdp. Just a personal preference for which I'm sure I had a reason to reach but don't recall what it was.
Of course, but I want any working way ...
As far as xrdp working with Xvnc. It works just fine for me.
I have made no changes to any xrdp configuration files.
me too, and it doesn't work ...
I believe my log files show pretty much the same thing....
so it doesn't tell anything about whats going wrong?
On 06/05/17 14:31, Walter H. wrote:
Hello,
On 05.06.2017 01:52, Ed Greshko wrote:
On 06/05/17 04:37, Walter H. wrote: FWIW, in the past I've found it easier to run a Vnc client on windows and a Vnc Server on the Linux side...
That being said....
how do I this?
Install https://www.realvnc.com/download/vnc/windows/ on the Windows side. (Use the supplied client SW) Install tigervnc-server on fedora. From there you can either decide if you want to have a user invoke the server from say a terminal or ssh session or to make it a system service by following the directions in /lib/systemd/system/vncserver@.service.
Other documentation exists online like
https://docs.fedoraproject.org/en-US/Fedora/21/html/System_Administrators_Gu...
after the connection with mstsc, I get a window where I can select between Xvnc and Xorg, when selecting Xvnc and entering userid and password the window is closed and session blown away ... when I select Xorg and enter userid and password the window stays 'green' forever
I would not bother with trying to get Xorg to work with xrdp. Just a personal preference for which I'm sure I had a reason to reach but don't recall what it was.
Of course, but I want any working way ...
As far as xrdp working with Xvnc. It works just fine for me.
I have made no changes to any xrdp configuration files.
me too, and it doesn't work ...
Odd...
I believe my log files show pretty much the same thing....
so it doesn't tell anything about whats going wrong?
No, there is no clear indication from the logs that I can see pointing out the problem.
I did things slightly different than what was called out in the link you initially supplied.
The steps taken were...
dnf -y install xrdp
firewall-cmd --add-port=3389/tcp --permanent
firewall-cmd --reload
systemctl enable xrdp
systemctl start xrdp
I don't like to start a service without the proper firewall rules in place first.
FWIW, have you tried stopping/starting xrdp? Also, in reading some posts found by searching about your issue I see that some people had to try connecting twice before they a working connection.
You may also want to check to see if you have any errors reported in you ~/.vnc directory.
On 06/05/17 15:18, Ed Greshko wrote:
You may also want to check to see if you have any errors reported in you ~/.vnc directory.
You would also want to check ~/.xsession-errors.
I just restated my VM that is running xrdp and the connection to the server failed the first time and there were errors indicating
kdeinit5: Communication error with launcher. Exiting! kdeinit5_wrapper: Warning: connect(/run/user/1029/kdeinit5__10) failed: : Connection refused
startkde: Shutting down... kdeinit5_wrapper: Warning: connect(/run/user/1029/kdeinit5__10) failed: : Connection refused Error: Can not contact kdeinit5! startkde: Done. XIO: fatal IO error 2 (No such file or directory) on X server ":10.0" after 192 requests (192 known processed) with 0 events remaining. KCrash: Application 'kwin_x11' crashing...
connecting a second time worked.
I also noted some issues with logging in via xrdp/Xvnc when the user is logged in from the console/GUI.
FYI, I don't normally use xrdp and just enabled it to do this testing. It is no wonder I stick with Vnc. :-) :-)
On 05.06.2017 09:18, Ed Greshko wrote:
On 06/05/17 14:31, Walter H. wrote:
Hello,
On 05.06.2017 01:52, Ed Greshko wrote:
On 06/05/17 04:37, Walter H. wrote: FWIW, in the past I've found it easier to run a Vnc client on windows and a Vnc Server on the Linux side...
That being said....
how do I this?
Install https://www.realvnc.com/download/vnc/windows/ on the Windows side. (Use the supplied client SW)
ok, I already have the VNCviewer on my Windows
Install tigervnc-server on fedora. From there you can either decide if you want to have a user invoke the server from say a terminal or ssh session or to make it a system service by following the directions in /lib/systemd/system/vncserver@.service.
I did what this file said ...
cp /lib/systemd/system/vncserver@.service /etc/systemd/system/vncserver@.service
I edited /etc/systemd/system/vncserver@.service and changed <USER> with walter
did systemctl daemon-reload systemctl enable vncserver@:1.service systemctl start vncserver@:1.service
firewall-cmd --add-port=5901/tcp --permanent
the password ... su - walter vncpasswd ...
after rebooting the computer
VNCviewer connected and there I gave the password I configured above with vncpasswd but after less than a minute the connection closes and I get this dialog from VNC viewer
read: Connection reset by peer (10054) Do you wish to attempt to reconnect to 172.23.1.7:5901 clicking Yes gives this: unable to connect to host: Connection refused (10061)
SOS please help me, how to get any way of a stable graphical connection from Windows to this Fedora 25 ...
No, there is no clear indication from the logs that I can see pointing out the problem.
I did things slightly different than what was called out in the link you initially supplied.
The steps taken were...
dnf -y install xrdp
firewall-cmd --add-port=3389/tcp --permanent
firewall-cmd --reload
systemctl enable xrdp
systemctl start xrdp
I don't like to start a service without the proper firewall rules in place first.
FWIW, have you tried stopping/starting xrdp?
yes, as I noticed in fedora I don't get any feedback if this worked or not ...
e.g. my older mail server shows this when I restart postfix
[root@mail ~]# service postfix restart Shutting down postfix: [ OK ] Starting postfix: [ OK ] [root@mail ~]#
fedora only this:
[root@fedora ~]# systemctl restart postfix [root@fedora ~]#
You may also want to check to see if you have any errors reported in you ~/.vnc directory.
nothing usefull ...
how can I connect using desktop share?
https://docs.fedoraproject.org/en-US/Fedora/14/html/User_Guide/sect-User_Gui... (this seems to be stable but, what is it really as the clock at bottom right shows a different time of more than 5 minutes)
Thanks, Walter
On 06/05/17 21:30, Walter H. wrote:
On 05.06.2017 09:18, Ed Greshko wrote:
On 06/05/17 14:31, Walter H. wrote:
Hello,
On 05.06.2017 01:52, Ed Greshko wrote:
On 06/05/17 04:37, Walter H. wrote: FWIW, in the past I've found it easier to run a Vnc client on windows and a Vnc Server on the Linux side...
That being said....
how do I this?
Install https://www.realvnc.com/download/vnc/windows/ on the Windows side. (Use the supplied client SW)
ok, I already have the VNCviewer on my Windows
Install tigervnc-server on fedora. From there you can either decide if you want to have a user invoke the server from say a terminal or ssh session or to make it a system service by following the directions in /lib/systemd/system/vncserver@.service.
I did what this file said ...
cp /lib/systemd/system/vncserver@.service /etc/systemd/system/vncserver@.service
I edited /etc/systemd/system/vncserver@.service and changed <USER> with walter
I assume you changed 2 lines...
User=<USER> PIDFile=/home/<USER>/.vnc/%H%i.pid
did systemctl daemon-reload systemctl enable vncserver@:1.service systemctl start vncserver@:1.service
And you are saying that started without error? I ask since it has been a long time since I've done this and in doing this just now the start fails.
[root@f25f system]# systemctl start vncserver@:1.service Job for vncserver@:1.service failed because a timeout was exceeded. See "systemctl status vncserver@:1.service" and "journalctl -xe" for details.
This was caused by an selinux issue. The AVCs I got were....
type=AVC msg=audit(1496670517.042:290): avc: denied { unlink } for pid=1 comm="systemd" name="f25f.greshko.com:1.pid" dev="sda3" ino=17229 scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=0 type=AVC msg=audit(1496670702.480:298): avc: denied { open } for pid=1 comm="systemd" path="/home/egreshko/.vnc/f25f.greshko.com:1.pid" dev="sda3" ino=17277 scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=0 type=AVC msg=audit(1496670702.480:299): avc: denied { open } for pid=1 comm="systemd" path="/home/egreshko/.vnc/f25f.greshko.com:1.pid" dev="sda3" ino=17277 scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=0
firewall-cmd --add-port=5901/tcp --permanent
FWIW, the firewall-applet has a checkbox to allow vncsever and opens multiple ports.
the password ... su - walter vncpasswd ...
after rebooting the computer
VNCviewer connected and there I gave the password I configured above with vncpasswd but after less than a minute the connection closes and I get this dialog from VNC viewer
read: Connection reset by peer (10054) Do you wish to attempt to reconnect to 172.23.1.7:5901 clicking Yes gives this: unable to connect to host: Connection refused (10061)
SOS please help me, how to get any way of a stable graphical connection from Windows to this Fedora 25 ...
At this point you should check the status of the vncserver ...
systemctl status vncserver@:1.service
On 05.06.2017 16:09, Ed Greshko wrote:
On 06/05/17 21:30, Walter H. wrote:
On 05.06.2017 09:18, Ed Greshko wrote:
On 06/05/17 14:31, Walter H. wrote:
Hello,
On 05.06.2017 01:52, Ed Greshko wrote:
On 06/05/17 04:37, Walter H. wrote: FWIW, in the past I've found it easier to run a Vnc client on windows and a Vnc Server on the Linux side...
That being said....
how do I this?
Install https://www.realvnc.com/download/vnc/windows/ on the Windows side. (Use the supplied client SW)
ok, I already have the VNCviewer on my Windows
Install tigervnc-server on fedora. From there you can either decide if you want to have a user invoke the server from say a terminal or ssh session or to make it a system service by following the directions in /lib/systemd/system/vncserver@.service.
I did what this file said ...
cp /lib/systemd/system/vncserver@.service /etc/systemd/system/vncserver@.service
I edited /etc/systemd/system/vncserver@.service and changed<USER> with walter
I assume you changed 2 lines...
User=<USER> PIDFile=/home/<USER>/.vnc/%H%i.pid
yes, these both lines
did systemctl daemon-reload systemctl enable vncserver@:1.service systemctl start vncserver@:1.service
And you are saying that started without error?
as fedora has a strange way of feedback as I mentioned earlier I didn't see at this time no error
[root@f25f system]# systemctl start vncserver@:1.service Job for vncserver@:1.service failed because a timeout was exceeded. See "systemctl status vncserver@:1.service" and "journalctl -xe" for details.
this error comes after I've connected via VNC viewer and "worked" for less than a minute ...
This was caused by an selinux issue. The AVCs I got were....
SELinux, I should generate a .tt file and add some permissions I've changed from enforcing to permissive before the last reboot and it runs :-)
type=AVC msg=audit(1496670517.042:290): avc: denied { unlink } for pid=1 comm="systemd" name="f25f.greshko.com:1.pid" dev="sda3" ino=17229 scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=0 type=AVC msg=audit(1496670702.480:298): avc: denied { open } for pid=1 comm="systemd" path="/home/egreshko/.vnc/f25f.greshko.com:1.pid" dev="sda3" ino=17277 scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=0 type=AVC msg=audit(1496670702.480:299): avc: denied { open } for pid=1 comm="systemd" path="/home/egreshko/.vnc/f25f.greshko.com:1.pid" dev="sda3" ino=17277 scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=0
mine will look similar ...
firewall-cmd --add-port=5901/tcp --permanent
FWIW, the firewall-applet has a checkbox to allow vncsever and opens multiple ports.
I tell you some secret: user walter is a non admin, and with this I only can use this applet when logging in directly at the computer and not remote ...
SOS please help me, how to get any way of a stable graphical connection from Windows to this Fedora 25 ...
At this point you should check the status of the vncserver ...
systemctl status vncserver@:1.service
it is running now as expected due to permissive instead of enforcing
bye the way,
why do I get at http://forums.fedoraforum.org/showthread.php?t=305255 the error 403 Error. Access is Forbidden to this Page!!!
Greetings, Walter
On 06/05/17 22:40, Walter H. wrote:
it is running now as expected due to permissive instead of enforcing
OK....
As I mentioned in a later post, to get back to enforcing you may need to run...
ausearch -c 'systemd' --raw | audit2allow -M my-systemd semodule -X 300 -i my-systemd.pp
twice since you first get the unlink AVC and not get the open AVC until you generate the local policy to fix it.
At least you have it working and you know where the issue was.
bye the way,
why do I get at http://forums.fedoraforum.org/showthread.php?t=305255 the error 403 Error. Access is Forbidden to this Page!!!
No idea. I works for me. I am using chrome and no proxy....
On 06/05/17 21:30, Walter H. wrote:
Sorry.... It is late in my part of the world and I didn't scroll down far enough...
e.g. my older mail server shows this when I restart postfix
[root@mail ~]# service postfix restart Shutting down postfix: [ OK ] Starting postfix: [ OK ] [root@mail ~]#
fedora only this:
[root@fedora ~]# systemctl restart postfix [root@fedora ~]#
Right. No output indicates the restart, or start, was a success. You can always double check with systemctl status postfix
You may also want to check to see if you have any errors reported in you ~/.vnc directory.
nothing usefull ...
how can I connect using desktop share?
https://docs.fedoraproject.org/en-US/Fedora/14/html/User_Guide/sect-User_Gui...
(this seems to be stable but, what is it really as the clock at bottom right shows a different time of more than 5 minutes)
That is documentation from F14 and is way out of date.
Again, late hour, I should have also mentioned that the AVC messages are held in /var/log/audit/audit.log
You can grep on type=AVC in the file to see if you're getting the errors that I noted. I fixed it by following the troubleshooting advice of the seapplet. I had to run, as root,
ausearch -c 'systemd' --raw | audit2allow -M my-systemd semodule -X 300 -i my-systemd.pp
a couple of times since there were 2 distinct AVC's A deny on unlink and a deny on open.
On 05.06.2017 16:34, Ed Greshko wrote:
That is documentation from F14 and is way out of date.
of course and didn't meet my needs as there must be a user logged on ...
Again, late hour, I should have also mentioned that the AVC messages are held in /var/log/audit/audit.log
You can grep on type=AVC in the file to see if you're getting the errors that I noted. I fixed it by following the troubleshooting advice of the seapplet. I had to run, as root,
ausearch -c 'systemd' --raw | audit2allow -M my-systemd semodule -X 300 -i my-systemd.pp
a couple of times since there were 2 distinct AVC's A deny on unlink and a deny on open.
I did it this way: stored the following to e.g. bugfix.tt
module systemd_vnc_bugfix 1.0.0;
require { type user_home_t; type init_t; class file { open read unlink }; }
#============= init_t ============== allow init_t user_home_t:file { open read unlink };
and then
checkmodule -M -m -o bugfix.mod bugfix.tt semodule_package -o bugfix.pp -m bugfix.mod semodule -X 300 -i bugfix.pp
Thanks for your help, hints, now its working with SElinux = enforcing
Greetings from Austria, Walter
On 06/05/2017 02:09 PM, Walter H. wrote:
On 05.06.2017 16:34, Ed Greshko wrote:
That is documentation from F14 and is way out of date.
of course and didn't meet my needs as there must be a user logged on ...
Again, late hour, I should have also mentioned that the AVC messages are held in /var/log/audit/audit.log
You can grep on type=AVC in the file to see if you're getting the errors that I noted. I fixed it by following the troubleshooting advice of the seapplet. I had to run, as root,
ausearch -c 'systemd' --raw | audit2allow -M my-systemd semodule -X 300 -i my-systemd.pp
a couple of times since there were 2 distinct AVC's A deny on unlink and a deny on open.
I did it this way: stored the following to e.g. bugfix.tt
module systemd_vnc_bugfix 1.0.0;
require { type user_home_t; type init_t; class file { open read unlink }; }
#============= init_t ============== allow init_t user_home_t:file { open read unlink };
This looks like the file that is labeled user_home_t is mislabeled. This indicates a file stored in your homedir. I don't think systemd is open/read/unlink files in homedir.
and then
checkmodule -M -m -o bugfix.mod bugfix.tt semodule_package -o bugfix.pp -m bugfix.mod semodule -X 300 -i bugfix.pp
Thanks for your help, hints, now its working with SElinux = enforcing
Greetings from Austria, Walter
users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-leave@lists.fedoraproject.org
On 05.06.2017 21:01, Daniel Walsh wrote:
On 06/05/2017 02:09 PM, Walter H. wrote:
I did it this way: stored the following to e.g. bugfix.tt
module systemd_vnc_bugfix 1.0.0;
require { type user_home_t; type init_t; class file { open read unlink }; }
#============= init_t ============== allow init_t user_home_t:file { open read unlink };
This looks like the file that is labeled user_home_t is mislabeled. This indicates a file stored in your homedir.
yes /home/walter/.vnc/...
I don't think systemd is open/read/unlink files in homedir.
this is the prove it does; it is working now ...
Greetings, Walter
-
Daniel Walsh -
Ed Greshko -
Walter H.