Re: [SunRay-Users] hotdeskproblem with Sun Ray Software 4 10/08 on Centos 5.2

Tue, 21 Oct 2008 13:34:28 -0700 

Hi,
OK, so your initial problem was the missing openmotif package. Unfortunately, all the diagnostic steps I suggested were intended to isolate that problem, which you've now solved, and aren't very helpful with this new issue. Make sure to double-check the Installation Guide for RHEL5, and make sure you've added *all* the RPMs suggested, or you'll run into more problems down the road. CentOS should have exactly the same installation requirements as RHEL5. 


The new issue is almost certainly a PAM stack issue.  Try copying 
/etc/pam.d/gnome-screensaver to /etc/pam.d/uthotdesk.  It's probably 
using the "other" stack, which on Linux defaults to a no-access stack IIRC.


-Bob

Frank Paulick wrote:

Hi Bob,

first i want to thank you for your fast answer.
selecting

Session Access when Hotdesking
Access:
        
Direct Session Access Allowed


in the admin gui kinda solved the problem. but i would love to keep it
deactivated.

one problem i had was a missing openmotif package (libXpm.so.3)
after solving this , removing and insering the card now brings a "login
incorrect" message which doesn't disappear when klicking ok

in the mentionend logfiles i can't find anything useful:

 cat /var/log/gdm/\:12.log
The XKEYBOARD keymap compiler (xkbcomp) reports:

  

Error:            Mode_switch added to symbol map for multiple modifiers
                  Using Mod2, ignoring Mod3.
Warning:          Symbol map for key <KPEQ> redefined
                  Using last definition for conflicting fields

    

Errors from xkbcomp are not fatal to the X server
Could not init font path element /usr/lib/X11/fonts/misc, removing from
list!
The XKEYBOARD keymap compiler (xkbcomp) reports:

  

Error:            Mode_switch added to symbol map for multiple modifiers
                  Using Mod2, ignoring Mod3.
Error:            Mode_switch added to symbol map for multiple modifiers
                  Using Mod3, ignoring Mod2.
Error:            Mode_switch added to symbol map for multiple modifiers
                  Using Mod2, ignoring Mod3.

    

Errors from xkbcomp are not fatal to the X server
The XKEYBOARD keymap compiler (xkbcomp) reports:

  

Error:            Mode_switch added to symbol map for multiple modifiers
                  Using Mod2, ignoring Mod3.
Warning:          Symbol map for key <KPEQ> redefined
                  Using last definition for conflicting fields

    

Errors from xkbcomp are not fatal to the X server

logfile from enabling debugging:

+ UTACTION_PID=0
+ trap cleanup 0 1 2 15
+ rm -rf /var/opt/SUNWut/tmp/.hdloginGUI/28694
+ umask 077
+ mkdir -p /var/opt/SUNWut/tmp/.hdloginGUI/28694
+ export HOME=/var/opt/SUNWut/tmp/.hdloginGUI/28694
+ cd /var/opt/SUNWut/tmp/.hdloginGUI/28694
+ xsetroot -solid black -cursor_name left_ptr
+ [ -r /etc/default/init ]
+ export NLSPATH=/opt/SUNWut/lib/locale/%L/LC_MESSAGES/%N.cat
+ export XENVIRONMENT=/opt/SUNWut/lib/app-defaults/loginGUI.res
+ LOGIN_GUI_PROG=/opt/SUNWut/lib/loginGUI
+ /opt/SUNWut/lib/loginGUI -l hdlogin -s uthotdesk -au -r -x
/opt/SUNWut/lib/pixmaps/HDsunray.xpm
+ LOGIN_GUI_PID=28710
+ UTACTION_PID=28711
+ echo 28711
+ > /var/opt/SUNWut/idle/14.pid
+ wait 28710
+ /opt/SUNWut/bin/utaction -i -d /bin/kill -s KILL 28710
Warning: Missing charsets in String to FontSet conversion
Warning: Cannot convert string "-dt-interface
system-medium-r-normal-l*-*-*-*-*-*-*-*-*" to type FontSet
Warning: Missing charsets in String to FontSet conversion
Warning: Cannot convert string "-dt-interface
system-medium-r-normal-xxl*-*-*-*-*-*-*-*-*" to type FontSet
Warning: Missing charsets in String to FontSet conversion
Warning: Cannot convert string "-dt-interface
system-medium-r-normal-xl*-*-*-*-*-*-*-*-*" to type FontSet
Killed
+ /bin/rm -f /var/opt/SUNWut/idle/14.pid
+ /bin/kill -s KILL 28711
+ exit 0
+ cleanup
kill 28710: No such process
kill 28711: No such process
/etc/opt/SUNWut/xmgr/remove-dpy[47]: /bin/nawk: not found
rm: cannot remove `/etc/gdm/PreSession/:': No such file or directory
rm: cannot remove `/etc/gdm/PostSession/:': No such file or directory
rm: cannot remove `/etc/gdm/PostLogin/:': No such file or directory
rm: cannot remove `/etc/gdm/Init/:': No such file or directory

Kind Regards
Frank

Bob Doolittle schrieb:

  

By the way - in the interest of full disclosure I should mention that 
you can disable RHA with utpolicy -D option (or through the admin GUI).



However, I hope you can help us diagnose what's going on with your 
CentOS 5.2 system, if at all possible, by sharing the info I suggested 
below.



Security is important, and will become more important in the future.  
We're rolling out increased security now to protect our customers and 
RHA is a critical piece of that.


-Bob

Bob Doolittle wrote:

  
    

This appears to be a problem related to Remote Hotdesk 
Authentication.  RHA is a new security feature in 4.1 that gives you a 
separate session to authenticate to before connecting to your session 
(like unlocking your screen locker, but in a separate session which 
isn't subject to the vulnerabilities of screen lockers).



It sounds as though the X server being created for RHA may be 
crashing, or perhaps the loginGUI client being used for authentication.
What do you see in /var/opt/SUNWut/log/auth_log and 
/var/log/gdm/DISP.log?



You might uncommenting the following lines at the start of 
/etc/opt/SUNWut/loginGUI.start:

#exec 2>&1 2>/var/tmp/loginGUI.sh.$$    # Debug
#set -x


Then, take a look at one of the /var/tmp/loginGUI.sh.PID files being 
created.  Maybe you could send one to the list.


-Bob

Frank Paulick wrote:

    
      

Hi,

after running sunray 4.0 on centos 5 for a while i uninstalled the
sunray packages completely and installed the 4.1 packages after updating
the system to centos 5.2
i configured everything as described in the installation guide. i also
configured kiosk mode for connecting to a windows terminal server using
the sunray connector.


i can login to the sunray server using both methods (normal and kiosk 
mode)

in normal mode (linux) when i pull out the payflex card and plug it back
in the session does not come back.
the dtu is running in an infinite loop where it gets its ip-adress ,
show a 26D then a 14D and then it starts new.

in the logfiles i couldn't find an error message. following is the part
of the logfile when this happened:

Oct 20 14:32:09 mtagray03 utauthd: Worker1 NOTICE: whichServer
Payflex.50082ae100130100:
Oct 20 14:32:09 mtagray03 utauthd: Worker1 NOTICE: CLAIMED by
StartxlationSession.m2 NAME: hotdesk.IEEE802-00144fa17ee0 PARAMETERS:
{savedType=Payflex, altuid=0, stealProtected=true,
terminalIPA=192.168.128.226, type=hotdesk, fw=4.0_48_2007.08.01.15.48,
state=connected, cause=insert, doamgh=true, barrierLevel=320,
altlocale=en_US.UTF-8, rawId=50082ae100130100,
terminalCID=IEEE802.00144fa17ee0, MTU=1500, tokenSeq=9,
firstServer=c0a88001, atr.hist_len=09, namespace=IEEE802, ddcconfig=1,
id=IEEE802-00144fa17ee0,
clientRand=SbqV.qlAabM6MocL75p.pr5/iPIOevArwIAfgb6.Uue, realIP=c0a880e2,
startRes=1680x1050:1680x1050, useReal=true,
atr=3b6900002494010201000101a9, event=insert, pn=46680, atr.hs=04,
sn=00144fa17ee0, savedId=50082ae100130100, rawType=Payflex, hw=SunRayP8,
initState=0, usersession=true, _=1}
Oct 20 14:32:09 mtagray03 utauthd: Worker1 NOTICE: CONNECT

IEEE802.00144fa17ee0, hotdesk.IEEE802-00144fa17ee0, all connections 
allowed

Oct 20 14:32:09 mtagray03 utauthd: Worker1 NOTICE: MTU = 1500
Oct 20 14:32:09 mtagray03 utdtsession: Add
(22,hotdesk.IEEE802-00144fa17ee0,special)
Oct 20 14:32:10 mtagray03 kiosk:utkioskconfig:configure[23195]: Disabled
Kiosk Mode for display ':22'
Oct 20 14:32:10 mtagray03 utauthd: Worker1 NOTICE: SESSION_OK
hotdesk.IEEE802-00144fa17ee0
Oct 20 14:32:11 mtagray03 utdtsession: Delete
(22,hotdesk.IEEE802-00144fa17ee0)
Oct 20 14:32:11 mtagray03 utauthd: SessionManager0 NOTICE: EMPTY: ACTIVE
session
Oct 20 14:32:11 mtagray03 utauthd: Terminator NOTICE: DISCONNECT
IEEE802.00144fa17ee0, hotdesk.IEEE802-00144fa17ee0 session terminated
Oct 20 14:32:11 mtagray03 utauthd: Terminator NOTICE: DESTROY
hotdesk.IEEE802-00144fa17ee0 lifetime=7044
Oct 20 14:32:11 mtagray03 utauthd: SessionManager0 NOTICE: TERMINATE:
inactive session
Oct 20 14:32:13 mtagray03 utauthd: Worker1 NOTICE: whichServer
Payflex.50082ae100130100:
Oct 20 14:32:13 mtagray03 utauthd: Worker1 NOTICE: CLAIMED by
StartxlationSession.m2 NAME: hotdesk.IEEE802-00144fa17ee0 PARAMETERS:
{savedType=Payflex, altuid=0, stealProtected=true,
terminalIPA=192.168.128.226, type=hotdesk, fw=4.0_48_2007.08.01.15.48,
state=disconnected, cause=insert, doamgh=true, barrierLevel=320,
altlocale=en_US.UTF-8, rawId=50082ae100130100,
terminalCID=IEEE802.00144fa17ee0, MTU=1500, tokenSeq=9,
firstServer=c0a88001, atr.hist_len=09, namespace=IEEE802, ddcconfig=1,
id=IEEE802-00144fa17ee0,
clientRand=F7STPzHytM1YHgOvyNOa0ONidxQtk96Uo3I2r1chS/u, realIP=c0a880e2,
startRes=1680x1050:1680x1050, useReal=true,
atr=3b6900002494010201000101a9, event=insert, pn=34545, atr.hs=04,
sn=00144fa17ee0, savedId=50082ae100130100, rawType=Payflex, hw=SunRayP8,
initState=0, usersession=true, _=1}
Oct 20 14:32:13 mtagray03 utauthd: Worker1 NOTICE: CONNECT

IEEE802.00144fa17ee0, hotdesk.IEEE802-00144fa17ee0, all connections 
allowed

Oct 20 14:32:13 mtagray03 utauthd: Worker1 NOTICE: MTU = 1500
Oct 20 14:32:13 mtagray03 utdtsession: Add
(22,hotdesk.IEEE802-00144fa17ee0,special)
Oct 20 14:32:14 mtagray03 kiosk:utkioskconfig:configure[23419]: Disabled
Kiosk Mode for display ':22'
Oct 20 14:32:14 mtagray03 utauthd: Worker1 NOTICE: SESSION_OK
hotdesk.IEEE802-00144fa17ee0
Oct 20 14:32:15 mtagray03 utdtsession: Delete
(22,hotdesk.IEEE802-00144fa17ee0)
Oct 20 14:32:15 mtagray03 utauthd: SessionManager0 NOTICE: EMPTY: ACTIVE
session
Oct 20 14:32:15 mtagray03 utauthd: Terminator NOTICE: DISCONNECT
IEEE802.00144fa17ee0, hotdesk.IEEE802-00144fa17ee0 session terminated
Oct 20 14:32:15 mtagray03 utauthd: Terminator NOTICE: DESTROY
hotdesk.IEEE802-00144fa17ee0 lifetime=3053
Oct 20 14:32:15 mtagray03 utauthd: SessionManager0 NOTICE: TERMINATE:
inactive session
Oct 20 14:32:17 mtagray03 utauthd: Worker1 NOTICE: whichServer
Payflex.50082ae100130100:
Oct 20 14:32:17 mtagray03 utauthd: Worker1 NOTICE: CLAIMED by
StartxlationSession.m2 NAME: hotdesk.IEEE802-00144fa17ee0 PARAMETERS:
{savedType=Payflex, altuid=0, stealProtected=true,
terminalIPA=192.168.128.226, type=hotdesk, fw=4.0_48_2007.08.01.15.48,
state=disconnected, cause=insert, doamgh=true, barrierLevel=320,
altlocale=en_US.UTF-8, rawId=50082ae100130100,
terminalCID=IEEE802.00144fa17ee0, MTU=1500, tokenSeq=9,
firstServer=c0a88001, atr.hist_len=09, namespace=IEEE802, ddcconfig=1,
id=IEEE802-00144fa17ee0,
clientRand=QlM5lsbDgl2ptzYwXEPDL6MBTESmmbLCNwLsRrlWkby, realIP=c0a880e2,
startRes=1680x1050:1680x1050, useReal=true,
atr=3b6900002494010201000101a9, event=insert, pn=56582, atr.hs=04,
sn=00144fa17ee0, savedId=50082ae100130100, rawType=Payflex, hw=SunRayP8,
initState=0, usersession=true, _=1}
Oct 20 14:32:17 mtagray03 utauthd: Worker1 NOTICE: CONNECT

IEEE802.00144fa17ee0, hotdesk.IEEE802-00144fa17ee0, all connections 
allowed

Oct 20 14:32:17 mtagray03 utauthd: Worker1 NOTICE: DISCONNECT
IEEE802.00144fa17ee0, hotdesk.IEEE802-00144fa17ee0 token removed:
hotdesk.IEEE802-00144fa17ee0
Oct 20 14:32:17 mtagray03 utauthd: Worker1 NOTICE: DESTROY
hotdesk.IEEE802-00144fa17ee0 lifetime=1003

the problem occurs when no card is in the dtu, i login, plugin a card
and pull it out again.
it also occurs, when a card is in the dtu while i login, pull out the
card after successful login and plugin the card again.

the interesting part is that there is no problem using kiosk mode.

a card that has been marked for kiosk mode can be used without any 
problems.




  
------------------------------------------------------------------------


_______________________________________________
SunRay-Users mailing list
[email protected]
http://www.filibeto.org/mailman/listinfo/sunray-users

  
      
        

    
      

_______________________________________________
SunRay-Users mailing list
[email protected]
http://www.filibeto.org/mailman/listinfo/sunray-users

  
    




  
------------------------------------------------------------------------


_______________________________________________
SunRay-Users mailing list
[email protected]
http://www.filibeto.org/mailman/listinfo/sunray-users

  


_______________________________________________
SunRay-Users mailing list
[email protected]
http://www.filibeto.org/mailman/listinfo/sunray-users






















					Reply via email to