Hello Everyone,
I have installed xrdp on RHEL 7.1 using Xorg drivers, it seems that I can
login via "code=20" as root. I can confirm I cannot login as any other user
local or using sssd with kerberos. I am in an environment where filesystem
access is done via OpenAFS which requires appropriate tokens. I have seen
file write access errors by xrdp but those do not seem to be the culprit as
I've tested local logins and failed with the same error.
Fatal server error:
(EE) PAM authentication failed, cannot start X server.
Perhaps you do not have console ownership?
The configuration is pretty much the default, barring I changed the Xorg
line to provide more verbose output
[Xorg]
param1=-config
param2=/etc/X11/xrdp/xorg.conf
param3=-logfile
param4=/tmp/xorg-xrdp.log
param5=-noreset
param6=-ac
param7=-nolisten
param8=-verbose
param9=tcp
What's notable at the moment is that when logging in as root I do not
receive the multiple closed to endpoint errors:
"[20150330-17:55:06] [INFO ] An established connection closed to endpoint:
NULL:NULL - socket: 12"
followed by:
"[20150330-17:55:06] [ERROR] X server for display 11 startup timeout"
I did notice the "socket: 12" and "display 11" business but wasn't sure if
that was the actual issue, everything seems to point to pam. I also
commented out the "pam_console.so" in "/etc/pam.d/server" in an attempt to
see if it was caused by the auth required line. It didn't change the
behavior it just seems to fail if I am not logging in as root.
Roy
--
-----------------------------------------
http://www.fang64.com
-----------------------------------------
_/| ____
=/_/ ,;` `;,
_/ | : :
( / , | :, ,;
\ _ /^ \ /| | `------ `
`'' '' `''`
-----------------------------------------
"The brick walls are there for a reason. Right? The brick walls are not
there to keep us out, the brick walls are there to give us a chance to show
how badly we want something. Because the brick walls are there to stop the
people who don't want it badly enough."
-Randy Pausch, CMU (RIP July 25, 2008)
------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
xrdp-devel mailing list
xrdp-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xrdp-devel
