Difficulties at very first steps with f25kde ...

classic Classic list List threaded Threaded
13 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Difficulties at very first steps with f25kde ...

Walter H.
Hello,

my older computer is a Core2Quad with 4 GB RAM had a hard disk with a Windows 10

what I did:
- I plugged this harddisk as harddisk 2 and added an empty harddisk as harddisk 1

- I downloaded Fedora 25 KDE (Fedora-KDE-Live-x86_64-25-1.3.iso) and burnt this to a DVD

- I installed this onto harddisk 1, the boot menu entry for the 2nd harddisk with Windows 10 was added automatically
        I gave fixed IPv4 (an RFC1918 addr) and IPv6 (my HE tunnel range) addresses

- after the first login I had to enable sshd - why isn't this automatically? - with
   systemctl enable sshd
   systemctl start sshd
  now I could do SSH from my newer computer (Windows)

- I did an yum update and this updated more than 800 packages and downloaded nearly 1 GByte
   after this I rebootet

- I successfully installed postfix as MTA and logwatch, works as expected - why is the logwatch mail 'precedence bulk'?

- I also needed the graphical connection and found this:
   https://www.server-world.info/en/note?os=Fedora_24&p=desktop&f=7
   there I have a strange phenomen

after the connection with mstsc, I get a window where I can select
between   Xvnc and Xorg, when selecting Xvnc and entering userid and password
the window is closed and session blown away ...
when I select Xorg and enter userid and password the window stays 'green' forever

/var/log/xrdp.log shows this:
[20170604-21:40:08] [INFO ] starting xrdp with pid 1406
[20170604-21:40:10] [INFO ] listening to port 3389 on 0.0.0.0
[20170604-21:42:07] [INFO ] Socket 12: AF_INET connection received from 172.23.2.7 port 4333
[20170604-21:42:07] [DEBUG] Closed socket 12 (AF_INET 172.23.1.7:3389)
[20170604-21:42:07] [DEBUG] Closed socket 11 (AF_INET 0.0.0.0:3389)
[20170604-21:42:07] [INFO ] Using default X.509 certificate: /etc/xrdp/cert.pem
[20170604-21:42:07] [INFO ] Using default X.509 key file: /etc/xrdp/key.pem
[20170604-21:42:07] [DEBUG] TLSv1.2 enabled
[20170604-21:42:07] [DEBUG] TLSv1.1 enabled
[20170604-21:42:07] [DEBUG] TLSv1 enabled
[20170604-21:42:07] [DEBUG] Security layer: requested 1, selected 1
[20170604-21:42:07] [INFO ] connected client computer name: XP64WALDI01-W01
[20170604-21:42:07] [INFO ] TLS connection established from 172.23.2.7 port 4333: TLSv1 with cipher DES-CBC3-SHA
[20170604-21:42:07] [DEBUG] xrdp_00000604_wm_login_mode_event_00000001
[20170604-21:42:07] [INFO ] Cannot find keymap file /etc/xrdp/km-00020409.ini
[20170604-21:42:07] [INFO ] Loading keymap file /etc/xrdp/km-00000409.ini
[20170604-21:42:07] [WARN ] local keymap file for 0x00020409 found and doesn't match built in keymap, using local keymap file
[20170604-21:42:16] [DEBUG] xrdp_wm_log_msg: connecting to sesman ip 127.0.0.1 port 3350
[20170604-21:42:17] [INFO ] xrdp_wm_log_msg: sesman connect ok
[20170604-21:42:17] [DEBUG] xrdp_wm_log_msg: sending login info to session manager, please wait...
[20170604-21:42:17] [DEBUG] return value from xrdp_mm_connect 0
[20170604-21:42:17] [INFO ] xrdp_wm_log_msg: login successful for display 10
[20170604-21:42:17] [DEBUG] xrdp_wm_log_msg: VNC started connecting
[20170604-21:42:18] [DEBUG] xrdp_wm_log_msg: VNC connecting to 127.0.0.1 5910
[20170604-21:42:20] [DEBUG] xrdp_wm_log_msg: VNC tcp connected
[20170604-21:42:20] [DEBUG] xrdp_wm_log_msg: VNC security level is 2 (1 = none, 2 = standard)
[20170604-21:42:20] [DEBUG] xrdp_wm_log_msg: VNC password ok
[20170604-21:42:20] [DEBUG] xrdp_wm_log_msg: VNC sending share flag
[20170604-21:42:20] [DEBUG] xrdp_wm_log_msg: VNC receiving server init
[20170604-21:42:20] [DEBUG] xrdp_wm_log_msg: VNC receiving pixel format
[20170604-21:42:20] [DEBUG] xrdp_wm_log_msg: VNC receiving name length
[20170604-21:42:20] [DEBUG] xrdp_wm_log_msg: VNC receiving name
[20170604-21:42:20] [DEBUG] xrdp_wm_log_msg: VNC sending pixel format
[20170604-21:42:20] [DEBUG] xrdp_wm_log_msg: VNC sending encodings
[20170604-21:42:21] [DEBUG] xrdp_wm_log_msg: VNC sending framebuffer update request
[20170604-21:42:21] [DEBUG] xrdp_wm_log_msg: VNC sending cursor
[20170604-21:42:21] [DEBUG] xrdp_wm_log_msg: VNC connection complete, connected ok
[20170604-21:42:21] [INFO ] The following channel is allowed: rdpdr (0)
[20170604-21:42:21] [INFO ] The following channel is allowed: rdpsnd (1)
[20170604-21:42:21] [INFO ] The following channel is allowed: drdynvc (2)
[20170604-21:42:21] [INFO ] The following channel is allowed: cliprdr (3)
[20170604-21:42:21] [DEBUG] The allow channel list now initialized for this session
[20170604-21:42:21] [DEBUG] xrdp_wm_log_msg: connected ok
[20170604-21:42:21] [DEBUG] xrdp_mm_connect_chansrv: chansrv connect successful
[20170604-21:42:21] [DEBUG] Closed socket 18 (AF_INET 127.0.0.1:55588)
[20170604-21:42:22] [DEBUG] VNC got clip data
[20170604-21:42:22] [DEBUG] Closed socket 12 (AF_INET 172.23.1.7:3389)
[20170604-21:42:22] [DEBUG] xrdp_mm_module_cleanup
[20170604-21:42:22] [DEBUG] VNC mod_exit
[20170604-21:42:23] [DEBUG] Closed socket 19 (AF_INET 127.0.0.1:57730)
[20170604-21:42:23] [DEBUG] Closed socket 20 (AF_UNIX)
[20170604-21:42:23] [ERROR] Listening socket is in wrong state, terminating listener
[20170604-21:42:23] [CORE ] shutting down log subsystem...
/var/log/xrdp-sesman.log shows this:
[20170604-21:40:08] [DEBUG] libscp initialized
[20170604-21:40:09] [INFO ] starting xrdp-sesman with pid 1405
[20170604-21:40:10] [INFO ] listening to port 3350 on 127.0.0.1
[20170604-21:42:16] [INFO ] A connection received from 127.0.0.1 port 55588
[20170604-21:42:17] [INFO ] ++ created session (access granted): username walter, ip 172.23.2.7:4333 - socket: 12
[20170604-21:42:17] [INFO ] starting Xvnc session...
[20170604-21:42:17] [DEBUG] Closed socket 9 (AF_INET 0.0.0.0:5910)
[20170604-21:42:17] [DEBUG] Closed socket 9 (AF_INET 0.0.0.0:6010)
[20170604-21:42:17] [DEBUG] Closed socket 9 (AF_INET 0.0.0.0:6210)
[20170604-21:42:17] [DEBUG] Closed socket 8 (AF_INET 127.0.0.1:3350)
[20170604-21:42:17] [DEBUG] Closed socket 7 (AF_INET 127.0.0.1:3350)
[20170604-21:42:17] [DEBUG] Closed socket 8 (AF_INET 127.0.0.1:3350)
[20170604-21:42:18] [INFO ] Xvnc :10 -auth .Xauthority -geometry 1600x1200 -depth 32 -rfbauth /home/walter/.vnc/sesman_walter_passwd:10 -bs -nolisten tcp -localhost -dpi 96  
[20170604-21:42:18] [CORE ] waiting for window manager (pid 1552) to exit
the 1600x1200 is a little bit bigger as the monitor of the older computer itself, the newer has a 2560x1440

/etc/xrdp/sesman.ini has some weird content
[Xvnc]
param=Xvnc
param=-bs
param=-nolisten
param=tcp
param=-localhost
param=-dpi
param=96

[Xorg]
param=Xorg
param=-config
param=xrdp/xorg.conf
param=-noreset
param=-nolisten
param=tcp
param=-logfile
param=.xorgxrdp.%s.log
shouldn't this look like

[Xvnc]
param=-bs
param=-nolisten tcp
param=-localhost
param=-dpi 96

[Xorg]
param=-config xrdp/xorg.conf
param=-noreset
param=-nolisten tcp
param=-logfile .xorgxrdp.%s.log

the next strange thing in connection with firefox ...

when setting a proxy with DNS name, I get errors, that the proxy is not found;
entering the IPv4 or IPv6 address this works ...
(entering   host proxy.local  it gives the IPv4 and IPv6 address - my DNS is working properly)

Thanks for help or some explanation

Walter


_______________________________________________
users mailing list -- [hidden email]
To unsubscribe send an email to [hidden email]

smime.p7s (4K) Download Attachment
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Difficulties at very first steps with f25kde ...

Ed Greshko
On 06/05/17 04:37, Walter H. wrote:

> Hello,
>
> my older computer is a Core2Quad with 4 GB RAM had a hard disk with a
> Windows 10
>
> what I did:
> - I plugged this harddisk as harddisk 2 and added an empty harddisk as
> harddisk 1
>
> - I downloaded Fedora 25 KDE (Fedora-KDE-Live-x86_64-25-1.3.iso) and
> burnt this to a DVD
>
> - I installed this onto harddisk 1, the boot menu entry for the 2nd
> harddisk with Windows 10 was added automatically
>         I gave fixed IPv4 (an RFC1918 addr) and IPv6 (my HE tunnel
> range) addresses
>
> - after the first login I had to enable sshd - why isn't this
> automatically? - with

The philosophy is to enable the minimal amount of network services.
 

>    systemctl enable sshd
>    systemctl start sshd
>   now I could do SSH from my newer computer (Windows)
>
> - I did an yum update and this updated more than 800 packages and
> downloaded nearly 1 GByte
>    after this I rebootet
>
> - I successfully installed postfix as MTA and logwatch, works as
> expected - why is the logwatch mail 'precedence bulk'?
>
> - I also needed the graphical connection and found this:
>    https://www.server-world.info/en/note?os=Fedora_24&p=desktop&f=7
>    there I have a strange phenomen

FWIW, in the past I've found it easier to run a Vnc client on windows
and a Vnc Server on the Linux side...

That being said....

>
> after the connection with mstsc, I get a window where I can select
> between   Xvnc and Xorg, when selecting Xvnc and entering userid and
> password
> the window is closed and session blown away ...
> when I select Xorg and enter userid and password the window stays
> 'green' forever

I would not bother with trying to get Xorg to work with xrdp.  Just a
personal preference for which I'm sure I had a reason to reach but don't
recall what it was.

As far as xrdp working with Xvnc.  It works just fine for me.

I have made no changes to any xrdp configuration files.

I believe my log files show pretty much the same thing....

xrdp.log

[20170605-07:30:26] [INFO ] Socket 12: AF_INET connection received from
192.168.1.224 port 51889
[20170605-07:30:26] [DEBUG] Closed socket 12 (AF_INET 192.168.1.198:3389)
[20170605-07:30:26] [DEBUG] Closed socket 11 (AF_INET 0.0.0.0:3389)
[20170605-07:30:26] [INFO ] Using default X.509 certificate:
/etc/xrdp/cert.pem
[20170605-07:30:26] [INFO ] Using default X.509 key file: /etc/xrdp/key.pem
[20170605-07:30:26] [DEBUG] TLSv1.2 enabled
[20170605-07:30:26] [DEBUG] TLSv1.1 enabled
[20170605-07:30:26] [DEBUG] TLSv1 enabled
[20170605-07:30:26] [DEBUG] Security layer: requested 11, selected 1
[20170605-07:30:26] [DEBUG] Closed socket 12 (AF_INET 192.168.1.198:3389)
[20170605-07:30:26] [ERROR] Listening socket is in wrong state,
terminating listener
[20170605-07:30:26] [CORE ] shutting down log subsystem...
[20170605-07:30:26] [INFO ] Socket 12: AF_INET connection received from
192.168.1.224 port 51890
[20170605-07:30:26] [DEBUG] Closed socket 12 (AF_INET 192.168.1.198:3389)
[20170605-07:30:26] [DEBUG] Closed socket 11 (AF_INET 0.0.0.0:3389)
[20170605-07:30:26] [INFO ] Using default X.509 certificate:
/etc/xrdp/cert.pem
[20170605-07:30:26] [INFO ] Using default X.509 key file: /etc/xrdp/key.pem
[20170605-07:30:26] [DEBUG] TLSv1.2 enabled
[20170605-07:30:26] [DEBUG] TLSv1.1 enabled
[20170605-07:30:26] [DEBUG] TLSv1 enabled
[20170605-07:30:26] [DEBUG] Security layer: requested 11, selected 1
[20170605-07:30:26] [INFO ] connected client computer name: WIN10
[20170605-07:30:26] [INFO ] TLS connection established from
192.168.1.224 port 51890: TLSv1.2 with cipher AES256-GCM-SHA384
[20170605-07:30:26] [DEBUG] xrdp_000045e4_wm_login_mode_event_00000001
[20170605-07:30:26] [INFO ] Loading keymap file /etc/xrdp/km-00000409.ini
[20170605-07:30:26] [WARN ] local keymap file for 0x00000409 found and
doesn't match built in keymap, using local keymap file
[20170605-07:30:28] [DEBUG] Closed socket 19 (AF_UNIX)
[20170605-07:30:31] [DEBUG] Closed socket 19 (AF_UNIX)
[20170605-07:30:35] [DEBUG] Closed socket 19 (AF_UNIX)
[20170605-07:30:36] [DEBUG] xrdp_wm_log_msg: connecting to sesman ip
127.0.0.1 port 3350
[20170605-07:30:36] [INFO ] xrdp_wm_log_msg: sesman connect ok
[20170605-07:30:36] [DEBUG] xrdp_wm_log_msg: sending login info to
session manager, please wait...
[20170605-07:30:36] [DEBUG] return value from xrdp_mm_connect 0
[20170605-07:30:36] [INFO ] xrdp_wm_log_msg: login successful for display 11
[20170605-07:30:36] [DEBUG] xrdp_wm_log_msg: VNC started connecting
[20170605-07:30:36] [DEBUG] xrdp_wm_log_msg: VNC connecting to 127.0.0.1
5911
[20170605-07:30:38] [DEBUG] xrdp_wm_log_msg: VNC tcp connected
[20170605-07:30:38] [DEBUG] xrdp_wm_log_msg: VNC security level is 2 (1
= none, 2 = standard)
[20170605-07:30:38] [DEBUG] xrdp_wm_log_msg: VNC password ok
[20170605-07:30:38] [DEBUG] xrdp_wm_log_msg: VNC sending share flag
[20170605-07:30:38] [DEBUG] xrdp_wm_log_msg: VNC receiving server init
[20170605-07:30:38] [DEBUG] xrdp_wm_log_msg: VNC receiving pixel format
[20170605-07:30:38] [DEBUG] xrdp_wm_log_msg: VNC receiving name length
[20170605-07:30:38] [DEBUG] xrdp_wm_log_msg: VNC receiving name
[20170605-07:30:38] [DEBUG] xrdp_wm_log_msg: VNC sending pixel format
[20170605-07:30:38] [DEBUG] xrdp_wm_log_msg: VNC sending encodings
[20170605-07:30:38] [DEBUG] xrdp_wm_log_msg: VNC sending framebuffer
update request
[20170605-07:30:38] [DEBUG] xrdp_wm_log_msg: VNC sending cursor
[20170605-07:30:38] [DEBUG] xrdp_wm_log_msg: VNC connection complete,
connected ok
[20170605-07:30:38] [INFO ] The following channel is allowed: rdpdr (0)
[20170605-07:30:38] [INFO ] The following channel is allowed: rdpsnd (1)
[20170605-07:30:38] [INFO ] The following channel is allowed: cliprdr (2)
[20170605-07:30:38] [INFO ] The following channel is allowed: drdynvc (3)
[20170605-07:30:38] [DEBUG] The allow channel list now initialized for
this session
[20170605-07:30:38] [DEBUG] xrdp_wm_log_msg: connected ok
[20170605-07:30:38] [DEBUG] Closed socket 19 (AF_UNIX)
[20170605-07:30:38] [DEBUG] xrdp_mm_connect_chansrv: chansrv connect
successful
[20170605-07:30:38] [DEBUG] Closed socket 18 (AF_INET 127.0.0.1:43080)
[20170605-07:30:42] [DEBUG] Closed socket 19 (AF_UNIX)
[20170605-07:30:46] [DEBUG] Closed socket 19 (AF_UNIX)
[20170605-07:30:49] [DEBUG] Closed socket 19 (AF_UNIX)
[20170605-07:30:53] [DEBUG] Closed socket 19 (AF_UNIX)
[20170605-07:30:57] [DEBUG] Closed socket 19 (AF_UNIX)
[20170605-07:31:01] [DEBUG] Closed socket 19 (AF_UNIX)
[20170605-07:31:04] [DEBUG] Closed socket 19 (AF_UNIX)
[20170605-07:31:08] [DEBUG] Closed socket 19 (AF_UNIX)
[20170605-07:31:12] [DEBUG] Closed socket 19 (AF_UNIX)
[20170605-07:31:16] [DEBUG] Closed socket 19 (AF_UNIX)
[20170605-07:31:20] [DEBUG] Closed socket 19 (AF_UNIX)
[20170605-07:31:23] [DEBUG] Closed socket 19 (AF_UNIX)
[20170605-07:31:27] [DEBUG] Closed socket 19 (AF_UNIX)
[20170605-07:31:31] [DEBUG] Closed socket 19 (AF_UNIX)
[20170605-07:31:34] [DEBUG] xrdp_wm_log_msg: connection problem, giving up
[20170605-07:31:34] [DEBUG] Closed socket 19 (AF_UNIX)
[20170605-07:31:34] [DEBUG] xrdp_wm_log_msg: some problem
[20170605-07:31:34] [DEBUG] xrdp_mm_module_cleanup
[20170605-07:31:34] [DEBUG] Closed socket 18 (AF_INET 127.0.0.1:43076)
[20170605-07:31:34] [DEBUG] Closed socket 12 (AF_INET 192.168.1.198:3389)
[20170605-07:31:34] [DEBUG] xrdp_mm_module_cleanup
[20170605-07:31:34] [ERROR] Listening socket is in wrong state,
terminating listener
[20170605-07:31:34] [CORE ] shutting down log subsystem...
--
Fedora Users List - The place to go to speculate endlessly
_______________________________________________
users mailing list -- [hidden email]
To unsubscribe send an email to [hidden email]
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Difficulties at very first steps with f25kde ...

Walter H.
Hello,

On 05.06.2017 01:52, Ed Greshko wrote:
> On 06/05/17 04:37, Walter H. wrote:
> FWIW, in the past I've found it easier to run a Vnc client on windows
> and a Vnc Server on the Linux side...
>
> That being said....
how do I this?
>> after the connection with mstsc, I get a window where I can select
>> between   Xvnc and Xorg, when selecting Xvnc and entering userid and
>> password
>> the window is closed and session blown away ...
>> when I select Xorg and enter userid and password the window stays
>> 'green' forever
> I would not bother with trying to get Xorg to work with xrdp.  Just a
> personal preference for which I'm sure I had a reason to reach but don't
> recall what it was.
Of course, but I want any working way ...
> As far as xrdp working with Xvnc.  It works just fine for me.
>
> I have made no changes to any xrdp configuration files.
me too, and it doesn't work ...
> I believe my log files show pretty much the same thing....
so it doesn't tell anything about whats going wrong?



_______________________________________________
users mailing list -- [hidden email]
To unsubscribe send an email to [hidden email]

smime.p7s (4K) Download Attachment
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Difficulties at very first steps with f25kde ...

Ed Greshko
On 06/05/17 14:31, Walter H. wrote:
> Hello,
>
> On 05.06.2017 01:52, Ed Greshko wrote:
>> On 06/05/17 04:37, Walter H. wrote:
>> FWIW, in the past I've found it easier to run a Vnc client on windows
>> and a Vnc Server on the Linux side...
>>
>> That being said....
> how do I this?

Install https://www.realvnc.com/download/vnc/windows/ on the Windows
side.  (Use the supplied client SW)
Install tigervnc-server on fedora.  From there you can either decide if
you want to have a user invoke the server from say a terminal or ssh
session or to make it a system service by following the directions in
/lib/systemd/system/vncserver@.service.

Other documentation exists online like

https://docs.fedoraproject.org/en-US/Fedora/21/html/System_Administrators_Guide/ch-TigerVNC.html

>>> after the connection with mstsc, I get a window where I can select
>>> between   Xvnc and Xorg, when selecting Xvnc and entering userid and
>>> password
>>> the window is closed and session blown away ...
>>> when I select Xorg and enter userid and password the window stays
>>> 'green' forever
>> I would not bother with trying to get Xorg to work with xrdp.  Just a
>> personal preference for which I'm sure I had a reason to reach but don't
>> recall what it was.
> Of course, but I want any working way ...
>> As far as xrdp working with Xvnc.  It works just fine for me.
>>
>> I have made no changes to any xrdp configuration files.
> me too, and it doesn't work ...

Odd...
>> I believe my log files show pretty much the same thing....
> so it doesn't tell anything about whats going wrong?
>
>
No, there is no clear indication from the logs that I can see pointing
out the problem.

I did things slightly different than what was called out in the link you
initially supplied.

The steps taken were...

dnf -y install xrdp

firewall-cmd --add-port=3389/tcp --permanent

firewall-cmd --reload

systemctl enable xrdp

systemctl start xrdp

I don't like to start a service without the proper firewall rules in
place first.

FWIW, have you tried stopping/starting xrdp?  Also, in reading some
posts found by searching about your issue I see that some people had to
try connecting twice before they a working connection.

You may also want to check to see if you have any errors reported in you
~/.vnc directory.


--
Fedora Users List - The place to go to speculate endlessly
_______________________________________________
users mailing list -- [hidden email]
To unsubscribe send an email to [hidden email]
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Difficulties at very first steps with f25kde ...

Ed Greshko
On 06/05/17 15:18, Ed Greshko wrote:
> You may also want to check to see if you have any errors reported in you
> ~/.vnc directory.


You would also want to check ~/.xsession-errors.  

I just restated my VM that is running xrdp and the connection to the
server failed the first time and there were errors indicating

kdeinit5: Communication error with launcher. Exiting!
kdeinit5_wrapper: Warning: connect(/run/user/1029/kdeinit5__10) failed:
: Connection refused

startkde: Shutting down...
kdeinit5_wrapper: Warning: connect(/run/user/1029/kdeinit5__10) failed:
: Connection refused
Error: Can not contact kdeinit5!
startkde: Done.
XIO:  fatal IO error 2 (No such file or directory) on X server ":10.0"
      after 192 requests (192 known processed) with 0 events remaining.
KCrash: Application 'kwin_x11' crashing...

connecting a second time worked.

I also noted some issues with logging in via xrdp/Xvnc when the user is
logged in from the console/GUI.

FYI, I don't normally use xrdp and just enabled it to do this testing.
It is no wonder I stick with Vnc.  :-) :-)

--
Fedora Users List - The place to go to speculate endlessly
_______________________________________________
users mailing list -- [hidden email]
To unsubscribe send an email to [hidden email]
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Difficulties at very first steps with f25kde ...

Walter H.
In reply to this post by Ed Greshko
On 05.06.2017 09:18, Ed Greshko wrote:

> On 06/05/17 14:31, Walter H. wrote:
>> Hello,
>>
>> On 05.06.2017 01:52, Ed Greshko wrote:
>>> On 06/05/17 04:37, Walter H. wrote:
>>> FWIW, in the past I've found it easier to run a Vnc client on windows
>>> and a Vnc Server on the Linux side...
>>>
>>> That being said....
>> how do I this?
> Install https://www.realvnc.com/download/vnc/windows/ on the Windows
> side.  (Use the supplied client SW)
ok, I already have the VNCviewer on my Windows
> Install tigervnc-server on fedora.  From there you can either decide if
> you want to have a user invoke the server from say a terminal or ssh
> session or to make it a system service by following the directions in
> /lib/systemd/system/vncserver@.service.
I did what this file said ...

cp /lib/systemd/system/vncserver@.service
/etc/systemd/system/vncserver@.service

I edited /etc/systemd/system/vncserver@.service and changed <USER> with  
walter

did
systemctl daemon-reload
systemctl enable vncserver@:1.service
systemctl start vncserver@:1.service

firewall-cmd --add-port=5901/tcp --permanent


the password ...
su - walter
vncpasswd ...

after rebooting the computer

VNCviewer connected and there I gave the password I configured above
with vncpasswd
but
after less than a minute the connection closes
and I get this dialog from VNC viewer

read: Connection reset by peer (10054)
Do you wish to attempt to reconnect to 172.23.1.7:5901
clicking Yes gives this:
unable to connect to host: Connection refused (10061)

SOS please help me, how to get any way of a stable graphical connection
from Windows
to this Fedora 25 ...

> No, there is no clear indication from the logs that I can see pointing
> out the problem.
>
> I did things slightly different than what was called out in the link you
> initially supplied.
>
> The steps taken were...
>
> dnf -y install xrdp
>
> firewall-cmd --add-port=3389/tcp --permanent
>
> firewall-cmd --reload
>
> systemctl enable xrdp
>
> systemctl start xrdp
>
> I don't like to start a service without the proper firewall rules in
> place first.
>
> FWIW, have you tried stopping/starting xrdp?
yes, as I noticed in fedora I don't get any feedback if this worked or
not ...

e.g.
my older mail server shows this when I restart postfix

[root@mail ~]# service postfix restart
Shutting down postfix:                                     [  OK  ]
Starting postfix:                                          [  OK  ]
[root@mail ~]#

fedora only this:

[root@fedora ~]# systemctl restart postfix
[root@fedora ~]#


> You may also want to check to see if you have any errors reported in you
> ~/.vnc directory.
>
nothing usefull ...

how can I connect using desktop share?

https://docs.fedoraproject.org/en-US/Fedora/14/html/User_Guide/sect-User_Guide-Sharing_your_desktop-KDE.html
(this seems to be stable but, what is it really as the clock at bottom
right shows a different time of more than 5 minutes)

Thanks,
Walter


_______________________________________________
users mailing list -- [hidden email]
To unsubscribe send an email to [hidden email]

smime.p7s (4K) Download Attachment
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Difficulties at very first steps with f25kde ...

Ed Greshko
On 06/05/17 21:30, Walter H. wrote:

> On 05.06.2017 09:18, Ed Greshko wrote:
>> On 06/05/17 14:31, Walter H. wrote:
>>> Hello,
>>>
>>> On 05.06.2017 01:52, Ed Greshko wrote:
>>>> On 06/05/17 04:37, Walter H. wrote:
>>>> FWIW, in the past I've found it easier to run a Vnc client on windows
>>>> and a Vnc Server on the Linux side...
>>>>
>>>> That being said....
>>> how do I this?
>> Install https://www.realvnc.com/download/vnc/windows/ on the Windows
>> side.  (Use the supplied client SW)
> ok, I already have the VNCviewer on my Windows
>> Install tigervnc-server on fedora.  From there you can either decide if
>> you want to have a user invoke the server from say a terminal or ssh
>> session or to make it a system service by following the directions in
>> /lib/systemd/system/vncserver@.service.
> I did what this file said ...
>
> cp /lib/systemd/system/vncserver@.service
> /etc/systemd/system/vncserver@.service
>
> I edited /etc/systemd/system/vncserver@.service and changed <USER>
> with  walter

I assume you changed 2 lines...

User=<USER>
PIDFile=/home/<USER>/.vnc/%H%i.pid


>
> did
> systemctl daemon-reload
> systemctl enable vncserver@:1.service
> systemctl start vncserver@:1.service

And you are saying that started without error?   I ask since it has been
a long time since I've done this and in doing this just now the start fails.

[root@f25f system]# systemctl start vncserver@:1.service
Job for vncserver@:1.service failed because a timeout was exceeded.
See "systemctl status vncserver@:1.service" and "journalctl -xe" for
details.

This was caused by an selinux issue.  The AVCs I got were....

type=AVC msg=audit(1496670517.042:290): avc:  denied  { unlink } for
pid=1 comm="systemd" name="f25f.greshko.com:1.pid" dev="sda3" ino=17229
scontext=system_u:system_r:init_t:s0
tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=0
type=AVC msg=audit(1496670702.480:298): avc:  denied  { open } for
pid=1 comm="systemd" path="/home/egreshko/.vnc/f25f.greshko.com:1.pid"
dev="sda3" ino=17277 scontext=system_u:system_r:init_t:s0
tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=0
type=AVC msg=audit(1496670702.480:299): avc:  denied  { open } for
pid=1 comm="systemd" path="/home/egreshko/.vnc/f25f.greshko.com:1.pid"
dev="sda3" ino=17277 scontext=system_u:system_r:init_t:s0
tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=0


>
> firewall-cmd --add-port=5901/tcp --permanent

FWIW, the firewall-applet has a checkbox to allow vncsever and opens
multiple ports.

>
>
> the password ...
> su - walter
> vncpasswd ...
>
> after rebooting the computer
>
> VNCviewer connected and there I gave the password I configured above
> with vncpasswd
> but
> after less than a minute the connection closes
> and I get this dialog from VNC viewer
>
> read: Connection reset by peer (10054)
> Do you wish to attempt to reconnect to 172.23.1.7:5901
> clicking Yes gives this:
> unable to connect to host: Connection refused (10061)
>
> SOS please help me, how to get any way of a stable graphical
> connection from Windows
> to this Fedora 25 ...

At this point you should check the status of the vncserver ...

systemctl status vncserver@:1.service



--
Fedora Users List - The place to go to speculate endlessly
_______________________________________________
users mailing list -- [hidden email]
To unsubscribe send an email to [hidden email]
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Difficulties at very first steps with f25kde ...

Ed Greshko
In reply to this post by Walter H.
On 06/05/17 21:30, Walter H. wrote:

Sorry....  It is late in my part of the world and I didn't scroll down
far enough...

> e.g.
> my older mail server shows this when I restart postfix
>
> [root@mail ~]# service postfix restart
> Shutting down postfix:                                     [  OK  ]
> Starting postfix:                                          [  OK  ]
> [root@mail ~]#
>
> fedora only this:
>
> [root@fedora ~]# systemctl restart postfix
> [root@fedora ~]#

Right.  No output indicates the restart, or start, was a success.  You
can always double check with
systemctl status postfix

>
>
>> You may also want to check to see if you have any errors reported in you
>> ~/.vnc directory.
>>
> nothing usefull ...
>
> how can I connect using desktop share?
>
> https://docs.fedoraproject.org/en-US/Fedora/14/html/User_Guide/sect-User_Guide-Sharing_your_desktop-KDE.html
>
> (this seems to be stable but, what is it really as the clock at bottom
> right shows a different time of more than 5 minutes)

That is documentation from F14 and is way out of date.

Again, late hour, I should have also mentioned that the AVC messages are
held in /var/log/audit/audit.log

You can grep on type=AVC in the file to see if you're getting the errors
that I noted.  I fixed it by following the troubleshooting advice of the
seapplet.  I had to run, as root,

 ausearch -c 'systemd' --raw | audit2allow -M my-systemd
 semodule -X 300 -i my-systemd.pp

a couple of times since there were 2 distinct AVC's   A deny on unlink
and a deny on open.


--
Fedora Users List - The place to go to speculate endlessly
_______________________________________________
users mailing list -- [hidden email]
To unsubscribe send an email to [hidden email]
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Difficulties at very first steps with f25kde ...

Walter H.
In reply to this post by Ed Greshko
On 05.06.2017 16:09, Ed Greshko wrote:

> On 06/05/17 21:30, Walter H. wrote:
>> On 05.06.2017 09:18, Ed Greshko wrote:
>>> On 06/05/17 14:31, Walter H. wrote:
>>>> Hello,
>>>>
>>>> On 05.06.2017 01:52, Ed Greshko wrote:
>>>>> On 06/05/17 04:37, Walter H. wrote:
>>>>> FWIW, in the past I've found it easier to run a Vnc client on windows
>>>>> and a Vnc Server on the Linux side...
>>>>>
>>>>> That being said....
>>>> how do I this?
>>> Install https://www.realvnc.com/download/vnc/windows/ on the Windows
>>> side.  (Use the supplied client SW)
>> ok, I already have the VNCviewer on my Windows
>>> Install tigervnc-server on fedora.  From there you can either decide if
>>> you want to have a user invoke the server from say a terminal or ssh
>>> session or to make it a system service by following the directions in
>>> /lib/systemd/system/vncserver@.service.
>> I did what this file said ...
>>
>> cp /lib/systemd/system/vncserver@.service
>> /etc/systemd/system/vncserver@.service
>>
>> I edited /etc/systemd/system/vncserver@.service and changed<USER>
>> with  walter
> I assume you changed 2 lines...
>
> User=<USER>
> PIDFile=/home/<USER>/.vnc/%H%i.pid
yes, these both lines
>> did
>> systemctl daemon-reload
>> systemctl enable vncserver@:1.service
>> systemctl start vncserver@:1.service
> And you are saying that started without error?
as fedora has a strange way of feedback as I mentioned earlier I didn't
see at this time no error

> [root@f25f system]# systemctl start vncserver@:1.service
> Job for vncserver@:1.service failed because a timeout was exceeded.
> See "systemctl status vncserver@:1.service" and "journalctl -xe" for
> details.
this error comes after I've connected via VNC viewer and "worked" for
less than a minute ...
> This was caused by an selinux issue.  The AVCs I got were....
SELinux, I should generate a .tt file and add some permissions
I've changed from enforcing to permissive before the last reboot and it
runs :-)

> type=AVC msg=audit(1496670517.042:290): avc:  denied  { unlink } for
> pid=1 comm="systemd" name="f25f.greshko.com:1.pid" dev="sda3" ino=17229
> scontext=system_u:system_r:init_t:s0
> tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=0
> type=AVC msg=audit(1496670702.480:298): avc:  denied  { open } for
> pid=1 comm="systemd" path="/home/egreshko/.vnc/f25f.greshko.com:1.pid"
> dev="sda3" ino=17277 scontext=system_u:system_r:init_t:s0
> tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=0
> type=AVC msg=audit(1496670702.480:299): avc:  denied  { open } for
> pid=1 comm="systemd" path="/home/egreshko/.vnc/f25f.greshko.com:1.pid"
> dev="sda3" ino=17277 scontext=system_u:system_r:init_t:s0
> tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=0
mine will look similar ...
>
>> firewall-cmd --add-port=5901/tcp --permanent
> FWIW, the firewall-applet has a checkbox to allow vncsever and opens
> multiple ports.
I tell you some secret:  user walter is a non admin, and with this I
only can use this applet
when logging in directly at the computer and not remote ...
>> SOS please help me, how to get any way of a stable graphical
>> connection from Windows
>> to this Fedora 25 ...
> At this point you should check the status of the vncserver ...
>
> systemctl status vncserver@:1.service

it is running now as expected due to permissive instead of enforcing

bye the way,

why do I get at
http://forums.fedoraforum.org/showthread.php?t=305255
the error
403 Error. Access is Forbidden to this Page!!!

Greetings,
Walter


_______________________________________________
users mailing list -- [hidden email]
To unsubscribe send an email to [hidden email]

smime.p7s (4K) Download Attachment
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Difficulties at very first steps with f25kde ...

Ed Greshko
On 06/05/17 22:40, Walter H. wrote:
> it is running now as expected due to permissive instead of enforcing

OK....

As I mentioned in a later post, to get back to enforcing you may need to
run...

 ausearch -c 'systemd' --raw | audit2allow -M my-systemd
 semodule -X 300 -i my-systemd.pp

twice since you first get the unlink AVC and not get the open AVC until
you generate the local policy to fix it.

At least you have it working and you know where the issue was.

>
> bye the way,
>
> why do I get at
> http://forums.fedoraforum.org/showthread.php?t=305255
> the error
> 403 Error. Access is Forbidden to this Page!!!


No idea.  I works for me.  I am using chrome and no proxy....

--
Fedora Users List - The place to go to speculate endlessly
_______________________________________________
users mailing list -- [hidden email]
To unsubscribe send an email to [hidden email]
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Difficulties at very first steps with f25kde ...

Walter H.
In reply to this post by Ed Greshko
On 05.06.2017 16:34, Ed Greshko wrote:
> That is documentation from F14 and is way out of date.
of course and didn't meet my needs as there must be a user logged on ...

> Again, late hour, I should have also mentioned that the AVC messages are
> held in /var/log/audit/audit.log
>
> You can grep on type=AVC in the file to see if you're getting the errors
> that I noted.  I fixed it by following the troubleshooting advice of the
> seapplet.  I had to run, as root,
>
>   ausearch -c 'systemd' --raw | audit2allow -M my-systemd
>   semodule -X 300 -i my-systemd.pp
>
> a couple of times since there were 2 distinct AVC's   A deny on unlink
> and a deny on open.
I did it this way:  stored the following to   e.g. bugfix.tt

module systemd_vnc_bugfix 1.0.0;

require {
         type user_home_t;
         type init_t;
         class file { open read unlink };
}

#============= init_t ==============
allow init_t user_home_t:file { open read unlink };


and then

checkmodule -M -m -o bugfix.mod bugfix.tt
semodule_package -o bugfix.pp -m bugfix.mod
semodule -X 300 -i bugfix.pp

Thanks for your help, hints,
now its working with SElinux = enforcing

Greetings from Austria,
Walter


_______________________________________________
users mailing list -- [hidden email]
To unsubscribe send an email to [hidden email]

smime.p7s (4K) Download Attachment
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Difficulties at very first steps with f25kde ...

Daniel J Walsh
On 06/05/2017 02:09 PM, Walter H. wrote:
On 05.06.2017 16:34, Ed Greshko wrote:
That is documentation from F14 and is way out of date.
of course and didn't meet my needs as there must be a user logged on ...
Again, late hour, I should have also mentioned that the AVC messages are
held in /var/log/audit/audit.log

You can grep on type=AVC in the file to see if you're getting the errors
that I noted.  I fixed it by following the troubleshooting advice of the
seapplet.  I had to run, as root,

  ausearch -c 'systemd' --raw | audit2allow -M my-systemd
  semodule -X 300 -i my-systemd.pp

a couple of times since there were 2 distinct AVC's   A deny on unlink
and a deny on open.
I did it this way:  stored the following to   e.g. bugfix.tt

module systemd_vnc_bugfix 1.0.0;

require {
        type user_home_t;
        type init_t;
        class file { open read unlink };
}

#============= init_t ==============
allow init_t user_home_t:file { open read unlink };


This looks like the file that is labeled user_home_t is mislabeled.  This indicates a file stored in your homedir.
I don't think systemd is open/read/unlink files in homedir.
and then

checkmodule -M -m -o bugfix.mod bugfix.tt
semodule_package -o bugfix.pp -m bugfix.mod
semodule -X 300 -i bugfix.pp

Thanks for your help, hints,
now its working with SElinux = enforcing

Greetings from Austria,
Walter



_______________________________________________
users mailing list -- [hidden email]
To unsubscribe send an email to [hidden email]



_______________________________________________
users mailing list -- [hidden email]
To unsubscribe send an email to [hidden email]
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Difficulties at very first steps with f25kde ...

Walter H.
On 05.06.2017 21:01, Daniel Walsh wrote:
On 06/05/2017 02:09 PM, Walter H. wrote:
I did it this way:  stored the following to   e.g. bugfix.tt

module systemd_vnc_bugfix 1.0.0;

require {
        type user_home_t;
        type init_t;
        class file { open read unlink };
}

#============= init_t ==============
allow init_t user_home_t:file { open read unlink };


This looks like the file that is labeled user_home_t is mislabeled.  This indicates a file stored in your homedir.
yes /home/walter/.vnc/...
I don't think systemd is open/read/unlink files in homedir.
this is the prove it does;
it is working now ...

Greetings,
Walter

_______________________________________________
users mailing list -- [hidden email]
To unsubscribe send an email to [hidden email]

smime.p7s (4K) Download Attachment
Loading...