Web lists-archives.com

tigervnc and multiple users

Happy New Year to the list!

I use tigervnc on Stretch to provide remote access to my machine from a 
variety of devices. I'm running VNC over an OpenVPN VPN but I don't 
THINK that is relevant to the problem.

If I start tigervnc as the same user I log into Gnome as, I have no 
problem. I find I can connect from a variety of client devices including 
iDevices, Windows machines, and Android devices, and it works very well.

However, I would like to use this mechanism to also allow a friend to 
access my machine remotely, the friend is a Mac user. I have no need or 
desire to access the existing X session, just getting any graphical 
desktop environment remotely is the goal. Sitting in front of his Mac I 
can connect to my machine and log in as me and it all works. But I want 
him to log in as him, not me. I believe that is going to require a 
second instance of tigervnc server, especially as it is possible that in 
the future we might both be accessing the machine remotely at the same 
time from different places. If I try to run an additional tigervnc 
server on my machine as HIS account on my machine, that fails to start 

$ tigervncserver

Warning: kazuki.local:1 is taken because of /tmp/.X11-unix/X1
Remove this file if there is no X server kazuki.local:1
/usr/bin/xauth:  timeout in locking authority file /run/user/1000/gdm/Xauthority
/usr/bin/xauth:  timeout in locking authority file /run/user/1000/gdm/Xauthority

New 'kazuki.local:2 (richard)' desktop at :2 on machine kazuki.local

Starting applications specified in /etc/X11/Xvnc-session
Log file is /home/richard/.vnc/kazuki.local:2.log

Use xtigervncviewer -SecurityTypes VncAuth,TLSVnc -passwd /home/richard/.vnc/passwd kazuki.local:2 to connect to the VNC server.

tigervncserver: Failed command '/etc/X11/Xvnc-session': 256!

=================== tail -15 /home/richard/.vnc/kazuki.local:2.log 
Killing Xtigervnc process ID 12775... which seems to be deadlocked. Using SIGKILL!

Xvnc TigerVNC 1.7.0 - built Apr  9 2017 14:38:13
Copyright (C) 1999-2016 TigerVNC Team and many others (see README.txt)
See http://www.tigervnc.org for information on TigerVNC.
Underlying X server release 11903000, The X.Org Foundation

Sun Dec 31 23:34:35 2017
 vncext:      VNC extension running!
 vncext:      Listening for VNC connections on all interface(s), port 5902
 vncext:      created VNC server for screen 0
XIO:  fatal IO error 11 (Resource temporarily unavailable) on X server ":2"
      after 173 requests (173 known processed) with 0 events remaining. 
Killing Xtigervnc process ID 13234... which seems to be deadlocked. 


Starting applications specified in /etc/X11/Xvnc-session has failed.
Maybe try something simple first, e.g.,
        tigervncserver -xstartup /usr/bin/xterm

I understand that the very first two lines of the above are not a 
problem, just tigervnc reporting that it found the local X environment 
(Gnome) running on the machine that I use when I am sitting in front of 
it. But the rest doesn't look healthy...

/etc/X11/Xvnc-session contains:

#! /bin/sh

test x"$SHELL" = x"" && SHELL=/bin/bash
test x"$1"     = x"" && set -- default

vncconfig -iconic &
exec /etc/X11/Xsession "$@"
vncserver -kill $DISPLAY

Now there is no way I wrote that, so I either copied it from a webpage 
somewhere or that is what the tigervnc package installs by default.

As I say this works when I run the server as me and try to log into it 
as me. How can I set things up so I can log in as me, my friend can log 
in as him, and not have to share passwords (which I just will not do, 
come what may)?

Googling about multiuser access to tigervnc results in a lot of pages 
referring to files /etc/sysconfig/ which I guess is not a Debian thing 
as my box doesn't have an /etc/sysconfig directory.