Web lists-archives.com

Re: tigervnc and multiple users




> Happy New Year to the list!
> 
> I use tigervnc on Stretch to provide remote access to my machine from
> a 
> variety of devices. I'm running VNC over an OpenVPN VPN but I don't 
> THINK that is relevant to the problem.
>
> If I start tigervnc as the same user I log into Gnome as, I have no 
> problem. I find I can connect from a variety of client devices
including 
> iDevices, Windows machines, and Android devices, and it works very
well.
>
> However, I would like to use this mechanism to also allow a friend
to 
> access my machine remotely, the friend is a Mac user. I have no need
> or 
> desire to access the existing X session, just getting any graphical 
> desktop environment remotely is the goal. Sitting in front of his Mac
> I 
> can connect to my machine and log in as me and it all works. But I
want 
> him to log in as him, not me. I believe that is going to require a 
> second instance of tigervnc server, especially as it is possible that
> in 
> the future we might both be accessing the machine remotely at the
same 
> time from different places. If I try to run an additional tigervnc 
> server on my machine as HIS account on my machine, that fails to
start with:
> 
> $ tigervncserver
> 
> Warning: kazuki.local:1 is taken because of /tmp/.X11-unix/X1
> Remove this file if there is no X server kazuki.local:1
> /usr/bin/xauth:  timeout in locking authority file
/run/user/1000/gdm/Xauthority
> /usr/bin/xauth:  timeout in locking authority file
/run/user/1000/gdm/Xauthority
> 
> New 'kazuki.local:2 (richard)' desktop at :2 on machine kazuki.local
> 
> Starting applications specified in /etc/X11/Xvnc-session
> Log file is /home/richard/.vnc/kazuki.local:2.log
>
> Use xtigervncviewer -SecurityTypes VncAuth,TLSVnc -passwd
/home/richard/.vnc/passwd kazuki.local:2 to connect to the VNC server.
>
>
> tigervncserver: Failed command '/etc/X11/Xvnc-session': 256!
> 
> =================== tail -15 /home/richard/.vnc/kazuki.local:2.log 
===================
> Killing Xtigervnc process ID 12775... which seems to be deadlocked.
Using SIGKILL!
> 
> Xvnc TigerVNC 1.7.0 - built Apr  9 2017 14:38:13
> Copyright (C) 1999-2016 TigerVNC Team and many others (see
README.txt)
> See http://www.tigervnc.org for information on TigerVNC.
> Underlying X server release 11903000, The X.Org Foundation
> 
> 
> Sun Dec 31 23:34:35 2017
>  vncext:      VNC extension running!
>  vncext:      Listening for VNC connections on all interface(s), port
5902
>  vncext:      created VNC server for screen 0
> XIO:  fatal IO error 11 (Resource temporarily unavailable) on X
server ":2"
 >      after 173 requests (173 known processed) with 0 events
remaining. 
> Killing Xtigervnc process ID 13234... which seems to be deadlocked.
> Using SIGKILL!
>
>
=======================================================================
> ===============
> 
> 
> Starting applications specified in /etc/X11/Xvnc-session has failed.
> Maybe try something simple first, e.g.,
>         tigervncserver -xstartup /usr/bin/xterm
> 
> 
> 
> I understand that the very first two lines of the above are not a 
> problem, just tigervnc reporting that it found the local X
environment 
> (Gnome) running on the machine that I use when I am sitting in front
of 
> it. But the rest doesn't look healthy...
> 
> 
> /etc/X11/Xvnc-session contains:
> 
> #! /bin/sh
> 
> test x"$SHELL" = x"" && SHELL=/bin/bash
> test x"$1"     = x"" && set -- default
> 
> vncconfig -iconic &
> $SHELL -l <<EOF
> exec /etc/X11/Xsession "$@"
> EOF
> vncserver -kill $DISPLAY
> 
> 
> Now there is no way I wrote that, so I either copied it from a
webpage 
> somewhere or that is what the tigervnc package installs by default.
> 
> As I say this works when I run the server as me and try to log into
it 
> as me. How can I set things up so I can log in as me, my friend can
log 
> in as him, and not have to share passwords (which I just will not
do, 
> come what may)?
>
> Googling about multiuser access to tigervnc results in a lot of
pages 
> referring to files /etc/sysconfig/ which I guess is not a Debian
thing 
> as my box doesn't have an /etc/sysconfig directory.
> 
> Thanks
> 
> Mark

One additional thing I have found -- the user richard had never logged
into Gnome directly on the box. If I did that, I could then start a
tigervnc instance as richard as normal. And, while logged into Gnome
locally as richard, I also _could_ launch an instance of tigervnc as me
 after su - 'ing to my account (mark). I got the timeout errors but the
server successfully started. Logging out of everything and logging back
in as me, I can again start a server as me but attempting to start it
as richard gets the same result as in my original post.

I must be missing something obvious -- items I have found with Google
either don't touch on this or else expect it to just work -- any
suggestions where to look for a solution?

Thanks

Mark