TigerVNC does not start after update

SanskritFritz · 2020-09-14 15:31:30

I have a headless server on Vmware. Tigervnc worked well so far. After this update, I followed the wiki and read this thread and did the following as told.

I created a password file via vncpasswd.

Also:

/etc/tigervnc/vncserver.users
:1=frank

~/.vnc/config
session=plasma

Then "systemctl start vncserver@:1" and also "vncserver-start :1" both give the following error:
Failure daemonizing.

The log says :
Control process exited, code=exited, status=71/OSERR

I have lightdm installed too.

I don't know how to proceed now, please help me.

post-factum · 2020-09-14 15:58:26

Make sure to use a new /etc/pam.d/tigervnc file (there might be a .pacnew version of it). If it still doesn't work, run:

sudo strace -ff /usr/bin/vncsession frank :1

and post the output.

SanskritFritz · 2020-09-14 16:07:42

Thanks for caring!
http://ix.io/2xyu

I'm using stock /etc/pam.d/tigervnc.

post-factum · 2020-09-14 16:10:21

[pid  3114] connect(3, {sa_family=AF_UNIX, sun_path="/dev/log"}, 110) = 0
[pid  3114] sendto(3, "<86>Sep 14 18:02:11 vncsession[3"..., 116, MSG_NOSIGNAL, NULL, 0) = 116
[pid  3114] sendto(3, "<34>Sep 14 18:02:11 vncsession[3"..., 85, MSG_NOSIGNAL, NULL, 0) = 85

This means there should be some meaningful non-truncated messages in the system log. Run journalctl -f, then try to start vncserver@:1 again and check what's printed in the journalctl output.

SanskritFritz · 2020-09-14 16:16:26

Sep 14 18:13:32 FrankVM systemd[1]: Starting Remote desktop service (VNC)...
Sep 14 18:13:32 FrankVM kernel: audit: type=1006 audit(1600100012.490:92): pid=3480 uid=0 old-auid=4294967295 auid=1000 tty=(none) old-ses=4294967295 ses=10 res=1
Sep 14 18:13:32 FrankVM systemd-logind[341]: [?] New session 10 of user frank.
Sep 14 18:13:32 FrankVM systemd[1]: Started Session 10 of user frank.
Sep 14 18:13:32 FrankVM vncsession[3480]: pam_unix(tigervnc:session): session opened for user frank(uid=1000) by (uid=0)
Sep 14 18:13:32 FrankVM audit[3480]: USER_START pid=3480 uid=0 auid=1000 ses=10 msg='op=PAM:session_open grantors=? acct="frank" exe="/usr/bin/vncsession" hostname=203.0.113.20 addr=203.0.113.20 terminal=? res=failed'
Sep 14 18:13:32 FrankVM vncsession[3480]: pam_open_session failed: 28 (Module is unknown)
Sep 14 18:13:32 FrankVM vncsession-start[3474]: Failure daemonizing
Sep 14 18:13:32 FrankVM audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=vncserver@:1 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'
Sep 14 18:13:32 FrankVM systemd[1]: vncserver@:1.service: Control process exited, code=exited, status=71/OSERR
Sep 14 18:13:32 FrankVM systemd[1]: vncserver@:1.service: Failed with result 'exit-code'.
Sep 14 18:13:32 FrankVM systemd[1]: Failed to start Remote desktop service (VNC).
Sep 14 18:13:32 FrankVM systemd-logind[341]: Session 10 logged out. Waiting for processes to exit.

/etc/pam.d/tigervnc:

#%PAM-1.0
# pam_selinux.so close should be the first session rule
-session   required     pam_selinux.so close
session    required     pam_loginuid.so
-session   required     pam_selinux.so open
session    required     pam_namespace.so
session    optional     pam_keyinit.so force revoke
session    required     pam_limits.so
-session   optional     pam_systemd.so
session    required     pam_unix.so
-session   optional     pam_reauthorize.so prepare

Last edited by SanskritFritz (2020-09-14 16:19:29)

post-factum · 2020-09-14 16:18:50

So, basically, there's an issue with PAM as predicted:

Sep 14 18:13:32 FrankVM vncsession[3480]: pam_open_session failed: 28 (Module is unknown)

Go and check what's with /etc/pam.d/tigervnc and /etc/pam.d/tigervnc.pacnew. You expect to not have any selinux modules there, and also you expect all the PAM modules listed there to be actually installed in the system. Check them one by one.

SanskritFritz · 2020-09-14 16:26:32

All files are present, I listed them with locate one by one, except for the first "pam_selinux.so" and the last "pam_reauthorize.so".

frank@FrankVM ~> locate pam_selinux.so
frank@FrankVM ~ [1]> locate pam_loginuid.so
/usr/lib/security/pam_loginuid.so
frank@FrankVM ~> locate pam_namespace.so
/usr/lib/security/pam_namespace.so
frank@FrankVM ~> locate pam_keyinit.so
/usr/lib/security/pam_keyinit.so
frank@FrankVM ~> locate pam_limits.so
/usr/lib/security/pam_limits.so
frank@FrankVM ~> locate pam_systemd.so
/usr/lib/security/pam_systemd.so
frank@FrankVM ~> locate pam_unix.so
/usr/lib/security/pam_unix.so
frank@FrankVM ~> locate pam_reauthorize.so

sirarch · 2020-09-14 16:28:58

Here's what a working pam file looks like:

$ cat /etc/pam.d/tigervnc
#%PAM-1.0
session    required     pam_loginuid.so
session    required     pam_namespace.so
session    optional     pam_keyinit.so force revoke
session    required     pam_limits.so
-session   optional     pam_systemd.so
session    required     pam_unix.so
-session   optional     pam_reauthorize.so prepare

You may need to

sudo mv /etc/pam.d/tigervnc.pacnew /etc/pam.d/tigervnc

Last edited by sirarch (2020-09-14 16:30:24)

post-factum · 2020-09-14 16:31:50

There's no pam_selinux.so line in the stock config file.

SanskritFritz · 2020-09-14 16:34:25

@sirarch thanks, now the server starts seemingly, but Plasma doesn't.

SanskritFritz · 2020-09-14 16:36:19

post-factum wrote:

There's no pam_selinux.so line in the stock config file.

That surprises me, I haven't changed it at all. There was no pacnew file either.

post-factum · 2020-09-14 16:38:08

See https://github.com/archlinux/svntogit-c … d9db127101.

sirarch · 2020-09-14 16:38:47

Make sure the session name in ~/.vnc/config matches the file name (without the .desktop extension) in /usr/share/xsessions/
I never used Plasma so I don't know what the session name should be.

$ ll /usr/share/xsessions/
total 28
drwxr-xr-x   2 root root  4096 Jul 11 13:06 ./
drwxr-xr-x 131 root root 12288 Aug 28 06:38 ../
-rw-r--r--   1 root root  1507 Jul  7 08:31 LXDE.desktop
-rw-r--r--   1 root root   198 May 23 19:55 openbox.desktop
-rw-r--r--   1 root root   205 May 23 19:55 openbox-kde.desktop

I set session=LXDE in ~/.vnc/config

Also make sure you don't have a ~/.vnc/xstartup or similar file, though not sure that file is used anymore.

SanskritFritz · 2020-09-14 16:45:16

OK, I'm sorry, I wasn't fully up to date, I had the tigervnc 1.11.0-2 package on my system which had the selinux lines in the pam file.
Now I upgraded to 1.11.0-4 and all is well.
Sorry again and thank you for your help!

karabaja4 · 2020-09-14 19:37:34

I'm still having issues with this I'm using Openbox and no systemd (busybox).

I have done the following:

1. Added following to $HOME/.vnc/config:

session=openbox

2. Added user maping to /etc/tigervnc/vncserver.users

:1=igor

3. Added /etc/X11/Xsession file with the following content:

exec openbox-session

4. The following file exists /usr/share/xsessions/openbox.desktop

5. The following commands do nothing:

~ >> vncserver :1
vncserver: Couldn't find suitable Xsession.

~ >> sudo /usr/bin/vncsession igor :1
# just exits, does nothing, same error as above in $HOME/.vnc/*.log

Here is the output of

sudo strace -ff /usr/bin/vncsession igor :1

https://pastebin.ubuntu.com/p/CHgwx3X3dt/

Last edited by karabaja4 (2020-09-14 19:56:46)

graysky · 2020-09-14 19:55:11

karabaja4 wrote:

I'm still having issues with this I'm using Openbox and no systemd (busybox).

See: https://github.com/TigerVNC/tigervnc/issues/1094

issue#1094 wrote:

It also requires systemd as sessions must be run as services.

karabaja4 · 2020-09-14 19:57:37

graysky wrote:

It also requires systemd as sessions must be run as services.

Why is this exactly?

graysky · 2020-09-14 20:00:21

@karabaja4 - Did you read the response from the tigervnc developer in the issue I linked?

karabaja4 · 2020-09-14 20:05:12

graysky wrote:

@karabaja4 - Did you read the response from the tigervnc developer in the issue I linked?

I did.

CendioOssman wrote:

There must have been some misunderstanding, at least partially. TigerVNC does not require Xorg as it ships its own replacement in the form of Xvnc. It does however require large parts of Xorg's infrastructure as it tries to start a similar session. It also requires systemd as sessions must be run as services.
I have no idea what the environment on Android looks like so I'm afraid I don't know if it has what's required. Our target is standard Linux distributions and I'm afraid we don't have the resources to deal with exotic stuff.
Please see the tigervnc-users mailing list for more help on the new model. There are already some tips there from people.

It doesn't explain why systemd is required though, except that "it must be run as systemd service". As I understand it, systemd service is nothing but a wrapper around a binary or script (in this case, vncsession) which makes it run as a daemon under a specific user. What makes it run in a systemd service that wouldn't make it run as a manual command?

Last edited by karabaja4 (2020-09-14 20:25:11)

SanskritFritz · 2020-09-19 13:08:07

sirarch wrote:

I still noticed a problem, the session starts fine, but when I try to start LXTerminal it now puts me in "/" (root dir) instead of $HOME. LXTerminal shortcut that starts it has a preference "working dir" but even if I set it to "/home/<user>" bash still ends up in "/" when it starts which is weird. Env vars seem correct, user id, $HOME, etc.
Does anything else need to happen in the systemd unit or elsewhere to change the working dir to the user's $HOME before the session starts?

Sirarch, did you find a solution to this? I was hit with the same phenomena. I'm on Plasma using Konsole. I have set /usr/bin/fish as the default shell in Konsole ages ago. The solution now was to reset the default shell setting in Konsole, restart it, and set fish back as the default shell. This has misteriously solved the problem of setting my working dir to /. Hopefully this will work for you as well.

sirarch · 2020-09-19 19:31:11

No fixes, but I opened this bug https://bugs.archlinux.org/task/67940

karabaja4 · 2020-09-20 18:45:29

karabaja4 wrote:

I'm still having issues with this I'm using Openbox and no systemd (busybox).

Seems it was fixed with 1.11.0-5 (I suspect my previous attempts failed because I didn't set Xsession as executable), Xsession now works normally just by starting "/usr/bin/vncserver :1". Thank you Arch devs.

Last edited by karabaja4 (2020-09-20 18:47:59)

graysky · 2020-09-21 11:13:47

karabaja4 wrote:

karabaja4 wrote:
I'm still having issues with this I'm using Openbox and no systemd (busybox).
Seems it was fixed with 1.11.0-5 (I suspect my previous attempts failed because I didn't set Xsession as executable), Xsession now works normally just by starting "/usr/bin/vncserver :1". Thank you Arch devs.

The recommended method is using the systemd service, see the wiki.

MpRethRu · 2020-09-24 10:12:01

I'm dissapointed with how they did a break change with half-assed alternative, and just shrug with it.
I've tried following all suggestions here and still keep having problem with it, with the nearest I could to is just returning error code 0 SUCCESS on systemd start.
I don't know what caused the problem with it even with strace and we just gave up with this. I've already request a proposal to switch to X11vnc to HR because of this.

graysky · 2020-09-24 10:15:58

MpRethRu wrote:

I'm dissapointed with how they did a break change with half-assed alternative, and just shrug with it.
I've tried following all suggestions here and still keep having problem with it, with the nearest I could to is just returning error code 0 SUCCESS on systemd start.
I don't know what caused the problem with it even with strace and we just gave up with this. I've already request a proposal to switch to X11vnc to HR because of this.

You've provided no info for someone to help you. I updated the wiki distilling out what I thought were key points to get this working. Post what you did and what isn't working.

Arch Linux

#26 2020-09-14 15:31:30

Re: TigerVNC does not start after update

#27 2020-09-14 15:58:26

Re: TigerVNC does not start after update

#28 2020-09-14 16:07:42

Re: TigerVNC does not start after update

#29 2020-09-14 16:10:21

Re: TigerVNC does not start after update

#30 2020-09-14 16:16:26

Re: TigerVNC does not start after update

#31 2020-09-14 16:18:50

Re: TigerVNC does not start after update

#32 2020-09-14 16:26:32

Re: TigerVNC does not start after update

#33 2020-09-14 16:28:58

Re: TigerVNC does not start after update

#34 2020-09-14 16:31:50

Re: TigerVNC does not start after update

#35 2020-09-14 16:34:25

Re: TigerVNC does not start after update

#36 2020-09-14 16:36:19

Re: TigerVNC does not start after update

#37 2020-09-14 16:38:08

Re: TigerVNC does not start after update

#38 2020-09-14 16:38:47

Re: TigerVNC does not start after update

#39 2020-09-14 16:45:16

Re: TigerVNC does not start after update

#40 2020-09-14 19:37:34

Re: TigerVNC does not start after update

#41 2020-09-14 19:55:11

Re: TigerVNC does not start after update

#42 2020-09-14 19:57:37

Re: TigerVNC does not start after update

#43 2020-09-14 20:00:21

Re: TigerVNC does not start after update

#44 2020-09-14 20:05:12

Re: TigerVNC does not start after update

#45 2020-09-19 13:08:07

Re: TigerVNC does not start after update

#46 2020-09-19 19:31:11

Re: TigerVNC does not start after update

#47 2020-09-20 18:45:29

Re: TigerVNC does not start after update

#48 2020-09-21 11:13:47

Re: TigerVNC does not start after update

#49 2020-09-24 10:12:01

Re: TigerVNC does not start after update

#50 2020-09-24 10:15:58

Re: TigerVNC does not start after update

Board footer