[opensuse] x11vnc service suddenly died on me :-(
Hello - I am running OpenSuSE Leap 15.0, with the KDE desktop using sddm as the display manager, on a number of systems to which I need VNC access to the real display :0 at all times. (I cannot use VNC in a mode where it brings up a log in prompt, I need access to the running display. I leave these systems running 24/7 under my log in account. Most of these run in remote places, running unattended, so it is not easily possible for me to interact with them directly. ) Nor is it an option to change the KDE desktop since I am not the only person accessing these remote systems via VNC and interacting with them, and the other users are NOT sophisticated Linux users and need the GUI support provided by KDE. Up until what appears to have been a recent update, I have had this working by running x11vnc as a service, on the remote systems, with the following setup -
I am not sure how to display the contents of the .Xauthority file here as it appears to contain binary data but this cut/paste shows a little bit -
When I start the x11vnc service and then look at the x11vnc log file, I see something has gotten sick with connecting to DISPLAY :0 and the magic cookie stored in the .Xauthority file-
I won't show all the tips and guidelines, but I think I am doing everything suggested... Any ideas why x11vnc suddenly broke? Thanks in advance... Marc... -- <b>Computers: the final frontier. These are the voyages of the user Marc.<br> His mission: to explore strange new hardware. To seek out new software and new applications.<br> To boldly go where no Marc has gone before!<br></b> -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Oh yeah, something in the latest set of updates is definitely breaking x11vnc on me. 3 more computers down for the count, including two Leap 42.3 and another Leap 15.0. They all went down immediately after doing the updates and then rebooting. All showing the same problem with Display :0 in the x11vnc log file... Marc.. On 4/14/19 8:14 AM, Marc Chamberlin wrote:
-- <b>Computers: the final frontier. These are the voyages of the user Marc.<br> His mission: to explore strange new hardware. To seek out new software and new applications.<br> To boldly go where no Marc has gone before!<br></b> -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
I have been digging into this further, making progress, but also getting into some Linux/OpenSuSE weeds... ;-) I have figured out that if I ssh into the systems which were updated, and on which the x11vnc service stopped working, that if I manually and explicitly set the environment variable for XAUTHORITY i.e.
export XAUTHORITY=/home/$USER/.Xauthority
and then start the x11vnc service -
systemctl restart x11vnc.service
I once again have a happy x11vnc service and can VNC into the system OK. This raises a few questions - 1. Why has the parameter for x11vnc -auth /home/marc/.Xauthority stopped working? According to the man page for x11vnc, this should be equivalent to setting the environment variable XAUTHORITY before running x11vnc. 2. Why isn't this environment variable being set by OpenSuSE any more? It is not in Leap 15.0 apparently after the last set of updates that I had installed, but confusingly it was still being defined in Leap 42.3 but not working anymore. 3. If I have to set it myself, where is the best place to do so? /etc/profiles? /etc/bash.bashrc? /home/marc/.bashrc? Is there someplace I should set this so that both systemd will pick it up when it starts the x11vnc service while not getting clobbered by future updates? (now I am getting into those OpenSuSE/Linux weeds I mentioned and I don't grok the intent of Linux or the platform developers...) I think I am reaching my limits on debugging this on my own, so hopefully some kind guru will come along soon and guide me back into the light... Marc... On 4/14/19 2:26 PM, Marc Chamberlin wrote:
-- <b>Computers: the final frontier. These are the voyages of the user Marc.<br> His mission: to explore strange new hardware. To seek out new software and new applications.<br> To boldly go where no Marc has gone before!<br></b> -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 04/14/2019 08:36 PM, Marc Chamberlin wrote:
Marc, These are important questions and I hope somebody has the answer -- unfortunately not me (though I have used your setup in the past across the LAN). If I had to guess the changes were likely caused by one of the following recent updates on 42.3 (my 15.0 installs are virtualized) <recent updates I have that may be related (only example packages shown)> Sun 31 Mar 2019 02:18:26 AM CDT kernel-default 4.4.176-96.1 Thu 11 Apr 2019 06:50:00 PM CDT libKF5Auth5 5.32.0-5.2 My bet is on the last. I don't see any direct x11 package updates, but I wouldn't be surprised if the defaults to deny remote X access were changed. There were a couple of CVEs with rdesktop and some of the other remote viewers for Linux found in the past couple of week -- that had been present in the packages for years (I recall an article on The Register newsletter) The CVE writeup and bug-reports seem to make the libKF5Auth5 package a prime suspect: https://www.suse.com/security/cve/CVE-2019-7443.html https://bugzilla.suse.com/1124863 -- David C. Rankin, J.D.,P.E. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Oh yeah, something in the latest set of updates is definitely breaking x11vnc on me. 3 more computers down for the count, including two Leap 42.3 and another Leap 15.0. They all went down immediately after doing the updates and then rebooting. All showing the same problem with Display :0 in the x11vnc log file... Marc.. On 4/14/19 8:14 AM, Marc Chamberlin wrote:
-- <b>Computers: the final frontier. These are the voyages of the user Marc.<br> His mission: to explore strange new hardware. To seek out new software and new applications.<br> To boldly go where no Marc has gone before!<br></b> -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
I have been digging into this further, making progress, but also getting into some Linux/OpenSuSE weeds... ;-) I have figured out that if I ssh into the systems which were updated, and on which the x11vnc service stopped working, that if I manually and explicitly set the environment variable for XAUTHORITY i.e.
export XAUTHORITY=/home/$USER/.Xauthority
and then start the x11vnc service -
systemctl restart x11vnc.service
I once again have a happy x11vnc service and can VNC into the system OK. This raises a few questions - 1. Why has the parameter for x11vnc -auth /home/marc/.Xauthority stopped working? According to the man page for x11vnc, this should be equivalent to setting the environment variable XAUTHORITY before running x11vnc. 2. Why isn't this environment variable being set by OpenSuSE any more? It is not in Leap 15.0 apparently after the last set of updates that I had installed, but confusingly it was still being defined in Leap 42.3 but not working anymore. 3. If I have to set it myself, where is the best place to do so? /etc/profiles? /etc/bash.bashrc? /home/marc/.bashrc? Is there someplace I should set this so that both systemd will pick it up when it starts the x11vnc service while not getting clobbered by future updates? (now I am getting into those OpenSuSE/Linux weeds I mentioned and I don't grok the intent of Linux or the platform developers...) I think I am reaching my limits on debugging this on my own, so hopefully some kind guru will come along soon and guide me back into the light... Marc... On 4/14/19 2:26 PM, Marc Chamberlin wrote:
-- <b>Computers: the final frontier. These are the voyages of the user Marc.<br> His mission: to explore strange new hardware. To seek out new software and new applications.<br> To boldly go where no Marc has gone before!<br></b> -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 04/14/2019 08:36 PM, Marc Chamberlin wrote:
Marc, These are important questions and I hope somebody has the answer -- unfortunately not me (though I have used your setup in the past across the LAN). If I had to guess the changes were likely caused by one of the following recent updates on 42.3 (my 15.0 installs are virtualized) <recent updates I have that may be related (only example packages shown)> Sun 31 Mar 2019 02:18:26 AM CDT kernel-default 4.4.176-96.1 Thu 11 Apr 2019 06:50:00 PM CDT libKF5Auth5 5.32.0-5.2 My bet is on the last. I don't see any direct x11 package updates, but I wouldn't be surprised if the defaults to deny remote X access were changed. There were a couple of CVEs with rdesktop and some of the other remote viewers for Linux found in the past couple of week -- that had been present in the packages for years (I recall an article on The Register newsletter) The CVE writeup and bug-reports seem to make the libKF5Auth5 package a prime suspect: https://www.suse.com/security/cve/CVE-2019-7443.html https://bugzilla.suse.com/1124863 -- David C. Rankin, J.D.,P.E. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
participants (2)
-
David C. Rankin
-
Marc Chamberlin