Bug#1005238: xrdp: Flood of error reports to xrdp.log
Package: xrdp
Version: 0.9.17-2
Severity: normal
X-Debbugs-Cc: hilary.snaden@zoho.com
It has recently become problematical, then impossible, to connect to my xrdp-enabled box. Inspection of xrdp.log found that it had grown to over 2GB in size. Analysis of the timing of the writes by day showed a small spike some six weeks after installation, followed by a rough trend upwards until the last few days, when xrdp has been writing >1 million lines each day to the log.
While writing this email it occurred to me that the size of the log could be the cause of the problem as well as one of the symptoms, and I tried rotating (by hand) the log, saving the nost recent 100 lines as a fresh log. I can now connect to the box.
However, the floods of log writes have resumed, the main parts are these:
[20220209-17:53:45] [ERROR] SSL_accept: I/O error
[20220209-17:53:45] [ERROR] trans_set_tls_mode: ssl_tls_accept failed
[20220209-17:53:45] [ERROR] xrdp_sec_incoming: trans_set_tls_mode failed
[20220209-17:53:45] [ERROR] xrdp_rdp_incoming: xrdp_sec_incoming failed
[20220209-17:53:46] [ERROR] xrdp_process_main_loop: libxrdp_process_incoming failed
[20220209-17:53:46] [ERROR] xrdp_iso_send: trans_write_copy_s failed
[20220209-17:53:46] [ERROR] Sending [ITU T.125] DisconnectProviderUltimatum failed
I'm not yet sure if it is possible for me to add xrdp.log to the rotation system, but I may explore this.
I think I saw a bug report relating to log rotation, but I only scanned the subjects.
(BTW the info below is for a different box, which does not have xrdp installed but which should be largely identical.)
Thanks for your work,
Hilary
-- System Information:
Debian Release: bookworm/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 5.15.0-3-amd64 (SMP w/4 CPU threads)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages xrdp depends on:
ii adduser 3.118
ii init-system-helpers 1.61
ii libc6 2.33-5
ii libfuse2 2.9.9-5
ii libjpeg62-turbo 1:2.1.2-1
ii libopus0 1.3.1-0.1
ii libpam0g 1.4.0-11
ii libssl1.1 1.1.1m-1
ii libx11-6 2:1.7.2-2+b1
ii libxfixes3 1:6.0.0-1
ii libxrandr2 2:1.5.2-1
ii lsb-base 11.1.0
ii ssl-cert 1.1.2
Versions of packages xrdp recommends:
ii fuse3 [fuse] 3.10.5-1
pn xorgxrdp <none>
Versions of packages xrdp suggests:
pn guacamole <none>
Reply to: