[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1052197: xrdp: after bullseye-security upgrade, empty turquoise screen after logging in



Hallo Markus,

>the new Bullseye version of xrdp is identical to the version in Bookworm. Thus
>the underlying problem is probably more complex and I don't suspect that
>something is wrong with xrdp itself but more likely with a configuration option
>or related software packages which do something different than in Bookworm.

either that, or xorgxrdp must also be updated, or at least rebuilt
against the newer xrdp? Maybe?

>I definitely need more information about your setup or xrdp in general to debug

I’ve now purged and reinstalled xrdp and xorgxrdp on the machine
with… less “interesting” history, but the effect is still present.

Selecting previously unselected package xrdp.
(Reading database ... 210637 files and directories currently installed.)
Preparing to unpack .../xrdp_0.9.21.1-1~deb11u1_amd64.deb ...
Unpacking xrdp (0.9.21.1-1~deb11u1) ...
Selecting previously unselected package xorgxrdp.
Preparing to unpack .../xorgxrdp_1%3a0.2.12-1_amd64.deb ...
Unpacking xorgxrdp (1:0.2.12-1) ...
Setting up xrdp (0.9.21.1-1~deb11u1) ...

Generating 2048 bit rsa key...

ssl_gen_key_xrdp1 ok

saving to /etc/xrdp/rsakeys.ini

Starting Remote Desktop Protocol server: xrdp-sesman xrdp.
Setting up xorgxrdp (1:0.2.12-1) ...

>this issue. Possible reasons for the behavior may be:
>
>1. TLS / connection problem ? Did you do "adduser xrdp ssl-cert" ? Maybe a new
>TLS configuration option in 0.9.21.1?

The xrdp user is not in ssl-cert, but I never used those either.

>2. graphic drivers ? I read that hardware accelerated drivers may cause such

What graphic drivers? xrdp+xorgxrdp runs headlessly.

>/var/log/xrdp-sesman.log
>/var/log/xrdp.log
>~/.xsession-errors

Attached, and I’ll also add /.xorgxrdp.10.log ☻

>journalctl -S -2m

That won’t do much other than say command not found ;-)

I don’t know that thing but I assume you’ll want to see whether
there’s anything relevant in syslog.

Starting at package installation, there is:

Sep 20 19:32:45 tglase-edge groupadd[16356]: group added to /etc/group: name=xrdp, GID=119
Sep 20 19:32:45 tglase-edge groupadd[16356]: group added to /etc/gshadow: name=xrdp
Sep 20 19:32:45 tglase-edge groupadd[16356]: new group: name=xrdp, GID=119
Sep 20 19:32:45 tglase-edge useradd[16364]: new user: name=xrdp, UID=110, GID=119, home=/run/xrdp, shell=/usr/sbin/nologin, from=/dev/pts/2
Sep 20 19:32:45 tglase-edge chage[16375]: changed password expiry for xrdp
Sep 20 19:32:46 tglase-edge xrdp-sesman[16502]: [INFO ] starting xrdp-sesman with pid 16502
Sep 20 19:32:46 tglase-edge xrdp[16504]: [INFO ] address [0.0.0.0] port [3389] mode 1
Sep 20 19:32:46 tglase-edge xrdp[16504]: [INFO ] listening to port 3389 on 0.0.0.0
Sep 20 19:32:46 tglase-edge xrdp[16504]: [INFO ] xrdp_listen_pp done
Sep 20 19:32:48 tglase-edge xrdp[16506]: [INFO ] starting xrdp with pid 16506
Sep 20 19:32:49 tglase-edge xrdp[16506]: [INFO ] address [0.0.0.0] port [3389] mode 1
Sep 20 19:32:49 tglase-edge xrdp[16506]: [INFO ] listening to port 3389 on 0.0.0.0
Sep 20 19:32:49 tglase-edge xrdp[16506]: [INFO ] xrdp_listen_pp done
Sep 20 19:32:54 tglase-edge xrdp-sesman[16502]: [INFO ] receiving SIGHUP
Sep 20 19:32:54 tglase-edge xrdp-sesman[16502]: [INFO ] configuration reloaded, log subsystem restarted
Sep 20 19:32:54 tglase-edge sudo: pam_unix(sudo:session): session closed for user root
Sep 20 19:33:07 tglase-edge xrdp[16506]: [INFO ] Socket 12: AF_INET6 connection received from ::ffff:172.34.0.14 port 51122
Sep 20 19:33:07 tglase-edge xrdp[17463]: [INFO ] Using default X.509 certificate: /etc/xrdp/cert.pem
Sep 20 19:33:08 tglase-edge xrdp[17463]: [INFO ] Using default X.509 key file: /etc/xrdp/key.pem
Sep 20 19:33:08 tglase-edge xrdp[17463]: [ERROR] Cannot read private key file /etc/xrdp/key.pem: Permission denied
Sep 20 19:33:08 tglase-edge xrdp[17463]: [WARN ] Cannot accept TLS connections because certificate or private key file is not readable. certificate file: [/etc/xrdp/cert.pem], private key file: [/etc/xrdp/key.pem]
Sep 20 19:33:08 tglase-edge xrdp[17463]: [INFO ] Security protocol: configured [RDP], requested [SSL|HYBRID|RDP], selected [RDP]
Sep 20 19:33:08 tglase-edge xrdp[17463]: [INFO ] Connected client computer name: x61w
Sep 20 19:33:08 tglase-edge xrdp[17463]: [INFO ] xrdp_load_keyboard_layout: Keyboard information sent by the RDP client, keyboard_type:[0x04], keyboard_subtype:[0x00], keylayout:[0x00000409]
Sep 20 19:33:08 tglase-edge xrdp[17463]: [INFO ] xrdp_load_keyboard_layout: model [] variant [] layout [us] options []
Sep 20 19:33:08 tglase-edge xrdp[17463]: [INFO ] Non-TLS connection established from ::ffff:172.34.0.14 port 51122: with security level : high
Sep 20 19:33:08 tglase-edge xrdp[17463]: [INFO ] xrdp_caps_process_pointer: client supports new(color) cursor
Sep 20 19:33:08 tglase-edge xrdp[17463]: [WARN ] Received [MS-RDPBCGR] TS_CONFIRM_ACTIVE_PDU - TS_CAPS_SET capabilitySetType = 27 is unknown - Ignored
Sep 20 19:33:08 tglase-edge xrdp[17463]: [INFO ] Loading keymap file /etc/xrdp/km-00000409.ini
Sep 20 19:33:08 tglase-edge xrdp[17463]: [WARN ] local keymap file for 0x00000409 found and doesn't match built in keymap, using local keymap file
Sep 20 19:33:09 tglase-edge xrdp[17463]: [ERROR] Dynamic Virtual Channel version 1 is not supported
Sep 20 19:33:09 tglase-edge xrdp[17463]: [ERROR] xrdp_rdp_recv: xrdp_channel_process failed
Sep 20 19:33:10 tglase-edge xrdp[17463]: [INFO ] connecting to sesman on 127.0.0.1:3350
Sep 20 19:33:10 tglase-edge xrdp-sesman[16502]: [INFO ] Socket 12: AF_INET6 connection received from ::1 port 38046
Sep 20 19:33:10 tglase-edge xrdp[17463]: [INFO ] xrdp_wm_log_msg: sesman connect ok
Sep 20 19:33:10 tglase-edge xrdp[17463]: [INFO ] sesman connect ok
Sep 20 19:33:10 tglase-edge xrdp[17463]: [INFO ] sending login info to session manager. Please wait...
Sep 20 19:33:11 tglase-edge xrdp-sesman[16502]: [INFO ] Terminal Server Users group is disabled, allowing authentication
Sep 20 19:33:11 tglase-edge xrdp-sesman[16502]: [INFO ] ++ created session (access granted): username tglase, ip ::ffff:172.34.0.14:51122 - socket: 12
Sep 20 19:33:11 tglase-edge xrdp-sesman[16502]: [INFO ] starting Xorg session...
Sep 20 19:33:11 tglase-edge xrdp-sesman[16502]: [INFO ] Starting session: session_pid 17464, display :10.0, width 1000, height 768, bpp 24, client ip ::ffff:172.34.0.14:51122 - socket: 12, user name tglase
Sep 20 19:33:11 tglase-edge xrdp-sesman[17464]: [INFO ] [session start] (display 10): calling auth_start_session from pid 17464
Sep 20 19:33:11 tglase-edge xrdp-sesman[16502]: [ERROR] sesman_data_in: scp_process_msg failed
Sep 20 19:33:11 tglase-edge xrdp[17463]: [INFO ] xrdp_wm_log_msg: login successful for user tglase on display 10
Sep 20 19:33:11 tglase-edge xrdp-sesman[16502]: [ERROR] sesman_main_loop: trans_check_wait_objs failed, removing trans
Sep 20 19:33:11 tglase-edge xrdp[17463]: [INFO ] login successful for user tglase on display 10
Sep 20 19:33:11 tglase-edge xrdp[17463]: [INFO ] loaded module 'libxup.so' ok, interface size 10296, version 4
Sep 20 19:33:11 tglase-edge xrdp-sesman[17464]: pam_unix(xrdp-sesman:session): session opened for user tglase(uid=1000) by (uid=0)
Sep 20 19:33:11 tglase-edge xrdp-sesman[17466]: [INFO ] Starting X server on display 10: /usr/lib/xorg/Xorg :10 -auth .Xauthority -config xrdp/xorg.conf -noreset -nolisten tcp -logfile .xorgxrdp.%s.log
Sep 20 19:33:11 tglase-edge xrdp[17463]: [INFO ] started connecting
Sep 20 19:33:11 tglase-edge xrdp[17463]: [INFO ] lib_mod_connect: connecting via UNIX socket
Sep 20 19:33:11 tglase-edge xrdp[17463]: [INFO ] lib_mod_log_peer: xrdp_pid=17463 connected to X11rdp_pid=17466 X11rdp_uid=1000 X11rdp_gid=1000 client_ip=::ffff:172.34.0.14 client_port=51122
Sep 20 19:33:11 tglase-edge xrdp[17463]: [INFO ] connected ok
Sep 20 19:33:11 tglase-edge xrdp-sesman[17464]: [INFO ] Found X server running at /tmp/.X11-unix/X10
Sep 20 19:33:11 tglase-edge xrdp-sesman[17465]: [INFO ] Found X server running at /tmp/.X11-unix/X10
Sep 20 19:33:11 tglase-edge xrdp-sesman[17464]: [INFO ] Session started successfully for user tglase on display 10
Sep 20 19:33:11 tglase-edge xrdp-sesman[17483]: [INFO ] Starting the xrdp channel server for display 10
Sep 20 19:33:11 tglase-edge xrdp-sesman[17465]: [INFO ] Found X server running at /tmp/.X11-unix/X10
Sep 20 19:33:11 tglase-edge xrdp-sesman[17464]: [INFO ] Session in progress on display 10, waiting until the window manager (pid 17465) exits to end the session
Sep 20 19:33:11 tglase-edge xrdp-chansrv[17483]: [INFO ] Socket 12: AF_UNIX connection received
Sep 20 19:33:11 tglase-edge xrdp-sesman[17465]: [INFO ] Starting the default window manager on display 10: /etc/xrdp/startwm.sh

There’s indeed…

lrwxrwxrwx 1 root root 38 Sep 20 19:32 /etc/xrdp/key.pem -> /etc/ssl/private/ssl-cert-snakeoil.key

… but I never used these (on the system where I didn’t yet purge and
reinstall, this is the same, and I’d not use the snakeoil one).

>~/.xorgxrdp.10.log seems to belong to xorgxrdp. The package is only recommended
>but I wonder if the problem is potentially caused by it.

Inhowfar? xorgxrdp is what makes xrdp useful (other than to connect
to an existing RDP/VNC server) after all…

>xrdp is a build-dependency which suggests it might need a rebuild?

That is one of my guesses.

>But on the other hand then recommending the package would be wrong and
>it should be added to Depends.

Nope; xrdp *can* be used as just a bridge to an existing RDP or VNC
session, in which case it doesn’t need xorgxrdp. They used to be
built from the same source package, too, but upstream switched to
release them separately at some point in time.

I’ll try binNMU’ing (locally) xorgxrdp, and if that doesn’t help,
backporting the version in bookworm/trixie/sid.

bye,
//mirabilos
-- 
„Cool, /usr/share/doc/mksh/examples/uhr.gz ist ja ein Grund,
mksh auf jedem System zu installieren.“
	-- XTaran auf der OpenRheinRuhr, ganz begeistert
(EN: “[…]uhr.gz is a reason to install mksh on every system.”)


Reply to: