LinuxQuestions.org
Latest LQ Deal: Linux Power User Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Desktop
User Name
Password
Linux - Desktop This forum is for the discussion of all Linux Software used in a desktop context.

Notices


Reply
  Search this Thread
Old 07-30-2013, 06:59 PM   #1
hwyhobo
LQ Newbie
 
Registered: Jul 2012
Posts: 11

Rep: Reputation: Disabled
User coming in through RDP has different settings than one logging in directly


When I log in to my CentOS 6.4 directly, nm-connection-editor works normally, I can edit connections. However, if I log in through rdp, I can't. "Edit" is always grayed out. It must be something simple I am not seeing.

Any pointers will be appreciated.

Last edited by hwyhobo; 07-30-2013 at 09:04 PM.
 
Old 07-31-2013, 09:53 AM   #2
gradinaruvasile
Member
 
Registered: Apr 2010
Location: Cluj, Romania
Distribution: Debian Testing
Posts: 662

Rep: Reputation: 137Reputation: 137
rdp? More exactly?
 
Old 07-31-2013, 01:33 PM   #3
hwyhobo
LQ Newbie
 
Registered: Jul 2012
Posts: 11

Original Poster
Rep: Reputation: Disabled
rdp = Remote Desktop Protocol.
 
Old 07-31-2013, 02:21 PM   #4
gradinaruvasile
Member
 
Registered: Apr 2010
Location: Cluj, Romania
Distribution: Debian Testing
Posts: 662

Rep: Reputation: 137Reputation: 137
You talk about the xrdp or freerdp implementation?

Or

Gnome has "a "RDP" server shich is a big messy misunderstanding because that is just plain and simple VNC.
?
 
Old 07-31-2013, 02:42 PM   #5
hwyhobo
LQ Newbie
 
Registered: Jul 2012
Posts: 11

Original Poster
Rep: Reputation: Disabled
xrdp. Yes, it runs on VNC, but seems to connect nicely, no drops, no problems. It's just that the user coming in through rdp seems to have different settings and permissions. There has to be some hidden setting to make the system treat that user like any other logging in directly, but I haven't found it yet.
 
Old 07-31-2013, 03:50 PM   #6
gradinaruvasile
Member
 
Registered: Apr 2010
Location: Cluj, Romania
Distribution: Debian Testing
Posts: 662

Rep: Reputation: 137Reputation: 137
Most likely the user is treated as "inactive" or "not local" by consolekit/policykit. Log in a session, open a terminal then type:

Code:
ck-list-sessions
Will output something like:

Code:
$ ck-list-sessions 
Session3:
	unix-user = '0'
	realname = 'root'
	seat = 'Seat1'
	session-type = ''
	active = FALSE
	x11-display = ''
	x11-display-device = ''
	display-device = '/dev/pts/1'
	remote-host-name = ''
	is-local = TRUE
	on-since = '2013-07-29T18:30:09.478535Z'
	login-session-id = '1'
	idle-since-hint = '2013-07-31T19:44:14.123049Z'
Session2:
	unix-user = '1000'
	realname = 'Kertesz Laszlo'
	seat = 'Seat1'
	session-type = ''
	active = TRUE
	x11-display = ':0'
	x11-display-device = '/dev/tty7'
	display-device = ''
	remote-host-name = ''
	is-local = TRUE
	on-since = '2013-07-29T18:29:14.080634Z'
	login-session-id = '1'
Find your session there (probably display will be 1 or 10) then see what you have at
Code:
active =
or
Code:
is-local =
it can be TRUE or FALSE. If its FALSE, you have to modify the policykit permission files in the /usr/share/polkit-1/actions/ folder.

Last edited by gradinaruvasile; 07-31-2013 at 03:51 PM.
 
Old 07-31-2013, 06:20 PM   #7
hwyhobo
LQ Newbie
 
Registered: Jul 2012
Posts: 11

Original Poster
Rep: Reputation: Disabled
I just tried that. I rebooted the machine to make sure it was clean. Then I rdp'ed to it and executed ck-list-sessions:

Code:
$ ck-list-sessions
Session1:
	unix-user = '42'
	realname = '(null)'
	seat = 'Seat1'
	session-type = 'LoginWindow'
	active = TRUE
	x11-display = ':0'
	x11-display-device = '/dev/tty1'
	display-device = ''
	remote-host-name = ''
	is-local = TRUE
	on-since = '2013-07-31T21:54:05.528130Z'
	login-session-id = '4294967295'
Session2:
	unix-user = '501'
	realname = 'Training Attendee'
	seat = 'Seat2'
	session-type = ''
	active = FALSE
	x11-display = ':10.0'
	x11-display-device = ''
	display-device = ''
	remote-host-name = ''
	is-local = TRUE
	on-since = '2013-07-31T21:57:08.529246Z'
	login-session-id = '4294967295'
The second session, for the rdp user, showed inactive (the first one appears to for gdm:x:42:42::/var/lib/gdm:/sbin/nologin). I modified two network manager policy files to allow inactive (changed <allow_inactive>no<allow_inactive> to yes), but even after a reboot it made no difference.

There a lot more files in there:
Code:
# ls /usr/share/polkit-1/actions/
net.reactivated.fprint.device.policy                    org.freedesktop.policykit.examples.pkexec.policy
org.fedoraproject.config.firewall.policy                org.freedesktop.policykit.policy
org.fedoraproject.config.services.policy                org.freedesktop.RealtimeKit1.policy
org.fedoraproject.systemconfig.kdump.policy             org.freedesktop.udisks.policy
org.freedesktop.consolekit.policy                       org.gnome.clockapplet.mechanism.policy
org.freedesktop.devicekit.power.policy                  org.gnome.control-center.defaultbackground.policy
org.freedesktop.devicekit.power.qos.policy              org.gnome.cpufreqselector.policy
org.freedesktop.modem-manager.policy                    org.gnome.gconf.defaults.policy
org.freedesktop.NetworkManager.policy                   org.gnome.settings-daemon.plugins.wacom.policy
org.freedesktop.network-manager-settings.system.policy  org.gnome.system-monitor.policy
org.freedesktop.packagekit.policy
but they don't seem to be related specifically to this.
 
Old 08-01-2013, 03:49 AM   #8
gradinaruvasile
Member
 
Registered: Apr 2010
Location: Cluj, Romania
Distribution: Debian Testing
Posts: 662

Rep: Reputation: 137Reputation: 137
Some more info here:

http://scarygliders.net/2011/11/17/x...omment-page-1/

Here are some possible solutions:

http://askubuntu.com/questions/47942...ger-privileged

This command will list your permissions, check for network manager related stuff:

Code:
pkaction --verbose
 
Old 08-01-2013, 03:28 PM   #9
hwyhobo
LQ Newbie
 
Registered: Jul 2012
Posts: 11

Original Poster
Rep: Reputation: Disabled
I have changed all the policy files. All inactive permissions are now identical to active according to pkaction -verbose. Still no change. I wish there was just a way to cause new session to be marked as active and get it over with. There has to be a way. Obviously NetworkManager does not do what is expected.

I am beginning to understand also why most normal people do not want to touch Linux. I've been using it on the side since 0.99 pl 7, and it still causes me to gasp in frustration.
 
Old 08-01-2013, 04:34 PM   #10
hwyhobo
LQ Newbie
 
Registered: Jul 2012
Posts: 11

Original Poster
Rep: Reputation: Disabled
Consider this closed. Decided the simplest solution was to disable NetworkManager and use network. Then I will have participants edit the interface in gedit and restart it. Works every time. Simple solutions work best. The more bloat is being introduced, the more like Windows this is becoming.

Thank you, gradinaruvasile, for all your help.
 
Old 08-01-2013, 05:46 PM   #11
hwyhobo
LQ Newbie
 
Registered: Jul 2012
Posts: 11

Original Poster
Rep: Reputation: Disabled
Alas, I spoke too soon. Even though network brings up all interfaces as expected, xrdp no longer accepts connections. Apparently something depends on NetworkManager. I have to manually log in from the console and do:

# /etc/sysconfig/network-scripts/ifdown-eth eth0
# /etc/sysconfig/network-scripts/ifup-eth eth0

(yes, it has to be done via ifup-eth, not ifup, and not by restarting network)

and then everything works. I think it is time to kick it to the curb and install Windows as a landing VM to my dismay.
 
Old 08-01-2013, 06:12 PM   #12
gradinaruvasile
Member
 
Registered: Apr 2010
Location: Cluj, Romania
Distribution: Debian Testing
Posts: 662

Rep: Reputation: 137Reputation: 137
1. Network Manager is crap. It doesnt make sense to be used with fixed computers at all. Its ok for laptops.
2. Network Manager is NOT integral part of the Linux networking stack - if disabled for good it should not interfere.
3. Try Wicd - it does what NM does only it is a wrapper for the standard Linux tools instead of trying to replace them.
 
Old 12-25-2015, 09:03 PM   #13
julmarqu
LQ Newbie
 
Registered: Dec 2015
Posts: 1

Rep: Reputation: Disabled
Solved this in my xubuntu system

I had been looking for a solution to this problem (use xrdp to login) and this is what I did to make it work:

1. I edited file /etc/dbus-1/system.d/org.freedesktop.NetworkManager.conf as follows:
a. cloned the policy user="root" below it and changed it to my user by changing the clone's first line to policy user="myUser"
b. cloned the policy at_console="true" below it and changed the first line of the clone to policy at_console="false"

2. Needed to start NetworkManager using dbus by changing /etc/xdg/autostart/nm-applet.desktop line EXEC=nm-applet to EXEC=dbus-launch nm-applet

3. Changed all the permissions in the default section of the /usr/share/polkit-1/actions/org.freedesktop.NetworkManager.policy to this:
<allow_any>yes</allow_any>
<allow_inactive>yes</allow_inactive>
<allow_active>yes</allow_active>

Without the allow_any it did not work. I also changed those set to auth_admin_keep to yes. Didn't do an intermediate step so not sure if both the allow_any and the yes instead of auth_admin_keep are needed.
 
Old 12-26-2015, 01:51 PM   #14
v4r3l0v
Member
 
Registered: Dec 2013
Posts: 136

Rep: Reputation: Disabled
Something depends on Network Manager- correct, firewalld for one depends on Network Manager. Network Manager uses dbus, it is better solution than what we had previously.
If you haven't solved it already, this looks like permissions problem, how is the remote system seeing you- as its local user or as the default user under which rdp service works?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
NIS+NFS: how to prevent users from logging directly into the server? kikinovak Slackware 8 09-18-2012 08:40 AM
Which kernel settings directly relate to power/usage etc? Josh000 Linux - Laptop and Netbook 3 01-11-2010 11:59 AM
How can I export gnome-rdp settings jrmontg Linux - Software 1 01-04-2010 10:37 AM
Mouse settings revert after logging out tetpt Linux - Hardware 0 01-11-2006 03:58 PM
need help urgently!!! display not coming and error mesage coming when user is logging rddreamz Linux - Newbie 0 08-14-2003 12:11 PM


All times are GMT -5. The time now is 01:47 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration