Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230

 

 

 

[SOLVED] xrdp blank screen although /etc/X11/Xwrapper.config

Graphical Environments, Managers, Multimedia & Desktop questions.
Post Reply
Message
Author
asimov-solensan
Posts: 3
Joined: 2018-03-05 19:23

[SOLVED] xrdp blank screen although /etc/X11/Xwrapper.config

#1 Post by asimov-solensan »

Hello,

Been using xrdp on debian for year and was unable to get it working. Applied this solution https://github.com/neutrinolabs/xrdp/issues/764 but stopped working after a while. Can't know if after a reboot or whatever but now I get again only a blank screen
This is clean installation of 9.3.0 and besides xrdp and ssh nothing else is changed.

There goes all the info I can provide:
/etc/X11/Xwrapper.config

Code: Select all

root@mamporrero2:/home/m1# cat /etc/X11/Xwrapper.config 
# Xwrapper.config (Debian X Window System server wrapper configuration file)
#
# This file was generated by the post-installation script of the
# xserver-xorg-legacy package using values from the debconf database.
#
# See the Xwrapper.config(5) manual page for more information.
#
# This file is automatically updated on upgrades of the xserver-xorg-legacy
# package *only* if it has not been modified since the last upgrade of that
# package.
#
# If you have edited this file but would like it to be automatically updated
# again, run the following command as root:
#   dpkg-reconfigure xserver-xorg-legacy
allowed_users=anybody
root@mamporrero2:/home/m1# 
xrdpi.ini (just the default one)

[code]

root@mamporrero2:/etc/xrdp# cat xrdp.ini
[Globals]
; xrdp.ini file version number
ini_version=1

; fork a new process for each incoming connection
fork=true
; tcp port to listen
port=3389
; regulate if the listening socket use socket option tcp_nodelay
; no buffering will be performed in the TCP stack
tcp_nodelay=true
; regulate if the listening socket use socket option keepalive
; if the network connection disappear without close messages the connection will be closed
tcp_keepalive=true
#tcp_send_buffer_bytes=32768
#tcp_recv_buffer_bytes=32768

; security layer can be 'tls', 'rdp' or 'negotiate'
; for client compatible layer
security_layer=negotiate
; minimum security level allowed for client
; can be 'none', 'low', 'medium', 'high', 'fips'
crypt_level=high
; X.509 certificate and private key
; openssl req -x509 -newkey rsa:2048 -nodes -keyout key.pem -out cert.pem -days 365
certificate=
key_file=
; specify whether SSLv3 should be disabled
#disableSSLv3=true
; set TLS cipher suites
#tls_ciphers=HIGH

; Section name to use for automatic login if the client sends username
; and password. If empty, the domain name sent by the client is used.
; If empty and no domain name is given, the first suitable section in
; this file will be used.
autorun=

allow_channels=true
allow_multimon=true
bitmap_cache=true
bitmap_compression=true
bulk_compression=true
#hidelogwindow=true
max_bpp=32
new_cursors=true
; fastpath - can be 'input', 'output', 'both', 'none'
use_fastpath=both
; when true, userid/password *must* be passed on cmd line
#require_credentials=true
; You can set the PAM error text in a gateway setup (MAX 256 chars)
#pamerrortxt=change your password according to policy at http://url

;
; colors used by windows in RGB format
;
blue=009cb5
grey=dedede
#black=000000
#dark_grey=808080
#blue=08246b
#dark_blue=08246b
#white=ffffff
#red=ff0000
#green=00ff00
#background=626c72

;
; configure login screen
;

; Login Screen Window Title
#ls_title=My Login Title

; top level window background color in RGB format
ls_top_window_bg_color=009cb5

; width and height of login screen
ls_width=350
ls_height=430

; login screen background color in RGB format
ls_bg_color=dedede

; optional background image filename (bmp format).
#ls_background_image=

; logo
; full path to bmp-file or file in shared folder
ls_logo_filename=
ls_logo_x_pos=55
ls_logo_y_pos=50

; for positioning labels such as username, password etc
ls_label_x_pos=30
ls_label_width=60

; for positioning text and combo boxes next to above labels
ls_input_x_pos=110
ls_input_width=210

; y pos for first label and combo box
ls_input_y_pos=220

; OK button
ls_btn_ok_x_pos=142
ls_btn_ok_y_pos=370
ls_btn_ok_width=85
ls_btn_ok_height=30

; Cancel button
ls_btn_cancel_x_pos=237
ls_btn_cancel_y_pos=370
ls_btn_cancel_width=85
ls_btn_cancel_height=30

[Logging]
LogFile=xrdp.log
LogLevel=DEBUG
EnableSyslog=true
SyslogLevel=DEBUG
; LogLevel and SysLogLevel could by any of: core, error, warning, info or debug

[Channels]
; Channel names not listed here will be blocked by XRDP.
; You can block any channel by setting its value to false.
; IMPORTANT! All channels are not supported in all use
; cases even if you set all values to true.
; You can override these settings on each session type
; These settings are only used if allow_channels=true
rdpdr=true
rdpsnd=true
drdynvc=true
cliprdr=true
rail=true
xrdpvr=true
tcutils=true

; for debugging xrdp, in section xrdp1, change port=-1 to this:
#port=/var/run/xrdp/sockdir/xrdp_display_10

; for debugging xrdp, add following line to section xrdp1
#chansrvport=/var/run/xrdp/sockdir/xrdp_chansrv_socket_7210


;
; Session types
;

[Xorg]
name=Xorg
lib=libxup.so
username=ask
password=ask
ip=127.0.0.1
port=-1
code=20

[Xvnc]
name=Xvnc
lib=libvnc.so
username=ask
password=ask
ip=127.0.0.1
port=-1
#xserverbpp=24
#delay_ms=2000

[console]
name=console
lib=libvnc.so
ip=127.0.0.1
port=5900
username=na
password=ask
#delay_ms=2000

[vnc-any]
name=vnc-any
lib=libvnc.so
ip=ask
port=ask5900
username=na
password=ask
#pamusername=asksame
#pampassword=asksame
#pamsessionmng=127.0.0.1
#delay_ms=2000

[sesman-any]
name=sesman-any
lib=libvnc.so
ip=ask
port=-1
username=ask
password=ask
#delay_ms=2000

[rdp-any]
name=rdp-any
lib=librdp.so
ip=ask
port=ask3389

[neutrinordp-any]
name=neutrinordp-any
lib=libxrdpneutrinordp.so
ip=ask
port=ask3389
username=ask
password=ask

; You can override the common channel settings for each session type
#channel.rdpdr=true
#channel.rdpsnd=true
#channel.drdynvc=true
#channel.cliprdr=true
#channel.rail=true
#channel.xrdpvr=true
root@mamporrero2:/etc/xrdp#
[/code]

sesman.ini (again default one)

Code: Select all

root@mamporrero2:/etc/xrdp# cat sesman.ini 
[Globals]
ListenAddress=127.0.0.1
ListenPort=3350
EnableUserWindowManager=true
UserWindowManager=startwm.sh
DefaultWindowManager=startwm.sh

[Security]
AllowRootLogin=true
MaxLoginRetry=4
TerminalServerUsers=tsusers
TerminalServerAdmins=tsadmins
; When AlwaysGroupCheck=false access will be permitted
; if the group TerminalServerUsers is not defined.
AlwaysGroupCheck=false

[Sessions]
;; X11DisplayOffset - x11 display number offset
; Type: integer
; Default: 10
X11DisplayOffset=10

;; MaxSessions - maximum number of connections to an xrdp server
; Type: integer
; Default: 0
MaxSessions=50

;; KillDisconnected - kill disconnected sessions
; Type: boolean
; Default: false
; if 1, true, or yes, kill session after 60 seconds
KillDisconnected=false

;; IdleTimeLimit - when to disconnect idle sessions
; Type: integer
; Default: 0
; if not zero, the seconds without mouse or keyboard input before disconnect
; not complete yet
IdleTimeLimit=0

;; DisconnectedTimeLimit - when to kill idle sessions
; Type: integer
; Default: 0
; if not zero, the seconds before a disconnected session is killed
; min 60 seconds
DisconnectedTimeLimit=0

;; Policy - session allocation policy
; Type: enum [ "Default" | "UBD" | "UBI" | "UBC" | "UBDI" | "UBDC" ]
; Default: Xrdp:<User,BitPerPixel> and Xvnc:<User,BitPerPixel,DisplaySize>
; "UBD" session per <User,BitPerPixel,DisplaySize>
; "UBI" session per <User,BitPerPixel,IPAddr>
; "UBC" session per <User,BitPerPixel,Connection>
; "UBDI" session per <User,BitPerPixel,DisplaySize,IPAddr>
; "UBDC" session per <User,BitPerPixel,DisplaySize,Connection>
Policy=Default

[Logging]
LogFile=xrdp-sesman.log
LogLevel=DEBUG
EnableSyslog=1
SyslogLevel=DEBUG

[Xorg]
param=Xorg
param=-config
param=xrdp/xorg.conf
param=-noreset
param=-nolisten
param=tcp

[Xvnc]
param=Xvnc
param=-bs
param=-nolisten
param=tcp
param=-localhost
param=-dpi
param=96

[Chansrv]
; drive redirection, defaults to xrdp_client if not set
FuseMountName=thinclient_drives

[SessionVariables]
PULSE_SCRIPT=/etc/xrdp/pulse/default.pa
root@mamporrero2:/etc/xrdp# 
xrdp.log

Code: Select all

[20180306-19:03:05] [INFO ] A connection received from: ::ffff:192.168.16.252 port 44206
[20180306-19:03:05] [DEBUG] Closed socket 12 (AF_INET6 ::ffff:192.168.17.19 port 3389)
[20180306-19:03:05] [DEBUG] Closed socket 11 (AF_INET6 :: port 3389)
[20180306-19:03:05] [INFO ] Using default X.509 certificate: /etc/xrdp/cert.pem
[20180306-19:03:05] [INFO ] Using default X.509 key file: /etc/xrdp/key.pem
[20180306-19:03:05] [DEBUG] Security layer: requested 3, selected 0
[20180306-19:03:06] [DEBUG] xrdp_000005a5_wm_login_mode_event_00000001
[20180306-19:03:06] [INFO ] Loading keymap file /etc/xrdp/km-00000409.ini
[20180306-19:03:06] [WARN ] local keymap file for 0x00000409 found and doesn't match built in keymap, using local keymap file
[20180306-19:03:07] [DEBUG] xrdp_wm_log_msg: connecting to sesman ip 127.0.0.1 port 3350
[20180306-19:03:07] [INFO ] xrdp_wm_log_msg: sesman connect ok
[20180306-19:03:07] [DEBUG] xrdp_wm_log_msg: sending login info to session manager, please wait...
[20180306-19:03:07] [DEBUG] return value from xrdp_mm_connect 0
[20180306-19:03:08] [INFO ] xrdp_wm_log_msg: login successful for display 11
[20180306-19:03:08] [DEBUG] xrdp_wm_log_msg: started connecting
[20180306-19:03:08] [INFO ] lib_mod_log_peer: xrdp_pid=1445 connected to X11rdp_pid=633 X11rdp_uid=1000 X11rdp_gid=1000 client_ip=::ffff:192.168.16.252 client_port=44206
[20180306-19:03:08] [DEBUG] xrdp_wm_log_msg: connected ok
[20180306-19:03:08] [DEBUG] xrdp_mm_connect_chansrv: chansrv connect successful
[20180306-19:03:08] [DEBUG] Closed socket 16 (AF_INET6 ::1 port 49308)
[20180306-19:03:08] [INFO ] The following channel is allowed: rdpdr (0)
[20180306-19:03:08] [INFO ] The following channel is allowed: rdpsnd (1)
[20180306-19:03:09] [INFO ] The following channel is allowed: cliprdr (2)
[20180306-19:03:09] [DEBUG] The allow channel list now initialized for this session
root@mamporrero2:/var/log# tail -n 200 xrdp.log 
xrdp-sesman.log

Code: Select all

[20180306-19:03:07] [INFO ] A connection received from ::1 port 49308
[20180306-19:03:07] [INFO ] ++ reconnected session: username m1, display :11.0, session_pid 631, ip 0.0.0.0:44206 - socket: 12
[20180306-19:03:08] [DEBUG] Closed socket 8 (AF_INET6 ::1 port 3350)
root@mamporrero2:/var/log# 
At this point I'm tired of searching, and a bit annoyed because this was astoundingly easy on debian 8, I just feel stupid at this point.

I kindly ask for some help.
Last edited by asimov-solensan on 2018-03-17 08:45, edited 1 time in total.

asimov-solensan
Posts: 3
Joined: 2018-03-05 19:23

Re: xrdp blank screen although /etc/X11/Xwrapper.config is s

#2 Post by asimov-solensan »

Continued checking this and with Xubuntu 17.10 I have got the same error. I wanted to test with something close to debian.
On both systems if I send a wrong password the connection fails, and I got the xrdp login screen.
So it seems that the it's accepting the connection but gets stuck at some point.

asimov-solensan
Posts: 3
Joined: 2018-03-05 19:23

Re: xrdp blank screen although /etc/X11/Xwrapper.config is s

#3 Post by asimov-solensan »

Ok, finally solved the problem and was network related.

I have got a virtual firewall and rules were correctly set. But for some reason the CPU was stuck at almost 100% and a huge amount of IRQ interruptions. Didn't noticed because less demanding applications worked mostly well once stopped the process I got it working.

Summary: nothing to see here.

Post Reply