Have two machines running Fedora 32, and just noticed with the latest update of tigervnc-server the vncserver is GONE?
Did a downgrade on both machines, and it is back and running just fine.
The one machine had rebooted, and therefor wasn't able to load the server. The other machine still had the server running from before the upgrade, so was able to vnc into it.
The file from the /usr/bin director was just no longer there. Tried a reinstall, and still no file. Only the downgrade option restored it??
Not sure on how to report this. Didn't notice it until trying to vnc into machine that had rebooted? The dnf whatprovides shows that the program is included, so not sure what kind of error is in the latest update??
Thanks and be Safe...
+------------------------------------------------------------+ Michael D. Setzer II - Computer Science Instructor (Retired) mailto:mikes@guam.net mailto:msetzerii@gmail.com Guam - Where America's Day Begins G4L Disk Imaging Project maintainer http://sourceforge.net/projects/g4l/ +------------------------------------------------------------+
On Thu, 17 Sep 2020 06:36:29 +1000 Michael D. Setzer II via users wrote:
Have two machines running Fedora 32, and just noticed with the latest update of tigervnc-server the vncserver is GONE?
I don't use vncserver very often, but I just did an update and I see no /usr/bin/vncserver, but there is a /usr/bin/x0vncserver:
zooty> rpm -q -f /usr/bin/x0vncserver tigervnc-server-1.11.0-1.fc32.x86_64
No idea what that is about.
On Wed, 16 Sep 2020 16:53:01 -0400 Tom Horsley wrote:
No idea what that is about.
Found a man page saying x0vncserver is only for sharing the physical X display, since the only times I ever use vncserver is to create a separate instance of an X display not associated with a physical display this sounds like a major chunk of functionality just disappeared. Seems like a bug to me.
It looks like what happened is that the upstream project removed that wrapper script. This kind of update probably shouldn't have been submitted for Fedora 32, but now that it's in the wild, I've opened a bug[1] to request the package maintainer add a script that points users to new instructions. You can see the new instructions in the HOWTO.md file in the package repo[2].
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1879739 [2] https://src.fedoraproject.org/rpms/tigervnc/blob/518baca222c94fb7f4499f5426d...
On Wed, 2020-09-16 at 16:54 -0400, Ben Cotton wrote:
It looks like what happened is that the upstream project removed that wrapper script. This kind of update probably shouldn't have been submitted for Fedora 32, but now that it's in the wild, I've opened a bug[1] to request the package maintainer add a script that points users to new instructions. You can see the new instructions in the HOWTO.md file in the package repo[2].
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1879739 [2] https://src.fedoraproject.org/rpms/tigervnc/blob/518baca222c94fb7f4499f5426d...
-- Ben Cotton He / Him / His Senior Program Manager, Fedora & CentOS Stream Red Hat TZ=America/Indiana/Indianapolise
Ben,
When I followed the TigerVNC installation and configuration instructions in the F33 SysAdmin Guide, I suspected something had been overtaken by systemctl. But when I followed the instructions in link [2], I'm still getting pretty much the same unhelpful error:
# systemctl start vncserver@:1 Job for vncserver@:1.service failed because the control process exited with error code. See "systemctl status vncserver@:1.service" and "journalctl -xe" for details.
# systemctl status vncserver@:1.service * vncserver@:1.service - Remote desktop service (VNC) Loaded: loaded (/etc/systemd/system/vncserver@.service; disabled; vendor preset: disabled) Active: failed (Result: exit-code) since Tue 2020-12-22 18:02:39 CST; 23s ago Process: 153994 ExecStart=/sbin/runuser -l doc -c /usr/bin/vncserver :1 -geometry 1280x1024 (code=exited, status=203/EXEC) CPU: 1ms
Dec 22 18:02:39 tiger.protogeek.org systemd[1]: Starting Remote desktop service (VNC)... Dec 22 18:02:39 tiger.protogeek.org systemd[153994]: vncserver@:1.service: Failed to execute command: Permission denied Dec 22 18:02:39 tiger.protogeek.org systemd[153994]: vncserver@:1.service: Failed at step EXEC spawning /sbin/runuser: Permission denied Dec 22 18:02:39 tiger.protogeek.org systemd[1]: vncserver@:1.service: Control process exited, code=exited, status=203/EXEC Dec 22 18:02:39 tiger.protogeek.org systemd[1]: vncserver@:1.service: Failed with result 'exit-code'. Dec 22 18:02:39 tiger.protogeek.org systemd[1]: Failed to start Remote desktop service (VNC).
What does 203/EXEC mean to you??
--Doc Savage Fairview Heights, IL
On 22 Dec 2020 at 19:14, Tom Horsley wrote:
Date sent: Tue, 22 Dec 2020 19:14:37 -0500 From: Tom Horsley horsley1953@gmail.com To: users@lists.fedoraproject.org Subject: Re: vncserver program disappered on FC32?? Send reply to: Community support for Fedora users users@lists.fedoraproject.org
On Tue, 22 Dec 2020 18:05:05 -0600 Robert G. (Doc) Savage via users wrote:
When I followed the TigerVNC installation and configuration instructions in the F33 SysAdmin Guide
I took a different tack: I copied the vncserver script off my f32 partition, and it worked fine :-).
It is totally screwed up. More talk on the vnc list. The vncserver disappeared with an update on Fedora 32, but then they put it back with info on the change. Rather than keeping it simple with the vncserver, they want to move it to systemd and require all kinds of hoops to jump thru and make it a lot less useful. Have to have an administrator add user and port to the /etc/tigervnc/vncserver.user :port=user
# TigerVNC User assignment # # This file assigns users to specific VNC display numbers. # The syntax is <display>=<username>. E.g.: # # :2=andrew # :3=lisa
Then you have to systemctl enable for that port.
Then on startup. I will start the vnc.
Problem is: If it works, you can no longer locally log into that user id, since it is configured for only the vnc session on that user??
Never got a clear answer on why they seem to think this is necessary, and who is pushing it. Have heard there were some issues with running a local gnome and an vnc gnome at same time. I always ran the vnc with xfce so never had an issue. Had lines in rc.local that would start the vncserver for users at boot up using runuser option.
New setup is letter root (systemd) start the vncsession option.
Their is now a new config file in the ~/.vnc directory that is suppose to start up things, but last time I tested it. I was giving errors if you tried to setup a session option.
So, on my fedora 32 machines I downgraded the tigervncserver to before the upgrade, and exclude the update. Haven't figured what I will do later.
Worked fine with setup using xfce option, so not sure if this is coming from gnome or tigervnc or someone that thinks they know best for everyone...
users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
+------------------------------------------------------------+ Michael D. Setzer II - Computer Science Instructor (Retired) mailto:mikes@guam.net mailto:msetzerii@gmail.com Guam - Where America's Day Begins G4L Disk Imaging Project maintainer http://sourceforge.net/projects/g4l/ +------------------------------------------------------------+
On 12/22/20 8:13 PM, Michael D. Setzer II wrote:
Problem is: If it works, you can no longer locally log into that user id, since it is configured for only the vnc session on that user??
That doesn't make sense. Can you explain what you mean?
Never got a clear answer on why they seem to think this is necessary, and who is pushing it. Have heard there were some issues with running a local gnome and an vnc gnome at same time. I always ran the vnc with xfce so never had an issue. Had lines in rc.local that would start the vncserver for users at boot up using runuser option.
Of course you can't run them both at the same time. Both Gnome sessions are going to be trying to run the same processes and they'll conflict. If you run a simpler desktop system that doesn't use dbus or multiple processes, then it might be ok to run both. But you still might end up with conflicting file writes for configs or caches.
Their is now a new config file in the ~/.vnc directory that is suppose to start up things, but last time I tested it. I was giving errors if you tried to setup a session option.
Works fine for me. I have it setup for openbox.
On 22 Dec 2020 at 20:28, Samuel Sieb wrote:
Subject: Re: vncserver program disappered on FC32?? To: users@lists.fedoraproject.org From: Samuel Sieb samuel@sieb.net Date sent: Tue, 22 Dec 2020 20:28:21 -0800 Send reply to: Community support for Fedora users users@lists.fedoraproject.org
On 12/22/20 8:13 PM, Michael D. Setzer II wrote:
Problem is: If it works, you can no longer locally log into that user id, since it is configured for only the vnc session on that user??
That doesn't make sense. Can you explain what you mean?
Never said it made sense. Just what it is.
If you set up a user account they way they say. It will start a vnc session on boot up with that user and that port. You can then vnc into the computer on that port and use the computer.
If you try to log in locally on that computer with that user id, the log in doesn't work, and it goes immediately back to the log in screen..
You can log in locally on the machine with a different user that doesn't have the vnc setup, and you can then use the vncviewer to connect to the same machine with that user?
Seems to solve the problem of running a local and vnc gnome session at the same time, the solution is that you can only do one or the other.
Even if you want to run the vnc with a different desktop..
That is what I found... If someone finds different.
Never got a clear answer on why they seem to think this is necessary, and who is pushing it. Have heard there were some issues with running a local gnome and an vnc gnome at same time. I always ran the vnc with xfce so never had an issue. Had lines in rc.local that would start the vncserver for users at boot up using runuser option.
Of course you can't run them both at the same time. Both Gnome sessions are going to be trying to run the same processes and they'll conflict. If you run a simpler desktop system that doesn't use dbus or multiple processes, then it might be ok to run both. But you still might end up with conflicting file writes for configs or caches.
Their is now a new config file in the ~/.vnc directory that is suppose to start up things, but last time I tested it. I was giving errors if you tried to setup a session option.
Works fine for me. I have it setup for openbox. _______________________________________________ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
+------------------------------------------------------------+ Michael D. Setzer II - Computer Science Instructor (Retired) mailto:mikes@guam.net mailto:msetzerii@gmail.com Guam - Where America's Day Begins G4L Disk Imaging Project maintainer http://sourceforge.net/projects/g4l/ +------------------------------------------------------------+
On 12/22/20 10:06 PM, Michael D. Setzer II wrote:
On 22 Dec 2020 at 20:28, Samuel Sieb wrote:
On 12/22/20 8:13 PM, Michael D. Setzer II wrote:
Problem is: If it works, you can no longer locally log into that user id, since it is configured for only the vnc session on that user??
That doesn't make sense. Can you explain what you mean?
Never said it made sense. Just what it is.
If you set up a user account they way they say. It will start a vnc session on boot up with that user and that port. You can then vnc into the computer on that port and use the computer.
If you try to log in locally on that computer with that user id, the log in doesn't work, and it goes immediately back to the log in screen..
Oh, that's what you mean. I thought you meant you couldn't ssh into it using that user or something like that. Ok, then that's just the same thing that you were saying further down. You can't have multiple graphical sessions for the same user. It just doesn't work. Have you ever been able to do that with vncserver? It's never worked for me. Or it sort of worked briefly, but sooner or later things go badly wrong.
On 22 Dec 2020 at 23:04, Samuel Sieb wrote:
Subject: Re: vncserver program disappered on FC32?? To: Community support for Fedora users users@lists.fedoraproject.org From: Samuel Sieb samuel@sieb.net Date sent: Tue, 22 Dec 2020 23:04:46 -0800 Send reply to: Community support for Fedora users users@lists.fedoraproject.org
On 12/22/20 10:06 PM, Michael D. Setzer II wrote:
On 22 Dec 2020 at 20:28, Samuel Sieb wrote:
On 12/22/20 8:13 PM, Michael D. Setzer II wrote:
Problem is: If it works, you can no longer locally log into that user id, since it is configured for only the vnc session on that user??
That doesn't make sense. Can you explain what you mean?
Never said it made sense. Just what it is.
If you set up a user account they way they say. It will start a vnc session on boot up with that user and that port. You can then vnc into the computer on that port and use the computer.
If you try to log in locally on that computer with that user id, the log in doesn't work, and it goes immediately back to the log in screen..
Oh, that's what you mean. I thought you meant you couldn't ssh into it using that user or something like that. Ok, then that's just the same thing that you were saying further down. You can't have multiple graphical sessions for the same user. It just doesn't work. Have you ever been able to do that with vncserver? It's never worked for me. Or it sort of worked briefly, but sooner or later things go badly wrong.
I think if you try and run a local session and vnc session with both using gnome desktop there are issues with it. But I always run the vnc session with the xfce desktop and never had a problem. I've also had no problem running xfce locally with a vnc xfce session. Seems gnome is doing something with dbus, and causes a conflict with both sessions trying to use the same dbus settings??
users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
+------------------------------------------------------------+ Michael D. Setzer II - Computer Science Instructor (Retired) mailto:mikes@guam.net mailto:msetzerii@gmail.com Guam - Where America's Day Begins G4L Disk Imaging Project maintainer http://sourceforge.net/projects/g4l/ +------------------------------------------------------------+
On Wed, 2020-12-23 at 18:15 +1000, Michael D. Setzer II via users wrote:
On 22 Dec 2020 at 23:04, Samuel Sieb wrote:
Subject: Re: vncserver program disappered on FC32?? To: Community support for Fedora users users@lists.fedoraproject.org From: Samuel Sieb samuel@sieb.net Date sent: Tue, 22 Dec 2020 23:04:46 -0800 Send reply to: Community support for Fedora users users@lists.fedoraproject.org
On 12/22/20 10:06 PM, Michael D. Setzer II wrote:
On 22 Dec 2020 at 20:28, Samuel Sieb wrote:
On 12/22/20 8:13 PM, Michael D. Setzer II wrote:
Problem is: If it works, you can no longer locally log into that user id, since it is configured for only the vnc session on that user??
That doesn't make sense. Can you explain what you mean?
Never said it made sense. Just what it is.
If you set up a user account they way they say. It will start a vnc session on boot up with that user and that port. You can then vnc into the computer on that port and use the computer.
If you try to log in locally on that computer with that user id, the log in doesn't work, and it goes immediately back to the log in screen..
Oh, that's what you mean. I thought you meant you couldn't ssh into it using that user or something like that. Ok, then that's just the same thing that you were saying further down. You can't have multiple graphical sessions for the same user. It just doesn't work. Have you ever been able to do that with vncserver? It's never worked for me. Or it sort of worked briefly, but sooner or later things go badly wrong.
I think if you try and run a local session and vnc session with both using gnome desktop there are issues with it. But I always run the vnc session with the xfce desktop and never had a problem. I've also had no problem running xfce locally with a vnc xfce session. Seems gnome is doing something with dbus, and causes a conflict with both sessions trying to use the same dbus settings??
My situation is similar, except that I use MATE exclusively. I am trying to understand why the upstream maintainer's solution allows only a single TigerVNC logon using a particular UserID. In other words, if I have a local USER-A and a TigerVNC USER-A, if one is logged on the other cannot. Does this mean that a TigerVNC USER-A will not have access to local USER-A's home directory, and vice versa. If so, this is ludicrous.
If TigerVNC has been so badly mangled in the name of systemd support, what alternative VNC can folks recommend in its place? I seriously need one to support development of virtual machines hosted on a server with huge storage, and the local console of that storage machine is not in a suitable place for development.
--Doc Savage Fairview Heights, IL
On Thu, Dec 24, 2020 at 11:29:02AM -0600, Robert G. (Doc) Savage via users wrote:
what alternative VNC can folks recommend in its place? I seriously need one to support development of virtual machines hosted on a server with huge storage, and the local console of that storage machine is not in a suitable place for development.
Does X2Go work for your use cases?
https://wiki.x2go.org/doku.php/start
Or, wait, since you're running VMs, have you considered using VNC as the graphics console for your VMs and connecting directly?
On Thu, 2020-12-24 at 13:07 -0500, Matthew Miller wrote:
On Thu, Dec 24, 2020 at 11:29:02AM -0600, Robert G. (Doc) Savage via users wrote:
what alternative VNC can folks recommend in its place? I seriously need one to support development of virtual machines hosted on a server with huge storage, and the local console of that storage machine is not in a suitable place for development.
Does X2Go work for your use cases?
https://wiki.x2go.org/doku.php/start
Or, wait, since you're running VMs, have you considered using VNC as the graphics console for your VMs and connecting directly?
-- Matthew Miller mattdm@fedoraproject.org Fedora Project Leader
Matt,
The primary mission of the server is mass storage (19 TB ZFS). Direct console (MATE) and ssh connections meet those needs just fine. It's the new mission objective of using that huge back-end storage space for creating virtual machines to prototype new client servers (not yet purchased). A VNC supporting the MATE desktop would be ideal since the local console is located in an inconvenient space. My plans to use TigerVNC to access virtual machines on this server now seem to be torpedoed.
--Doc Savage Fairview Heights, IL
On Thu, Dec 24, 2020 at 12:30:19PM -0600, Robert G. (Doc) Savage via users wrote:
The primary mission of the server is mass storage (19 TB ZFS). Direct console (MATE) and ssh connections meet those needs just fine. It's the new mission objective of using that huge back-end storage space for creating virtual machines to prototype new client servers (not yet purchased). A VNC supporting the MATE desktop would be ideal since the local console is located in an inconvenient space. My plans to use TigerVNC to access virtual machines on this server now seem to be torpedoed.
For this use case, have you considered using the built-in VNC functionality of virt-manager?
On 25/12/2020 02:47, Matthew Miller wrote:
On Thu, Dec 24, 2020 at 12:30:19PM -0600, Robert G. (Doc) Savage via users wrote:
The primary mission of the server is mass storage (19 TB ZFS). Direct console (MATE) and ssh connections meet those needs just fine. It's the new mission objective of using that huge back-end storage space for creating virtual machines to prototype new client servers (not yet purchased). A VNC supporting the MATE desktop would be ideal since the local console is located in an inconvenient space. My plans to use TigerVNC to access virtual machines on this server now seem to be torpedoed.
For this use case, have you considered using the built-in VNC functionality of virt-manager?
When it comes to connecting to a VM I use remmina along with the remmina-plugins-spice. Works fine, and there is no need to configure a VNC server on the VM.
--- The key to getting good answers is to ask good questions.
On Thu, 2020-12-24 at 13:47 -0500, Matthew Miller wrote:
On Thu, Dec 24, 2020 at 12:30:19PM -0600, Robert G. (Doc) Savage via users wrote:
The primary mission of the server is mass storage (19 TB ZFS). Direct console (MATE) and ssh connections meet those needs just fine. It's the new mission objective of using that huge back-end storage space for creating virtual machines to prototype new client servers (not yet purchased). A VNC supporting the MATE desktop would be ideal since the local console is located in an inconvenient space. My plans to use TigerVNC to access virtual machines on this server now seem to be torpedoed.
For this use case, have you considered using the built-in VNC functionality of virt-manager?
Matt,
Snapshot: I want to build and use a 240 GB C7.9 VM from my F33 laptop using NFS storage from a C8.3 server
Reality: You can't get there from here. At every step there's a permissions blockage, and none is a simple rwx problem.
--Doc Savage Fairview Heights, IL
On 27/12/2020 11:39, Robert G. (Doc) Savage via users wrote:
Snapshot: I want to build and use a 240 GB C7.9 VM from my F33 laptop using NFS storage from a C8.3 server
Reality: You can't get there from here. At every step there's a permissions blockage, and none is a simple rwx problem.
Do I understand you correctly when I say you want your C(entos) 7 VM's disk storage to reside on your C(entos) NFS server?
If so, that is pretty much what I do.
My F33 desktop had several VM's defined. While I don't use that much storage the F33 system has, for example.
[root@meimei images]# pwd /var/lib/libvirt/images
[root@meimei images]# ll f33k.qcow2 lrwxrwxrwx. 1 root root 27 Aug 29 16:35 f33k.qcow2 -> /aux/qemu-images/f33k.qcow2
[root@meimei images]# df -T | grep aux nas:/volume1/aux nfs4 5621463168 1946477440 3674985728 35% /aux
The system "nas" is a Synology NFS server.
--- The key to getting good answers is to ask good questions.
On 27/12/2020 12:14, Ed Greshko wrote:
On 27/12/2020 11:39, Robert G. (Doc) Savage via users wrote:
Snapshot: I want to build and use a 240 GB C7.9 VM from my F33 laptop using NFS storage from a C8.3 server
Reality: You can't get there from here. At every step there's a permissions blockage, and none is a simple rwx problem.
Do I understand you correctly when I say you want your C(entos) 7 VM's disk storage to reside on your C(entos) NFS server?
If so, that is pretty much what I do.
My F33 desktop had several VM's defined. While I don't use that much storage the F33 system has, for example.
[root@meimei images]# pwd /var/lib/libvirt/images
[root@meimei images]# ll f33k.qcow2 lrwxrwxrwx. 1 root root 27 Aug 29 16:35 f33k.qcow2 -> /aux/qemu-images/f33k.qcow2
[root@meimei images]# df -T | grep aux nas:/volume1/aux nfs4 5621463168 1946477440 3674985728 35% /aux
The system "nas" is a Synology NFS server.
Oh, and FWIW, I also use qemu-img to create a qcow2 file directly on /aux/qemu-images and point to that file when creating the VM.
The advantage to that is one can thin-provision the qcow2 file to "save" space.
--- The key to getting good answers is to ask good questions.
On Sun, 2020-12-27 at 12:14 +0800, Ed Greshko wrote:
On 27/12/2020 11:39, Robert G. (Doc) Savage via users wrote:
Snapshot: I want to build and use a 240 GB C7.9 VM from my F33 laptop using NFS storage from a C8.3 server
Reality: You can't get there from here. At every step there's a permissions blockage, and none is a simple rwx problem.
Do I understand you correctly when I say you want your C(entos) 7 VM's disk storage to reside on your C(entos) NFS server?
If so, that is pretty much what I do.
My F33 desktop had several VM's defined. While I don't use that much storage the F33 system has, for example.
[root@meimei images]# pwd /var/lib/libvirt/images
[root@meimei images]# ll f33k.qcow2 lrwxrwxrwx. 1 root root 27 Aug 29 16:35 f33k.qcow2 -> /aux/qemu- images/f33k.qcow2
[root@meimei images]# df -T | grep aux nas:/volume1/aux nfs4 5621463168 1946477440 3674985728 35% /aux
The system "nas" is a Synology NFS server.
Ed,
Here's the environment:
Bulk storage server for whole home - 45drives.com Storinator - 1 of 3 payload bays populated with 15 x 4TB drives in a 39 TB ZFS raidz3 array - OS is CentOS 8.3 with array - NFS shared as /tank - /etc/exports contains /tank 192.168.1.0/24(rw/sync,root_squash) - samba not yet configured
Linux laptop - ThinkKPad P72 with 2 TB NVME boot drive - OS is Fedora 33 - /etc/fstab contains store:/tank /tank nfs defaults 0 0 - tank array mounted on /tank
Windows 10 Pro PC
My original concept was to create a 240 GB VM in the /tank/VM/ space and prototype C7, C8, or F33 versions of a physical storage server at a client site with a 240 GB SSD boot drive and 4 x 500 GB LVM RAID5 array served out with Samba to multiple client PCs and MACs.
I wanted to use a TigerVNC client on the Linux laptop to set up and configure the 240 GB VM on the storage server, but because the upstream author has munged its systemd conversion this is no longer possible. I also wanted to use RDP to connect the Windows PC to test samba connections on the VM running TigerVNC server.
Unfortunately I've run into permissions hell and can get none of these working. I would like to find an alternative to TigerVNC that will work in the target environment.
--Doc Savage Fairview Heights, IL
On 28/12/2020 06:04, Robert G. (Doc) Savage via users wrote:
Here's the environment:
Bulk storage server for whole home
- 45drives.com Storinator
- 1 of 3 payload bays populated with 15 x 4TB drives in a 39 TB ZFS raidz3 array
- OS is CentOS 8.3 with array
- NFS shared as /tank
- /etc/exports contains /tank 192.168.1.0/24(rw/sync,root_squash)
- samba not yet configured
Linux laptop
- ThinkKPad P72 with 2 TB NVME boot drive
- OS is Fedora 33
- /etc/fstab contains store:/tank /tank nfs defaults 0 0
- tank array mounted on /tank
Windows 10 Pro PC
My original concept was to create a 240 GB VM in the /tank/VM/ space and prototype C7, C8, or F33 versions of a physical storage server at a client site with a 240 GB SSD boot drive and 4 x 500 GB LVM RAID5 array served out with Samba to multiple client PCs and MACs.
I wanted to use a TigerVNC client on the Linux laptop to set up and configure the 240 GB VM on the storage server, but because the upstream author has munged its systemd conversion this is no longer possible. I also wanted to use RDP to connect the Windows PC to test samba connections on the VM running TigerVNC server.
Unfortunately I've run into permissions hell and can get none of these working. I would like to find an alternative to TigerVNC that will work in the target environment.
To verify.
1. The VM's disk will be located on the file system mounted on that laptop at /tank in a subdirectory VM. 2. The VM is running on the laptop. That is, the laptop is running virt-manager. Meaning the laptop is the host. 3. Your user is a member of the libvirt group.
(Ignoring for the moment that it isn't clear to me what you mean by, and where the 240 GB SSD boot drive and 4 x 500 GB LVM RAID5 array resides. And/or, if that storage is to be part of the C7, C8 VM's in some manner.)
If the above is true, then I see no need to connect to the storage server via VNC.
On the laptop I would run something akin to....
qemu-img create -f qcow2 /tank/VM/F33.qcow2 240G
Then running virt-manager on the laptop follow the steps to create a new VM and in the step to create or choose the storage location point to /tank/VM/F33.qcow2.
--- The key to getting good answers is to ask good questions.
On Mon, 2020-12-28 at 07:17 +0800, Ed Greshko wrote:
On 28/12/2020 06:04, Robert G. (Doc) Savage via users wrote:
Here's the environment:
Bulk storage server for whole home
- 45drives.com Storinator
- 1 of 3 payload bays populated with 15 x 4TB drives in a 39 TB ZFS
raidz3 array
- OS is CentOS 8.3 with array
- NFS shared as /tank
- /etc/exports contains /tank
192.168.1.0/24(rw/sync,root_squash)
- samba not yet configured
Linux laptop
- ThinkKPad P72 with 2 TB NVME boot drive
- OS is Fedora 33
- /etc/fstab contains store:/tank /tank nfs defaults 0 0
- tank array mounted on /tank
Windows 10 Pro PC
My original concept was to create a 240 GB VM in the /tank/VM/ space and prototype C7, C8, or F33 versions of a physical storage server at a client site with a 240 GB SSD boot drive and 4 x 500 GB LVM RAID5 array served out with Samba to multiple client PCs and MACs.
I wanted to use a TigerVNC client on the Linux laptop to set up and configure the 240 GB VM on the storage server, but because the upstream author has munged its systemd conversion this is no longer possible. I also wanted to use RDP to connect the Windows PC to test samba connections on the VM running TigerVNC server.
Unfortunately I've run into permissions hell and can get none of these working. I would like to find an alternative to TigerVNC that will work in the target environment.
To verify.
1. The VM's disk will be located on the file system mounted on that laptop at /tank in a subdirectory VM. 2. The VM is running on the laptop. That is, the laptop is running virt-manager. Meaning the laptop is the host. 3. Your user is a member of the libvirt group.
(Ignoring for the moment that it isn't clear to me what you mean by, and where the 240 GB SSD boot drive and 4 x 500 GB LVM RAID5 array resides. And/or, if that storage is to be part of the C7, C8 VM's in some manner.)
If the above is true, then I see no need to connect to the storage server via VNC.
On the laptop I would run something akin to....
qemu-img create -f qcow2 /tank/VM/F33.qcow2 240G
Then running virt-manager on the laptop follow the steps to create a new VM and in the step to create or choose the storage location point to /tank/VM/F33.qcow2.
Ed,
Imagine I were trying to do all this on one machine. I would use virt- manager to create a 240 GB VM on the laptop and install a working copy of the client's fileserver OS there. (I would also create a small Samba disk later to test operation from a Windows PC, but let's not get tripped up on that just yet.)
Now disperse this scenario. Run virt-manager on the laptop and create a VM on the storage server. To test the correct configuration of the VM, I will need to have a VNC installed in that VM and connect to it from the Windows PC. If I need to make any changes, I'll go back to the VNC client on the laptop and make any mods required.
The trouble with this dispersal concept is that the various components don't cooperate permissions-wise. This is partly due to classic rwx permissions, partly systemd misconfiguration, and partly other stuff I haven't quite figured out.
I should point out that the storage server is not in a convenient location, which is why I want it to have a VNC server and also one in each of the VMs I build in its payload bay. Simple ssh connections without desktops aren't enough.
And I have created the 240 GB image file on the storage server:
# ls -l /tank/VMs/ total 1 -rwxrw-rw-. 1 doc doc 257698037760 Dec 26 10:57 U-Studios.img
The problem is the virt-manager on my laptop can't connect to it.
# dir /tank/VMs/ total 1 -rw-------. 1 root root 257698037760 Dec 26 10:57 U-Studios.img
Virtual Machine Manager Connectiono libvirt qemu+ssh://doc@storinator/system. Configure SSH key access for the remote host, or install an SSH askpass package locally. Would you still like to remember this connection?
Details:
Unable to connect to libvirt qemu+ssh://doc@storinator/system.
Configure SSH key access for the remote host, or install an SSH askpass package locally.
Libvirt URI is: qemu+ssh://doc@storinator/system
Traceback (most recent call last): File "/usr/share/virt-manager/virtManager/connection.py", line 922, in _do_open self._backend.open(cb, data) File "/usr/share/virt-manager/virtinst/connection.py", line 153, in open conn = libvirt.openAuth(self._open_uri, File "/usr/lib64/python3.9/site-packages/libvirt.py", line 104, in openAuth if ret is None:raise libvirtError('virConnectOpenAuth() failed') libvirt.libvirtError: Cannot recv data: ssh_askpass: exec(/usr/libexec/openssh/ssh-askpass): No such file or directory Permission denied, please try again. ssh_askpass: exec(/usr/libexec/openssh/ssh-askpass): No such file or directory Permission denied, please try again. ssh_askpass: exec(/usr/libexec/openssh/ssh-askpass): No such file or directory doc@storinator: Permission denied (publickey,gssapi-keyex,gssapi-with- mic,password).: Connection reset by peer
And yes, I can connect to the storinator server from my laptop via ssh just fine:
$ ssh doc@storinator Activate the web console with: systemctl enable --now cockpit.socket
Last login: Mon Dec 28 11:45:05 2020 from 192.168.1.30
$
This is a good example of what I mean when I say dispersal of the architecture components doesn't work.
--Doc
On Mon, Dec 28, 2020 at 11:58:35AM -0600, Robert G. (Doc) Savage via users wrote:
Now disperse this scenario. Run virt-manager on the laptop and create a VM on the storage server. To test the correct configuration of the VM, I will need to have a VNC installed in that VM and connect to it from the Windows PC. If I need to make any changes, I'll go back to the VNC client on the laptop and make any mods required.
You do not need to have VNC installed _in_ the VM. Just configure the VM _with_ VNC.
The trouble with this dispersal concept is that the various components don't cooperate permissions-wise. This is partly due to classic rwx permissions, partly systemd misconfiguration, and partly other stuff I haven't quite figured out.
[...]
exec(/usr/libexec/openssh/ssh-askpass): No such file or directory
sudo dnf install /usr/libexec/openssh/ssh-askpass
On 29/12/2020 05:56, Matthew Miller wrote:
exec(/usr/libexec/openssh/ssh-askpass): No such file or directory
sudo dnf install /usr/libexec/openssh/ssh-askpass
That isn't necessary if one has copied their public key to the ~/.ssh/authorized_keys file on the remote host running which is running libvirtd.
FWIW, one of the first things I do when configuring a new system is to disable passwords for ssh connections and only allow public key authentication.
--- The key to getting good answers is to ask good questions.
On Tue, Dec 29, 2020 at 08:34:49AM +0800, Ed Greshko wrote:
exec(/usr/libexec/openssh/ssh-askpass): No such file or directory
sudo dnf install /usr/libexec/openssh/ssh-askpass
That isn't necessary if one has copied their public key to the ~/.ssh/authorized_keys file on the remote host running which is running libvirtd.
Is that what it's complaining about? I assumed it wasn't properly getting the key from the GNOME keyring and therefore needed to run that to unlock it.
On 30/12/2020 00:51, Matthew Miller wrote:
On Tue, Dec 29, 2020 at 08:34:49AM +0800, Ed Greshko wrote:
exec(/usr/libexec/openssh/ssh-askpass): No such file or directory
sudo dnf install /usr/libexec/openssh/ssh-askpass
That isn't necessary if one has copied their public key to the ~/.ssh/authorized_keys file on the remote host running which is running libvirtd.
Is that what it's complaining about? I assumed it wasn't properly getting the key from the GNOME keyring and therefore needed to run that to unlock it.
Yes. That is why it says "ssh".
Did you define the connection in virt-manager? If you did, didn't you find it "odd" that there was no "password" field to enter?
--- The key to getting good answers is to ask good questions.
On Wed, Dec 30, 2020 at 01:21:08AM +0800, Ed Greshko wrote:
On Tue, Dec 29, 2020 at 08:34:49AM +0800, Ed Greshko wrote:
exec(/usr/libexec/openssh/ssh-askpass): No such file or directory
sudo dnf install /usr/libexec/openssh/ssh-askpass
That isn't necessary if one has copied their public key to the ~/.ssh/authorized_keys file on the remote host running which is running libvirtd.
Is that what it's complaining about? I assumed it wasn't properly getting the key from the GNOME keyring and therefore needed to run that to unlock it.
Yes. That is why it says "ssh".
Well, it specifically says that ssh-askpass is not found, not "ssh authentication denied". So there might be a key that exists but isn't unlocked.
On 30/12/2020 02:01, Matthew Miller wrote:
On Wed, Dec 30, 2020 at 01:21:08AM +0800, Ed Greshko wrote:
On Tue, Dec 29, 2020 at 08:34:49AM +0800, Ed Greshko wrote:
exec(/usr/libexec/openssh/ssh-askpass): No such file or directory
sudo dnf install /usr/libexec/openssh/ssh-askpass
That isn't necessary if one has copied their public key to the ~/.ssh/authorized_keys file on the remote host running which is running libvirtd.
Is that what it's complaining about? I assumed it wasn't properly getting the key from the GNOME keyring and therefore needed to run that to unlock it.
Yes. That is why it says "ssh".
Well, it specifically says that ssh-askpass is not found, not "ssh authentication denied". So there might be a key that exists but isn't unlocked.
You're right.
I just realized that all of my ssh keys were generated with empty pass phrases. To add to my confused state, I did a test from a VM which was installed via the Xfce spin. Unlike Workstation and the KDE spin, the Xfce spin installs openssh-askpass by default which I did not realize.
Now, with that in mind, it would have been good to know *how* the OP was starting virt-manager since these are 3 observations. With the ssh key and a pass phrase.
1. Starting virt-manager from the command line and openssh-askpass installed one gets a GUI pop-up requesting pass phrase.
2. Starting virt-manager from the command line without openssh-askpass installed one gets a prompt in the terminal for the pass-phrase.
3. Starting virt-manager from the menu without openssh-askpass installed results in a pop-up as noted by the OP. "Configure SSH key access for the remote host, or install an SSH askpass package locally."
So, knowing #3 wold have given me a better chance of actually recreating the error. :-) :-)
--- The key to getting good answers is to ask good questions.
On Sat, Dec 26, 2020 at 09:39:53PM -0600, Robert G. (Doc) Savage via users wrote:
For this use case, have you considered using the built-in VNC functionality of virt-manager?
Snapshot: I want to build and use a 240 GB C7.9 VM from my F33 laptop using NFS storage from a C8.3 server
Reality: You can't get there from here. At every step there's a permissions blockage, and none is a simple rwx problem.
I have set up and managed CentOS VMs on a remote CentOS server using virt-manager on Fedora. This was our primary way of working with a collection of systems at a previous job. One can definitely get there.
Have you looked at the approach I'm suggesting?
On Thu, 24 Dec 2020 at 13:29, Robert G. (Doc) Savage via users < users@lists.fedoraproject.org> wrote:
On Wed, 2020-12-23 at 18:15 +1000, Michael D. Setzer II via users wrote:
I think if you try and run a local session and vnc session with both using gnome desktop there are issues with it. But I always run the vnc session with the xfce desktop and never had a problem. I've also had no problem running xfce locally with a vnc xfce session. Seems gnome is doing something with dbus, and causes a conflict with both sessions trying to use the same dbus settings??
My situation is similar, except that I use MATE exclusively. I am trying to understand why the upstream maintainer's solution allows only a single TigerVNC logon using a particular UserID. In other words, if I have a local USER-A and a TigerVNC USER-A, if one is logged on the other cannot. Does this mean that a TigerVNC USER-A will not have access to local USER-A's home directory, and vice versa. If so, this is ludicrous.
If TigerVNC has been so badly mangled in the name of systemd support, what alternative VNC can folks recommend in its place? I seriously need one to support development of virtual machines hosted on a server with huge storage, and the local console of that storage machine is not in a suitable place for development.
My use case needs VM's with a number of default installs of popular linux distros in order to support specialized applications for users scattered around the globe, so I can't avoid GNOME. With Fedora 29-32 I was using SPICE on the console of the system (located in a different building, so not always convenient) that hosted the VM's. Fedora 33 came along at the same time as new versions of the applications and some new hardware, so I haven't had time to look after the VM's. Getting remote access to the VM's is on my todo list.
Some of my colleagues use macOS so I may need to add that to the mix.
SPICE ("The SPICE project aims to provide a complete open source solution for remote access to virtual machines in a seamless way so you can play videos, record audio, share usb devices and share folders without complications." --https://www.spice-space.org/index.html), is not a long-term option:
SPICE has been deprecated inRHEL 8 https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/deprecated_functionality#deprecated-functionality_virtualization
In RHEL 8.3, the SPICE remote display protocol has been deprecated. Note that SPICE will remain supported in RHEL 8, but Red Hat recommends using alternate solutions for remote display streaming:
- For remote console access, use the VNC protocol. - For advanced remote display functions, use third party tools such as RDP, HP RGS, or Mechdyne TGX.
I have used VirtualBox RDP support in an "enterprise" environment where Windows was the "desktop standard", but I'm not familiar with HP RGS https://www8.hp.com/ca/en/campaigns/workstations/remote-graphics-software.html or Mechdyne TGX https://www.mechdyne.com/software-services/software-solutions/remote-desktop-tgx/. Both are commercial. HP RGS is now called* HP ZCentral Remote Boost.*
On 12/22/20 4:05 PM, Robert G. (Doc) Savage via users wrote:
When I followed the TigerVNC installation and configuration instructions in the F33 SysAdmin Guide, I suspected something had been overtaken by systemctl. But when I followed the instructions in link [2], I'm still getting pretty much the same unhelpful error:
If you followed the instructions in the sysadmin guide, you will most likely have to undo everything you did or it won't work. The instructions in that second link which is also at /usr/share/doc/tigervnc/HOWTO.md are the correct ones.
Dec 22 18:02:39 tiger.protogeek.org systemd[153994]: vncserver@:1.service: Failed to execute command: Permission denied Dec 22 18:02:39 tiger.protogeek.org systemd[153994]: vncserver@:1.service: Failed at step EXEC spawning /sbin/runuser: Permission denied
Check the journal to see if there is any more information.