VNC-сервер отклоняет входы без полномочий root

630
Mohsen Fazaeli

Имея сентос 7 ВМ. Я использовал "xrdp" "tigervnc-сервер" для удаленного входа в систему. Я могу видеть удаленный вход и ввести пароль, но работает только пароль root.

Вот xrdp.log xrdp-sesman.log для неудачного входа пользователей без полномочий root.

[20181201-09:03:34] [INFO ] Socket 12: AF_INET connection received from 192.168.88.60 port 61856 [20181201-09:03:34] [DEBUG] Closed socket 12 (AF_INET 192.168.115.254:3389) [20181201-09:03:34] [DEBUG] Closed socket 11 (AF_INET 0.0.0.0:3389) [20181201-09:03:34] [INFO ] Using default X.509 certificate: /etc/xrdp/cert.pem [20181201-09:03:34] [INFO ] Using default X.509 key file: /etc/xrdp/key.pem [20181201-09:03:34] [WARN ] TLSv1.3 enabled by config, but not supported by system OpenSSL [20181201-09:03:34] [DEBUG] TLSv1.2 enabled [20181201-09:03:34] [DEBUG] Security layer: requested 11, selected 1 [20181201-09:03:34] [DEBUG] Closed socket 12 (AF_INET 192.168.115.254:3389) [20181201-09:03:34] [INFO ] Socket 12: AF_INET connection received from 192.168.88.60 port 61857 [20181201-09:03:34] [DEBUG] Closed socket 12 (AF_INET 192.168.115.254:3389) [20181201-09:03:34] [DEBUG] Closed socket 11 (AF_INET 0.0.0.0:3389) [20181201-09:03:34] [INFO ] Using default X.509 certificate: /etc/xrdp/cert.pem [20181201-09:03:34] [INFO ] Using default X.509 key file: /etc/xrdp/key.pem [20181201-09:03:34] [WARN ] TLSv1.3 enabled by config, but not supported by system OpenSSL [20181201-09:03:34] [DEBUG] TLSv1.2 enabled [20181201-09:03:34] [DEBUG] Security layer: requested 11, selected 1 [20181201-09:03:34] [INFO ] connected client computer name: DESKTOP-6AGN1UE [20181201-09:03:34] [INFO ] TLS connection established from 192.168.88.60 port 61857: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 [20181201-09:03:34] [DEBUG] xrdp_00001c2c_wm_login_mode_event_00000001 [20181201-09:03:34] [INFO ] Loading keymap file /etc/xrdp/km-00000409.ini [20181201-09:03:34] [WARN ] local keymap file for 0x00000409 found and doesn't match built in keymap, using local keymap file   [20181201-09:04:20] [DEBUG] xrdp_wm_log_msg: connecting to sesman ip 127.0.0.1 port 3350 [20181201-09:04:21] [INFO ] xrdp_wm_log_msg: sesman connect ok [20181201-09:04:21] [DEBUG] xrdp_wm_log_msg: sending login info to session manager, please wait... [20181201-09:04:21] [DEBUG] return value from xrdp_mm_connect 0 [20181201-09:04:21] [INFO ] xrdp_wm_log_msg: login successful for display 12 [20181201-09:04:21] [DEBUG] xrdp_wm_log_msg: VNC started connecting [20181201-09:04:21] [DEBUG] xrdp_wm_log_msg: VNC connecting to 127.0.0.1 5912 [20181201-09:04:23] [DEBUG] xrdp_wm_log_msg: VNC tcp connected [20181201-09:04:23] [DEBUG] xrdp_wm_log_msg: VNC security level is 2 (1 = none, 2 = standard) [20181201-09:04:23] [DEBUG] xrdp_wm_log_msg: VNC password ok [20181201-09:04:23] [DEBUG] xrdp_wm_log_msg: VNC sending share flag [20181201-09:04:23] [DEBUG] xrdp_wm_log_msg: VNC receiving server init [20181201-09:04:23] [DEBUG] xrdp_wm_log_msg: VNC receiving pixel format [20181201-09:04:23] [DEBUG] xrdp_wm_log_msg: VNC receiving name length [20181201-09:04:23] [DEBUG] xrdp_wm_log_msg: VNC receiving name [20181201-09:04:23] [DEBUG] xrdp_wm_log_msg: VNC sending pixel format [20181201-09:04:23] [DEBUG] xrdp_wm_log_msg: VNC sending encodings [20181201-09:04:23] [DEBUG] xrdp_wm_log_msg: VNC sending framebuffer update request [20181201-09:04:23] [DEBUG] xrdp_wm_log_msg: VNC sending cursor [20181201-09:04:23] [DEBUG] xrdp_wm_log_msg: VNC connection complete, connected ok [20181201-09:04:23] [INFO ] The following channel is allowed: rdpdr (0) [20181201-09:04:23] [INFO ] The following channel is allowed: rdpsnd (1) [20181201-09:04:23] [INFO ] The following channel is allowed: cliprdr (2) [20181201-09:04:23] [INFO ] The following channel is allowed: drdynvc (3) [20181201-09:04:23] [DEBUG] The allow channel list now initialized for this session [20181201-09:04:23] [DEBUG] xrdp_wm_log_msg: connected ok [20181201-09:04:23] [DEBUG] xrdp_mm_connect_chansrv: chansrv connect successful [20181201-09:04:23] [DEBUG] Closed socket 24 (AF_INET 127.0.0.1:43732) [20181201-09:04:23] [DEBUG] VNC got clip data [20181201-09:04:23] [DEBUG] VNC got clip data [20181201-09:04:26] [DEBUG] Closed socket 12 (AF_INET 192.168.115.254:3389) [20181201-09:04:26] [DEBUG] xrdp_mm_module_cleanup [20181201-09:04:26] [DEBUG] VNC mod_exit [20181201-09:04:26] [DEBUG] Closed socket 25 (AF_INET 127.0.0.1:50012) [20181201-09:04:26] [DEBUG] Closed socket 26 (AF_UNIX) 

и xrdp-sesman.log

[20181201-08:55:37] [INFO ] A connection received from 127.0.0.1 port 43716 [20181201-08:55:40] [DEBUG] Closed socket 9 (AF_INET 127.0.0.1:3350) [20181201-08:55:46] [INFO ] A connection received from 127.0.0.1 port 43718 [20181201-08:55:49] [DEBUG] Closed socket 9 (AF_INET 127.0.0.1:3350) [20181201-08:55:56] [INFO ] A connection received from 127.0.0.1 port 43720 [20181201-08:55:57] [INFO ] ++ created session (access granted): username root, ip 192.168.88.60:61680 - socket: 12 [20181201-08:55:57] [INFO ] starting Xvnc session... [20181201-08:55:57] [DEBUG] Closed socket 10 (AF_INET 0.0.0.0:5912) [20181201-08:55:57] [DEBUG] Closed socket 10 (AF_INET 0.0.0.0:6012) [20181201-08:55:57] [DEBUG] Closed socket 10 (AF_INET 0.0.0.0:6212) [20181201-08:55:57] [DEBUG] Closed socket 9 (AF_INET 127.0.0.1:3350) [20181201-08:55:57] [INFO ] calling auth_start_session from pid 5940 [20181201-08:55:57] [DEBUG] Closed socket 8 (AF_INET 127.0.0.1:3350) [20181201-08:55:57] [DEBUG] Closed socket 9 (AF_INET 127.0.0.1:3350) [20181201-08:55:57] [INFO ] Xvnc :12 -auth .Xauthority -geometry 1600x900 -depth 32 -rfbauth /root/.vnc/sesman_passwd-root@id-dev254:12 -bs -nolisten tcp -localhost -dpi 96 [20181201-08:55:57] [CORE ] waiting for window manager (pid 5944) to exit [20181201-08:58:10] [CORE ] window manager (pid 5944) did exit, cleaning up session [20181201-08:58:10] [INFO ] calling auth_stop_session and auth_end from pid 5940 [20181201-08:58:10] [DEBUG] cleanup_sockets: [20181201-08:58:10] [DEBUG] cleanup_sockets: deleting /tmp/.xrdp/xrdp_chansrv_audio_out_socket_12 [20181201-08:58:10] [DEBUG] cleanup_sockets: deleting /tmp/.xrdp/xrdp_chansrv_audio_in_socket_12 [20181201-08:58:10] [DEBUG] cleanup_sockets: deleting /tmp/.xrdp/xrdpapi_12 [20181201-08:58:10] [INFO ] ++ terminated session: username root, display :12.0, session_pid 5940, ip 192.168.88.60:61680 - socket: 12 [20181201-08:58:19] [INFO ] A connection received from 127.0.0.1 port 43726 [20181201-08:58:20] [INFO ] ++ created session (access granted): username mfazaeli, ip 192.168.88.60:61737 - socket: 12 [20181201-08:58:20] [INFO ] starting Xvnc session... [20181201-08:58:20] [DEBUG] Closed socket 10 (AF_INET 0.0.0.0:5912) [20181201-08:58:20] [DEBUG] Closed socket 10 (AF_INET 0.0.0.0:6012) [20181201-08:58:20] [DEBUG] Closed socket 10 (AF_INET 0.0.0.0:6212) [20181201-08:58:20] [DEBUG] Closed socket 9 (AF_INET 127.0.0.1:3350) [20181201-08:58:20] [INFO ] calling auth_start_session from pid 6905 [20181201-08:58:20] [DEBUG] Closed socket 8 (AF_INET 127.0.0.1:3350) [20181201-08:58:20] [DEBUG] Closed socket 9 (AF_INET 127.0.0.1:3350) [20181201-08:58:20] [INFO ] Xvnc :12 -auth .Xauthority -geometry 1600x900 -depth 32 -rfbauth /home/mfazaeli/.vnc/sesman_passwd-mfazaeli@id-dev254:12 -bs -nolisten tcp -localhost -dpi 96 [20181201-08:58:20] [CORE ] waiting for window manager (pid 6906) to exit [20181201-08:58:24] [CORE ] window manager (pid 6906) did exit, cleaning up session [20181201-08:58:24] [INFO ] calling auth_stop_session and auth_end from pid 6905 [20181201-08:58:24] [DEBUG] cleanup_sockets: [20181201-08:58:24] [DEBUG] cleanup_sockets: deleting /tmp/.xrdp/xrdp_chansrv_audio_out_socket_12 [20181201-08:58:24] [DEBUG] cleanup_sockets: deleting /tmp/.xrdp/xrdp_chansrv_audio_in_socket_12 [20181201-08:58:24] [DEBUG] cleanup_sockets: deleting /tmp/.xrdp/xrdpapi_12 [20181201-08:58:24] [INFO ] ++ terminated session: username mfazaeli, display :12.0, session_pid 6905, ip 192.168.88.60:61737 - socket: 12 [20181201-09:04:20] [INFO ] A connection received from 127.0.0.1 port 43732 [20181201-09:04:21] [INFO ] ++ created session (access granted): username mfazaeli, ip 192.168.88.60:61857 - socket: 12 [20181201-09:04:21] [INFO ] starting Xvnc session... [20181201-09:04:21] [DEBUG] Closed socket 10 (AF_INET 0.0.0.0:5912) [20181201-09:04:21] [DEBUG] Closed socket 10 (AF_INET 0.0.0.0:6012) [20181201-09:04:21] [DEBUG] Closed socket 10 (AF_INET 0.0.0.0:6212) [20181201-09:04:21] [DEBUG] Closed socket 9 (AF_INET 127.0.0.1:3350) [20181201-09:04:21] [INFO ] calling auth_start_session from pid 7222 [20181201-09:04:21] [DEBUG] Closed socket 8 (AF_INET 127.0.0.1:3350) [20181201-09:04:21] [DEBUG] Closed socket 9 (AF_INET 127.0.0.1:3350) [20181201-09:04:21] [INFO ] Xvnc :12 -auth .Xauthority -geometry 1600x900 -depth 32 -rfbauth /home/mfazaeli/.vnc/sesman_passwd-mfazaeli@id-dev254:12 -bs -nolisten tcp -localhost -dpi 96 [20181201-09:04:21] [CORE ] waiting for window manager (pid 7223) to exit [20181201-09:04:25] [CORE ] window manager (pid 7223) did exit, cleaning up session [20181201-09:04:25] [INFO ] calling auth_stop_session and auth_end from pid 7222 [20181201-09:04:26] [DEBUG] cleanup_sockets: [20181201-09:04:26] [DEBUG] cleanup_sockets: deleting /tmp/.xrdp/xrdp_chansrv_audio_out_socket_12 [20181201-09:04:26] [DEBUG] cleanup_sockets: deleting /tmp/.xrdp/xrdp_chansrv_audio_in_socket_12 [20181201-09:04:26] [DEBUG] cleanup_sockets: deleting /tmp/.xrdp/xrdpapi_12 [20181201-09:04:26] [INFO ] ++ terminated session: username mfazaeli, display :12.0, session_pid 7222, ip 192.168.88.60:61857 - socket: 12 
0

0 ответов на вопрос

Похожие вопросы