Trouble seeing screen of host running veyon service
-
Hi.
I'm having some trouble with Veyon and hoping someone could help.
First, I'd like to run Veyon on Rocky Enterprise Linux 8.7. I did a custom compile from source, and it's mostly working. If you aren't aware, Rocky Enterprise Linux is one of the many RHEL clones. I had to install an updated procps-ng, and libvncserver.
I have labs of Linux machines running Rocky 8.7 that run GNOME with GDM (GNOME Display Manager). Many of the lab machines are also accessible via RDP.
I want the lab instructor to be able to see the screens of users logged in via GDM. However, I do not want the instructor to be able to see remote RDP sessions on the lab machines. This is what I understand the default mode of Veyon to be under "Service" in veyon-configurator (Local session mode (single server instance for primary local session).
Veyon isn't working as I expect it to work. Maybe I just need clarification on how it should work.
I start with veyon systemd service not running on a host called X, and nobody logged in on X via either GDM or RDP.
I start veyon service on host X remotely via ssh:
May 15 14:01:46 brayden systemd[1]: Started Veyon Service.
May 15 14:01:46 brayden veyon-server[1479898]: QStandardPaths: runtime directory '/run/user/42' is not owned by UID 0, but a directory permissions 0700 owned by UID 42 GID 42
May 15 14:01:46 brayden veyon-server[1479898]: QStandardPaths: runtime directory '/run/user/42' is not owned by UID 0, but a directory permissions 0700 owned by UID 42 GID 42(not sure why those errors re GDM /run/user directory, but that's another story)
veyon master doesn't show the login screen of host X - it only shows red. Xorg is running for gdm on host X:
4 S gdm 40938 40936 0 80 0 - 718812 - Apr21 tty1 00:00:40 /usr/libexec/Xorg vt1 -displayfd 3 -auth /run/user/42/gdm/Xauthority -nolisten tcp -background none -noreset -keeptty -novtswitch -verbose 3
I login to host X via local GDM. Veyon still can't see the display of host X. What the service shows is:
May 15 14:04:21 brayden veyon-service[1479894]: 2023-05-15T14:04:21.625: [WARN] LinuxServiceCore: Environment for session "/org/freedesktop/login1/session/_321174" not yet available ->
May 15 14:04:25 brayden veyon-server[1480307]: qt.qpa.xcb: could not connect to display
May 15 14:04:25 brayden veyon-server[1480307]: qt.qpa.plugin: Could not load the Qt platform plugin "xcb" in "" even though it was found.
May 15 14:04:25 brayden veyon-server[1480307]: This application failed to start because no Qt platform plugin could be initialized. Reinstalling the application may fix this problem.Available platform plugins are: eglfs, linuxfb, minimal, minimalegl, offscreen, vnc, wayland-egl, wayland, wayland-xcomposite-egl, wayla>It's having trouble picking up the display.
Login to host X via RDP, and Veyon master shows the display of host X immediately (although I don't understand why since it should be limited to local sessions only?).
Log out of local GNOME session on host X. Veyon master stops showing the RDP screen of host X. That is, logging out of the GNOME session stopped the display of the RDP session!
Log out of RDP session on host X and log back in.
Veyon master is now showing the RDP session on host X.
Login to GDM on host X - and Veyon loses the RDP session again.
Remaining logged into both RDP session to X, and local session to X, restart veyon service on host X. Veyon master shows the RDP session on X.
Exit the RDP session on X, and leave the gdm session logged in, and now veyon master shows nothing.
Restart veyon daemon on host X again when already logged into GDM locally on X (and no RDP session). Veyon shows the local screen of host X.
So, what is it that I'm expecting?
I would like if Veyon will only show the local GDM session on host X. It will not show the RDP session. Logging into or out of host X via RDP should have no impact on the display of local GDM session in Veyon master.
I don't mind that much if Veyon master doesn't show the login screen for hosts, but it would be nice if it did.
I tried starting the veyon-server process as part of GDM login instead of running it as a service. If I started it before Xsession, no display value is set, so it couldn't start. If I start it in Xsession, it starts, but then it runs as the user, so the user can delete it.
it couldn't get a display value. If I started it in Xsession, it would work, but now the process is running as the user, and not root, so the user can terminate it. I didn't try whether an RDP login would also impact this or not.
As a side note, since I suspect it is also somewhat related.... if I run "veyon-configurator" I get asked for the admin password (as I would expect). When I enter it, I get a pop up box with title "Insufficient privileges" which says: "Could not start with administrative privileges. Please make sure a sudo-like program is installed for your desktop environment! The program will be run with normal user privileges.". In the Terminal window I see:
$ veyon-configurator
Logger: "/tmp/VeyonConfigurator.log" is a symlink and will not be written to for security reasons
qt.qpa.xcb: could not connect to display
qt.qpa.plugin: Could not load the Qt platform plugin "xcb" in "" even though it was found.
This application failed to start because no Qt platform plugin could be initialized. Reinstalling the application may fix this problem.Available platform plugins are: eglfs, linuxfb, minimal, minimalegl, offscreen, vnc, wayland-egl, wayland, wayland-xcomposite-egl, wayland-xcomposite-glx, xcb."
A few notes:
/tmp/VeyonConfigurator.log is not a symlink.
sudo works fine (I can use sudo sh any time I need).
If I copy my users xauth key from my user account to root manually, and run veyon-configurator as root, it works fine. That's how I configured veyon. I do have the /etc/polkit-1/actions/io.veyon.veyon-configurator.policy in place, and I suspect that's why it's asking for root auth when running, but it seems it needs an extra push for auth, and I'm not sure why.Any thoughts? I'd love to get this working.
Jason.