The app won't open in RDP session.

[archerallstars]

The app works fine in a normal session. But when I remoted my desktop through RDP connection (xrdp) and tried to open the app, nothing happened even after entering my user password.

OS: Ubuntu 21.04 - 64 bit. I install the app in Ubuntu store.

[costales]

Hi, I would say it is because of Wayland. I can't do anything about it. Could you try x.org? Thanks.

Costales.

On Mon, May 31, 2021 at 11:36 AM Parinya Teerakasemsuk < @.***> wrote:

The app works fine in a normal session. But when I remoted my desktop through RDP connection (xrdp) and tried to open the app, nothing happened even after entering my user password.

OS: Ubuntu 21.04 - 64 bit.

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/costales/gufw/issues/34, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABM5GQWHVGWBOMTVLK67YB3TQNKDNANCNFSM452RHTUA .

[archerallstars]

Hi, I would say it is because of Wayland. I can't do anything about it. Could you try x.org? Thanks. -- Costales.

I am using x.org since xrdp supports only x.org, no Wayland. Also, Wayland doesn't support RDP through PipeWire yet.

[fama]

Same problem here. Running Linux Mint Cinnamon 20.2 version. When I connect over XRDP to the machine, I get the errors:

Running gufw in XRDP session gets the following error:

$ sudo gufw
/usr/bin/gufw: line 2: [: =: unary operator expected
No protocol specified
Unable to init server: Could not connect: Connection refused
No protocol specified
Unable to init server: Could not connect: Connection refused

(gufw.py:74571): Gdk-CRITICAL **: 09:11:30.990: gdk_keymap_get_for_display: assertion 'GDK_IS_DISPLAY (display)' failed

(gufw.py:74571): Gdk-CRITICAL **: 09:11:30.990: gdk_keymap_get_modifier_mask: assertion 'GDK_IS_KEYMAP (keymap)' failed

(gufw.py:74571): Gdk-CRITICAL **: 09:11:30.990: gdk_keymap_get_for_display: assertion 'GDK_IS_DISPLAY (display)' failed

(gufw.py:74571): Gtk-CRITICAL **: 09:11:30.990: _gtk_replace_virtual_modifiers: assertion 'GDK_IS_KEYMAP (keymap)' failed

(gufw.py:74571): Gdk-CRITICAL **: 09:11:30.990: gdk_keymap_get_for_display: assertion 'GDK_IS_DISPLAY (display)' failed

(gufw.py:74571): Gdk-CRITICAL **: 09:11:30.990: gdk_keymap_get_modifier_mask: assertion 'GDK_IS_KEYMAP (keymap)' failed

(gufw.py:74571): Gdk-CRITICAL **: 09:11:30.990: gdk_keymap_get_for_display: assertion 'GDK_IS_DISPLAY (display)' failed

(gufw.py:74571): Gtk-CRITICAL **: 09:11:30.990: _gtk_replace_virtual_modifiers: assertion 'GDK_IS_KEYMAP (keymap)' failed

(gufw.py:74571): Gdk-CRITICAL **: 09:11:30.990: gdk_keymap_get_for_display: assertion 'GDK_IS_DISPLAY (display)' failed

(gufw.py:74571): Gdk-CRITICAL **: 09:11:30.990: gdk_keymap_get_modifier_mask: assertion 'GDK_IS_KEYMAP (keymap)' failed

(gufw.py:74571): Gdk-CRITICAL **: 09:11:30.990: gdk_keymap_get_for_display: assertion 'GDK_IS_DISPLAY (display)' failed

(gufw.py:74571): Gtk-CRITICAL **: 09:11:30.990: _gtk_replace_virtual_modifiers: assertion 'GDK_IS_KEYMAP (keymap)' failed

(gufw.py:74571): Gdk-CRITICAL **: 09:11:30.990: gdk_keymap_get_for_display: assertion 'GDK_IS_DISPLAY (display)' failed

(gufw.py:74571): Gdk-CRITICAL **: 09:11:30.990: gdk_keymap_get_modifier_mask: assertion 'GDK_IS_KEYMAP (keymap)' failed

(gufw.py:74571): Gdk-CRITICAL **: 09:11:30.990: gdk_keymap_get_for_display: assertion 'GDK_IS_DISPLAY (display)' failed

(gufw.py:74571): Gtk-CRITICAL **: 09:11:30.990: _gtk_replace_virtual_modifiers: assertion 'GDK_IS_KEYMAP (keymap)' failed

(gufw.py:74571): Gdk-CRITICAL **: 09:11:30.990: gdk_keymap_get_for_display: assertion 'GDK_IS_DISPLAY (display)' failed

(gufw.py:74571): Gdk-CRITICAL **: 09:11:30.990: gdk_keymap_get_modifier_mask: assertion 'GDK_IS_KEYMAP (keymap)' failed

(gufw.py:74571): Gdk-CRITICAL **: 09:11:30.990: gdk_keymap_get_for_display: assertion 'GDK_IS_DISPLAY (display)' failed

(gufw.py:74571): Gtk-CRITICAL **: 09:11:30.990: _gtk_replace_virtual_modifiers: assertion 'GDK_IS_KEYMAP (keymap)' failed

(gufw.py:74571): Gdk-CRITICAL **: 09:11:30.990: gdk_keymap_get_for_display: assertion 'GDK_IS_DISPLAY (display)' failed

(gufw.py:74571): Gdk-CRITICAL **: 09:11:30.990: gdk_keymap_get_modifier_mask: assertion 'GDK_IS_KEYMAP (keymap)' failed

(gufw.py:74571): Gdk-CRITICAL **: 09:11:30.990: gdk_keymap_get_for_display: assertion 'GDK_IS_DISPLAY (display)' failed

(gufw.py:74571): Gtk-CRITICAL **: 09:11:30.990: _gtk_replace_virtual_modifiers: assertion 'GDK_IS_KEYMAP (keymap)' failed

(gufw.py:74571): Gdk-CRITICAL **: 09:11:30.990: gdk_keymap_get_for_display: assertion 'GDK_IS_DISPLAY (display)' failed

(gufw.py:74571): Gdk-CRITICAL **: 09:11:30.990: gdk_keymap_get_modifier_mask: assertion 'GDK_IS_KEYMAP (keymap)' failed

(gufw.py:74571): Gdk-CRITICAL **: 09:11:30.990: gdk_keymap_get_for_display: assertion 'GDK_IS_DISPLAY (display)' failed

(gufw.py:74571): Gtk-CRITICAL **: 09:11:30.990: _gtk_replace_virtual_modifiers: assertion 'GDK_IS_KEYMAP (keymap)' failed

(gufw.py:74571): Gdk-CRITICAL **: 09:11:30.990: gdk_keymap_get_for_display: assertion 'GDK_IS_DISPLAY (display)' failed

(gufw.py:74571): Gdk-CRITICAL **: 09:11:30.990: gdk_keymap_get_modifier_mask: assertion 'GDK_IS_KEYMAP (keymap)' failed

(gufw.py:74571): Gdk-CRITICAL **: 09:11:30.990: gdk_keymap_get_for_display: assertion 'GDK_IS_DISPLAY (display)' failed

(gufw.py:74571): Gtk-CRITICAL **: 09:11:30.990: _gtk_replace_virtual_modifiers: assertion 'GDK_IS_KEYMAP (keymap)' failed

(gufw.py:74571): Gdk-CRITICAL **: 09:11:30.990: gdk_keymap_get_for_display: assertion 'GDK_IS_DISPLAY (display)' failed

(gufw.py:74571): Gdk-CRITICAL **: 09:11:30.990: gdk_keymap_get_modifier_mask: assertion 'GDK_IS_KEYMAP (keymap)' failed

(gufw.py:74571): Gdk-CRITICAL **: 09:11:30.990: gdk_keymap_get_for_display: assertion 'GDK_IS_DISPLAY (display)' failed

(gufw.py:74571): Gtk-CRITICAL **: 09:11:30.990: _gtk_replace_virtual_modifiers: assertion 'GDK_IS_KEYMAP (keymap)' failed

(gufw.py:74571): Gdk-CRITICAL **: 09:11:30.990: gdk_keymap_get_for_display: assertion 'GDK_IS_DISPLAY (display)' failed

(gufw.py:74571): Gdk-CRITICAL **: 09:11:30.990: gdk_keymap_get_modifier_mask: assertion 'GDK_IS_KEYMAP (keymap)' failed

(gufw.py:74571): Gdk-CRITICAL **: 09:11:30.990: gdk_keymap_get_for_display: assertion 'GDK_IS_DISPLAY (display)' failed

(gufw.py:74571): Gtk-CRITICAL **: 09:11:30.990: _gtk_replace_virtual_modifiers: assertion 'GDK_IS_KEYMAP (keymap)' failed

(gufw.py:74571): Gtk-CRITICAL **: 09:11:30.991: _gtk_style_provider_private_get_settings: assertion 'GTK_IS_STYLE_PROVIDER_PRIVATE (provider)' failed

(gufw.py:74571): Gtk-CRITICAL **: 09:11:30.991: _gtk_style_provider_private_get_settings: assertion 'GTK_IS_STYLE_PROVIDER_PRIVATE (provider)' failed

(gufw.py:74571): Gtk-CRITICAL **: 09:11:30.991: _gtk_style_provider_private_get_settings: assertion 'GTK_IS_STYLE_PROVIDER_PRIVATE (provider)' failed
/usr/bin/gufw-pkexec: line 10: 74571 Segmentation fault      (core dumped) python3 ${LOCATIONS[${i}]} $1

The session is X11:

echo $XDG_SESSION_TYPE
x11

The first error is unrelated. When running the first line in /bin/gufw makes the test in the if brackets fail:

echo $(loginctl show-session $(loginctl|grep $(whoami) |awk '{print $1}') -p Type)
Type=x11 Type=x11 Type=x11

I was able to start the gufw preserving the environment (the unary operator error is still there, but the app launched):

sudo -E gufw
/usr/bin/gufw: line 2: [: =: unary operator expected

[dominikborkowski]

There's a bug filed with Ubuntu itself, we'll see which one gets more traction. There are two issues here:

1) startup script parses output of loginctl and it breaks if there are more than one lines (which is expected on xrdp connection). To solve that the second line of /bin/gufw needs a small head -1 change:

from:

if [ $(loginctl show-session $(loginctl|grep $(whoami) |awk '{print $1}') -p Type) = "Type=wayland" ]; then

to

if [ $(loginctl show-session $(loginctl|grep $(whoami) |awk '{print $1}') -p Type | head -1 ) = "Type=wayland" ]; then

2) Step 1 will not solve segfault, that's caused by polkit policy not having the correct path. Adjust /usr/share/polkit-1/actions/com.ubuntu.pkexec.gufw.policy and change:

    <annotate key="org.freedesktop.policykit.exec.path">/usr/bin/gufw-pkexec</annotate>

To:

    <annotate key="org.freedesktop.policykit.exec.path">/bin/gufw-pkexec</annotate>

Hope that helps folks looking for a solution, and it makes it into Ubuntu's repos. As it stands, both 20 and 22 are affected.

[dominikborkowski]

I can't believe I missed it earlier, the issue is caused by Ubuntu's decision to symlink /bin to /usr/bin. With /bin/ being earlier in $PATH, this means /bin/gufw-pkexec is executed and fails.

[costales]

Hi Dominik,

Thank you for your feedback.

But that code was removed in early releases: https://github.com/costales/gufw/blob/master/bin/gufw

In which Ubuntu version happens that? It should be freeze and can't symlink that directory.

Best regards.

[dominikborkowski]

Both 20.04.1-1ubuntu1 and 22.04.0-ubuntu1 (latest packages for Ubuntu 20 LTS and 22 LTS) show:

<annotate key="org.freedesktop.policykit.exec.path">/usr/bin/gufw-pkexec</annotate>

Interestingly enough, further investigation reveals that XRDP sessions get a different $PATH order than direct sessions, which explains why this policy seems to cause segfault:

$PATH of a user who logs in via xrdp into XFCE on Ubuntu:

@.:~$ echo $PATH /sbin:/bin:/usr/bin:/usr/local/bin:/snap/bin @.:~$ ssh localhost @.***'s password: Welcome to Ubuntu 20.04.5 LTS (GNU/Linux 5.15.0-1019-aws x86_64)

• Documentation: https://help.ubuntu.com
• Management: https://landscape.canonical.com
• Support: https://ubuntu.com/advantage https://ubuntu.com/advantage

Last login: Mon Sep 19 20:34:30 2022 from 127.0.0.1

@.:~$ echo $PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/snap/bin @.:~$

Because of the $PATH order, /bin/gufw wins when executed by users who use xrdp. I’ll do some more digging, but that explains why people testing it just via local sessions never encounter this issue.

Cheers!

On Sep 19, 2022, at 4:18 PM, Costales @.***> wrote:

Hi Dominik,

Thank you for your feedback.

But that code was removed in early releases: https://github.com/costales/gufw/blob/master/bin/gufw

In which Ubuntu version happens that? It should be freeze and can't symlink that directory.

Best regards. — Reply to this email directly, view it on GitHub https://github.com/costales/gufw/issues/34#issuecomment-1251506437, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAYV5JUJDGLOAANIAUNVQULV7DDAZANCNFSM452RHTUA. You are receiving this because you commented.

[dominikborkowski]

A small update. The issue ultimately lies with xrdp not reading /etc/environment and having wrong order of elements in $PATH. It was identified by upstream, and fixed in newer versions of Debian and Ubuntu (22 only).

To fix this on earlier versions of Ubuntu, /etc/pam.d/xrdp-sesman will need to include two additional directives (line 2 & 3), the full file should look like this:

#%PAM-1.0
auth required pam_env.so readenv=1
auth required pam_env.so readenv=1 envfile=/etc/default/locale
@include common-auth
@include common-account
@include common-session
@include common-password