0.9.11 broke my xrdp/Hyper-V enhanced session on Arch

[ameeno]

Hiya.

Xrdp is as per this script

https://github.com/microsoft/linux-vm-tools

it pulls xrdp from github/aur and patches it to accept Hvsock.

on the host side the Virtual machine is modified via powershell to use HVSock for enhanced sessions.

It used to work fine and my xinitrc is setup fine.

Systemctl reports xrdp fails to start (Something about port 3389)

I am not sure if the xrdp.ini or xrdp-sesman.ini format has changed with this release, but it has broken my configs.!!!!!!!!!!!!!!!!

can you help me with an easy fix so i can get back to doing whatever it is that i do under the DE

[ameeno]

OBTW...

Systemctl logs:

● xrdp.service - xrdp daemon Loaded: loaded (/usr/lib/systemd/system/xrdp.service; enabled; vendor preset: disabled) Active: failed (Result: exit-code) since Mon 2019-09-02 15:22:44 BST; 15s ago Docs: man:xrdp(8) man:xrdp.ini(5)

Sep 02 15:22:44 arch systemd[1]: Starting xrdp daemon... Sep 02 15:22:44 arch xrdp[396]: (396)(139625217063104)[INFO ] address [0.0.0.0] port [3389] mode 3 Sep 02 15:22:44 arch xrdp[396]: (396)(139625217063104)[INFO ] listening to port 3389 on 0.0.0.0 Sep 02 15:22:44 arch xrdp[396]: (396)(139625217063104)[ERROR] trans_listen_address failed Sep 02 15:22:44 arch xrdp[396]: (396)(139625217063104)[DEBUG] Closed socket 7 (AF_VSOCK cid -1 port -1) Sep 02 15:22:44 arch xrdp[396]: (396)(139625217063104)[ERROR] Failed to start xrdp daemon, possibly address already in use. Sep 02 15:22:44 arch systemd[1]: xrdp.service: Control process exited, code=exited, status=1/FAILURE Sep 02 15:22:44 arch systemd[1]: xrdp.service: Failed with result 'exit-code'. Sep 02 15:22:44 arch systemd[1]: Failed to start xrdp daemon.

[fulminemizzega]

@ameeno I think you should change the issue title, last release is 0.9.11 Fedora 29 and 30 ship this version, I also just ...reproduced... this issue. I was following https://github.com/secana/EnhancedSessionMode Ubuntu 18.04 ships 0.9.9 and it works fine.

[ameeno]

thanks. changed title to correct version number.

any solution?

[ameeno]

Well, i manually rolled back the package to xrdp 0.9.10 as a temporary fix while this issue is being further investigated.

for arch specifically here are instructions:

Check the changes on the AUR page. https://aur.archlinux.org/cgit/aur.git/commit/?h=xrdp&id=e228e40ada0b171edf887ff7c1b42aa873674717

Then check out the latest version that worked. It is maybe this version, https://aur.archlinux.org/cgit/aur.git/commit/?h=xrdp&id=e228e40ada0b171edf887ff7c1b42aa873674717

Download the archive form the download line. https://aur.archlinux.org/cgit/aur.git/snapshot/aur-e228e40ada0b171edf887ff7c1b42aa873674717.tar.gz

(use wget in command line)

Extract the contented, use the Terminal and go in that extracted folder and run

makepkg -scri

this will overwrite xrdp 0.9.11 with 0.9.10

i am pleased t o report this roll back makes xrdp working with no other changes!

[metalefty]

I confirmed and reproduced the issue but this is not our issue. use_vsock=yes is no longer prefered but the MS tool still using this switch. Report it to the author of the tool and ask them fix it.

[metalefty]

P.S. the vsock feature is developed by MS guys. We xrdp team merged that but if MS guys do not maintain vsock, it might be removed in future. We welcome continuous contributions from MS guys!

[jsorg71]

Yes, continued support for MS would be nice. I think the vsock bits are useful for vmware and others so not just hyperv. I hope we can support this feature. but how to handle updating the enhanced session?

[prydom]

I just updated to 0.9.11 myself and ran into this this problem. Here's the logs I get when I started the service:

Sep 21 15:27:08 sakura-arch systemd[1]: Starting xrdp daemon...
Sep 21 15:27:08 sakura-arch xrdp[3213]: (3213)(140175692163264)[INFO ] address [0.0.0.0] port [3389] mode 3
Sep 21 15:27:08 sakura-arch xrdp[3213]: (3213)(140175692163264)[INFO ] listening to port 3389 on 0.0.0.0
Sep 21 15:27:08 sakura-arch xrdp[3213]: (3213)(140175692163264)[ERROR] trans_listen_address failed
Sep 21 15:27:08 sakura-arch xrdp[3213]: (3213)(140175692163264)[DEBUG] Closed socket 7 (AF_VSOCK cid -1 port -1)
Sep 21 15:27:08 sakura-arch xrdp[3213]: (3213)(140175692163264)[ERROR] Failed to start xrdp daemon, possibly address already in use.

Finding this issue and reading the comments from @metalefty, I had changed my xrdp.ini to read the following as documented in the xrdp.ini comments:

port=vsock://-1:3389
use_vsock=false

When I started the service the following was logged and it still didn't work:

Sep 21 15:17:17 sakura-arch systemd[1]: Starting xrdp daemon...
Sep 21 15:17:17 sakura-arch xrdp[3103]: (3103)(140524741093568)[INFO ] address [1] port [3389] mode 3
Sep 21 15:17:17 sakura-arch xrdp[3103]: (3103)(140524741093568)[INFO ] listening to port 3389 on 1
Sep 21 15:17:17 sakura-arch xrdp[3103]: (3103)(140524741093568)[ERROR] trans_listen_address failed
Sep 21 15:17:17 sakura-arch xrdp[3103]: (3103)(140524741093568)[DEBUG] Closed socket 7 (AF_VSOCK cid -1 port -1)
Sep 21 15:17:17 sakura-arch xrdp[3103]: (3103)(140524741093568)[ERROR] Failed to start xrdp daemon, possibly address already in use.
Sep 21 15:17:17 sakura-arch systemd[1]: xrdp.service: Control process exited, code=exited, status=1/FAILURE

Digging a little deeper, it seems that xrdp_listen_pp is parsing the cid as a unsigned value, 1, when the correct value per https://github.com/torvalds/linux/blob/f7c3bf8fa7e5a8e45f4a8e82be6466157854b59b/include/uapi/linux/vm_sockets.h#L87 is -1 and I had correctly specified it that way in the configuration.

Following that hypothesis, I developed a quick and dirty one-line patch that fixes xrdp_listen_parse_integer such that it will accept negative integers. This successfully works around the issue but I'm not sure if that has side effects for the other protocol types, as negative port numbers are invalid. So, I don't want to file a pull request just yet. This also doesn't fix the case where port=3389 and use_vsock=true. I think we need to change xrdp_listen_pp to set the host address to VMADDR_CID_ANY when use_vsock=true.

diff --git a/xrdp/xrdp_listen.c b/xrdp/xrdp_listen.c
index 63e2ca52..373539b0 100644
--- a/xrdp/xrdp_listen.c
+++ b/xrdp/xrdp_listen.c
@@ -341,7 +341,7 @@ xrdp_listen_parse_integer(char *strout, int strout_max,
         }
         else
         {
-            if ((strin[strin_index] >= '0') && (strin[strin_index] <= '9'))
+            if (((strin[strin_index] >= '0') && (strin[strin_index] <= '9')) || (strin[strin_index] == '-'))
             {
                 in = 1;
                 strout[strout_index++] = strin[strin_index++];

After the patch I get the following and everything works fine.

Sep 21 16:07:15 sakura-arch xrdp[49057]: (49057)(139974381578432)[INFO ] starting xrdp with pid 49057
Sep 21 16:07:15 sakura-arch xrdp[49057]: (49057)(139974381578432)[INFO ] address [-1] port [3389] mode 3
Sep 21 16:07:15 sakura-arch xrdp[49057]: (49057)(139974381578432)[INFO ] listening to port 3389 on -1
Sep 21 16:07:15 sakura-arch xrdp[49057]: (49057)(139974381578432)[INFO ] xrdp_listen_pp done
Sep 21 16:10:26 sakura-arch xrdp[49057]: (49057)(139974381578432)[INFO ] Socket 12: AF_VSOCK connection received from cid: -1 port: -2147483645

Let me know if you want me to look into contributing a more robust patch :).

[speidy]

Hi Jordan, Thanks. A more robust patch is absolutely welcome. Please send it as a Pull Request on GitHub.

בתאריך יום א׳, 22 בספט׳ 2019 ב-2:28 מאת Jordan Pryde < notifications@github.com>:

I just updated to 0.9.11 myself and ran into this this problem. Here's the logs I get when I started the service:

Sep 21 15:17:17 sakura-arch systemd[1]: xrdp.service: Failed with result 'exit-code'. Sep 21 15:17:17 sakura-arch systemd[1]: Failed to start xrdp daemon. Sep 21 15:27:08 sakura-arch systemd[1]: Starting xrdp daemon... Sep 21 15:27:08 sakura-arch xrdp[3213]: (3213)(140175692163264)[INFO ] address [0.0.0.0] port [3389] mode 3 Sep 21 15:27:08 sakura-arch xrdp[3213]: (3213)(140175692163264)[INFO ] listening to port 3389 on 0.0.0.0 Sep 21 15:27:08 sakura-arch xrdp[3213]: (3213)(140175692163264)[ERROR] trans_listen_address failed Sep 21 15:27:08 sakura-arch xrdp[3213]: (3213)(140175692163264)[DEBUG] Closed socket 7 (AF_VSOCK cid -1 port -1) Sep 21 15:27:08 sakura-arch xrdp[3213]: (3213)(140175692163264)[ERROR] Failed to start xrdp daemon, possibly address already in use.

Finding this issue and reading the comments from @metalefty https://github.com/metalefty, I had changed my xrdp.ini to read the following as documented in the xrdp.ini comments:

port=vsock://-1:3389 use_vsock=false

When I started the service the following was logged and it still didn't work:

Sep 21 15:17:17 sakura-arch systemd[1]: Starting xrdp daemon... Sep 21 15:17:17 sakura-arch xrdp[3103]: (3103)(140524741093568)[INFO ] address [1] port [3389] mode 3 Sep 21 15:17:17 sakura-arch xrdp[3103]: (3103)(140524741093568)[INFO ] listening to port 3389 on 1 Sep 21 15:17:17 sakura-arch xrdp[3103]: (3103)(140524741093568)[ERROR] trans_listen_address failed Sep 21 15:17:17 sakura-arch xrdp[3103]: (3103)(140524741093568)[DEBUG] Closed socket 7 (AF_VSOCK cid -1 port -1) Sep 21 15:17:17 sakura-arch xrdp[3103]: (3103)(140524741093568)[ERROR] Failed to start xrdp daemon, possibly address already in use. Sep 21 15:17:17 sakura-arch systemd[1]: xrdp.service: Control process exited, code=exited, status=1/FAILURE

Digging a little deeper, it seems that xrdp_listen_pp is parsing the cid as a unsigned value, 1, when the correct value per https://github.com/torvalds/linux/blob/f7c3bf8fa7e5a8e45f4a8e82be6466157854b59b/include/uapi/linux/vm_sockets.h#L87 is -1 and I had correctly specified it that way in the configuration.

Following that hypothesis, I developed a quick and dirty one-line patch that fixes xrdp_listen_parse_integer such that it will accept negative integers. This successfully works around the issue but I'm not sure if that has side effects for the other protocol types, as negative port numbers are invalid. So, I don't want to file a push request just yet. This also doesn't fix the case where port=3389 and use_vsock=true. I think we need to change xrdp_listen_pp to set the host address to VMADDR_CID_ANY when use_vsock=true.

diff --git a/xrdp/xrdp_listen.c b/xrdp/xrdp_listen.c index 63e2ca52..373539b0 100644--- a/xrdp/xrdp_listen.c+++ b/xrdp/xrdp_listen.c@@ -341,7 +341,7 @@ xrdp_listen_parse_integer(char *strout, int strout_max, } else {- if ((strin[strin_index] >= '0') && (strin[strin_index] <= '9'))+ if (((strin[strin_index] >= '0') && (strin[strin_index] <= '9')) || (strin[strin_index] == '-')) { in = 1; strout[strout_index++] = strin[strin_index++];

After the patch I get the following and everything works fine.

Sep 21 16:07:15 sakura-arch xrdp[49057]: (49057)(139974381578432)[INFO ] starting xrdp with pid 49057 Sep 21 16:07:15 sakura-arch xrdp[49057]: (49057)(139974381578432)[INFO ] address [-1] port [3389] mode 3 Sep 21 16:07:15 sakura-arch xrdp[49057]: (49057)(139974381578432)[INFO ] listening to port 3389 on -1 Sep 21 16:07:15 sakura-arch xrdp[49057]: (49057)(139974381578432)[INFO ] xrdp_listen_pp done Sep 21 16:10:26 sakura-arch xrdp[49057]: (49057)(139974381578432)[INFO ] Socket 12: AF_VSOCK connection received from cid: -1 port: -2147483645

Let me know if you want me to look into contributing a more robust patch :).

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/neutrinolabs/xrdp/issues/1403?email_source=notifications&email_token=AA2MPVC6O6PTGATRA3PYUOLQK2UZ5A5CNFSM4IS6APGKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD7I3KWA#issuecomment-533837144, or mute the thread https://github.com/notifications/unsubscribe-auth/AA2MPVCAQYK33Q6DW2YRMGLQK2UZ5ANCNFSM4IS6APGA .

-- Idan Freiberg Mobile: +972-52-2925213

[ameeno]

Just revisiting this thread to see if there has been any progress?

I previously managed by holding back the xrdp package, However, After an update today my DE broke again, i tried to update xrdp, but it still does not work.

Please advise me (DE drops after login on xrdp screen)

[ccsplit]

@ameeno I had this issue as well and if you are using KDE they changed from startkde to startplasma. This may resolve your issue, otherwise I have gotten it to work through the xrdp-git-devel (AUR) package and port=vsock://-1:3389. However, Hyper-V will not automatically change the console over but using Remote Desktop I can connect to the virtual machine.

[rafaeljpc]

@ameeno I chose to configure the tcp connection, and connect using the windows rdp client. I like this setup.

[multipitch]

I'm also having this issue, trying to use arch / gnome on hyper-v; something I updated in the last 3 days has killed my ability to get in to a working graphical session. I've tried rolling back xrdp and the changes suggested for xrdp.ini, but neither of these work for me.

@ccsplit which exact package from AUR did you have success with, there seem to be several similarly-named ones, none of which match your name above: xorgxrdp xorgxrdp-devel-git xorgxrdp-git xrdp xrdp-devel-git xrdp-git

[boppbo]

@multipitch Use xrdp-devel-git, you might have to modify the PKGBUILD to include the --enable-vsock parameter in the configure call.

[multipitch]

Thanks. Doing the following gets me to a working xrdp splash screen again:

• uninstall xrdp, xorgxrdp-devel-git
• install xrdp-devel-git from AUR, modifying PKGBUILD as recommended by @boppbo (adding the following parameter): --enable-vsock
• install xorgxrdp-devel-git from AUR
• run install-config.sh from https://github.com/microsoft/linux-vm-tools/tree/master/arch
• make changes to /etc/xrdp/xrdp.ini as recommended by @prydom

  port=vsock://-1:3389
  use_vsock=false

I can succesfully log in when selecting an "Xvnc" session and entering my credentials.

[multipitch]

Since the release of 0.9.12, I can confirm that installing xrdp and xorgxrdp from AUR (and not xrdp-devel-git and xorgxrdp-devel-git respectively) works fine. The PKGBUILD for xrdp 0.9.12 already contains --enable-vsock so this doesn't need to be modified. The changes to /etc/xrdp/xrdp.ini still need to be made as per the above.

[boekhold]

Any suggestions on how I can try out xrdp-0.9.12 on CentOS 8? I can see that it's available in epel-playground, but I cant work out how to install that on my system...

[boekhold]

Any suggestions on how I can try out xrdp-0.9.12 on CentOS 8? I can see that it's available in epel-playground, but I cant work out how to install that on my system...

Not sure I did this right, but I updated xrdp-0.9.11 using:

$ sudo dnf --allowerasing --enablerepo=epel-playground update xrdp
...
...
$ sudo dnf list xrdp
Last metadata expiration check: 0:18:10 ago on Wed 08 Jan 2020 01:42:28 PM +04.
Installed Packages
xrdp.x86_64                                                                        1:0.9.12-1.epel8.playground                                                                         @epel-playground

This removed xrdp-selinux, but I think that might not be much of an issue?

I'm still getting the same error when starting xrdp however:

Jan 08 13:57:06 centos8 systemd[1]: Started xrdp daemon.
Jan 08 13:57:06 centos8 xrdp[11701]: (11701)(140131971687872)[INFO ] starting xrdp with pid 11701
Jan 08 13:57:06 centos8 xrdp[11701]: (11701)(140131971687872)[INFO ] address [-1] port [3389] mode 3
Jan 08 13:57:06 centos8 xrdp[11701]: (11701)(140131971687872)[INFO ] listening to port 3389 on -1
Jan 08 13:57:06 centos8 xrdp[11701]: (11701)(140131971687872)[ERROR] trans_listen_address failed
Jan 08 13:57:06 centos8 xrdp[11701]: (11701)(140131971687872)[ERROR] xrdp_listen_main_loop: xrdp_listen_get_port failed
Jan 08 13:57:06 centos8 systemd[1]: xrdp.service: Main process exited, code=exited, status=1/FAILURE
Jan 08 13:57:06 centos8 systemd[1]: xrdp.service: Failed with result 'exit-code'.

address/port numbers are parsed correctly now, but it's failing to get the port. vsock is available:

$ lsmod | grep vsock
vsock                  40960  1 hv_sock

[boekhold]

Never mind. I think the package from epel-playground was not build with vsock support. At least I do not see --enable-vsock in the reported Configure options:

$ xrdp --help
xrdp 0.9.12
  A Remote Desktop Protocol Server.
  Copyright (C) 2004-2018 Jay Sorg, Neutrino Labs, and all contributors.
  See https://github.com/neutrinolabs/xrdp for more information.

  Configure options:
      --build=x86_64-redhat-linux-gnu
      --host=x86_64-redhat-linux-gnu
      --program-prefix=
      --disable-dependency-tracking
      --prefix=/usr
      --exec-prefix=/usr
      --bindir=/usr/bin
      --sbindir=/usr/sbin
      --sysconfdir=/etc
      --datadir=/usr/share
      --includedir=/usr/include
      --libdir=/usr/lib64
      --libexecdir=/usr/libexec
      --localstatedir=/var
      --sharedstatedir=/var/lib
      --mandir=/usr/share/man
      --infodir=/usr/share/info
      --enable-fuse
      --enable-pixman
      --enable-painter
      build_alias=x86_64-redhat-linux-gnu
      host_alias=x86_64-redhat-linux-gnu
      CFLAGS=-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection
      LDFLAGS=-Wl,-z,relro  -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld
      PKG_CONFIG_PATH=:/usr/lib64/pkgconfig:/usr/share/pkgconfig

  Compiled with OpenSSL 1.1.1 FIPS  11 Sep 2018

Usage: xrdp [options]
   -h, --help       show help
   -n, --nodaemon   don't fork into background
   -k, --kill       shut down xrdp
   -p, --port       tcp listen port
   -f, --fork       fork on new connection

[itamarjp]

Never mind. I think the package from epel-playground was not build with vsock support. At least I do not see --enable-vsock in the reported Configure options:

you're right, please make a comment in Red Hat bugzilla or submit a patch in src.fedoraproject

https://apps.fedoraproject.org/packages/xrdp/bugs/all https://src.fedoraproject.org/rpms/xrdp

[boekhold]

you're right, please make a comment in Red Hat bugzilla or submit a patch in src.fedoraproject

In fact, a case was already opened on Jan 5 by somebody else: https://bugzilla.redhat.com/show_bug.cgi?id=1787953

[boekhold]

I built the RPM for xrdp-0.9.12 myself, with --enable-vsock applied, and I'm now able to use Hyper-V Enhanced Mode with CentOS 8.

[albeec13]

@ameeno I had this issue as well and if you are using KDE they changed from startkde to startplasma. This may resolve your issue, otherwise I have gotten it to work through the xrdp-git-devel (AUR) package and port=vsock://-1:3389. However, Hyper-V will not automatically change the console over but using Remote Desktop I can connect to the virtual machine.

Thank you! I've been going nuts trying to figure out why my Xorg login through xrdp stopped working for week and basically gave up for command line access.

Turns out my .xinitrc was still calling "startkde". Even "startplasma" isn't sufficient on latest Arch releases. I changed mine to "startplasma-x11" and it worked.