Cannot write to .Xauthority

[Armaggedon]

Hi all,

I’m using the evaluation period for testing a cluster consisting in one Enterprise Terminal Server and one Terminal Server Node using default configuration. Both are CentOS 7 and running NoMachine products version 6.5.6. KDE as desktop and properly configured on DefaultDesktopCommand setting.

Node Protocol Label Status Load-B Manual-S Weight Limit
--------------- -------- ----- ------- ------ -------- ------ -----
node:4000 NX running yes yes
localhost:4000 NX running yes yes

Class Type Value
--------- -------------------------- ------
feature manual-node-selection no
feature server-clipboard yes
feature enable-profiles yes
feature enable-guest no
feature enable-multiserver no
feature enable-multinode yes
feature node-load-balancing yes
feature client-clipboard yes
feature bandwidth no

So when creating a virtual desktop on the ETS everything works like a charm. However, when selecting the TSN, I get prompted with:

The session negotiation failed.

Error: Cannot write to .Xauthority file in on the local host. Please verify permission attributes for that file.

My home directory is on my corporate network file system. .Xauthority file has the right permissions (0600) and nothing changes if I delete it: TSN is unable to create it but TSN can.

Does anyone have an idea what might be going on?

[Armaggedon]

Apparently I cannot edit my post… When I said TSN is unable to create it but TSN can, I meant “TSN is unable to create it but ETS can”.

[brotech]

Hello,
Lets focus on remote node. If you have correct permissions when logging in there using SSH, please create backup of /etc/pam.d/nx and then copy /etc/pam.d/sshd over /etc/pam.d/nx. After that, try to start NX session again on the TSN.

If your remote node uses pam_mount module, then this article might be helpful: https://www.nomachine.com/AR09N00902

[Armaggedon]

Hello brotech,

I’m a bit lost with this but I think I did it correctly. As my user could ssh normally inside the node, I overrode /etc/pam.d/nx with the contents of /etc/pam.d/sshd. Still nothing happened.

I’m not sure how the pam_mount module is configured in my organization, but just in case I followed the steps of your article (both methods) and yet nothing happens.

[brotech]

Hello,
please enable debug, reproduce issue, then gather logs as described in article: https://www.nomachine.com/DT10O00163 and send to forum[at]nomachine[dot]com

Please ensure that mail’s subject is ‘Cannot write to .Xauthority’ so we can track properly that
issue. If you could attach also the /etc/pam.d directory, it might be useful.
To make one file which contains the whole pam.d directory, run in a terminal:
tar -zcf myownpamd.tar.gz /etc/pam.d

[Cato]

Hello Armaggedon,

There are few possible reasons of problem with accessing .Xauthority file. Check if you can establish NoMachine session after following instructions for each of the listed scenarios separately.

1. The home directory is not mounted.

Start terminal ssh session to remote node host, to make sure that home directory is mounted.

2. Home directory is mounted, but SELinux is preventing access.

Follow this article to temporarily disable selinux or set it to permissive mode:

https://linuxize.com/post/how-to-disable-selinux-on-centos-7

3. The file has correct permission, but not the correct owner.

Make sure that the owner of the file is the same as user who attempts to establish NoMachine session.

4. There’s some difference in configuration between server machine and remote node machine.

Look for potential differences in /etc/pam.d directories on ETS and TSN.

[Author]

Posts