Forum / NoMachine for Linux / Can’t connect in Docker
- This topic has 6 replies, 3 voices, and was last updated 7 years, 11 months ago by Britgirl.
-
AuthorPosts
-
October 3, 2016 at 07:48 #12547bigtractorParticipant
I’m trying to get NoMachine installed in a docker container running lxde on Ubuntu Xenial, but the client fails to connect and keeps showing a spinner. Is there something wrong with the attached dockerfile setup?
MacBook-Air:~ o$ docker run -t -p 4000:4000 -p 22:22 -e PASS=password nomachine-test
NX> 161 Enabled service: nxserver.
NX> 162 WARNING: Cannot find X servers running on this machine.
NX> 162 WARNING: A new virtual display will be created on demand.
NX> 161 Enabled service: nxd.
2016-10-01 11:12:37 713.940 2645 NXSERVER Starting NoMachine server 5.1.54 and services.
2016-10-01 11:12:37 726.296 2645 NXSERVER WARNING! Process ‘/bin/bash –login -c dbus-send –system –dest=org.freedesktop.DBus –type=method_call –print-reply /org/freedesktop/DBus org.freedesktop.DBus.ListNames’ with pid ‘2655/2655’ finished with exit code 127 after 0,006 seconds.
2016-10-01 11:12:37 727.046 2645 NXSERVER WARNING! Command for net statistics not found.
2016-10-01 11:12:37 739.286 2633 NXSERVER WARNING! Sending warning message ‘NX> 162 WARNING: Cannot find X servers running on this machine.’
2016-10-01 11:12:37 739.461 2633 NXSERVER WARNING! Sending warning message ‘NX> 162 WARNING: A new virtual display will be created on demand.’
2016-10-01 11:53:08 041.396 20 NXSERVER Starting NoMachine server 5.1.54 and services.
2016-10-01 11:53:08 050.129 20 NXSERVER WARNING! Process ‘/bin/bash –login -c dbus-send –system –dest=org.freedesktop.DBus –type=method_call –print-reply /org/freedesktop/DBus org.freedesktop.DBus.ListNames’ with pid ’30/30′ finished with exit code 127 after 0,004 seconds.
2016-10-01 11:53:08 050.828 20 NXSERVER WARNING! Command for net statistics not found.
2016-10-01 11:53:08 061.047 8 NXSERVER WARNING! Sending warning message ‘NX> 162 WARNING: Cannot find X servers running on this machine.’
2016-10-01 11:53:08 061.936 8 NXSERVER WARNING! Sending warning message ‘NX> 162 WARNING: A new virtual display will be created on demand.’
2016-10-01 11:53:19 137.867 50 NXSERVER User ‘user’ logged in from ‘172.17.0.1’ using authentication method password.
2016-10-01 11:53:22 511.039 67 NXSERVER ERROR! Failed to determine the client IP
2016-10-01 11:53:22 511.130 67 NXSERVER ERROR! Variables NX_CONNECTION,SSH_CONNECTION,SSH_CLIENT,SSH2_CLIENT not provided.
2016-10-01 11:53:22 511.181 67 NXSERVER ERROR! Please set SSHDCheckIP=1 if you want to refuse the connection.
2016-10-01 11:53:22 511.232 67 NXSERVER ERROR! Failed to get remote port. Environment NX_CONNECTION,SSH_CONNECTION,SSH_CLIENT,SSH2_CLIENT not set
2016-10-01 11:53:22 511.278 67 NXSERVER ERROR! Failed to get local IP. Remote IP is 0.
2016-10-01 11:53:22 515.504 67 NXSERVER ERROR! Wrong process id, received pid 0.
2016-10-01 11:53:22 515.616 67 NXSERVER WARNING! Could not get SSHD PID: Process 0 does not have expected name.
2016-10-01 11:53:22 518.235 67 NXSERVER ERROR! Cannot save forward server pid. ‘value’ for key sshdPid cannot be null
2016-10-01 11:53:22 535.273 20 NXSERVER WARNING! Cannot read nxnode PID from FD#13.
2016-10-01 11:53:22 536.063 20 NXSERVER WARNING! Process ‘/usr/NX/bin/nxexec –node –user user –priority realtime –mode 0 –pid 16′ with pid ’79/79’ finished with exit code 1 after 0,007 seconds.October 4, 2016 at 07:59 #12565bigtractorParticipantI can’t upload the attachments (“Upload Errors: Sorry, this file type is not permitted for security reasons.”). So here’s the text:
DockerFile
FROM ubuntu:xenial
ENV DEBIAN_FRONTEND noninteractive
RUN apt update \
&& apt -y upgrade \
&& apt install -y –no-install-recommends \
curl \
sudo \
openssh-server \
lxde \
&& rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*RUN useradd –create-home –shell /bin/bash user \
&& adduser user sudoRUN curl -L http://download.nomachine.com/download/5.1/Linux/nomachine_5.1.54_1_amd64.deb -o /tmp/nomachine.deb \
&& dpkg –install /tmp/nomachine.deb \
&& rm /tmp/*.deb \
&& apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*RUN mkdir -p /var/run/sshd \
&& sed -i “s/.*PasswordAuthentication.*/PasswordAuthentication yes/g” /etc/ssh/sshd_config \
&& sed -i “s/.*UsePAM.*/UsePAM yes/g” /etc/ssh/sshd_configCOPY run.sh /run.sh
RUN chmod +x run.shEXPOSE 22 4000 4848
CMD [“/run.sh”]
Run.sh
#!/bin/bash
PASS=${PASS:-$(pwgen -s 6 1)}
echo “user:$PASS” | chpasswd/etc/NX/nxserver –startup
tail -f /usr/NX/var/log/nxserver.logDigging deeper, I found this in the nxerror.log
2645 2645 11:12:37 718.294 NXDBusConnect: ERROR! Connection failed: Failed to connect to socket /var/run/dbus/system_bus_socket: No such file or directory
Does this mean NoMachine can’t run in Docker any longer due to issues with DBus?
Thanks
October 5, 2016 at 12:47 #12595CatoParticipantHello bigtractor,
We experienced similar behaviour when AppArmor blocked access to ‘/proc/‘ directory of container. Possible solution is described in section TROUBLESHOOTING of the following article: https://www.nomachine.com/DT08M00100&dn=docker.
October 6, 2016 at 10:40 #12602bigtractorParticipantThanks for your suggestion. It’s not clear whether the AppArmour tips are intended to be run on the host or the docker container, but since I am testing on OS X I ran them in the docker container with no effect. The error is still there in nxerror.log
Failed to connect to socket /var/run/dbus/system_bus_socket: No such file or directory
I noticed that the docker knowledgebase article you linked to had been updated since I opened this thread, so I tried following the dockerfile and run script exactly, updating only the version and md5 variables. Unfortunately it still fails in the exactly the same way as with my own dockerfile.
Assuming your knowledgebase article has been tested, I can’t understand why it’s not working for me when followed exactly.
October 10, 2016 at 07:35 #12642bigtractorParticipantThere was another stealthy update on the docker page the day of my last comment. Although the instructions themselves just say to run docker normally, there is now a new comment at the very end saying to run it in privileged mode. This seems to work, though I can’t understand why NoMachine needs privileged mode.
Happy to have things working, but little concerned about the stealth updates. They were clearly done in response to this thread, but no comment made here to help me out. I had planned to buy workstation packs for our devs, but worried about the quality of support now.
October 10, 2016 at 10:17 #12653BritgirlKeymaster@bigtractor, I am not quite sure why you are concerned that we updated our KB article concerning the OS version that you are using. We try to keep our KB up-to-date as much as possible, and that sometimes means that when users report issues on the forums, we take time out to check whether specific OS versions are working as they’re supposed to. We also make regular checks on syntax and so forth, so an update will result even for the removal of a comma.
The team actually added this part to the article specifically for your case which you took the time to report to us on the forums:
“2) We verified that on Ubuntu 16.04, besides following the above instructions, it’s also necessary to run the container in privileged mode as explained here: https://docs.docker.com/engine/reference/run/”
The developer who replied to you may likely have been preparing his next reply to also inform you that some changes have been made to the article, but I beat him to it 🙂 I will leave it up to Cato to answer your question about privileged mode.
October 17, 2016 at 14:26 #12736BritgirlKeymaster@bigtractor after investigating thoroughly, we can now say what exactly is triggering ‘privileged mode’. It’s caused by the PTRACE parameter which is not provided by the default docker AppArmor profile.
It was enabled for Docker on Ubuntu 14.04 by default, so our article was fine for this platform. But not for 16.04. The same workaround also applies to OS X.
We’ve added a note for 16.04, so the article has been updated since you last wrote here. https://www.nomachine.com/DT08M00100
-
AuthorPosts
This topic was marked as solved, you can't post.