Forum / NoMachine Cloud Server Products / Can’t Create Any Virtual Desktops or start nxd
- This topic has 13 replies, 5 voices, and was last updated 9 years, 4 months ago by Bilbotine.
-
AuthorPosts
-
July 10, 2015 at 14:42 #7670newmaniumParticipant
Hi,
I’m testing out NoMachine Enterprise server version 4.6.4-14 on Ubuntu 14.04 using client version 4.6.4 on Windows. I’m interested in buying some licenses for this, but only if I can get version 4 working. We’ve been using version 3 for some time now but have been having issues getting version 4 working on Ubuntu 12.04 and 14.04 (the problem does seem to be on the nxserver side).
When the nxserver starts up, it tries to start the nxd daemon over and over, but it immediately dies every time with “signal 13”. I can’t seem to find any insight in the debug logs as to what signal 13 is indicating, but the command that nxProcessCreate is trying to run is:
nxProcessCreate: ‘/usr/NX/bin/nxd’ ‘/usr/NX/bin/nxd /usr/NX/bin/nxd’ ‘HOME=/var/NX/nx LD_LIBRARY_PATH=/usr/NX/lib NX_FEATURES=myhost11,VMwareInc.VMwareVirtualPlatform,Linux,Ubuntu 14.04.2 LTS,3.13.0,x86_64,2,3956285440,311 NX_SYSTEM=/usr/NX NX_VERSION=4.6.4′ ’16’ ’18’ ’19’ ‘101’
…and that fails for some unknown reason.
When attempting to create a new virtual desktop with the “SSH” connection method, the same “signal 13” exit code is thrown and the child node process dies, failing to create a new virtual desktop (the user sees “session negotiation failed”).
nxProcessCreate: ‘/usr/NX/bin/nxexec’ ‘/usr/NX/bin/nxexec /usr/NX/bin/nxexec –node –user test –priority –mode 0’ ‘NX_FEATURES=svlchi6dkevin1,VMwareInc.VMwareVirtualPlatform,Linux,Ubuntu 14.04.2 LTS,3.13.0,x86_64,2,3956285440,311 NX_USER_GROUPS=test. NX_VERSION=4.6.4 SSH_CLIENT=10.10.106.83 62140 22 SSH_CONNECTION=10.10.106.83 62140 10.2.2.60 22′ ’18’ ’18’ ’17’ ‘101’
I’ve attached the nxserver.log file, divided into two portions since it’s rather large. The first portion is nxserver startup where you can see the nxd exiting on signal 13 over and over until it gives up. The next log is an attempt by a remote user to create a new KDE virtual desktop, where you can see the nxexec command exit on signal 13 and fail.
Any ideas on what’s causing this? Is there anything more I can do to debug this? Turning up the LogLevel to 7 is about all I’m aware of. And again, I’m interested in buying the licensed version of Enterprise Server, but only if I can actually get it to work.
Thanks!
July 10, 2015 at 14:43 #7677BritgirlKeymasterHello, the logs weren’t attached. Can you send them to forums[at]nomachine[dot]com? Make sure you reference your topic title. Thanks.
July 13, 2015 at 08:53 #7679newmaniumParticipantDone. I just sent them to that email address. Also trying to attach them to this post with a different file extension (.txt this time).
Attachments:
July 13, 2015 at 09:08 #7689BritgirlKeymasterMy error, it’s forum@…….Not forums@…
July 13, 2015 at 11:14 #7694rezaParticipantHello,
It’s not only nxd that fails with signal 13. Even system tools like ‘netstat’, ‘ps’, ‘ck-list-sessions’ are failing in the same way.
Do you have AppArmor or SELinux enabled?
Can you check system logs to see why execution of all these commands is blocked?
July 17, 2015 at 09:00 #7737newmaniumParticipantDefinitely no apparmor or selinux installed (only required, related packages for KDE and such):
root@myhost1:/usr/NX/var/log# dpkg -l |grep -iw apparmor
ii libapparmor-perl 2.8.95~2430-0ubuntu5.1 amd64 AppArmor library Perl bindings
ii libapparmor1:amd64 2.8.95~2430-0ubuntu5.1 amd64 changehat AppArmor library
ii python3-apparmor 2.8.95~2430-0ubuntu5.1 amd64 AppArmor Python3 utility library
ii python3-libapparmor 2.8.95~2430-0ubuntu5.1 amd64 AppArmor library Python3 bindingsroot@myhost1:/usr/NX/var/log# dpkg -l |grep selin
ii libselinux1:amd64 2.2.2-1ubuntu0.1 amd64 SELinux runtime shared libraries
ii libselinux1-dev:amd64 2.2.2-1ubuntu0.1 amd64 SELinux development headersSystem auth.log does not record any instance of denying execution of those commands, though yes, I can see that everything seems to fail in the same way. Is there any way for me to manually reproduce those commands in an interactive session? It seems difficult to do since the nx user’s shell is /etc/NX/nxserver:
nx:x:113:20113::/var/NX/nx:/etc/NX/nxserverIs nx trying to run these commands with sudo privileges? syslog is totally empty as well, so the nxserver.log and nxerror.log are all I have to go on at the moment. Any insight you can provide on how to manually test these commands that nx is trying to run would be helpful.
Thanks!
July 17, 2015 at 10:45 #7742rezaParticipantAre you using LDAP?
How your installation is differ from?
Commands are not executed with help of sudo.
You can try to test them manually with:
$ sudo su - nx -s /bin/bash $ /bin/ps awwxo ppid,pid,sid,comm,args $ /bin/netstat -ln --protocol=unix
July 20, 2015 at 10:01 #7748newmaniumParticipantI am using LDAP, yes, but the nx user is not an LDAP account.
Relevant PAM section for LDAP:
/etc/pam.d/common-auth:
auth [success=3 default=ignore] pam_krb5.so minimum_uid=1000
auth [success=2 default=ignore] pam_unix.so nullok_secure try_first_pass
auth [success=1 default=ignore] pam_ldap.so use_first_pass
auth requisite pam_deny.so
auth required pam_permit.soWhen I run commands manually as the nx user with “su – nx -s /bin/bash” they all seem to succeed. I even did them with “su – nx -s /bin/bash -c ‘command'” and they worked.
July 20, 2015 at 10:04 #7753newmaniumParticipantSo I have narrowed it down to LDAP being in nsswitch.conf. Once I remove the “ldap” entries, the /usr/NX/bin/nxd daemon starts up properly and virtual desktops are started successfully.
Is there something about having ldap in the nsswitch that is known to cause these failures with signal 13?
/etc/nsswitch.conf:
#
# Example configuration of GNU Name Service Switch functionality.
# If you have theglibc-doc-reference' and
info’ packages installed, try:
# `info libc “Name Service Switch”‘ for information about this file.passwd: compat
ldap [UNAVAIL=return]
group: compatldap [UNAVAIL=return]
shadow: compatldap [UNAVAIL=return]hosts: files dns
networks: filesprotocols: db files
services: db files
ethers: db files
rpc: db filesJuly 21, 2015 at 08:48 #7772graywolfParticipantnewmanium, this looks an issue in nss_ldap.
You can find a patched 264 version of nss_ldap for Ubuntu 14.04 x86_64 here.
July 31, 2015 at 13:25 #7857newmaniumParticipantJust to follow up on that last post: through my own testing I can see that libnss-pam-ldapd is NOT affected by the same bug and works great. I’ll probably go the route of just switching everything over to libnss-pam-ldapd + nslcd.
July 31, 2015 at 13:42 #7866BilbotineParticipantHi newmanium,
we are glad it works now!
July 31, 2015 at 14:00 #7827newmaniumParticipantThanks! That does seem to solve the issue when I install that .deb. However, I’d probably prefer to build that .deb myself. Is there a specific bug in nss_ldap that you could point me to so I can build something that includes the fix?
Also, do you know if nss-pam-ldapd works any better with NoMachine Enterprise? I already was considering changing all of my hosts to that library for LDAP anyway.
July 31, 2015 at 15:08 #7872BilbotineParticipantHi newmanium,
A patch is available here: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=+748341
As for nss-pam-ldapd, it works fine with NoMachine. It’s not affected by any bugs known to us which may break our application.
-
AuthorPosts
This topic was marked as solved, you can't post.