Forum Replies Created
-
Posts
-
Same/similar issue here but on EL 7.6
Linux domain joined machine. Local users are fine, domain users are fine, but if local user UID mapped to domain user then cannot logon, get the same error, but the path is different:
<p style=”margin: 0px;”>Error: Cannot create session directory: /usr/NX/var/log/node/C-MachineName-1002-A81E7D1AD8392DB3A0591EAD90AA937F Error is: Operation not permitted</p>
That directory (/usr/NX/var/log/node/) is owned by gdm and has 777 perms. It did also have the sticky bit specified, but I removed that (thinking it was the cause of the issue).
Monitoring that directory with auditctl and can see that when connecting a “chown” is issued for the directory (even though it does not exist), aureport:
448. 23/07/19 09:50:06 /usr/NX/var/log/node/C-MachineName-1002-A81E7D1AD8392DB3A0591EAD90AA937F chown no /usr/NX/bin/nxnode.bin LocalUsername 89729
449. 23/07/19 09:50:06 /usr/NX/var/log/node/ rename yes /usr/NX/bin/nxnode.bin LocalUsername 89730
450. 23/07/19 09:50:06 /usr/NX/var/log/node/ mkdir yes /usr/NX/bin/nxnode.bin LocalUsername 89728
I can see the new directory created is an “F-C” dir:
/usr/NX/var/log/node/F-C-MachineName-1002-A81E7D1AD8392DB3A0591EAD90AA937F
The owner is the local user, the group is “domain users@our.domain” perms are rwxr-xr-x and the contents are empty.
Oh, and currently using Free version (just getting it setup before moving to terminal server edition). Nomachine 6.7.6_11 x86_64