You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@guacamole.apache.org by Kevin Cameron <ke...@gmail.com> on 2022/11/07 16:21:49 UTC
Configuration to recycle user sessions on Centos
Hi all,
I am using Guacamole for multiple users to connect to specific machines
depending on their AD membership.
The machines are all Centos 7 VMs using xrdp and Gnome.
I have Guacamole connections setup with the user and pw variable so they
pass through the values the user enters and that is used to authenticate
the user. The user is passed right to the desktop.
This is all working: The problem I have is I have random users that have
multiple sessions open when I run loginctl. Some of these sessions are
weeks old and are orphans.
By default XRDP has -1 set for the port so it always looks for a fresh port
to connect the user on.
Various solutions online suggest setting XRDP to ask on connection for a
port or to set a fixed port but then all users would end up on the same
session which would be bad!
Has anyone come across this and how did they resolve this?
Thanks,
Kevin
RE: Configuration to recycle user sessions on Centos
Posted by Kevin Cameron <kc...@kinaxis.com.INVALID>.
Thanks for the feedback Sean, after looking into your script idea I was able to narrow it down further to an issue with the ibus-daemon process hanging around after xrdp closes (I already have it setup to timeout but I had just assumed it was not working.
Thanks,
Kevin
Kevin Cameron
Senior Cloud Orchestration Engineer
[https://apps.kinaxis.com/email-signature/images/Kinaxis-logo-150px.png]<http://www.kinaxis.com/>
O: +1 (343) 803-3972 | M: +1 (613) 850-3955
[https://apps.kinaxis.com/email-signature/images/icon-linkedin-32px-lightblue.png]<https://www.linkedin.com/company/kinaxis> [https://apps.kinaxis.com/email-signature/images/icon-twitter-32px-lightblue.png] <https://twitter.com/kinaxis> [https://apps.kinaxis.com/email-signature/images/icon-facebook-32px-lightblue.png] <http://www.facebook.com/Kinaxis> [https://apps.kinaxis.com/email-signature/images/icon-youtube-32px-lightblue.png] <http://www.youtube.com/user/KinaxisCorporate> [https://apps.kinaxis.com/email-signature/images/icon-instagram-32px-lightblue.png] <https://www.instagram.com/kinaxis/>
Follow Kinaxis on LinkedIn <https://www.linkedin.com/company/kinaxis/> for the latest supply chain insights.
Confidential. This email and any attachments hereto may contain private, confidential, and privileged material for the sole use of the addressee. Any review, copying, or distribution of this email (or any attachments thereto) by others is strictly prohibited. If you are not the intended recipient, please return this email to the sender immediately and permanently delete the original and any copies of this email and any of its attachments. Thank you.
From: Sean Hulbert <sh...@securitycentric.net.INVALID>
Sent: Monday, November 7, 2022 11:32 AM
To: user@guacamole.apache.org
Subject: RE: Configuration to recycle user sessions on Centos
This is an xRDP, in either sesmen.ini or xrdp.ini set connections to 1 then there are timeouts that reset the connections.
Or you can just right a bash script using awk sed detect a closed port port 3389 it resets the connection after nth time.
Hope his helps
Sean
Sent by Android Ai hijacked INS communications 6G
-------- Original message --------
From: Kevin Cameron <ke...@gmail.com>>
Date: 11/7/22 8:22 AM (GMT-08:00)
To: user@guacamole.apache.org<ma...@guacamole.apache.org>
Subject: Configuration to recycle user sessions on Centos
Hi all,
I am using Guacamole for multiple users to connect to specific machines depending on their AD membership.
The machines are all Centos 7 VMs using xrdp and Gnome.
I have Guacamole connections setup with the user and pw variable so they pass through the values the user enters and that is used to authenticate the user. The user is passed right to the desktop.
This is all working: The problem I have is I have random users that have multiple sessions open when I run loginctl. Some of these sessions are weeks old and are orphans.
By default XRDP has -1 set for the port so it always looks for a fresh port to connect the user on.
Various solutions online suggest setting XRDP to ask on connection for a port or to set a fixed port but then all users would end up on the same session which would be bad!
Has anyone come across this and how did they resolve this?
Thanks,
Kevin
RE: Configuration to recycle user sessions on Centos
Posted by Sean Hulbert <sh...@securitycentric.net.INVALID>.
This is an xRDP, in either sesmen.ini or xrdp.ini set connections to 1 then there are timeouts that reset the connections.Or you can just right a bash script using awk sed detect a closed port port 3389 it resets the connection after nth time. Hope his helpsSeanSent by Android Ai hijacked INS communications 6G
-------- Original message --------From: Kevin Cameron <ke...@gmail.com> Date: 11/7/22 8:22 AM (GMT-08:00) To: user@guacamole.apache.org Subject: Configuration to recycle user sessions on Centos Hi all, I am using Guacamole for multiple users to connect to specific machines depending on their AD membership.The machines are all Centos 7 VMs using xrdp and Gnome.I have Guacamole connections setup with the user and pw variable so they pass through the values the user enters and that is used to authenticate the user. The user is passed right to the desktop.This is all working: The problem I have is I have random users that have multiple sessions open when I run loginctl. Some of these sessions are weeks old and are orphans. By default XRDP has -1 set for the port so it always looks for a fresh port to connect the user on.Various solutions online suggest setting XRDP to ask on connection for a port or to set a fixed port but then all users would end up on the same session which would be bad!Has anyone come across this and how did they resolve this?Thanks,Kevin