Skip to content

xfce4-session crashes if graphical user opens second session

This issue was originally observed on Red Hat Enterprise Linux 8 when using two IGEL 11 thin clients to log in remotely via the XDMCP protocol. I have also repeated the symptoms by using sudo Xorg -terminate -query <host IP> :1 to remote into one Xubuntu machine from another. When a user tries to log in remotely, xfwm4 will immediately terminate the user's new session if they are already logged in at another graphical session. The first session will not be impacted, but the new session terminates as soon as the Greeter accepts the user's authentication details.

  • On RHEL 8.10, this generates a journald log for xfwm4 that states the window manager is already running (I will try to write down the exact message and post it here later).
  • On Xubuntu 22.04, journald will log a chain of messages that do not directly mention xfwm4. Instead, they begin with the following gkr-pam errors:
[Logs where session c11 is created for user lightdm]
...
lightdm[60337]: gkr-pam: gnome-keyring-daemon started properly
lightdm[58589]: Error activating Login1 session: GDBus.Error:org.freedesktop.DBus.Error.NotSupported: Operation not supported
lightdm[60409]: pam_succeed_if(lightdm:auth): requirement "user ingroup nopasswdlogin" not met by user "#####"
lightdm[60409]: gkr-pam: unable to locate daemon control file
lightdm[60409]: gkr-pam: stashed password to try later in open session
systemd[1]: Stopping Session c11 of user lightdm...
...
[Logs where session c11 is deactivated and enters dead state]

To repeat the issue with Xubuntu (or equivalent environment):

  1. Configure Xubuntu machine 1 to have XDMCP enabled in /etc/lightdm/lightdm.conf and hosting an openSSH server.
  2. Configure 2nd XFCE machine to use as a client (no special requirements).
  3. Log into machine 1 using the greeter. (Alternately, remote in with machine 2 using the command below and substituting ':1' with ':2' if Machine 1 has no monitor)
  4. Log into machine 2 and open a terminal
  5. Run sudo Xorg -terminate -query X.X.X.X :1 (Replace X's with Machine 1's IP) to launch a graphical session for Machine 1 using Machine 2's display.

I do not recommend running this environment on a publicly exposed machine due to XDMCP's inherent insecurity.