Bug 1774244

Summary: systemd does not properly start VNC when run via runuser context
Product: Red Hat Enterprise Linux 7 Reporter: Joe Wright <jwright>
Component: systemdAssignee: systemd-maint
Status: CLOSED DUPLICATE QA Contact: Frantisek Sumsal <fsumsal>
Severity: urgent Docs Contact:
Priority: unspecified    
Version: 7.7CC: alanm, casantos, jgrulich, jraising, mkolbas, systemd-maint-list
Target Milestone: rcKeywords: Regression
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-11-20 06:25:13 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Joe Wright 2019-11-19 20:55:31 UTC 
Description of problem:
systemd does not properly start VNC fails, and deletes the pid file, does not kill the started process, and reports failed with the following error:

Nov 19 11:58:05 localhost runuser[18857]: pam_unix(runuser-l:session): session opened for user test by (uid=0)
Nov 19 11:58:05 localhost runuser[18857]: xauth:  file /home/test/.Xauthority does not exist
Nov 19 11:58:08 dhcp-1-183-84.sd.lab.cee.rdu2.redhat.com runuser[18857]: New 'localhost:1 (test)' desktop is localhost:1
Nov 19 11:58:08 localhost runuser[18857]: Creating default config /home/test/.vnc/config
Nov 19 11:58:08 localhost runuser[18857]: Starting applications specified in /home/test/.vnc/xstartup
Nov 19 11:58:08 localhost runuser[18857]: Log file is /home/test/.vnc/localhost:1.log
Nov 19 11:58:08 localhost runuser[18857]: pam_unix(runuser-l:session): session closed for user test
Nov 19 11:58:08 localhost[1]: New main PID 18882 does not belong to service, and PID file is not owned by root. Refusing.
Nov 19 11:58:08 localhost[1]: New main PID 18882 does not belong to service, and PID file is not owned by root. Refusing.
Nov 19 11:58:08 localhost[1]: Failed to start Remote desktop service (VNC).
-- Subject: Unit vncserver@:1.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- Unit vncserver@:1.service has failed.
-- 
-- The result is failed.
Nov 19 11:58:08 localhost systemd[1]: Unit vncserver@:1.service entered failed state.
Nov 19 11:58:08 localhost systemd[1]: vncserver@:1.service failed.

Version-Release number of selected component (if applicable):
systemd-219-67.el7_7.2

How reproducible:


Steps to Reproduce:
1. Install RHEL 7.7
2. Configure VNC per https://access.redhat.com/solutions/966063
3. Attempt to start the daemon

Actual results:
- fails to start

Expected results:
- process starts normally

Additional info:
Supposedly this is related to a change to the runuser context handling in systemd which now requires that the pid file be owned by root, including for processes started via the runuser context, which would not necessarily have the pid file owned by root.

The only realistic workaround that I am aware of is to not update to this version of systemd. There is a kludge that you could do with the unit file that I've hacked together, but I advise against starting VNC instances as a oneshot type.
Comment 5 Jan Grulich 2019-11-20 06:25:13 UTC 

*** This bug has been marked as a duplicate of bug 1747191 ***