0

I've a RHEL 7.4 box with TightVNC service enabled on boot and sometimes the service fails to start with a PAM permission denied error:

systemd[2027]: pam_nologin(login:account): conversation failed
systemd[2027]: Failed at step PAM spawning /usr/bin/vncserver: Operation not permitted
systemd[1]: vncserver@:1.service: control process exited, code=exited status=224
systemd[1]: Failed to start Remote desktop service (VNC).
systemd[1]: Unit vncserver@:1.service entered failed state.
systemd[1]: vncserver@:1.service failed.

But after boot if I simply restart the service it starts successfully.

I'm not sure what's causing this issue, or if it's a precedence issue during systemd startup on boot.

The service file was created this way:

[Unit]
Description=Remote desktop service (VNC)
After=syslog.target network.target

[Service]
Type=forking
User=vncuser
PAMName=login

# Clean any existing files in /tmp/.X11-unix environment
ExecStartPre=-/usr/bin/vncserver -kill %i
ExecStart=/usr/bin/vncserver %i -geometry 1280x1024 -nolisten tcp
PIDFile=/home/vncuser/.vnc/%H%i.pid
ExecStop=-/usr/bin/vncserver -kill %i

[Install]
WantedBy=multi-user.target

RHEL 7.4 is fully updated until it was possible, since the subscription does not offer EUS.

Thanks

Vinícius Ferrão
  • 5,520
  • 11
  • 55
  • 95
  • Why did you freeze on 7.4, then? 7.6 is current and supported. – Michael Hampton Dec 09 '18 at 17:44
  • Requirement for ANSYS Engineering software support. – Vinícius Ferrão Dec 09 '18 at 17:53
  • 1
    They require exactly 7.4? That's a little odd. – Michael Hampton Dec 09 '18 at 19:39
  • Yep, take a look at the table on page 3 of this PDF: https://www.ansys.com/-/media/ansys/corporate/files/pdf/solutions/it-professionals/platform-support/platform-support-strategy-plans-192.pdf?la=en; the last release available of ANSYS as today is 19.2. – Vinícius Ferrão Dec 10 '18 at 12:03
  • Well, you have a couple of options if you want updates: You can buy EUS, or you can just update to 7.6. My experience tells me that you're unlikely to have any sort of problem with updating to 7.6; why they don't list "support" for it iis a complete mystery. Perhaps they just never tested that version of their product on 7.6. It might be worth trying it out in a lab to see what happens. – Michael Hampton Dec 10 '18 at 12:31

0 Answers0