only root can successfully run gdm in Fedora 10

[parminides]

This morning I did a fresh install of Fedora 10. During the installation, I was asked for a password for root, but I was never given the option to create any other accounts.

When I boot to the new installation, no gui appears. The bootup pauses with a login prompt at a command line "terminal."

After logging in as root (the only option), I created an account for myself using adduser. When I try to initiate a Gnome session with gdm, I get a very strange error:

"Failed to acquire org.gnome.displaymanager: Connection "!1.16" is not allowed to run the service "org.gnome.DisplayManager" due to security policies in the configuration file."

After reading some forums, I gathered that the configuration file is /etc/dbus-1/system.d/gdm.conf. Here is that file:

Code:

<!DOCTYPE busconfig PUBLIC
 "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
 "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
<busconfig>

  <!-- Only root can own the service -->
  <policy user="root">
    <allow own="org.gnome.DisplayManager"/>

    <allow send_interface="org.gnome.DisplayManager.Manager"/>
    <allow send_interface="org.gnome.DisplayManager.Display"/>
    <allow send_interface="org.gnome.DisplayManager.LocalDisplayFactory"/>
    <allow send_interface="org.gnome.DisplayManager.Settings"/>
    <allow send_interface="org.gnome.DisplayManager.Slave"/>
    <allow send_interface="org.gnome.DisplayManager.Session"/>
    <allow send_destination="org.gnome.DisplayManager"
           send_interface="org.gnome.DBus.Properties" />
  </policy>

  <policy context="default">
    <deny send_interface="org.gnome.DisplayManager.Manager"/>
    <deny send_interface="org.gnome.DisplayManager.Display"/>
    <deny send_interface="org.gnome.DisplayManager.LocalDisplayFactory"/>
    <deny send_interface="org.gnome.DisplayManager.Settings"/>
    <deny send_interface="org.gnome.DisplayManager.Slave"/>
    <deny send_interface="org.gnome.DisplayManager.Session"/>
    <deny send_destination="org.gnome.DisplayManager"
          send_interface="org.gnome.DBus.Properties" />

    <allow send_interface="org.gnome.DisplayManager.Display"
           send_member="GetId"/>
    <allow send_interface="org.gnome.DisplayManager.Display"
           send_member="GetRemoteHostname"/>
    <allow send_interface="org.gnome.DisplayManager.Display"
           send_member="GetSeatId"/>
    <allow send_interface="org.gnome.DisplayManager.Display"
           send_member="GetX11DisplayName"/>
    <allow send_interface="org.gnome.DisplayManager.Display"
           send_member="GetX11DisplayNumber"/>
    <allow send_interface="org.gnome.DisplayManager.Display"
           send_member="IsLocal"/>

    <allow send_interface="org.gnome.DisplayManager.LocalDisplayFactory"
           send_member="CreateTransientDisplay"/>

    <allow send_interface="org.gnome.DisplayManager.Manager"
           send_member="GetDisplays"/>

  </policy>

  <policy user="gdm">
    <allow send_interface="org.gnome.DisplayManager.Manager"/>
    <allow send_interface="org.gnome.DisplayManager.Display"/>
    <allow send_interface="org.gnome.DisplayManager.LocalDisplayFactory"/>
    <allow send_interface="org.gnome.DisplayManager.Settings"/>
    <allow send_destination="org.gnome.DisplayManager"
           send_interface="org.gnome.DBus.Properties" />
  </policy>

</busconfig>

Note that it explicitly says that only root can own the service. Sure enough,
if I log in as root, gdm runs without a problem.

I tried the modification given at http://forums.fedoraforum.org/showpo...6&postcount=48, and it didn't work. Does anyone know how I can make gdm more accommodating to a diverse group of users, not just root?

[brr872002]

use
startx

edit /etc/ inittab make run level 5 as default

[markkuk]

GDM doesn't "initiate a Gnome session", it's the graphical login screen. Login must run as root, no matter if it's text-mode or graphical. Once GDM is up, you can use it to login as a normal user.

[parminides]

brr872002 said:

use startx

and

edit /etc/ inittab make run level 5 as default

Both of these simple suggestions work. Thanks for the tips!

[kg4giy]

I must be dense.

I have just upgraded to Core 10 and I think I am following the bouncing ball but I am still not seeing what is missing:

My user xstartup looks like this:

[admin@core .vnc]$ cat xstartup
#!/bin/sh

vncconfig -iconic &
# Uncomment the following two lines for normal desktop:
#unset SESSION_MANAGER
#exec /etc/X11/xinit/xinitrc

[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
xsetroot -solid grey
xterm -geometry 80x24+10+10 -ls -title "$VNCDESKTOP Desktop" &
#twm &
#gdm &
kdm &


With kdm, I get this error:

[admin@core .vnc]$ cat core.lab.va.gov:1.log

Xvnc Free Edition 4.1.3
Copyright (C) 2002-2008 RealVNC Ltd.
See http://www.realvnc.com for information on VNC.
Underlying X server release 10503000,


Tue Feb 24 14:30:13 2009
vncext: VNC extension running!
vncext: Listening for VNC connections on port 5901
vncext: created VNC server for screen 0
Only root wants to run kdm


With gdm, I get this:

[admin@core .vnc]$ cat core.lab.va.gov:1.log

Xvnc Free Edition 4.1.3
Copyright (C) 2002-2008 RealVNC Ltd.
See http://www.realvnc.com for information on VNC.
Underlying X server release 10503000,


Tue Feb 24 14:35:14 2009
vncext: VNC extension running!
vncext: Listening for VNC connections on port 5901
vncext: created VNC server for screen 0

** (gdm-binary:2745): WARNING **: Failed to acquire org.gnome.DisplayManager: Connection ":1.28" is not allowed to own the service "org.gnome.DisplayManager" due to security policies in the configuration file

** (gdm-binary:2745): WARNING **: Could not acquire name; bailing out

Pretty standard errors so far, right?

I should note I guess that my desktop is running fine with Gnome at level 5. I have flipped SELinux into permissive for the moment...

Following the bouncing ball, I check /etc/dbus-1/system.d/gdm.conf and find this:

[root@core system.d]# cat gdm.conf
<!DOCTYPE busconfig PUBLIC
"-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
"http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
<busconfig>

<!-- Only root can own the service -->
<policy user="root">
<allow own="org.gnome.DisplayManager"/>

<allow send_interface="org.gnome.DisplayManager.Manager"/>
<allow send_interface="org.gnome.DisplayManager.Display"/>
<allow send_interface="org.gnome.DisplayManager.LocalDisp layFactory"/>
<allow send_interface="org.gnome.DisplayManager.Settings"/>
<allow send_interface="org.gnome.DisplayManager.Slave"/>
<allow send_interface="org.gnome.DisplayManager.Session"/>
<allow send_destination="org.gnome.DisplayManager"
send_interface="org.gnome.DBus.Properties" />
</policy>

<policy context="default">
<deny send_interface="org.gnome.DisplayManager.Manager"/>
<deny send_interface="org.gnome.DisplayManager.Display"/>
<deny send_interface="org.gnome.DisplayManager.LocalDisp layFactory"/>
<deny send_interface="org.gnome.DisplayManager.Settings"/>
<deny send_interface="org.gnome.DisplayManager.Slave"/>
<deny send_interface="org.gnome.DisplayManager.Session"/>
<deny send_destination="org.gnome.DisplayManager"
send_interface="org.gnome.DBus.Properties" />

<allow send_interface="org.gnome.DisplayManager.Display"
send_member="GetId"/>
<allow send_interface="org.gnome.DisplayManager.Display"
send_member="GetRemoteHostname"/>
<allow send_interface="org.gnome.DisplayManager.Display"
send_member="GetSeatId"/>
<allow send_interface="org.gnome.DisplayManager.Display"
send_member="GetX11DisplayName"/>
<allow send_interface="org.gnome.DisplayManager.Display"
send_member="GetX11DisplayNumber"/>
<allow send_interface="org.gnome.DisplayManager.Display"
send_member="IsLocal"/>

<allow send_interface="org.gnome.DisplayManager.LocalDisp layFactory"
send_member="CreateTransientDisplay"/>

<allow send_interface="org.gnome.DisplayManager.Manager"
send_member="GetDisplays"/>

</policy>

<policy user="gdm">
<allow send_interface="org.gnome.DisplayManager.Manager"/>
<allow send_interface="org.gnome.DisplayManager.Display"/>
<allow send_interface="org.gnome.DisplayManager.LocalDisp layFactory"/>
<allow send_interface="org.gnome.DisplayManager.Settings"/>
<allow send_interface="org.gnome.DisplayManager.Slave"/>
<allow send_interface="org.gnome.DisplayManager.Session"/>
<allow send_destination="org.gnome.DisplayManager"
send_interface="org.gnome.DBus.Properties" />
</policy>

</busconfig>

Everything looks good.

So what exactly am I missing? I cannot remember having so much trouble getting VNC running on the server side before?

Thanks!

DAVID