Monday, 22 February 2016

Ubuntu, RDP, and how hard is it to supply a .deb package anyway?

So, what's this all about then? Well, what this is about is getting access to a graphical session on a remote linux machine over the internet. If you wanted a shell session you'd use SSH for this, and that's all fine and well, but sometimes one does actually require a GUI. That's a problem because your traditional Grey Beard linux type does not like GUIs, does not want GUIs and will make bugger all effort to provide you with one.

Anyway you need one, and this is how it's done. I was actually going to make this one long post - but it got very long, so I've split it up. Part 2 will be along later which is all about how you can access your machine over the internet entirely inside a browser, should you be interested in that sort of thing, but lets stick with the actual "getting a remote graphical session working" bit for the time being.

Traditionally one uses VNC, or even straight up X11 forwarding to get a graphical session on a remote Linux machine.

The trouble with this is that like most things "traditional" it's bloody terrible. X11 forwarding might just about be ok over a high speed private network, but over the internet sending a whole uncompressed X session is just silly. VNC on the other hand isn't much better, and the only reason it hasn't won the "worst remote desktop protocol ever" award is that raw X11 forwarding exists.

If you were to have a quick search for say... "ubuntu remote desktop" you'd find that most of these posts are either about using VNC (which is bad) or XRDP, which on the face of it once one gets over the whole Microsoft connection, is a much better idea. In comparison to VNC, RDP is a much more sensible protocol and vaguely fit for purpose in the 21st century.

Here's a little diagram for you representing the path your session is taking if you just go right ahead and install XRDP out of the Ubuntu repos and leave everything at its defaults

  1. [RDP client] <-- client machine
         |
    [RDP Server] <-- Server machine
         |
    [VNC Client] <-- Wait... what?
         | 
    [VNC Server] <-- Why?
         |
    [X11 Server] <-- Finally!
    

As you can see, that's pretty stupid. We have a totally unnecessary VNC server sitting in the middle of our chain. Fortunately there is a tool, X11rdp, that fixes this by connecting the RDP server to the X server directly. Unfortunately it's not packaged for Ubuntu, or anything else I can find, and it's a bugger to build, which to be honest is where this post comes in.

Fortunately a nice man called Kevin Cave has done most of the hard work for us and worked out how to actually get this bastard built. He even wrote a script that will do 99% of it for you. You can get that script here: https://github.com/scarygliders/X11RDP-o-Matic and we're going to be using it below. It's a little out of date, but with a few minor modifications this works.

Very loosely we're going to be doing the following:

  • Build the X11rdp and xrdp .deb packages.
  • Install the Mate desktop so we have an X session to connect to.
  • Build and install the pulse audio module module-xrdp-sink to provide an RDP compatible pulse audio sink.
  • Install X11rdp and xrdp from the packages
  • Add additional keymap files and configure xrdp to use them (because we don't all live in America!)
  • Theme the xrdp session manager so it's less damn hideous

The reason for the slightly strange build order is firstly, because to build the pulse audio module you're going to need some files that are pulled in whilst building the xrdp package, and it saves fetching them twice, and secondly because the rest of the files required for building that module depend on the version of pulse audio you have installed. You won't know that until after you've installed your desktop environment (well, if you're following along exactly you will - it's 4.0 for Ubuntu 14.04) so you'll need to install your DE beforehand.

Here we go then. Step one:

Building your packages

I'm going to do this on a server install of Ubuntu 14.04 - you can get the install image at http://releases.ubuntu.com/14.04/ubuntu-14.04.3-server-amd64.iso

It's a totally clean install, the only thing selected was "Open SSH server" at the package selection stage. It has a user called "user" with a password "user" which is obviously stupid, but for the sake of this demo I think we can live with it. From here on in, anything you see in

  1. code tags
is being executed via SSH on this machine, which as you can tell is called "the-circle".

I'm going to start with a sudo su. There's all sorts of reasons why you should never do this, but in this case I'm going to do it anyway because otherwise my nice clean instructions will end up with a totally superfluous sudo on the beginning of every line. If you really enjoy typing sudo a lot, you can mentally re-insert that one.

  1. user@the-circle:~# sudo su
  2. [sudo] password for user:
  3. root@the-circle:/home/user# cd ~

Before we do anything else, we should update our package lists and install build-essentials (because we're not going to be compiling anything without it) git (because we'll need it to get the x11rdp build script later on) and freerdp because it's a soft dependency for building the x11rdp package that the build script will ignore, but cause a ton of errors later if we don't have it.

  1. root@the-circle:~# apt-get update
  2. Ign http://gb.archive.ubuntu.com trusty InRelease
    Get:1 http://gb.archive.ubuntu.com trusty-updates InRelease [65.9 kB]
    Get:2 http://gb.archive.ubuntu.com trusty-backports InRelease [65.9 kB]
    Hit http://gb.archive.ubuntu.com trusty Release.gpg
    Hit http://gb.archive.ubuntu.com trusty Release
    
    ...snip...
    
    Fetched 2,823 kB in 5s (530 kB/s)
    Reading package lists... Done
    
  3. root@the-circle:~# apt-get install -y build-essential git freerdp
  4. Reading package lists... Done
    Building dependency tree
    Reading state information... Done
    Note, selecting 'freerdp-x11' instead of 'freerdp'
    The following extra packages will be installed:
      binutils cpp cpp-4.8 dpkg-dev fakeroot g++ g++-4.8 gcc gcc-4.8 gcc-4.8-base
      git-man libalgorithm-diff-perl libalgorithm-diff-xs-perl
      libalgorithm-merge-perl libasan0 libasound2 libasound2-data libasyncns0
      libatomic1 libavahi-client3 libavahi-common-data libavahi-common3
      libc-dev-bin libc6 libc6-dev libcloog-isl4 libcups2 libdpkg-perl
      liberror-perl libfakeroot libfile-fcntllock-perl libflac8
      libfreerdp-plugins-standard libfreerdp1 libgcc-4.8-dev libgmp10 libgomp1
      libisl10 libitm1 libmpc3 libmpfr4 libogg0 libpulse0 libquadmath0 libsndfile1
      libstdc++-4.8-dev libstdc++6 libtsan0 libvorbis0a libvorbisenc2 libxcursor1
      libxfixes3 libxinerama1 libxkbfile1 libxrender1 libxv1 linux-libc-dev make
      manpages-dev
    Suggested packages:
      binutils-doc cpp-doc gcc-4.8-locales debian-keyring g++-multilib
      g++-4.8-multilib gcc-4.8-doc libstdc++6-4.8-dbg gcc-multilib autoconf
      automake1.9 libtool flex bison gdb gcc-doc gcc-4.8-multilib libgcc1-dbg
      libgomp1-dbg libitm1-dbg libatomic1-dbg libasan0-dbg libtsan0-dbg
      libquadmath0-dbg git-daemon-run git-daemon-sysvinit git-doc git-el git-email
      git-gui gitk gitweb git-arch git-bzr git-cvs git-mediawiki git-svn
      libasound2-plugins alsa-utils glibc-doc cups-common pulseaudio
      libstdc++-4.8-doc make-doc
    The following NEW packages will be installed
      binutils build-essential cpp cpp-4.8 dpkg-dev fakeroot freerdp-x11 g++
      g++-4.8 gcc gcc-4.8 git git-man libalgorithm-diff-perl
      libalgorithm-diff-xs-perl libalgorithm-merge-perl libasan0 libasound2
      libasound2-data libasyncns0 libatomic1 libavahi-client3 libavahi-common-data
      libavahi-common3 libc-dev-bin libc6-dev libcloog-isl4 libcups2 libdpkg-perl
      liberror-perl libfakeroot libfile-fcntllock-perl libflac8
      libfreerdp-plugins-standard libfreerdp1 libgcc-4.8-dev libgmp10 libgomp1
      libisl10 libitm1 libmpc3 libmpfr4 libogg0 libpulse0 libquadmath0 libsndfile1
      libstdc++-4.8-dev libtsan0 libvorbis0a libvorbisenc2 libxcursor1 libxfixes3
      libxinerama1 libxkbfile1 libxrender1 libxv1 linux-libc-dev make manpages-dev
    The following packages will be upgraded:
      gcc-4.8-base libc6 libstdc++6
    3 to upgrade, 59 to newly install, 0 to remove and 109 not to upgrade.
    Need to get 49.9 MB of archives.
    After this operation, 147 MB of additional disk space will be used.
    ...snip...
    

let's not waste your time reading the output of an apt-get update and install. You know what they look like and what they do.

Next, we'll want a copy of the X11RDP-o-Matic script. We can get that through git (which is why we just installed it)

  1. root@the-circle:~# git clone https://github.com/scarygliders/X11RDP-o-Matic
  2. Cloning into 'X11RDP-o-Matic'...
    remote: Counting objects: 503, done.
    remote: Total 503 (delta 0), reused 0 (delta 0), pack-reused 503
    Receiving objects: 100% (503/503), 153.12 KiB | 0 bytes/s, done.
    Resolving deltas: 100% (289/289), done.
    Checking connectivity... done.
    

Now we have the script we're going to make a tiny change to it because it's mean to run "interactive" only it doesn't. All that running it interactively gets you is a ncurses style output of what it's doing, which is actually a pain in the ass if you're trying to log it. You don't have to do this of course, but it annoyed me so I turned it off.

  1. root@the-circle:~# cd X11RDP-o-Matic/
  2. root@the-circle:~/X11RDP-o-Matic# sed -i 's/INTERACTIVE=1/INTERACTIVE=0/g' X11rdp-o-matic.sh

Once that's done, we can run the build script. This will build you a debian package for both x11rdp and xrdp - technically we don't need the xrdp one, Ubuntu does have that packaged, but if we let it build it anyway we get a much newer version. As of 14.04 the packaged version of xrdp is 0.6 - building from source takes you to 0.9.

I'm not going to post the output from this, because there's several megabytes of it. It takes about an hour to build on this (admittedly rather old) test box. This is a good time to go get a coffee or something.

  1. root@the-circle:~/X11RDP-o-Matic# ./X11rdp-o-matic.sh --noinstall --withjpeg --withsimplesound --withpulse --withkerberos --withpamuserpass --withfreerdp
  2. Will not install anything on the system but will build the packages
    ----------------------------------------------------------------------
    Using the following xrdp configuration : --prefix=/usr --sysconfdir=/etc --localstatedir=/var --enable-fuse --enable-jpeg --enable-simplesound --enable-loadpulsemodules --enable-kerberos --enable-pamuserpass --enable-freerdp1
    ----------------------------------------------------------------------
    Debian package version number will be : 0.9.0+master
    ----------------------------------------------------------------------
    *** Will remove the contents of /opt/X11rdp and /root/X11RDP-o-Matic/xrdp-0.9.0+master ***

    Waiting 5 seconds. Press CTRL+C to abort

    ...snip...

    ----------------------------------------------------------------------
    Will exit now, since we are not installing on this system...
    Packages have been placed under their respective directories in the
    packages directory.
    ----------------------------------------------------------------------

Right, that should have built you a pair of .deb packages in /root/X11RDP-o-Matic/packages/X11rdp and /root/X11RDP-o-Matic/packages/xrdp

If it hasn't... well then you're about to have a very bad time stepping through all the lines of that build script one by one until you've found your failure point.

Now, you could go right ahead and install those, but it wouldn't get you very far, because we're on a base server install and don't actually have an X server at this point. Obviously, if all you wanted was to build the debs you can ignore this bit, but it's nice to actually demonstrate these things working - so lets install a desktop environment so we can use those packages we went to tall that trouble to build.

Installing the desktop environment

The choice of desktop environment here is more than just a matter of personal preference. Most desktop environments require hardware acceleration these days for the fancy effects they have built in, and since we're going to be serving this up over an RDP connection which most definitely doesn't have hardware acceleration, Gnome, Unity and Cinnamon won't work. I've not tried it with KDE, but I doubt that would work either.

I'm going to use Mate, partially because I happen to like it, partially because it's a bit more fully featured than lxde or xfce so you get a more comfortable environment at the end, and partially because it's very popular these days.

Fortunately for us Mate has been packaged for Ubuntu 14.04, and we can install it via PPA - although to do that we're going to need a couple of packages. These allow you to use the apt-add-repository command. It's surprising how many places ask you to do that, but don't point out that it's not actually installed by default.

  1. root@the-circle:~# apt-get install -y python-software-properties software-properties-common
  2. Reading package lists... Done
    Building dependency tree
    Reading state information... Done
    The following extra packages will be installed:
      python-pycurl python3-software-properties
    Suggested packages:
      libcurl4-gnutls-dev python-pycurl-dbg
    The following NEW packages will be installed
      python-pycurl python-software-properties
    The following packages will be upgraded:
      python3-software-properties software-properties-common
    2 to upgrade, 2 to newly install, 0 to remove and 103 not to upgrade.
    Need to get 96.0 kB of archives.
    After this operation, 358 kB of additional disk space will be used.
    ...snip...
    

Now we've got those we can use apt-add-repository to add the ubuntu-mate PPAs.

  1. root@the-circle:~# apt-add-repository ppa:ubuntu-mate-dev/ppa
  2.  Package repository for Ubuntu MATE.
    
    Packages living here are either required to build the Ubuntu MATE .iso images or provide the meta packages.
     More info: https://launchpad.net/~ubuntu-mate-dev/+archive/ubuntu/ppa
    Press [ENTER] to continue or ctrl-c to cancel adding it
    
    gpg: keyring `/tmp/tmp28qdd25r/secring.gpg' created
    gpg: keyring `/tmp/tmp28qdd25r/pubring.gpg' created
    gpg: requesting key 162506E7 from hkp server keyserver.ubuntu.com
    gpg: /tmp/tmp28qdd25r/trustdb.gpg: trustdb created
    gpg: key 162506E7: public key "Launchpad PPA for Ubuntu MATE Remix Developers" imported
    gpg: Total number processed: 1
    gpg:               imported: 1  (RSA: 1)
    OK
    

And the one specifically for trusty

  1. root@the-circle:~# apt-add-repository ppa:ubuntu-mate-dev/trusty-mate
  2.  These MATE 1.8.1 packages for *only* Ubuntu Trusty, they have been side ported from Debian.
    
    In order to correctly install and configure MATE 1.8.1 on Ubuntu Trusty you will also need to add the following PPA:
    
      * ppa:ubuntu-mate-dev/ppa
    
    Open a terminal complete the following steps to enable the appropriate PPAs and install MATE 1.8.1 on Ubuntu Trusty.
    
        sudo apt-add-repository ppa:ubuntu-mate-dev/ppa
        sudo apt-add-repository ppa:ubuntu-mate-dev/trusty-mate
        sudo apt-get update
        sudo apt-get upgrade
        sudo apt-get install --no-install-recommends ubuntu-mate-core ubuntu-mate-desktop
     More info: https://launchpad.net/~ubuntu-mate-dev/+archive/ubuntu/trusty-mate
    Press [ENTER] to continue or ctrl-c to cancel adding it
    
    gpg: keyring `/tmp/tmpclcekh_e/secring.gpg' created
    gpg: keyring `/tmp/tmpclcekh_e/pubring.gpg' created
    gpg: requesting key 162506E7 from hkp server keyserver.ubuntu.com
    gpg: /tmp/tmpclcekh_e/trustdb.gpg: trustdb created
    gpg: key 162506E7: public key "Launchpad PPA for Ubuntu MATE Remix Developers" imported
    gpg: Total number processed: 1
    gpg:               imported: 1  (RSA: 1)
    OK
    

Once you have those, apt-get update to pull the package lists from the PPA's, and apt-get upgrade to install the latest versions of everything you already have before the desktop environment goes in. Again, I'm not going to bore you with the output of this.

  1. root@the-circle:~# apt-get update && apt-get upgrade -y

You can then install mate with apt. This has an enormously long output which I'm not going to waste your time by including here. It also takes quite a while, so probably time to go do something else for a bit. I'm going to see if there's anything good in the classic cars section of ebay. I'll be back in about half an hour.

  1. root@the-circle:~# apt-get install -y --no-install-recommends ubuntu-mate-core ubuntu-mate-desktop

Aaaaaand we're back. And I still don't own a 60s SS Chevelle. Oh well, can't have everything.

Fixing the missing sound module

Now that sound module. Do a quick dpkg -l to get the version of pulse audio you're running

  1. root@the-circle:~# dpkg -l | grep "pulseaudio\s"
  2. ii pulseaudio 1:4.0-0ubuntu11.1 amd64 PulseAudio sound server

You can see we're using 4.0 from the official ubuntu repos. This means we need a copy of the 4.0 source. You can get those here: https://freedesktop.org/software/pulseaudio/releases/ and then unpack it.

  1. root@the-circle:~# wget https://freedesktop.org/software/pulseaudio/releases/pulseaudio-4.0.tar.gz
  2. Resolving freedesktop.org (freedesktop.org)... 131.252.210.176
    Connecting to freedesktop.org (freedesktop.org)|131.252.210.176|:443... connected.
    HTTP request sent, awaiting response... 200 OK
    Length: 2411205 (2.3M) [application/x-gzip]
    Saving to: ‘pulseaudio-4.0.tar.gz’

    100%[===================================>] 2,411,205 1.68MB/s in 1.4s

    2016-02-22 17:44:00 (1.68 MB/s) - ‘pulseaudio-4.0.tar.gz’ saved [2411205/2411205]
  3. root@the-circle:~# tar -zxf pulseaudio-4.0.tar.gz

There's a few dependencies here, so we need to apt those in as well

  1. root@the-circle:~#apt-get install -y libjson0-dev libsndfile1-dev libspeex-dev libspeexdsp-dev
  2. Reading package lists... Done
    Building dependency tree
    Reading state information... Done
    The following extra packages will be installed:
      libflac-dev libjson-c-dev libogg-dev libvorbis-dev
    The following NEW packages will be installed
      libflac-dev libjson-c-dev libjson0-dev libogg-dev libsndfile1-dev
      libspeex-dev libspeexdsp-dev libvorbis-dev
    0 to upgrade, 8 to newly install, 0 to remove and 3 not to upgrade.
    Need to get 1,422 kB of archives.
    After this operation, 9,898 kB of additional disk space will be used.
    ...snip...
    

enter the pulse audio directory and run the configure script - you're not going to rebuild all of it, just the xrdp-sink module, but you need it configured or else the module build will fail. This will generate very dire looking warnings at the end, but since we're not about to rebuild the whole pulseaudio package, we can safely ignore them.

  1. root@the-circle:~# cd pulseaudio-4.0
  2. root@the-circle:~/pulseaudio-4.0# ./configure

Deep within the xrdp tree that the X11RDP-o-Matic script fetched for us earlier, is a directory containing what we need to build the pulse audio xrdp sink module. Unfortunately its Makefile contains a reference to a very old version of pulse audio in a location that it's almost certainly not installed. We need to change that so it can be built against the source for the version we're actually using which we just fetched. Obviously, if you are using a different version of pulse audio, you'll want to change this line to reflect the version you are using.

  1. root@the-circle:~/# cd ~/X11RDP-o-Matic/xrdp-0.9.0+master/sesman/chansrv/pulse/
  2. root@the-circle:~/X11RDP-o-Matic/xrdp-0.9.0+master/sesman/chansrv/pulse# sed -i 's/PULSE_DIR = \/home\/lk\/pulseaudio-1.1/PULSE_DIR = \/root\/pulseaudio-4.0/' Makefile

If you're not comfortable using sed like that, just pick a text editor - the important thing is that the PULSE_DIR variable be set to where your pulse audio source is.

Now that's done, you can make the module-xrdp-sink.so

  1. root@the-circle:~/X11RDP-o-Matic/xrdp-0.9.0+master/sesman/chansrv/pulse# make
  2. cc -Wall -O2 -I/root/pulseaudio-4.0 -I/root/pulseaudio-4.0/src -DHAVE_CONFIG_H -fPIC -c -o module-xrdp-sink.o module-xrdp-sink.c
    cc -shared -o module-xrdp-sink.so module-xrdp-sink.o
    cc -Wall -O2 -I/root/pulseaudio-4.0 -I/root/pulseaudio-4.0/src -DHAVE_CONFIG_H -fPIC -c -o module-xrdp-source.o module-xrdp-source.c
    cc -shared -o module-xrdp-source.so module-xrdp-source.o

Copy the newly built module into the pulse audio modules directory.

  1. root@the-circle:~/X11RDP-o-Matic/xrdp-0.9.0+master/sesman/chansrv/pulse# cp module-xrdp-sink.so /usr/lib/pulse-4.0/modules/

We're really close now. You can almost taste the "It's working" from here.

Install x11rdp and xrdp

Does exactly what it says on the tin.

  1. root@the-circle:~# dpkg -i ~/X11RDP-o-Matic/packages/x11rdp/x11rdp_0.9.0+master-1_amd64.deb
  2. Selecting previously unselected package x11rdp.
    (Reading database ... 175357 files and directories currently installed.)
    Preparing to unpack .../x11rdp_0.9.0+master-1_amd64.deb ...
    Unpacking x11rdp (0.9.0+master-1) ...
    Setting up x11rdp (0.9.0+master-1) ...
  1. root@the-circle:~# dpkg -i ~/X11RDP-o-Matic/packages/xrdp/xrdp_0.9.0+master_amd64.deb
  2. Selecting previously unselected package xrdp.
    (Reading database ... 188355 files and directories currently installed.)
    Preparing to unpack .../xrdp_0.9.0+master_amd64.deb ...
    Unpacking xrdp (0.9.0+master) ...
    Setting up xrdp (0.9.0+master) ...
     Adding system startup for /etc/init.d/xrdp ...
       /etc/rc0.d/K20xrdp -> ../init.d/xrdp
       /etc/rc1.d/K20xrdp -> ../init.d/xrdp
       /etc/rc6.d/K20xrdp -> ../init.d/xrdp
       /etc/rc2.d/S20xrdp -> ../init.d/xrdp
       /etc/rc3.d/S20xrdp -> ../init.d/xrdp
       /etc/rc4.d/S20xrdp -> ../init.d/xrdp
       /etc/rc5.d/S20xrdp -> ../init.d/xrdp
     * Generating xrdp RSA keys......
    Generating 512 bit rsa key...
    
    ssl_gen_key_xrdp1 ok
    
    saving to /etc/xrdp/rsakeys.ini
                                                                 [ OK ]
     * Starting Remote Desktop Protocol server                   [ OK ]
    Processing triggers for man-db (2.6.7.1-1ubuntu1) ...
    Processing triggers for install-info (5.2.0.dfsg.1-2) ...
    Processing triggers for ureadahead (0.100.0-16) ...
    

Somewhat astonishingly, you may now connect to your machine with an RDP client, and you even get sound!

Fixing the keyboard layout

Like so many things American, xrdp doesn't acknowledge the proper use of the English language. You know, the one from England. Spoken by the ENGLISH. If you live somewhere that knows how to spell "aluminium" you're going to need a copy of the km-0809.ini which defines the proper en_gb keyboard layout or else there's going to come a point where you're wondering why the hell you can't log into the machine until it finally clicks that your password has an @ symbol in it and that's in a different bloody place on a US keyboard.

Actually, if you live anywhere that's not covered by the default keymaps supplied with xrdp, this section is for you. I'm not going to supply all possible keymaps here, that would get silly, but here's how you fix it for the en_gb one. It's the same process for other layouts.

Make sure your keymap file exists in /etc/xrdp/ like so:

  1. root@the-circle:/etc/xrdp# ls -l
  2. total 204
    -rw-r--r-- 1 root root 10943 Feb 22 17:12 km-0407.ini
    -rw-r--r-- 1 root root 10674 Feb 22 17:12 km-0409.ini
    -rw-r--r-- 1 root root  8744 Feb 22 17:12 km-040c.ini
    -rw-r--r-- 1 root root 10863 Feb 22 17:12 km-0410.ini
    -rw-r--r-- 1 root root 14294 Feb 22 17:12 km-0411.ini
    -rw-r--r-- 1 root root 10914 Feb 22 17:12 km-0415.ini
    -rw-r--r-- 1 root root 11320 Feb 22 17:12 km-0419.ini
    -rw-r--r-- 1 root root 10879 Feb 22 17:12 km-041d.ini
    -rw-r--r-- 1 root root  8663 Feb 22 18:14 km-0809.ini <-- This one!
    -rw-r--r-- 1 root root 10876 Feb 22 17:12 km-0816.ini
    -rw-r--r-- 1 root root 14294 Feb 22 17:12 km-e0010411.ini
    -rw-r--r-- 1 root root 14294 Feb 22 17:12 km-e0200411.ini
    -rw-r--r-- 1 root root 14294 Feb 22 17:12 km-e0210411.ini
    drwxr-xr-x 2 root root  4096 Feb 22 18:01 pulse
    -rw------- 1 root root  1019 Feb 22 18:01 rsakeys.ini
    -rw-r--r-- 1 root root  2142 Feb 22 17:12 sesman.ini
    -rwxr-xr-x 1 root root  1812 Feb 22 17:12 startwm.sh
    -rw-r--r-- 1 root root  4296 Feb 22 17:12 xrdp.ini
    -rw-r--r-- 1 root root  3037 Feb 22 17:12 xrdp_keyboard.ini
    -rwxr-xr-x 1 root root  2536 Feb 22 17:12 xrdp.sh
    

I'll leave it to you to create it if it doesn't. There's a copy linked just up there. Then you need to tell the layout map it exists, and what it's for. Insert these two lines into the xrdp_keyboard.ini file.

  1. root@the-circle:/etc/xrdp# sed -i '/\[default_rdp_layouts\]/a rdp_layout_gb=0x00000809' xrdp_keyboard.ini
  2. root@the-circle:/etc/xrdp# sed -i '/\[default_layouts_map\]/a rdp_layout_gb=gb' xrdp_keyboard.ini

Now, if your RDP client sends the "I am using a gb keyboard" string when it connects, xrdp will actually honour that on the remote system. You'll still need to configure the correct keyboard layout inside Mate of course, but I'll leave that up to you.

Cleaning up the session management screen

The sesman screen is ugly. Not only is it ugly, but it actually defaults to offering a whole bunch of different sessions which won't work because they're not configured. You'll be wanting to remove those.

You can find them in the /etc/xrdp/xrdp.ini file. They're named blocks that look like this:

  1. [xrdp7]
    name=neutrinordp-any
    lib=libxrdpneutrinordp.so
    ip=ask
    port=ask3389
    username=ask
    password=ask
    

That one is for neutrinordp - which we didn't install. Remove it, and all the other ones that you don't want. If you want to allow the old vnc style connections you could leave that one in there, but since we went to all the trouble of building x11rdp I don't see why you would. I'm just going to remove them all except the first one, which is "sesman-X11rdp"

In this file you also find the configuration for the session manager window - I know, you'd expect that to be in sesman.ini, but it isn't. Just as a quick example of how you can pretty this up, find the line:

  1. ls_top_window_bg_color=009cb5

and change it to

  1. ls_top_window_bg_color=002147

Which is Oxford blue, just in case you were wondering. That will change the background colour of the session manager screen. The actual options available in this file don't seem entirely well documented, so I recommend just having a bit of a play with it. The one thing I have learned is that it's very picky about what file format your splash image is in, so should you change the "ls_background_image" file you need to be sure you're using a 256 colour bitmap image with a .bmp extension or it'll go a bit weird at display time.

And we're done. That's it. You can stop now.

Next time I'll go into how you can connect to all this in a browser window using Guacamole.

Tuesday, 9 February 2016

Initial commit...

Hey there. Welcome.

My name's JT and I'm a sysadmin.

A wise man once said that:

"Most people don't even know what sysadmins do, but trust me, if they all took a lunch break at the same time they wouldn't make it to the deli before you ran out of bullets protecting your canned goods from roving bands of mutants."1
...and the longer I do this job the more I think he was probably right, so if I seem angry - that's why.

It's not the only reason. There's a lot about this business that seems designed to drive perfectly normal people insane. The continued existence of vi, for example. Or emacs, for that matter... but that's for another time.

Right now this is me telling you what this blog is about; and what it's about is mostly going to be posting tutorials explaining how to do things that really shouldn't be hard but are because NO ONE BOTHERED TO BLOODY DOCUMENT THEM PROPERLY.

Consider it a public service.

With shouting.