Weird behavior in vncserver

I have a puzzling issue using vncserver - Rocky 9.3, using tigervnc-server
I run vncserver on a remote computer, set the password, and then run vncviewer on my local PC.
If I’m doing this as “root”, there’s no issues - everything works fine.
If I’m doing it as a regular user, I get a login prompt - “Authentication required to create a color profile”, and the account shown is the network security scanner account, which I don’t have the password for.
It looks as if the system is waiting on a password from an incompleted login from the last time the security scanner ran. I can’t cancel out of this scanner login prompt or get around it and just have to close the window.
Rebooting the PC doesn’t seem to drop or reset this incompleted login by the security scanner…

Can you clarify a bit more the commands that you actually run on both the client and the server. e.g. Computer A is running o/s XYZ and Computer B is running ABC, on Computer B I start tivervnc like this …

It might be related to ‘polkit’.

The OS’s are either Rocky 9.3 or CentOS 7.9 (the same result with either OS)
I log into the remote host, open a command prompt and type “vncserver”, create a password when prompted
Go back to my local client and type “vncviewer”, enter the info from above ( plus whatever the colon plus a number is)
tigervnc-server and tigervnc are the server and client respectively

It looks like maybe the security scanner has left a bunch of incomplete connections going looking for a password. But you’d think rebooting would get rid of any lingering connections, but there they are.

As root though, I don’t get those prompts; as a regular user I do

Your explanation of how you run tigervnc is clear now. You are running it as a command within a session. There’s another way of running it, using systemd and socket activation.

When you say “prompt”, do you mean the screen goes dark and you see a modal dialog in the middle of the screen asking for a password?

Ok, not sure what you mean by a modal dialog, but, yes the background goes dark and there’s a password prompt as described in the first post, and it’s referencing the user account the security scanner uses when it runs its scans.

Here’s something to try, I don’t know if it will work.
Assuming you use the same username on both client and server?
As root, on the server:

cd /etc/polkit-1/localauthority/50-local.d/
vi org.freedesktop.color.pkla

Add something like

[Allow colord for specific users]

It may (or may not) need a restart.
Try with your username first, then try the usename of the security scanner.
You can also try ‘journalctl’ to see if there are any ‘polkit’ messages.

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.