Главная » Ошибки » How to fix the “Cannot autolaunch D-Bus without X11 $DISPLAY” error – Anto

How to fix the “Cannot autolaunch D-Bus without X11 $DISPLAY” error – Anto

What do these commands do?

aws ecr get-login-password – The “get-login-password” command fetches and displays a password that you can use to authenticate against an AWS ECR registry.

Note: you must have IAM permissions to use AWS ECR.

You can then provide the password to the Docker CLI login. The password will be valid for 12 hours.

Note: get-login-password is only supported by AWS CLI version 2 or in v1.17.10 or later.

Below is an example of the output:

root@ip-172-26-8-7:~# aws ecr get-login-password –region ap-southeast-2
eyJwYXlsb2FkIjoiNFlRQk1DTGNqNkhaNDF2YWVXTnZ4SndUd0NMS0VvQmE0QVNQQWUyQTVoUWJ
UUnRLK04zRjVHTnFuM1RDd3lleU5zMkZtcVBuMVlWdG1lQTNpa2hYL3IvbCtnci9ZQ0ovekZZYy
t3elhwTmd3N2VrVk5pNHZF

docker login – The “docker login” command enables you to log in to the Docker registry and accepts the following options: –password, –password-stdin, and –username. You use the “username” option to specify the username.

The “password” option allows you to specify a password string. Note, however, that using the “password” option is insecure because the password will be stored in the shell history or log files. The “password-stdin” option provides the password via STDIN and is thus more secure than the “password” option.

Here is an example of the warning you will get if you use the insecure–password option:

WARNING! Using –password via the CLI is insecure. Use –password-stdin.
Error saving credentials: error storing credentials – err: exit status 1, out: Cannot autolaunch D-Bus without X11 $DISPLAY

How are these commands used together?

The “aws ecr get-login-password” command retrieves a password from AWS and then pipes the output via STDIN to “docker login”.

The expected result is that Docker should say:

Login Succeeded.

And Docker should not say:

Error saving credentials: error storing credentials – err: exit status 1, out: Cannot autolaunch D-Bus without X11 $DISPLAY

What is the cause of the “Cannot autolaunch D-Bus without X11 $DISPLAY” error?

Docker supports a wide variety of credential helpers. These include the: D-Bus Secret Service, Apple macOS keychain, Microsoft Windows Credential Manager, and pass.

As per Docker:

By default, Docker looks for the native binary on each of the platforms; i.e., “osxkeychain” on macOS, “wincred” on windows, and “pass” on Linux. A special case is that on Linux, Docker will fall back to the “secretservice” binary if it cannot find the “pass” binary.

What is the solution

The simplest solution to fix the “Cannot autolaunch D-Bus without X11 $DISPLAY” error is to install pass—the standard UNIX password manager. You do not need to remove docker-compose! However, the pass depends on gpg, so you will need to install two applications.

You can install pass and gpg using the following command:

Ubuntu / Debian

sudo apt-get install pass gnupg2

# create a gpg2 key
gpg2 –gen-key

# create the password store using the gpg user id
pass init $gpg_id

Fedora / RHEL

sudo yum install pass gnupg2

# create a gpg2 key
gpg2 –gen-key

# create the password store using the gpg user id
pass init $gpg_id

Alternatively, suppose you still get the “Cannot autolaunch D-Bus without X11 $DISPLAY”. In that case, you can try to install the Amazon ECR Docker Credential Helper, which is a helper for the Docker daemon that makes it easier to use Amazon ECR. Click here to read more about it.

Use the “password” option instead of “password-stdin” as a last resort. Avoid this if possible!

Server Authentication Policy Does Not Allow Saved Credentials

In some cases, you may see the following error message when try to use the saved RDP credentials:

Windows Security

Your credentials did not work

The server’s authentication policy does not allow connection requests using saved credentials. Please enter new credentials.

system administrator does not allow the use of saved credentials

This error message indicates the remote server does not allow the use of saved RD credentials to connect. To fix this error, you need to make changes to the settings of the remote computer/RDS host:

  1. On the remote computer, run the local GPO editor – gpedit.msc;
  2. Go to the GPO section Computer Configuration > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Security;
  3. Locate and change the policy value ‘Always prompt for password upon connection‘ to Disabled;
    rdp allow saved credentials
  4. Reboot your server.

If this policy is enabled, Remote Desktop Services must always prompt a client for passwords upon RDP connection.

You can also change this parameter on the RDS server with one command in the elevated cmd:

REG add “HKLMSOFTWAREPoliciesMicrosoftWindows NTTerminal Services” /v fPromptForPassword /t REG_DWORD /d 0 /f

Configure Group Policy to Allow the Use of Saved Remote Desktop Credentials

Run the Local Group Policy Editor on a computer from which you are establishing the Remote Desktop connection. Press Win + R, type the following command and then click OK.

gpedit.msc

Additionally, you may need to enter an Administrator password or confirm the elevation (depending on the UAC policy settings).

the server's authentication policy does not allow connection requests using saved credentials

In the Local Group Policy Editor console go to the section Local Computer Policy > Computer Configuration > Administrative Templates > System > Credentials Delegation. Find the policy named “Allow delegating saved credentials with NTLM-only server authentication”.

the server's authentication policy does not allow saved credentials

Open the policy item and enable it, then click the Show button.

In the new window, you need to add the list of servers/computers that are explicitly allowed to use the saved credentials when connecting over RDP.

The list of allowed systems must be specified in one of the following formats:

  • TERMSRV/remote_pc — allow saving login credentials for a specific computer;
  • TERMSRV/*.theitbros.com — allow using the saved credentials for all computers in the domain theitbros.com;
  • TERMSRV/* — allow using of saved RDP credentials for all computers, without exception.

Note. Use TERMSRV in uppercase, as in the example. If you specify a specific computer, remote_pc value must exactly match the name entered in the “Computer” field of the RDP client.

your system administrator does not allow the use of saved credentials to log on the remote computer

Find and enable the policy “Allow delegating saved credentials” in the same Credentials Delegation GPO section. Add the same TERMSRV/ values to the policy setting as mentioned above.

server authentication policy does not allow saved credentials

Press OK to save changes and then close the Group Policy Editor. Open Command prompt and update the Group Policy settings by running:

gpupdate /force

the servers authentication policy does not allow connection requests using saved credentials

Now you should connect to the Remote Desktop with saved credentials without providing a password over and over again.

allow saved credentials remote desktop

So, we allowed saving the login credentials only on one particular computer using Local Group Policy.

In order to allow saved RDP credentials usage for multiple domain computers, it will be better to create a separate domain GPO. You can use the Group Policy Management Console (GPMC.msc) to create and link the new GPO with the settings above to the computers’ OU.

Источники

  • https://anto.online/guides/cannot-autolaunch-d-bus-without-x11-display/
  • https://theitbros.com/enable-saved-credentials-usage-rdp/
[свернуть]
Решите Вашу проблему!


×
Adblock
detector