The awful Hell of getting xrdp working on Linux.

So, installing xrdp and getting it working with GNOME/KDE is less than fun. Here’s some crib notes:

Step 1:

sudo apt install xrdp

In order to get most things working (like not prompting you for color pallet crap, adding/editing printers as an admin, and other normal day to day linux desktop tasks) you have to tell polkit not to interfere with you.

Step 2: Add the below polkit policies to allow you to bypass some of the authentications and unlock the gnome-settings panels:

File: /etc/polkit-1/localauthority/50-local.d/xrdp-colord.pkla

[Allow Colord all Users]
Identity=unix-user:*
Action=org.freedesktop.color-manager.create-device;org.freedesktop.color-manager.create-profile;org.freedesktop.color-manager.delete-device;org.freedesktop.color-manager.delete-profile;org.freedesktop.color-manager.modify-device;org.freedesktop.color-manager.modify-profile
ResultAny=no
ResultInactive=no
ResultActive=yes


File: /etc/polkit-1/localauthority/50-local.d/xrdp-printing.pkla:

[Modify printers remotely]
Identity=unix-group:sudo
Action=org.opensuse.cupspkhelper.mechanism.*
ResultAny=auth_admin_keep
ResultInactive=auth_admin_keep
ResultActive=auth_admin_keep


File: /etc/polkit-1/localauthority/50-local.d/xrdp-packagekit.pkla
:

[Package Manager]
Identity=unix-group:sudo 
Action=org.freedesktop.packagekit.system-sources-refresh
ResultAny=yes
ResultInactive=auth_admin
ResultActive=yes


File: /etc/polkit-1/localauthority/50-local.d/xrdp-NetworkManager.pkla:

[Network Manager]
Identity=unix-group:sudo
Action=org.freedesktop.NetworkManager.network-control
ResultAny=yes
ResultInactive=yes
ResultActive=yes

Step 3: Get Audio working (Ripped shamelessly from this guy c-nergy here). Be sure to note the (!) at the top that tells you to go get the most modern version of the script. I e-mailed the folks there about the last three polkit entries to see if they wanted to add them or not. We’ll see, I guess.

Good luck, and good night.