What were you trying to do that didn't work?

Customer wants to use the VNC service is configured to use PAM authentication, as described in How to use PAM authentication with Virtual Network Computing (VNC) on Red Hat Enterprise Linux along with XDMCP and shared sessions and would like to force multiple VNC clients to log in as the same user.

Please provide the package NVR for which bug is seen:

tigervnc-server-1.13.1-2.el8_9.10

How reproducible:

Always

Steps to reproduce

1. Configure gdm to accept XDMCP queries, in /etc/gdm/custom.conf:

   [xdmcp]
   Enable=true 

1. Create the systemd unit file /etc/systemd/system/vnc-xdmc.service with the following contents:

   [Unit]
   Description=VNC XDMCP Daemon
   
   [Service]
   ExecStart=-/usr/bin/Xvnc -query localhost -once -Log *:stderr:100 rfbport=5900 securitytypes=TLSPlain PlainUsers=* pam_service=gdm-password AlwaysShared=1
   User=root
   StandardError=syslog
   
   [Install]
   WantedBy=multi-user.target
   

1. Start the service with:

   # systemctl daemon-reload
   # systemctl enable --now vnc-xdmcp.service

1. On a remote machine, connect to the VNC service twice:

   $ vncviewer -SecurityTypes TLSPlain <server-name>:0 &
   $ vncviewer -SecurityTypes TLSPlain <server-name>:0 &

This is a slightly modified version of the VNC+XDMCP method described in How do I configure XDMCP over TigerVNC for Red Hat Enterprise Linux 7 and later?.

Expected results

The second connection should be forced to authenticate as the same user of the first connection.

Actual results

The second connection can be authenticated as a different user, so the login made via GDM can be accessed by a different user.