Bug 146371

Summary: up2date gives X11 error for non-local users connecting remotely, even when --nox flag is used
Product: Red Hat Enterprise Linux 3 Reporter: Chris Snook <csnook>
Component: up2dateAssignee: Bret McMillan <bretm>
Status: CLOSED DUPLICATE QA Contact: Red Hat Satellite QA List <satqe-list>
Severity: medium Docs Contact:
Priority: medium    
Version: 3.0   
Target Milestone: ---   
Target Release: ---   
Hardware: i686   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-09-25 19:32:09 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 191074, 191079    

Description Chris Snook 2005-01-27 16:47:06 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4.3)
Gecko/20050104 Red Hat/1.4.3-3.0.7

Description of problem:
When a non-local user (NIS, Kerberos Realm, etc.) logs into the
machine remotely and attempts to run 'up2date' or 'up2date --nox' they
get the following error:

X11 connection rejected because of wrong authentication.

This was previously report in bug #116581.  The user in that case was
using ksu to obtain root privileges.  I have experienced it also using
sudo and sudo -s.  I do not experience the problem when I have
explicitly disabled X11 forwarding.

Version-Release number of selected component (if applicable):
up2date-4.2.57-2

How reproducible:
Always

Steps to Reproduce:
1. ssh -X nonlocaluser
2. sudo up2date --nox -l


Actual Results:  $ sudo -s
# up2date --nox -l
X11 connection rejected because of wrong authentication.
#


Expected Results:  up2date should have run normally and shown the
packages available for update

Additional info:

When I ssh into a local user account, with or without X11 forwarding
enabled, and run 'sudo up2date --nox -l' it functions as expected. 
Both the local and non-local accounts tested have complete
root-equivalent sudo permissions.
Comment 1 Justin Sherrill 2005-07-11 19:36:21 UTC 
From a customer:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

the same bug occurs for any redhat-config-* tool.  eg:

[pjs11@saworld kickstarts]$ sudo redhat-config-nfs
X11 connection rejected because of wrong authentication.
The application 'redhat-config-nfs.py' lost its connection to the
display localhost:10.0;
most likely the X server was shut down or you killed/destroyed
the application.

note that "sudo xterm", displays an xterm as expected

- -- Pat


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (Darwin)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFC0sm2NObCqA8uBswRAhXJAJ4+434PPSDsC7Bm/+wu/7+kmq1XXgCeIbDK
nzpBwoUcQjZDkaJvNvLIn4E=
=YWhs
-----END PGP SIGNATURE-----
Comment 4 Fanny Augustin 2006-04-11 00:45:03 UTC 
Blocking rhnupr4u4 and rhnupr3u8 to track the progress of the release
Comment 5 Fanny Augustin 2006-04-13 19:59:01 UTC 
Moving bugs to the CanFix List
Comment 6 Fanny Augustin 2006-05-08 19:41:32 UTC 
This bug did not make the code freeze and it will not be fiixed during this
release cycle.  Re-aligning bug to the next release
Comment 7 Fanny Augustin 2006-05-08 20:12:06 UTC 
This bug did not make the code freeze.  It will not be fixed in this releasee 
Reea ligning to the next one.
Comment 8 Pradeep Kilambi 2006-09-25 19:32:09 UTC 

*** This bug has been marked as a duplicate of 116581 ***