Bug 426517

Summary: xhost -SI:localuser:tempuser fails to remove user from access list
Product: [Fedora] Fedora Reporter: Dave Allan <redhat>
Component: xorg-x11-server-utilsAssignee: Adam Jackson <ajax>
Status: CLOSED CURRENTRELEASE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: low    
Version: 8CC: xgl-maint
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Fixed In Version: f8Current Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-02-22 06:15:26 EST Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Description Dave Allan 2007-12-21 13:44:36 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv: Gecko/20071213 Fedora/ Firefox/

Description of problem:
I added a temporary user to the xhost access list with:

xhost +SI:localuser:tempuser

which worked properly and the tempuser was able to make connections to the X server.  I then tried to remove the user from the access list which failed:

[user@host ~]$ xhost -SI:localuser:tempuser
localuser:tempuser being removed from access control list
X Error of failed request:  BadValue (integer parameter out of range for operation)
  Major opcode of failed request:  109 (X_ChangeHosts)
  Value in failed request:  0x12
  Serial number of failed request:  7
  Current serial number in output stream:  9
[user@host ~]$

and the tempuser is still able to access the X server.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. start X & login as some user
2. execute:
xhost +SI:localuser:tempuser <-- where tempuser is an existing (non-root) account.  I did not test to see if superuser status affects the behavior; I assumee not.
3. verify that tempuser can connect to the X server
4. execute:
xhost -SI:localuser:tempuser
5. Look for the error message and confirm that tempuser can still connect to the X server.

Actual Results:
see Description.

Expected Results:
see Description.

Additional info:
Comment 1 Adam Jackson 2008-02-21 13:00:50 EST
That's bizarre, it certainly works here:

atropine:~% xhost +si:localuser:root
localuser:root being added to access control list
atropine:~% xhost -si:localuser:root
localuser:root being removed from access control list

What does 'xhost' on its own report?  I imagine you're getting a hostname in the
access list that ends up not being valid when you want to modify the list.
Comment 2 Dave Allan 2008-02-21 13:11:18 EST
That is pretty strange.  Today is the one day a week I'm away from that machine,
so I'll try it again tonight or tomorrow.  I wasn't trying to add a superuser,
though.  What happens if you create a temp user and add them to the list?
Comment 3 Dave Allan 2008-02-21 21:31:16 EST
Huh...strange.  Now it's working.  I guess it can be resolved as NR.
Comment 4 Matěj Cepl 2008-02-22 06:15:26 EST
Thanks for letting us know.