Bug 2598 - xauth doesn't work (and I can't use xhost)
Summary: xauth doesn't work (and I can't use xhost)
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: XFree86
Version: 6.0
Hardware: i386
OS: Linux
Target Milestone: ---
Assignee: Michael Fulbright
QA Contact:
Depends On:
TreeView+ depends on / blocked
Reported: 1999-05-06 13:37 UTC by david.airlie
Modified: 2008-05-01 15:37 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 1999-08-23 17:47:00 UTC

Attachments (Terms of Use)

Description david.airlie 1999-05-06 13:37:52 UTC
gdm as my login manager, I login as user, and I used to call
the following after login to copy my Xauth key to my Sun
workstations so I that could run things from them,

xauth extract - rowan:0.0 | ssh oak xauth merge -

rowan is my machine, oak is my Sun server,
This no longer works and neither does passing :0.0 or
rowan.ece.ul.ie:0.0 (my FQDN)...

I don't like using xhost as this causes security problems I
would rather not deal with ...

Comment 1 Bill Nottingham 1999-05-06 14:54:59 UTC
try xauth extract - :0

Comment 2 david.airlie 1999-05-06 15:04:59 UTC
I think its a bit more difficult than that ...

rowan (airlied)% xauth extract - :0 | ssh oak xauth merge -
rowan (airlied)% xon oak -debug
Xlib: connection to "rowan.ece.ul.ie:0.0" refused by server
Xlib: Client is not authorized to connect to Server
xterm Xt error: Can't open display: rowan.ece.ul.ie:0

Comment 3 Preston Brown 1999-06-14 20:35:59 UTC
Are there xauth problems with gdm that you know about, Dr. Mike?

Comment 4 Michael Fulbright 1999-07-06 15:59:59 UTC
I don't know of any issues with xauth. The only problem I've
seen isn't really a gdm bug. If you change your hostname while
in X (and have an xauth key already), then you cannot create
new clients because the hostname doesn't match the xauth record

Comment 5 david.airlie 1999-07-07 14:26:59 UTC
Okay that comment about gdm sparked another thought .. I've switched
to xdm and it works fine, but gdm doesn't ...

If I rm my .Xauthority and log in with xdm I get three keys
rowancoax:0  MIT-MAGIC-COOKIE-1  xxxxxxxxxxxxxxxxxxxxxxxx
rowan.ece.ul.ie:0  MIT-MAGIC-COOKIE-1  xxxxxxxxxxxxxxxxxxxxxxx
rowan/unix:0  MIT-MAGIC-COOKIE-1  xxxxxxxxxxxxxxxxxxxxxxxx

where my machine has 2 netcards, rowancoax and rowan.ece.ul.ie,

with gdm I only get the last one the rowan/unix:0 key ...

So does this help any?

Comment 6 Preston Brown 1999-07-15 19:07:59 UTC
Dr. Mike -- perhaps gdm should also insert the FQDN(s) when you are
logging in?

Comment 7 j.pelan 1999-07-19 01:15:59 UTC
I too see this problem. I can say that it isn't a problem re:FQDN as
my .Xauthority *is* fully qualified. I have checked the obvious, i.e.
cookies in .Xauthority vs. /var/gdm/:0.xauth appear the same.

I cranked up X server to -auth 4 but it doesn't spill much - I'd like
to see what it gets as a cookie.

Comment 8 j.pelan 1999-07-19 01:17:59 UTC
That should be "-audit 4" of course (It's 2am!).

Comment 9 j.pelan 1999-07-20 16:28:59 UTC
Doh ! It's obvious when one starts with an empty .Xauthority file.
It only contains a *single* entry for the host, i.e. one for the unix
sockets but not the TCP connections. Add the entrywith xauth and it
works !

A quick look at gdm bugtrack.... and lo ... Gnome ticket report logs -
#1396 gdm does not create TCP xauth cookie

Comment 10 Preston Brown 1999-08-23 17:47:59 UTC
will be fixed in the next release.

Comment 11 Anonymous 1999-08-25 15:45:59 UTC
I have just (25 Aug 1999) received e-mail from Martin K. Petersen
<mkp> himself who says;

"gdm is broken by design and no longer maintained. It is only
supported to the extent that some distributors are willing to patch

I will ask the bugs.gnome.org maintainer to remove gdm from the
system as it confuses people that it is still there.

Please try the gdm2 module from CVS. Beta2 is due out this week."

Perhaps RedHat should ditch "gdm" and move with "gdm2". It would
certainly avoid significant amounts of patching.

Note You need to log in before you can comment on or make changes to this bug.