Bug 61088 - X listening on port 6000 cannot be disabled
Summary: X listening on port 6000 cannot be disabled
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: gdm
Version: 7.2
Hardware: i386
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Ray Strode [halfline]
QA Contact: Aaron Brown
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2002-03-13 13:43 UTC by Scott Sharkey
Modified: 2007-04-18 16:40 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2004-11-01 21:33:19 UTC
Embargoed:


Attachments (Terms of Use)

Description Scott Sharkey 2002-03-13 13:43:40 UTC
Description of Problem:

RH 7.2 with all errata applied. X is listening on port 6000 by default.  I
cannot stop X listening.  I have edited both /etc/X11/xdm/Xservers and 
/etc/X11/gdm/gdm.conf (GDM is running) and added the -nolisten tcp option
to the command line for X, but it does not stop X listening on 6000.

Version-Release number of selected component (if applicable):

7.2

How Reproducible:

Always

Steps to Reproduce:
1. edit /etc/X11/xdm/Xservers and /etc/X11/gdm/gdm.conf
2. Add -nolisten tcp to the :0 and 0= lines respectively
3. reboot and use netstat -ant to check for port 6000
4. I have also tried --nolisten tcp without effect

Actual Results:

X is still listening on port 6000

Expected Results:

X should not be listening on port 6000

Additional Information:

I notice with ps ax that the command line that starts X is
actually /etc/X11/X :0 -auth /var/gdm/:0.Xauth 
while gdm.conf shows 0=/usr/bin/X11/X -nolisten tcp
and Xservers shows :0 local /usr/X11R6/bin/X -nolisten tcp

so - where is X actually being started?

Comment 1 Havoc Pennington 2002-03-13 18:01:51 UTC
If I edit gdm.conf to have "-nolisten tcp" then I can see the "-nolisten tcp" in
the ps output, and I do not see a port 6000 in netstat. I'm using a beta version
of the next release but the gdm package is essentially unchanged from 7.2.

In any case changing severity->normal, because it isn't an exploitable security
hole, just a possible complication in locking down a configuration more than the
default.

A workaround is to firewall port 6000, of course.

Is your install modified in some way? Maybe the gdm.conf file is not being
parsed successfully? Can you try making the change via "gdmconfig" and see if it
helps?

(Note you don't have to reboot to try changes, just "telinit 3" to shut down X
then "telinit 5" to go back to X.)

Comment 2 Ray Strode [halfline] 2004-11-01 21:33:19 UTC
Hi,

I'm closing this bug because it's rather old and is probably not an
issue anymore.  If you can still reproduce this problem, feel free to
reopen.


Note You need to log in before you can comment on or make changes to this bug.