From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.3a) Gecko/20021212
Description of problem:
After applying several Red Hat 7.2 updates to a previously unpatched system,
tripwire's interactive update mode was found to broken. In interactive update
mode, tripwire needs to start an editor for user interaction. This no longer
works for typical use cases due to X display permissions problems.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Run X at the console as an ordinary user "fred"
2. Start an xterm
3. In that xterm, su to root.
Now, presuming that /home/fred/.xauth/export contains a single line with an
asterisk, any X program started in root's xterm will have permission to display
on the local X server
4) Start tripwire in interactive update mode via "triwpire -m c -I"
Actual Results: At the point in processing when the editor process is created,
it fails with:
Xlib: connection to ":0.0" refused by server
Xlib: Client is not authorized to connect to Server
emacs: Cannot connect to X server :0.0.
Check the DISPLAY environment variable or use `-d'.
Also use the `xhost' program to verify that it is set to permit
connections from your machine.
Interactive Update failed.
### Error: Editor could not be launched.
Expected Results: The editor should have started in a window.
I debugged this problem using the latest tripwire release available on
SourceForge, and deterimed that it is due to the XAUTHORITY enviroment variable,
which was introduced by one of the Red Hat updates--I don't know which one.
Prior to applying the updates, shell environments didn't have XAUTHORITY
defined; now they do.
When tripwire creates a child process for the editor, it only copies certain
portions of its environment into the child, however it does not copy XAUTHORITY.
When the tripwire source was modified to copy XAUTHORITY into the child's
process, the X display permission problem was resolved.
I will attach my patch for the file textreportviewer.cpp
Created attachment 92398 [details]
Patch for textreportviewer.cpp
This patch implements small code changes affecting the handling of environment
variables, and adds a small amount of diagnostic code.
Closing bug, since tripwire hasn't been shipped for so long, only in Legacy