From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.3a) Gecko/20021212 Description of problem: After applying several Red Hat 7.2 updates to a previously unpatched system, tripwire's interactive update mode was found to broken. In interactive update mode, tripwire needs to start an editor for user interaction. This no longer works for typical use cases due to X display permissions problems. Version-Release number of selected component (if applicable): tripwire-2.3.1-17 How reproducible: Always Steps to Reproduce: 1. Run X at the console as an ordinary user "fred" 2. Start an xterm 3. In that xterm, su to root. Now, presuming that /home/fred/.xauth/export contains a single line with an asterisk, any X program started in root's xterm will have permission to display on the local X server 4) Start tripwire in interactive update mode via "triwpire -m c -I" Actual Results: At the point in processing when the editor process is created, it fails with: Xlib: connection to ":0.0" refused by server Xlib: Client is not authorized to connect to Server emacs: Cannot connect to X server :0.0. Check the DISPLAY environment variable or use `-d'. Also use the `xhost' program to verify that it is set to permit connections from your machine. Interactive Update failed. ### Error: Editor could not be launched. ### /usr/bin/emacs ### Exiting... Expected Results: The editor should have started in a window. Additional info: I debugged this problem using the latest tripwire release available on SourceForge, and deterimed that it is due to the XAUTHORITY enviroment variable, which was introduced by one of the Red Hat updates--I don't know which one. Prior to applying the updates, shell environments didn't have XAUTHORITY defined; now they do. When tripwire creates a child process for the editor, it only copies certain portions of its environment into the child, however it does not copy XAUTHORITY. When the tripwire source was modified to copy XAUTHORITY into the child's process, the X display permission problem was resolved. I will attach my patch for the file textreportviewer.cpp
Created attachment 92398 [details] Patch for textreportviewer.cpp This patch implements small code changes affecting the handling of environment variables, and adds a small amount of diagnostic code.
Closing bug, since tripwire hasn't been shipped for so long, only in Legacy releases.