Arch Linux

Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines

Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!
Tasklist

FS#43884 - [xorg-server] SI auth not working anymore

Attached to Project: Arch Linux
Opened by Stefan Keller (lokutos) - Thursday, 19 February 2015, 10:29 GMT
Last edited by Laurent Carlier (lordheavy) - Saturday, 21 February 2015, 13:32 GMT
Task Type Bug Report
Category Upstream Bugs
Status Closed
Assigned To Jan de Groot (JGC)
Andreas Radke (AndyRTR)
Laurent Carlier (lordheavy)
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 3
Private No

Details

Description:
With the recent upgrade to xorg-sever 1.17.1-1 server indication (SI) auth entries don't work anymore. The default xhost settings allow for the currently logged in user to access X:

access control enabled, only authorized clients can connect
SI:localuser:<myusername>
SI:localuser:gdm
SI:localuser:root

Switching to a vt text console or logging in over SSH (both using <myusername>) and setting the DISPLAY env var to ":0.0" (or similar) still doesn't allow for any X programs to run. This worked before and should work, as it is allowed.
Work-around is to allow localhost. But this opens X for any user on the localhost, not only the one just logged in.

Additional info:
* package version(s)
xorg-sever 1.17.1-1

* config and/or log files etc.
n/a

Steps to reproduce:
Log into any DE. Switch to vt and log in with same user. Set DISPLAY correctly. Try to run xhost (e.g.).
This task depends upon

Closed by  Laurent Carlier (lordheavy)
Saturday, 21 February 2015, 13:32 GMT
Reason for closing:  Fixed
Additional comments about closing:  xorg-server-1.17.1-2
Comment by Stefan Keller (lokutos) - Thursday, 19 February 2015, 10:39 GMT
Actually allowing localhost doesn't work either. I was sure, I had it working with xhost +localhost. So currently only disabling access control completely works.
Comment by Stefan Keller (lokutos) - Thursday, 19 February 2015, 10:41 GMT
OK. I meant "xhost +local:". That still works as a work-around.
Comment by Jason William Walton (jasonww) - Thursday, 19 February 2015, 11:16 GMT
Can confirm this. Currently copy around the .Xauthority file by hand as a workaround.
Comment by Laurent Carlier (lordheavy) - Thursday, 19 February 2015, 13:06 GMT
Can you test these packages ? http://pkgbuild.com/~lcarlier/test/
Comment by Stefan Keller (lokutos) - Thursday, 19 February 2015, 20:44 GMT
Tested the packages (only installed server and common, as that's what I had) and seems to work.
Thanks!
Comment by Stefan Keller (lokutos) - Friday, 20 February 2015, 15:41 GMT
Please note, that I noticed that this bug causes enigmail in Thunderbird to not work (if gpg-agent isn't already running). enigmail seems to run gpg in an environment where DISPLAY is set but XAUTHORITY is not. The pinentry is thus not able to display the password dialog, causing encryption / decryption to fail.
Again, setting +local: works around this.

Loading...