FS#43884 : [xorg-server] SI auth not working anymore

FS#43884 - [xorg-server] SI auth not working anymore

Attached to Project: Arch Linux
Opened by Stefan Keller (lokutos) - Thursday, 19 February 2015, 10:29 GMT
Last edited by Laurent Carlier (lordheavy) - Saturday, 21 February 2015, 13:32 GMT

Task Type	Bug Report
Category	Upstream Bugs
Status	Closed
Assigned To	Jan de Groot (JGC) Andreas Radke (AndyRTR) Laurent Carlier (lordheavy)
Architecture	All
Severity	Low
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	3 Väinö Helminen (vah) (2015-02-20) Stefan Keller (lokutos) (2015-02-20) Jason William Walton (jasonww) (2015-02-19)
Private	No

Details

Description:
With the recent upgrade to xorg-sever 1.17.1-1 server indication (SI) auth entries don't work anymore. The default xhost settings allow for the currently logged in user to access X:

access control enabled, only authorized clients can connect
SI:localuser:<myusername>
SI:localuser:gdm
SI:localuser:root

Switching to a vt text console or logging in over SSH (both using <myusername>) and setting the DISPLAY env var to ":0.0" (or similar) still doesn't allow for any X programs to run. This worked before and should work, as it is allowed.
Work-around is to allow localhost. But this opens X for any user on the localhost, not only the one just logged in.

Additional info:
* package version(s)
xorg-sever 1.17.1-1

* config and/or log files etc.
n/a

Steps to reproduce:
Log into any DE. Switch to vt and log in with same user. Set DISPLAY correctly. Try to run xhost (e.g.).

This task depends upon

Closed by Laurent Carlier (lordheavy)
Saturday, 21 February 2015, 13:32 GMT
Reason for closing: Fixed
Additional comments about closing: xorg-server-1.17.1-2

Comment by Stefan Keller (lokutos) - Thursday, 19 February 2015, 10:39 GMT

Actually allowing localhost doesn't work either. I was sure, I had it working with xhost +localhost. So currently only disabling access control completely works.

Comment by Stefan Keller (lokutos) - Thursday, 19 February 2015, 10:41 GMT

OK. I meant "xhost +local:". That still works as a work-around.

Comment by Jason William Walton (jasonww) - Thursday, 19 February 2015, 11:16 GMT

Can confirm this. Currently copy around the .Xauthority file by hand as a workaround.

Comment by Laurent Carlier (lordheavy) - Thursday, 19 February 2015, 13:06 GMT

Can you test these packages ? http://pkgbuild.com/~lcarlier/test/

Comment by Stefan Keller (lokutos) - Thursday, 19 February 2015, 20:44 GMT

Tested the packages (only installed server and common, as that's what I had) and seems to work.
Thanks!

Comment by Stefan Keller (lokutos) - Friday, 20 February 2015, 15:41 GMT

Please note, that I noticed that this bug causes enigmail in Thunderbird to not work (if gpg-agent isn't already running). enigmail seems to run gpg in an environment where DISPLAY is set but XAUTHORITY is not. The pinentry is thus not able to display the password dialog, causing encryption / decryption to fail.
Again, setting +local: works around this.

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#43884 - [xorg-server] SI auth not working anymore

Details

Loading...