GNOME Bugzilla – Bug 598142
Remote XDMCP connections fail if gdm or root user does not exist
Last modified: 2009-10-13 23:29:44 UTC
Created attachment 145269 [details] Wireshark network snoop of attempted connection Attempting to connect from a recent cygwin-xfree X server to GDM 2.28 using: XWin -query host can fail because GDM attempts to add 'server interpreted' host entries for the GDM user and root. If these users do not exist on the remote system, the connection fails. The enties are the equivalent of executing these xhost commands: $ xhost +si:localuser:root $ xhost +si:localuser:gdm It does not make sense for GDM to add 'user' entries to connections from remote systems. Not all Unix systems will have the gdm user and cygwin systems have neither user. I've attached a Wireshark network snoop of an attempted connection. It shows the two X_ChangeHosts requests being rejected. The GDM code is in gdm_slave_connect_to_x11_display() in gdm-slave.c: XHostAddress host_entries[2] = { { FamilyServerInterpreted }, { FamilyServerInterpreted } }; XServerInterpretedAddress si_entries[2]; g_debug ("GdmSlave: Connected to display %s", slave->priv->display_name); ret = TRUE; /* Give programs run by the slave and greeter access to the display * independent of current hostname */ si_entries[0].type = "localuser"; si_entries[0].typelength = strlen ("localuser"); si_entries[1].type = "localuser"; si_entries[1].typelength = strlen ("localuser"); si_entries[0].value = "root"; si_entries[0].valuelength = strlen ("root"); si_entries[1].value = GDM_USERNAME; si_entries[1].valuelength = strlen (GDM_USERNAME); host_entries[0].address = (char *) &si_entries[0]; host_entries[0].length = sizeof (XServerInterpretedAddress); host_entries[1].address = (char *) &si_entries[1]; host_entries[1].length = sizeof (XServerInterpretedAddress); XAddHosts (slave->priv->server_display, host_entries, G_N_ELEMENTS (host_entries));
Right, this makes no sense at all for the remote case. Thanks for investigating this. I've commited a potential fix for this: commit 253a8b76d623f7fbbca576f046175627ccf09358 Author: Ray Strode <rstrode@redhat.com> Date: Tue Oct 13 19:22:47 2009 -0400 Don't add localuser auth entries for XDMCP We add peer credential verified access to the X server for local X servers. This makes no sense for remote connections and will result in BadAccess, which we weren't trapping. This commit avoids calling XAddHosts for remote connections. This should address bug 598142 which was investigated and filed by Richard Evans <richard.evans@datanomic.com> http://git.gnome.org/cgit/gdm/commit/?id=253a8b76d623f7fbbca576f046175627ccf09358