[WBEL-users] Re: Display problem

Henry Stilmack h.stilmack at jach.hawaii.edu
Wed May 18 14:08:12 CDT 2005


Pavel Krebs wrote:
> Henry Stilmack napsal(a):
> 
>> Simon Hodge asked:
>>
>>  
>>
>>> Hi,
>>>
>>> I've search the web without success for some time and so hoped someone
>>> here could help!  I've just downloaded and installed WBEL - version 4.0.
>>> I did a full install.
>>>
>>> I've logged in with a user, disabled access controls (xhost +) and then
>>> remotely logged into another machine.  On the remote machine I set the
>>> DISPLAY variable to the WBEL machine.  When I attempt to start a
>>> graphical application, such as nedit, I get the 'Can't open display'
>>> message.  For example:
>>>
>>> local> xhost +
>>> local> rlogin remote
>>>
>>> remote> DISPLAY=local:0
>>> remote> nedit
>>> Nedit: Can't open display
>>>
>>>
>>> I know this may not be a Whitebox problem, but I haven't had the problem
>>> on any other distro (yet!) so just wondered if any other Whitebox users
>>> experienced it or could offer some advice?
>>>
>>> Thanks very much!
>>> Simon
>>>
>>>   
>>
>>
>> If you are using gdm as a display manager (maybe kdm and xdm too,
>> although I haven't checked) you need to modify a line in
>> /etc/X11/gdm/gdm.conf which by default causes X not to listen on TCP
>> ports. A diff follows:
>>
>> *** factory-gdm.conf    Sat Mar 26 03:55:19 2005
>> --- gdm.conf    Fri Apr 22 09:45:43 2005
>> ***************
>> *** 188,194 ****
>>  # Note: Anytime we find a -query or -indirect on the command line we do
>>  # not add a "-nolisten tcp", as then the query just wouldn't work, so
>>  # this setting only affects truly local sessions.
>> ! #DisallowTCP=true
>>  # By default never place cookies if we "detect" NFS.  We detect NFS
>>  # by detecting "root-squashing".  It seems bad practice to place
>>  # cookies on things that go over the network by default and thus we
>> --- 188,194 ----
>>  # Note: Anytime we find a -query or -indirect on the command line we do
>>  # not add a "-nolisten tcp", as then the query just wouldn't work, so
>>  # this setting only affects truly local sessions.
>> ! DisallowTCP=false
>>  # By default never place cookies if we "detect" NFS.  We detect NFS
>>  # by detecting "root-squashing".  It seems bad practice to place
>>  # cookies on things that go over the network by default and thus we
>>
>> Then restart X.
>>
>>  
>>
> This patch allow remote login to your computer! Not remote start
> application on your X server. I think, best solution is connect to
> another computer by slogin -X another_computer. It would be run.
> 
> Pavel
> 
Actually, it allows the X server to receive packets on port 6000+$DISPLAY
(i.e., for $DISPLAY=:0, the server will listen on port 6000, for
$DISPLAY=1, on port 6001, etc.). While I agree that using SSH to tunnel a
connection is preferable from a security standpoint, there are situations
in which remote display of an application is desired and using SSH is
impossible (in our case, we have old VAX-VMS systems that need to display
back to Linux workstations - not only do the VAXen (VMS 5.4) not support
SSH, they don't even support MIT cookies).

Any remote application wanting to display via the port mechanism must
still pass any X server authentication checks.

-- 
Henry Stilmack, CISSP <h.stilmack at jach.Hawaii.Edu> Systems Administrator
UK/Canada/Netherlands Joint Astronomy Centre   Tel: +1 808-969-6530
660 N. A'ohoku Place, Hilo, HI 96720           Fax: +1 808-961-6516
PGP key: ID = 05AE83F1   Signature = 53FDAAA963766CCB  47B067F154DC0B92


More information about the Whitebox-users mailing list