Description of problem: The parameter "allow_xserver_to_listen" is managed for now with gdm and kdm. Managing with sddm is needed. ''' Allow X server to accept connections from network on tcp port 6000.''' If someone knows how to parameter it, he is welcome to write that here. ;)
This can be set in sddm.conf The default is -nolisten tcp An example setting to allow tcp would be [XDisplay] ServerArguments=-listen tcp
CC: (none) => cae
[XDisplay] is no longer supported (at least in cauldron sddm), so [X11] should be used instead.
CC: (none) => ghibomgx
commit bca8d16114f6c20744962b38879f5e8ba81816fa Author: Papoteur <papoteur@...> Date: Sun Oct 23 11:48:23 2016 +0200 manage allow_xserver_to_listen also for sddm.conf (mga#19612) --- Commit Link: http://gitweb.mageia.org/software/msec/commit/?id=bca8d16114f6c20744962b38879f5e8ba81816fa
is there the dual option to go back to the secure "-nolisten tcp" in the case?
Hello Guiseppe, I don't understand what you mean with "dual option". If the user set the option allow_xserver_to_listen to "no", then msec delete "-listen tcp" on the line ServerArguments. As the documentation says that by default, it's the "-nolisten tcp" behavior, I presume that it's enough. Answer this to your question? Papoteur
Ok, sorry I thought it was doing exactly the opposite, i.e. adding "-listen tcp" to the ServerArguments when the "allow_xserver_to_listen" is set to "yes".
Hmm, It adds "-listen tcp" to the ServerArguments when the "allow_xserver_to_listen" is set to "yes", but I think that it's what is needed, isn't it ? Don't mix with "-nolisten tcp".
Thus I think we can close this report as Done.
(In reply to papoteur from comment #8) > Thus I think we can close this report as Done. FWIW, it's still marked as new - forgot to close it ?
CC: (none) => doktor5000
Yes, we can.
Resolution: (none) => FIXEDStatus: NEW => RESOLVED
The option as dealt by msec has no effect. It seems that the section [X11] is not added before the ServerArguments line.
Resolution: FIXED => (none)Status: RESOLVED => REOPENED
commit 9242e2516b6bbe83010f80eea8ccc2158f7f8b1c Author: Papoteur <papoteur@...> Date: Thu Mar 8 14:18:31 2018 +0100 Manage allow_Xserver_to_listen for SDDM, to be included in X11 section (mga#19612) Manage allow_user_list for SDDM to be included in Users section --- Commit Link: http://gitweb.mageia.org/software/msec/commit/?id=9242e2516b6bbe83010f80eea8ccc2158f7f8b1c
Whenever this is resolved, it should be fixed for Mageia 6 as well.
Whiteboard: (none) => MGA6TOOSeverity: enhancement => normal
Version 2.6 is pushed on gitweb. It need to be packaged.
(In reply to papoteur from comment #14) > Version 2.6 is pushed on gitweb. It need to be packaged. Done for Cauldron and mga6 too!
CC: (none) => geiger.david68210
Mageia 6 update: msec-2.6-1.mga6.i586.rpm msec-gui-2.6-1.mga6.i586.rpm msec-2.6-1.mga6.x86_64.rpm msec-gui-2.6-1.mga6.x86_64.rpm Process to check. Using SDDM as display manager 1. Check that allow_Xserver_to_listen is set to "no" 2. In console xhost + export DISPLAY=MY_IP_ADDRESS:0 xeyes MY_IP_ADDRESS is to replace with the IP address Should not work 3. Set allow_Xserver_to_listen is set to "yes" 4. Restart 2. Should display xeyes
Assignee: mageiatools => qa-bugs
Thanks guys!
Version: Cauldron => 6Whiteboard: MGA6TOO => (none)
Before testing, some questions; 1) Are we talking only about /etc/sddm.conf ? 2) In that, section [X11] #ServerArguments= # Arguments to be passed to the X server. Default value is "-nolisten tcp" Where is the parameter "allow_xserver_to_listen" ? If I understand c7, "-listen tcp" will be set for the ServerArguments= parameter above if "allow....=yes"(wherever that is). > Don't mix with "-nolisten tcp" Is this one boolean with opposite names, or two different ones? i.e. Are they mutually exclusive, or can both be present? 3) > 1. Check that allow_Xserver_to_listen is set to "no" > 3. Set allow_Xserver_to_listen is set to "yes" Where? 4) > 2. In console A terminal window, or Ctl/Alt/Fn virtual console? 5) > export DISPLAY=MY_IP_ADDRESS:0 > MY_IP_ADDRESS is to replace with the IP address Is 127.0.0.1 OK here? 6). Apart from the given test c16, can the update be checked also by looking at sddm.conf? And/or another file? 7). c0 mentions gdm, kdm [M5, not M8], sddm [M6]. What about LXDM & LightDM? Sorry for the noise.
CC: (none) => lewyssmith
Hi Lewis, thanks for dealing with this update. 1/ msecgui manage also other DM, but the modifications of the present update are only for SDDM, and the management of /etc/sddm.conf 2) and 3) allow_xserver_to_listen is a parameter displayed in the msecgui interface, look at the documentation: https://doc.mageia.org/mcc/6/en/content/msecgui.html#d4e3226 I haven't done the tests with xeyes by myself, but only checked how sddm.conf is written. I think this is enough. gdm is already managed with this option from msecgui, but nothing is new. The same for xserver and startx. lxdm and light are not managed by this parameter.
Continuing this as Lewis is not available. x86_64. I had a bit of trouble figuring out what was required here so may have inadvertently caused sddm.conf to acquire the explicit setting: ServerArguments=-nolisten tcp Using msecgui I toggled the allow_Xserver_to_listen between 'yes' and 'no' and both times restarted dm and in both cases found that $ xhost + $ export DISPLAY=difda:0 prevented xeyes from launching. After updating msec the behaviour had not changed so I removed sddm and reinstalled it. Checked sddm.conf and found that there was no setting for ServerArguments under [X11] or anywhere else. Restarted sddm and ran the experiment again. This time xeyes launched for this case with allow_Xserver_to_listen = 'yes' $ xhost + $ export DISPLAY=difda:0 and sddm.conf had acquired the line: ServerArguments=-listen tcp in the [X11] section. This looks OK to me as long as the dm is restarted after the msecgui changes.
CC: (none) => tarazed25Whiteboard: (none) => MGA6-64-OK
Advisory from c0, c16 and bug RPMs.
Keywords: (none) => advisory
For my own comprehension, trying M6/64, via SDDM BEFORE the update, installed: msec-2.4-1.mga6 msec-gui-2.4-1.mga6 + xeyes. /etc/sddm.conf #[X11] #ServerArguments= # Arguments to be passed to the X server. Default value is "-nolisten tcp" # # msecgui Security configuration - System security - ALLOW_XSERVER_TO_LISTEN = no xeyes worked on the current desktop. # | $ xhost + access control disabled, clients can connect from any host Unsure what to free up here, I left it. Changed via msecgui the paramater noted above to 'yes'. /etc/sddm.conf #[X11] #ServerArguments= remained UNchanged after the prompt to apply it. I will re-start X11 to see whether that changes something.
No it did not. UPDATE to: msec-2.6-1.mga6 msec-gui-2.6-1.mga6 # msec-gui to change ALLOW_XSERVER_TO_LISTEN = between 'no' and 'yes' (it became bold for the latter) made *no* difference to /etc/sddm.conf, whether re-starting X or re-booting. It stayed as: #ServerArguments= # Arguments to be passed to the X server. Default value is "-nolisten tcp" # I will try Len's idea of re-installing SDDM... No I won't: it wanted to remove also task-plasma5-minimal (and then what?)! I give up! But Len's point here is important. > After updating msec the behaviour had not changed so I removed sddm and > reinstalled it. Checked sddm.conf and found that there was no setting for > ServerArguments under [X11]. > Restarted sddm and ran the experiment again. This time xeyes launched for > this case with allow_Xserver_to_listen = 'yes' > sddm.conf had acquired the line: > ServerArguments=-listen tcp > in the [X11] section It seems to me that this update should just reflect in /etc/sddm.conf - #[X11] - #ServerArguments= whatever is set by msecgui interface for ALLOW_XSERVER_TO_LISTEN (no => default nothing, otherwise yes => ServerArguments=-listen tcp. Validating, but not happy with the contortions to make this 'stick'.
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGAA-2018-0057.html
Resolution: (none) => FIXEDStatus: REOPENED => RESOLVED