when I issue # dpkg-reconfigure noflushd I get this ;Xlib: connection to ":0.0" refused by server Xlib: No protocol specified
dpkg-reconfigure: cannot connect to X server :0.0
Just means your X session isn't allowing requests from any user other than the one that started the session. Very sensible really. If you do an 'xhost +' before su-ing you'll be ok.
Cheers, Steve
P.S. MJR, thanks for being patient. Think I've tamed the beast that is yahoo mail now. Got to better than Outlook though ;)
On 2004-04-19 15:40:07 +0100 Steve Engledow stechjo@btinternet.com wrote:
an 'xhost +' before su-ing you'll be ok.
xhost +localhost would be better if you're on a network. If you have other users, Xauthority is better.
P.S. MJR, thanks for being patient.
Hey, I'm leaving the others for BJ to deal with ;)
On Mon, Apr 19, 2004 at 03:57:30PM +0100, MJ Ray wrote:
On 2004-04-19 15:40:07 +0100 Steve Engledow stechjo@btinternet.com wrote:
an 'xhost +' before su-ing you'll be ok.
xhost +localhost would be better if you're on a network. If you have other users, Xauthority is better.
My preference is to do a
ssh -X root@localhost
(I usually replace localhost with the name of the machine even if it is localhost, oh, and you will need ssh installed and configured to allow root logins)
This sets up an ssh login with the appropriate $DISPLAY variable set and will send X traffic over the encrypted ssh tunnel.
Adam
On Mon, Apr 19, 2004 at 04:28:44PM +0100, adam@thebowery.co.uk wrote:
On Mon, Apr 19, 2004 at 03:57:30PM +0100, MJ Ray wrote:
On 2004-04-19 15:40:07 +0100 Steve Engledow stechjo@btinternet.com wrote:
an 'xhost +' before su-ing you'll be ok.
xhost +localhost would be better if you're on a network. If you have other users, Xauthority is better.
My preference is to do a
ssh -X root@localhost
(I usually replace localhost with the name of the machine even if it is localhost, oh, and you will need ssh installed and configured to allow root logins)
my preference is su -m, which leaves your sheel and variables in tact, gerenally works rather nicely. That or run them via sudo, which works nicely also :)
Cheers,
Steve Engledow stechjo@btinternet.com writes:
Just means your X session isn't allowing requests from any user other than the one that started the session. Very sensible really. If you do an 'xhost +' before su-ing you'll be ok.
I wish people would stop recommending "xhost +".
On Tue, Apr 20, 2004 at 02:04:03PM +0100, Richard Kettlewell wrote:
Steve Engledow stechjo@btinternet.com writes:
Just means your X session isn't allowing requests from any user other than the one that started the session. Very sensible really. If you do an 'xhost +' before su-ing you'll be ok.
I wish people would stop recommending "xhost +".
It's surely OK on a 'closed' network where all the systems are behind a firewall which protects them from the nasty outside world. Our development systems at work allow virtually unlimited access to everyone all across the network. Using anything other than "xhost +" in this situation would be pretty pointless.
On Tue, Apr 20, 2004 at 02:14:52PM +0100, Chris Green wrote:
On Tue, Apr 20, 2004 at 02:04:03PM +0100, Richard Kettlewell wrote:
Steve Engledow stechjo@btinternet.com writes:
Just means your X session isn't allowing requests from any user other than the one that started the session. Very sensible really. If you do an 'xhost +' before su-ing you'll be ok.
I wish people would stop recommending "xhost +".
It's surely OK on a 'closed' network where all the systems are behind a firewall which protects them from the nasty outside world. Our development systems at work allow virtually unlimited access to everyone all across the network. Using anything other than "xhost +" in this situation would be pretty pointless.
So when someone breaches your firewall all of your development systems are automatically compromised?
Nice.
Adam
Chris Green chris@areti.co.uk writes:
Richard Kettlewell wrote:
Steve Engledow stechjo@btinternet.com writes:
Just means your X session isn't allowing requests from any user other than the one that started the session. Very sensible really. If you do an 'xhost +' before su-ing you'll be ok.
I wish people would stop recommending "xhost +".
It's surely OK on a 'closed' network where all the systems are behind a firewall which protects them from the nasty outside world.
Firstly, firewalls don't guarantee that hostile code won't run "inside" them; at best they merely eliminate certain lines of attack. (And that's assuming they don't themselves have bugs.) Consider that email clients and web browsers may have vulnerabilities; people plug their laptops into multiple different networks; people try to hack their own employer; etc.
Secondly, advice doesn't only get used in the situation(s) the adviser imagines, either because they don't know all about the recipient's situation, because people other than the intended recipient follow it, because the recipient's situation changes, etc. So, people giving advice ought to make at least *some* effort to ensure it doesn't have terrible consequences in some of the situations it might be used.
(You can hardly expect watertight advice that covers all possible situations on a user group mailing list. But "xhost +" doesn't even come close.)
In the case of X authentication for root there are several more suitable alternatives, for instance:
* make root's .Xauthority a symlink to the login user's (works best if only one person ever becomes root)
* use ssh root@localhost, with X forwarding enabled, rather than su (has a tiny performance cost, but you're probably not going to notice for anything you actually run as root)
* adapt the rsh rune in 'man xauth', perhaps to something like:
XAUTHORITY=~user/.Xauthority xauth extract - "$DISPLAY"|xauth merge -
(not tested)
Our development systems at work allow virtually unlimited access to everyone all across the network. Using anything other than "xhost +" in this situation would be pretty pointless.
What we know about the OP is that they are using a laptop; potentially it could be connected to almost any kind of network.
-
adam@thebowery.co.uk -
Brett Parker -
Chris Green -
MJ Ray -
Richard Kettlewell -
Steve Engledow