PDA

View Full Version : remote xsession on FC7 with telnet



nomisunrider
6th September 2007, 08:58 PM
On FC6 and older, I could do the following:

xhost %hostname
telnet %hostname
%run app

and the application would open up on my local machine.

On FC7, this does not work. Using ssh -Y %hostname works for display x apps, however not all of the hosts I want to connect to have ssh.

Did something change with X in FC7?

nomisunrider
15th September 2007, 06:02 AM
No one has any ideas on this?

sideways
15th September 2007, 06:36 AM
You need to allow TCP connections to the xserver on each host machine.
EDIT sorry, you need to allow connections on the local machine, not the hosts. (duh!)

If they are fedora using gdm you can do this by adding

DisallowTCP=false
to the [security] section of /etc/gdm/custom.conf, or do it in the gui tool System -> Administration -> Login Screen (in the Security tab there is a checkbox to allow/deny tcp connections to the xserver)

I think you need to restart the xserver (can't remember, but it won't hurt)

For non Fedora hosts, or ones not using gdm there should be a similar config file.

edit

Note that this is not very safe, ssh -X is much more secure.

nomisunrider
16th September 2007, 05:49 PM
I have that option set already.

I know ssh is more secure, but on some older systems, that is not an option.

RupertPupkin
16th September 2007, 08:36 PM
Did you set the DISPLAY variable on the remote machine to point to the machine you're logging in from? If you are on machineA and telnet into machineB, then you need to do this on machineB (assuming your shell on machineB is bash):

export DISPLAY=machineA:0.0

nomisunrider
21st September 2007, 03:11 AM
I have tried that as well, to no avail.

sideways
21st September 2007, 10:16 AM
I have tried that as well, to no avail.

If you sit at the remote host and "telnet localhost", does it work then?

nomisunrider
24th September 2007, 09:11 PM
If you sit at the remote host and "telnet localhost", does it work then?

Yes. Once again, the only thing that has changed is my local system (from Fedora 6 to Fedora 7.) None of the remote hosts have changed and I can get this to work from non Fedora 7 systems.

sideways
25th September 2007, 02:25 PM
On the F7 machine can you post the output of

rpm -qa | grep telnet

and, once in the telnet session

rpm -qa | grep telnet
cat /etc/gdm/custom.conf
ps -ef | grep X
env | grep DISPLAY

and the exact command you are using and the error you get.

cheers

nomisunrider
25th September 2007, 03:42 PM
Note: Replaced private info with *****


On the F7 machine can you post the output of

rpm -qa | grep telnet

[*****]: rpm -qa| grep telnet
telnet-0.17-38.fc7
telnet-server-0.17-38.fc7


and, once in the telnet session

rpm -qa | grep telnet

NOTE: assumed you meant on the remote system for this.

[*****]# rpm -qa| grep telnet
telnet-server-0.17-31.EL4.3
telnet-0.17-31.EL4.3



cat /etc/gdm/custom.conf

[*****]: cat /etc/gdm/custom.conf

# GDM Custom Configuration file.
#
# This file is the appropriate place for specifying your customizations to the
# GDM configuration. If you run gdmsetup, it will automatically edit this
# file for you and will cause the daemon and any running GDM GUI programs to
# automatically update with the new configuration. Not all configuration
# options are supported by gdmsetup, so to modify some values it may be
# necessary to modify this file directly by hand.
#
# This file overrides the default configuration settings. These settings
# are stored in the GDM System Defaults configuration file, which is found
# at the following location.
#
# /usr/share/gdm/defaults.conf.
#
# This file contains comments about the meaning of each configuration option,
# so is also a useful reference. Also refer to the documentation links at
# the end of this comment for further information. In short, to hand-edit
# this file, simply add or modify the key=value combination in the
# appropriate section in the template below this comment section.
#
# For example, if you want to specify a different value for the Enable key
# in the "[debug]" section of your GDM System Defaults configuration file,
# then add "Enable=true" in the "[debug]" section of this file. If the
# key already exists in this file, then simply modify it.
#
# Older versions of GDM used the "gdm.conf" file for configuration. If your
# system has an old gdm.conf file on the system, it will be used instead of
# this file - so changes made to this file will not take effect. Consider
# migrating your configuration to this file and removing the gdm.conf file.
#
# If you hand edit a GDM configuration file, you can run the following
# command and the GDM daemon will immediately reflect the change. Any
# running GDM GUI programs will also be notified to update with the new
# configuration.
#
# gdmflexiserver --command="UPDATE_CONFIG <configuration key>"
#
# e.g, the "Enable" key in the "[debug]" section would be "debug/Enable".
#
# You can also run gdm-restart or gdm-safe-restart to cause GDM to restart and
# re-read the new configuration settings. You can also restart GDM by sending
# a HUP or USR1 signal to the daemon. HUP behaves like gdm-restart and causes
# any user session started by GDM to exit immediately while USR1 behaves like
# gdm-safe-restart and will wait until all users log out before restarting GDM.
#
# For full reference documentation see the gnome help browser under
# GNOME|System category. You can also find the docs in HTML form on
# http://www.gnome.org/projects/gdm/
#
# NOTE: Lines that begin with "#" are considered comments.
#
# Have fun!

[daemon]
RemoteGreeter=/usr/libexec/gdmgreeter

[security]

[xdmcp]
Enable=true

[gui]

[greeter]
GraphicalTheme=Bluecurve
GraphicalThemes=Bluecurve

[chooser]

[debug]

# Note that to disable servers defined in the GDM System Defaults
# configuration file (such as 0=Standard, you must put a line in this file
# that says 0=inactive, as described in the Configuration section of the GDM
# documentation.
#
[servers]

# Also note, that if you redefine a [server-foo] section, then GDM will
# use the definition in this file, not the GDM System Defaults configuration
# file. It is currently not possible to disable a [server-foo] section
# defined in the GDM System Defaults configuration file.
#
DisallowTCP=false



ps -ef | grep X

[*****]: ps -ef | grep X

***** 3001 2997 2 Sep24 tty7 00:21:47 /usr/bin/Xorg :0 -br -audit 0 -auth /var/gdm/:0.Xauth vt7
***** 9334 9259 0 09:33 pts/1 00:00:00 grep X


env | grep DISPLAY

LOCAL HOST
[*****]: env|grep DISPLAY
DISPLAY=:0.0

REMOTE HOST
[*****]# env| grep DISPLAY
DISPLAY=localhostname:0.0

NOTE: I have tried the IP address as well.


and the exact command you are using and the error you get.
cheers
NOTE: Just to try anything, I'm using hwbrowser.

[*****]# hwbrowser

Traceback (most recent call last):
File "/usr/share/hwbrowser/DeviceList.py", line 53, in ?
import gtk
File "/usr/src/build/463937-i386/install/usr/lib/python2.3/site-packages/gtk-2.0/gtk/__init__.py", line 37, in ?
RuntimeError: could not open display
Traceback (most recent call last):
File "/usr/share/hwbrowser/DeviceList.py", line 37, in ?
import gtk
File "/usr/src/build/463937-i386/install/usr/lib/python2.3/site-packages/gtk-2.0/gtk/__init__.py", line 37, in ?
RuntimeError: could not open display

sideways
25th September 2007, 04:05 PM
The DISPLAy variable for the remote machine (the one you are telnetting to) needs to be set to <ip of local machine (the one you are telnetting from)>:0.0

so eg if you are sitting at 10.0.0.5 and telnetting to 10.0.0.4 then in the telnet session on 10.0.0.4 you would type


export DISPLAY=10.0.0.5:0.0

also you would have typed 'xhost 10.0.0.4' on the local machine (10.0.0.5) before starting the telnet session to 10.0.0.4. To ensure 10.0.0.4 is in the xhosts list just type 'xhost' on the local machine.


I assume the above stuff is pretty well-known to you, since you say it works on non F7 machines, but maybe you made a small mistake by accident somewhere. If not I cannot say why it is not working, unless it is a RHEL related issue eg I can telnet from my F7 to a ubuntu client and start xapps no problem.

sideways
26th September 2007, 12:15 PM
Apologies nomisunrider,you do seem to have discovered a real problem here.

I was mistaken in stating I had this working when telnetting from F7, in fact, it's as you have discovered: xapps open when telnetting from all sorts of other OSes (windows/cygwin, ubuntu, FC6)
to a F7 telnet server but the other way round doesn't work.

I noticed selinux messages were being generated about the telnet daemon not accessing ttys, but even turning off selinux doesn't resolve the problem.

I have checked that Xorg is allowing tcp connections (the '-nolisten tcp' option does not appear is the ps output) (setting DisallowTCP=false in /etc/gdm/custom.conf fixes that), added the appropriate xhost ips, exported the DISPLAY variable in the telnet session, but no luck in F7. Works fine with everything else (even from a dosbox in windows running the cygwin xserver)


I'll search for a bugzilla, and maybe submit one if nothing related exists. The problem with moaning about telnet is that everyone tells you to use ssh, which doesn't help resolve the issue.

If anyone has it working, please post.

nomisunrider
26th September 2007, 05:58 PM
Well, I'm glad to see I'm not the only person have this problem with Fedora 7

RupertPupkin
26th September 2007, 08:57 PM
Works fine here. I just telnetted from my F7 box to an old RH6.2 box, ran an xterm on the remote box, and it displayed just fine on my F7 box:

sideways
27th September 2007, 01:24 PM
cheers RupertPupkin, you convinced me I was being a bit dumb. It does work, but you also need to allow tcp connections to the local machine's xserver! So in fact, post #2 was the answer but you need to add 'DisallowTCP=false' to /etc/gdm/custom.conf on the local machine, then do gdm-restart.

So in summary, this works for me, local machine = 10.0.0.5, remote machine with telnet server = 10.0.0.4

On local machine (10.0.0.5) add DisallowTCP=false to /etc/gdm/custom.conf and then 'gdm-restart'
xhost 10.0.0.4
telnet 10.0.0.4

On remote machine (10.0.0.4), in telnet session
export DISPLAY=10.0.0.5:0.0
xterm

I guess the other OS's allow tcp connections by default.

RupertPupkin
27th September 2007, 09:01 PM
sideways: it's not really an OS issue, it's an issue with a particular application, namely, gdm. I don't have that issue because I don't use gdm as my display manager (I use wdm). I don't even have gdm installed. There are other display managers that are included with Fedora, like kdm (the KDE display manager) and xdm (plain Xlib display manager); I don't know if they have that issue, but I strongly suspect that xdm doesn't. Since gdm is the default display manager in Fedora, though, this issue may cause problems for a lot of people.

sideways
27th September 2007, 09:11 PM
sideways: it's not really an OS issue, it's an issue with a particular application, namely, gdm. I don't have that issue because I don't use gdm as my display manager (I use wdm). I don't even have gdm installed. There are other display managers that are included with Fedora, like kdm (the KDE display manager) and xdm (plain Xlib display manager); I don't know if they have that issue, but I strongly suspect that xdm doesn't. Since gdm is the default display manager in Fedora, though, this issue may cause problems for a lot of people.

That's true, I wonder when '-nolisten tcp' became a default parameter for Xorg when using gdm in Fedora, was it there in FC6?

I was being pretty dumb in post #2, obviously the local xserver is the one which requires the tcp connection.

Incidentally, I still get selinux messages (on the telnet server) about the telnet daemon accessing terminals, but it doesn't seem to stop windows displaying on the client.

edit:

I tried this on another machine, and this time I have to disable the firewall on the local machine to get it to work. That's very weird, since the telnet port 23 is open (telnet is a trusted service)