Remove -nolisten tcp argument for Xorg
FedoraForum.org - Fedora Support Forums and Community
Page 1 of 2 1 2 LastLast
Results 1 to 15 of 17
  1. #1
    ctran Guest

    Remove -nolisten tcp argument for Xorg

    I'd like to have Xorg started without the "-nolisten tcp" argument. Upon logging into KDE and did 'ps -ef | grep Xorg' , I found "-nolisten tcp" arg. was used. I found the config. file /etc/X11/xdm/kdmrc and changed
    ServerArgsLocal=-nolisten tcp
    into
    ServerArgsLocal=

    restart computer and still have above argument loaded.

    Does anyone know how to remove above argument ?

  2. #2
    Join Date
    Nov 2004
    Location
    Mississippi, USA
    Posts
    1,180
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Try running /usr/bin/gdmsetup. Select the "Remote" tab and in the "Style" window select one of the options other than "Remote login disabled." If that doesn't do it for you, try the next suggestion.

    AFAIK, gdm.conf is gone from FC5. You use /etc/gdm/custom.conf instead. The correct parameter is DisallowTCP. Add DisallowTCP=false in /etc/gdm/custom.conf to make gdm listen.

  3. #3
    ctran Guest
    jcliburn,

    Your 2nd solution answered my question. I had to put it under [Security] section. Thanks a lot.

    However, I'm getting close to my goal (telnet from FC5 PC to remote Unix terminal and have remote X displayed locally. I know ssh is a much better solution than telnet but if it can be accomplished, I already did it).

    With the TCP allowance enabled, I now can do the following because the IP address works

    For local machine:
    export DISPLAY=localhost:0.0
    export DISPLAY=local_machine_ip:0.0
    xterm & (this window comes up locally)

    For remote machine:
    xhost + remote_machine
    export DISPLAY=local_machine_ip:0.0
    telnet remote_machine
    xterm & (this window doesn't come locally)
    vim somefile (this comes up after a very long long delay)

    My DISPLAY environment variable is set to local_machine_ip:0.0 on the remote machine. I thought when I had the TCP enabled and DISPLAY=local_machine_ip:0.0 worked from local machine, it should work from remote machine too.

    Maybe I just need to tweek another piece of info from some config file to have remote X displayed locally. If you know how, please let me know. I think the setting should be from /etc/gdm/custom.conf or /usr/share/gdm/defaults.conf

  4. #4
    Join Date
    Nov 2004
    Location
    Mississippi, USA
    Posts
    1,180
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by ctran
    jcliburn,

    Your 2nd solution answered my question. I had to put it under [Security] section. Thanks a lot.

    However, I'm getting close to my goal (telnet from FC5 PC to remote Unix terminal and have remote X displayed locally. I know ssh is a much better solution than telnet but if it can be accomplished, I already did it).
    I'm not sure I understand; are you saying you can or you cannot use ssh for this purpose? Using ssh is simpler and more secure than telnet/xhost. All you do is add X11Forwarding=yes to sshd_config at the server, then restart sshd. From the client, login with "ssh -X -l username remote_host". That's it. Lauch xterm from there. No need to tinker with xhost or DISPLAY.

    With the TCP allowance enabled, I now can do the following because the IP address works

    For local machine:
    export DISPLAY=localhost:0.0
    export DISPLAY=local_machine_ip:0.0
    xterm & (this window comes up locally)

    For remote machine:
    xhost + remote_machine
    export DISPLAY=local_machine_ip:0.0
    telnet remote_machine
    xterm & (this window doesn't come locally)
    vim somefile (this comes up after a very long long delay)
    I think the order is messed up. Should be:

    1. xhost remote_machine
    2. telnet remote_machine
    ***** next 2 executed from remote machine telnet window ******
    3. export DISPLAY=local_machine_ip:0.0
    4. xterm

    Remote X is slow; sometimes very slow.

  5. #5
    ctran Guest
    Quote Originally Posted by jcliburn
    I'm not sure I understand; are you saying you can or you cannot use ssh for this purpose? Using ssh is simpler and more secure than telnet/xhost. All you do is add X11Forwarding=yes to sshd_config at the server, then restart sshd. From the client, login with "ssh -X -l username remote_host". That's it. Lauch xterm from there. No need to tinker with xhost or DISPLAY.
    I couldn't use ssh because I couldn't install ssh on remote machine. In order to install
    ssh I have to have openssl installed and remote machine is a Harris Night Hawk made by
    Concurrent with Power Unix OS. Openssl won't support this OS.

    I could do this remote X stuff fine under FC2.


    I think the order is messed up. Should be:

    1. xhost remote_machine
    2. telnet remote_machine
    ***** next 2 executed from remote machine telnet window ******
    3. export DISPLAY=local_machine_ip:0.0
    4. xterm

    Remote X is slow; sometimes very slow.
    I tried this and still got error message
    Error: Can't open display: local_machine_ip:0.0

  6. #6
    Join Date
    Nov 2004
    Location
    Mississippi, USA
    Posts
    1,180
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Is port 6000 on the local machine unfiltered? It'll need to be.

  7. #7
    ctran Guest
    Is port 6000 on the local machine unfiltered? It'll need to be.
    How do you check that ? I heard of something like "netstat -l". I ran this "netstat -l" and didn't see anything about 6000 port.

  8. #8
    Join Date
    Nov 2004
    Location
    Mississippi, USA
    Posts
    1,180
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    netstat will tell you whether the port is open (and, by inference, the service is listening). Run this command as root (become root with "su -").
    Code:
    # netstat --proto=inet,inet6 -pnl
    To see if it's unfiltered, you need to look at iptables.
    Code:
    # iptables -L -n
    If you haven't explicitly unblocked port 6000 in iptables, then it's almost certainly blocked. Edit /etc/sysconfig/iptables and add this line immediately before the line that contains --reject-with icmp-host-prohibited.
    Code:
    -A  RH-Firewall-1-INPUT -p tcp -m tcp --dport 6000 -j ACCEPT
    Then restart iptables to make the rule take effect.
    Code:
    # service iptables restart

  9. #9
    ctran Guest
    jcliburn,

    That did it. My port 6000 was blocked. You're amazingly good. Thanks so much.

  10. #10
    Join Date
    Nov 2004
    Location
    Mississippi, USA
    Posts
    1,180
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    You're welcome. Glad to help. Good luck.

  11. #11
    sunlit Guest
    I installed Fedora 6 in VMware (host is WinXP) with default setup. I want to telnet UNIX server and display the X window in my Fedora. The server does not install SSH.
    I added DisallowTCP=false in /etc/gdm/custom.conf and /usr/share/gdm/defaults.conf. I also disabled the Firewall. I ran this "netstat -l" and didn't see anything about 6000 port. There is no one file named 'iptables' in /etc/sysconfig/.
    The issue is that I always met the error 'Can't open display: the_ip_of_virtual_linux'. (But I can see the Xwindow in my host system if I set the IP to my host system.)
    Who can help me? Thanks.
    Last edited by sunlit; 15th August 2007 at 02:48 AM.

  12. #12
    denispatterson Guest
    I have installed Fedora 9. I can't export a display from a remote system to my workstation. I was able to do this on Fedora 7 before I upgraded to Fedora 9.

    Xorg is running with -nolisten tcp

    root 2313 2312 2 10:27 tty7 00:00:11 /usr/bin/Xorg :0 -br -verbose -auth /var/run/gdm/auth-cookie-XX0HEBDU-for-gdm -nolisten tcp

    I have added

    [security]

    DisallowTCP=false

    to /etc/gdm/custom.conf. I also copied /etc/gdm/custom.conf to /usr/share/gdm/defaults.conf. It didn't exist before that.

    I have allowed port 6000 through iptables?

    Does anybody have any ideas why Xorg is still running with -nolisten tcp?

  13. #13
    fistre Guest
    I was able to get this to work by changing DisallowTCP to false in /etc/gdm/gdm.schemas

    Code:
        <schema>
          <key>security/DisallowTCP</key>
          <signature>b</signature>
          <default>false</default>
        </schema>
    Quote Originally Posted by denispatterson
    I have installed Fedora 9. I can't export a display from a remote system to my workstation. I was able to do this on Fedora 7 before I upgraded to Fedora 9.

    Xorg is running with -nolisten tcp

    root 2313 2312 2 10:27 tty7 00:00:11 /usr/bin/Xorg :0 -br -verbose -auth /var/run/gdm/auth-cookie-XX0HEBDU-for-gdm -nolisten tcp

    I have added

    [security]

    DisallowTCP=false

    to /etc/gdm/custom.conf. I also copied /etc/gdm/custom.conf to /usr/share/gdm/defaults.conf. It didn't exist before that.

    I have allowed port 6000 through iptables?

    Does anybody have any ideas why Xorg is still running with -nolisten tcp?

  14. #14
    JohnA2 Guest
    Quote Originally Posted by jcliburn
    Try running /usr/bin/gdmsetup. Select the "Remote" tab and in the "Style" window select one of the options other than "Remote login disabled." If that doesn't do it for you, try the next suggestion.
    Selecting the "Security" tab deselecting "Deny TCP connections to XServer" should work.

  15. #15
    nkd Guest
    hi all,
    I am using fedora9 with gnome.
    sorry for this late posting in this thread. I donot have a gdm setup utility.
    Try running /usr/bin/gdmsetup. Select the "Remote" tab and in the "Style" window select one of the options other than "Remote login disabled." If that doesn't do it for you, try the next suggestion.
    Do I have to install something more.
    I read about it somewhere that the gdm 2.22 which comes along with fedora 9 doesnot allow switching off the nolisten TCP option. Is that correct.?
    I really need this feature and this thread is the closest to the problem I have and the solutions are comprehendible, so I am posting here.
    Thanks for any cue in advance
    ni****h

Page 1 of 2 1 2 LastLast

Similar Threads

  1. -nolisten - How do I get rid of it?
    By drdolphin in forum Alpha - Beta (Fedora 9 Only)
    Replies: 2
    Last Post: 1st May 2008, 10:33 PM
  2. IPtable & NoListen
    By Yeti_A in forum Security and Privacy
    Replies: 2
    Last Post: 16th August 2007, 05:03 PM
  3. nolisten TCP
    By Yeti_A in forum Using Fedora
    Replies: 2
    Last Post: 11th August 2007, 04:20 AM
  4. nolisten TCP
    By Yeti_A in forum Security and Privacy
    Replies: 0
    Last Post: 7th August 2007, 09:16 PM
  5. Replies: 6
    Last Post: 13th December 2005, 06:16 AM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •