Date: Wed, 12 Jun 2013 20:50:02 GMT From: Jilles Tjoelker <jilles@stack.nl> To: freebsd-x11@FreeBSD.org Subject: Re: ports/154502: x11/xdm authorization failure when used with E17 window manager Message-ID: <201306122050.r5CKo2bK099158@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR ports/154502; it has been noted by GNATS. From: Jilles Tjoelker <jilles@stack.nl> To: bug-followup@FreeBSD.org, cpt_complain@yahoo.com Cc: Subject: Re: ports/154502: x11/xdm authorization failure when used with E17 window manager Date: Wed, 12 Jun 2013 22:46:57 +0200 In FreeBSD PR 154502, you wrote: > Xdm authorization fails after user login. > The user is unable to start an E17 window manager session, and is > returned to the xdm login screen. > Fix: Need to add the missing option: > DisplayManager*authName: MIT-MAGIC-COOKIE-1 I take it that the error message XDM authorization key matches an existing client! appears in .xsession-errors. I recently encountered this issue when trying to log in using xdm and xfce4-session. Adding the quoted line to xdm-config fixed the problem for me. The cause is that the implementation of XDM-AUTHORIZATION-1 is broken if applications execve or unload/reload libX11/libxcb between connections to the X server. More information can be found in http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=486606 Since it is unclear whether XDM-AUTHORIZATION-1 will be fixed and if so, where, I think it is best to disable it in xdm. It looks like adding --disable-xdm-auth to xdm's configure flags will do this but I have not tested it. I think the security impact is minimal; gdm does not use XDM-AUTHORIZATION-1 either. -- Jilles Tjoelker
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201306122050.r5CKo2bK099158>