From nobody Mon Mar 4 05:53:55 2024 X-Original-To: hackers@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Tp7DR1BjRz5Bvqh for ; Mon, 4 Mar 2024 05:53:59 +0000 (UTC) (envelope-from danny@cs.huji.ac.il) Received: from kabab.cs.huji.ac.il (kabab.cs.huji.ac.il [132.65.116.210]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4Tp7DQ5dJGz4JFV for ; Mon, 4 Mar 2024 05:53:58 +0000 (UTC) (envelope-from danny@cs.huji.ac.il) Authentication-Results: mx1.freebsd.org; none DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=cs.huji.ac.il; s=57791128; h=References:To:Cc:In-Reply-To:Date:Subject:Mime-Version:Content-Type:Message-Id:From; bh=TD6NzF6SOS8M4lfW1HE+thGV9NJBjFYIP9qyOlbQC7E=; b=UJ0Sl5nzjOtOlQKLNzHUYkzoXU26r98icbAwaKXhp7mkJZguYg8FVhbVVZlOvLjox+0F1OXpU1aFlaW8rwCdyT4F4Vym6fyLFyl/OLF5vL49G/GbAfL4W3FeAWgZrvYvo2XeaH/fzbkhwXxAb6W0unVSPa7zycK4Sn+zYAJIcsevA3KrypNcjEryrrv5STvbsZpaJWcGVb8stQj59BqTyFk5rfWd8w2i42jmUDhBO0m42dpC3JH+bOqJkp1QxMnC+oQocPrFjTb46bwaQct+DP8/MyDc6+DkMhBpO7/Ow47IjZdrU7i69ZG3l2ez+zJy8R0STxW7QmFMCA3t2T0pow==; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=cse.huji.ac.il; s=57791128; h=References:To:Cc:In-Reply-To:Date:Subject:Mime-Version:Content-Type:Message-Id:From; bh=TD6NzF6SOS8M4lfW1HE+thGV9NJBjFYIP9qyOlbQC7E=; b=vwxCwciv0c0g9iunhpXkBcgWI+s2XKO4Lk0yAIBo2JAgUVxMmd46UUwZ7YP/ZKsswPC1nMwwTfZO/RPBXEIvEST8wqDf47w9NLoXlH/Uw8SKX6Wtrm+xUbVVBy0GY0qNjd76qn2kipGSDl/u2NjHj9UE/XXax8u/L9lefVvIAL2Dusdyw5BLTBASffArfXjXY4LORl5sgn9BE/xh3Le5Q3Fl3QDbVEa1jRin7BbE4peFupKzzyHjuokgQ2l8+1fN2gBJFo7BCHFk/7prn3h7ZENospGfGgF5Jd8mbXuOd3wK2SaVgmMGeFFCmp+TY9RvmWf8Kq88JqKZo9G/chyptA==; Received: from bach.cs.huji.ac.il ([132.65.80.20] helo=smtpclient.apple) by kabab.cs.huji.ac.il with esmtp id 1rh1Gt-0008My-JK; Mon, 04 Mar 2024 07:53:55 +0200 From: Daniel Braniss Message-Id: <4138795E-DBCA-416F-935D-786EC594796A@cs.huji.ac.il> Content-Type: multipart/alternative; boundary="Apple-Mail=_A3B16E00-7682-4ABA-866C-B24F48868A20" List-Id: Technical discussions relating to FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-hackers List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-hackers@freebsd.org Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.4\)) Subject: Re: How to add -listen tcp to Xorg Date: Mon, 4 Mar 2024 07:53:55 +0200 In-Reply-To: <20240304033846.B9425139@slippy.cwsent.com> Cc: garyj@gmx.de, Tommy Johnson , freebsd-hackers To: Cy Schubert References: <543CC273-7A51-4C12-981B-493CA69BE5FE@cs.huji.ac.il> <20240303181000.52322886@ernst.home> <20240303190551.7ad01ac6@ernst.home> <20240303132827.72fca2af6bce173d81794f32@bobdbob.com> <20240303200852.3d6e4ea6@ernst.home> <20240304033846.B9425139@slippy.cwsent.com> X-Mailer: Apple Mail (2.3696.120.41.1.4) X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:378, ipnet:132.64.0.0/15, country:IL] X-Rspamd-Queue-Id: 4Tp7DQ5dJGz4JFV --Apple-Mail=_A3B16E00-7682-4ABA-866C-B24F48868A20 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 thanks to all of you! adding -listen tcp to /usr/local/etc/X11/xdm/Xservers did it, and both = worked :0 local /usr/local/bin/X -terminate -listen tcp :0 or :0 local /usr/local/bin/X -terminate :0 -listen tcp btw, LISTEN in xdm is another thing, it=E2=80=99s about listening for = XDMCP requests. we used it way back in the days of the VAX and Xterminals - i'm giving = away the fact that i=E2=80=99m an old fart :-) thanks again, danny > On 4 Mar 2024, at 05:38, Cy Schubert = wrote: >=20 > In message <20240303200852.3d6e4ea6@ernst.home>, Gary Jennejohn = writes: >> On Sun, 3 Mar 2024 13:28:27 -0500 >> Tommy Johnson wrote: >>=20 >>> On Sun, 3 Mar 2024 18:05:51 +0000 >>> Gary Jennejohn wrote: >>>=20 >>>> On Sun, 3 Mar 2024 19:29:14 +0200 >>>> Daniel Braniss wrote: >>>>=20 >>>>> This is the trick that has worked for me since time immemorial: >>>>> In /etc/ttys: >>>>> ttyv8 "/usr/local/bin/xdm -nodaemon" xterm on secure >>>>>=20 >>>>=20 >>>> Well, it doesn't work now. >>>>=20 >>>> I've never used xdm and have no idea what options it supports. >>>=20 >>> I fixed the problem by editing the file Xservers in = /usr/local/etc/X11/x=3D >> dm >>> to look like: >>>=20 >>> :0 local /usr/local/bin/X :0 -listen tcp >>>=20 >>> I am using xdm from .../ports/x11/xdm , as opposed to any of the >>> newer reimplementations. >>>=20 >>=20 >> That's great! I was hoping that a solution like this could work, = since >> it's similar to xinit passing -listen tcp to the Xserver. >=20 > For xdm, add -listen tcp to your Xserver specification, i.e., in =09 >=20 >=20 > :0 local /usr/local/bin/X -terminate -listen tcp :0 >=20 > CDE's dtlogin's Xservers file serves the same purpose >=20 > The moral of the story is, whatever your desired method of starting = your=20 > Xserver, check the man page. Most display managers will have a=20 > configuration file to specify how to invoke the Xserver. I don't know = about=20 > gdm, kdm or sddm. >=20 > Normally one doesn't need to fiddle around with this as ssh tunnels X.=20= > However, in my experience tunneling through an ssh session is slow. If=20= > you're on a private network, like I am (I'm the only one using my = network)=20 > opening an unencrypted X TCP socket is fine. But if you're sharing = that=20 > network with other, i.e. work, school, etc., tunnel through ssh. The = rule=20 > of thumb is, tunnel through ssh. >=20 >=20 > --=20 > Cheers, > Cy Schubert > FreeBSD UNIX: Web: https://FreeBSD.org > NTP: Web: https://nwtime.org >=20 > e^(i*pi)+1=3D0 >=20 >=20 >=20 --Apple-Mail=_A3B16E00-7682-4ABA-866C-B24F48868A20 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8 thanks to all of you!

adding -listen tcp to /usr/local/etc/X11/xdm/Xservers did it, = and both worked
:0 local /usr/local/bin/X = -terminate -listen tcp :0
or
        :0 local /usr/local/bin/X = -terminate :0 -listen tcp

btw, LISTEN in xdm is another thing, = it=E2=80=99s about listening for XDMCP requests.
we used it way back in the = days of the VAX and Xterminals  - i'm giving away the fact = that
i=E2=80= =99m an old fart :-)
thanks again,
danny
On 4 Mar 2024, at 05:38, Cy Schubert <Cy.Schubert@cschubert.com> wrote:

In = message <20240303200852.3d6e4ea6@ernst.home>, Gary Jennejohn = writes:
On Sun, 3 Mar = 2024 13:28:27 -0500
Tommy Johnson <tjohnson@bobdbob.com> wrote:

On Sun, 3 Mar 2024 = 18:05:51 +0000
Gary Jennejohn <garyj@gmx.de> wrote:

On Sun, 3 = Mar 2024 19:29:14 +0200
Daniel Braniss <danny@cs.huji.ac.il>= wrote:

This is the trick that has worked for me since time = immemorial:
In /etc/ttys:
ttyv8 =   "/usr/local/bin/xdm -nodaemon"  xterm   on = secure


Well, it = doesn't work now.

I've never used xdm and = have no idea what options it supports.

I fixed the problem by editing the file Xservers in = /usr/local/etc/X11/x=3D
dm
to look like:

:0 local /usr/local/bin/X :0  -listen = tcp

I am using xdm from .../ports/x11/xdm , = as opposed to any of the
newer reimplementations.


That's great! =  I was hoping that a solution like this could work, since
it's similar to xinit passing -listen tcp to the Xserver.

For xdm, add -listen tcp to your = Xserver specification, i.e., in


:0 local /usr/local/bin/X -terminate -listen tcp :0

CDE's dtlogin's Xservers file serves the same = purpose

The moral of the story is, whatever = your desired method of starting your
Xserver, check the = man page. Most display managers will have a
configuration = file to specify how to invoke the Xserver. I don't know about
gdm, kdm or sddm.

Normally one = doesn't need to fiddle around with this as ssh tunnels X.
However, in my experience tunneling through an ssh session is = slow. If
you're on a private network, like I am (I'm the = only one using my network)
opening an unencrypted X TCP = socket is fine. But if you're sharing that
network with = other, i.e. work, school, etc., tunnel through ssh. The rule
of thumb is, tunnel through ssh.


--
Cheers,
Cy = Schubert <Cy.Schubert@cschubert.com>
FreeBSD UNIX: =  <cy@FreeBSD.org>   Web:  https://FreeBSD.org
NTP: =           <cy@nwtime.org> =    Web:  https://nwtime.org

= e^(i*pi)+1=3D0




= --Apple-Mail=_A3B16E00-7682-4ABA-866C-B24F48868A20--