[LightDM] Magic cookie doesn't work - no protocol specified

Mikhail Morfikov mmorfikov at gmail.com
Fri Dec 11 06:36:11 PST 2015 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 2015-12-10 05:08, Robert Ancell wrote:
> I just really wanted the .Xauthority files to check that they contain the
> cookies in the format we expected.
> 

Ok, I've managed to setup everything up anew.

1. When the Xserver is started via "startx", and when I use the following
line in the /etc/X11/xinit/xserverrc file:

exec /usr/bin/X -auth "$HOME/.Xauthority" -listen tcp "$@"

I am able to send the cookie to the remote machine (it's just an LXC
container) using this command:

local$ xauth extract - morfikownia.mhouse.lh:0.0 | ssh -x morfik at 192.168.10.20 xauth merge -
morfik at 192.168.10.20's password:

I logged in to the remote machine and started a GUI application to see
whether it works. And I got pretty ugly graphical interface, but it works.

The processes on the local machine look like this:

local$ ps aux | grep X
morfik    87819  0.0  0.0  15932  1764 tty2     S+   12:42   0:00 xinit /etc/X11/xinit/xinitrc -- /etc/X11/xinit/xserverrc :0 vt2 -keeptty -auth /tmp/serverauth.ZdhjfKxkp1
morfik    87820  5.2  1.8 288012 34712 tty2     Sl   12:42   0:30 /usr/lib/xorg/Xorg -auth /home/morfik/.Xauthority -listen tcp :0 vt2 -keeptty -auth /tmp/serverauth.ZdhjfKxkp1
morfik    87831  0.0  1.0 232868 19204 tty2     S    12:42   0:00 /usr/bin/openbox --startup /usr/lib/x86_64-linux-gnu/openbox-autostart OPENBOX

2. I restored the /etc/X11/xinit/xserverrc file so it now contains the
default line which was:

exec /usr/bin/X -nolisten tcp "$@"

And set everything up via lightdm configuration file
(/etc/lightdm/lightdm.conf). The only change I did was the following:

xserver-command=X -listen tcp -auth "$HOME/.Xauthority"
xserver-allow-tcp=true

The whole file looks like this:

# egrep -v ^# /etc/lightdm/lightdm.conf
[LightDM]
greeter-user=lightdm
minimum-display-number=0
minimum-vt=7
logind-check-graphical=true
log-directory=/var/log/lightdm
run-directory=/var/run/lightdm
cache-directory=/var/cache/lightdm

[Seat:*]
xserver-command=X -listen tcp -auth "$HOME/.Xauthority"
xserver-allow-tcp=true
greeter-session=lightdm-gtk-greeter
greeter-hide-users=false
greeter-allow-guest=false
greeter-show-manual-login=true
greeter-show-remote-login=true
user-session=openbox
allow-user-switching=true
allow-guest=false
autologin-guest=false
autologin-user-timeout=0
autologin-in-background=false

[XDMCPServer]

[VNCServer]

The processes are a little bit different, but I don't think it matters.
Anyways, here they are:

local$ ps aux | grep X
root     101362  4.2  1.7 281704 33448 tty7     Ssl+ 13:11   0:26 /usr/lib/xorg/Xorg -listen tcp -auth $HOME/.Xauthority :0 -seat seat0 -auth /var/run/lightdm/root/:0 -listen tcp vt7 -novtswitch
morfik   101414  0.0  0.9 232340 18744 ?        Ss   13:11   0:00 /usr/bin/openbox --startup /usr/lib/x86_64-linux-gnu/openbox-autostart OPENBOX


When I try to send the cookie using the same command as earlier, I get
this:

local$ xauth extract - morfikownia.mhouse.lh:0.0 | ssh -x morfik at 192.168.10.20 xauth merge -
No matches found, authority file "-" not written

^C

But when I issue the following command:

local$ xauth extract - $DISPLAY | ssh -x morfik at 192.168.10.20 xauth merge -
morfik at 192.168.10.20's password:

It works here, but when I try to start a GUI application on the remote
machine, I get:

remote$ geany
Invalid MIT-MAGIC-COOKIE-1 key
Geany: cannot open display

I can of course do the following on the local machine:

local$ xhost +192.168.10.20
192.168.10.20 being added to access control list

And now I am able to start the GUI app on the remote machine. So I have no
idea why the cookies don't work with LightDM.

I included two .Xauthority files called .Xauthority-startx-local and
.Xauthority-lightdm-local . Both of which are from the local machine. I
think you needed only those files, right?

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJWat9ZAAoJEM0EaBB3G2UgG1EP/Rul8Rop3k2JZe2UWUCpd1tb
bb4QYIP+f71bX0dM8LaENQrbpmJEV3HKiNih8KK3d9wBv/cNVkl0PIybsy8RSiHd
ABqqU2YsxLesJwI4XS/h8ozJUHNphh7u320iLresMIzvOInEZqIFHRx8IjR7vKU9
C2/VcIWWNEPl9aQxYAW1WqUbu5waV3Oa50+YwkopcC/wBm7XRRmM2J7iEz1aUVsm
yQQdnXJDIkXu7FcqMP8+ddr/TbIuHhfn5HXj2xq7OgzgHLdKhEZLGjWCOnNbM9rH
AYNnUD53EODnwPqH96BBITmoVZb6j/R9lctm61q6Wt2l9OCsVVJFh1EJHld4fgd4
I+rbzcMQY4D7qWgysdfQCyX/5RhxENqE6vTcu8wm4F+6aFiLMiB5sKLgX8Tkc5F5
sHg/Hx+WBjrPaQ9mRwUcevFD5lY9HoSmXW0fw682ug8ADnVdHZK1LNLvRkVbg+Xp
EbsgqMXGlmlx1Fz8YnSC7j3h0UtP29LVum8zSU4/T4kOoRHDbN7N+wD3u2CDfpvP
tsgm9wRQ03q8DKpWpu90xmzdO6sOvVI966fHjI5IE9wMXytyFc2FW4r07G1rQFN+
KEI5vXK6rMqnA8SWwcQtNOXw6a1MQMAL9oRiIgm4tG6/FB9AMMifbSe9294yUHrA
Egau9ktmG7KkmMyGBGXp
=SNXM
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: .Xauthority-lightdm-local
Type: application/octet-stream
Size: 56 bytes
Desc: not available
URL: <http://lists.freedesktop.org/archives/lightdm/attachments/20151211/6215e049/attachment.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: .Xauthority-startx-local
Type: application/octet-stream
Size: 105 bytes
Desc: not available
URL: <http://lists.freedesktop.org/archives/lightdm/attachments/20151211/6215e049/attachment-0001.obj>

More information about the LightDM mailing list