[Techtalk] root/.xauthSYI7C2 and 20 more just like it
Rasjid Wilcox
rasjidw at openminddev.net
Mon Nov 24 19:38:19 EST 2003
On Monday 24 November 2003 12:12, ed orphan wrote:
> Could someone tell me where these files comes from
> and what they do? I'm running Linux Red Hat 7.3
> and I have about 20 of these files under root:
> /root/.xauthxxxxxx
> I read a few of them and they all seem to be
> more or less the same one line with a lot of gibberish:
> blah blah localhost.localdomain blah blah MIT-MAGIC-COOKIE-1
> blah blah blah
> What's an MIT-MAGIC-COOKIE-1 ? Where do they
> come from and what do they do?
I can't claim to know the full and gory details, but it is part of the X
authentication and security process.
Basically, with a standard setup, each X session has a 'magic cookie' that, in
theory, only the owner of that particular X session has access to, and that
you need to connect to a particular X session.
One of the differences I have noticed between RedHat and SuSE, is that with
RedHat the users magic cookie's are also copied into the root directory.
With RedHat, I can
$ su root
# xcdroast
and it will work.
On SuSE, however:
$ su root
# xcdroast
Xlib: connection to ":0.0" refused by server
Xlib: No protocol specified
Gtk-WARNING **: cannot open display: :0
I can fix this by grabbing my normal users magic cookie, and copying it into
root's home directory.
# cp /home/rasjidw/.Xauthority /root
# xcdroast
now works.
Note that this will only keep working for that current Xsession. (If root
will always be logging on as a known ordinary user first, then you could set
up a symlink.)
Anyway, the point is that Redhat hides all this from you. With RedHat, root
can always display a program on any users X session. The way it does this is
by automatically creating those magic cookies in /root. And clearly it
doesn't always clean up afterwards.
Someone who knows more about Xsecurity could give a more authoratitive answer,
but I don't have any reason to believe that those left over cookies are a
big problem. OTOH, deleting any older than the last time you logged on will
definitely not cause a problem, and may be a good thing. Deleting all of
them will mean that root will not be able to run an X based program, until of
course root grabs the current cookie, or you disable security checking by
running
$ xhost +localhost (as your normal user, not root!)
or the next time you log in (and Redhat's process create a new cookie for
root).
From memory, Redhat uses a slightly random name for each cookie (to avoid the
clashes in /root that would result otherwise), so the straight copy of
.Xauthority given above for SuSE will not work. (OTOH, in general it does
not need to.)
Also see:
man Xsecurity
man Xhost
man Xauth
I hope this make things a bit clearer.
Cheers,
Rasjid.
--
Rasjid Wilcox
Canberra, Australia (UTC +10 hrs)
http://www.openminddev.net
More information about the Techtalk
mailing list