Hi Calum,
I have a DB user who is trying to open xterm from an affected server. He access
this server through a "terminal" on CDE after logging to another server through
vnc viewer.
He ssh from terminal to the server where he cannot run xterm after he switch to
oracle user. He can able to access the xterm with his id. This was working fine
earlier and also there is server from where he can still access after switching
as oralce.
I have no idea what has changed the settings. But in this environment they have
small script in /etc/profile which tries to merge display of two user id.
When user switch to oracle user he runs the script which merge the cookies:-
But now when he rans the script the script details get vanished by itself.
How X works after using su to assume a role
When you logon via SSH with X11 tunneling enabled a Magic-Cookie is assigned to
your display. Without this cookie another user could not connect to your
display. When you use su to switch accounts that cookie is lost and the role
you assumed will not be able to launch X applications. To address this issue a
script is created at logon with the name /tmp/<username>X that can be executed
by any user authenticated on the system to use your display for X applications.
Scipt:-
*******
if [ "$DISPLAY" != "" ]
then
echo "#!/bin/bash" >/tmp/${LOGNAME}X
echo /usr/openwin/bin/xauth add `/usr/openwin/bin/xauth list $DISPLAY`
>>/tmp/${LOGNAME}X
echo DISPLAY=${DISPLAY} >>/tmp/${LOGNAME}X
echo export DISPLAY >>/tmp/${LOGNAME}X
chmod 755 /tmp/${LOGNAME}X
fi
--
This message posted from opensolaris.org
_______________________________________________
opensolaris-discuss mailing list
opensolaris-discuss@opensolaris.org
