OpenSolaris 2008.05 - X Display Redirect Problem
By Hashamkha Pathan on Aug 22, 2008
I am using OpenSolaris 2008.05 on my desktop and needed to run installer on remote UNIX system on regular basis. OpenSolaris settings by default weren't allowing me to redirect the X display to my work station when I use program like “rlogin” or “telnet”(Which by the way are NOT secure programs BUT some times you don't have choice). I could get around this problem using "ssh -X" and worked for me in most cases. But some cases, I needed telnet/rlogin and “X” Display redirect going.
Hasham@hasham-pc:~$ xhost +
access control disabled, clients can connect from any host
Hasham@hasham-pc:~$ telnet 10.12.161.36
Connected to 10.12.161.36.
Escape character is '\^]'.
Last login: Fri Aug 22 08:42:11 from hasham-pc.India
Sun Microsystems Inc. SunOS 5.10 Generic January 2005
You have new mail.
-bash-3.00# echo $DISPLAY
-bash-3.00# ping hasham-pc
hasham-pc is alive
Error: Can't open display: hasham-pc:0.0
Tried looking up in OpenSolaris forum and didn't fine any solution. This forum entry(http://forums.opensolaris.com/thread.jspa?threadID=350) was good starting point for me to troubleshoot. Verified that the service "x11-server" configuration is set to allow TCP_LISTEN (OpenSolaris 2008.05 has it enabled by default)
svccfg -s x11-server listprop options/tcp_listen
options/tcp_listen boolean true
Started looking at the “Xorg” settings. Noticed that the “Xorg” process is starting with "nolisten tcp" option. See the argv & argv in the below output.Hasham@hasham-pc:~# ps -ef|grep Xorg
root 13103 435 2 Aug 19 ? 8:25 /usr/X11/bin/Xorg :0 -depth 24 -audit 0 -auth /var/lib/gdm/:0.Xauth -nolisten t
Hasham@hasham-pc:~# pargs 13103
13103: /usr/X11/bin/Xorg :0 -depth 24 -audit 0 -auth /var/lib/gdm/:0.Xauth -nolisten t
After looking at the man page for “Xorg” & later “Xserver”, learnt that Xserver script is responsible for passings some of these arguments. I was hoping for Happy ending! Looked the Xserver script("/usr/X11/bin/Xserver) and everything appeared in order. The “Xserver script” is using "SMF" property(options/tcp_listen) to pass value. In this case, it was set to "true". No problem with “Xserver script” - No happy ending!
Are there any other SMF services related Xorg? The first thing to find out which service is responsible for starting Xorg process?
online 10:03:36 svc:/application/graphical-login/gdm:default
10:03:36 471 gdm-binary
10:38:35 1959 gdm-binary
10:40:51 2136 Xorg
10:40:51 2160 fbconsole
10:42:49 2170 ctrun
it is! Man "gdm" reveled the another set of configurations
files involved - /usr/share/gdm/defaults.conf,
/etc/X11/gdm/custom.conf ? After reading through these file, learned
that you could change the run time options for Xserver using these
files. Noted that you could use "gdmsetup" to alter the
configuration instead of editing the files manually.
the setting under Security Tab
Before the Change:
After the Change:
adds the following entry to /etc/X11/gdm/custom.conf (Under security
Restart X Server.(Logout and Login will do) We are good to go! X Display Redirect works fine now!
Summary of changes that were needed:
1. "options/tcp_listen" Setting for "x11-server" set to true (See below for listing and setting the value)
List the Property Value:
Hasham@hasham-pc:~$ svccfg -s x11-server listprop options/tcp_listen
options/tcp_listen boolean true
Changethe Property Value:(You need to be "root" for to change the settings)
root@hasham-pc:~# svccfg -s x11-server setprop options/tcp_listen = true
2. Use "gdmsetup" and Uncheck "Deny TCP Connection to X Server" under Security Tab
3. Restart X Server (Logout and Login will do)