On 04/14/2019 08:36 PM, Marc Chamberlin wrote:
I have been digging into this further, making progress, but also getting into some Linux/OpenSuSE weeds... ;-)
I have figured out that if I ssh into the systems which were updated, and on which the x11vnc service stopped working, that if I manually and explicitly set the environment variable for XAUTHORITY i.e.
export XAUTHORITY=/home/$USER/.Xauthority
and then start the x11vnc service -
systemctl restart x11vnc.service
I once again have a happy x11vnc service and can VNC into the system OK. This raises a few questions -
1. Why has the parameter for x11vnc -auth /home/marc/.Xauthority stopped working? According to the man page for x11vnc, this should be equivalent to setting the environment variable XAUTHORITY before running x11vnc.
2. Why isn't this environment variable being set by OpenSuSE any more? It is not in Leap 15.0 apparently after the last set of updates that I had installed, but confusingly it was still being defined in Leap 42.3 but not working anymore.
3. If I have to set it myself, where is the best place to do so? /etc/profiles? /etc/bash.bashrc? /home/marc/.bashrc? Is there someplace I should set this so that both systemd will pick it up when it starts the x11vnc service while not getting clobbered by future updates? (now I am getting into those OpenSuSE/Linux weeds I mentioned and I don't grok the intent of Linux or the platform developers...)
I think I am reaching my limits on debugging this on my own, so hopefully some kind guru will come along soon and guide me back into the light...
Marc...
Marc, These are important questions and I hope somebody has the answer -- unfortunately not me (though I have used your setup in the past across the LAN). If I had to guess the changes were likely caused by one of the following recent updates on 42.3 (my 15.0 installs are virtualized) <recent updates I have that may be related (only example packages shown)> Sun 31 Mar 2019 02:18:26 AM CDT kernel-default 4.4.176-96.1 Thu 11 Apr 2019 06:50:00 PM CDT libKF5Auth5 5.32.0-5.2 My bet is on the last. I don't see any direct x11 package updates, but I wouldn't be surprised if the defaults to deny remote X access were changed. There were a couple of CVEs with rdesktop and some of the other remote viewers for Linux found in the past couple of week -- that had been present in the packages for years (I recall an article on The Register newsletter) The CVE writeup and bug-reports seem to make the libKF5Auth5 package a prime suspect: https://www.suse.com/security/cve/CVE-2019-7443.html https://bugzilla.suse.com/1124863 -- David C. Rankin, J.D.,P.E. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org