[oS-en] Can't trigger Firefox remotely
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, I used this tiny script, run in my desktop machine, to open firefox in my "mediaserver" and display a youtube there: cer@Telcontar:~> cat /home/cer/bin/IsengardFirefox #!/bin/bash ssh cer@isengard.valinor "DISPLAY=:0 firefox $1 $2 $3" cer@Telcontar:~> Both machines have been upgraded to 15.4 since then, and now the script fails: cer@Telcontar:~> IsengardFirefox https://www.youtube.com/watch?v=Y-4S7cdo3tY Invalid MIT-MAGIC-COOKIE-1 keyNo protocol specified Error: cannot open display: :0 cer@Telcontar:~> This is a solution we concocted on this thread: Archived-At: <https://lists.opensuse.org/archives/list/users@lists.opensuse.org/message/23XHIJHFN574HM6CEK3UGQP6SM3GCNEN/> Date: Sun, 18 Sep 2022 14:01:49 +0200 (CEST) From: "Carlos E. R." <robin.listas@telefonica.net> To: oS-en <users@lists.opensuse.org> Subject: [oS-en] How can I fire up firefox on another computer using ssh? Why doesn't it work now? Verbose try: cer@Telcontar:~> IsengardFirefox https://www.youtube.com/watch?v=Y-4S7cdo3tY OpenSSH_8.4p1, OpenSSL 1.1.1l 24 Aug 2021 SUSE release 150400.7.25.1 debug1: Reading configuration data /home/cer/.ssh/config debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 20: Applying options for * debug1: Connecting to isengard.valinor [192.168.1.16] port 22. debug1: Connection established. debug1: identity file /home/cer/.ssh/id_rsa type 0 debug1: identity file /home/cer/.ssh/id_rsa-cert type -1 debug1: identity file /home/cer/.ssh/id_dsa type 1 debug1: identity file /home/cer/.ssh/id_dsa-cert type -1 debug1: identity file /home/cer/.ssh/id_ecdsa type -1 debug1: identity file /home/cer/.ssh/id_ecdsa-cert type -1 debug1: identity file /home/cer/.ssh/id_ecdsa_sk type -1 debug1: identity file /home/cer/.ssh/id_ecdsa_sk-cert type -1 debug1: identity file /home/cer/.ssh/id_ed25519 type -1 debug1: identity file /home/cer/.ssh/id_ed25519-cert type -1 debug1: identity file /home/cer/.ssh/id_ed25519_sk type -1 debug1: identity file /home/cer/.ssh/id_ed25519_sk-cert type -1 debug1: identity file /home/cer/.ssh/id_xmss type -1 debug1: identity file /home/cer/.ssh/id_xmss-cert type -1 debug1: Local version string SSH-2.0-OpenSSH_8.4 debug1: Remote protocol version 2.0, remote software version OpenSSH_8.4 debug1: match: OpenSSH_8.4 pat OpenSSH* compat 0x04000000 debug1: Authenticating to isengard.valinor:22 as 'cer' debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: algorithm: curve25519-sha256 debug1: kex: host key algorithm: ecdsa-sha2-nistp256 debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none debug1: kex: curve25519-sha256 need=64 dh_need=64 debug1: kex: curve25519-sha256 need=64 dh_need=64 debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug1: Server host key: ecdsa-sha2-nistp256 SHA256:IL.... debug1: Host 'isengard.valinor' is known and matches the ECDSA host key. debug1: Found key in /home/cer/.ssh/known_hosts:65 debug1: rekey out after 134217728 blocks debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: rekey in after 134217728 blocks debug1: Skipping ssh-dss key /home/cer/.ssh/id_dsa - not in PubkeyAcceptedKeyTypes debug1: Skipping ssh-dss key carloser@cvs.sf.net - not in PubkeyAcceptedKeyTypes debug1: Skipping ssh-dss key carloser@shell.sf.net - not in PubkeyAcceptedKeyTypes debug1: Skipping ssh-dss key carloser@cf.sf.net - not in PubkeyAcceptedKeyTypes debug1: Will attempt key: /home/cer/.ssh/id_rsa RSA SHA256:domyQmwzSv4RGTBnyqQtTl5MSxLX9JYfyFL5sMqDEYE agent debug1: Will attempt key: cer@nimrodel RSA SHA256:lD... agent debug1: Will attempt key: /home/cer/.ssh/id_ecdsa debug1: Will attempt key: /home/cer/.ssh/id_ecdsa_sk debug1: Will attempt key: /home/cer/.ssh/id_ed25519 debug1: Will attempt key: /home/cer/.ssh/id_ed25519_sk debug1: Will attempt key: /home/cer/.ssh/id_xmss debug1: SSH2_MSG_EXT_INFO received debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,sk-ssh-ed25519@openssh.com,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256@openssh.com,webauthn-sk-ecdsa-sha2-nistp256@openssh.com> debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey debug1: Next authentication method: publickey debug1: Offering public key: /home/cer/.ssh/id_rsa RSA SHA256:domy... agent debug1: Server accepts key: /home/cer/.ssh/id_rsa RSA SHA256:domy... agent debug1: Authentication succeeded (publickey). Authenticated to isengard.valinor ([192.168.1.16]:22). debug1: channel 0: new [client-session] debug1: Requesting no-more-sessions@openssh.com debug1: Entering interactive session. debug1: pledge: network debug1: client_input_global_request: rtype hostkeys-00@openssh.com want_reply 0 debug1: Remote: /home/cer/.ssh/authorized_keys:8: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding debug1: Remote: /home/cer/.ssh/authorized_keys:8: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding debug1: Sending command: DISPLAY=:0 firefox https://www.youtube.com/watch?v=Y-4S7cdo3tY Invalid MIT-MAGIC-COOKIE-1 keyNo protocol specified Error: cannot open display: :0 debug1: client_input_channel_req: channel 0 rtype exit-status reply 0 debug1: client_input_channel_req: channel 0 rtype eow@openssh.com reply 0 debug1: channel 0: free: client-session, nchannels 1 Transferred: sent 2884, received 3088 bytes, in 0.6 seconds Bytes per second: sent 4834.0, received 5175.9 debug1: Exit status 1 cer@Telcontar:~> - -- Cheers Carlos E. R. (from 15.4 x86_64 at Telcontar) -----BEGIN PGP SIGNATURE----- iHoEARECADoWIQQZEb51mJKK1KpcU/W1MxgcbY1H1QUCZBBB1Bwccm9iaW4ubGlz dGFzQHRlbGVmb25pY2EubmV0AAoJELUzGBxtjUfVXzAAnRC+uQwNE4NhAqs47gfd USocx779AJ9GBbjI+NpGbW+dytHvX8jo7CSyLQ== =8iiA -----END PGP SIGNATURE-----
Carlos E. R. wrote:
cer@Telcontar:~> IsengardFirefox https://www.youtube.com/watch?v=Y-4S7cdo3tY Invalid MIT-MAGIC-COOKIE-1 keyNo protocol specified Error: cannot open display: :0 cer@Telcontar:~>
This is a solution we concocted on this thread:
What was the solution?
Why doesn't it work now?
Lack of authorisation to access the X server I suspect. I see the exact same between my laptop (office68, leap153) and my livingroom TV (zotac1, leap151) per@office68:~> ssh zotac1 firefox https://www.youtube.com/watch?v=XhM0DGEZeV0 Error: no DISPLAY environment variable specified per@office68:~> ssh zotac1 DISPLAY=:0 firefox https://www.youtube.com/watch?v=XhM0DGEZeV0 Invalid MIT-MAGIC-COOKIE-1 keyNo protocol specified Unable to init server: Could not connect: Connection refused Error: cannot open display: :0 -- Per Jessen, Zürich (13.2°C) Member, openSUSE Heroes (2016 - present) We're hiring - https://en.opensuse.org/openSUSE:Heroes
On 2023-03-14 11:40, Per Jessen wrote:
Carlos E. R. wrote:
cer@Telcontar:~> IsengardFirefox https://www.youtube.com/watch?v=Y-4S7cdo3tY Invalid MIT-MAGIC-COOKIE-1 keyNo protocol specified Error: cannot open display: :0 cer@Telcontar:~>
This is a solution we concocted on this thread:
What was the solution?
The script I posted and that now it doesn't work. It worked previously.
Why doesn't it work now?
Lack of authorisation to access the X server I suspect. I see the exact same between my laptop (office68, leap153) and my livingroom TV (zotac1, leap151)
But why? It worked before, I did no change except upgrade to 15.4
per@office68:~> ssh zotac1 firefox https://www.youtube.com/watch?v=XhM0DGEZeV0 Error: no DISPLAY environment variable specified per@office68:~> ssh zotac1 DISPLAY=:0 firefox https://www.youtube.com/watch?v=XhM0DGEZeV0 Invalid MIT-MAGIC-COOKIE-1 keyNo protocol specified Unable to init server: Could not connect: Connection refused Error: cannot open display: :0
-- Cheers / Saludos, Carlos E. R. (from 15.4 x86_64 at Telcontar)
Carlos E. R. wrote:
On 2023-03-14 11:40, Per Jessen wrote:
Carlos E. R. wrote:
cer@Telcontar:~> IsengardFirefox https://www.youtube.com/watch?v=Y-4S7cdo3tY Invalid MIT-MAGIC-COOKIE-1 keyNo protocol specified Error: cannot open display: :0 cer@Telcontar:~>
This is a solution we concocted on this thread:
What was the solution?
The script I posted and that now it doesn't work. It worked previously.
I still don't see the solution was? the script just runs firefox the "normal" way, on a remote system.
Lack of authorisation to access the X server I suspect. I see the exact same between my laptop (office68, leap153) and my livingroom TV (zotac1, leap151)
But why?
Dunno - how did you fix the authorisation issue previously? The problem is clearly the same on older systems, so it is more likely that whatever you used to do has somehow been dropped, with your upgrade to 15.4. -- Per Jessen, Zürich (10.4°C) Member, openSUSE Heroes (2016 - present) We're hiring - https://en.opensuse.org/openSUSE:Heroes
On 2023-03-14 15:16, Per Jessen wrote:
Carlos E. R. wrote:
On 2023-03-14 11:40, Per Jessen wrote:
Carlos E. R. wrote:
cer@Telcontar:~> IsengardFirefox https://www.youtube.com/watch?v=Y-4S7cdo3tY Invalid MIT-MAGIC-COOKIE-1 keyNo protocol specified Error: cannot open display: :0 cer@Telcontar:~>
This is a solution we concocted on this thread:
What was the solution?
The script I posted and that now it doesn't work. It worked previously.
I still don't see the solution was? the script just runs firefox the "normal" way, on a remote system.
THAT was the solution.
Lack of authorisation to access the X server I suspect. I see the exact same between my laptop (office68, leap153) and my livingroom TV (zotac1, leap151)
But why?
Dunno - how did you fix the authorisation issue previously? The problem is clearly the same on older systems, so it is more likely that whatever you used to do has somehow been dropped, with your upgrade to 15.4.
I insist, I just did: cer@Telcontar:~> ssh -X cer@isengard.valinor "DISPLAY=:0 \ firefox youtube_url" That's all, nothing else. -- Cheers / Saludos, Carlos E. R. (from 15.4 x86_64 at Telcontar)
Carlos E.R. wrote:
On 2023-03-14 15:16, Per Jessen wrote:
Lack of authorisation to access the X server I suspect. I see the exact same between my laptop (office68, leap153) and my livingroom TV (zotac1, leap151)
But why?
Dunno - how did you fix the authorisation issue previously? The problem is clearly the same on older systems, so it is more likely that whatever you used to do has somehow been dropped, with your upgrade to 15.4.
I insist, I just did:
cer@Telcontar:~> ssh -X cer@isengard.valinor "DISPLAY=:0 \ firefox youtube_url"
That is something else - with -X, you get X forwarded to your local display. It that what you meant? Well, I've tried it between a few different systems here, 15.1, 15.2 15.3 - I'm not having any success, so _something_ is missing. I've been looking at 'xauth', but also not having much success with that. -- Per Jessen, Zürich (12.2°C) Member, openSUSE Heroes (2016 - present) We're hiring - https://en.opensuse.org/openSUSE:Heroes
On 2023-03-14 16:14, Per Jessen wrote:
Carlos E.R. wrote:
On 2023-03-14 15:16, Per Jessen wrote:
Lack of authorisation to access the X server I suspect. I see the exact same between my laptop (office68, leap153) and my livingroom TV (zotac1, leap151)
But why?
Dunno - how did you fix the authorisation issue previously? The problem is clearly the same on older systems, so it is more likely that whatever you used to do has somehow been dropped, with your upgrade to 15.4.
I insist, I just did:
cer@Telcontar:~> ssh -X cer@isengard.valinor "DISPLAY=:0 \ firefox youtube_url"
That is something else - with -X, you get X forwarded to your local display. It that what you meant?
Sorry, no, no -X. The solution we found past September was without '-X'. I just pasted from a test today by mistake. That *was* the solution in September: cer@Telcontar:~> ssh cer@isengard.valinor "DISPLAY=:0 \ firefox youtube_url" Today, that solution doesn't work, that's the problem. And now, we found a new solution, see below.
Well, I've tried it between a few different systems here, 15.1, 15.2 15.3 - I'm not having any success, so _something_ is missing. I've been looking at 'xauth', but also not having much success with that.
See the new solution found with Pit Suetterlin. -- Cheers / Saludos, Carlos E. R. (from 15.4 x86_64 at Telcontar)
Carlos E. R. wrote:
That *was* the solution in September:
cer@Telcontar:~> ssh cer@isengard.valinor "DISPLAY=:0 \ firefox youtube_url"
I read that to mean: the solution is to add "DISPLAY:0" to the environment before attempting to start firefox. In my experience, however limited, setting DISPLAY has _always_ been required, manually or automagically. Without it, X does not know which display to use.
Today, that solution doesn't work, that's the problem. And now, we found a new solution, see below.
Neither is "a solution", they are both more or less work-arounds. The problem has not even been properly identified.
Well, I've tried it between a few different systems here, 15.1, 15.2 15.3 - I'm not having any success, so _something_ is missing. I've been looking at 'xauth', but also not having much success with that.
See the new solution found with Pit Suetterlin.
I guess you have ignored my comments on the matter. I think Pit may well have found a work-around, which is good. -- Per Jessen, Zürich (7.9°C) Member, openSUSE Heroes (2016 - present) We're hiring - https://en.opensuse.org/openSUSE:Heroes
On Tue, 14 Mar 2023 11:40:03 +0100, Per Jessen <per@jessen.ch> wrote:
Carlos E. R. wrote:
cer@Telcontar:~> IsengardFirefox https://www.youtube.com/watch?v=Y-4S7cdo3tY Invalid MIT-MAGIC-COOKIE-1 keyNo protocol specified Error: cannot open display: :0 cer@Telcontar:~>
This is a solution we concocted on this thread:
What was the solution?
Why doesn't it work now?
Lack of authorisation to access the X server I suspect. I see the exact same between my laptop (office68, leap153) and my livingroom TV (zotac1, leap151)
per@office68:~> ssh zotac1 firefox https://www.youtube.com/watch?v=XhM0DGEZeV0 Error: no DISPLAY environment variable specified per@office68:~> ssh zotac1 DISPLAY=:0 firefox https://www.youtube.com/watch?v=XhM0DGEZeV0 Invalid MIT-MAGIC-COOKIE-1 keyNo protocol specified Unable to init server: Could not connect: Connection refused Error: cannot open display: :0
First, I get a maybe equivalent error message trying this from a not up-to-date Tumbleweed system to a remote, almost up-to-date Tumbleweed system: linux@th-live:~> ssh robert@poppies 'DISPLAY=:0 firefox https://www.youtube.com/watch?v=Y-4S7cdo3tY' Authorization required, but no authorization protocol specified Authorization required, but no authorization protocol specified Error: cannot open display: :0 But calling ssh with the -X option, and no DISPLAY setting, works to open the page in an already running firefox on the *remote* system: linux@th-live:~> ssh -X robert@poppies 'firefox https://www.youtube.com/watch?v=Y-4S7cdo3tY' Normally, that usage would display the GUI app on the local system. Ah, maybe it is because firefox tries to find an already running instance, and it finds the one displaying on the remote system. For me also, it doesn't work without the -X : Error: no DISPLAY environment variable specified -- Robert Webb
On 2023-03-14 13:08, Robert Webb wrote:
On Tue, 14 Mar 2023 11:40:03 +0100, Per Jessen <per@jessen.ch> wrote:
Carlos E. R. wrote:
...
First, I get a maybe equivalent error message trying this from a not up-to-date Tumbleweed system to a remote, almost up-to-date Tumbleweed system:
linux@th-live:~> ssh robert@poppies 'DISPLAY=:0 firefox https://www.youtube.com/watch?v=Y-4S7cdo3tY' Authorization required, but no authorization protocol specified
Authorization required, but no authorization protocol specified
Error: cannot open display: :0
But calling ssh with the -X option, and no DISPLAY setting, works to open the page in an already running firefox on the *remote* system:
linux@th-live:~> ssh -X robert@poppies 'firefox https://www.youtube.com/watch?v=Y-4S7cdo3tY'
Didn't work six months ago, doesn't work now: cer@Telcontar:~> ssh -X cer@isengard.valinor "DISPLAY=:0 firefox https://www.youtube.com/watch?v=Y-4S7cdo3tY" Invalid MIT-MAGIC-COOKIE-1 keyInvalid MIT-MAGIC-COOKIE-1 keyError: cannot open display: :0 cer@Telcontar:~> The "Invalid MIT-MAGIC-COOKIE-1 keyInvalid MIT-MAGIC-COOKIE-1" error is new since the upgrade, too. On all ssh sessions anywhere.
Normally, that usage would display the GUI app on the local system. Ah, maybe it is because firefox tries to find an already running instance, and it finds the one displaying on the remote system.
Yes, FF is already running in that computer, and in focus.
For me also, it doesn't work without the -X : Error: no DISPLAY environment variable specified
-- Cheers / Saludos, Carlos E. R. (from 15.4 x86_64 at Telcontar)
Per Jessen wrote:
Carlos E. R. wrote:
cer@Telcontar:~> IsengardFirefox https://www.youtube.com/watch?v=Y-4S7cdo3tY Invalid MIT-MAGIC-COOKIE-1 keyNo protocol specified Error: cannot open display: :0 cer@Telcontar:~>
This is a solution we concocted on this thread:
Why doesn't it work now?
Lack of authorisation to access the X server I suspect. I see the exact same between my laptop (office68, leap153) and my livingroom TV (zotac1, leap151)
per@office68:~> ssh zotac1 firefox https://www.youtube.com/watch?v=XhM0DGEZeV0 Error: no DISPLAY environment variable specified per@office68:~> ssh zotac1 DISPLAY=:0 firefox https://www.youtube.com/watch?v=XhM0DGEZeV0 Invalid MIT-MAGIC-COOKIE-1 keyNo protocol specified Unable to init server: Could not connect: Connection refused Error: cannot open display: :0
Hmm, might that be the same issue that x11vnc_ssh has, that the xauth file isn't available/linked? I'm circumventing that with a wrapper, #!/bin/bash XA=$(ssh $1 "ls -t /run/user/1000/xauth_*|head -1") exec x11vnc_ssh $1 "-auth $XA" Maybe something similar works there? (1000 is the UID on the remote machine)
On 2023-03-14 13:23, Pit Suetterlin wrote:
Per Jessen wrote:
Carlos E. R. wrote:
...
Unable to init server: Could not connect: Connection refused Error: cannot open display: :0
Hmm, might that be the same issue that x11vnc_ssh has, that the xauth file isn't available/linked? I'm circumventing that with a wrapper,
#!/bin/bash XA=$(ssh $1 "ls -t /run/user/1000/xauth_*|head -1") exec x11vnc_ssh $1 "-auth $XA"
Maybe something similar works there? (1000 is the UID on the remote machine)
ssh doesn't seem to have an "-auth" option. :-? -- Cheers / Saludos, Carlos E. R. (from 15.4 x86_64 at Telcontar)
Carlos E. R. wrote:
On 2023-03-14 13:23, Pit Suetterlin wrote:
Per Jessen wrote:
Carlos E. R. wrote:
...
Unable to init server: Could not connect: Connection refused Error: cannot open display: :0
Hmm, might that be the same issue that x11vnc_ssh has, that the xauth file isn't available/linked? I'm circumventing that with a wrapper,
#!/bin/bash XA=$(ssh $1 "ls -t /run/user/1000/xauth_*|head -1") exec x11vnc_ssh $1 "-auth $XA"
Maybe something similar works there? (1000 is the UID on the remote machine)
ssh doesn't seem to have an "-auth" option.
:-?
Set it as environment variable? DISPLAY=:0 XAUTHORITY=$XA firefox ....
On 2023-03-14 14:19, Pit Suetterlin wrote:
Carlos E. R. wrote:
On 2023-03-14 13:23, Pit Suetterlin wrote:
Per Jessen wrote:
Carlos E. R. wrote:
...
Unable to init server: Could not connect: Connection refused Error: cannot open display: :0
Hmm, might that be the same issue that x11vnc_ssh has, that the xauth file isn't available/linked? I'm circumventing that with a wrapper,
#!/bin/bash XA=$(ssh $1 "ls -t /run/user/1000/xauth_*|head -1") exec x11vnc_ssh $1 "-auth $XA"
Maybe something similar works there? (1000 is the UID on the remote machine)
ssh doesn't seem to have an "-auth" option.
:-?
Set it as environment variable? DISPLAY=:0 XAUTHORITY=$XA firefox ....
YES! Thank you. cer@Telcontar:~> cat /home/cer/bin/IsengardFirefox #!/bin/bash XA=$(ssh cer@isengard.valinor "ls -t /run/user/1000/xauth_*|head -1") exec ssh cer@isengard.valinor "DISPLAY=:0 XAUTHORITY=$XA firefox \ $1 $2 $3" #ssh -X cer@isengard.valinor "DISPLAY=:0 firefox $1 $2 $3" cer@Telcontar:~> cer@Telcontar:~> IsengardFirefox \ https://www.youtube.com/watch?v=Y-4S7cdo3tY cer@Telcontar:~> Works perfectly :-) -- Cheers / Saludos, Carlos E. R. (from 15.4 x86_64 at Telcontar)
Pit Suetterlin wrote:
Per Jessen wrote:
Carlos E. R. wrote:
cer@Telcontar:~> IsengardFirefox https://www.youtube.com/watch?v=Y-4S7cdo3tY Invalid MIT-MAGIC-COOKIE-1 keyNo protocol specified Error: cannot open display: :0 cer@Telcontar:~>
This is a solution we concocted on this thread:
Why doesn't it work now?
Lack of authorisation to access the X server I suspect. I see the exact same between my laptop (office68, leap153) and my livingroom TV (zotac1, leap151)
per@office68:~> ssh zotac1 firefox https://www.youtube.com/watch?v=XhM0DGEZeV0 Error: no DISPLAY environment variable specified per@office68:~> ssh zotac1 DISPLAY=:0 firefox https://www.youtube.com/watch?v=XhM0DGEZeV0 Invalid MIT-MAGIC-COOKIE-1 keyNo protocol specified Unable to init server: Could not connect: Connection refused Error: cannot open display: :0
Hmm, might that be the same issue that x11vnc_ssh has, that the xauth file isn't available/linked? I'm circumventing that with a wrapper,
#!/bin/bash XA=$(ssh $1 "ls -t /run/user/1000/xauth_*|head -1") exec x11vnc_ssh $1 "-auth $XA"
I don't have anything like /run/user/$UID/xauth*, on any machine, 15.1, 15.2, 15.3, TW. What do you mean by "the xauth file isn't available/linked" ? 'xauth' says it is ~/.Xauthority and I see that everywhere. Anyway, I'm only being curious. -- Per Jessen, Zürich (13.1°C) Member, openSUSE Heroes (2016 - present) We're hiring - https://en.opensuse.org/openSUSE:Heroes
Per Jessen wrote:
I don't have anything like /run/user/$UID/xauth*, on any machine, 15.1, 15.2, 15.3, TW.
What do you mean by "the xauth file isn't available/linked" ? 'xauth' says it is ~/.Xauthority and I see that everywhere.
Interesting. What's your displaymanager? My TW machine here has woodstock:~% echo $XAUTHORITY /run/user/1000/xauth_<beep> I don't remember the details, it's some 1 1/2 years back that this changed for TW. Since then, x11vnc_ssh was no longer able to automatically retrieve the proper XAUTHORITY. Might well be (only) sddm (which I use), at least the changelog contains * Sat Jul 17 2021 Fabian Vogt <fabian@ritter-vogt.de> - Update patch to include security fix from upstream PR: * 0001-Redesign-Xauth-handling.patch
Anyway, I'm only being curious.
That's a very valuable character trait :D
Pit Suetterlin wrote:
Per Jessen wrote:
I don't have anything like /run/user/$UID/xauth*, on any machine, 15.1, 15.2, 15.3, TW.
What do you mean by "the xauth file isn't available/linked" ? 'xauth' says it is ~/.Xauthority and I see that everywhere.
Interesting. What's your displaymanager?
I'm using KDE, so presumbly sddm.
My TW machine here has
woodstock:~% echo $XAUTHORITY /run/user/1000/xauth_<beep>
logged in over ssh - nothing, empty. Physically logged in, yes, then I I have $XAUTHORITY = /run/user/1000/xauth_* It is quite possible I wasn't logged in on that TW machine when I looked for /run/user/1000/xauth_* before. On e.g. Leap15.2, $XAUTHORITY = ~/.Xauthority - but only when physically logged in.
Anyway, I'm only being curious.
That's a very valuable character trait :D
LOL! The use case seems to be straight forward, even if maybe not so often seen. Carlos' example is a good one: "casting" a youtube video to another screen. -- Per Jessen, Zürich (12.3°C) Member, openSUSE Heroes (2016 - present) We're hiring - https://en.opensuse.org/openSUSE:Heroes
From: Pit Suetterlin <pit@astro.su.se> Date: Tue, 14 Mar 2023 16:50:55 +0100 Per Jessen wrote:
I don't have anything like /run/user/$UID/xauth*, on any machine, 15.1, 15.2, 15.3, TW.
What do you mean by "the xauth file isn't available/linked" ? 'xauth' says it is ~/.Xauthority and I see that everywhere.
Interesting. What's your displaymanager? My TW machine here has woodstock:~% echo $XAUTHORITY /run/user/1000/xauth_<beep> . . . This thread caused me to look in my .bashrc, where I found the following snippet: # this allows root to open windows when "su". -- rgr, 24-May-03. export XAUTHORITY=$HOME/.Xauthority In fact, with this XAUTHORITY and the current X11 environment, root can only open emacs when "su" -- to run (e.g.) yast2, I have to ssh to my home server from within emacs and then SSH back again. (I have not figured out why emacs is so favored.) So I commented the "export" line out, and the next time I restarted the session, I could "su" in Konsole and run yast2 directly -- with an XAUTHORITY of /run/user/1000/xauth_*, as expected. Some days it really pays to lurk . . . -- Bob Rogers http://www.rgrjr.com/
On 2023-03-23 01:27, Bob Rogers wrote:
From: Pit Suetterlin <> Date: Tue, 14 Mar 2023 16:50:55 +0100
Per Jessen wrote: > > I don't have anything like /run/user/$UID/xauth*, on any machine, 15.1, > 15.2, 15.3, TW. > > What do you mean by "the xauth file isn't available/linked" ? 'xauth' > says it is ~/.Xauthority and I see that everywhere.
Interesting. What's your displaymanager? My TW machine here has
woodstock:~% echo $XAUTHORITY /run/user/1000/xauth_<beep>
. . .
This thread caused me to look in my .bashrc, where I found the following snippet:
# this allows root to open windows when "su". -- rgr, 24-May-03. export XAUTHORITY=$HOME/.Xauthority
In fact, with this XAUTHORITY and the current X11 environment, root can only open emacs when "su" -- to run (e.g.) yast2, I have to ssh to my home server from within emacs and then SSH back again. (I have not figured out why emacs is so favored.) So I commented the "export" line out, and the next time I restarted the session, I could "su" in Konsole and run yast2 directly -- with an XAUTHORITY of /run/user/1000/xauth_*, as expected.
Some days it really pays to lurk . . .
Have you tried "su -" instead of "su"? -- Cheers / Saludos, Carlos E. R. (from 15.4 x86_64 at Telcontar)
From: "Carlos E. R." <robin.listas@telefonica.net> Date: Thu, 23 Mar 2023 02:27:10 +0100 . . . Have you tried "su -" instead of "su"? -- Cheers / Saludos, Carlos E. R. (from 15.4 x86_64 at Telcontar) No; I wasn't aware of this option. But I'm not sure what this does for me in terms of XAUTHORITY. It does give me less noise from QStandardPaths when I start yast2. Here's plain "su": root@orion> yast2 & [1] 5857 root@orion> QStandardPaths: runtime directory '/run/user/500' is not owned by UID 0, but a directory permissions 0700 owned by UID 500 GID 500 QStandardPaths: runtime directory '/run/user/500' is not owned by UID 0, but a directory permissions 0700 owned by UID 500 GID 500 QStandardPaths: runtime directory '/run/user/500' is not owned by UID 0, but a directory permissions 0700 owned by UID 500 GID 500 root@orion> [1]+ Done yast2 root@orion> And here's "su -": root@orion> yast2 & [1] 1715 root@orion> QStandardPaths: XDG_RUNTIME_DIR not set, defaulting to '/tmp/runtime-root' root@orion> [1]+ Done yast2 root@orion> So program configuration software certainly seems to consider this an improvement. Can't say I'm tempted to try with the old XAUTHORITY though . . . -- Bob
On 2023-03-23 04:43, Bob Rogers wrote:
From: "Carlos E. R." <> Date: Thu, 23 Mar 2023 02:27:10 +0100
. . .
Have you tried "su -" instead of "su"?
No; I wasn't aware of this option. But I'm not sure what this does for me in terms of XAUTHORITY. It does give me less noise from QStandardPaths when I start yast2. Here's plain "su":
Noise in itself is not important :-)
root@orion> yast2 & [1] 5857 root@orion> QStandardPaths: runtime directory '/run/user/500' is not owned by UID 0, but a directory permissions 0700 owned by UID 500 GID 500 QStandardPaths: runtime directory '/run/user/500' is not owned by UID 0, but a directory permissions 0700 owned by UID 500 GID 500 QStandardPaths: runtime directory '/run/user/500' is not owned by UID 0, but a directory permissions 0700 owned by UID 500 GID 500 root@orion> [1]+ Done yast2 root@orion>
And here's "su -":
root@orion> yast2 & [1] 1715 root@orion> QStandardPaths: XDG_RUNTIME_DIR not set, defaulting to '/tmp/runtime-root'
root@orion> [1]+ Done yast2 root@orion>
So program configuration software certainly seems to consider this an improvement.
I know :-) The common language difference is that with "su -" you get the environment of the target user. And the home. cer@Telcontar:~> pwd /home/cer cer@Telcontar:~> su - Password: Telcontar:~ # pwd /root Telcontar:~ #
Can't say I'm tempted to try with the old XAUTHORITY though . . .
-- Bob
-- Cheers / Saludos, Carlos E. R. (from 15.4 x86_64 at Telcontar)
On 2023-03-14 16:29, Per Jessen wrote:
Pit Suetterlin wrote:
Per Jessen wrote:
Carlos E. R. wrote:
...
Hmm, might that be the same issue that x11vnc_ssh has, that the xauth file isn't available/linked? I'm circumventing that with a wrapper,
#!/bin/bash XA=$(ssh $1 "ls -t /run/user/1000/xauth_*|head -1") exec x11vnc_ssh $1 "-auth $XA"
I don't have anything like /run/user/$UID/xauth*, on any machine, 15.1, 15.2, 15.3, TW.
Telcontar:~ # ls -l /run/user/1000/xauth* -rw------- 1 cer users 99 Mar 4 10:07 /run/user/1000/xauth_AivTbf Telcontar:~ # On the "client" machine where I am seated and logged in. -- Cheers / Saludos, Carlos E. R. (from 15.4 x86_64 at Telcontar)
W dniu 14.03.2023 o 10:43, Carlos E. R. pisze:
Hi,
I used this tiny script, run in my desktop machine, to open firefox in my "mediaserver" and display a youtube there:
cer@Telcontar:~> cat /home/cer/bin/IsengardFirefox #!/bin/bash ssh cer@isengard.valinor "DISPLAY=:0 firefox $1 $2 $3" cer@Telcontar:~>
Both machines have been upgraded to 15.4 since then, and now the script fails:
cer@Telcontar:~> IsengardFirefox https://www.youtube.com/watch?v=Y-4S7cdo3tY Invalid MIT-MAGIC-COOKIE-1 keyNo protocol specified Error: cannot open display: :0 cer@Telcontar:~>
This is a solution we concocted on this thread:
Archived-At: <https://lists.opensuse.org/archives/list/users@lists.opensuse.org/message/23XHIJHFN574HM6CEK3UGQP6SM3GCNEN/>
I use this (on remote machine): export DISPLAY=:0 if [[ -z "$XAUTHORITY" ]]; then export $(systemctl --user show-environment | grep -E "^XAUTHORITY=") fi run_here_whateve_you_need
participants (7)
-
Adam Mizerski -
Bob Rogers -
Carlos E. R. -
Carlos E.R. -
Per Jessen -
Pit Suetterlin -
Robert Webb