X client transmis via SSH "ne peut pas ouvrir l'affichage: localhost: 11.0"

J'ai activé le transfert X sur la machine distante sur laquelle le server SSH est en cours d'exécution:

# grep -i forward /etc/ssh/sshd_config X11Forwarding yes # 

Sur la machine locale, j'ai démarré le client SSH avec l' -X qui indique au server SSH, fonctionnant sur une machine distante, de configurer un server proxy X. Il crée en outre la variable $DISPLAY qui pointe vers ce proxy et appelle le xauth pour installer une key proxy qui s'authentifie auprès de ce server proxy X sur une machine distante:

 # echo "$DISPLAY" localhost:11.0 # xauth list | grep 11 A58/unix:11 MIT-MAGIC-COOKIE-1 39324086672d1ae35e373476c3891a77 # 

Cependant, les clients X sur la machine distante ne démarrent pas correctement:

 # wireshark (wireshark:10083): Gtk-WARNING **: cannot open display: localhost:11.0 # xterm Warning: This program is an suid-root program or is being run by the root user. The full text of the error or warning message cannot be safely formatted in this environment. You may get a more descriptive message by running the program as a non-root user or by removing the suid bit on the executable. xterm: Xt error: Can't open display: %s # 

X forwarding n'utilise pas xhost donc au less cela peut être exclu. J'ai essayé de find des inputs de journal utiles à la fois sur la machine où le server SSH est en cours d'exécution et sur la machine où le client SSH s'exécute avec la command find /var/log/ -mmin -5 -type f , mais cela n'a donné aucun indice. La version du server SSH est OpenSSH_5.9p1 et la version du client SSH est OpenSSH_5.2p1. La sortie du directory /tmp/.X11-unix/ sur la machine distante peut être vue ci-dessous:

 # ls -la /tmp/.X11-unix/ total 0 drwxrwxrwt 2 root root 40 Dec 9 15:44 . drwxrwxrwt 4 root root 80 Jan 13 09:17 .. # 

Comme vu ci-dessus, il n'y a pas de sockets de domaine Unix. La sortie de strace xterm est la suivante:

 # strace xterm execve("/usr/bin/xterm", ["xterm"], [/* 16 vars */]) = 0 brk(0) = 0x9e50000 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) mmap2(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb77bd000 access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) open("/etc/ld.so.cache", O_RDONLY) = 3 fstat64(3, {st_mode=S_IFREG|0644, st_size=42995, ...}) = 0 mmap2(NULL, 42995, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb77b2000 close(3) = 0 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) open("/usr/lib/i386-linux-gnu/libXft.so.2", O_RDONLY) = 3 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\3604\0\0004\0\0\0"..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0644, st_size=82952, ...}) = 0 mmap2(NULL, 85732, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb779d000 mmap2(0xb77b1000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x13) = 0xb77b1000 close(3) = 0 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) open("/usr/lib/i386-linux-gnu/libXaw.so.7", O_RDONLY) = 3 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\300\327\0\0004\0\0\0"..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0644, st_size=428900, ...}) = 0 mmap2(NULL, 432592, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7733000 mmap2(0xb7796000, 28672, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x62) = 0xb7796000 close(3) = 0 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) open("/usr/lib/libutempter.so.0", O_RDONLY) = 3 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\360\6\0\0004\0\0\0"..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0644, st_size=4572, ...}) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7732000 mmap2(NULL, 7432, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7730000 mmap2(0xb7731000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0) = 0xb7731000 close(3) = 0 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) open("/lib/i386-linux-gnu/libtinfo.so.5", O_RDONLY) = 3 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0Pd\0\0004\0\0\0"..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0644, st_size=125416, ...}) = 0 mmap2(NULL, 129100, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7710000 mmap2(0xb772d000, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1c) = 0xb772d000 close(3) = 0 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) open("/lib/i386-linux-gnu/i686/cmov/libc.so.6", O_RDONLY) = 3 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\240o\1\0004\0\0\0"..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0755, st_size=1413288, ...}) = 0 mmap2(NULL, 1427832, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb75b3000 mprotect(0xb7709000, 4096, PROT_NONE) = 0 mmap2(0xb770a000, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x156) = 0xb770a000 mmap2(0xb770d000, 10616, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xb770d000 close(3) = 0 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) open("/usr/lib/i386-linux-gnu/libfontconfig.so.1", O_RDONLY) = 3 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\300J\0\0004\0\0\0"..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0644, st_size=215828, ...}) = 0 mmap2(NULL, 219492, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb757d000 mmap2(0xb75b1000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x33) = 0xb75b1000 close(3) = 0 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) open("/usr/lib/i386-linux-gnu/libX11.so.6", O_RDONLY) = 3 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\240g\1\0004\0\0\0"..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0644, st_size=1273544, ...}) = 0 mmap2(NULL, 1277496, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7445000 mmap2(0xb7579000, 16384, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x133) = 0xb7579000 close(3) = 0 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) open("/usr/lib/i386-linux-gnu/libXmu.so.6", O_RDONLY) = 3 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\200N\0\0004\0\0\0"..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0644, st_size=102028, ...}) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7444000 mmap2(NULL, 101644, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb742b000 mmap2(0xb7443000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x18) = 0xb7443000 close(3) = 0 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) open("/usr/lib/i386-linux-gnu/libXt.so.6", O_RDONLY) = 3 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0000\315\0\0004\0\0\0"..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0644, st_size=380284, ...}) = 0 mmap2(NULL, 380628, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb73ce000 mmap2(0xb7427000, 16384, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x59) = 0xb7427000 close(3) = 0 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) open("/usr/lib/i386-linux-gnu/libICE.so.6", O_RDONLY) = 3 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\300:\0\0004\0\0\0"..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0644, st_size=92148, ...}) = 0 mmap2(NULL, 102224, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb73b5000 mmap2(0xb73cb000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x15) = 0xb73cb000 mmap2(0xb73cd000, 3920, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xb73cd000 close(3) = 0 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) open("/usr/lib/i386-linux-gnu/libfreetype.so.6", O_RDONLY) = 3 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\320\202\0\0004\0\0\0"..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0644, st_size=632928, ...}) = 0 mmap2(NULL, 635732, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7319000 mmap2(0xb73b0000, 20480, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x96) = 0xb73b0000 close(3) = 0 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) open("/usr/lib/i386-linux-gnu/libXrender.so.1", O_RDONLY) = 3 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0p\25\0\0004\0\0\0"..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0644, st_size=35744, ...}) = 0 mmap2(NULL, 38540, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb730f000 mmap2(0xb7318000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x8) = 0xb7318000 close(3) = 0 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) open("/usr/lib/i386-linux-gnu/libXext.so.6", O_RDONLY) = 3 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0`,\0\0004\0\0\0"..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0644, st_size=70320, ...}) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb730e000 mmap2(NULL, 73416, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb72fc000 mmap2(0xb730d000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x10) = 0xb730d000 close(3) = 0 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) open("/usr/lib/i386-linux-gnu/libXpm.so.4", O_RDONLY) = 3 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0P%\0\0004\0\0\0"..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0644, st_size=67776, ...}) = 0 mmap2(NULL, 66460, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb72eb000 mmap2(0xb72fb000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x10) = 0xb72fb000 close(3) = 0 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) open("/usr/lib/i386-linux-gnu/libz.so.1", O_RDONLY) = 3 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\300\32\0\0004\0\0\0"..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0644, st_size=90192, ...}) = 0 mmap2(NULL, 92868, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb72d4000 mmap2(0xb72ea000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x15) = 0xb72ea000 close(3) = 0 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) open("/lib/i386-linux-gnu/libexpat.so.1", O_RDONLY) = 3 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0@#\0\0004\0\0\0"..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0644, st_size=165192, ...}) = 0 mmap2(NULL, 167996, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb72aa000 mprotect(0xb72d0000, 4096, PROT_NONE) = 0 mmap2(0xb72d1000, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x26) = 0xb72d1000 close(3) = 0 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) open("/usr/lib/i386-linux-gnu/libxcb.so.1", O_RDONLY) = 3 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0P\221\0\0004\0\0\0"..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0644, st_size=136968, ...}) = 0 mmap2(NULL, 139728, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7287000 mmap2(0xb72a8000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x20) = 0xb72a8000 close(3) = 0 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) open("/lib/i386-linux-gnu/i686/cmov/libdl.so.2", O_RDONLY) = 3 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0`\n\0\0004\0\0\0"..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0644, st_size=9844, ...}) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7286000 mmap2(NULL, 12408, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7282000 mmap2(0xb7284000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1) = 0xb7284000 close(3) = 0 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) open("/usr/lib/i386-linux-gnu/libSM.so.6", O_RDONLY) = 3 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0 \26\0\0004\0\0\0"..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0644, st_size=28320, ...}) = 0 mmap2(NULL, 31120, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb727a000 mmap2(0xb7281000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x6) = 0xb7281000 close(3) = 0 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) open("/usr/lib/i386-linux-gnu/libXau.so.6", O_RDONLY) = 3 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0`\n\0\0004\0\0\0"..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0644, st_size=8592, ...}) = 0 mmap2(NULL, 11384, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7277000 mmap2(0xb7279000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1) = 0xb7279000 close(3) = 0 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) open("/usr/lib/i386-linux-gnu/libXdmcp.so.6", O_RDONLY) = 3 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0P\17\0\0004\0\0\0"..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0644, st_size=19364, ...}) = 0 mmap2(NULL, 22144, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7271000 mmap2(0xb7276000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x4) = 0xb7276000 close(3) = 0 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) open("/lib/i386-linux-gnu/libuuid.so.1", O_RDONLY) = 3 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0@\22\0\0004\0\0\0"..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0644, st_size=17992, ...}) = 0 mmap2(NULL, 20716, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb726b000 mmap2(0xb726f000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3) = 0xb726f000 close(3) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb726a000 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7269000 set_thread_area({entry_number:-1 -> 6, base_addr:0xb7269700, limit:1048575, seg_32bit:1, contents:0, read_exec_only:0, limit_in_pages:1, seg_not_present:0, useable:1}) = 0 mprotect(0xb726f000, 4096, PROT_READ) = 0 mprotect(0xb7284000, 4096, PROT_READ) = 0 mprotect(0xb72a8000, 4096, PROT_READ) = 0 mprotect(0xb72d1000, 8192, PROT_READ) = 0 mprotect(0xb73b0000, 16384, PROT_READ) = 0 mprotect(0xb7427000, 4096, PROT_READ) = 0 mprotect(0xb75b1000, 4096, PROT_READ) = 0 mprotect(0xb770a000, 8192, PROT_READ) = 0 mprotect(0xb772d000, 8192, PROT_READ) = 0 mprotect(0x80a9000, 4096, PROT_READ) = 0 mprotect(0xb77db000, 4096, PROT_READ) = 0 munmap(0xb77b2000, 42995) = 0 geteuid32() = 0 getegid32() = 0 getuid32() = 0 getgid32() = 0 setuid32(0) = 0 brk(0) = 0x9e50000 brk(0x9e71000) = 0x9e71000 ioctl(0, SNDCTL_TMR_TIMEBASE or TCGETS, {B38400 opost isig icanon echo ...}) = 0 open("/proc/meminfo", O_RDONLY) = 3 fstat64(3, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb77bc000 read(3, "MemTotal: 2039468 kB\nMemF"..., 1024) = 1024 close(3) = 0 munmap(0xb77bc000, 4096) = 0 socket(PF_NETLINK, SOCK_RAW, 0) = 3 bind(3, {sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 0 getsockname(3, {sa_family=AF_NETLINK, pid=16008, groups=00000000}, [12]) = 0 time(NULL) = 1389599545 sendto(3, "\24\0\0\0\26\0\1\0039\233\323R\0\0\0\0\0\0\0\0", 20, 0, {sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 20 recvmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{"0\0\0\0\24\0\2\0009\233\323R\210>\0\0\2\10\200\376\1\0\0\0\10\0\1\0\177\0\0\1"..., 4096}], msg_controllen=0, msg_flags=0}, 0) = 164 recvmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{"@\0\0\0\24\0\2\0009\233\323R\210>\0\0\n\200\200\376\1\0\0\0\24\0\1\0\0\0\0\0"..., 4096}], msg_controllen=0, msg_flags=0}, 0) = 320 recvmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{"\24\0\0\0\3\0\2\0009\233\323R\210>\0\0\0\0\0\0\1\0\0\0\24\0\1\0\0\0\0\0"..., 4096}], msg_controllen=0, msg_flags=0}, 0) = 20 close(3) = 0 socket(PF_FILE, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 3 connect(3, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory) close(3) = 0 socket(PF_FILE, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 3 connect(3, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory) close(3) = 0 open("/etc/nsswitch.conf", O_RDONLY) = 3 fstat64(3, {st_mode=S_IFREG|0644, st_size=475, ...}) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb77bc000 read(3, "# /etc/nsswitch.conf\n#\n# Example"..., 4096) = 475 read(3, "", 4096) = 0 close(3) = 0 munmap(0xb77bc000, 4096) = 0 open("/etc/host.conf", O_RDONLY) = 3 fstat64(3, {st_mode=S_IFREG|0644, st_size=9, ...}) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb77bc000 read(3, "multi on\n", 4096) = 9 read(3, "", 4096) = 0 close(3) = 0 munmap(0xb77bc000, 4096) = 0 getpid() = 16008 open("/etc/resolv.conf", O_RDONLY) = 3 fstat64(3, {st_mode=S_IFREG|0644, st_size=108, ...}) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb77bc000 read(3, "domain data.ee\nsearch data.ee li"..., 4096) = 108 read(3, "", 4096) = 0 close(3) = 0 munmap(0xb77bc000, 4096) = 0 open("/etc/ld.so.cache", O_RDONLY) = 3 fstat64(3, {st_mode=S_IFREG|0644, st_size=42995, ...}) = 0 mmap2(NULL, 42995, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb77b2000 close(3) = 0 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) open("/lib/i386-linux-gnu/i686/cmov/libnss_files.so.2", O_RDONLY) = 3 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0P\32\0\0004\0\0\0"..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0644, st_size=42628, ...}) = 0 mmap2(NULL, 45768, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb725d000 mmap2(0xb7267000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x9) = 0xb7267000 close(3) = 0 mprotect(0xb7267000, 4096, PROT_READ) = 0 munmap(0xb77b2000, 42995) = 0 open("/etc/hosts", O_RDONLY|O_CLOEXEC) = 3 fstat64(3, {st_mode=S_IFREG|0644, st_size=256, ...}) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb77bc000 read(3, "127.0.0.1\tlocalhost\n127.0.1.1\tTh"..., 4096) = 256 read(3, "", 4096) = 0 close(3) = 0 munmap(0xb77bc000, 4096) = 0 socket(PF_INET, SOCK_STREAM|SOCK_CLOEXEC, IPPROTO_TCP) = 3 setsockopt(3, SOL_TCP, TCP_NODELAY, [1], 4) = 0 setsockopt(3, SOL_SOCKET, SO_KEEPALIVE, [1], 4) = 0 connect(3, {sa_family=AF_INET, sin_port=htons(6011), sin_addr=inet_addr("127.0.0.1")}, 16) = -1 ETIMEDOUT (Connection timed out) close(3) = 0 open("/usr/lib/i386-linux-gnu/X11/XtErrorDB", O_RDONLY) = -1 ENOENT (No such file or directory) getuid32() = 0 geteuid32() = 0 getuid32() = 0 write(2, "Warning: This program is an suid"..., 302Warning: This program is an suid-root program or is being run by the root user. The full text of the error or warning message cannot be safely formatted in this environment. You may get a more descriptive message by running the program as a non-root user or by removing the suid bit on the executable. ) = 302 write(2, "xterm: ", 7xterm: ) = 7 write(2, "Xt error: Can't open display: %s"..., 33Xt error: Can't open display: %s ) = 33 exit_group(1) = ? # 

strace xterm bloque pendant 60 secondes après l'printing de la ligne ci-dessous:

connect (3, {sa_family = AF_INET, sin_port = htons (6011), sin_addr = inet_addr ("127.0.0.1")}, 16

EDIT: après avoir autorisé les connections de 127.0.0.0/8 à 127.0.0.0/8, j'ai réussi à passer l'appel système de connect et maintenant le problème semble être une key MIT-MAGIC-COOKIE-1 invalide:

 connect(3, {sa_family=AF_INET, sin_port=htons(6010), sin_addr=inet_addr("127.0.0.1")}, 16) = 0 getpeername(3, {sa_family=AF_INET, sin_port=htons(6010), sin_addr=inet_addr("127.0.0.1")}, [16]) = 0 uname({sys="Linux", node="ThinkCentreA58", ...}) = 0 access("/root/.Xauthority", R_OK) = 0 open("/root/.Xauthority", O_RDONLY) = 4 fstat64(4, {st_mode=S_IFREG|0600, st_size=522, ...}) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7726000 read(4, "\0\0\0\4\177\0\0\1\0\0041000\0\22MIT-MAGIC-COOKIE"..., 4096) = 522 read(4, "", 4096) = 0 close(4) = 0 munmap(0xb7726000, 4096) = 0 getsockname(3, {sa_family=AF_INET, sin_port=htons(37220), sin_addr=inet_addr("127.0.0.1")}, [16]) = 0 fcntl64(3, F_GETFL) = 0x2 (flags O_RDWR) fcntl64(3, F_SETFL, O_RDWR|O_NONBLOCK) = 0 fcntl64(3, F_SETFD, FD_CLOEXEC) = 0 poll([{fd=3, events=POLLIN|POLLOUT}], 1, -1) = 1 ([{fd=3, revents=POLLOUT}]) writev(3, [{"l\0\v\0\0\0\22\0\20\0\0\0", 12}, {"", 0}, {"MIT-MAGIC-COOKIE-1", 18}, {"\0\0", 2}, {"I%f9\331-f\f\235i\321\354:a~\341", 16}, {"", 0}], 6) = 48 recv(3, 0x94b0ec8, 8, 0) = -1 EAGAIN (Resource temporarily unavailable) poll([{fd=3, events=POLLIN}], 1, -1) = 1 ([{fd=3, revents=POLLIN}]) recv(3, "\0\36\v\0\0\0\10\0", 8, 0) = 8 recv(3, "Invalid MIT-MAGIC-COOKIE-1 key\0\0", 32, 0) = 32 write(2, "Invalid MIT-MAGIC-COOKIE-1 key", 30Invalid MIT-MAGIC-COOKIE-1 key) = 30 shutdown(3, 2 /* send and receive */) = 0 close(3) = 0 open("/usr/lib/i386-linux-gnu/X11/XtErrorDB", O_RDONLY) = -1 ENOENT (No such file or directory) getuid32() = 0 geteuid32() = 0 getuid32() = 0 write(2, "Warning: This program is an suid"..., 302Warning: This program is an suid-root program or is being run by the root user. The full text of the error or warning message cannot be safely formatted in this environment. You may get a more descriptive message by running the program as a non-root user or by removing the suid bit on the executable. ) = 302 write(2, "xterm: ", 7xterm: ) = 7 write(2, "Xt error: Can't open display: %s"..., 33Xt error: Can't open display: %s ) = 33 exit_group(1) = ? # 

Si des informations supplémentaires sont nécessaires, veuillez requestr! Des idées pour procéder au dépannage?

C'est la manière très basique de comment cela devrait fonctionner:

Sur le client / machine locale (Xorg installé sur le client), essayez ceci:

 $ xhost + access control disabled, clients can connect from any host 

Essayez plus tard:

 $ ssh -AY user@host xterm 

ou

 $ ssh -AX user@host xterm 

Avec des clients non standard, xhost peut être nécessaire.

vérifier 9.3.5.6. Clients X non standard

J'ai eu le même problème. Xauth était absent sur la télécommand.

sudo apt-get install xauth

résolu le problème.

Tout d'abord un sharepoint la méthodologie de debugging, lorsque vous exécutez xterm en tant que root, il n'imprime aucun message de diagnostic utile, donc lors du dépannage de xterm le faire en tant qu'user ordinaire.

Maintenant, en ce qui concerne votre problème, il existe deux types de transfert X11, sécurisé et privilégié, et vous n'avez probablement pas activé ForwardX11Trusted yes . Vous n'en avez pas besoin sur Debian et les dérivés car ils l'activent toujours.

Donc, un peu de context sur la façon dont nous sums arrivés ici. X11 n'est pas le protocole le plus sécurisé. Il a été conçu dans des conditions plus conviviales, et il y a eu un certain nombre d'efforts pour le rendre plus sûr au fil des ans, notamment en l'exécutant à travers un tunnel de shell sécurisé. Tunnelling X11 réduit presque toutes les vulnérabilités de X11. L'un d'eux rest le risque d'afficher des windows provenant de systèmes non fiables. Un effort a été fait pour déclarer un sous-set sûr du protocole qui empêcherait le deployment des renifleurs de keys et similaires. Le projet, bien que techniquement réussi, présente des défis réels comme le fait étrange que find des programmes qui n'utilisent que le sous-set sécurisé est vraiment difficile car beaucoup de fonctionnalités désactivées sont très pratiques et comme la plupart des gens écrivent pour la machine locale qui a la permission d'utiliser le protocole complet, il y a peu de motivation pour créer des programmes qui fonctionnent avec le sous-set restreint.

L'autre possibilité est que le transfert X11 est uniquement activé sur un hôte spécifique. Le moyen le plus simple de vérifier si c'est le problème est d'utiliser le drapeau -y avec ssh. Si cela résout, ajoutez les deux lignes d'autorisation d'access aux sections d'hôte pertinentes de votre file de configuration ssh.

Dans mon environnement (standard) Ubuntu, j'ai reçu le message d'erreur xterm over ssh "… suid-root program …" (voir ci-dessus), même avec tous les parameters de transfert appropriés. Ce comportement a disparu bientôt sshd est configuré pour utiliser uniquement IPv4, en raison d'un bug de transfert X11 dans SSH si IPv6 sur le système est désactivé.

 vi /etc/ssh/sshd_config AddressFamily inet service ssh reload 

J'ai édité

 vim /etc/hosts 

a ajouté les lignes suivantes

 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 

et mon problème est résolu 🙂

je souffrais du même problème, fonctionnant très bien après faire ce qui suit 1-du terminal non fonctionnel "root dans mon cas", j'ai mis l'export d'affichage DISPLAY = ': 0' et vous pouvez l'append dans / etc / environment à rendez-le permanent

2- du terminal de travail "terminal d'user dans mon cas" exécutez le xhost + local ci-dessous:

alors le problème résolu 🙂