F17 XDMCP

[Ken Smith]

Gordon Messmer wrote:
> On 06/29/2012 05:57 AM, Ken Smith wrote:
>>
>> I still don't understand why deprecating XDMCP furthers the Open Source
>> cause.
>
> Guys, slow down.  There's no reason to believe that XCMCP has been 
> deprecated.  It can be enabled exactly as it was in the previous 
> release.  It looks like there's a bug that hasn't yet been reported.  
> It would be helpful if anyone else could verify that the X server 
> prints an error to the system's console (not to the logs, not to the 
> controlling tty, and not to stderr) when they attach it to a Fedora 17 
> XDMCP server.
>
Apologies Gordon, you asked this earlier and I didn't reply.

I would suggest deprecated as the settings for the function have been 
buried. It suppose it depends on how you define deprecated.

I note the other comments about security of XDMCP. In this situation 
both the office LAN and the internal VLan inside my host are pretty 
safe. If I was concerned I would use a VPN or such like. (Folks still 
use ftp and telnet.)

The environment I'm testing in is FC13 x64 on an i7 with nVidia graphics 
and that is the KVM host for the FC17 VM. The plan is to move the host 
up to FC17 if this testing works out OK.

The FC17 VM has this in the /etc/gdm/custom.conf file

[security]
DisallowTCP=0
[xdmcp]
Enable=1

Ports 177 udp and 6000/6001 tcp are open on it.

There are also Centos 5 and 6 {and other} VM's on that host.

"X -query {ipaddr} :1" and "Xnest :1 -query {ipaddr}" work fine between 
the Centos5 and 6 VM's and the host in any combination you choose to try.

If I try the access the FC17 VM with "X -query ..." from the FC13 host 
or the C6 VM, the machine switches desktop as expected and then displays 
the circular mouse icon on a black screen and then the desktop freezes. 
Cntl-Alt F1 or 2 etc then do nothing.

Logging on to the "frozen" C6 VM host with ssh shows that the machine is 
still up, just its display system is hanging in bits. There is one TCP 
session open on port 6001. Trying the kill the "X -query" process fails. 
Switching it to RL1 does not restore any desktop. In this case I killed 
the virtual power to it, as all the other buttons and switches were 
ineffective.

Sadly in this scenario any messages that were shown on the console are 
not visible. Nor are they visible if I do this from the host.

Leaving the FC17 host running and then connecting again, this time with 
"X -query" or Xnest from the host gives varying results. Soon after the 
failed attempt with "X -query ..." I got this error

(EE) open /dev/fb0: No such device
error setting MTRR (base = 0xf0000000, size = 0x00100000, type = 1)
Invalid argument (22)

Fatal server error:
XDMCP fatal error: Session declined Maximum number of open sessions from
your host reached


I got a similar message when I tried with Xnest.

A short time later I tried again with Xnest and got a full logon screen. 
I was so surprised I thought I had connected to the wrong host. Trying 
again straight away gave this error.

X Error of failed request:  BadMatch (invalid parameter attributes)
   Major opcode of failed request:  73 (X_GetImage)
   Serial number of failed request:  2995
   Current serial number in output stream:  2995


You may be on the right track that this may be a bug. If there is any 
other info I can provide, such as exact software versions etc please let 
me know.

Thanks

Ken






-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.