[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Micro-report: using Stable without systemd

On Wednesday 17 October 2018 05:38:38 Morel Bérenger wrote:

> Le Wed, 17 Oct 2018 04:40:49 -0400,
>
> Gene Heskett <gheskett@shentel.net> a écrit :
> > On Wednesday 17 October 2018 04:00:37 Morel Bérenger wrote:
> > > Le Tue, 16 Oct 2018 17:53:37 -0400,
> > >
> > > Gene Heskett <gheskett@shentel.net> a écrit :
> > > > On Tuesday 16 October 2018 13:11:45 Greg Wooledge wrote:
> > > > > On Tue, Oct 16, 2018 at 12:43:40PM -0400, Gene Heskett wrote:
> > > > > > #1 is ssh -Y has been killed from jessie on. No excuse for
> > > > > > doing it and bug filing is ignored.
> > > > >
> > > > > I don't know what you mean by this.  I just performed the
> > > > > following experiment on my stretch workstation (wooledg), in
> > > > > communications with a stretch server (arc3) elsewhere on our
> > > > > network.
> > > > >
> > > > > 1) Already logged into wooledg, I opened a new urxvt window.
> > > > >
> > > > > 2) In this window, I typed: ssh -Y arc3
> > > > >
> > > > > 3) After authenticating to arc3 with a password, at the shell
> > > > > prompt, I typed: xterm
> > > > >
> > > > > 4) After a moment, a new xterm window appeared on my display.
> > > >
> > > > Thats expected. Now enter synaptic-pkexec. It should ask you, if
> > > > you are user 1000, for a passwd and given it, it will run. But
> > > > after wheezy, its not possible. LinuxCNC's graphics needs are
> > > > modest, and it will run, as the user. But its not root. And root
> > > > is denied regardless of how you go about obtaining root
> > > > permissions.
> > >
> > > Also, I wonder if you tried to do that through, for example
> > > Xephyr? Might workaround the issue you have?
> >
> > Well I was just reminded that gksudo works. Now what the heck is
> > Xephyr? Google says its x on x, whatever that means. I'll try to
> > remember that and play with it if its available for wheezy & later.
> >
> > Thanks Morel Bérenger.
>
> The ncurses mode of aptitude says Xephyr is a X server that can be
> executed inside another X server, more or less like Xnest (or xming,
> for people like me that had to work on a windows station but wanted to
> keep a nice wm embedded on personal hardware ;)).
>
> I can not really explain how this works, but in short you could
> consider a remote system providing the performances stuff (hard disk
> space, strong CPU, tons or RAM...) and opening the X session on local
> systems.
> I think it might fix your problem because basically, su-programs
> (probably PAM modules, in fact) do some security related checks to
> avoid passwords to be sniffed by a client on another computer: which
> is what I would expect a ssh -Y gksudo do.
>
> If my explanation is not clear (and I'm certain of it), it's because I
> don't really master that side of systems, sorry for that :)

You at least, dug deep enough to see that pam was probably the guilty 
party, same conclusion I reached. Unforch, removing pam also pretty much 
nukes the whole system.

And I'm not seeing well enough to expound at length, cataract operation 
this morning.















-- 
Cheers, Gene Heskett
--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page <http://geneslinuxbox.net:6309/gene>
Reply to: