Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

X-windows access control question 2

Status
Not open for further replies.
wilville

wilville

MIS
Apr 8, 2005
50
US
All-

We are running RHEL3 and RHEL4 on our network and have run into a problem with some third party design tools we run on a compute farm as part of that network. They want to contact an X-server as part of license identity checking. In order so to do we have to run xhost + <compute farm hosts> since we don't know which host it will end up on, and we do not want to open access to all the desktop machines as well as the compute farm. ( So just xhost + by itself is not adequate. ) I have seen under some third party X servers the ability to place a .xhost file in a users home directory and get the effect I want without having to enter it explicitly. For a number of reasons, it is highly desireable that we not fiddle with user's environments, so embedding an xhost command in .login or .cshrc for instance is not a real good solution. Is there any hope to use the .xhost idea or something like it under RHEL3 or 4? If so, what are the details?

Thanks,
Wilville
 
Sort by date Sort by votes
You need to modify the /etc/xhosts file. That is the equivalent of an xhost file, but it is consulted each time an app attempts to connect to an Xserver, so it will work for all users and system accounts, even if no one is logged in.

But I strongly suggest that you not put a + in the file. You can put a domain, or an IP range or even a specific IP address or hostname. The + allows a client to connect into any Xserver anywhere in the world.

I'm assuming that this works on RHEL, but haven't used the file in many years. Generally I prefer to tunnel ssh and export the display at login, but that probably won't work in your situation.


pansophic
 
Upvote 0 Downvote
All-

Just to follow up on this a little, for the benefit of anyone who searches for this later ...

This works well under RHEL. There is a slight variation on the theme ... the file is named /etc/Xn.hosts where the n is the display number on the hst where the file is resident. This allows different Access Control Lists for different displays on multiheaded machines.

Much thanks to Pansophic for steering me in the right direction to find this.

Wilville
 
Upvote 0 Downvote
A star for Wilville too, for completing the story!

All I ask of you
Is make my wildest dreams come true
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

AbidingDude
  • Locked
  • Question
Newbie Apache Cache Question
Replies
5
Views
192
AbidingDude
AbidingDude
johngiggs
  • Locked
  • Question
Regex Question
Replies
1
Views
97
johngiggs
johngiggs
montyzummer
  • Locked
  • Question
Backup Linux DIR to windows via NFS
Replies
4
Views
140
kjv1611
kjv1611
Agent0007
  • Locked
  • Question
HELP Traffic Control of IP
Replies
2
Views
92
Agent0007
Agent0007
southbeach
  • Locked
  • Question
Running Windows based Applications - WINE
Replies
2
Views
77
ady2012
ady2012

Part and Inventory Search

Sponsor

Back
Top