Permalink
Browse files

Add a couple "xauth generate/remove" commands to the base PCDM toolch…

…ain. This should let us turn on the xsecurity on the server, and only authorize the current display (:0) by default.
  • Loading branch information...
Ken Moore
Ken Moore committed Oct 31, 2013
1 parent 20590e3 commit 71d919d020951e8148c882a8e21853ad22db8121
Showing with 4 additions and 1 deletion.
  1. +1 −1 src-qt4/PCDM/PCDMd
  2. +3 −0 src-qt4/PCDM/src/main.cpp
View
@@ -43,6 +43,6 @@ while [ ! -e /var/run/nologin ]; do
# Start VNC
(sleep 10 ; $vnccmd >/var/log/vncserver 2>/var/log/vncserver) &
fi
-
+ setenv XAUTHORITY ${PCDMAUTHFILE}
xinit /usr/local/bin/PCDM-session --once -- :0 -auth ${PCDMAUTHFILE} $XOPTS
done
@@ -172,6 +172,8 @@ int main(int argc, char *argv[])
while(neverquit){
if(runonce){ neverquit = FALSE; }
qDebug() << " -- PCDM Session Starting...";
+ system("xauth generate :0 ."); //Using MIT-MAGIC-COOKIE-1 protocol
+ //MIT-MAGIC-COOKIE-1 is good enough for our purposes since it is a single-user graphical system with no XDMCP
int sid = -1;
int pid = fork();
if(pid < 0){
@@ -197,5 +199,6 @@ int main(int argc, char *argv[])
qDebug() << "-- PCDM Session Ended --";
if(QFile::exists("/var/run/nologin")){ neverquit = FALSE; }
}
+ system("xauth remove :0");
return 0;
}

0 comments on commit 71d919d

Please sign in to comment.