[Samba] Workaround found, .Xauthority and SMB, Mounting home directory

Ben Ford - Bio-Logic Aqua Technologies ben at naturestears.com
Tue Apr 27 17:40:20 GMT 2004


On Tuesday 27 April 2004 04:09 am, Schlomo wrote:
> the display manager (GDM, ...) usually stores the XAUTHORITY cookie in the
> .Xauthority file in the users' home dir. If you mount that on-the-fly,
> maybe you mount it too late ? So that .Xauthority in the user home dir is
> not accessible at this stage ?

This could be true, good point.  

But, note this FACT: with the home directory mounted as SMBFS ( ?which doesn't 
support locking?) you cannot run X with the .Xauthority being written in your 
home directory.  You get the following error:
xauth:  error in locking authority file /home/ben_ford/.Xauthority


I've tested this thoroughly in runlevel 3:
**NOTE: In this test, I have eliminated pam_mount and a graphical login.**

a) Before the user has logged in,  I mounted /home/ben_ford manually.
b) After logging in, I can successfully browse my "remote" home directory.
c) issuing a `startx` command results in the locking error:
xauth:  error in locking authority file /home/ben_ford/.Xauthority

Now, if I set the following environment variables my .bash_profile:

export XAUTHORITY=/tmp/.Xauthority
export ICEAUTHORITY=/tmp/.ICEauthority

Logout, and log back in, and re-do the exact test, I can start X fine!!!

Similar setup but using NFS does NOT require this workaround.  SMBFS doesn't 
allow locking perhaps?

> With the xhost +localhost you effectively 
> circumvent X security.

Still with the previous workaround in effect, Graphical login does NOT work.  
When I use the `xhost +localhost` command as noted in my previous email, I 
can successfully login with GDM.

I'm sure that issue the `xhost` command could be done in any place, but 
the /etc/X11/gdm/PreSession/Default seemed very effective.

>
> I had a similar case here (though with Novell servers) and solved it and
> the KDE / GNOME problem you describe by keeping the homedir local and
> mounting the server homedir in a subdirectory of the homedir. This way the
> Linux stuff stays on the Linux side and the personal files and data stays
> on the server side.
I considered this solution at first, but disregarded for some reason. Your fix 
is a lot cleaner then moving files ( via my changes to /usr/bin/startkde ) 
outside the home directory.

How many clients do you use?  Does having the home directory completely local 
make administering those machines difficult?  This was one of our concerns.
-- 
Ben Ford
Bio-Logic Aqua Technologies
5001 Lower River Rd
Grants Pass, OR 97526

800-FOR-MIST (367-6478)
ben at naturestears.com


More information about the samba mailing list