LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Other *NIX Forums > AIX
User Name
Password
AIX This forum is for the discussion of IBM AIX.
eserver and other IBM related questions are also on topic.

Notices

Reply
 
Search this Thread
Old 08-24-2011, 08:15 AM   #1
DennisC31
Member
 
Registered: May 2007
Location: beyond my means
Distribution: Mint 11.04
Posts: 55

Rep: Reputation: 19
"X11 connection rejected because of wrong authentication." and sudo


Greetings fellow nix people.

I have been banging my head against the wall over this.

I have an X application I need to run on an AIX server -- lets just use xclock as the example.

I have a linux workstation.

This works:

$ ssh -X usera@aixserver
$ xclock
I now am greeted with the beautiful xclock.

But, due to corporate mandate, I want to run xclock as userb and not as usera.

So, I have this line in sudoers;

usera ALL=(userb) NOPASSWD:/usr/bin/X11/xclock

Then, we do the following and I get the erorr from the subject.

$ ssh -X usera@aixserver
$ sudo -u userb /usr/bin/X11/xclock
X11 connection rejected because of wrong authentication.
X connection to localhost:10.0 broken (explicit kill or server shutdown).

Amazing.

Any ideas? I am actually running a tax application on the server so this is sort of important. The tax application MUST be run as a specific user and I don't want to give that user's credentials out. Auditors would have a field day with me if I did.

Last edited by DennisC31; 04-11-2012 at 05:26 PM.
 
Old 08-24-2011, 09:27 AM   #2
DennisC31
Member
 
Registered: May 2007
Location: beyond my means
Distribution: Mint 11.04
Posts: 55

Original Poster
Rep: Reputation: 19
K, guys, the plot thickens like a good roux cooked between 7 and 9 am on a hot July morning in Louisiana when the air conditioner is busted.

so... I went over to a Windows station.

I installed Xming.

I then tried to run sudo -u userb xclock and I got the same error.

I did some research...

I found out that although this worked on our OLD server (yea, we recently went from 5.3 to 6.1), the new box it isn't working on. I found out that environment preservation in the new version of sudo is not enabled. I had to go into visudo and changed the line for this command to:

usera ALL=(userb) NOPASSWD:/usr/bin/X11/xclock,/opt/tax/application

Thus, the DISPLAY environment variable (and also variables that the tax app needs) will be preserved.

After adding SETENV to sudoers I was able to run sudo -E -u userb xclock. CHEESE WIZZ!

The good news is that this has solved the problem for my end user who uses a workstation with Xming to run her tax software.

The bad news is that I am the Unix Sysadmin and I can't tell you why it won't run from my linux (ubuntu 10.10) station. Considering it works with Xming, I have to assume that its a problem with my XServer on Ubuntu.

Any ideas?

Last edited by DennisC31; 04-11-2012 at 05:26 PM. Reason: corrected the setenv line.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
X11 connection rejected because of wrong authentication. mschnell Linux - Newbie 1 07-12-2011 12:55 PM
X11 connection rejected because of wrong authentication. vino87 Linux - Desktop 3 06-08-2011 09:45 AM
X11 connection rejected because of wrong authentication???????? Taylrl Linux - Newbie 4 12-07-2010 09:51 AM
X11 connection rejected because of wrong authentication wmasry Linux - Newbie 1 10-19-2010 06:43 AM
"mythtv-setup" giving "Session management error: Authentication Rejected" Mitchua Ubuntu 0 10-09-2005 04:32 PM


All times are GMT -5. The time now is 07:30 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration