LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 12-16-2005, 05:06 PM   #1
WebDrake
LQ Newbie
 
Registered: Dec 2005
Posts: 1

Rep: Reputation: 0
Question YaST Firewall & X-server access for SuSE 10.0


Hello all,

I'm a relatively new Linux user: I've just installed SuSE 10.0 on my laptop. Anyway, I'm faced with a problem. At various times I run jobs on a computing cluster which involve submitting a script to the central hub which then opens an xterm window on my own desktop. The script goes like this:

Code:
#!/bin/bash
#$ -S /bin/bash
#$ -cwd
#$ -e /dev/null
#$ -o /dev/null
PGI=/apps/pgi-5.1.6
export PGI
#export DISPLAY=`tcsh -c 'echo $REMOTEHOST'`:0

export DISPLAY=my.ip.add.ress:0.0

xterm
Currently, if the YaST firewall is active, the above script simply gets "stuck" and does not do anything. If the firewall is turned off, it returns a message that it was unable to access the X server. So, I'm presuming that both the YaST firewall and the X server's own settings are blocking or ignoring the request.

So, I have two problems: (i) configure the YaST firewall to allow the cluster hub to access my machine and its X-server, and (ii) configure the X server to listen in to the TCP port and accept connections from the cluster hub. But I'm really unsure how to effectively go about either.

I would really appreciate a friendly walk-through of both aspects, if someone can explain these things. :-)

For what it's worth, here's my /etc/X11/xinit/xserverrc script:

Code:
#!/bin/bash

#
# move this file to ~/.xserverrc, if you don't want to allow
# everybody to get access to your X-Server
#

dspnum=":0"
  args=""
  done=no
if test -z "$XAUTHORITY" ; then
  auth="$HOME/.Xauthority"
else
  auth="$XAUTHORITY"
fi

while test -n "$1" ; do
    case "$1" in
        \:[0-9])
            dspnum="$1" ;     shift ;;
        -auth)
            done=yes
            args="$args $1" ; shift ;;
        *)
            args="$args $1" ; shift ;;
    esac
done

# handle TCP port 6000
. /etc/sysconfig/displaymanager
test "$DISPLAYMANAGER_XSERVER_TCP_PORT_6000_OPEN" != "yes" && \
  args="$args -nolisten tcp"

if test -x "`type -p keygen`" -a "$done" != "yes" ; then
    if [ ! -x  "`type -p hostname`" ] ; then
        echo "startx: can't get my hostname - exiting" 1>&2
        exit 1
    else
        host=`hostname -f`
    fi

    trap "echo" 1 2 15
    cookie="MIT-MAGIC-COOKIE-1 `keygen`"
     tcpip="$host$dspnum"
      unix="${host%%.*}/unix$dspnum"

    xauth -f $auth source - <<-EOF
        add $tcpip $cookie
        add $unix  $cookie
        add ${host}/unix$dspnum $cookie
        EOF
    cookie=

    exec X $dspnum -auth $auth $args
else
    exec X $dspnum $args
fi
Many thanks,

-- Joe
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
firewall with Yast and suse 9.x Kumado Linux - Networking 1 06-21-2005 10:08 AM
No NFS server module in YaST in SuSE 9.2 bunkenburg Suse/Novell 1 03-10-2005 05:56 PM
cant access web server behind NAT/firewall vermaamitabh Linux - Security 3 11-10-2004 12:43 PM
Moz & FF cannot access secure sites behind firewall rickenbacherus Linux - Networking 2 11-05-2004 12:54 PM
firewall & DMZ Access problem AnotherNewbie Linux - Hardware 0 05-16-2002 05:01 PM


All times are GMT -5. The time now is 02:09 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration