From tate@gilbert.cs.uec.ac.jp  Fri Feb 22 07:46:34 2008
Return-Path: <tate@gilbert.cs.uec.ac.jp>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id D625F16A400
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 22 Feb 2008 07:46:34 +0000 (UTC)
	(envelope-from tate@gilbert.cs.uec.ac.jp)
Received: from mx-west.uec.ac.jp (adm2-bge0.cc.uec.ac.jp [130.153.8.66])
	by mx1.freebsd.org (Postfix) with SMTP id 618E613C461
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 22 Feb 2008 07:46:34 +0000 (UTC)
	(envelope-from tate@gilbert.cs.uec.ac.jp)
Received: (qmail 14678 invoked by uid 0); 22 Feb 2008 16:19:53 +0900
Received: from unknown (HELO gilbert.cs.uec.ac.jp) (130.153.150.155)
  by adm2.cc.uec.ac.jp with SMTP; 22 Feb 2008 16:19:53 +0900
Received: from gilbert.cs.uec.ac.jp (localhost [127.0.0.1])
	by gilbert.cs.uec.ac.jp (8.14.2/8.14.2) with ESMTP id m1M7IUhq044204;
	Fri, 22 Feb 2008 16:18:30 +0900 (JST)
	(envelope-from tate@gilbert.cs.uec.ac.jp)
Received: (from tate@localhost)
	by gilbert.cs.uec.ac.jp (8.14.2/8.14.2/Submit) id m1M7ITVX044203;
	Fri, 22 Feb 2008 16:18:29 +0900 (JST)
	(envelope-from tate)
Message-Id: <200802220718.m1M7ITVX044203@gilbert.cs.uec.ac.jp>
Date: Fri, 22 Feb 2008 16:18:29 +0900 (JST)
From: Tateoka Takamichi <tate@cs.uec.ac.jp>
Reply-To: Tateoka Takamichi <tate@cs.uec.ac.jp>
To: FreeBSD-gnats-submit@freebsd.org
Cc: tate@cs.uec.ac.jp
Subject: X11 forwarding cannot work
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         120963
>Category:       bin
>Synopsis:       X11 forwarding cannot work
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri Feb 22 07:50:01 UTC 2008
>Closed-Date:    Sat Feb 23 09:03:01 UTC 2008
>Last-Modified:  Sat Feb 23 09:10:02 UTC 2008
>Originator:     Tateoka Takamichi
>Release:        FreeBSD 6.3-RELEASE i386
>Organization:
University of Electro-Communications
>Environment:
System: FreeBSD gilbert.cs.uec.ac.jp 6.3-RELEASE FreeBSD 6.3-RELEASE #1: Mon Jan 28 16:42:21 JST 2008 tate@gilbert.cs.uec.ac.jp:/usr/obj/usr/src/sys/GENERIC i386
	/usr/sbin/sshd
	ports/x11/xauth (installed to /usr/local/bin/xauth)

>Description:

	sshd cannot find xauth.
	because /usr/X11R6/bin/xauth is hard-coded in /usr/bin/sshd.
	So, X11Fowarding cannot work.

>How-To-Repeat:

	Login from remote host with X11 forwarding like that.

leaf:tate[168]% ssh -v -Y gilbert.cs.uec.ac.jp
OpenSSH_4.5p1 FreeBSD-20061110, OpenSSL 0.9.7e-p1 25 Oct 2004
debug1: Reading configuration data /home/tate/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
 [snip]
debug1: Requesting X11 forwarding with authentication spoofing.
debug1: Remote: No xauth program; cannot forward with spoofing.
gilbert:tate[1]% echo $DISPLAY
DISPLAY: Undefined variable.
gilbert:tate[2]% which xauth
/usr/local/bin/xauth
gilbert:tate[3]% 

	We can find /usr/X11R6/bin/xauth is hard-coded like that:

gilbert:tate[2]% strings /usr/sbin/sshd |grep xauth
xauthlocation
maxauthtries
/usr/X11R6/bin/xauth
No xauth program; cannot forward with spoofing.
gilbert:tate[3]% 


>Fix:

	For workaround, make a symbolic-link from /usr/X11R6 to /usr/local.

	set X11BASE to /usr/local in make.conf?  I'm not sure.
>Release-Note:
>Audit-Trail:

From: Kris Kennaway <kris@FreeBSD.org>
To: Tateoka Takamichi <tate@cs.uec.ac.jp>
Cc: FreeBSD-gnats-submit@FreeBSD.org
Subject: Re: bin/120963: X11 forwarding cannot work
Date: Fri, 22 Feb 2008 11:33:55 +0100

 Tateoka Takamichi wrote:
 
 >> Fix:
 > 
 > 	For workaround, make a symbolic-link from /usr/X11R6 to /usr/local.
 
 This is not just workaround, this is supposed to be already true.  It is 
 part of the x.org 6.x->7.x upgrade, and should happen automatically when 
 you upgrade the ports following the documented procedure in UPDATING, or 
   if you do a fresh install on a clean system.
 
 Kris
 

From: TATEOKA Takamichi <tate@cs.uec.ac.jp>
To: kris@FreeBSD.org
Cc: tate@cs.uec.ac.jp, FreeBSD-gnats-submit@FreeBSD.org
Subject: Re: bin/120963: X11 forwarding cannot work
Date: Sat, 23 Feb 2008 00:28:25 +0900 (JST)

 From: Kris Kennaway <kris@FreeBSD.org>
 > This is not just workaround, this is supposed to be already true.  It is 
 > part of the x.org 6.x->7.x upgrade, and should happen automatically when 
 > you upgrade the ports following the documented procedure in UPDATING, or 
 >   if you do a fresh install on a clean system.
 
   Yes, I did fresh install 6.3R on a clean system.  If this symbolic
 link is still required, 6.4R base system (or X11 ports?) should have
 this symbolic link, I think.
 --
 Takamichi Tateoka

From: Kris Kennaway <kris@FreeBSD.org>
To: TATEOKA Takamichi <tate@cs.uec.ac.jp>
Cc: FreeBSD-gnats-submit@FreeBSD.org
Subject: Re: bin/120963: X11 forwarding cannot work
Date: Fri, 22 Feb 2008 20:04:57 +0100

 TATEOKA Takamichi wrote:
 > From: Kris Kennaway <kris@FreeBSD.org>
 >> This is not just workaround, this is supposed to be already true.  It is 
 >> part of the x.org 6.x->7.x upgrade, and should happen automatically when 
 >> you upgrade the ports following the documented procedure in UPDATING, or 
 >>   if you do a fresh install on a clean system.
 > 
 >   Yes, I did fresh install 6.3R on a clean system.  If this symbolic
 > link is still required, 6.4R base system (or X11 ports?) should have
 > this symbolic link, I think.
 
 It should happen automatically when the xorg metaport is installed (this 
 is the best way to ensure you have a complete xorg installation).  If 
 you only installed parts of xorg then you will have to add the symlink 
 by hand.
 
 Kris
 

From: TATEOKA Takamichi <tate@cs.uec.ac.jp>
To: kris@FreeBSD.org
Cc: tate@cs.uec.ac.jp, FreeBSD-gnats-submit@FreeBSD.org
Subject: Re: bin/120963: X11 forwarding cannot work
Date: Sat, 23 Feb 2008 12:28:15 +0900 (JST)

 From: Kris Kennaway <kris@FreeBSD.org>
 > >   Yes, I did fresh install 6.3R on a clean system.  If this symbolic
 > > link is still required, 6.4R base system (or X11 ports?) should have
 > > this symbolic link, I think.
 > 
 > It should happen automatically when the xorg metaport is installed (this 
 > is the best way to ensure you have a complete xorg installation).  If 
 > you only installed parts of xorg then you will have to add the symlink 
 > by hand.
 
   Yes, I installed only ports/x11/xauth because the host is a firewall
 server and doesn't need almost X11 servers and applications.
   It may be a rare case, but I hope default X11BASE becomes /usr/local
 in future release.
 
 Thanks,
 Takamichi Tateoka
State-Changed-From-To: open->closed 
State-Changed-By: remko 
State-Changed-When: Sat Feb 23 09:02:59 UTC 2008 
State-Changed-Why:  
This is a local issue, please set the symlink yourself as kris pointed 
out. Thanks for using FreeBSD. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=120963 

From: Kris Kennaway <kris@FreeBSD.org>
To: TATEOKA Takamichi <tate@cs.uec.ac.jp>
Cc: FreeBSD-gnats-submit@FreeBSD.org
Subject: Re: bin/120963: X11 forwarding cannot work
Date: Sat, 23 Feb 2008 07:00:40 +0100

 TATEOKA Takamichi wrote:
 > From: Kris Kennaway <kris@FreeBSD.org>
 >>>   Yes, I did fresh install 6.3R on a clean system.  If this symbolic
 >>> link is still required, 6.4R base system (or X11 ports?) should have
 >>> this symbolic link, I think.
 >> It should happen automatically when the xorg metaport is installed (this 
 >> is the best way to ensure you have a complete xorg installation).  If 
 >> you only installed parts of xorg then you will have to add the symlink 
 >> by hand.
 > 
 >   Yes, I installed only ports/x11/xauth because the host is a firewall
 > server and doesn't need almost X11 servers and applications.
 >   It may be a rare case, but I hope default X11BASE becomes /usr/local
 > in future release.
 
 Yes, it will be changed over time.
 
 Thanks,
 Kris
 
>Unformatted:
