#913468 startx: doesn't cope with multiple xauth cookies

Package:
xinit
Source:
xinit
Description:
X server initialisation tool
Submitter:
Thorsten Glaser
Date:
2022-03-27 18:48:03 UTC
Severity:
minor
#913468#5
Date:
2018-11-11 13:14:08 UTC
From:
To:
/usr/bin/startx contains this around line 198:

    for displayname in $authdisplay $hostname$authdisplay; do
        authcookie=`xauth list "$displayname" \
        | sed -n "s/.*$displayname[[:space:]*].*[[:space:]*]//p"` 2>/dev/null;
[…]
            dummy=$(($dummy+1));
            xauth -q -f "$xserverauthfile" << EOF
add :$dummy . $authcookie
EOF

This clearly assumes that $authcookie is only one.
However, on my system I somehow get two (the same but,
nevertheless, two), leading to xauth throwing a syntax
error upon running startx.

tglase@tglase-nb:~ $ displayname=tglase-nb.lan.tarent.de:0
tglase@tglase-nb:~ $ xauth list "$displayname" | sed -n "s/.*$displayname[[:space:]*].*[[:space:]*]//p"
2f5582db6c1e1d0f6da34c7f4fec89c7
2f5582db6c1e1d0f6da34c7f4fec89c7

#913468#10
Date:
2018-11-11 13:31:56 UTC
From:
To:
Dixi quod…

I think these come from startx itself, plus the system having
had crashed once while X was running.

If I rm ~/.Xauthority then startx, and, under X, run “xauth list”,
I get:

tglase-nb.lan.tarent.de/unix:0  MIT-MAGIC-COOKIE-1  1d91628277c6a2e586377f11ad5e94c4
tglase-nb.lan.tarent.de:0  MIT-MAGIC-COOKIE-1  1d91628277c6a2e586377f11ad5e94c4
tglase-nb.lan.tarent.de:0  MIT-MAGIC-COOKIE-1  1d91628277c6a2e586377f11ad5e94c4

The actual cookie is now different every session, but we see
that the duplicate is there. So chances are this issue will
pop up over the lifetime of a $HOME in all startx users.

startx adds the cookie twoce in line 203 (since the previous
.Xauthority was empty, $authcookie also is, so we hit this
one instead of line 209 from my initial report). I don’t have
an idea why :0 is added as hostname:0 though.

I don’t know how to test this right now, as “xauth add” seems
to misbehave: instead of adding one line it replaces all three
lines:

tglase@tglase-nb:~ $ xauth list
tglase-nb.lan.tarent.de/unix:0  MIT-MAGIC-COOKIE-1  1d91628277c6a2e586377f11ad5e94c4
tglase-nb.lan.tarent.de:0  MIT-MAGIC-COOKIE-1  65cf233332362c15bf009a13d32c115f
tglase-nb.lan.tarent.de:0  MIT-MAGIC-COOKIE-1  65cf233332362c15bf009a13d32c115f
tglase@tglase-nb:~ $ xauth add tglase-nb.lan.tarent.de:0 . $(mcookie)
tglase@tglase-nb:~ $ xauth list
tglase-nb.lan.tarent.de/unix:0  MIT-MAGIC-COOKIE-1  2f2178f0974e8b0e3654eb084e469b39
tglase-nb.lan.tarent.de:0  MIT-MAGIC-COOKIE-1  2f2178f0974e8b0e3654eb084e469b39
tglase-nb.lan.tarent.de:0  MIT-MAGIC-COOKIE-1  2f2178f0974e8b0e3654eb084e469b39

(That’s still running under X.)

So perhaps this is one, or even two, bugs in xauth instead?

(That being said, I’d add a “| uniq”, at the very least, in the
indicated place in startx, if not handling for multiple cookies.)

bye,
//mirabilos

#913468#15
Date:
2018-11-11 13:33:53 UTC
From:
To:
Dixi quod…
[…]

From outside X I get:

tglase@tglase-nb:~ $ xauth list
tglase@tglase-nb:~ $ xauth add :0 . $(mcookie)
tglase@tglase-nb:~ $ xauth list
tglase-nb.lan.tarent.de/unix:0  MIT-MAGIC-COOKIE-1  fc863a474bbaf9d38bd7cffbd7bba100
tglase@tglase-nb:~ $ xauth add :0 . $(mcookie)
tglase@tglase-nb:~ $ xauth list
tglase-nb.lan.tarent.de/unix:0  MIT-MAGIC-COOKIE-1  0e3aea779d160c8308c57f3923debe8f

So, similar misbehaviour, but :0 is added as hostname/unix:0.
No idea where the duplicate other entry comes from.

bye,
//mirabilos

#913468#20
Date:
2022-03-27 18:40:27 UTC
From:
To:
Hi,

this bug still exists.

bye,
//mirabilos