Just ship the script. Signed-off-by: Gaetan Nadon <[email protected]> --- .gitignore | 5 +- Makefile.am | 14 +-- ...h_to_sun-des-1.cpp => xauth_switch_to_sun-des-1 | 98 ++++++++++---------- 3 files changed, 55 insertions(+), 62 deletions(-) rename xauth_switch_to_sun-des-1.cpp => xauth_switch_to_sun-des-1 (64%) mode change 100755 => 100644
diff --git a/.gitignore b/.gitignore index 33a7964..0b88b62 100644 --- a/.gitignore +++ b/.gitignore @@ -71,9 +71,8 @@ core *.tar.bz2 *.tar.gz # -# Add & Override patterns for scripts +# Add & Override patterns for scripts # # Edit the following section as needed # For example, !report.pc overrides *.pc. See 'man gitignore' -# -xauth_switch_to_sun-des-1 +# diff --git a/Makefile.am b/Makefile.am index b6f0ed7..487c606 100644 --- a/Makefile.am +++ b/Makefile.am @@ -20,17 +20,13 @@ # PERFORMANCE OF THIS SOFTWARE. SUBDIRS = man -dist_bin_SCRIPTS = fontname.sh fontprop.sh xon - -bin_SCRIPTS = xauth_switch_to_sun-des-1 - -xauth_switch_to_sun-des-1: $(srcdir)/xauth_switch_to_sun-des-1.cpp - grep -v Avoid $(srcdir)/xauth_switch_to_sun-des-1.cpp | sed -e /^\#.*$$/d -e s/XCOMM/\#/g > $@ +dist_bin_SCRIPTS = \ + fontname.sh \ + fontprop.sh \ + xon \ + xauth_switch_to_sun-des-1 MAINTAINERCLEANFILES = ChangeLog INSTALL -CLEANFILES = xauth_switch_to_sun-des-1 - -EXTRA_DIST = xauth_switch_to_sun-des-1.cpp .PHONY: ChangeLog INSTALL diff --git a/xauth_switch_to_sun-des-1.cpp b/xauth_switch_to_sun-des-1 old mode 100755 new mode 100644 similarity index 64% rename from xauth_switch_to_sun-des-1.cpp rename to xauth_switch_to_sun-des-1 index 3e5850f..18044ac --- a/xauth_switch_to_sun-des-1.cpp +++ b/xauth_switch_to_sun-des-1 @@ -1,37 +1,35 @@ -XCOMM!/bin/ksh -XCOMM X11 MIT-MAGIC-COOKIE to SUN-DES-1 auth. -XCOMM this script switched the current Xservers authentification -XCOMM (usually MIT-MAGIC-COOKIE-1) to SUN-DES-1. -XCOMM -XCOMM -XCOMM Copyright 2002-2004 by Roland Mainz <[email protected]>. -XCOMM -XCOMM -XCOMM Requirements: -XCOMM - Solaris/Linux/AIX running as NIS+ client (YP/LDAP not supported yet) -XCOMM - user must have proper credentials ("SecureRPC") -XCOMM - script must be able to "guess" the UID of the Xserver -XCOMM -XCOMM Advantages: -XCOMM - User may allow other users to gain access via -XCOMM % xhost +jigsaw@ -XCOMM instead of moving 128bit cookies -XCOMM -XCOMM Known bugs: -XCOMM - Was not tested on Linux since several months - -/* Avoid problems with CPP processing */ -#undef unix +#!/bin/ksh +# X11 MIT-MAGIC-COOKIE to SUN-DES-1 auth. +# this script switched the current Xservers authentification +# (usually MIT-MAGIC-COOKIE-1) to SUN-DES-1. +# +# +# Copyright 2002-2004 by Roland Mainz <[email protected]>. +# +# +# Requirements: +# - Solaris/Linux/AIX running as NIS+ client (YP/LDAP not supported yet) +# - user must have proper credentials ("SecureRPC") +# - script must be able to "guess" the UID of the Xserver +# +# Advantages: +# - User may allow other users to gain access via +# % xhost +jigsaw@ +# instead of moving 128bit cookies +# +# Known bugs: +# - Was not tested on Linux since several months + umask 077 -XCOMM force POSIX binaries +# force POSIX binaries export PATH=/usr/xpg4/bin:/usr/bin:/usr/dt/bin:/usr/openwin/bin -XCOMM debug +# debug alias xxdebug=true -XCOMM alias xxdebug= +# alias xxdebug= -XCOMM get full qualified domain name +# get full qualified domain name getFQDN() { getent hosts ${1} | awk "{print \$2}" - @@ -63,14 +61,14 @@ user2netname() } -XCOMM pid to username +# pid to username getUserOfPID() { ps -p $1 -o user,pid | awk "NR != 1 {print \$1}" - } -XCOMM test if we can access $DISPLAY via SUN-DES-1 auth. using a temporary -XCOMM Xauthority file +# test if we can access $DISPLAY via SUN-DES-1 auth. using a temporary +# Xauthority file dry_run() { ( @@ -102,15 +100,15 @@ dry_run() ) } -XCOMM main +# main HOSTNAME=$(hostname) FQDN=$(getFQDN $HOSTNAME) -XCOMM be sure that DISPLAY contains the host name -XCOMM BUGs: -XCOMM - this does _not_ catch non-tcp connections (like DECnet). -XCOMM - this may not work with IPv6 addresses +# be sure that DISPLAY contains the host name +# BUGs: +# - this does _not_ catch non-tcp connections (like DECnet). +# - this may not work with IPv6 addresses displayhost=${DISPLAY%:*} displaynum=$(x=${DISPLAY#*:}; echo ${x%.*}) if [ "$displayhost" == "" -o "$displayhost" == "localhost" ] ; then @@ -120,19 +118,19 @@ if [ "$displayhost" == "" -o "$displayhost" == "localhost" ] ; then fi -XCOMM grant access for current user and for user root -XCOMM (a bug in /usr/dt/bin/dtaction requires this for user "root", too - -XCOMM Solaris 7/8 dtaction runns setuid root and opens a display connection -XCOMM before chaning the EUID to the "destination uid"... ;-( ). +# grant access for current user and for user root +# (a bug in /usr/dt/bin/dtaction requires this for user "root", too - +# Solaris 7/8 dtaction runns setuid root and opens a display connection +# before chaning the EUID to the "destination uid"... ;-( ). xhost +${LOGNAME}@ +$(user2netname root) -XCOMM get X server principal(=user) -XCOMM this may fail if user isn't local -XCOMM unfortunately we cannot get the Xserver PID with a simply API - we -XCOMM have to "guess" in this case. "pgrep" creates a list of PIDs which may -XCOMM match. Then we create a list of all matching "principals" and test -XCOMM them - item by item... -XCOMM ... step 1: Create list of principals +# get X server principal(=user) +# this may fail if user isn't local +# unfortunately we cannot get the Xserver PID with a simply API - we +# have to "guess" in this case. "pgrep" creates a list of PIDs which may +# match. Then we create a list of all matching "principals" and test +# them - item by item... +# ... step 1: Create list of principals principal_list="" # you can add "most common" principals here... fallback_principal_list="" # you can add "fallback" principals here # (for example, principals for Xterminals (where @@ -144,7 +142,7 @@ done xxdebug echo "principal_list=${principal_list}" -XCOMM ... step 2: Test the list of principals +# ... step 2: Test the list of principals for PRINCIPAL in ${principal_list} ${fallback_principal_list} ; do # make a "dry run" and test whether we really can use SUN-DES-1 auth. # for this display using the given principal @@ -168,7 +166,7 @@ done echo "${0}: failure; could not establish SUN-DES-1 auth. on $DISPLAY" >&2 xhost -$LOGNAME@ -$(user2netname root) -XCOMM failure. +# failure. xxdebug echo failure. exit 1 -XCOMM EOF. +# EOF. -- 1.6.0.4 _______________________________________________ [email protected]: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: http://lists.x.org/mailman/listinfo/xorg-devel
