[pkg-fso-maint] Bug#532900: dropbear: has no more existent /usr/X11R6/bin/xauth hardcoded

Luca Capello luca at pca.it
Thu Jul 23 17:25:44 UTC 2009 

severity 532900 important
user pkg-fso-maint at lists.alioth.debian.org
usertags 532900 + package-dependencies
thanks

Hi!

On Fri, 12 Jun 2009 17:58:48 +0200, Axel Beckert wrote:
> Since x11-common 1:7.4+2, the /usr/X11R6/bin symbolic link is no more
> shipped with x11-common and therefore /usr/X11R6 is more present in
> most Sid installations.
[...]
> This breaks X forwarding to Sid machines running dropbear as SSH
> server, because the xauth location is hardcoded as to be at
> /usr/X11R6/bin/xauth in dropbear's options.h.

This breaks practically every Openmoko running the default Debian.

Moreover, since X.Org in Debian moved away from /usr/X11R6 since etch
(upstream changed with the transition to 7.0 [1]) and IIRC it was a
Release Goal at that time, this should be at least severity important.

> The following patch (e.g. saved as
> dropbear-0.52/debian/diff/0003-options.h-fix-xauth-path.diff) fixes
> this:
>
> --- dropbear-0.52.orig/options.h        2008-11-11 15:13:50.000000000 +0100
> +++ dropbear-0.52/options.h     2009-06-12 17:32:22.000000000 +0200
> @@ -220,7 +220,7 @@
>  /* The command to invoke for xauth when using X11 forwarding.
>   * "-q" for quiet */
>  #ifndef XAUTH_COMMAND
> -#define XAUTH_COMMAND "/usr/X11R6/bin/xauth -q"
> +#define XAUTH_COMMAND "/usr/bin/xauth -q"

The above patch works, but is there any reason at all why it should be
hardcoded?

> JFTR: Setting XAuthLocation to /usr/bin/xauth on a connecting OpenSSH
> client doesn't help. (ssh_config(5) doesn't tell if the setting
> affects the local or remote path, so I'm not sure if it could have
> helped anyway.)

The same bug applies to OpenSSH (and thus it should be cloned and
reassigned), look at openssh-5.1p1 [2], look at pathnames.h:137:

--8<---------------cut here---------------start------------->8---
/* xauth for X11 forwarding */
#ifndef _PATH_XAUTH
#define _PATH_XAUTH			"/usr/X11R6/bin/xauth"
#endif
--8<---------------cut here---------------end--------------->8---

The above seems to exist since a long time ago:
=====
openssh (1:1.2.3-9) frozen unstable; urgency=low

  * force location of /usr/bin/X11/xauth
    (closes: #64424, #66437, #66859)  *RC*
=====

Thx, bye,
Gismo / Luca

Footnotes: 
[1] http://wiki.debian.org/Xorg69To7#The.2BAC8-usr.2BAC8-X11R6directory
[2] https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/8440
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 834 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-fso-maint/attachments/20090723/14a0f894/attachment.pgp>

More information about the pkg-fso-maint mailing list