# xhost on macosx



## Zammy-Sam (Nov 22, 2002)

Hi,
I was used to run for example netscape from another machine on my local-screen by the following commands:
local: xhost +othercomp
local: telnet othercomp
othercomp: setenv DISPLAY local:0
othercomp: netscape

I tried same in the terminal of my macosx 10.2.2 and there is no xhost command.

How can I solve this?

Another thing: why can't I get root? when I type "su", it doesn'T accept my admin-password. And I never used another password.

tnx!

Sam


----------



## roger (Nov 22, 2002)

For your second issue:

root probably isn't enabled, but you can use sudo instead:

sudo <command>

You will then be prompted for your password, and type in your normal password. The command will then be executed with root status effectively. I find this much safer than enabling root and logging in as root.

sudo is actually quite sophisticated. There is a file /etc/sudoers that controls which users can execute sudo. It also tells the system what commands each user can do.

For example I have some users logging in remotely to my machine. They needed to be able to stop and restart Apache. However I didn't want to give them admin control because there are some areas of the disk they they aren't allowed.

I added a line to allow one of my users to use apachectl only.

R.


----------



## onan (Nov 22, 2002)

The system ships with no valid root password, but will full sudo access for "administrative" users. If you wish to change this (rather than just continuing to use sudo, as already suggested) you can simply "sudo passwd root" and then su as you wish.

To answer your primary question: that's all dependent on using the X Windowing System (X11). And despite the rather confusing name, macosx doesn't actually use X11 itself.

Fortunately, you can get around this with a third-party X11 server. www.versiontracker.com will happily direct you to XDarwin, which is an X11 server for osx. While you're there, I'd recommend getting Oroborosx, an X11 window manager which will cause such windows to behave a bit more like osx windows.

As a final note, you really really don't want to be using xhost and telnet in any circumstances, with or without osx involved. This method makes it trivially easy for anyone with access to your network to take control of both machines involved.

What you'd really like to use is ssh. ssh includes a function specifically to tunnel X11 connections through its encryption. So instead of all that stuff, you'd simply do:

local:~> ssh -X otherhost
otherhost:~> netscape


----------



## Zammy-Sam (Nov 23, 2002)

Thanks a lot, onan and roger!!!!!!!!!!

Your helped me out!

Cheers
Sam


----------



## Zammy-Sam (Nov 25, 2002)

Ok, sorry to come back, but I still got few probs.

I downloaded xDarwin 1.0.6.1 and also OroborOSX-v0.8b2. When I run XDarwin in the unzipped window it was loading and I was an analog clock in the right corner, but suddenly it closed! I didn't install anything or copied any folder to any special place. Do I have to???
And when I tried OroborOSX, I didn't have any terminal. The prog was running but where to type my commands???? Sorry for those stupid questions....

Btw, I have osx 10.2.2. Is that a problem?

Thanks for your help!
Sam


One more thing: using ssh -X host didn't work. I can log to the host, but when I start netscape, I get "Can't open display".
I also tried to add: setenv DISPLAY local:0.0

still not working....


----------



## fddi1 (Nov 25, 2002)

I assume "local" is defined in the /etc/hosts file in another host?  If not, you need to define it first, or just use the IP address.


----------



## kilowatt (Nov 26, 2002)

ok, looks like your X11 install is a little fubar. Check your console for messages as to why everything closes once it loads up (/Applications/Utilities/Console.app). Just double click on the Console application, and then load up X11. Its normal to see stuff in the console, what you are looking for is errors (not the x11 startup messages).

Once you get x11 up and running, here is some info for launching programs remotely:

1) the x window system is a server <--> host protocol. The physical screen you're sitting at running x11 on is the server, and the application you are launching connects to the x11 server.

2) There are two ways to forge a connection. The first is by telling your x11 server that another host can connect to it. Thats what the xhost command does. (That command, btw, has to be isued in an xterm or other x11 terminal on the screen you want to see the app on). The other way is to fool your system into thinking the application is local. Thats what you can do with ssh -X

The differences: ssh -X is secure. xhost isn't. The data on the ssh connection is encrypted. Plus, its easy to spoof an xhost into letting you use its display simply by faking your hostname. 

On some systems, ssh -X will be all you need to do. On osx, more offten than not, you will need to set the $DISPLAY enviroment variable before launching your application.

3) For any x11 application, you can specify the display to output on like this (example is for an xterm):
xterm -display floyd:0.0

'floyd' is the display I want to see the application on. 0.0 specifies that I want it on the first display. If you're running multipul copies of the x display server, you would need to reflect that. 99.999% of the time, :0.0 will be all you need.

4) once you launch an xterminal remotely (xterm), you don't have to specify -display anymore (within the xterm), because its taken care of for you. type 'printenv' in a remote xterm to see what I mean.

on some systems, you will still need to exec xhost +hostname when using ssh -X. `man sshd` for details 

Hope that clears a few things up!


----------



## Zammy-Sam (Nov 27, 2002)

2002-11-27 13:09:10.294 XDarwin[877] 
XDarwin 1.1

XFree86 Version 4.2.0 / X Window System
(protocol Version 11, revision 0, vendor release 6600)
Release Date: 18 January 2002
	If the server is older than 6-12 months, or if your hardware is
	newer than the above date, look for a newer version before
	reporting problems.  (See http://www.XFree86.Org/FAQ)
Operating System: Darwin
Using keymapping provided in /System/Library/Keyboards/Deutsch.keymapping.
Display mode: Rootless Quartz
Screen 0 added: 1024x747 @ (0,21)
Screen 0 placed at X11 coordinate (0,0).
Warning: no access to tty (Inappropriate ioctl for device).
Thus no job control in this shell.

dyld: xterm Undefined symbols:
xterm undefined reference to _tgetent expected to be defined in /usr/lib/libSystem.B.dylib
xterm undefined reference to _tgetstr expected to be defined in /usr/lib/libSystem.B.dylib
dyld: xterm Undefined symbols:
xterm undefined reference to _tgetent expected to be defined in /usr/lib/libSystem.B.dylib
xterm undefined reference to _tgetstr expected to be defined in /usr/lib/libSystem.B.dylib
dyld: xterm Undefined symbols:
xterm undefined reference to _tgetent expected to be defined in /usr/lib/libSystem.B.dylib
xterm undefined reference to _tgetstr expected to be defined in /usr/lib/libSystem.B.dylib
Nov 27 13:09:26 Macfly crashdump: Crash report written to: /Library/Logs/CrashReporter/xterm.crash.log



waiting for X server to shut down Using keymapping provided in /System/Library/Keyboards/Deutsch.keymapping.
Display mode: Rootless Quartz
Screen 0 added: 1024x747 @ (0,21)
Screen 0 placed at X11 coordinate (0,0).



Quitting XDarwin...


This is what I got out in the console when I started XDarwin.
Can anyone help?

tnx!!!!!!!!!!!!

Sam


----------



## kilowatt (Nov 27, 2002)

Ahh, yes, this we can fix. When apple 'updated' us from 10.1 to 10.2, some critical dynamic libraries got relocated. The fix is simple, but I can't rember it. If I wasn't on my Treo 300/Sprint phone, I would research it for you.  Latter on this week, when I get back home, i'll dig arround.

Anyone here rember it?


----------



## Zammy-Sam (Nov 28, 2002)

Tnx a lot kilowatt!

I really appreciate your help.
But is there any other way for me to get a remote connection to a unix machine? Without using x11...?

Cheers

Sam


----------



## btoneill (Nov 28, 2002)

Asking if there is a way other the X11 is kinda like asking if there is a way to display Quartz applications without Quartz. X11 apps are written using X11 libraries, and are displayed using the X11 protocol. The same protocol is used whether you are displaying locally or across a network. 

As to your X startup problems, it appears you have installed XFree86 4.2.0, when you really want 4.2.0.1 compiled for 10.2, or you can install the patch to get the one you have working in 10.2. You can find packages for both at http://sourceforge.net/project/showfiles.php?group_id=18034

Both are easy to install. You probably also want to install the upgrade to 4.2.1.1 that is located there while you're at it. Also, would be helpful to download and install OroborOSX from http://oroborosx.sourceforge.net too. This window manager will startup X and make it easy to use/manage for you.

Brian


----------



## Zammy-Sam (Dec 2, 2002)

Sorry for bothering everyone with it, but now I am running xDarwin over OroborOSX. Thanks to btoneill!
But still I can't set the display on my local machine. Tried all ideas from kilowatt, but I always get the message: can't open Display.
I also add the ip of the machine (that I wanna run netscape remotely) into /etc/hosts but still nada...
Any ideas?

I really appreciate your help!
Thanks!

Sam


----------



## btoneill (Dec 2, 2002)

Ok, to get to the bottom of your xhost issue, I want to you run a couple commands, and post the output.

On local machine:
1st: 'echo $shell'
2nd: `echo $SHELL'
3rd: 'echo $DISPLAY'
4th: 'xhost`

On remove machine:
1st: `echo $shell'
2nd: 'echo $SHELL'
3rd: 'echo $DISPLAY'


Brian


----------



## Zammy-Sam (Dec 3, 2002)

Output list:
  local machine:
    1st: '/bin/tcsh'
    2nd: '/bin/tcsh'
    3rd: ':0.0'
    4th: 'xhost: Command not found'

  remote machine:
    1st: '/bin/tcsh'
    2nd: '/bin/tcsh'
    3rd: 'DISPLAY: Undefined variable.'


Tnx Brian!!!!!

Hope you can figure out what's going wrong! Btw, I didn't set any setenv DISPLAY parameters... (just ssh -X remote-machine)

Sam


----------



## btoneill (Dec 3, 2002)

> _Originally posted by Zammy-Sam _
> *Btw, I didn't set any setenv DISPLAY parameters... (just ssh -X remote-machine) *



You did an ssh -X remote-machine. Ok, the problem is, ssh X tunneling is not working right. Are you sure you have X tunneling enabled on in sshd_config on the remote machine? when ssh tunnelling is working correctly, the $DISPLAY environment will get set on the remote machine. Depending on the config, it will either be something like 'localhost:10.0' or 'remote-machine:10.0". If sshd is not setting the display environment for you, it's not setup correctly.

Look on the remote machine for a file called 'sshd_config' if you do a 'man sshd_config' it will most likely tell you the location of the file at the top. In this file, look for the following lines:
X11Forwarding yes
X11DisplayOffset 10
X11UseLocalhost yes

If they aren't in the file, add them, and restart sshd. Then try again. When everything is working with the above config, the DISPLAY variable on the remote machine will be set to 'localhost:10.0' (the next ssh -X that is connected will be localhost:11.0, and so on).

Brian


----------



## Zammy-Sam (Dec 4, 2002)

Hi Brian!

tnx for your reply!

Well, I tried to find the file called 'sshd_config', but I just found 'ssh_config'. And beside that, I don't have the root-passwd. The remote-system belongs to the institute and I am just a user here. So, is there an other way to set the display on my local screen without having root-rights on the remotemachine (which I need to change the files on /etc)?


----------



## btoneill (Dec 4, 2002)

It won't be encrypted but, youcan set the DISPLAY on the remote box to your-local-box:0.0 which will tell any X app to display on your-local-box. You also need to run xhost on the local box, it shoudl be under /usr/X11/bin or something along those lines, I forget the path the XFree is using now. You'll want to run 'xhost +remote-server'. After doing that, run just 'xhost" and you should see something like this:
access control enabled, only authorized clients can connect
INET:remote-machine-name

Once thats done, you should be able to type xterm on the remote box, and it should popup locally.

Oh, one other thing, I forgot to ask before, when you're ssh'ing to the remote box, are you doing so via an xterm, or via OS X's terminal? If you're not doing it in an actual xterm (or Eterm or rxvt) you won't be able to tunnel X.

Brian


----------



## Zammy-Sam (Dec 6, 2002)

Brian?
A HUGE KISS FOR YA!!!!!!
;-)
It's working now!

I am aware of the security-issues, but since we are a work-group it'S kinda ok for me.
Thanks a lot, Brian!

You helped me a lot

Sam


----------

