Relocating the .ICEauthority (Debian/GNOME)
in [UK Linux]
|
From: Simon Waters on 16 Feb 2007 18:01 I'd like (probably for very bad reasons) to relocate the .ICEauthority file when a GNOME login is underway. This is to allow mounting of $HOME over sshfs (I said it was a bad reason). I can't get it to relocate. I tried ICEAUTHORITY environment variable, and editing some random setting in /etc/gdm/gdm.conf for the authority directive (ideas Google threw up). What creates this file? (X?) How do I relocate it? Has anyone been here before and can tell me what breaks next? So far in my experimenting with sshfs, something caused the box to hang (what no ICMP echo), which I think was down to something done as a user, not root, which doesn't bode well for future stability with this set-up. But hey, if you don't try these things, you never discover what breaks. Otherwise, recommendations for a network file system other than NFS welcome..... Simon, finally securing his home wireless network properly.
From: Nix on 21 Feb 2007 09:57 On 16 Feb 2007, Simon Waters told this: > I'd like (probably for very bad reasons) to relocate the .ICEauthority > file when a GNOME login is underway. > > This is to allow mounting of $HOME over sshfs (I said it was a bad reason). Well, that's an interestingly weird thing to try :) > I can't get it to relocate. I tried ICEAUTHORITY environment variable, > and editing some random setting in /etc/gdm/gdm.conf for the authority > directive (ideas Google threw up). That should work (see below for details). > What creates this file? (X?) A caller of IceWriteAuthFileEntry() (in libICE.so.6). The iceauth(1x) tool can create it, as can other programs (e.g. > How do I relocate it? That's up to the individual program. ICEAUTHORITY can be used to tell libICE where to *read* the file from, but the file to write to is specified in the call to IceWriteAuthFileEntry(). Most programs call IceAuthFileName() to get it, which returns ~/.ICEauthority unless $ICEAUTHORITY is set. It's called by gnome-session/ice.c, which calls IceAuthFileName() appropriately and so should respect $ICEAUTHORITY. (KDE 3 calls it inside libDCOP --- hardly surprising given that DCOP is based directly on the ICE extension. KDE makes much greater use of ICE than does GNOME.) I suspect that you're simply not managing to instruct gdm to set the environment variable for its children properly: try looking in /proc/[gnome-session's PID]/environ to be sure. -- `In the future, company names will be a 32-character hex string.' --- Bruce Schneier on the shortage of company names
From: Simon Waters on 21 Feb 2007 11:49 > On 16 Feb 2007, Simon Waters told this: > >> This is to allow mounting of $HOME over sshfs (I said it was a bad reason). > > Well, that's an interestingly weird thing to try :) I need a good network file system, and I'm just pissed at having to rebuild my kernel yet again, because I didn't include the kernel support for NFS, the userspace NFS won't hack it any more, and then I'd still have to mess around to make it vaguely secure. I suspect sshfs won't be up to the job either, but at least I don't have to hack around to make it secure, or rebuild any kernels. I'm having enough trouble setting an environment variable - so probably best I don't try anything more complicated than setting environment variables. So far I've mostly used sshfs, to run the wrong version of subversion client, against my working copy of projects?! Don't do that. > I suspect that you're simply not managing to instruct gdm to set the > environment variable for its children properly: try looking in > /proc/[gnome-session's PID]/environ to be sure. I need you at work to point out the more blindingly obvious things I fail to do there as well. Thanks, I'll give it a try.
From: Simon Waters on 21 Feb 2007 16:07 > It's called by gnome-session/ice.c, which calls IceAuthFileName() > appropriately and so should respect $ICEAUTHORITY. Knowing it is gnome-session that writes it got me sorted. I should "use the source" more ;) Okay, after reading the gdm documentation, and a little grepping in /etc, I was led to; /etc/X11/Xsession.d/55gnome-session_gnomerc Which says "source $HOME/.gnomerc before starting gnome-session". So the answer (Debian Sid & GNOME specific perhaps) was; echo "export ICEAUTHORITY=/tmp/.ICEauthority" >>$HOME/.gnomerc I guess I should have "known" that much about GNOME by now, but I've never needed a GNOME specific environment variable So far, mounting "$HOME" under sshfs with; $ sshfs -o nonempty -o allow_root -o ServerAliveInterval=15 user(a)server: /home/user Has got rid of my NFS locking issues entirely, and so far every application (Iceweasel, OpenOffice, Icedove), has worked fine. Previously with the userspace NFS OpenOffice was being difficult about file locking. I'm guessing I'm in "less trodden ground", but that it "just worked" once GNOME was started gives me a bit more confidence. At least enough to stop exposing the NFS exports to my wireless LAN, not that I needed much encouragement in that area.
From: Chris Davies on 21 Feb 2007 17:35 Simon Waters <a(a)technocool.net> wrote: > I need a good network file system [...] and then I'd still have to > mess around to make it vaguely secure. Would NFS over OpenVPN be an acceptable alternative (given the necessary kernel rebuilds for the NFS bit)? Chris
|
Next
|
Last
Pages: 1 2 3 Prev: Any free plugin to view BBC video clips? Next: Kernel option to mount by UUID |