ssh -X breaks Xauthority on NFS mounted home dir
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Debian |
Fix Released
|
Unknown
|
|||
linux (Ubuntu) |
Incomplete
|
Undecided
|
Unassigned | ||
Bug Description
When using an nfs mounted home directory, using ssh to connect and run a X11 app from the nfs server causes X applications to break.
Steps to reproduct the problem
1) have to computers(A and B) with ubuntu 8.04 installed
2) Export /home from computer A, and mount it on computer B
3) Create a user that has the same username, home directory, and UID on both computers
4) Log into computer B with the user that was just created, and ssh into box A and run an X application (ssh -X boxa xterm)
5) In another terminal, try to run another X app on box b as the same user.
What is supposed to happen: The X app on box B runs properly
What actually happens: The X app will fail with an error like "Xlib: connection to ":0.0" refused by server" about 50% of the time
This can be fixed by running "cat ~/.Xauthority".
Also sometimes running "ls -al ~/.Xauthority" will result in a "stale nfs file handle" error.
I assume this is because the Xauthority file is removed, and then a new one is created when ssh sets up credentials on computer A. This causes the file inode number to change, causing the stale file handle errors on computer B. However, this problem did not occur in ubuntu feisty. I havn't tried it with gutsy. I've tried installing the packages for xauth and libxau6 from feisty, but it did not fix the problem. So I'm guessing its an ssh issue, but i could be wrong.
Someone reported the same issue on the ubuntu mailing list, but didn't seem to file a bug report that i could find.
https:/
I'm using ubuntu 8.04.1, also had the same problem with 8.04.0. It worked fine in ubuntu 7.04.
Package Versions
==========
openssh-client: 1:4.7p1-8ubuntu1.2
openssh-server: 1:4.7p1-8ubuntu1.2
xauth: 1:1.0.2-2
libxau6: 1:1.0.3-2
Changed in debian: | |
status: | Unknown → Confirmed |
Changed in debian: | |
status: | Confirmed → Fix Released |
Changed in debian: | |
status: | Fix Released → Confirmed |
Changed in debian: | |
status: | Confirmed → Fix Released |
I'm also running 8.04.1 with linux-image- 2.6.24- 19-generic (2.6.24-19.41) and I can confirm this problem.
By running 'while true; do date; ls -il .Xauthority ; sleep 1; done' on both my Ubuntu client and Debian etch NFS server (running 2.6.18-6-amd64) I can see that doing a 'ssh -X third-machine' indeed replaces the ~/.Xauthority file in my home directory: the inode number changes on the server but not on my Ubuntu desktop.
With the 'defaults' mount options in my /etc/fstab, my desktop continues to show old ~/.Xauthority inode number and stat() data for 60 seconds, then 'ls -l' starts returning 'ls: cannot access .Xauthority: Stale NFS file handle'. A command line 'stat .Xauthority' returns the same error. Doing any of 'ls .', 'cat .Xauthority >/dev/null', 'touch .Xauthority' will immediately cure this, letting 'ls -l .Xauthority' show the correct and updated info, the same as in the NFS server.
With the 'noac' mount option in my /etc/fstab the behavior is otherwise the same as in the above, but the 60 second timeout disappears and 'stat .Xauthority' starts to return 'Stale NFS file handle' immediately after 'ssh -X third-machine' has replaced the file at 'third-machine' and the NFS server.
With the 'sync' mount option in /etc/fstab the behavior is just like in the case of 'defaults' mount option.
I find it quite likely that this has actually nothing to do with the way OpenSSH does the updating of '.Xauthority' file (i.e. many other applications revise files by replacing them with a new version) but the way '~/.Xauthority' is apparently often used, by just 'stat()'ting it, leads to exposure of this problem. It looks to me more like a kernel NFS client problem.
I'm a bit puzzled why 'lstat64( ".Xauthority" , ...)' would fail with stale NFS handle whereas a 'open(" .Xauthority" , ...)' will work just fine---why the former gets out-of-date directory info and the latter gets the correct, updated one?