From owner-freebsd-questions  Mon Nov 25 21:36:09 1996
Return-Path: owner-questions
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id VAA10836
          for questions-outgoing; Mon, 25 Nov 1996 21:36:09 -0800 (PST)
Received: from Nimbus.CAM.ORG (Nimbus.CAM.ORG [198.168.100.4])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id VAA10807
          for <questions@FreeBSD.org>; Mon, 25 Nov 1996 21:35:55 -0800 (PST)
Received: from owilson.HIP.CAM.ORG (owilson.HIP.CAM.ORG [205.151.117.34]) by Nimbus.CAM.ORG (8.8.2/8.8.2) with SMTP id AAA02398 for <questions@FreeBSD.org>; Tue, 26 Nov 1996 00:35:36 -0500 (EST)
Date: Tue, 26 Nov 1996 00:35:36 -0500 (EST)
Message-Id: <199611260535.AAA02398@Nimbus.CAM.ORG>
X-Sender: owilson@pop.hip.cam.org
X-Mailer: Windows Eudora Version 1.4.4
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
To: FreeBSD-Questions <questions@FreeBSD.org>
From: owilson@Hydro.CAM.ORG (Oliver Wilson)
Subject: Help!! Access control on X with MIT-MAGIC-COOKIE-1
Sender: owner-questions@FreeBSD.org
X-Loop: FreeBSD.org
Precedence: bulk

I am able to sign on as root on Xfree86, which I have configured to use 
MIT-MAGIC-COOKIE-1 access control. X on my system is configured to use 
virtual console #4. However when I attempt to sign on using another 
valid user ID, X rejects the attempt, and writes the following messages
in $HOME/.xsession-errors:
        X connection to :0.0 broken (explicit kill or server shutdown)
        Xlib: connection to ":0.0" refused by server
        Xlib: Client is not authorized to connect to server
        Error: Can't open display: :0

In short, the MIT-MAGIC-COOKIE-1 access control only allows in 'root'. Can more 
that 1 user sign on to the same display using MIT-MAGIC-COOKIE-1 access 
control if it has already been generated for root?? I've done some research, 
which seems to indicate that xdm does generate the unique magic cookie code, 
however after attempting to sign on as a non root user, the
$HOME/.Xauthority file 
has a zero size, which means that the unique code was not generated.

My xdm-config file has the following resource specifications:
        DisplayManager._0.authorize:    true
        DisplayManager*authorize:       false

My feeling is that more than 1 user should be allowed, especially if the
machine is
to be shared.

Can anyone supply some answers or advice?? I shall be most greatful


Oliver Wilson

owilson@sirn.org