DOC HOME SITE MAP MAN PAGES GNU INFO SEARCH PRINT BOOK
 
Running remote programs

Granting access to specific hosts

The X server maintains a list of machines that have access to the display. You must establish this list even if you plan to only grant access to users with an authorization code.

To grant access to your display for specific host machines, perform the following steps.

  1. To specify system-wide access permissions, edit the /etc/Xn.hosts file, where n represents the display number that you want the host machine to be able to access. Add the names of the host machines to which you want to grant access. This step is optional. (Do not add hosts to this file if you only want to grant access to your display for one session.) You must be root to edit these files.

    The access permissions take effect when the X server is restarted.

  2. To specify display access permissions for a single X session, run the server and add or remove host machines in the access permission list with xhost(X). Any user can perform this step.
The desired host machines now have permission to access your display.

Step 1: Establishing system-wide host access

The X server maintains a list of machines that have access to your display. This list is contained in the /etc/Xn.hosts files on the local machine, where n represents the display number for which you want to assign access. The machines listed in these files are granted access to displays 0 through 7 at the time the servers are started. For example, to specify the host machines that are allowed to access local display :0, add the names of these machines to /etc/X0.hosts.

Each line in the Xn.hosts files consists of just the name of the host machine that has access to the server. For example, to allow any user on boston to access the tusconey:0 display, add the following line to /etc/X0.hosts on tusconey: 

   boston
You must be logged in as root to edit these files. The changes you make take effect when the server is restarted.

Note that any user on a host machine specified in these files has access to your display whenever the X server is running. If you only want to grant access to a host for a single X session, do not modify these files. Instead, see Step 2.

In addition to adding hosts to the Xn.hosts files, be sure to remove hosts that you do not want to have access to your display.

Step 2: Setting temporary display access

Once the X server is running, you can examine the current host permissions with the following command, from a local scoterm window:

xhost

Use this command on the local machine where the server is running. xhost with no command line options displays a list of machines that currently have access to your display. Use this list to determine if the system-wide configuration provides access to the appropriate host machine.

To add a host to the X server's host access list, execute the following command:

xhost +hostname

If you omit hostname, the X server removes all access restrictions, allowing any client on any machine on the network to access your display.

NOTE: Use xhost + with caution; it allows any user on any machine on the network to access your display.

If there are hosts configured that you do not want accessing your X server, remove them from the server's host access list by running the following command:

xhost -hostname

This command removes hostname from the host access list. If you omit hostname, xhost specifies that no remote host can access your display for the duration of the current session. This option is very useful to reverse the effect of running xhost +.

Next topic: Granting access to specific accounts
Previous topic: Setting up access permissions to your display

© 2003 Caldera International, Inc. All rights reserved.
SCO OpenServer Release 5.0.7 -- 11 February 2003