<!DOCTYPE html>
<html>
  <head>

    <meta http-equiv="content-type" content="text/html; charset=UTF-8">
  </head>
  <body>
    Hello,<br>
      <span _d-id="5084" class="--l --r sentence_highlight">Please
      excuse the naivety of my question; I'm trying to understand how
      things work.<br>
    </span><span _d-id="21960" class="--l --r sentence_highlight"><br>
      I try to forward a tcp X11 connection to the server's unix socket:</span><br>
    <span _d-id="5084" class="--l --r sentence_highlight">  $ socat 
      TCP-LISTEN:6001,fork UNIX-CONNECT:/tmp/.X11-unix/X0 <br>
      <br>
    </span><span _d-id="25814" class="--l --r sentence_highlight">Then I
      can use it:<br>
        $ DISPLAY=localhost:1 xeyes<br>
      <br>
    </span><span _d-id="31269" class="--l --r sentence_highlight">It
      works well... but only for simple applications (xlogo xeyes xclock
      xmessage xnest...)<br>
      Surprisingly, this does not works for more complex applications
      (Xephyr wireshark ...)<br>
    </span><span _d-id="34745" class="--l --r sentence_highlight">These
      applications stop, seemingly waiting for an event that doesn't
      come.<br>
    </span><span _d-id="44488" class="--l --r sentence_highlight">Increasing
      socat's verbosity level doesn't help me to understand, nor does
      strace ltrace xtrace ...<br>
      <br>
      Well, this seems relating to the MIT-SHM extension.</span><br>
    <span _d-id="3023" class="--l --r sentence_highlight">My assumption:
    </span><span _d-id="2141" class="--l --r sentence_highlight">If the
      server thinks the client is local (due to the use of a unix
      socket), it activates the MIT-SHM extension without further
      preliminary checks (and tries to send </span>ancillary <span
      _d-id="2141" class="--l --r sentence_highlight">data (shm keys or
      file descriptor?) via the unix socket?). </span><span
      _d-id="3386" class="--l --r sentence_highlight">Right?<br>
      <br>
    </span> As a workarround, I have to generate an "untrusted" xauth
    cookie.<br>
    <span _d-id="4973" class="--l --r sentence_highlight"><span
        _d-id="4975"
        class="--l --r hover:bg-[#B4DAE8] hover:dark:bg-blue-600">Is</span>
      <span _d-id="4979"
        class="--l --r hover:bg-[#B4DAE8] hover:dark:bg-blue-600">there</span>
      <span _d-id="4983"
        class="--l --r hover:bg-[#B4DAE8] hover:dark:bg-blue-600">a</span>
      <span _d-id="4987"
        class="--l --r hover:bg-[#B4DAE8] hover:dark:bg-blue-600">better</span>
      <span _d-id="4991"
        class="--l --r hover:bg-[#B4DAE8] hover:dark:bg-blue-600">way</span><span
        _d-id="4994"
        class="--l --r hover:bg-[#B4DAE8] hover:dark:bg-blue-600">?<br>
        <br>
        (Note: I'm a fan of </span></span>network transparency<span
      _d-id="51612" class="--l --r sentence_highlight">!<br>
    </span><span _d-id="7936" class="--l --r sentence_highlight">A next
      time we'll talk about vsock;-) )<br>
    </span><span _d-id="51612" class="--l --r sentence_highlight"><br>
      Best regards<br>
      Christophe</span>
  </body>
</html>