Created attachment 185979 [details] enable SECURITY X server extension Attached patch enables SECURITY extension for X server. This will allow 'ssh -X' to work. Currently ssh -X fails, because 'xauth generate' can't grab auth data from running X server. This extension is enabled in xorg package for many (may be most) Linux distros. As I know it was disabled by default in xorg when XACE was added. But XACE is not fully replaces SECURITY extension: "In Red Hat Enterprise Linux 6, the X Security extension (XC-SECURITY) has been disabled and replaced by X Access Control Extension (XACE). However, XACE does not yet include functionality that was previously available in XC-SECURITY. With this update, XC-SECURITY is enabled in the xorg-x11-server spec file on Red Hat Enterprise Linux 6." [1] 1. https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/6.5_Technical_Notes/xorg-x11-server.html I've not tested this change with slave ports, so in my patch I've added this option only for ${SLAVE_PORT} == "no".
I am affected by this issue as well and the proposed patch fixed it for me.
I'm looking at this.
A commit references this bug: Author: zeising Date: Sun May 20 14:51:32 UTC 2018 New revision: 470462 URL: https://svnweb.freebsd.org/changeset/ports/470462 Log: x11-servers/xorg-server: Enable SECURITY extension Enabling the SECURITY extension will make ssh -X work in most cases. This extension is enabled in many Linux distros. PR: 221984 Submitted by: Anton Yuzhaninov Changes: head/x11-servers/xorg-server/Makefile
Fixed, thanks for the report!
Created attachment 193624 [details] Proposed patch (since 470462 revision) I think, the xcsecurity configure option can be optional, because Xorg's developers disabled this option by default: -8<-- % ./configure --help | grep xcsecurity --enable-xcsecurity Build Security extension (default: disabled) -->8- The user should be able to do the same, if needed. - Bump PORTREVISION - Add SECURITY option to "Build Security extension"