Do we need the temporary file? These are generally tiny, and can be handled in memory. Let’s just enforce them to not be larger than a reasonable size with a read limiter.
Not strictly, no. The point of this file is to avoid race conditions with the checks on the original file. It would be fine to stat and read the file into memory and atomically write out to disk with the permissions and times. Having the temporary file does mean you can use the existing xauth tool for verification rather than reimplementing the verification bits-- but implementing the verification checks in snap run and not calling out to an external tool has its own advantages.
We probably don’t need a huge amount of verification at this point. The worst thing that can happen in this case in terms of security is the file being right. 
Using xauth isn’t something we can easily do. It’s not part of the core snap. Making this a classic only thing also doesn’t work as we have and will have customers still using X11 also on Ubuntu Core. I could reimplement xauth parsing code in Go for this. What we want to avoid at all cost is having libxauth as a dependency. Any other ideas?
@jdstrand I’ve implemented what you suggested now with this commit but also added validation of the Xauthority file with a simple parsing of data inside the Xauthority file to validate it. This misses unit tests etc. and is still a bit rough. Once we have an agreement on how we want to proceed I can finalize this and propose a PR.
Is this the same reason why I cannot X11-forward a snap through ssh?
No, this topic is about making sure that on distributions that store Xauthority files in /tmp that the Xauthority file is available somewhere. ssh forwarding is a different issue and discussed in X11 Forwarding using SSH (ie, .Xauthority doesn’t exist in /home/user/snap/foo/current/.Xauthority).
I just stumbled on this today.
Running through that tutorial I have to sudo ubuntu-core-vm which should run a qemu window on my X11 system. Unfortunately my xauthority magic cookie is in /tmp on the host and is as such inaccessible to the snap.
My current workaround is to copy the /tmp/xauth-1000-_0 to /tmp/snap.0_ubuntu-core-vm_VMxtMv/tmp which is quite the bodge.
Is there a better fix since this was last brought up? Should the X11 interface be extended to fix this?
i dont see such issues on 16.04 when using a Core image with my qemu-virgil package (invocation help is in “snap info qemu-virgil”) which should be similar to (but not quite the same as) ubuntu-core-vm … do you have all interfaces connected for the snap ?
the ubuntu-core-vm has many fewer plugs associated with it. Comparing to qemu-virgil I see the ubuntu-core-vm does not declare these potentially relevant plugs:
- desktop
- home
- unity7
- wayland
What is the host OS?
alan@KinkPad-K450:~$ lsb_release -a
No LSB modules are available.
Distributor ID: neon
Description: KDE neon LTS User Edition 5.12
Release: 16.04
Codename: xenial
There is code to detect an Xauthority file in /tmp then move it to XDG_RUNTIME_DIR: https://github.com/snapcore/snapd/blob/master/cmd/snap/cmd_run.go#L411
Can you walk through that and see where it might be failing? Eg, is XDG_RUNTIME_DIR set? Is XAUTHORITY? etc, etc
I would be curious if your snap works if you do: XAUTHORITY=/tmp/... <your snap>.
Oh, I bet since this is xwayland that XAUTHORITY isn’t being set for you. The snap providing Xwayland should probably put it in XDG_RUNTIME_DIR or $HOME instead.
but the snap providing XWayland runs inside a VM and mir-kiosk (again, inside the VM) would be the one providing the whole display environment here, i dont get why in any of this the XAUTHORITY would have any impact beyond on running the VM on top of the desktop OS
Nope, can’t get that to work at all. Want me to wave my laptop under your nose tomorrow?
At times I mixed up my responses regarding Xwayland thinking that was the issue (it isn’t-- the tutorial works fine with a core 16 vm). For clarity, the issue is that the ubuntu-core-vm snap doesn’t work on KDE neon (apparently) and @popey must copy his xauth file to /tmp/snap.0_ubuntu-core-vm_VMxtMv/tmp.
@popey, if your xauth file on the host is /tmp/xauth-1000-_0. Can you run:
$ sudo -H XAUTHORITY=/tmp/xauth-1000-_0 ubuntu-core-vm
I suspect that still may not work since the xauth file is for your user but you are running under root, and /run/user/0 probably doesn’t exist (https://github.com/snapcore/snapd/blob/master/cmd/snap/cmd_run.go#L420). It might work if you create it with sudo mkdir -m 0700 /run/user/0.