So you learn something new every day…

Aug 22 2013 Published by under howto

So today I discovered xclip, when perusing the GitHub ssh instructions.

A tool in the traditional unix sense, xclip does nothing but redirect input to or read from the clipboard, allowing clipboard manipulation from the command line or shell script. Awesome – how come I didn’t I already know this!

Available as a Debian package, and almost certainly in other distributions.

I have in the past programatically modified the clipboard, from Javascript and Python at different times, but although this tool has been around a while I never managed to pay attention before. Serendipity FTW!

Hmm, I wonder if I shouldn’t make this a series, so that I keep regularly posting even when time is short…

No responses yet

How to Enable / Disable remote X connections in Debian Squeeze

Jan 19 2012 Published by under howto, linux

Background

Using my AspireOne at LCA2012 I realised I had a hole that really needed to be tightened before using the Most Excellent LCA2012 wireless network instead of a 3G dongle.

One of these is that I was gaining an ipv6 address on the LCA network. (This was not the hole.) My 3G only has ipv4 and at I only run ipv4 at home.

After connecting I had both ipv6 and ipv4 addresses, but importantly upon running netstat -antp realised I had kdm [1] listening on 6000 wide open – I had it firewalled out on ipv4 but had never setup ip6tables (oops)

To sort things quickly I subsequently disabled ipv6 [2] but I first killed off my local X/server from accepting connections anyway (you cant be too cautious, in a large crowd of very skilled people, potentially prank-minded, right? following good advice – ‘take precautions’ …)

me@xxxxxxx:~$ sudo netstat -lntp

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:6000            0.0.0.0:*               LISTEN      13494/X         
tcp6       0      0 :::6000                 :::*                    LISTEN      13494/X  

Procedure

To disable network connections on port 6000 using kdm:

  1. Edit /etc/kde4/kdm/kdmrc
  2. Look for a section [X-:*-Core]
  3. If missing or commented out, add the line ServerArgsLocal=-nolisten tcp, if it is already there, instead append -nolisten tcp to the line starting with ServerArgsLocal
  4. Either reboot, or kill X and restart kdm

Result:

me@xxxxxxx:~$ sudo netstat -lntp

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name

To _enable_ connections, simply ensure the -nolisten tcp arguments are not present.

FWIW I have had to do this on gdm in the past as well.
Instructions for this are actually provided in the Debian Reference Manual, Chapter 7 (section 7.4.2, tips)

YMMV if you have more than a basic configuration or are running some other variant or distribution.

Footnotes
[1] I only use kdm for login, for performance I run openbox
[2] Yes, I know, I should use ipv6, I even agree with all the reasons listed by Julien Goodwin at his excellent SysAdmin miniconf talk on why I should use ipv6, but that will need to wait until I get home (and depends on my ISP.)
(And facepalm to self for mixing up selinux with ipv6 before coffee this morning)

No responses yet