Being the insanely paranoid security/privacy nut that I am, I've set up a number of privacy-enabling alterations to my archlinux install. Most recently, I found the magical nickname wireless parameter, which sends one's hostname to the access point for a network. This is a very bad thing for those who value their privacy as much as I do. Given that changing the nickname for my interface isn't working due to being unsupported, I thought that, rather than change the nickname, I could simply randomize the hostname on every boot. I wrote a script that uses makepasswd to generate a seven-character random string, which is then echoed to /etc/hostname. Whithout exception, this causes startx to hang at a black screen. After testing several hostnames, I've come to the conlusion that Xorg somehow relies on my default hostname to work properly, though there is no indication of an issue in the logs. Can anyone explain why this is happening?
Also, my paranoia is irrelivant to the issue. Please refrain from posting simply to say that the effort isn't worth it and that I'm nuts. It isn't very helpful, after all.
startx uses the hostname command to set up Xauth info, see /usr/bin/startx line 144 and following. Could you try to add some debug prints there, and let us know the output?
going step by step through the hostname bit of the startx script, it appears that, with a random hostname, `hostname -f` hangs indefinitely. Setting this simply to `hostname`lets X start up without a hiccup, but it does seem to interfere with sudo to some extent. I attempted to run netcfg (and I have the appropriate 'NOPASSWD' line in my sudoers file), and it asked me for my password. I'm chalking this down to the 'hostname' parameter in sudoers, so it looks like I'll have to find a workaround. Would setting the NOPASSWD hostname parameter to 'localhost' work?
no, it did not work. Testing setting it to 'ALL' instead, but I'm thinking that that could open up some serious security holes...
Also X only starts when startx is issued without Xauthority enabled, which, as I understand it, is rather dangerous. Any idea as to how I can work around this, security wise?
Last edited by ParanoidAndroid (2013-05-19 02:19:39)