2 files changed, 24 insertions, 2 deletions

diff --git a/gnu/packages/patches/lsh-fix-x11-forwarding.patch b/gnu/packages/patches/lsh-fix-x11-forwarding.patch
new file mode 100644
index 0000000000..fd56a5bafd
--- /dev/null
+++ b/gnu/packages/patches/lsh-fix-x11-forwarding.patch
@@ -0,0 +1,20 @@
+--- a/src/server_x11.c	2016-08-01 11:58:54.714647794 +0200
++++ b/src/server_x11.c	2016-08-01 11:58:46.606563478 +0200
+@@ -151,7 +151,7 @@ DEFINE_COMMAND(open_forwarded_x11)
+ #define X11_MIN_DISPLAY 10
+ #define X11_MAX_DISPLAY 1000
+ 
+-/* FIXME: Create the /tmp/.X11-unix directory, if needed. Figure out
++/* FIXME: Figure out
+  * if and how we should use /tmp/.X17-lock. Consider using display
+  * "unix:17" instead of just ":17".
+  */
+@@ -253,6 +253,7 @@ open_x11_socket(struct ssh_channel *chan
+ 
+   old_umask = umask(0077);
+   
++  mkdir(X11_SOCKET_DIR, S_IRWXU | S_IRWXG | S_IRWXO | S_ISVTX);
+   old_cd = lsh_pushd(X11_SOCKET_DIR, &dir, 0, 0);
+   if (old_cd < 0)
+     {
+
diff --git a/gnu/packages/ssh.scm b/gnu/packages/ssh.scm
index d28e3ef83c..e660c1cc5f 100644
--- a/gnu/packages/ssh.scm
+++ b/gnu/packages/ssh.scm
@@ -594,7 +594,8 @@ basis for almost any application.")
 
                   (substitute* "src/testsuite/login-auth-test"
                     (("/bin/cat") "cat"))
-                  #t))))
+                  #t))
+              (patches (search-patches "lsh-fix-x11-forwarding.patch"))))
     (build-system gnu-build-system)
     (native-inputs
      `(("m4" ,m4)
@@ -615,7 +616,8 @@ basis for almost any application.")
 
        ;; The server (lshd) invokes xauth when X11 forwarding is requested.
        ;; This adds 24 MiB (or 27%) to the closure of lsh.
-       ("xauth" ,xauth)))
+       ("xauth" ,xauth)
+       ("libxau" ,libxau)))             ;also required for x11-forwarding
     (arguments
      '(;; Skip the `configure' test that checks whether /dev/ptmx &
        ;; co. work as expected, because it relies on impurities (for