106.1 Install and Configure X11

Weight: 2

Goal: Install and configure X11.

1. What is X11?

X11 (also called X Window System or just X) is the traditional graphical system used on Linux. It is the software layer that draws windows, handles the mouse and keyboard, and shows your desktop on the screen.

The most common implementation on Linux is Xorg (also called X.Org Server). When someone says “the X server is running,” they usually mean Xorg.

X11 has been around for decades. A newer system called Wayland is replacing it on modern Linux desktops, but the exam still focuses on X11.

2. The X11 Architecture (Client–Server Model)

X11 uses a client–server model, but it works backwards from what most people expect:

The X server runs on the machine with the screen, keyboard, and mouse (the user’s computer).
The X clients are the graphical applications (Firefox, a text editor, a terminal). They talk to the X server, which draws their windows.

┌──────────────────────┐         ┌───────────────────────┐
│  X client (Firefox)  │ ──────► │  X server (Xorg)      │
│  X client (xterm)    │ ──────► │  draws on screen,     │
│  X client (gedit)    │ ──────► │  handles keyboard/    │
│                      │         │  mouse input          │
└──────────────────────┘         └───────────────────────┘

The clients and the server can be on the same machine (normal desktop use) or on different machines across a network (remote X applications).

Other pieces of the desktop puzzle

Component	Role
X server (Xorg)	The low-level program that talks to the graphics card, screen, mouse, and keyboard.
Window manager	Decides how windows look — title bars, borders, where they appear, how to move and resize them. Examples: Metacity, KWin, Openbox, i3.
Desktop environment	A complete set of programs giving you a full desktop: panels, file manager, settings, applications. Examples: GNOME, KDE Plasma, Xfce, LXDE.
Display manager	The graphical login screen. Starts the X server and lets the user log in. Examples: GDM (GNOME), SDDM (KDE), LightDM, XDM.

A typical boot sequence: Xorg starts → display manager shows login → user logs in → desktop environment + window manager start.

3. Xorg Configuration Files

Modern Xorg auto-detects most hardware and usually needs no configuration. But the exam still requires you to know where its configuration lives.

`/etc/X11/xorg.conf`

The traditional, single configuration file. On modern systems it often does not exist — Xorg uses defaults. If it exists, it overrides the defaults.

`/etc/X11/xorg.conf.d/`

The preferred modern approach: a directory of small .conf snippets, each handling one piece of configuration (keyboard, mouse, monitor, etc.). Xorg reads all .conf files in this directory in alphabetical order. Files are typically named like 10-keyboard.conf, 20-monitor.conf.

Structure of an Xorg config file

Xorg configuration is organized into Sections. Each section configures one type of thing.

Section "SectionName"
    Option "key" "value"
EndSection

Important sections:

Section	What it configures
`InputClass` / `InputDevice`	Keyboard, mouse, touchpad.
`Monitor`	A physical monitor (resolution, refresh rate).
`Device`	The graphics card.
`Screen`	Pairs a `Monitor` with a `Device`.
`ServerLayout`	Combines screens and input devices into the overall layout.
`Files`	Paths to fonts and modules.
`Module`	Loads additional Xorg modules.

Example: setting the keyboard layout

A file /etc/X11/xorg.conf.d/10-keyboard.conf:

Section "InputClass"
    Identifier "system-keyboard"
    MatchIsKeyboard "on"
    Option "XkbLayout" "fr"
    Option "XkbVariant" "azerty"
EndSection

This is the typical exam example: overriding one specific aspect of Xorg configuration (the keyboard layout) by dropping a small file into xorg.conf.d/ rather than rewriting the whole xorg.conf.

4. The `DISPLAY` Environment Variable

DISPLAY tells an X client which X server to send its window to.

Format:

DISPLAY=hostname:displaynumber.screennumber

Examples:

Value	Meaning
`:0`	Local machine, display 0, screen 0 (the usual local desktop).
`:0.0`	Same as above, written out fully.
`:1`	Local machine, display 1 (a second X server).
`pc.example.com:0`	Remote machine `pc.example.com`, display 0.

Setting it manually:

$ export DISPLAY=:0
$ xclock          # window appears on the local display

If DISPLAY is not set, graphical programs fail with an error like “cannot open display”.

5. Access Control: `xhost` and `xauth`

Because X clients can be remote, the X server must protect itself — otherwise anyone on the network could open windows on your screen or capture your keystrokes. There are two access-control mechanisms.

`xhost` — host-based access control

Allows or denies connections based on hostname or IP address. Simple but insecure: anyone logged in on the allowed host can connect.

$ xhost                       # show current access list
$ xhost +pc.example.com       # allow that host to connect
$ xhost -pc.example.com       # remove that host
$ xhost +                     # allow ANY host — dangerous, avoid
$ xhost -                     # disable all host-based access

xhost + with no argument disables access control entirely — useful as a quick test but a security risk.

`xauth` — cookie-based access control (preferred)

Uses a secret token called a MIT-MAGIC-COOKIE stored in ~/.Xauthority. A client must present the right cookie to connect to the server. This is the secure, modern method, used automatically by SSH X11 forwarding.

$ xauth list                              # list cookies in ~/.Xauthority
$ xauth add host:0 . cookie-value          # add a cookie
$ xauth remove host:0                      # remove one

You rarely run xauth by hand — SSH and the display manager handle it for you.

6. Displaying Applications on a Remote X Server

There are two classic ways to run a graphical program on one machine and see it on another.

Method A: set `DISPLAY` manually (old, insecure)

On the remote machine:

$ export DISPLAY=mypc.example.com:0
$ firefox

On the local machine you must first allow the remote host:

$ xhost +remote.example.com

Traffic is not encrypted. Mostly historical knowledge.

Method B: SSH X11 forwarding (modern, secure)

SSH tunnels the X protocol over an encrypted connection and handles DISPLAY and xauth automatically.

$ ssh -X user@remote          # enable X11 forwarding
$ firefox                     # window appears on your local screen

-X enables X11 forwarding.
-Y enables trusted X11 forwarding (fewer restrictions, sometimes needed for older clients).

For this to work, the SSH server must have X11Forwarding yes in /etc/ssh/sshd_config.

7. Logging and Troubleshooting

`~/.xsession-errors`

A per-user log file. When you log in graphically, the display manager writes errors from your graphical session (window manager, apps that fail to start, etc.) into this file. First place to look when something in your graphical session misbehaves.

$ tail ~/.xsession-errors

Xorg server log

Xorg itself logs to /var/log/Xorg.0.log (one file per server number — .0, .1, …). Useful when the X server itself fails to start.

The `X` command

X is the X server binary itself. It is normally started by the display manager, but you can run it directly:

$ X :1                  # start a second X server on display :1

Useful only for testing; you wouldn’t do this in normal use.

8. Wayland (Awareness Only)

The exam expects you to be aware of Wayland — you do not need to configure it.

Key points to know:

Wayland is the modern replacement for X11. Many Linux desktops (recent GNOME, KDE) use it by default.
It is simpler and more secure than X11. The compositor (the equivalent of the X server and window manager combined) talks directly to the kernel.
It does not have a built-in network-transparent protocol like X11’s. Remote display is done with other tools (e.g., RDP, VNC, or waypipe).
Many older X11 applications can still run on Wayland through a compatibility layer called XWayland.

9. Quick Reference: Files and Commands for the Exam

Files:

/etc/X11/xorg.conf
/etc/X11/xorg.conf.d/
~/.xsession-errors
/var/log/Xorg.0.log
~/.Xauthority

Commands and terms:

xhost
xauth
DISPLAY
X

Concepts:

X11 client–server model (server has the screen)
Display manager, window manager, desktop environment
Wayland (awareness only)

10. Likely Exam Questions (Self-Check)

In the X11 client–server model, which machine runs the server: the one with the screen or the one with the application? The one with the screen, keyboard, and mouse. Applications are clients.
What is the modern, preferred place to add an Xorg configuration snippet for the keyboard? A small file inside /etc/X11/xorg.conf.d/, for example 10-keyboard.conf.
What does DISPLAY=:0 mean? The local machine, display 0, screen 0.
What is the difference between xhost and xauth? xhost controls access by hostname/IP (insecure). xauth uses a secret cookie in ~/.Xauthority (secure, used by SSH).
How do you allow another machine to open windows on your X server? xhost +hostname (insecure), or use ssh -X for the secure approach.
Where does a graphical login session record its errors for a user? ~/.xsession-errors.
What is the difference between a window manager and a desktop environment? A window manager just handles window decorations and placement. A desktop environment is a complete user experience: window manager + panels + file manager + apps + settings.
What does a display manager do? It provides the graphical login screen and starts the X session after the user logs in. Examples: GDM, SDDM, LightDM, XDM.
What command runs a graphical application on a remote machine and displays it locally, securely? ssh -X user@host then run the program.
Is Wayland a replacement for X11 or for the window manager? For X11 (the display server protocol). A Wayland compositor plays the role of both X server and window manager combined.