LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices


Reply
  Search this Thread
Old 10-02-2005, 01:41 PM   #1
uopjohnson
Member
 
Registered: Jun 2004
Location: San Francisco
Distribution: Slackware, Ubuntu, RHEL, OS X
Posts: 159

Rep: Reputation: 30
su then open program in X fails


I used to be able to do this no prob... now I can't and I have no idea what changed. I'm on a fresh 10.2 install. What I would like to be able to do is su to another user and then open a program as that user. For instance firefox. However when I do this I get.

Xlib: connection to ":0.0" refused by server
Xlib: No protocol specified


(firefox-bin:5392): Gtk-WARNING **: cannot open display:

any suggestions?
 
Old 10-02-2005, 01:48 PM   #2
anomie
Senior Member
 
Registered: Nov 2004
Location: Texas
Distribution: RHEL, Scientific Linux, Debian, Fedora
Posts: 3,935
Blog Entries: 5

Rep: Reputation: Disabled
Try
Code:
sux - user_name
That should let you inherit X.
 
Old 10-02-2005, 01:54 PM   #3
uopjohnson
Member
 
Registered: Jun 2004
Location: San Francisco
Distribution: Slackware, Ubuntu, RHEL, OS X
Posts: 159

Original Poster
Rep: Reputation: 30
I don't seem to have sux. I tried xhost +localhost which I saw was supposed to let me open things as another user and that didn't work either.
 
Old 10-02-2005, 01:57 PM   #4
uselpa
Senior Member
 
Registered: Oct 2004
Location: Luxemburg
Distribution: Slackware, OS X
Posts: 1,507

Rep: Reputation: 47
Try sudo instead of su.
 
Old 10-02-2005, 02:01 PM   #5
uopjohnson
Member
 
Registered: Jun 2004
Location: San Francisco
Distribution: Slackware, Ubuntu, RHEL, OS X
Posts: 159

Original Poster
Rep: Reputation: 30
Code:
sudo -u user firefox
gives the same error. I see that this is some sort of X server security feature, but it is damnably inconvenient.
 
Old 10-02-2005, 02:15 PM   #6
almahdi
LQ Newbie
 
Registered: Aug 2004
Distribution: Slackware 10.2
Posts: 12

Rep: Reputation: 0
It should work this way, first in the terminal write
Code:
xhost +localhost
then
Code:
su - user
and then run any application you'd like to run like xcalc
Code:
xcalc
Let us know what goes with you.
 
Old 10-02-2005, 02:38 PM   #7
uopjohnson
Member
 
Registered: Jun 2004
Location: San Francisco
Distribution: Slackware, Ubuntu, RHEL, OS X
Posts: 159

Original Poster
Rep: Reputation: 30
Code:
xhost +localhost
gives: localhost being added to access control list

Code:
su - user
gives: /dev/pts/0: Operation not permitted

Code:
xcalc
gives: Error: Can't open display:
 
Old 10-02-2005, 02:54 PM   #8
uopjohnson
Member
 
Registered: Jun 2004
Location: San Francisco
Distribution: Slackware, Ubuntu, RHEL, OS X
Posts: 159

Original Poster
Rep: Reputation: 30
Ok so I did
Code:
xhost +
which disables access control and now It works. Is this a major security hole? I'm not sure how the x server would handle connections but
Code:
nmap localhost
doesn't show an open x port.
 
Old 10-02-2005, 03:40 PM   #9
egag
Senior Member
 
Registered: Jul 2004
Location: Netherlands
Distribution: Slackware
Posts: 2,721

Rep: Reputation: 53
xhost + will allow anyone to connect to your x server.
it's a securety risc.

<there was some nonsense here before editing...>

if i use " su " --->gui programs work ok without doing any settings.
if i use " su - " --->things don't work ( which is logic )


egag

Last edited by egag; 10-02-2005 at 04:35 PM.
 
Old 10-02-2005, 04:15 PM   #10
imitheos
Member
 
Registered: May 2005
Location: Greece
Posts: 441

Rep: Reputation: 141Reputation: 141
Re: su then open program in X fails

Quote:
Originally posted by uopjohnson
I used to be able to do this no prob... now I can't and I have no idea what changed. I'm on a fresh 10.2 install. What I would like to be able to do is su to another user and then open a program as that user. For instance firefox. However when I do this I get.

Xlib: connection to ":0.0" refused by server
Xlib: No protocol specified


(firefox-bin:5392): Gtk-WARNING **: cannot open display:

any suggestions?
I guess that either you start your xserver with "-auth" or you use "KDM/XDM/GDM/etc".

You can use "xhost" but it is insecure.
The proper way is to use xauth authentication.

you run "xauth list" as the user that is running the xserver (the first user)
you will get some authentication keys
copy the one that is starting as "hostname/unix:0"
then su to the user you want to start the program as (the second user)
(dont run "su -" just plain "su")

then run "xauth add KEY_LINE" where KEY_LINE is the key you copied from the other user.
KEY_LINE is the whole line (it is something like this "hostname/unix:0 MIT-MAGIC-COOKIE-1 big_key")
you copy all this thing.

then every X application should work for the other user.
if you run "su -" then you get a login shell and it has the enviroment the user would have if he logged in.
then all the procedure is the same except for an addition. you should set the DISPLAY enviroment variable
(for example in a bash shell "export DISPLAY=":.0" )
 
Old 10-03-2005, 08:29 PM   #11
uopjohnson
Member
 
Registered: Jun 2004
Location: San Francisco
Distribution: Slackware, Ubuntu, RHEL, OS X
Posts: 159

Original Poster
Rep: Reputation: 30
Ok... so that allows me to open things, but it does not open them as the sued to user. It opens them as the original user.
 
Old 10-05-2005, 11:28 AM   #12
jayptr
LQ Newbie
 
Registered: Mar 2004
Distribution: Slackware/Suse/CentOS
Posts: 17

Rep: Reputation: 0
I am having the same problem with using su to run a program from the command line for another user. The su command was working eariler on when I was configuring my system after installing Slackware 10.2. I noticed recently that it was not working anymore. I think it might be caused by the [slackware-security] X.Org pixmap overflow (SSA:2005-269-02) patch that was released by Pat. I haven't been able to test my theory yet, but will later today hopefully, if I have time, and I will post the results.
 
Old 10-05-2005, 11:49 AM   #13
KMcD
Member
 
Registered: Jun 2003
Location: Dublin, Ireland
Distribution: Slack -- current
Posts: 354

Rep: Reputation: 30
kde has a solution to this. If you use kde go to the "run command" option in the start (k) menu and enter
Code:
kdesu firefox
to open firefox as root.
 
Old 10-05-2005, 02:40 PM   #14
jayptr
LQ Newbie
 
Registered: Mar 2004
Distribution: Slackware/Suse/CentOS
Posts: 17

Rep: Reputation: 0
For me and probably others, not everyone uses KDE. I personally use Window Maker on my Slack Box. So a real solution to the problem should be found rather than putting a band aide on it.
 
Old 10-05-2005, 03:51 PM   #15
imitheos
Member
 
Registered: May 2005
Location: Greece
Posts: 441

Rep: Reputation: 141Reputation: 141
Quote:
Originally posted by jayptr
For me and probably others, not everyone uses KDE. I personally use Window Maker on my Slack Box. So a real solution to the problem should be found rather than putting a band aide on it.
jayptr didn't the method with xauth i described work for you ?

i use slackware-current, so i have the updated X packages and i also use Windowmaker but it works ok for me.

Also, kdesu works in windowmaker too as every other KDE program. you don't have to use kde to use Kwrite for instance.
And if you don't like it there are many other "graphical su" programs
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
IPsec fails to open tunnel KaMakani Linux - Networking 0 10-12-2005 11:54 PM
DVD Shrink Open File fails iab941 Linux - Software 1 07-04-2004 03:58 AM
DVD Shrink Open File fails iab941 Linux - Newbie 1 06-22-2004 02:47 AM
Qt program fails to compile irfanhab Programming 2 05-21-2004 04:33 AM
Blender binary file fails to open adhara Linux - Software 1 12-09-2003 07:35 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 10:48 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration