Skip to Main Content
Linux Security Cookbook
book

Linux Security Cookbook

by Daniel J. Barrett, Richard E. Silverman, Robert G. Byrnes
June 2003
Intermediate to advanced content levelIntermediate to advanced
336 pages
8h 54m
English
O'Reilly Media, Inc.
Content preview from Linux Security Cookbook

5.2. Running X Programs as root

Problem

While logged in as a normal user, you need to run an X window application as root. You get this error message:

 ** WARNING ** cannot open display

Solution

Create a shell script called, say, xsu:

#!/bin/sh
su - -c "exec env DISPLAY='$DISPLAY' \
        XAUTHORITY='${XAUTHORITY-$HOME/.Xauthority}' \
        "'"$SHELL"'" -c '$*'"

and run it with the desired command as its argument list:

# xsu  ...command line...

Discussion

The problem is that root’s .Xauthority file does not have the proper authorization credentials to access your X display.

This script invokes a login shell [Recipe 5.1] and the env program sets the environment variables DISPLAY and XAUTHORITY. The values are set to be the same as the invoking user’s. Otherwise they would be set to root’s values, but root doesn’t own the display.

So in this solution, XAUTHORITY remains ~user/.Xauthority instead of changing to ~root/.Xauthority. Since root can read any user’s .Xauthority file, including this one, it works.

This trick will not work if the user’s home directory is NFS-mounted without remote root access.

See Also

env(1), su(1), xauth(1).

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Linux Administration Cookbook

Linux Administration Cookbook

Adam K. Dean

Publisher Resources

ISBN: 0596003919Errata Page