root user, graphical programs
Pieter Donche
Pieter.Donche at ua.ac.be
Fri May 15 08:38:42 UTC 2009
No luck (yet)
I tried both methods, (with xpdf as a graphical program)
The first still gives
# xpdf
Can't open display
The second method
# xpdf
No protocol specified
Error: Can't open display: :0.0
(after su -, $HOME was indeed /root)
(in /root .Xauthority was changed/created, $DISPLAY is :0.0)
On Fri, 15 May 2009, Matthew Seaman wrote:
> Pieter Donche wrote:
>> FreeBSD 7, KDE 3.5
>> To install Matlab (in linux compat mode), one must execute the
>> matlab install program as root. The installer is graphical.
>> When from a KDE terminal window, I switch to root (# su -)
>> and try a graphical program, e.g. # xpdf, I get Can't open display.
>> The FreeBSD handbook (10.5.1) says in that case type setenv HOME ~USER
>> (USER the username where the su command was given). This doesn't help
>> I still get Can't open display.
>>
>> What's wrong and how to solve it?
>
> That's the standard X Windows security stopping other users opening windows
> on your screen. In this case, something like:
>
> % xhost +LOCAL:
> % su
> # {...whatever you need to do to install your app...}
> # exit
> % xhost -LOCAL:
>
> However be aware of the risks: xhost +LOCAL: means that any other user
> of the same machine can access your display and potentially capture any
> input including (for instance) the root password.
>
> Hmmm... Actually, a more secure means of doing the same thing, that only
> grants access to your display by the local root user would be:
>
> % xauth extract - $DISPLAY > ~/authtoken
> % su -
> # echo $HOME
>
> (This should return /root -- this is important so that the correct
> .Xauthority
> file gets updated.)
>
> # xauth merge /home/your-uid/authtoken
> # rm /home/your-uid/authtoken
> # setenv DISPLAY :0.0
> # {...whatever you need to do to install your app...}
>
> Now any X programs run by root will open on your display. To revoke this
> permission you can simply remove /root/.Xauthority or for finer grained
> control you can use
> # xauth remove $DISPLAY
>
> Cheers,
>
> Matthew
>
> --
> Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard
> Flat 3
> PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate
> Kent, CT11 9PW
>
>
More information about the freebsd-questions
mailing list