On 2023-12-08, Markus Robert Kessler <
no_reply@dipl-ing-kessler.de> wrote:
Hello everyone,
I'm just trying to switch the current user and then invoke some X11 application, but this does not work.
On Redhat-based machines this never was a problem and I need this means to keep my axxounts separate from each other for security reasons. E.g., I do
a
'su - bank'
and after loggin in I can invoke
'chromium-browser https://pathtoonlinebanking'
Now I see, that Debian-based Raspbian OS and Ubuntu (23.10) behave very similar, it looks like this:
$ su - test1
Passwort:
$ firefox
Error: no DISPLAY environment variable specified
$ DISPLAY=':0.0' firefox
Authorization required, but no authorization protocol specified
On Raspbian and on Ubuntu the same lets me assume that it was not me to misconfigure something.
Can this be fixed easily? - Thanks!
Best regards,
Markus
It sounds like you're running into the XAUTH system.
Normally, in the home directory of the user who's running X stuff
there is a file called ".Xauthority", and environment variable
XAUTHORITY holds the full, absolute path to that file.
In order for user B to run X clients/apps when user A is the one
who started the X server, user B must set environment variable
XAUTHORITY to a file which user B has permission to read and
which has the same contents as user A's ~/.Xauthority.
How you get that file and environment variable set depends on
your use case. I run my web browsers, gimp, and a few other
programs as a different user for security and a few other
reasons. I have wrapper scripts that do the file copying,
environment variable setting, and environment variable
preservation across sudo and/or su. For the way I do all that,
user B's only reason for existence is to run browsers and such
for user A, and it's important that user A have write permission
to user B's home directory by means of the g+w permission bit.
HTH
--
Robert Riches
spamtrap42@jacob21819.net
(Yes, that is one of my email addresses.)
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)