Re: x authority problems

To: debian-user@lists.debian.org
Subject: Re: x authority problems
From: "Karsten M. Self" <kmself@ix.netcom.com>
Date: Fri, 4 Jan 2002 11:57:00 -0800
Message-id: <[🔎] 20020104115659.W15949@navel.introspect>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 1010105194.15048.1.camel@main>; from gfischer4@mediaone.net on Thu, Jan 03, 2002 at 07:46:33PM -0500
References: <[🔎] 1010105194.15048.1.camel@main>

on Thu, Jan 03, 2002 at 07:46:33PM -0500, Greg Fischer (gfischer4@mediaone.net) wrote:

You know the old Unix anarchists' saying:  question .Xauthority.

> Given root access on a remote machine, I'd like to be able to execute
> an x application on the remote machine's local desktop.  

Let's get this straight.

  - You're user1 on local.
  - user1 on local does an ssh to user2 on remote.
  - user2 on remote has a (separately initiated) active X session,
    displayed on remote.
  - Via the user1@local => user2@remote connection, you initiate a root
    shell.
  - You want root@remote to display on user2@remote's X session.  You're
    *not* trying to display on user1@local's X session.

If I've got any of this wrong, say where.


> For example, if I secure shelled into a remote machine as "user" and
> "user" happened to be logged onto X, I'd like to be able to execute
> "export DISPLAY=:0" from my secure shell terminal and then be able to
> execute any X app and have it show up on user's desktop.
> 
> X security seems to be rather complicated.  Could someone point me in
> the direction of some relatively concise documentation?  Or...

    # as root@remote:
    $ export DISPLAY=:0
    $ xauth -merge ~user2/.Xauthority.
    $ xlogo

...should display xlogo at remote on user2's session.

> Another way to do it, I suppose, would be to see who presently is
> running X and then do a "su $XOWNER".  Given root access, subsequent
> commands would then work.  Is there a simple way to see who owns the X
> process?

That last is an interesting question.  As X runs as root, regardless of
user, I'm not sure.  There are a few places to look (X's environment,
the /tmp/.X* files/directories) but they don't appear to point to a
user.

You could check to see the owner of the bulk of X processes, or check
processes to see what display they're pointed at (/proc/<process>/env).

> Any other solutions to the problem would be appreciated.  Thanks.
> 
> --Greg
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-user-request@lists.debian.org 
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> 

-- 
Karsten M. Self <kmself@ix.netcom.com>        http://kmself.home.netcom.com/
 What part of "Gestalt" don't you understand?              Home of the brave
  http://gestalt-system.sourceforge.net/                    Land of the free
We freed Dmitry! Boycott Adobe! Repeal the DMCA! http://www.freesklyarov.org
Geek for Hire                      http://kmself.home.netcom.com/resume.html

Attachment: pgpAEnDfGJRd4.pgp
Description: PGP signature

Reply to:

References:
- x authority problems
  - From: Greg Fischer <gfischer4@mediaone.net>

Prev by Date: Re: Installing Woody via adsl
Next by Date: Re: iptables redir of 80 to 8080
Previous by thread: x authority problems
Next by thread: ATI Radeon 32MB AGP 3D-Card DDR
Index(es):
- Date
- Thread