Re: xdm and su xauth problem
On Sun, Aug 13, 2006 at 20:15:23 +0200, Lubos Vrbka wrote:
> hi,
>
> >>>xauth -f /home/user/.Xauthority extract - $DISPLAY | xauth merge -
> >>>
> >>>where "user" is the user that logged on to xdm. This will extract the
> >>>user's authorization cookie for the current display and merge it into
> >>>root's authority file. Then root should be able to access the display
> >>>until user logs out again. (I tested this with kdm, but I assume it
> >>>works for xdm as well.)
> >>ok, this works. after su, i enter this command and then X apps work
> >>again. is there any way how this could be 'automated'?
> >
> >You can put the command into /root/.bashrc, then it is executed whenever
> >you do "su".
> that's true, however is there any way how to get the information which
> user is running the current X session? since it is needed for the xauth
> command... with single user machines this is not problem, but with
> machines shared by many people...
You could use the information in /var/log/auth.log. With kdm you get an
entry like this for every log-on:
Aug 13 18:09:23 localhost kdm: :0[5049]: (pam_unix) session opened for user florian by (uid=0)
Assuming that xdm and gdm produce similar messages, the following should
work:
XUSER=$(awk '/[xkg]dm.*opened/{print $12}' /var/log/auth.log | tail -n 1)
xauth -f /home/$XUSER/.Xauthority extract - $DISPLAY | xauth merge -
I am not sure about the security implications of what you want to do,
though. If you use su in an X session that was started by somebody else,
then I would be worried that the other user might be able to grab the
keyboard beforehand and capture the root password as you type it.
--
Regards,
Florian
Reply to: