Re: jessie: unable to run remote graphical program with sudo

[David Wright <deblis@lionunicorn.co.uk>]

Quoting D. R. Evans (doc.evans@gmail.com):
> Reco wrote on 05/26/2015 01:53 PM:
> > Yet there's a way to solve your problem - get a habit of running
> > X clients like this:
> > 
> > HOME=/root sudo -E xterm
> > 
> > Re-defining $HOME is crucial as otherwise you risk users' rewriting
> > configuration files by root.
> 
> Are you saying that if I type:
>   HOME=/root sudo -E xterm
> xterm should run?
> 
> What actually happens is that I still get the same error:
> 
> n7dr@shack:~$ HOME=/root sudo -E xterm
> X11 connection rejected because of wrong authentication.
> etc.

When I ssh to a remote machine as myself, DISPLAY is set to localhost:10.0
(11, 12, etc) and AIUI X clients find my local X server through the
encrypted ssh connection. Because the authority file on the remote
host is in its standard location, namely ~/.Xauthority, the parameter
XAUTHORITY is left unset.

If I now switch to root (I don't use sudo for this, but /bin/su -)
root needs to be given XAUTHORITY=/home/foo/.Xauthority so it can
find that file, eg,
# XAUTHORITY=/home/foo/.Xauthority xeyes

So I think what you need to do is set XAUTHORITY (redundantly) for
youself when you ssh, and then it will get passed to root because
of -E. Or you can pass it just like HOME, but that's more typing.

However, I have to point out that I never run graphical clients as
root because I don't trust them. I prefer to use CLI programs to
administer the machine, with a few functions in /root/.bashrc like
function scrip { script typescript-${HOSTNAME}-$(date +%Y-%m-%d-%H-%M-%S)-$1 }
and any regularly used command lines in /root/.bash_history like
apt-get update ; apt-get -d upgrade ; apt-get upgrade ; read -p 'Ctrl-C to avoid clean' _ ; apt-get clean
which I "clean" from a backup copy.

Cheers,
David.