Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 5 Sep 2003 15:08:22 -0700 (PDT)
From:      "Steven G. Kargl" <kargl@troutmask.apl.washington.edu>
To:        Matthew Seaman <m.seaman@infracaninophile.co.uk>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: PAM, X11, and su as a normal user?
Message-ID:  <200309052208.h85M8MbA060878@troutmask.apl.washington.edu>
In-Reply-To: <20030905200737.GB45683@happy-idiot-talk.infracaninophile.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help 
Matthew Seaman wrote:
> On Fri, Sep 05, 2003 at 12:18:40PM -0700, Steven G. Kargl wrote:
> > After a few hours of frustation, it's time to ask a question.
> > 
> > I have 2 accounts on my machine.  I use startx to start
> > X11 as user kargl.  If I then su to user sgk, I cannot
> > fire up X clients.  For example,
> > 
> > troutmask:kargl[202] su sgk
> > Password:
> > troutmask:sgk[201] gnuplot
> > Terminal type set to 'x11'
> > gnuplot> plot sin(x)
> > gnuplot> 
> > gnuplot: unable to open display 'troutmask.apl.washington.edu:0'
> > gnuplot: X11 aborted.
> > 
> > I've tried using "xhost sgk@", but this doesn't work.
> > The only thing I can think of that may need to be
> > configured is PAM, but the documentation is rather
> > incomplete.  So, anyone know how to setup su to
> > permit sgk to use X clients?
> 
> As user kargl:
> 
>     % xauth nextract /tmp/foo ${DISPLAY}
> 
> As user sgk:
> 
>     % xauth nmerge /tmp/foo
> 
> and remember to delete /tmp/foo as soon as possible.
> 

I still get the above results with gnuplot after issuing the
two xauth commands you give above.  If I use "xauth list"
with as both users the entry for $DISPLAY shows the same key. 

troutmask:sgk[246] xauth list
troutmask.apl.washington.edu:0  MIT-MAGIC-COOKIE-1  some_long_string
troutmask:kargl[245] xauth list
troutmask.apl.washington.edu:0  MIT-MAGIC-COOKIE-1  some_long_string


I suspect that I need to add something to /etc/pam.d/{su,system,xserver},
but I can't locate adequate documentation.

-- 
Steve
http://troutmask.apl.washington.edu/~kargl/

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200309052208.h85M8MbA060878>