ssh and sudo but no $DISPLAY
Solution 1
Solution found. An alternative method copied from this blog Using this script
userfirst=sshloginuser
usersecond=sudoorsuuser
$usersecond@host$
su - $userfirst -c 'xauth list' |\
grep `echo $DISPLAY |\
cut -d ':' -f 2 |\
cut -d '.' -f 1 |\
sed -e s/^/:/` |\
xargs -n 3 xauth add
Or simply Logging as user1
xauth list
su or sudo su user2
xauth add OUTPUTOFXAUTHLIST
Solution 2
Another solution is to merge the .Xauthority file of the current user with that of the root user.
ssh user@host
- change the .Xauthority file permissions so that root also has access to it.
sudo su - root
xauth merge /home/users/user/.Xauthority
Test
gedit somefile.log
It should open a gedit window.
Solution 3
to make the solution permanent you can modify the .bashrc
file of the login user adding
if [ -z "$XAUTHORITY" ]; then
export XAUTHORITY=$HOME/.Xauthority
fi
moreover you have to update your sudoers
file adding the row
Defaults env_keep+="DISPLAY XAUTHORITY"
if root has read permissions on the login user's .Xauthority
file you'll be able to use X applications.
Solution 4
This might be an old post, but I solved this permanently linking (in server) my sudoer user .Xauthority file with the root one:
sudo ln -s /home/userWithPrivileges/.Xauthority /root/.Xauthority
This way I don't have to do anything else ever, I can now launch any GUI app with or without sudo.
Solution 5
A very simple generic command:
sudo xauth merge /home/$USER/.Xauthority
This activates the root environment and merges the xauth info of the current (non root) user.
Another alternative, should prevent ownership problem reported in the comments on Slackware:
cat ~/.Xauthority | sudo xauth merge -
Related videos on Youtube
elbarna
Updated on September 18, 2022Comments
-
elbarna over 1 year
Usually I do this on ssh for getting a X application using
sudo su
ssh -X server
OKI login
xauth list $DISPLAY
which returns to me
server/unix:10 MIT-MAGIC-COOKIE-1 blablablablabla
Then I do
sudo su xauth add server/unix:10 MIT-MAGIC-COOKIE-1 blablablablabla
And after running an X application..I get it, it is correct.
The problem is on Centos7, I do
xauth list $DISPLAY
And it returns nothing. I try to add MIT magic cookies given by
xauth list
But of course it doesn't work. The normal X-forwarding via ssh, without sudo works.
The settings of sshd are the same on 3 servers:
- slackware WORKS
- hpux WORKS
- centos7 NOT WORKING
-
HomeIsWhereThePcIs over 3 yearsCould you elaborate a little more what this does exactly, and what the security implications of using this are?
-
elbarna almost 3 yearsI confirm the problem on Slackware current
ls -lhd .Xauthority -rw------- 1 myuser myuser 63 2021-07-21 21:46 .Xauthority sudo xauth merge /home/$USER/.Xauthority ls -lhd .Xauthority -rw------- 1 root root 63 2021-07-22 21:50 .Xauthority
-
user1656671 almost 3 yearsPlease check the alternative above that passes .Xauthorith via stdin. Should prevent ownership changes.
-
elbarna almost 3 yearsIt fails
$ cat ~/.Xauthority | sudo xauth merge - $ xmms No protocol specified ** CRITICAL **: Unable to open display $ ls -lhd .Xauthority -rw------- 1 root root 255 2021-07-27 01:04 .Xauthority
-
user1656671 almost 3 yearsI would suggest to check $DISPLAY is defined. Maybe copy .Xautority to a temp file and merging with the temp file. e.g. cp /home/$USER/.Xauthority /home/$USER/Xauthority.tmp ; sudo xauth merge /home/$USER/Xauthority.tmp ; rm /home/$USER/Xauthority.tmp