Re: x authority problems

Karsten M. Self Fri, 04 Jan 2002 23:48:27 -0600

on Thu, Jan 03, 2002 at 07:46:33PM -0500, Greg Fischer ([EMAIL PROTECTED]) 
wrote:


You know the old Unix anarchists' saying:  question .Xauthority.

> Given root access on a remote machine, I'd like to be able to execute
> an x application on the remote machine's local desktop.  

Let's get this straight.

  - You're user1 on local.
  - user1 on local does an ssh to user2 on remote.
  - user2 on remote has a (separately initiated) active X session,
    displayed on remote.
  - Via the [EMAIL PROTECTED] => [EMAIL PROTECTED] connection, you initiate a 
root
    shell.
  - You want [EMAIL PROTECTED] to display on [EMAIL PROTECTED]'s X session.  
You're
    *not* trying to display on [EMAIL PROTECTED]'s X session.

If I've got any of this wrong, say where.


> For example, if I secure shelled into a remote machine as "user" and
> "user" happened to be logged onto X, I'd like to be able to execute
> "export DISPLAY=:0" from my secure shell terminal and then be able to
> execute any X app and have it show up on user's desktop.
> 
> X security seems to be rather complicated.  Could someone point me in
> the direction of some relatively concise documentation?  Or...

    # as [EMAIL PROTECTED]:
    $ export DISPLAY=:0
    $ xauth -merge ~user2/.Xauthority.
    $ xlogo

...should display xlogo at remote on user2's session.

> Another way to do it, I suppose, would be to see who presently is
> running X and then do a "su $XOWNER".  Given root access, subsequent
> commands would then work.  Is there a simple way to see who owns the X
> process?

That last is an interesting question.  As X runs as root, regardless of
user, I'm not sure.  There are a few places to look (X's environment,
the /tmp/.X* files/directories) but they don't appear to point to a
user.

You could check to see the owner of the bulk of X processes, or check
processes to see what display they're pointed at (/proc/<process>/env).

> Any other solutions to the problem would be appreciated.  Thanks.
> 
> --Greg
> 
> 
> -- 
> To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
> with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
> 

-- 
Karsten M. Self <kmself@ix.netcom.com>        http://kmself.home.netcom.com/
 What part of "Gestalt" don't you understand?              Home of the brave
  http://gestalt-system.sourceforge.net/                    Land of the free
We freed Dmitry! Boycott Adobe! Repeal the DMCA! http://www.freesklyarov.org
Geek for Hire                      http://kmself.home.netcom.com/resume.html

pgpPtKotmiF5Y.pgp
Description: PGP signature

Re: x authority problems

Reply via email to