On Fri, Jan 01, 2021 at 10:24:44AM -0700, Charles Curley wrote: > On Thu, 31 Dec 2020 22:30:34 -0600 > David Wright <deb...@lionunicorn.co.uk> wrote: > > > $ /bin/su - > > Password: > > ahost ~# xeyes -display :0.0 > > Xlib: connection to ":0.0" refused by server > > Xlib: Client is not authorized to connect to Server > > Error: Can't open display: :0.0 > > ahost ~# ln -s ~auser/.Xauthority .Xauthority > > Bingo! That, rather than copying .Xauthority, gave me a fix.
Huh? That is strange. I mean: great it worked for you, but I'd like to learn what is going on there :-) > Thank you. > Now to automate carrying $DISPLAY over. Probably with an alias for su: > > alias su="su -w DISPLAY" > > > > Whitelisting with -w should do nothing for you—knowing the display's > > location doesn't authorise you to use it. > > True, but that gets $DISPLAY set up for root. Alternatively you can tweak your /etc/security/pam_env.conf (or $HOME/.pam_environment). See man pam_env(7) and man pam_env.conf(5) for details. Cheers - t
signature.asc
Description: Digital signature
