tag 196732 + wontfix On Mon, Jun 09, 2003 at 02:39:57AM -0700, Sean Champ wrote: > Package: xserver-common > Version: 4.2.1-7 > Severity: wishlist > > So, i try to run XFree86 after a woody-to-sid dist-upgrade. > > Instead of getting the usal X startup, though, I get a message like > "user is not allowed to run the X server". > > After an strace, I find out there's a particular configuation > directive in /etc/Xwrapper.config, which really boggles me -- namely, > the "allowed_users" directive. > > If you want to control "who gets to run an application?", why do you > not use plain user/group privelages? > > Here's a simple solution. It works with SuSE, like this; it would work > with Debian. > > addgroup --system xok > chgrp xok /usr/X11R6/bin/XFree86 > chmod o-x /usr/X11R6/bin/XFree86 > > ...then, simply enough, add any user, to the 'xok' group, who needs to > run the x server. > > problem solved. for this, there's no /etc/Xwrapper.config needed.
I am probably not going to act on your implicit request (to trash the
allowed_users variable and functionality).
The reason is that, as documented in Xwrapper.config(5), "allowed_users"
doesn't have to do with the invoking user's identity, but rather whether
or not the user has control of a virtual console device.
allowed_users
may be set to one of the following values:
rootonly,console,anybody. "rootonly" indicates that only
the root user may start the X server; "console" indicates
that root, or any user whose controlling TTY is a virtual
console, may start the X server; and "anybody" indicates
that any user may start the X server.
If you have a better suggestion for the name of this variable, I'm open
to it.
--
G. Branden Robinson | What influenced me to atheism was
Debian GNU/Linux | reading the Bible cover to cover.
[EMAIL PROTECTED] | Twice.
http://people.debian.org/~branden/ | -- J. Michael Straczynski
pgpuwk7WTemj6.pgp
Description: PGP signature
