View previous topic :: View next topic |
Author |
Message |
Havin_it Veteran
Joined: 17 Jul 2005 Posts: 1247 Location: Edinburgh, UK
|
Posted: Mon Feb 19, 2018 5:46 pm Post subject: [SOLVED]Running GUI apps as root under plasma/wayland |
|
|
Hi,
I've been trying out plasma on wayland and mostly it has worked impressively well, but I find I'm unable to launch root GUI apps in a wayland session. The two examples are truecrypt and zenmap (nmap's pyGTK GUI). Both can be run as the desktop session user, but their key functions don't work as non-root.
If I su to root in a console and launch truecrypt, I get this:
Code: | Invalid MIT-MAGIC-COOKIE-1 keyError: Unable to initialize gtk, is DISPLAY set properly? |
Using kdesu5, I get:
Code: | Using Wayland-EGL
Using the 'xdg-shell-v6' shell integration |
The kdesu5 password dialog appears, but after completion the process just exits - no further output.
I also tried running other apps as root and as a different non-root user, with the same results.
Is this a known issue, or is there a tweak I need to make? Thanks in advance.
Last edited by Havin_it on Mon Feb 26, 2018 2:56 pm; edited 1 time in total |
|
Back to top |
|
|
The Doctor Moderator
Joined: 27 Jul 2010 Posts: 2678
|
Posted: Tue Feb 20, 2018 3:06 am Post subject: |
|
|
That is by design.
But if you really must override the sensible security precaution you will need to run xhost +local: first.
wiki _________________ First things first, but not necessarily in that order.
Apologies if I take a while to respond. I'm currently working on the dematerialization circuit for my blue box. |
|
Back to top |
|
|
Jaglover Watchman
Joined: 29 May 2005 Posts: 8291 Location: Saint Amant, Acadiana
|
|
Back to top |
|
|
mike155 Advocate
Joined: 17 Sep 2010 Posts: 4438 Location: Frankfurt, Germany
|
Posted: Tue Feb 20, 2018 10:34 am Post subject: |
|
|
is what the Wiki says. I don't think it's the correct answer, because it gives access to all local users.
I use:
Code: | xhost si:localuser:root |
which gives access to root - an to no one else. I don't use this statement in my default setup. I enter it manually, if I want to run a program as root that needs access to the X server. I try to avoid that, but sometimes it is necessary. |
|
Back to top |
|
|
Havin_it Veteran
Joined: 17 Jul 2005 Posts: 1247 Location: Edinburgh, UK
|
Posted: Mon Feb 26, 2018 2:54 pm Post subject: |
|
|
Jaglover wrote: | Nobody must override sensible security. In case it feels like it is necessary you are doing something wrong. No exceptions. |
Can't tell if irony
Thanks all for the replies. I know root-gui is a frowned-upon thing and why, and would avoid it if I felt the risk outweighed the advantage in the circumstances. It would be great if these apps were coded so as to discretely sandbox the functions for which they need root from the rest of the app, but at least in truecrypt's case we know that's not gonna happen.
In such an ideal world I suppose kdesu et al would not exist, but as long as it does exist (and assuming it can identify that it's being run under a Wayland or locked-down-X session, which I imagine it could), then reporting the reason it can't run to the user would be a sensible improvement. (I'll not be as inflammatory as to suggest it should go as far as to detail the necessary workarounds )
The xhost option seems to work fine, and I'll agree to use the user-specific one rather than the blanket local one (and try to remember to reverse it afterwards). |
|
Back to top |
|
|
|