| View previous topic :: View next topic |
| Author |
Message |
wuchter
n00b
Joined: 21 Feb 2011
Posts: 9
|
 Posted: Wed Feb 23, 2011 7:03 am Post subject: gksudo not launching application as a different user |
 |
|
Hello everyone,
I'm trying to start an application as a different user, like:
| Code: | | milk@gentoo# su prezel -c pidgin |
it works except for the IBUS IME.
This is true for other applications as well. To get around the password prompt I thought sudo would be a nice solution. However, something's missing.
| Code: | milk@gentoo# sudo -u prezel pidgin
Invalid MIT-MAGIC-COOKIE-1 key [i]or[/i] No protocol
(Pidgin:7772): Gdk-CRITICAL **: IA__gdk_display_get_name: assertion `GDK_IS_DISPLAY (display)' failed
Pidgin 2.7.10
** (Pidgin:7772): WARNING **: cannot open display: unset
|
I've been trying for almost 2 weeks to find a solution to this problem and I'm posting here in hope someone can offer some advice before I give up. I've read many posts in over a dozen forums and man pages but so far with little success.
gksu/do and kdesu/do are unsatisfying solutions as they don't work well.
gksu/kdesu are able to launch the program, however I still get the password prompt so I could just as well use su.
In /etc/sudoers I've uncommented the env_keep's which I can find in sudo -u prezel env, except for XAUTHORITY.
But even if it would I wonder what use would it be
| Code: | milk@gentoo# ls -l .Xauthority
-rw------- 1 milk milk 60 Feb 23 06:30 .Xauthority
|
when nobody else gets access.
So I read on and learned that gksu/do copies that file somewhere else, probably to /tmp/somewhere/.Xauthority doesn't matter, I guess, as long as prezel can read it.
After many failed sudo's i tried gksudo
| Code: | milk@gentoo# gksudo -u prezel pidgin
Pidgin 2.7.10
milk@gentoo#
|
and tada! Nothing happens. No Pidgin window, nor any other program shows one. Some fail to start due to some other issues, some of which can be solved by launching with dbus_launch but I think that's unrelated.
I seem to have all the exports I need, except for Xauthority. However when I
| Code: | milk@gentoo# sudo -u prezel echo $XAUTHORITY
/home/milk/.Xauthority
|
which appears to be the correct one.
The only difference between sudo -u prezel env and su prezel -c env is that i have USERNAME and 4 SUDO_* variables in the sudo call and WINDOWID, _, PWD, SHLVL, XAUTHORITY in the su call, the rest is identical. I have XDG_SESSION_COOKIE, *_IM_MODULE, DISPLAY and others in both.
From what I learned in the documentation, sudo clears the variables but I find a lot of them even if have no env_keep and no other Defaults. DISPLAY always shows up, no matter the sudoers setup.
Since I've read about xhost (which doesn't work either, nor would i ever do a xhost +) I thought maybe PAM is interfering but my /etc/pam.d/sudo looks ok to me, since it shows pam_xauth
| Code: | milk@gentoo# cat /etc/pam.d/sudo
auth include system-auth
account include system-auth
session include system-auth
session optional pam_xauth.so
|
I've also removed a nox11 in some other PAM-file but I forgot the name.
It was mentioned in a sticky "KDE without HAL"-post or something like that.
At this point I have no idea what else I could try. What am I missing?
How can I solve the XAUTHORITY issue? Why is XAUTHORITY not showing with env and why does it seem to have a correct value with echo?
Why is gksudo not working but su and gksu are? And how can I troubleshoot it?
Thanks in advance  |
|
| Back to top |
|
 |
honp
Guru
Joined: 25 Sep 2006
Posts: 355
Location: Good old Prague, Czech rep.
|
| Posted: Thu Feb 24, 2011 8:51 am Post subject: |
|
|
I have never known that you can use sudo for this because (SuperUserDO - sudo).
And maybe i didn`t read your post well, but i don`t know why do you do all of this. What is your goal... |
|
| Back to top |
|
|
wuchter
n00b
Joined: 21 Feb 2011
Posts: 9
|
| Posted: Thu Feb 24, 2011 5:58 pm Post subject: |
|
|
Hello honp,
as far as I understand su/do can be used run run a command as another user and not limited to the super user which is only default if no user is specified.
| Code: | # man sudo
[...]
-u user The -u (user) option causes sudo to run the specified
command as a user other than root. To specify a uid
instead of a user name, use #uid. When running commands as
a uid, many shells require that the '#' be escaped with a
backslash ('\'). Note that if the targetpw Defaults option
is set (see sudoers(5)) it is not possible to run commands
with a uid not listed in the password database.
[...]
|
| Code: | # man su
[...]
su [options] [username]
DESCRIPTION
The su command is used to become another user during a login session.
Invoked without a username, su defaults to becoming the superuser.
[...]
|
What I want to achieve is running Windoofs applications using WINE. I don't want to run them under my logged in user's account but in a dedicated wine account.
Starting commands and applications via gk/su works while gk/sudo does not.
Since sudo asks for the logged in user's password, or no password given the particular setup, and since many other things can be adjusted in /etc/sudoers as well, I thought sudo would be the better option.
Many people had the very same problem and they solved it either with xhost +localhost but that didn't do anything for me.
Another, simpler, solution was using gksudo/kdesudo but that doesn't do anything for me either.
So apparently something in my config is preventing a successful start and I thought it might be related to the .Xauthority file. |
|
| Back to top |
|
|
honp
Guru
Joined: 25 Sep 2006
Posts: 355
Location: Good old Prague, Czech rep.
|
| Posted: Thu Feb 24, 2011 9:37 pm Post subject: |
|
|
| Did you try to export display for that user? |
|
| Back to top |
|
|
wuchter
n00b
Joined: 21 Feb 2011
Posts: 9
|
| Posted: Fri Feb 25, 2011 12:07 am Post subject: |
|
|
yes I'm telling sudo to keep DISPLAY via Defaults env_keep += "DISPLAY", but it doesn't make a difference.
From my understanding the problem comes from insufficient access rights on wine-user's part.
I can add XAUTHORITY to the keep env as well and that, too, doesn't make a noticeable difference.
my /etc/sudoers
| Code: | ##
Defaults env_keep += "LANG LANGUAGE LINGUAS LC_* _XKB_CHARSET"
Defaults env_keep += "HOME"
Defaults env_keep += "XAPPLRESDIR XFILESEARCHPATH XUSERFILESEARCHPATH"
Defaults env_keep += "XDG_SESSION_COOKIE"
Defaults env_keep += "XMODIFIERS GTK_IM_MODULE QT_IM_MODULE QT_IM_SWITCHER"
Defaults env_keep += "DISPLAY XAUTHORITY"
##
Runas_Alias WINDOOFS = wineu
##
root ALL=(ALL) ALL
ALL localhost = (WINDOOFS) NOPASSWD: /usr/bin/wine
|
|
|
| Back to top |
|
|
honp
Guru
Joined: 25 Sep 2006
Posts: 355
Location: Good old Prague, Czech rep.
|
| Posted: Fri Feb 25, 2011 8:39 am Post subject: |
|
|
| This is probably absolute nonsense (because i don`t know how does it comunicate) but there is an option in X - nolisten what is normaly in gentoo on. But you said that it works for root user, didn`t you? |
|
| Back to top |
|
|
wuchter
n00b
Joined: 21 Feb 2011
Posts: 9
|
| Posted: Fri Feb 25, 2011 5:45 pm Post subject: |
|
|
It works when I launch the application via | Code: | | # su <username> -c <application>" |
but it does not when I'm using sudo or gksudo.
But I will have a look at the nolisten option.
Thanks for the hint |
|
| Back to top |
|
|
wuchter
n00b
Joined: 21 Feb 2011
Posts: 9
|
| Posted: Tue Mar 01, 2011 8:11 pm Post subject: |
|
|
thanks for your time and effort.
I will keep using su or maybe a VM. |
|
| Back to top |
|
|
|
Other Things Gentoo
