Last active
June 21, 2018 18:43
-
-
Save mzpqnxow/367a4b2cd9d168158dce94c255f0d689 to your computer and use it in GitHub Desktop.
Ugly hack for sharing Xauthority, lost the better way to do this...
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| The user `primary` is the user with the desktop access | |
| The user `secondary` is a user you sudo/su to who you would like to run X11 apps | |
| `x11-share` is a group that you create. All users who should share the xauth cookies should be in this group | |
| **Note this is a security issue if you do not trust the `x11-share` users!!** | |
| /etc/sudoers: | |
| ``` | |
| Defaults:deploy env_keep += "XAUTHORITY", !requiretty | |
| Defaults:deploy env_keep += "DISPLAY", !requiretty | |
| ``` | |
| ~primary/.bashrc | |
| ``` | |
| export XAUTHDIR=/tmp | |
| export XAUTHDST=$XAUTHDIR/.Xauthority-shared | |
| cp $XAUTHORITY $XAUTHDST | |
| export XAUTHORITY=$XAUTHDST | |
| sudo chown a.x11-share $XAUTHORITY 2>&1 >/dev/null | |
| sudo chmod 660 $XAUTHORITY 2>&1 >/dev/null | |
| ``` | |
| ~secondary/.bashrc | |
| ``` | |
| if [ -f $XAUTHORITY ]; then | |
| xauth add `cat /tmp/a` | |
| fi | |
| ``` | |
| Now, sudo or su to the user `secondary` and you should still have display access via the cookies in xauth. | |
| Yes, you can do this with xauth +localhost. I'm more interested in doing this more elegantly than I am with that simple solution | |
| For those of you who are silly, dumb or not thinking, make sure you source the primary user's ~/.bashrc first before trying this the first time... |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment