Re: SSH X11 Setting the Display Variable

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



In the last episode (May 29), Daniel Llewellyn said:
> On Fri, May 29, 2009 at 05:17, Chris Mirchandani <novashadow@xxxxxxx> wrote:
> > OK, I found one hole in this script. If I ssh in as any user, the script does what it is supposedto do and the DISPLAY variable value is left as set by ssh. However, if I su -l to another userDISPLAY=192.168.11.1:0.0. If I su to the same user without -l the DISPLAY variable value is leftas set by ssh when the initial user was logged in. Any ideas and/or suggestions?
> 
> I wouldn't have said that was a hole "per se", more a "feature" with the
> way that `su -l` is designed to work.  The point of the -l switch is that
> the environment is set from a clean slate when entering the new user
> context.  This means that any pre-existing DISPLAY variable will be
> blanked out along with the rest of the new shell's environment.  Then
> /etc/profile is run through to set up the initial environment for said new
> shell, which will detect the lack of DISPLAY variable and set up the
> default (192.168.11.1:0.0).

That depends; some systems have a pam_xauth module that preserves $DISPLAY,
copies your current xauth key to a file readable by target user, and points
$XAUTHORITY at the temp file.  Handy when you're su'ing to root to run a
graphical installer.

-- 
	Dan Nelson
	dnelson@xxxxxxxxxxxxxxx

[Index of Archives]     [Open SSH Unix Development]     [Fedora Users]     [Fedora Desktop]     [Yosemite Backpacking]     [KDE Users]     [Gnome Users]

  Powered by Linux