[Home]Tips/X11 Forwarding

Scalene Wiki | Tips | Recent Changes |
No diff available--this is the first major revision. (no other diffs)

X11 Forwarding

When using SSH X11 forwarding, there are problems running X11 applications as another user. This script should assist.

The script does a sudo su - <username> and runs an X11 application as username. As long as SSH X11 forwarding is in play, this allows users with appropriate sudo privileges to run X11 apps as a different user (like root, oracle, etc) and provides an audit trail via sudo.

Example

To run an xterm as the user oracle with all variables set for that environment: 

 sux oracle /usr/openwin/bin/xterm
There are some possible issues with this script - perhaps with applications that take unusual parameters or options. One option would be to write a wrapper script to call such an application.

The "sux" script 

 #!/bin/sh
 
 if [ $# -lt 2 ]; then
   echo "usage: `basename $0` clientuser command" >&2
   exit 2
 fi
 
 CLIENTUSER="$1"
 shift
 
 PATH=${PATH}:/usr/openwin/bin
 export PATH 
 
 SCREEN=`echo $DISPLAY | cut -d: -f2 | cut -d"." -f1`
 XAUTH="add `xauth list |grep :${SCREEN}`"
 export XAUTH
 
 exec sudo su - $CLIENTUSER -c    "/usr/openwin/bin/xauth -q $XAUTH
  exec env DISPLAY=$DISPLAY $SHELL -c '$*' &"
Scalene Wiki | Tips | Recent Changes |
This page is read-only | View other revisions
Last edited August 12, 2006 19:56 by Jason (diff)
Search: