[Home]Tips/X11 Forwarding

Scalene Wiki | Tips | Recent Changes |

X11 Forwarding

When using SSH X11 forwarding, there are problems running X11 applications as another user. This script should assist.

The script does a sudo su - <username> and runs an X11 application as username. As long as SSH X11 forwarding is in play, this allows users with appropriate sudo privileges to run X11 apps as a different user (like root, oracle, etc) and provides an audit trail via sudo.

Example

To run an xterm as the user oracle with all variables set for that environment: 

 sux oracle /usr/openwin/bin/xterm
There are some possible issues with this script - perhaps with applications that take unusual parameters or options. One option would be to write a wrapper script to call such an application.

The "sux" script 

 #!/bin/sh
 
 if [ $# -lt 2 ]; then
   echo "usage: `basename $0` clientuser command" >&2
   exit 2
 fi
 
 CLIENTUSER="$1"
 shift
 
 PATH=${PATH}:/usr/openwin/bin
 export PATH 
 
 SCREEN=`echo $DISPLAY | cut -d: -f2 | cut -d"." -f1`
 XAUTH="add `xauth list |grep :${SCREEN}`"
 export XAUTH
 
 exec sudo su - $CLIENTUSER -c    "/usr/openwin/bin/xauth -q $XAUTH
  exec env DISPLAY=$DISPLAY $SHELL -c '$*' &"
Scalene Wiki | Tips | Recent Changes |
This page is read-only | View other revisions
Last edited August 12, 2006 17:56 by Jason (diff)
Search: