ssh, sudo and X

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

ssh user1@target "sudo -u user2 xterm" dont work, because xterm has no
permission to the .Xauthority file of user1. Under root it works.
I think ACLs would be the best solution for that.

has anybody a work around or other ideas than ACLs for the problem with
DISPLAY under sudo?


Re: ssh, sudo and X

Quoted text here. Click to load it

If you're prepared to put some perl on the server, here's just an outline
hardcoding "test" for "user2" although you'd really handle args for that.

#!/usr/bin/perl -w

pipe(RH, WH) or die("pipe");
die("fork") unless (defined($pid));
if ($pid) {
    printf(WH "%s\n", $ENV);
    open(STDOUT, ">&WH") or die("dup");
    exec("/usr/X11R6/bin/xauth", "nlist") or die("exec xauth $!");
open(STDIN, "<&RH") or die("dup");
exec("/usr/bin/sudo", "su", "-", "test", "-c",
    "read a && /usr/X11R6/bin/xauth nmerge - && DISPLAY=$a xterm");

Then you do "ssh -X target /path/to/ugly_perl_prog" .
The xterm will work without needing a proper STDIN.

Ganz einfach!

Elvis Notargiacomo  master AT barefaced DOT cheek /

Site Timeline