Do you have a question? Post it now! No Registration Necessary. Now with pictures!
April 22, 2010, 3:50 pm
rate this thread
Anyone using ssh with sudo -u?
I'm tasked with trying to make X11Forwarding work when
originaluser$ sudo -u someotheruser ssh -X -v somewherelse
is at play. (Actually, I'm not doing -u but have a runas_default set
to someotheruser that essentially does the same thing.)
The difficulty is that--by default--the environment for someotheruser
on the originating workstation will lack DISPLAY, and the .Xauthority
file you'd want clients to use is at ~originaluser/.Xauthority and not
Curious how anyone else has solved this.
My best plan thus far from RTFM, would involve sudo -i to let the
DISPLAY variable be preserved/set for someotheruser, and then perhaps
copying the originaluser/.Xauthority file somewhere readable by
someotheruser and setting XAUTHORITY to point to that file on the sudo
command line... or by somehow opening group read for it (a dynamic
group that just had original user and someotheruser in it I guess
would be ideal, but I've never implemented it):
sudo env XAUTHORITY=$SUDO_USER/.Xauthority -u someotheruser -X
with this addition to sudoers?
Defaults env_keep+="XAUTHORITY DISPLAY"
Hopefully someone who's tackled this is lurking with a tested
solution. :-) Thanks for any help you might muster.
- » Putty works well with Centrify single sign-on solutions: can we hope for a new GSSAPI rel...
- — Next thread in » Secure Shell Forum
- » protocol question - issue with exit-status inside unfinished data stream?
- — Newest thread in » Secure Shell Forum