Bug 440884

Summary: 'su -' doesn't allow display access (xauth)
Product: [openSUSE] openSUSE 11.1 Reporter: Wolfgang Rosenauer <wolfgang>
Component: BasesystemAssignee: E-mail List <bnc-team-screening>
Status: RESOLVED DUPLICATE QA Contact: E-mail List <qa-bugs>
Severity: Critical    
Priority: P5 - None CC: forgotten_qMyteedNxa, mc
Version: Factory   
Target Milestone: ---   
Hardware: i586   
OS: SUSE Other   
Whiteboard:
Found By: Beta-Customer Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Wolfgang Rosenauer 2008-11-02 10:34:29 UTC 
'su -' doesn't allow display access (xauth)

ssh -X root@localhost works and the DISPLAY variable is set but su - doesn't allow using X applications:

# su -
Password:
linux-42u9:~ # yast2
No protocol specified

(y2controlcenter-gnome:3692): Gtk-WARNING **: cannot open display: :0.0

Setting "xhost +" before using su - and it works.
Comment 1 Forgotten User qMyteedNxa 2008-11-02 12:01:09 UTC 
i would have recommended to use "sux" here instead, but it seems this is not part of opensuse anymore. appropriate feature seems to have been merged in "su", but i don`t find documentation how to use that and/or what option is needed. (man su or info coreutils does not give a hint)

>Setting "xhost +" before using su - and it works.
mind that this is dangerous as any user from any ip may spy on your X display now!
Comment 2 Wolfgang Rosenauer 2008-11-02 12:07:12 UTC 
(In reply to comment #1 from roland kletzing)
> i would have recommended to use "sux" here instead, but it seems this is not
> part of opensuse anymore. appropriate feature seems to have been merged in
> "su", but i don`t find documentation how to use that and/or what option is
> needed. (man su or info coreutils does not give a hint)

su just did that correctly since sux was dropped. No config was needed (at least not to change anything on the system manually).

> >Setting "xhost +" before using su - and it works.
> mind that this is dangerous as any user from any ip may spy on your X display
> now!

I know. I just wanted to point out that it is really an xauth issue and this is just a virtual machine to test anyway.
Comment 3 Forgotten User qMyteedNxa 2008-11-03 20:17:48 UTC 
>su just did that correctly since sux was dropped.

i`m wondering - how does/did "su" do that?
i checked the coreutils sources and i don`t find any code where su does copy mit-magic-cookie (xauth) from one account to the other one...
Comment 4 Michael Calmer 2008-11-05 10:13:11 UTC 
I think this is a duplicate. Should be fixed in next Beta/RC

*** This bug has been marked as a duplicate of bug 441314 ***