Root GUI access?
kamath "at" geekoids.com
Thu Mar 31 23:53:00 2005
I gotta say, after 20 years of supporting X-based environments, that
putting *ANYTHING* into shell startup files that diddles X settings is
a mistake. You'll regret it. And someday, when you forget, and have
a friend logged into your box, they'll tweak you by inverting your
screen (yeah, I've done it -- a LOT. :-)).
The absolute correct thing to do is figure out why you're not getting
correct information installed in the .Xauthority file to connect to
the X server. Either something's wrong in the PATH, there's something
not being called, or there's a permissions issue (my Xvnc runs with
If you MUST diddle X settings, then either do it from the X
initialization files (like .xinit, xstartup, or the .dtprofile (for
Sun CDE sessions)). Then they only happen once per login (which is
what you want).
If you can't figure those out, then at least *wrap* the settings in
.login/.profile/.bashrc so you a) only do it once, and b) don't do it
unless you have an X session of some sort running.
Yeah, I know, not really important if you have one lonely PC doing
nothing but being your only machine. But if you're running VNC, then
you have at least two computers (:-)). And it's a REALLY bad habit
to get into, and hard to break. And some someday it will burn you.
It's frustrating as an SysAdmin for large heterogeneous environments
to deal with OSes, Users and Applications that assume
user=machine=session. Linux is only slowly getting out of this mode.
And the X stuff, whilst moving forward in features and usability, has
*REALLY* slid backward in the last 5-10 years in terms of multiple
Just my $0.02.
[In a message on Thu, 31 Mar 2005 08:10:28 PST,
"Collins, Kevin (MindWorks) [Contractor]" wrote:]
>Good to know. Keep in mind that in a multi-user environment, putting
>that xhost command in /etc/bashrc has far reaching implications as it
>allows anyone on the machine to send an X app to your (or any other
>From: Stephen Hinton [mailto:stephenhinton "at" gmail.com]
>Sent: Wednesday, March 30, 2005 5:44 PM
>To: Collins, Kevin (MindWorks) [Contractor]; p putkowski
>Cc: vnc-list "at" realvnc.com
>Subject: Re: Root GUI access?
>Many Thanks to Kevin C and P Putkowski!
>Symptoms: You can log in remotely as any user. If you log in as root
>you can run all commands and gui utilities. If you log in as non-root
>gui utilities requiring administrator privleges will not display. The
>GUI dialog box promopts you for the root password and accepts it, but
>the utility window doesn't load. You can su as root in a terminal
>window and run text-based privleged commands.
>Problem had to do with the localhost net being authorized to connect
>to the X-Server
>Key error message was:
>Xlib: Client is not authorized to connect to Server
>Putkowski: Can you tell me where you found that error message (maybe
>i'll learn to troubleshoot my own problems)?
>Solution: put command 'xhost +localhost' in the /etc/bashrc file
>You could just run this command once each session, or put it in the
>.bashrc of only users you want to be able to run these tools, but for
>my case its easier to go ahead and do it for every user on every
>Thanks to Kevin for putting the right command in front of me.
>On Wed, 30 Mar 2005 12:37:54 -0800, Collins, Kevin (MindWorks)
>[Contractor] <KCollins "at" chevrontexaco.com> wrote:
>> Take a look at /etc/X11/gdm/gdm.conf for these parameters:
>> One or both need to be true... You'll have to test it out.
>> -----Original Message-----
>> From: vnc-list-admin "at" realvnc.com [mailto:vnc-list-admin "at" realvnc.com]
>> Behalf Of Stephen Hinton
>> Sent: Wednesday, March 30, 2005 12:09 PM
>> To: vnc-list "at" realvnc.com
>> Subject: Root GUI access?
>> I have got VNC running as an on-demand service. I can log in
>> successfully and get a desktop. However, When I try to open any
>> screen that requires root authority I get teh prompt for the root
>> password, put that password in, and then the screen never loads.
>> Again, This it probably more of a linux problem than a VNC problem.
>> I can't figure it out however, and I'd guess someone else has had this
>> Using Fedora, with a KDE desktop, but a GDM login manager. XDMCP is
>> enabled (otherwise i couldnt get the login screen) and root remote
>> login is enabled in GDM
>> The end game is to be able to administer entirely by remote, but still
>> have the nice GUI tools to work with.
>> Just a note for those who are hemoraghing over my desire to log in as
>> root via an 'unprotected' VNC session, I am running it through an SSH
>> VNC-List mailing list
>> VNC-List "at" realvnc.com
>> To remove yourself from the list visit:
>VNC-List mailing list
>VNC-List "at" realvnc.com
>To remove yourself from the list visit: