There are a handful of GUI applications (file manager, text editor, terminal emulator) that I go back and forth between running as regular user and running with doas root.
All these applications were exhibiting unexpected behaviors: 1. Random crashes at launch (https://tinyurl.com/y6k34ol3) 2. Confusion regarding effective user (https://tinyurl.com/y33rc84o) 3. Inability to "remember" user configuration settings 4. Config files in ~/.config "mysteriously" becoming owned by root After much toil, I figured out that all four issues were related and were due to my misuse of doas. In case it saves someone some trouble, here is the summary of the problem and solution, worded in a way that can be copy/pasted into /etc/examples/doas.conf and/or faq10.html: ---------- This /etc/doas.conf works as expected for most CLI applications (specifically, those that either don't have configuration files or else have a single root-owned configuration living outside of /home): permit nopass keepenv bob However, most GUI applications (more specifically, any application that saves configuration settings in /home/someuser/somewhere) need the HOME environmental variable to be that of the effective user. Some GUI applications rely on the USER variable to determine the effective user. In addition, in order for GUI applications to access the graphical environment, they need XAUTHORITY to be that of the logged-in user. Something like this in /etc/doas.conf should work well for both CLI and GUI applications: permit nopass keepenv setenv { USER=root HOME=/root \ XAUTHORITY=/home/bob/.Xauthority } bob ----------
