Re: running browser as user different than root
On 2020-06-01 10:37, Roberto Ragusa wrote: The new user must have the EXPORT variable set to :0 export DISPLAY=:0 Replying to myself to fix a mistake that would remain in the ML archives. The new user must have an exported DISPLAY variable set to :0 export DISPLAY=:0 -- Roberto Ragusamail at robertoragusa.it ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: running browser as user different than root
Hi Roberto You are 'da man! this worked xhost si:localuser:test using this in the "root" term window, and then running the cmd to fire up the test firefox browser generated the process. when i now run "xhost" from the root term, i see the different values. I suppose I can "safely" delete the added item with no damage! thanks On Mon, Jun 1, 2020 at 6:46 AM Roberto Ragusa wrote: > > On 2020-06-01 12:31, bruce wrote: > > Hi Roberto > > > > Thanks for the reply. > > > > On Mon, Jun 1, 2020 at 4:38 AM Roberto Ragusa wrote: > >> > >> xhost si:localuser:thenameofthenewuser > >> > > > > xhost si:root:test > > > "localuser" is a string that you do not have to change, it specifies the kind > of rule > we are doing. > > Try: > >xhost si:localuser:test > > Regards. > > -- > Roberto Ragusamail at robertoragusa.it > ___ > users mailing list -- users@lists.fedoraproject.org > To unsubscribe send an email to users-le...@lists.fedoraproject.org > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: running browser as user different than root
On 2020-06-01 12:31, bruce wrote: Hi Roberto Thanks for the reply. On Mon, Jun 1, 2020 at 4:38 AM Roberto Ragusa wrote: xhost si:localuser:thenameofthenewuser xhost si:root:test "localuser" is a string that you do not have to change, it specifies the kind of rule we are doing. Try: xhost si:localuser:test Regards. -- Roberto Ragusamail at robertoragusa.it ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: running browser as user different than root
Hi Roberto Thanks for the reply. On Mon, Jun 1, 2020 at 4:38 AM Roberto Ragusa wrote: > > On 2020-06-01 05:35, bruce wrote: > > > However, if I fire up a term as another user, and then from the > > cmdline, fire up chromium, I get an err msg > > > > No protocol specified > > Gtk-WARNING **: cannot open display: :0 > > > > I've been researching trying to figure out how to resolve this. > > The new user must have the EXPORT variable set to :0 >export DISPLAY=:0 > but you probably already have it, given the error message above. > > The new user must also be authorized to connect to the X server, > you have to run this as the OLD user, in your case it would be the > (very unsafe) root user. >xhost si:localuser:thenameofthenewuser > I tried to implement your suggestion as follows: logged in as root in a "root" term window echo $DISPLAY (shows) :0.0 xhost si:root:test (generates) root:test being added to access control list X Error of failed request: BadValue (integer parameter out of range for operation) Major opcode of failed request: 109 (X_ChangeHosts) Value in failed request: 0x9 Serial number of failed request: 7 Current serial number in output stream: 9 which doesnt appear to "succeed"! And yes, I know logging/running as root is "bad". I'd still like to know how to resolve this issue, as opposed to just saying don't do this. thanks ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: running browser as user different than root
On 2020-06-01 05:35, bruce wrote: However, if I fire up a term as another user, and then from the cmdline, fire up chromium, I get an err msg No protocol specified Gtk-WARNING **: cannot open display: :0 I've been researching trying to figure out how to resolve this. The new user must have the EXPORT variable set to :0 export DISPLAY=:0 but you probably already have it, given the error message above. The new user must also be authorized to connect to the X server, you have to run this as the OLD user, in your case it would be the (very unsafe) root user. xhost si:localuser:thenameofthenewuser This should be enough to open a new browser, then additional steps are needed if you want for example ability to play sound. Having different browsers running as different users for different tasks is a good idea (better cookie privacy, different config and extensions, ...), but running your main session as root is something being considered a really bad idea for at least 25 years. Regards. -- Roberto Ragusamail at robertoragusa.it ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: running browser as user different than root
On 5/31/20 8:35 PM, bruce wrote: Trying to understand/figure out some things. I've logged in as root I can start a browser -- FF, or chromium, no issue. (I know.. I shouldn't. but I can. However, if I fire up a term as another user, and then from the cmdline, fire up chromium, I get an err msg No protocol specified Gtk-WARNING **: cannot open display: :0 The user doesn't have permission to connect to the X server. There are probably ways around that, but why? "man xhost" might help. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: running browser as user different than root
Hi, bruce wrote: > Trying to understand/figure out some things. > > I've logged in as root There's really no point in looking for a way to improve things once you've done this. You're way outside of reasonable, secure, and supportable practices in doing that. If you really think you have a need to do this, then you should also be able to solve the (relatively less significant) issues that come from doing so. Unfortunately, once every few years this topic comes up. And when it does, a lot of time is wasted trying to explain to folks why it's such an awful idea. Don't solve the problems cause by logging in to a graphical environment as root by piling other bad practices on top. Solve the problem which makes you think you should login as root in the first place. Otherwise, you're just swimming pointlessly against the current and into certain danger. -- Todd signature.asc Description: PGP signature ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
running browser as user different than root
Hi. Trying to understand/figure out some things. I've logged in as root I can start a browser -- FF, or chromium, no issue. (I know.. I shouldn't. but I can. However, if I fire up a term as another user, and then from the cmdline, fire up chromium, I get an err msg No protocol specified Gtk-WARNING **: cannot open display: :0 I've been researching trying to figure out how to resolve this. Any thoughts/pointers? thanks ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
