root user can't open display

I have been having problems with this for ages now...ane never figured out what's going on. The problem is that I can't run Gnome applications as root. Here is an example of what happens when the root user tries to run galeon:

bash-2.05a# galeon &
[1] 17824
bash-2.05a# Xlib: connection to ":0.0" refused by server
Xlib: No protocol specified

Gtk-WARNING **: cannot open display: :0

[1]+ Exit 1 galeon


okay, so I don't need to run galeon as root anyway, but some apps such as ethereal do require superuser status.

Does anyone know what's going on here?

christo

your server seems to have "access restriction" activated (good thing!)

you need to copy the "X-MIT-...." cookie and use "xauth" for allowing access to the X server from the console.

easiest solution: start the X server also as root... (not talking about the security holes you are opening....)

thanks M.Hirsch

I found that 'xhost +localhost' solved the problem
Stupidly simple !!

christo

The easiest and more correct solution - use sudo (http://www.courtesan.com/sudo)

sudo is imho NOT "more correct" and you would probably run into the exact same problem.
sudo is a hell to configure correctly and has big time impact on the security of your whole system. both my *nix machines (linux and freebsd) didn´t have it in the default installation...

"more correct" would be allowing only a special user from localhost or using the x-auth cookies. this is the "minimum" and won´t expose other security holes.

sudo works fine because it inherits the environment from the person who calls it.

Configuration isn't that bad especially if you just want to allow one user to essentially be a superuser whenever they want. Otherwise, it's a simple matter of creating a list of what programs you want them to be able to run, allowing a certain group to run it, and then add the people that you want to that group.

You think sudo is a bitch to configure and yet you want to mess with xauth? IMNSHO everyone needs sudo anyway so that system administration can be done simply. Use it, get used to it, and then use it for this as well. And just as sudo can open security holes (granted, a larger spectrum) if done incorrectly, so can xauth. Doing just about anything on a system is a potential security issue. So, you do it right, plain and simple.

...ack!

just one remark: if you setup sudo to make the user a superuser, i first thought you could just as well work as root. But the advantage i see: a virus/trojan/hacker might not be aware that it/he/she needs to use sudo... security through obscurity... in this case, actually an advantage (sometimes i wrap commands in ssh with pk-auth for the same purpose)