Running X Apps as Root

By now, you probably know that it's considered a bad thing to run as root unless absolutely necessary. So, you log in as a mere mortal, and fire up X and go about your merry way. Then you decide that you need to run an app as root (for example, printtool to configure your printer). So you su to root like a good little admin, and run printtool. But it says something like this:

Xlib: connection to ":0.0" refused by server
Xlib: Client is not authorized to connect to Server

What happened? Well, you've run into a security feature of X included in most newer distributions, called xauth. It's there to prevent unauthorised people from connecting to your X server, because if they could connect, they could do just about anything, including snooping on your display, and taking over control of it.

But in this instance, it's just a nuisance. Fortunately, there's a simple solution. In order to connect to the server, you need a little authorisation cookie, which is stored in a file called .Xauthority in your home directory. Since root can read that file, all you have to do is this:

xauth add `xauth -f ~user/.Xauthority list $DISPLAY`

This will extract the cookie from your user's .Xauthority file, and inport it into root's file. To avoid having to do this every time you want to su and run an X app, you could add something like this to root's .bashrc file:

if [ "$DISPLAY" != "" -a "$USER" != root ]; then
    xauth add `xauth -f /home/$USER/.Xauthority list` $DISPLAY