Let's an user A (userA) wants to run in his graphical session a graphical application as user B (userB). How is it done it on a modern GNU/Linux system?
Asked
Active
Viewed 1,423 times
1
Scrooge McDuck
- 1,084
-
2X11 or Wayland? Both? – Newbyte Jul 16 '22 at 02:16
-
I'd like the same method to work on both seamlessly. In the worst case I want to run the application with Xwayland on the latter. – Scrooge McDuck Jul 16 '22 at 10:43
1 Answers
3
Short answer
Install the
run-as
scripts and run:
run-as -X <user> <command>
Long answer
Write and run a script to authorize userB to access userA graphical session.
/home/userA/.local/bin/xhost_userB
‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾
xhost +si:localuser:userB
Optional: allow access at login.
/home/userA/.config/autostart/xhost_userB.desktop
‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾
[Desktop Entry]
Type=Application
Name=Graphical auth for user B
Comment=Authorize user B to run graphical software in this session
GenericName=userB xauth
Exec=/home/userA/.local/bin/xhost_userB
X-GNOME-Autostart-enabled=true
Some applications may require extra services.
/home/userA/.local/bin/xhost_userB_extra_services
‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾
systemctl --user restart dbus
systemctl --user import-environment
Create a script to run the application as userB (es. Seahorse).
/home/userA/.local/bin/application
‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾
machinectl shell --uid=userB \
--setenv=DISPLAY="${DISPLAY}" \
--setenv=NO_AT_BRIDGE=1 \
.host \
/home/userA/.local/bin/xhost_userB_extra_services
machinectl shell --uid=userB
--setenv=DISPLAY="${DISPLAY}"
--setenv=NO_AT_BRIDGE=1
.host /usr/bin/application
Note: it works on Wayland too if XWayland is running.
Scrooge McDuck
- 1,084