[techtalk] Gnome question

Telsa Gwynne hobbit at aloss.ukuu.org.uk
Mon Oct 16 11:41:38 EST 2000 

On Sun, Oct 15, 2000 at 08:21:15PM +0100 or thereabouts, Conor Daly wrote:
> On Sun, Oct 15, 2000 at 02:30:55PM +0100 or so it is rumoured hereabouts, 
> Telsa Gwynne thought:

[or didn't think, apparently!]

> > you have to invoke it from the command line. You can't use the GNOME
> > panel and launchers, because they are still owned by guest and will
> > run as guest. So you have to know what the program is called in order
> > to be able to start it. 
> 
> Err...
> Did the following
> cdaly at Hobbiton cdaly]$ su -
> Password: 
> root at Hobbiton /root]# panel &
...
> Got told there was a panel running already and said "OK", got my root
> panel, fired up a gnome-terminal and linuxconf quite happily.  

Oh dear. I am a twit. All those commands I listed, and 'panel &' never
occurred to me. I think it's because I have run out of room for panels :)
I have found that people will do 'su' in a terminal, and if they're not
familiar with the idea of shells, they'll assume they have now become
root for everything they're doing in X. Then they try to click on things 
from their current non-root-owned panel (said user being 'guest' in
the quoted stuff). 

Typically, I tried this, and two things happened:

(a) I discovered you are quite right.
(b) my normal user's panel crashed.

Leaving the latter thing aside, I have asked around and learned far
too much for a Monday morning. 

This only works if you start GNOME with 'startx', having logged in
in at a non-graphical login. It will -not- work if you use 'gdm', or 
indeed anything based on xdm. (graphical logins) For the 
technically-inclined, this is something to do with the difference 
between host-based and session-based authentication. Apparently. So 
I am told. I wouldn't know. 

This works for running things after you have su'd to root. Only
root. It does not work for su'ing to other users. If you su to non-root
users and start graphical apps, then you'll get something like this:
    Xlib: connection to ":0.0" refused by server
    Xlib: Client is not authorized to connect to Server
    Gtk-WARNING **: cannot open display: :0
...unless you do "xhost +localhost" before su'ing. Yes, I have actually
checked this one. That holds for RH 7.0 at least. 

It is possible (opinions vary here :)) that this is also a
result of PAM (plugabble authentication module) and RH's use of
it. If you're not running RH, Conor, then this is clearly a pile 
of poo :) I do know that part of the GNOME discussions about safely
running root things when you started as a normal user involved how
portable PAM was or wasn't. 

> If you're going to su to root regularly, you should look at the
> bash-prompt-HOWTO for info on setting up your root prompt to look
> different.  I have my root prompt as brightred on all machines while
> root's X sessions have a bright red background as a gentle reminder not to
> do an "rm -rf /*" ! 
> :-)

I do actually agree on this but I have to admit that I have been known
cheerfully to do rm and then say yes to "really remove critically
important file?" despite one or more of different prompts, different 
titlebars, different background colours, alias rm rm -i... It's
possible they've stopped me doing it more often than I do, however!
Although I stopped using different backgrounds for different users
and different hosts: my screen looked like a rainbow but it gave me
a headache. :)

Telsa

More information about the Techtalk mailing list