Running X apps as root
From ArchWiki
By default, and for security reasons, root will be unable to connect to a non-root user's X server. There are multiple ways of allowing root to do so, if it is necessary.
The most secure methods
The most secure methods are simple. They include:
- kdesu (included with KDE)
$ kdesu name-of-app
- gksu (included with GNOME)
$ gksu name-of-app
- bashrun (in community)
$ bashrun --su name-of-app
- sudo (must be installed and properly configured with
visudo
)
$ sudo name-of-app
These are the preferred methods, because they automatically exit when the application exits, negating any security risks quite completely.
Alternate methods
These methods will allow root to connect to a non-root user's X server, but present varying levels of security risks, especially if you run ssh. If you are behind a firewall, you may consider them to be safe enough for your requirements.
- Temporarily allow root access
- xhost
$ xhost +
will temporarily allow root, or anyone to connect your X server. Likewise,
$ xhost -
will disallow this function afterward.
Some users also use:
$ xhost + localhost
(Your X server must be configured to listen to TCP connections for xhost + localhost
to work).
- Permanently allow root access
- Globally in
/etc/profile
Add the following to /etc/profile
export XAUTHORITY=/home/non-root-usersname/.Xauthority
This will permanently allow root to connect to a non-root user's X server.
Or, merely specify a particular app:
export XAUTHORITY=/home/usersname/.Xauthority kwrite
(to allow root to access kwrite, for instance.)