sux no longer works; su - some_user not carrying over DISPLAY environment variables.

This document (7003743) is provided subject to the disclaimer at the end of this document.

Environment

SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Server 10
SUSE Linux Enterprise Desktop 10
SUSE Linux Enterprise Desktop 11
openSUSE 10.1 and up


Situation

  1. When executing "sux - some_user" and then printing the environment with "env" you will notice that none of the x DISPLAY variables have carried over. 
  2. When executing "su - some_user" and then printing the environment with "env" you will notice that none of the x DISPLAY variables have carried over.
  3. When executing "su -" or "sux -" (which implies the root user) and then printing the environment with "env" you will notice that the x DISPLAY variables have carried over.
Why won't the x DISPLAY variables carry over for anyone other than root?

Resolution

For security reasons pam_xauth will not forward the cookies to system users except root. This is a Default setting which SUSE has chosen to stick with.

The man page for pam_xauth tells the details

man pam_xauth

In order to have the functionality your used to in Pre SLE10 days then you will need to do the following:

Change /etc/pam.d/su to have

session optional pam_xauth.so systemuser=1

Once you make that change you will be able to execute scenario's 1 and 2 without a problem and it will carry over the x DISPLAY variables.

You can also execute "su some_user" without the "-" and that will work as well.

Additional Information

From the pam_xauth man page definition of the systemuser variable.

systemuser=UID
           Specify the highest UID which will be assumed to belong to a "system" user. pam_xauth will refuse to forward credentials to users with UID less than or equal to this number, except for root and the "targetuser", if specified.

Disclaimer

This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:7003743
  • Creation Date: 02-Jul-2009
  • Modified Date:03-Mar-2020
    • SUSE Linux Enterprise Desktop
    • SUSE Linux Enterprise Server

< Back to Support Search

For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback[at]suse.com

SUSE Support Forums

Get your questions answered by experienced Sys Ops or interact with other SUSE community experts.

Join Our Community

Support Resources

Learn how to get the most from the technical support you receive with your SUSE Subscription, Premium Support, Academic Program, or Partner Program.


SUSE Customer Support Quick Reference Guide SUSE Technical Support Handbook Update Advisories
Support FAQ

Open an Incident

Open an incident with SUSE Technical Support, manage your subscriptions, download patches, or manage user access.

Go to Customer Center