Running X apps as root
By default, and for security reasons, root will be unable to connect to a non-root user's X server. There are multiple ways of allowing root to do so, if it is necessary.
The most secure methods
The most secure methods are simple. They include:
- kdesu (included with KDE)
$ kdesu name-of-app
- gksu (included with GNOME)
$ gksu name-of-app
- bashrun (in community)
$ bashrun --su name-of-app
- sudo (must be installed and properly configured with
$ sudo name-of-app
- (wrapper around su which will transfer your X credentials)
$ sux root name-of-app
These are the preferred methods, because they automatically exit when the application exits, negating any security risks quite completely.
These methods will allow root to connect to a non-root user's X server, but present varying levels of security risks, especially if you run ssh. If you are behind a firewall, you may consider them to be safe enough for your requirements.
- Temporarily allow root access
$ xhost +
will temporarily allow root, or anyone to connect your X server. Likewise,
$ xhost -
will disallow this function afterward.
Some users also use:
$ xhost + localhost
(Your X server must be configured to listen to TCP connections for
xhost + localhost to work).
- Permanently allow root access
- Method 1: Add the line
session optional pam_xauth.so
/etc/pam.d/su-l. Then switch to your root user
using 'su' or 'su -'.
- Method 2: Globally in
Add the following to
This will permanently allow root to connect to a non-root user's X server.
Or, merely specify a particular app:
export XAUTHORITY=/home/usersname/.Xauthority kwrite
(to allow root to access kwrite, for instance.)