Running GUI apps as root
By default, and for security reasons, root will be unable to connect to a non-root user's X server. There are multiple ways of allowing root to do so however, if necessary.
The proper, recommended way to run GUI apps under X with elevated privileges is to create a Polkit policy, as shown in this forum post. This should however "only be used for legacy programs", as reminds. Applications should rather "defer the privileged operations to an auditable, self-contained, minimal piece of code that gets executed after doing a privilege escalation, and gets dropped when not needed". This may be the object of a bug report to the upstream project.
Those methods wrap the application in an elevation framework and drop the acquired privileges once it exits:
$ bashrun --su application
$ kdesu application
$ sudo application
- AUR (wrapper around su which will transfer your X credentials)
$ sux root application
$ gksu application
These methods will allow root to connect to a non-root user's X server, but present varying levels of security risks, especially if you run ssh. If you are behind a firewall, you may consider them to be safe enough for your requirements.
Temporarily allow root access
Permanently allow root access
- Method 1: Add the line
session optional pam_xauth.so
/etc/pam.d/su-l. Then switch to your root user
using 'su' or 'su -'.
- Method 2: Globally in
Add the following line to
This will permanently allow root to connect to a non-root user's X server.
Or, merely specify a particular app:
export XAUTHORITY=/home/usersname/.Xauthority kwrite
(to allow root to access kwrite, for instance.)
If you are running Wayland, you will find that the fallback X server won't work when running programs as root. Try running
xhost +local: first.