X-Git-Url: https://git.ao2.it/xudo.git/blobdiff_plain/54d5c7681933852c16f6b38a5fa48d532615b242..refs/heads/master:/xudo.sh diff --git a/xudo.sh b/xudo.sh index 981bcfd..2e34bae 100755 --- a/xudo.sh +++ b/xudo.sh @@ -70,9 +70,19 @@ id $USERNAME > /dev/null || { echo "Invalid user." 1>&2; exit 1; } [ "x$@" != "x" ] || { usage 1>&2; exit 1; } -# Authorize the user -xauth extract - $DISPLAY | sudo -u "$USERNAME" xauth merge - + +# Get the authorization cookie from the current user. +COOKIE="$(xauth nextract - $DISPLAY)" + +# XAUTHORITY needs to be unset now, so that the default $HOME/.Xauthority will +# be used for the target user and not some locked auth file from the current +# user. +unset XAUTHORITY + +# Authorize the user. +# Use "sudo -H" to cover the case when env_keep+="HOME" is set in /etc/sudoers +echo "$COOKIE" | sudo -H -u "$USERNAME" xauth nmerge - # Execute the command. -# NOTE: -i or -s have to be passed in order to open a shell +# NOTE: -i or -s can be passed in order to open a shell sudo DISPLAY="$DISPLAY" -u "$USERNAME" "$@"