X-Git-Url: https://git.ao2.it/xudo.git/blobdiff_plain/93079ceb2692a98e37faf6d6e83caac384505eb9..refs/heads/master:/xudo.sh?ds=sidebyside

diff --git a/xudo.sh b/xudo.sh
index 17e54ed..2e34bae 100755
--- a/xudo.sh
+++ b/xudo.sh
@@ -70,9 +70,19 @@ id $USERNAME > /dev/null || { echo "Invalid user." 1>&2; exit 1; }
 
 [ "x$@" != "x" ] || { usage 1>&2; exit 1; }
 
+
+# Get the authorization cookie from the current user.
+COOKIE="$(xauth nextract - $DISPLAY)"
+
+# XAUTHORITY needs to be unset now, so that the default $HOME/.Xauthority will
+# be used for the target user and not some locked auth file from the current
+# user.
+unset XAUTHORITY
+
 # Authorize the user.
-xauth extract - $DISPLAY | sudo -u "$USERNAME" xauth merge -
+# Use "sudo -H" to cover the case when env_keep+="HOME" is set in /etc/sudoers
+echo "$COOKIE" | sudo -H -u "$USERNAME" xauth nmerge -
 
 # Execute the command.
-# NOTE: -i or -s have to be passed in order to open a shell
+# NOTE: -i or -s can be passed in order to open a shell
 sudo DISPLAY="$DISPLAY" -u "$USERNAME" "$@"