Results 1 to 7 of 7

Thread: bash - Need root right for accessing any folders eventually '/etc' and start gui apps 'okular'

  1. #1
    Join Date
    Jun 2008
    Location
    South-West France
    Posts
    1,015

    Default bash - Need root right for accessing any folders eventually '/etc' and start gui apps 'okular'

    Hello.

    I use a bash script to find files from any folder including /etc.
    In the script, I use the command find to create a text file which contains the list of files.
    Then the script read the list.
    Depending of the file extension the script starts google-earth or okular or some other graphical software.

    The script run normally if started from a root console but it is a bad manner.

    Running from a user console, the script give this error :
    Code:
    Text read from file: /win_linux_echange/USER_DATA/PRODUCT/LEVEL1/FORD.pdf
    FILENAME : FORD.pdf
    EXT_NAME : pdf
    show pdf file : /win_linux_echange/USER_DATA/PRODUCT/LEVEL1/FORD.pdf
    
    COMMAND : kdesu okular /win_linux_echange/USER_DATA/PRODUCT/LEVEL1/FORD.pdf
    QXcbConnection: Could not connect to display
    /backup_sys/000_COMMON/Bin/files_show_files_from_date: line 64: 13503 Aborted                 kdesu okular /win_linux_echange/USER_DATA/PRODUCT/LEVEL1/FORD.pdf
    The main script start with :

    Code:
    # # ensure running as root
    if [ "$(id -u)" != "0" ]; then
        exec sudo "$0" "$@"
    fi
    #
    ...
    ...
    Then call another script file :
    Code:
    /backup_sys/000_COMMON/Bin/files_show_files_from_date   param1  param2  param3
    This second script use :

    Code:
    .....
    .....
    
            case "$EXT_NAME" in
    .....
    .....
                    pdf)
                            # show pdf file
                            echo "show pdf file : $line"
                            show_pdf_file "$line"
                            ;;
    
    .....
    .....
                    *)
                            echo "Cannot show this kind of file with 'ext' : $EXT_NAME"
    
            esac

    and the function show_pdf_file contains :

    Code:
    function show_pdf_file () {
    
        local TXT_FILE_NAME
        TXT_FILE_NAME="$1"
        echo
        echo
        CMD="kdesu okular $TXT_FILE_NAME"
        echo "COMMAND : $CMD"
        kdesu okular $TXT_FILE_NAME
        echo
        echo
        echo
        echo "Type a key to continue"
        read MY_TEMP
        echo
        echo
    }
    Any help is welcome.
    Thanks for helping. JCD
    __________

    server leap 15-- ASUS g75vw KDE leap 42.3 -- ASUS g750JZ KDE leap 42.3 -- acer aspire s13 win 10 home -- HP Omen win 10 home - scan EPSON V500 - Brother HL2250DN - Samsung CLP-325W

  2. #2
    Join Date
    Aug 2010
    Location
    Chicago suburbs
    Posts
    12,165
    Blog Entries
    3

    Default Re: bash - Need root right for accessing any folders eventually '/etc' and start gui apps 'okular'

    You cannot connect to a display, because the environment variable $DISPLAY is not not passed along by "sudo". Maybe use "su -" in place of "sudo" . Or perhaps you would need:
    Code:
    su - -c
    since you are passing an argument line to the root shell.
    openSUSE Leap 15.1; KDE Plasma 5;

  3. #3
    Join Date
    Jun 2008
    Location
    San Diego, Ca, USA
    Posts
    10,797
    Blog Entries
    1

    Default Re: bash - Need root right for accessing any folders eventually '/etc' and start gui apps 'okular'

    At the moment I don't know if there is a safe way for a script to access the display, a number of vulnerabilities have been patched in recent years so a number of tried and true methods that have been used for decades no longer work. Perhaps the most common way to do what you're asking about is to invoke "xhost+" If you write your script using this function, it's anyone's guess how long it will work and will likely require modifications in the future.

    There may be better alternatives for what you're trying to do... If the text doesn't change, maybe echo the text to stdout?
    Or, is there a real requirement in your use to connect to the display, what if you simply invoke Ocular, particularly if the document is invoked with a specific User profile/account?

    TSU
    Beginner Wiki Quickstart - https://en.opensuse.org/User:Tsu2/Quickstart_Wiki
    Solved a problem recently? Create a wiki page for future personal reference!
    Learn something new?
    Attended a computing event?
    Post and Share!

  4. #4
    Join Date
    Jun 2008
    Location
    South-West France
    Posts
    1,015

    Post Re: bash - Need root right for accessing any folders eventually '/etc' and start gui apps 'okular'

    Before I read your comments, I have made another try.
    I have make a "link to application", and fill the run as user as root.
    That works with errors :
    Code:
    COMMAND : kdesu okular /win_linux_echange/USER_DATA/PRODUCT/LEVEL1/FORD.pdf
    QStandardPaths: wrong ownership on runtime directory /run/user/1001, 1001 instead of 0
    klauncher not running... launching kdeinit
    QStandardPaths: wrong ownership on runtime directory /run/user/1001, 1001 instead of 0
    QStandardPaths: wrong ownership on runtime directory /run/user/1001, 1001 instead of 0
    No DBUS session-bus found. Check if you have started the DBUS server.
    kdeinit5: Communication error with launcher. Exiting!
    "KLauncher could not be reached via D-Bus. Error when calling kdeinit_exec_wait:\nNot connected to D-Bus server\n"
    Don't need password!!
    Is there any things to configure with the D-Bus registration option in the advance tab of the link to application ?
    When I say it works with errors, I mean the script does what it’s supposed to do.

    What is the difference with my previous attempt from command line ( "if not root run 'exec sudo $0 $@' " )

    Any new comments are welcome.
    Thanks for helping. JCD
    __________

    server leap 15-- ASUS g75vw KDE leap 42.3 -- ASUS g750JZ KDE leap 42.3 -- acer aspire s13 win 10 home -- HP Omen win 10 home - scan EPSON V500 - Brother HL2250DN - Samsung CLP-325W

  5. #5
    Join Date
    Aug 2010
    Location
    Chicago suburbs
    Posts
    12,165
    Blog Entries
    3

    Default Re: bash - Need root right for accessing any folders eventually '/etc' and start gui apps 'okular'

    I see those "wrong ownership" messages. But they have never caused problems for me. I suppose they only cause problems for applications which depend on that path.

    I have no experience with using dbus for what you are trying to do.
    openSUSE Leap 15.1; KDE Plasma 5;

  6. #6
    Join Date
    Jun 2008
    Location
    South-West France
    Posts
    1,015

    Default Re: bash - Need root right for accessing any folders eventually '/etc' and start gui apps 'okular'

    Quote Originally Posted by nrickert View Post
    I see those "wrong ownership" messages. But they have never caused problems for me. I suppose they only cause problems for applications which depend on that path.
    I have no experience with using dbus for what you are trying to do.
    Thank you very much for your quick comment.

    What is the difference between:


    • Calling a script from user console; the script start with
      Code:
      "if not root do 'exec sudo $0  $@' ........ " )
      . I try that but failed to do the job




    • Calling a script from user console; put
      Code:
      su - -c....
      each time a command is started within the script




    • Calling a script from `link to application` and set `run as` to user root ( my second try )
    Thanks for helping. JCD
    __________

    server leap 15-- ASUS g75vw KDE leap 42.3 -- ASUS g750JZ KDE leap 42.3 -- acer aspire s13 win 10 home -- HP Omen win 10 home - scan EPSON V500 - Brother HL2250DN - Samsung CLP-325W

  7. #7
    Join Date
    Aug 2010
    Location
    Chicago suburbs
    Posts
    12,165
    Blog Entries
    3

    Default Re: bash - Need root right for accessing any folders eventually '/etc' and start gui apps 'okular'

    Quote Originally Posted by jcdole View Post
    What is the difference between:
    The main difference is in what is passed along from the environment. The "sudo" command carefully cleans the environment for security reasons.

    Instead of:
    Code:
    exec sudo "$0" "$@"
    you could possibly try:
    Code:
    sudo DISPLAY=$DISPLAY XAUTHORITY=$XAUTHORITY "$0" "$@"
    but first make sure that $AUTHORITY is defined in your desktop.
    openSUSE Leap 15.1; KDE Plasma 5;

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •