On Thu, Feb 10, 2022 at 06:37:04PM -0800, pe...@easthope.ca wrote: > root@joule:~# su peter > peter@joule:~$ firefox-esr --display=:0 > Invalid MIT-MAGIC-COOKIE-1 keyUnable to init server: Could not connect: > Connection refused > Error: cannot open display: :0 > > peter, logged in directly, can run firefox. > root, logged in directly, can run firefox. > The above is from a security mechanism in firefox?
No, you simply haven't provided enough credentials to the X server. It's the X server who's rejecting connections from "peter", because "peter" has not presented the correct MIT-MAGIC-COOKIE (auth token). In all honesty, if you have started X as root, my advice at this point would be to get the HELL out of that X session. Do not try to proceed. Nothing good can result. In the more usual scenario, you have started X as peter, and then used su to become root. It is precisely at this point where the X auth token has become lost, as it's in the home directory of peter, not the home directory of root. If peter's home directory is on a local file system, then root can probably read it. In that case, you can simply do: export XAUTHORITY=/home/peter/.Xauthority And then the su session running as root will be able to authenticate to peter's X server/session in order to run X clients. (This doesn't mean you should run firefox as root, though. It just means you *can*. You have the literal authority to do so. It's still a stupidly bad idea.)