Citrix states in their article: CTX753098
CTX753098 - 'su - ' Command Does not Bring Necessary $DISPLAY Variable with it
This document was published at: http://support.citrix.com/kb/entry.jspa?externalID=CTX753098
Document ID: CTX753098, Created on: Mar 30, 2001, Updated: Apr 23, 2003
Products: Citrix MetaFrame 1.1 for UNIX
MetaFrame for UNIX requires a $DISPLAY value to be in the format of unix:x.0, where x is the display number. This value is set initially at session login.
< p>When user1 issues the command "su - user2," a new shell starts up as if the new user had initiated a new login session; the environment is deleted and reset to the login state. As a result, after the command "su - user2" is issued, $DISPLAY is incorrect.
To fix this, we need to create a couple of scripts that will:
1. Add user2 to the ACL of user1's X display.
2. Execute "su" with additional arguments.
3. Check for the current $DISPLAY variable and pass it to the new shell that the "su - user2" invokes.
Here is one possible solution:
Create a script called ctxsu and place it in /opt/CTXSmf/bin.
#!/bin/ksh
# Set the shell for this script
# Add su'd user to ACL of su-er's X display
/usr/openwin/bin/xhost +local:$1
# Print output of current $DISPLAY
echo $DISPLAY
# Invoke su with added arguments
su - $1 -c "/opt/CTXSmf/bin/ctxsudisp.sh $DISPLAY"
Make this Read and Execute for everyone.
Then create a script called ctxsudisp.sh and place it in /opt/CTXSmf/bin.
#!/bin/ksh
# Set the shell for this script
# Set and export the current display for su'd user
DISPLAY=$1;export DISPLAY
# Use the su'd user's own shell as a new shell
# This will allow 'exit' to user's prior shell
exec $SHELL
Make this Read and Execute for everyone.
Now, when you want to issue the command "su - user," call ctxsu as such:
ctxsu user
This gives the proper $DISPLAY along with login environment variables to the new shell.
