Drop root privilege in main() failed

wij2

I have a qt5 program reduced to look likt tt.cpp as follow:
(using g++ on Fedora 29)

// tt.cpp
int main(int argc, char* argv[])
{
const char* usr=::getenv("USER");
cout << "USER=";
if(usr==NULL) {
return -1;
}

drop_root(usr); // drop root privilege to that of usr

QApplication app(argc,argv);

MainWidget *mainWidget= new MainWidget(NULL);

mainWidget->show();
app.exec();
return 0;
}

[me@localhost exr]$ env | grep SESSION
XDG_SESSION_ID=2
DESKTOP_SESSION=gnome
XDG_SESSION_TYPE=wayland
XDG_SESSION_DESKTOP=gnome
GDMSESSION=gnome
DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1000/bus
SESSION_MANAGER=local/unix:@/tmp/.ICE-unix/1563,unix/unix:/tmp/.ICE-unix/1563
[me@localhost exr]$ ./tt
USER=me
Warning: Ignoring XDG_SESSION_TYPE=wayland on Gnome. Use QT_QPA_PLATFORM=wayland to run on Wayland anyway.

tt program was launched from terminal. it performed normal except the
warning message and the window icon(.xpm) did not show.

[me@localhost exr]$ su
Password:
[root@localhost exr]# env | grep SESSION
XDG_SESSION_ID=2
DESKTOP_SESSION=gnome
XDG_SESSION_TYPE=wayland
XDG_SESSION_DESKTOP=gnome
GDMSESSION=gnome
DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1000/bus
SESSION_MANAGER=local/unix:@/tmp/.ICE-unix/1563,unix/unix:/tmp/.ICE-unix/1563
[root@localhost exr]# ./tt
USER=me
Warning: Ignoring XDG_SESSION_TYPE=wayland on Gnome. Use QT_QPA_PLATFORM=wayland to run on Wayland anyway.
Qt: Session management error: None of the authentication protocols specified are supported
Segmentation fault
[root@localhost exr]#

But, if tt program was launched from terminal as root, Segmentation fault
results.
How should I do to launch the program after 'su'?

dheerendra

I don't know about drop_root ? Can you use sudo on your box ?

SGaist

Hi,

IIRC, modern systems disable by default access to the X server for the root user. You have to explicitly allow that when calling su.

wij2

To dheerendra:

[me@localhost exr]$ sudo ./tt
[sudo] password for me:
USER=me
QStandardPaths: XDG_RUNTIME_DIR not set, defaulting to '/tmp/runtime-me'
Segmentation fault

In general, tt behaves quite differently in different scenario. e.g. sometimes it complains:

QSocketNotifier: Can only be used with threads started with QThread
Segmentation fault

To SGaist:

My gui program need edit some files/devices only accessible by root,
any suggestions or informations that'll make it work are appreciated.

SGaist

What about requesting access only when needing to write these files ?