My Pi Description

My Experiences With the Raspberry Pi -- Tracking My Learning -- My Pi Projects

Friday, October 18, 2013

Can A Python Script With GUI Run From Root? Not A Trivial Question. Answer: Yes

Important Preface: While I mention graphing results of measurements in the next paragraph, this post is about the Graphical User Interface. Even though graphing and Graphical contain the word graph, this post concerns a problem related to the Graphical User's Interface and not any problem graphing results.
My last blog post is about my python program that measures temperature and then graphs the results. When that script runs, the user is faced with many questions to answer. All that typing gets quite tedious after a while so I thought about including a GUI (Graphical User's Interface) to deal with the questions. I started slow and included a pop-up window for the user to select a file name. I used the Tkinter module, included in python 2.7. Seemed simple enough. Of course, due to the RPi GPIO code, the script has to be run as root (prefacing the command with sudo). It didn't work!
I got an error: “Client is not authorized to connect to Server…..”. What!!! This error really floored me. I posted a question on the Stackoverflow forum and was told that I should use gksudo or its cousin gksu instead of sudo (gksudo is related to gksu as sudo is related to su).
What is gksudo/gksu? The Linux manual page says: "Their primary purpose is to run graphical commands that need root without the need to run an X terminal emulator and using su directly." The first part of that sentence sounded to be just what I needed. So, I played around with a simple script and ran it with gksudo. It worked fine. Then, I tried more complex scripts and I noticed they almost worked. Finally, I tried my large temperature measuring program run with gksudo (no GUI code in this script), and IT DID NOT WORK AT ALL.
Now, what? Every time I ran a script using gksudo (or gksu) I received this error message: "Xlib: extension "RANDR" missing on display "1.0". I had no idea what that meant but decided I had to find out how to get around it. Consequently, I did a search on RANDR. I found nothing to explain what RANDR is but I found quite a few forum posts where people asked about the exact same error message. This message pops up in a diverse universe of Linux applications run on a variety of platforms. There were a lot of answers, too. However, none had a solution I could use. Many of the answers said to ignore the error message. In my case, I knew I could not ignore the error - my script fails.
I next posted the question on the Raspberry Pi forum and the Stackoverflow forum. I explained about getting the no permission error with sudo, and the RANDR error with gksudo and the fact that my script fails. My responses on both forums was no response at all.
Finally, my son helped me out by pointing me to a forum post he found that gave me the answer that worked:
To the bottom of this file:
          pi@raspberrypi: ~/.bashrc
Add (first line optional):
          # allows X11 graphics to be run from root
          xhost +
The first line, of course is just a comment. What is xhost + doing here, and why?
The Linux manual page says that xhost is used to add and delete host or user names to the list allowed to make connections to the X server. By saying xhost +, we give every Tom, Dick, Harry, and Edward Snowden permission to connect to the X server. This includes root.
And, what is X server? From the Linux Information Project, "An X server is a program in the X Window System that runs on local machines (i.e., the computers used directly by users) and handles all access to the graphics cards, display screens and input devices (typically a keyboard and mouse) on those computers." The X window system used by the Pi's Linux distribution is X11.
Since we give everybody permission to make connections to the X server (xhost + does that), are we putting our Raspberry Pi in danger? If you have other users that have access to your Pi, they may be able to pop a window into your display space. But, if you are the only user there should be no danger of applying xhost +

1 comment: