GNU Screen – Share Terminal with Multiple Users

gnu-screenmultiuser

I am setting up a server where there are multiple developers working on multiple applications.

I have figured out how to give certain developers shared access to the necessary application directories using the setgid bit and default ACLs to give anyone in a group access.

Many of these applications run under a terminal while in development for easy access. When I work alone, I set up a user for an application and run screen as that user. This has the downside that every developer to use the screen session needs to know the password and it is harder to keep user and application accounts separate.

One way that could work is using screen multiuser features. They do not work out-of-the-box however, screen complains about needing suid root. Does giving that have any downsides? I am pretty careful about using suid root anything. Maybe there is a reason why it isn't the default?

Should I do it with screen or is there some other intelligent way of doing what I want?

Best Answer

Yes, you can do it with screen which has multiuser support.

First, create a new session:

screen -d -m -S multisession

Attach to it:

screen -r multisession

Turn on multiuser support:

Press Ctrl-a and type (NOTE: Ctrl+a is needed just before each single command, i.e. twice here)

:multiuser on
:acladd USER ← use username of user you want to give access to your screen

Now, Ctrl-a d and list the sessions:

$ screen -ls
There is a screen on:
    4791.multisession   (Multi, detached)

You now have a multiuser screen session. Give the name multisession to acl'd user, so he can attach to it:

screen -x youruser/multisession

And that's it.

The only drawback is that screen must run as suid root. But as far as I know is the default, normal situation.

Another option is to do screen -S $screen_id -X multiuser on, screen -S $screen_id -X acladd authorized_user

Hope this helps.

Related Question