[X2Go-Commits] x2gobroker.git - build-main (branch) updated: 0.0.0.1-17-g58da6a1
X2Go dev team
git-admin at x2go.org
Sun May 19 13:03:10 CEST 2013
The branch, build-main has been updated
via 58da6a1d6504def84dccbc9f3328cca439fefa3b (commit)
from f1ea959ac2800e88d57018b80b648f7ab48fc9a8 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
-----------------------------------------------------------------------
Summary of changes:
debian/changelog | 2 ++
debian/x2gobroker-daemon.default | 5 ++++-
debian/x2gobroker-daemon.init | 8 +++++++-
x2gobroker/defaults.py | 14 ++++++++++++--
x2gobroker/loggers.py | 1 -
5 files changed, 25 insertions(+), 5 deletions(-)
mode change 100644 => 100755 debian/x2gobroker-daemon.init
The diff of changes is:
diff --git a/debian/changelog b/debian/changelog
index 467aa58..c7be8e3 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -8,6 +8,8 @@ x2gobroker (0.0.0.2-0~x2go1) UNRELEASED; urgency=low
- Add man page for x2gobroker executable.
- Add logrotate configuration for x2gobroker log files.
- Make the daemon user ID configurable through x2gobroker-daemon.default.
+ - Handle different situation for X2GOBROKER_DAEMON_USER. Make sure
+ the getpass.getuser() function sees the correct effective UID.
* /debian/control:
+ Add bin:package x2gobroker-agent.
diff --git a/debian/x2gobroker-daemon.default b/debian/x2gobroker-daemon.default
index 589aedb..8b8bea2 100644
--- a/debian/x2gobroker-daemon.default
+++ b/debian/x2gobroker-daemon.default
@@ -3,7 +3,10 @@
# Uncomment to enable the X2Go Session Broker standalone daemon
START_DAEMON=true
-# the posix user ID the broker runs under
+# the posix user ID the broker runs under (do not change!)
+# if you change it nonetheless, make sure that the log file
+# directory (default: /var/log/x2gobroker) and files in there are
+# writable by that user
#X2GOBROKER_DAEMON_USER=x2gobroker
# run XGo Session Broker in debug mode, this will make the broker
diff --git a/debian/x2gobroker-daemon.init b/debian/x2gobroker-daemon.init
old mode 100644
new mode 100755
index 4d89e64..789291b
--- a/debian/x2gobroker-daemon.init
+++ b/debian/x2gobroker-daemon.init
@@ -37,6 +37,12 @@ X2GOBROKER_SSL_CERTFILE=
X2GOBROKER_SSL_KEYFILE=
test -f $DEBIANCONFIG && . $DEBIANCONFIG
+if ! getent passwd $X2GOBROKER_DAEMON_USER 1>/dev/null 2>/dev/null; then
+ X2GOBROKER_DAEMON_USER=nobody
+fi
+
+export LOGNAME=$X2GOBROKER_DAEMON_USER
+
export X2GOBROKER_DEBUG
export X2GOBROKER_DAEMON_USER
export X2GOBROKER_CONFIG
@@ -62,7 +68,7 @@ case "${1:-}" in
log_daemon_msg "Starting X2Go Session Broker standalone daemon" "x2gobroker"
mkdir -p $RUNDIR
set +e
- start-stop-daemon -u $X2GOBROKER_DAEMON_USER -b -m -S -p $PIDFILE -x $DAEMON -- -b $DAEMON_BIND_ADDRESS
+ start-stop-daemon --chuid $X2GOBROKER_DAEMON_USER -b -m -S -p $PIDFILE -x $DAEMON -- -b $DAEMON_BIND_ADDRESS
log_end_msg $?
set -e
fi
diff --git a/x2gobroker/defaults.py b/x2gobroker/defaults.py
index 1f250c2..4099d57 100644
--- a/x2gobroker/defaults.py
+++ b/x2gobroker/defaults.py
@@ -39,15 +39,25 @@ else:
X2GOBROKER_DEBUG = False
if X2GOBROKER_USER != X2GOBROKER_DAEMON_USER:
X2GOBROKER_DEBUG = True
-
+X2GOBROKER_DEBUG = True
if X2GOBROKER_DEBUG:
logger_broker.setLevel(logging.DEBUG)
logger_access.setLevel(logging.DEBUG)
logger_error.setLevel(logging.DEBUG)
-if X2GOBROKER_USER != X2GOBROKER_DAEMON_USER:
+logger_broker.warn('os.getuid() = %s' % os.getuid())
+logger_broker.warn('os.geteuid() = %s' % os.geteuid())
+logger_broker.warn('getpass.getuser() = %s' % getpass.getuser())
+
+# check effective UID the broker runs as and complain appropriately...
+if X2GOBROKER_USER != X2GOBROKER_DAEMON_USER and os.geteuid() != 0:
logger_broker.warn('X2Go Session Broker has been started interactively by user {username}, better run as user {daemon_username}.'.format(username=X2GOBROKER_USER, daemon_username=X2GOBROKER_DAEMON_USER))
logger_broker.info('Automatically switching to DEBUG mode due to interactive launch of this application.')
+elif X2GOBROKER_DAEMON_USER != 'root' and os.geteuid() == 0:
+ logger_broker.warn('X2Go Session Broker should not be run as root, better run as user {daemon_username}.'.format(daemon_username=X2GOBROKER_DAEMON_USER))
+elif os.geteuid() == 0:
+ logger_broker.warn('X2Go Session Broker should not be run as root, better run as non-privileged user')
+
logger_broker.info('Setting up the broker\'s environment...')
logger_broker.info(' X2GOBROKER_DEBUG: {value}'.format(value=X2GOBROKER_DEBUG))
diff --git a/x2gobroker/loggers.py b/x2gobroker/loggers.py
index d7fb60a..7791bbd 100644
--- a/x2gobroker/loggers.py
+++ b/x2gobroker/loggers.py
@@ -65,4 +65,3 @@ else:
logger_error = logging.getLogger('error')
logger_error.addHandler(stdout_handler)
logger_error.propagate = 0
-
hooks/post-receive
--
x2gobroker.git (HTTP(S) Session broker for X2Go)
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "x2gobroker.git" (HTTP(S) Session broker for X2Go).
More information about the x2go-commits
mailing list