[X2Go-Commits] x2gobroker.git - build-main (branch) updated: 0.0.0.1-37-g9a385f3
X2Go dev team
git-admin at x2go.org
Sun May 19 13:03:12 CEST 2013
The branch, build-main has been updated
via 9a385f3d881a59c8e589c3c373eeba8f66049d6e (commit)
from fbb1f8755341c5f318b3e3ee2602487005612e4e (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
-----------------------------------------------------------------------
Summary of changes:
debian/control | 1 +
debian/python-x2gobroker.default | 29 +++++++++++++++++++++++++++
debian/x2gobroker-authservice.default | 9 ---------
debian/x2gobroker-authservice.init | 11 +++++++----
debian/x2gobroker-daemon.default | 35 ---------------------------------
debian/x2gobroker-daemon.init | 18 +++++++++++++----
sbin/x2gobroker | 30 +++++++++++++++++++++++++++-
sbin/x2gobroker-authservice | 24 ++++++++++++++++++++--
setup.py | 7 +++++--
x2gobroker/__init__.py | 5 ++---
x2gobroker/authservice.py | 4 ++--
x2gobroker/defaults.py | 25 -----------------------
12 files changed, 111 insertions(+), 87 deletions(-)
create mode 100644 debian/python-x2gobroker.default
The diff of changes is:
diff --git a/debian/control b/debian/control
index 4a7be0d..833c10f 100644
--- a/debian/control
+++ b/debian/control
@@ -22,6 +22,7 @@ Depends:
python,
python-argparse,
python-setproctitle,
+ python-webpy (>= 1:0.37),
python-x2gobroker (>= ${source:Version}), python-x2gobroker (<< ${source:Version}.1~),
Suggests:
apache2 | httpd,
diff --git a/debian/python-x2gobroker.default b/debian/python-x2gobroker.default
new file mode 100644
index 0000000..f34e313
--- /dev/null
+++ b/debian/python-x2gobroker.default
@@ -0,0 +1,29 @@
+# X2Go Broker Session Broker (common) configuration for Debian
+
+# The posix user/group ID the broker runs under (do not change!)
+# if you change those nonetheless, make sure that the log file
+# directory (default: /var/log/x2gobroker) and files in there are
+# writable by that user
+#X2GOBROKER_DAEMON_USER=x2gobroker
+#X2GOBROKER_DAEMON_GROUP=x2gobroker
+
+# Run X2Go Session Broker in debug mode, this will make the broker
+# available through http GET method calls (otherwise: POST method
+# only) and you will be able to test the broker through your web
+# browser (0=disable, 1=enable).
+#X2GOBROKER_DEBUG=0
+
+# Default X2Go Session Broker backend (available: zeroconf, inifile)
+#X2GOBROKER_DEFAULT_BACKEND=zeroconf
+
+# Path to the X2Go Session Broker's configuration file
+#X2GOBROKER_CONFIG=/etc/x2go/x2gobroker.conf
+
+# Path to the X2Go Session Broker's session profiles file (when using the inifile backend)
+#X2GOBROKER_SESSIONPROFILES=/etc/x2go/broker/x2gobroker-sessionprofiles.conf
+
+# Path to the X2Go Session Broker's agent command
+#X2GOBROKER_AGENT_CMD=/usr/lib/x2go/x2gobroker-agent
+
+# The unix socket file for communication between the broker and the authentication service.
+#X2GOBROKER_AUTHSERVICE_SOCKET=/run/x2gobroker/x2gobroker-authservice.socket
diff --git a/debian/x2gobroker-authservice.default b/debian/x2gobroker-authservice.default
index 9f89cd4..017b75c 100644
--- a/debian/x2gobroker-authservice.default
+++ b/debian/x2gobroker-authservice.default
@@ -8,12 +8,3 @@
# you can disable the authentication service here.
START_AUTHSERVICE=true
-# The posix user ID the broker runs under (do not change!)
-# if you change it nonetheless, make sure that the log file
-# directory (default: /var/log/x2gobroker) and files in there are
-# writable by that user
-#X2GOBROKER_DAEMON_GROUP=x2gobroker
-
-# The unix socket file for communication between the broker and the authentication service.
-#X2GOBROKER_AUTHSERVICE_SOCKET=/run/x2gobroker/x2gobroker-authservice.socket
-
diff --git a/debian/x2gobroker-authservice.init b/debian/x2gobroker-authservice.init
index ccbad0a..d531f78 100755
--- a/debian/x2gobroker-authservice.init
+++ b/debian/x2gobroker-authservice.init
@@ -21,16 +21,18 @@ set -eu
AUTHSERVICE=/usr/sbin/x2gobroker-authservice
test -d /run && RUNDIR=/run || RUNDIR=/var/run
PIDFILE_AUTHSERVICE=$RUNDIR/x2gobroker/x2gobroker-authservice.pid
-DEBIANCONFIG=/etc/default/x2gobroker-authservice
+DEBIANCONFIG_COMMON=/etc/default/python-x2gobroker
+DEBIANCONFIG_AUTHSERVICE=/etc/default/x2gobroker-authservice
test -x "$AUTHSERVICE" || exit 0
START_AUTHSERVICE=false
+X2GOBROKER_DEBUG=0
X2GOBROKER_DAEMON_USER='x2gobroker'
X2GOBROKER_DAEMON_GROUP='x2gobroker'
X2GOBROKER_AUTHSERVICE_SOCKET="$RUNDIR/x2gobroker/x2gobroker-authservice.socket"
-test -f $DEBIANCONFIG && . $DEBIANCONFIG
-
+test -f $DEBIANCONFIG_COMMON && . $DEBIANCONFIG_COMMON
+test -f $DEBIANCONFIG_AUTHSERVICE && . $DEBIANCONFIG_AUTHSERVICE
if ! getent passwd $X2GOBROKER_DAEMON_USER 1>/dev/null 2>/dev/null; then
X2GOBROKER_DAEMON_USER=nobody
@@ -42,8 +44,9 @@ fi
# create PID directory
mkdir -p $RUNDIR/x2gobroker
chown $X2GOBROKER_DAEMON_USER:$X2GOBROKER_DAEMON_GROUP $RUNDIR/x2gobroker
-chmod 0700 $RUNDIR/x2gobroker
+chmod 0770 $RUNDIR/x2gobroker
+export X2GOBROKER_DEBUG
export X2GOBROKER_DAEMON_USER
export X2GOBROKER_DAEMON_GROUP
export X2GOBROKER_AUTHSERVICE_SOCKET
diff --git a/debian/x2gobroker-daemon.default b/debian/x2gobroker-daemon.default
index f3c5bc0..bff0410 100644
--- a/debian/x2gobroker-daemon.default
+++ b/debian/x2gobroker-daemon.default
@@ -3,44 +3,9 @@
# Uncomment to enable the X2Go Session Broker standalone daemon
START_BROKER=true
-# For PAM authentication the X2Go Session Broker needs its authentication
-# service. The session broker itself runs as a non-privileged user (see below)
-# whereas the authentication service must run as super-user root.
-#
-# If you do not use PAM as authentication mechanism with the X2Go Session Broker,
-# you can disable the authentication service here.
-START_AUTHSERVICE=true
-
-# The posix user ID the broker runs under (do not change!)
-# if you change it nonetheless, make sure that the log file
-# directory (default: /var/log/x2gobroker) and files in there are
-# writable by that user
-#X2GOBROKER_DAEMON_USER=x2gobroker
-
-# Run X2Go Session Broker in debug mode, this will make the broker
-# available through http GET method calls (otherwise: POST method
-# only) and you will be able to test the broker through your web
-# browser (0=disable, 1=enable).
-#X2GOBROKER_DEBUG=0
-
# Bind standalone daemon to this address:port
#DAEMON_BIND_ADDRESS=127.0.0.1:8080
-# Default X2Go Session Broker backend (available: zeroconf, inifile)
-#X2GOBROKER_DEFAULT_BACKEND=zeroconf
-
-# Path to the X2Go Session Broker's configuration file
-#X2GOBROKER_CONFIG=/etc/x2go/x2gobroker.conf
-
-# Path to the X2Go Session Broker's session profiles file (when using the inifile backend)
-#X2GOBROKER_SESSIONPROFILES=/etc/x2go/broker/x2gobroker-sessionprofiles.conf
-
-# Path to the X2Go Session Broker's agent command
-#X2GOBROKER_AGENT_CMD=/usr/lib/x2go/x2gobroker-agent
-
-# The unix socket file for communication between the broker and the authentication service.
-#X2GOBROKER_AUTHSERVICE_SOCKET=/run/x2gobroker/x2gobroker-authservice.socket
-
##########################################################
### ###
diff --git a/debian/x2gobroker-daemon.init b/debian/x2gobroker-daemon.init
index a632a86..0a8b90a 100755
--- a/debian/x2gobroker-daemon.init
+++ b/debian/x2gobroker-daemon.init
@@ -21,8 +21,8 @@ set -eu
DAEMON=/usr/sbin/x2gobroker
test -d /run && RUNDIR=/run || RUNDIR=/var/run
PIDFILE_BROKER=$RUNDIR/x2gobroker/x2gobroker-daemon.pid
-DEBIANCONFIG=/etc/default/x2gobroker-daemon
-DEBIANCONFIG_AUTHSERVICE=/etc/default/x2gobroker-daemon
+DEBIANCONFIG_COMMON=/etc/default/python-x2gobroker
+DEBIANCONFIG_DAEMON=/etc/default/x2gobroker-daemon
test -x "$DAEMON" || exit 0
@@ -30,6 +30,7 @@ START_BROKER=false
DAEMON_BIND_ADDRESS=127.0.0.1:8080
X2GOBROKER_DEBUG=0
X2GOBROKER_DAEMON_USER='x2gobroker'
+X2GOBROKER_DAEMON_GROUP='x2gobroker'
X2GOBROKER_DEFAULT_BACKEND="zeroconf"
X2GOBROKER_CONFIG="/etc/x2go/x2gobroker.conf"
X2GOBROKER_SESSIONPROFILES="/etc/x2go/broker/x2gobroker-sessionprofiles.conf"
@@ -37,12 +38,20 @@ X2GOBROKER_AGENT_CMD="/usr/lib/x2go/x2gobroker-agent"
X2GOBROKER_AUTHSERVICE_SOCKET="$RUNDIR/x2gobroker/x2gobroker-authservice.socket"
X2GOBROKER_SSL_CERTFILE=
X2GOBROKER_SSL_KEYFILE=
-test -f $DEBIANCONFIG && . $DEBIANCONFIG
-test -f $DEBIANCONFIG_AUTHSERVICE && . $DEBIANCONFIG_AUTHSERVICE
+test -f $DEBIANCONFIG_COMMON && . $DEBIANCONFIG_COMMON
+test -f $DEBIANCONFIG_DAEMON && . $DEBIANCONFIG_DAEMON
if ! getent passwd $X2GOBROKER_DAEMON_USER 1>/dev/null 2>/dev/null; then
X2GOBROKER_DAEMON_USER=nobody
fi
+if ! getent group $X2GOBROKER_DAEMON_GROUP 1>/dev/null 2>/dev/null; then
+ X2GOBROKER_DAEMON_GROUP=nogroup
+fi
+
+# create PID directory
+mkdir -p $RUNDIR/x2gobroker
+chown $X2GOBROKER_DAEMON_USER:$X2GOBROKER_DAEMON_GROUP $RUNDIR/x2gobroker
+chmod 0770 $RUNDIR/x2gobroker
# mend user ID variables when --chuid $X2GOBROKER_DAEMON_USER is used with start-stop-daemon
export LOGNAME=$X2GOBROKER_DAEMON_USER
@@ -51,6 +60,7 @@ export USERNAME=$X2GOBROKER_DAEMON_USER
export X2GOBROKER_DEBUG
export X2GOBROKER_DAEMON_USER
+export X2GOBROKER_DAEMON_GROUP
export X2GOBROKER_CONFIG
export X2GOBROKER_DEFAULT_BACKEND
export X2GOBROKER_SESSIONPROFILES
diff --git a/sbin/x2gobroker b/sbin/x2gobroker
index bb52019..33e9580 100755
--- a/sbin/x2gobroker
+++ b/sbin/x2gobroker
@@ -22,10 +22,11 @@
# Free Software Foundation, Inc.,
# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
-import sys
import os
+import sys
import argparse
import socket
+import logging
import web
from web.wsgiserver import CherryPyWSGIServer
@@ -35,8 +36,35 @@ except ImportError:
sys.path.insert(0, os.path.join(os.getcwd(), '..'))
import x2gobroker.defaults
+from x2gobroker import __VERSION__
+from x2gobroker import __AUTHOR__
from x2gobroker.loggers import logger_broker, logger_access, logger_error
+logger_broker.info('X2Go Session Broker ({version}), written by {author}'.format(version=__VERSION__, author=__AUTHOR__))
+logger_broker.info('Setting up the broker\'s environment...')
+logger_broker.info(' X2GOBROKER_DEBUG: {value}'.format(value=x2gobroker.defaults.X2GOBROKER_DEBUG))
+logger_broker.info(' X2GOBROKER_CONFIG: {value}'.format(value=x2gobroker.defaults.X2GOBROKER_CONFIG))
+logger_broker.info(' X2GOBROKER_AGENT_CMD: {value}'.format(value=x2gobroker.defaults.X2GOBROKER_AGENT_CMD))
+logger_broker.info(' X2GOBROKER_AUTHSERVICE_SOCKET: {value}'.format(value=x2gobroker.defaults.X2GOBROKER_AUTHSERVICE_SOCKET))
+logger_broker.info(' X2GOBROKER_DEFAULT_BACKEND: {value}'.format(value=x2gobroker.defaults.X2GOBROKER_DEFAULT_BACKEND))
+logger_broker.info(' X2GOBROKER_SSL_CERTFILE: {value}'.format(value=x2gobroker.defaults.X2GOBROKER_SSL_CERTFILE))
+logger_broker.info(' X2GOBROKER_SSL_KEYFILE: {value}'.format(value=x2gobroker.defaults.X2GOBROKER_SSL_KEYFILE))
+
+# raise log level to DEBUG if requested...
+if x2gobroker.defaults.X2GOBROKER_DEBUG and not x2gobroker.defaults.X2GOBROKER_TESTSUITE:
+ logger_broker.setLevel(logging.DEBUG)
+ logger_access.setLevel(logging.DEBUG)
+ logger_error.setLevel(logging.DEBUG)
+
+# check effective UID the broker runs as and complain appropriately...
+if x2gobroker.defaults.X2GOBROKER_USER != x2gobroker.defaults.X2GOBROKER_DAEMON_USER and os.geteuid() != 0:
+ logger_broker.warn('X2Go Session Broker has been started interactively by user {username}, better run as user {daemon_username}.'.format(username=X2GOBROKER_USER, daemon_username=X2GOBROKER_DAEMON_USER))
+ logger_broker.info('Automatically switching to DEBUG mode due to interactive launch of this application.')
+elif x2gobroker.defaults.X2GOBROKER_DAEMON_USER != 'root' and os.geteuid() == 0:
+ logger_broker.warn('X2Go Session Broker should not be run as root, better run as user {daemon_username}.'.format(daemon_username=X2GOBROKER_DAEMON_USER))
+elif os.geteuid() == 0:
+ logger_broker.warn('X2Go Session Broker should not be run as root, better run as non-privileged user')
+
# parse-in potential command line options
cmdline_args = None
if __name__ == "__main__":
diff --git a/sbin/x2gobroker-authservice b/sbin/x2gobroker-authservice
index 6ff6423..2d9af94 100755
--- a/sbin/x2gobroker-authservice
+++ b/sbin/x2gobroker-authservice
@@ -26,17 +26,37 @@ import os
import sys
import setproctitle
import argparse
+import logging
try:
- import x2gobroker.authservice
+ import x2gobroker.defaults
except ImportError:
sys.path.insert(0, os.path.join(os.getcwd(), '..'))
- import x2gobroker.authservice
+ import x2gobroker.defaults
+
+import x2gobroker.authservice
PROG_NAME = os.path.basename(sys.argv[0])
PROG_OPTIONS = sys.argv[1:]
setproctitle.setproctitle("%s %s" % (PROG_NAME, " ".join(PROG_OPTIONS)))
+from x2gobroker import __VERSION__
+from x2gobroker import __AUTHOR__
+from x2gobroker.loggers import logger_authservice
+
+# raise log level to DEBUG if requested...
+if x2gobroker.defaults.X2GOBROKER_DEBUG and not x2gobroker.defaults.X2GOBROKER_TESTSUITE:
+ logger_authservice.setLevel(logging.DEBUG)
+
+logger_authservice.info('X2Go Session Broker ({version}), written by {author}'.format(version=__VERSION__, author=__AUTHOR__))
+logger_authservice.info('Setting up the PAM authentication service\'s environment...')
+logger_authservice.info(' X2GOBROKER_DEBUG: {value}'.format(value=x2gobroker.defaults.X2GOBROKER_DEBUG))
+logger_authservice.info(' X2GOBROKER_AUTHSERVICE_SOCKET: {value}'.format(value=x2gobroker.defaults.X2GOBROKER_AUTHSERVICE_SOCKET))
+
+# check effective UID the broker runs as and complain appropriately...
+if os.geteuid() != 0:
+ logger_authservice.warn('X2Go Session Broker\'PAM authentication service should run with root privileges to guarantee proper access to all PAM modules.')
+
if __name__ == '__main__':
common_options = [
diff --git a/setup.py b/setup.py
index 8745c3f..f6d9aba 100755
--- a/setup.py
+++ b/setup.py
@@ -28,15 +28,18 @@ import os
for line in file(os.path.join('x2gobroker', '__init__.py')).readlines():
if (line.startswith('__VERSION__')):
exec(line.strip())
+for line in file(os.path.join('x2gobroker', '__init__.py')).readlines():
+ if (line.startswith('__AUTHOR__')):
+ exec(line.strip())
MODULE_VERSION = __VERSION__
-
+MODULE_AUTHOR = __AUTHOR__
setup(
name = "x2gobroker",
version = MODULE_VERSION,
description = "X2Go Session Broker",
license = 'AGPLv3+',
- author = 'Mike Gabriel',
+ author = MODULE_AUTHOR,
url = 'http://www.x2go.org',
packages = find_packages('.'),
package_dir = {'': '.'},
diff --git a/x2gobroker/__init__.py b/x2gobroker/__init__.py
index ad8c1e4..d9172cc 100644
--- a/x2gobroker/__init__.py
+++ b/x2gobroker/__init__.py
@@ -18,6 +18,5 @@
# Free Software Foundation, Inc.,
# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
-__VERSION__ = '0.0.0.1'
-
-
+__VERSION__ = '0.0.0.2'
+__AUTHOR__ = 'Mike Gabriel (X2Go Project) <mike.gabriel at das-netzwerkteam.de>'
diff --git a/x2gobroker/authservice.py b/x2gobroker/authservice.py
index 7b12bb9..fa7ce84 100644
--- a/x2gobroker/authservice.py
+++ b/x2gobroker/authservice.py
@@ -93,7 +93,7 @@ def authenticate(username, password, service="x2gobroker"):
result = s.recv(1024)
s.close()
if result.startswith('ok'):
- logger_authservice.info('authentication against PAM service {service} succeeded for {username}'.format(username=username, service=service))
+ logger_authservice.info('authentication against PAM service »{service}« succeeded for user »{username}«'.format(username=username, service=service))
return True
- logger_authservice.info('authentication against service {service} failed for user {username}'.format(username=username, service=service))
+ logger_authservice.info('authentication against service »{service}« failed for user »{username}«'.format(username=username, service=service))
return False
diff --git a/x2gobroker/defaults.py b/x2gobroker/defaults.py
index f56a566..720fa94 100644
--- a/x2gobroker/defaults.py
+++ b/x2gobroker/defaults.py
@@ -46,36 +46,16 @@ else:
if X2GOBROKER_USER != X2GOBROKER_DAEMON_USER:
X2GOBROKER_DEBUG = True
-# raise log level to DEBUG if requested...
-if X2GOBROKER_DEBUG and not X2GOBROKER_TESTSUITE:
- logger_broker.setLevel(logging.DEBUG)
- logger_access.setLevel(logging.DEBUG)
- logger_error.setLevel(logging.DEBUG)
-
# drop og level to CRITICAL if we are running the unittests...
if X2GOBROKER_TESTSUITE:
logger_broker.setLevel(logging.CRITICAL)
logger_access.setLevel(logging.CRITICAL)
logger_error.setLevel(logging.CRITICAL)
-# check effective UID the broker runs as and complain appropriately...
-if X2GOBROKER_USER != X2GOBROKER_DAEMON_USER and os.geteuid() != 0:
- logger_broker.warn('X2Go Session Broker has been started interactively by user {username}, better run as user {daemon_username}.'.format(username=X2GOBROKER_USER, daemon_username=X2GOBROKER_DAEMON_USER))
- logger_broker.info('Automatically switching to DEBUG mode due to interactive launch of this application.')
-elif X2GOBROKER_DAEMON_USER != 'root' and os.geteuid() == 0:
- logger_broker.warn('X2Go Session Broker should not be run as root, better run as user {daemon_username}.'.format(daemon_username=X2GOBROKER_DAEMON_USER))
-elif os.geteuid() == 0:
- logger_broker.warn('X2Go Session Broker should not be run as root, better run as non-privileged user')
-
-logger_broker.info('Setting up the broker\'s environment...')
-logger_broker.info('X2Go Session Broker: Setting up the broker\'s environment...')
-logger_broker.info(' X2GOBROKER_DEBUG: {value}'.format(value=X2GOBROKER_DEBUG))
-
if os.environ.has_key('X2GOBROKER_CONFIG'):
X2GOBROKER_CONFIG = os.environ['X2GOBROKER_CONFIG']
else:
X2GOBROKER_CONFIG = "/etc/x2go/x2gobroker.conf"
-logger_broker.info(' X2GOBROKER_CONFIG: {value}'.format(value=X2GOBROKER_CONFIG))
X2GOBROKER_SESSIONPROFILES = "/etc/x2go/broker/x2gobroker-sessionprofiles.conf"
@@ -83,31 +63,26 @@ if os.environ.has_key('X2GOBROKER_AGENT_CMD'):
X2GOBROKER_AGENT_CMD = os.environ['X2GOBROKER_AGENT_CMD']
else:
X2GOBROKER_AGENT_CMD = "/usr/lib/x2go/x2gobroker-agent"
-logger_broker.info(' X2GOBROKER_AGENT_CMD: {value}'.format(value=X2GOBROKER_AGENT_CMD))
if os.environ.has_key('X2GOBROKER_AUTHSERVICE_SOCKET'):
X2GOBROKER_AUTHSERVICE_SOCKET=os.environ['X2GOBROKER_AUTHSERVICE_SOCKET']
else:
X2GOBROKER_AUTHSERVICE_SOCKET="/var/run/x2gobroker-authservice.socket"
-logger_broker.info(' X2GOBROKER_AUTHSERVICE_SOCKET: {value}'.format(value=X2GOBROKER_AUTHSERVICE_SOCKET))
if os.environ.has_key('X2GOBROKER_DEFAULT_BACKEND'):
X2GOBROKER_DEFAULT_BACKEND = os.environ['X2GOBROKER_DEFAULT_BACKEND']
else:
X2GOBROKER_DEFAULT_BACKEND = "zeroconf"
-logger_broker.info(' X2GOBROKER_DEFAULT_BACKEND: {value}'.format(value=X2GOBROKER_DEFAULT_BACKEND))
if os.environ.has_key('X2GOBROKER_SSL_CERTFILE'):
X2GOBROKER_SSL_CERTFILE = os.environ['X2GOBROKER_SSL_CERTFILE']
else:
X2GOBROKER_SSL_CERTFILE = ""
-logger_broker.info(' X2GOBROKER_SSL_CERTFILE: {value}'.format(value=X2GOBROKER_SSL_CERTFILE))
if os.environ.has_key('X2GOBROKER_SSL_KEYFILE'):
X2GOBROKER_SSL_KEYFILE = os.environ['X2GOBROKER_SSL_KEYFILE']
else:
X2GOBROKER_SSL_KEYFILE = ""
-logger_broker.info(' X2GOBROKER_SSL_KEYFILE: {value}'.format(value=X2GOBROKER_SSL_KEYFILE))
###
hooks/post-receive
--
x2gobroker.git (HTTP(S) Session broker for X2Go)
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "x2gobroker.git" (HTTP(S) Session broker for X2Go).
More information about the x2go-commits
mailing list