[X2Go-Commits] x2goserver.git - build-baikal (branch) updated: 3.1.1.3-213-ge6cdad1

X2Go dev team git-admin at x2go.org
Fri Jan 3 18:05:15 CET 2014


The branch, build-baikal has been updated
       via  e6cdad130e1aebe7fa94022b3f7fe0d1cf6c4f8c (commit)
      from  f7f414b7b87e13e89e9eb9109e00562fa6aecc86 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
-----------------------------------------------------------------------

Summary of changes:
 debian/changelog              |    3 +++
 x2goserver/bin/x2gostartagent |    5 +++++
 x2goserver/sbin/x2godbadmin   |    7 +++++--
 3 files changed, 13 insertions(+), 2 deletions(-)

The diff of changes is:
diff --git a/debian/changelog b/debian/changelog
index 2b362eb..6a70599 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -70,6 +70,9 @@ x2goserver (4.0.1.7-0~x2go1) UNRELEASED; urgency=low
       (Fixes: #285).
     - Provide sudoers.d/x2goserver file that allows sudoed commands under
       KDE (by pertaining the env var QT_GRAPHICSSYSTEM. (Fixes: #276).
+    - With PostgreSQL as session db backend, prevent the root user from
+      launching sessions. Also, prevent x2gouser_root from being added as a
+      PostgreSQL user. (Fixes: #310).
   * /debian/control:
     - Update LONG_DESCRIPTIONS.
     - Move xfonts-base from Recommends: field to Depends: field (bin:package
diff --git a/x2goserver/bin/x2gostartagent b/x2goserver/bin/x2gostartagent
index 1b3f454..607a35e 100755
--- a/x2goserver/bin/x2gostartagent
+++ b/x2goserver/bin/x2gostartagent
@@ -27,6 +27,11 @@ $X2GO_LIB_PATH/x2gosyslog "$0" "info" "$(basename $0) called with options: $@"
 X2GO_PORT=49 #First port for X2GO=50
 SSH_PORT=30000 #First ssh port 30001
 
+if egrep "^backend[ ]*=[ ]*postgres" /etc/x2go/x2gosql/sql 1>/dev/null 2>/dev/null && [ "x$USER" = "xroot" ]; then
+	echo "The super-user \"root\" is not allowed to launch X2Go sessions."
+	exit -1
+fi
+
 X2GO_ROOT="${HOME}/.x2go"
 export NX_ROOT=$X2GO_ROOT
 
diff --git a/x2goserver/sbin/x2godbadmin b/x2goserver/sbin/x2godbadmin
index 5362905..4f10b02 100755
--- a/x2goserver/sbin/x2godbadmin
+++ b/x2goserver/sbin/x2godbadmin
@@ -308,9 +308,12 @@ sub add_user()
 {
 	my $user=shift;
 	my ($name, $pass, $uid, $pgid, $quota, $comment, $gcos, $dir, $shell, $expire) = getpwnam($user);
-	if (! $uid)
+	if (! $name)
 	{
-		print "Can not find user ($user)\n";
+		print "Cannot find user ($user)\n";
+		return;
+	} elsif ($name == "root") {
+		print "The super-user \"root\" is not allowed to use X2Go\n";
 		return;
 	}
 	$pass=`makepasswd`;


hooks/post-receive
-- 
x2goserver.git (X2Go Server)

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "x2goserver.git" (X2Go Server).




More information about the x2go-commits mailing list