[X2Go-Commits] x2goserver.git - build-baikal (branch) updated: 3.1.1.3-213-ge6cdad1
X2Go dev team
git-admin at x2go.org
Fri Jan 3 18:05:15 CET 2014
The branch, build-baikal has been updated
via e6cdad130e1aebe7fa94022b3f7fe0d1cf6c4f8c (commit)
from f7f414b7b87e13e89e9eb9109e00562fa6aecc86 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
-----------------------------------------------------------------------
Summary of changes:
debian/changelog | 3 +++
x2goserver/bin/x2gostartagent | 5 +++++
x2goserver/sbin/x2godbadmin | 7 +++++--
3 files changed, 13 insertions(+), 2 deletions(-)
The diff of changes is:
diff --git a/debian/changelog b/debian/changelog
index 2b362eb..6a70599 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -70,6 +70,9 @@ x2goserver (4.0.1.7-0~x2go1) UNRELEASED; urgency=low
(Fixes: #285).
- Provide sudoers.d/x2goserver file that allows sudoed commands under
KDE (by pertaining the env var QT_GRAPHICSSYSTEM. (Fixes: #276).
+ - With PostgreSQL as session db backend, prevent the root user from
+ launching sessions. Also, prevent x2gouser_root from being added as a
+ PostgreSQL user. (Fixes: #310).
* /debian/control:
- Update LONG_DESCRIPTIONS.
- Move xfonts-base from Recommends: field to Depends: field (bin:package
diff --git a/x2goserver/bin/x2gostartagent b/x2goserver/bin/x2gostartagent
index 1b3f454..607a35e 100755
--- a/x2goserver/bin/x2gostartagent
+++ b/x2goserver/bin/x2gostartagent
@@ -27,6 +27,11 @@ $X2GO_LIB_PATH/x2gosyslog "$0" "info" "$(basename $0) called with options: $@"
X2GO_PORT=49 #First port for X2GO=50
SSH_PORT=30000 #First ssh port 30001
+if egrep "^backend[ ]*=[ ]*postgres" /etc/x2go/x2gosql/sql 1>/dev/null 2>/dev/null && [ "x$USER" = "xroot" ]; then
+ echo "The super-user \"root\" is not allowed to launch X2Go sessions."
+ exit -1
+fi
+
X2GO_ROOT="${HOME}/.x2go"
export NX_ROOT=$X2GO_ROOT
diff --git a/x2goserver/sbin/x2godbadmin b/x2goserver/sbin/x2godbadmin
index 5362905..4f10b02 100755
--- a/x2goserver/sbin/x2godbadmin
+++ b/x2goserver/sbin/x2godbadmin
@@ -308,9 +308,12 @@ sub add_user()
{
my $user=shift;
my ($name, $pass, $uid, $pgid, $quota, $comment, $gcos, $dir, $shell, $expire) = getpwnam($user);
- if (! $uid)
+ if (! $name)
{
- print "Can not find user ($user)\n";
+ print "Cannot find user ($user)\n";
+ return;
+ } elsif ($name == "root") {
+ print "The super-user \"root\" is not allowed to use X2Go\n";
return;
}
$pass=`makepasswd`;
hooks/post-receive
--
x2goserver.git (X2Go Server)
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "x2goserver.git" (X2Go Server).
More information about the x2go-commits
mailing list