[X2go-Dev] x2goserver package with setuidwrapper
Mike Gabriel
mike.gabriel at das-netzwerkteam.de
Mon Jul 18 23:56:35 CEST 2011
Hi Morty, Reinhard et al.
On Mo 18 Jul 2011 19:08:50 CEST Moritz Struebe wrote:
> Hi there.
>
> On 2011-07-18 17:12, Moritz Struebe wrote:
>> Should be possible using the group-S-bit -> keep the user, but make the
>> database writeable to the x2gouser-group.
>
> I just had a chat with Arw, and this is the way to go.
A first implementation of the setgid version of x2gosqlitewrapper is
now in Git. After a package upgrade your installation should look like
this (uidNumber and gidNumber < 1000, but arbitrary):
sunweaver:~# getent passwd x2gouser
x2gouser:x:999:143::/var/db/x2go:/bin/false
sunweaver:~# getent group x2gouser
x2gouser:x:143:
sunweaver:~# ls -al /usr/bin/x2gosqlitewrapper
/usr/lib/x2go/x2gosqlitewrapper.pl /var/db/x2go/
-rwxr-sr-x 1 root x2gouser 3084 18. Jul 23:40 /usr/bin/x2gosqlitewrapper
-rwxr-xr-x 1 root root 10096 18. Jul 23:38
/usr/lib/x2go/x2gosqlitewrapper.pl
/var/db/x2go/:
insgesamt 24
drwxrwx--- 2 root x2gouser 4096 15. Jul 22:46 .
drwxr-xr-x 4 root root 4096 23. Jun 2010 ..
-rw-rw---- 1 root x2gouser 13312 15. Jul 22:46 x2go_sessions
Manual Ubuntu package build has been kicked off already. Debian
packages for Heuler have also already been built.
Greets,
Mike
--
DAS-NETZWERKTEAM
mike gabriel, dorfstr. 27, 24245 barmissen
fon: +49 (4302) 281418, fax: +49 (4302) 281419
GnuPG Key ID 0xB588399B
mail: mike.gabriel at das-netzwerkteam.de, http://das-netzwerkteam.de
freeBusy:
https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 490 bytes
Desc: Digitale PGP-Unterschrift
URL: <http://lists.x2go.org/pipermail/x2go-dev/attachments/20110718/660a7d36/attachment.pgp>
More information about the x2go-dev
mailing list