[X2go-Dev] x2goserver package with setuidwrapper

Moritz Struebe Moritz.Struebe at informatik.uni-erlangen.de
Tue Jul 19 12:57:57 CEST 2011


Hi Mike

On 2011-07-18 23:56, Mike Gabriel wrote:
> Hi Morty, Reinhard et al.
>
> On Mo 18 Jul 2011 19:08:50 CEST Moritz Struebe wrote:
>
>> Hi there.
>>
>> On 2011-07-18 17:12, Moritz Struebe wrote:
>>> Should be possible using the group-S-bit -> keep the user, but make the
>>> database writeable to the x2gouser-group.
>>
>> I just had a chat with Arw, and this is the way to go.
>
> A first implementation of the setgid version of x2gosqlitewrapper is
> now in Git. After a package upgrade your installation should look like
> this (uidNumber and gidNumber < 1000, but arbitrary):
>

It might be helpful if you branch first, and clean up before applying
patches to master. There are quite a few "fix again"-commits that are
rather confusing and makes reviewing rather complicated. I now just
diffed against the version from Jul 14. Here are some comments:

x2goserver/lib/x2gosqlitewrapper.pl: I don't like the reuse of variable
names. But this is religion.

x2goserver/sbin/x2godbadmin: What is the user context this is run in.
Don't we have to do a chgroup, rather then chwon??

debian/x2goserver.postinst(22+): Is running those commands "|| true" ok?
Shouldn't they fail if they fail?

debian/x2goserver.postinst(53): This can probably be "chmod 0750
/var/db/x2go" - But we can leave it, I think.

debian/x2goserver.postinst: I don't totally understand the
dpkg-statoverride-stuff. But maybe someone else can have a look.

Cheers
Morty




-- 
Dipl.-Ing. Moritz 'Morty' Struebe (Wissenschaftlicher Mitarbeiter)
Lehrstuhl für Informatik 4 (Verteilte Systeme und Betriebssysteme)
Friedrich-Alexander-Universität Erlangen-Nürnberg
Martensstr. 1
91058 Erlangen

Tel   : +49 9131 85-25419
Fax   : +49 9131 85-28732
eMail : struebe at informatik.uni-erlangen.de
WWW   : http://www4.informatik.uni-erlangen.de/~morty




-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4482 bytes
Desc: S/MIME Kryptografische Unterschrift
URL: <http://lists.x2go.org/pipermail/x2go-dev/attachments/20110719/f09e9b0d/attachment.bin>


More information about the x2go-dev mailing list