This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch master in repository x2goserver. commit 9e467c514205c38a4157a919df5221f9d1666031 Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Sat Nov 1 16:49:06 2014 +0100 Make sure that all "su"-to-user-contexts use /bin/sh for wrapping around the executed command (in x2gocleansessions and x2golistsessions_root) --- debian/changelog | 2 ++ x2goserver/sbin/x2gocleansessions | 24 ++++++++++++------------ x2goserver/sbin/x2golistsessions_root | 2 +- 3 files changed, 15 insertions(+), 13 deletions(-) diff --git a/debian/changelog b/debian/changelog index 3331693..af11c7f 100644 --- a/debian/changelog +++ b/debian/changelog @@ -171,6 +171,8 @@ x2goserver (4.0.1.19-0x2go1) UNRELEASED; urgency=medium - Move X2Go Desktop Sharing options around. Make sure all desktop sharing relevant options are provided at the beginning when evoking the "x2godesktopsharing client" command. + - Make sure that all "su"-to-user-contexts use /bin/sh for wrapping around + the executed command (in x2gocleansessions and x2golistsessions_root) * debian/control: + Add D (x2goserver): libfile-which-perl. * x2goserver.spec: diff --git a/x2goserver/sbin/x2gocleansessions b/x2goserver/sbin/x2gocleansessions index 1ee636d..d785daf 100755 --- a/x2goserver/sbin/x2gocleansessions +++ b/x2goserver/sbin/x2gocleansessions @@ -177,13 +177,13 @@ elsif ($pid == 0 ) unlink("/tmp/.X$display-lock"); } syslog('debug', "@sinfo[1]: unmounting all shares"); - system( "su", "@sinfo[11]", "-c", "export HOSTNAME && x2goumount-session @sinfo[1]"); + system( "su", "@sinfo[11]", "-s", "/bin/sh", "-c", "export HOSTNAME && x2goumount-session @sinfo[1]"); #remove port forwarding - system("su", "@sinfo[11]", "-c", "$x2go_lib_path/x2gormforward @sinfo[1]"); + system("su", "@sinfo[11]", "-s", "/bin/sh", "-c", "$x2go_lib_path/x2gormforward @sinfo[1]"); } elsif (! check_pid (@sinfo[0],@sinfo[1],@sinfo[12])) { - system("su", "@sinfo[11]", "-c", "$x2go_lib_path/x2gochangestatus 'F' @sinfo[1]"); + system("su", "@sinfo[11]", "-s", "/bin/sh", "-c", "$x2go_lib_path/x2gochangestatus 'F' @sinfo[1]"); my $display = @sinfo[2]; if (-S "/tmp/.X11-unix/X$display") { # remove the NX-X11 socket file (we don't know how the agent disappeared, @@ -198,7 +198,7 @@ elsif ($pid == 0 ) unlink("/tmp/.X$display-lock"); } syslog('debug', "@sinfo[1], pid @sinfo[0] does not exist, changing status from @sinfo[4] to F"); syslog('debug', "@sinfo[1]: unmounting all shares"); - system("su", "@sinfo[11]", "-c", "export HOSTNAME && x2goumount-session @sinfo[1]"); + system("su", "@sinfo[11]", "-s", "/bin/sh", "-c", "export HOSTNAME && x2goumount-session @sinfo[1]"); } else { @@ -206,12 +206,12 @@ elsif ($pid == 0 ) { if (session_is_suspended(@sinfo[1],@sinfo[11])) { - system("su", "@sinfo[11]", "-c", "$x2go_lib_path/x2gochangestatus S @sinfo[1]"); + system("su", "@sinfo[11]", "-s", "/bin/sh", "-c", "$x2go_lib_path/x2gochangestatus S @sinfo[1]"); syslog('debug', "@sinfo[1] is suspended, changing status from @sinfo[4] to S"); syslog('debug', "@sinfo[1]: unmounting all shares"); - system("su", "@sinfo[11]", "-c", "export HOSTNAME && x2goumount-session @sinfo[1]"); + system("su", "@sinfo[11]", "-s", "/bin/sh", "-c", "export HOSTNAME && x2goumount-session @sinfo[1]"); #remove port forwarding - system("su", "@sinfo[11]", "-c", "$x2go_lib_path/x2gormforward @sinfo[1]"); + system("su", "@sinfo[11]", "-s", "/bin/sh", "-c", "$x2go_lib_path/x2gormforward @sinfo[1]"); } } if (@sinfo[4] eq 'S') @@ -219,8 +219,8 @@ elsif ($pid == 0 ) if (session_is_running(@sinfo[1],@sinfo[11])) { syslog('debug', "@sinfo[1]: unmounting all shares"); - system("su", "@sinfo[11]", "-c", "export HOSTNAME && x2goumount-session @sinfo[1]"); - system("su", "@sinfo[11]", "-c", "x2gosuspend-session @sinfo[1]"); + system("su", "@sinfo[11]", "-s", "/bin/sh", "-c", "export HOSTNAME && x2goumount-session @sinfo[1]"); + system("su", "@sinfo[11]", "-s", "/bin/sh", "-c", "x2gosuspend-session @sinfo[1]"); syslog('debug', "@sinfo[1] was found running and has now been suspended"); } } @@ -229,11 +229,11 @@ elsif ($pid == 0 ) if (!session_has_terminated(@sinfo[1],@sinfo[11])) { syslog('debug', "@sinfo[1]: unmounting all shares"); - system("su", "@sinfo[11]", "-c", "export HOSTNAME && x2goumount-session @sinfo[1]"); - system("su", "@sinfo[11]", "-c", "x2goterminate-session @sinfo[1]"); + system("su", "@sinfo[11]", "-s", "/bin/sh", "-c", "export HOSTNAME && x2goumount-session @sinfo[1]"); + system("su", "@sinfo[11]", "-s", "/bin/sh", "-c", "x2goterminate-session @sinfo[1]"); syslog('debug', "@sinfo[1] has been requested for termination via the session DB"); #remove port forwarding - system("su", "@sinfo[11]", "-c", "$x2go_lib_path/x2gormforward @sinfo[1]"); + system("su", "@sinfo[11]", "-s", "/bin/sh", "-c", "$x2go_lib_path/x2gormforward @sinfo[1]"); } } } diff --git a/x2goserver/sbin/x2golistsessions_root b/x2goserver/sbin/x2golistsessions_root index 499ebc5..4ec1667 100755 --- a/x2goserver/sbin/x2golistsessions_root +++ b/x2goserver/sbin/x2golistsessions_root @@ -56,7 +56,7 @@ for (my $i=0;$i<@outp;$i++) { if (session_is_suspended(@sinfo[1],@sinfo[11])) { - system("su", "-", "@sinfo[11]", "-c", "$x2go_lib_path/x2gochangestatus 'S' @sinfo[1] > /dev/null"); + system("su", "@sinfo[11]", "-s", "/bin/sh", "-c", "$x2go_lib_path/x2gochangestatus 'S' @sinfo[1] > /dev/null"); @outp[$i] =~ s/\|R\|/\|S\|/; } } -- Alioth's /srv/git/_hooks_/post-receive-email on /srv/git/code.x2go.org/x2goserver.git