The branch, build-main has been updated via 9217c85255f9737bfe37a61b4a8457764e190b37 (commit) from 40b5a345b349598d4da6bb2492a8f29b7a202dc4 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- ----------------------------------------------------------------------- Summary of changes: debian/changelog | 2 ++ sbin/x2gobroker | 18 ++++++++------- x2gobroker/defaults.py | 8 ++++++- x2gobroker/web/extras.py | 57 ++++++++++++++++++++++++++++++++++++++++++++++ x2gobroker/web/html.py | 2 +- x2gobroker/web/json.py | 2 +- x2gobroker/web/plain.py | 2 +- 7 files changed, 79 insertions(+), 12 deletions(-) create mode 100644 x2gobroker/web/extras.py The diff of changes is: diff --git a/debian/changelog b/debian/changelog index be93ac2..80c2bf8 100644 --- a/debian/changelog +++ b/debian/changelog @@ -17,6 +17,8 @@ x2gobroker (0.0.0.2-0~x2go1) UNRELEASED; urgency=low runs as non-privileged user, the authentication service as root). - Add tool: x2gobroker-keygen. Generate pub/priv SSH keypair for the system user x2gobroker. + - To make SSH pubkey deployment easier, serve the broker's public SSH key(s) + under this URL http(s)://<broker_hostname>:<port>/pubkeys/. * /debian/control: + Add bin:package x2gobroker-agent. * /debian/x2gobroker-daemon.init: diff --git a/sbin/x2gobroker b/sbin/x2gobroker index 566b57c..3b847bd 100755 --- a/sbin/x2gobroker +++ b/sbin/x2gobroker @@ -57,10 +57,10 @@ if x2gobroker.defaults.X2GOBROKER_DEBUG and not x2gobroker.defaults.X2GOBROKER_T # check effective UID the broker runs as and complain appropriately... if x2gobroker.defaults.X2GOBROKER_USER != x2gobroker.defaults.X2GOBROKER_DAEMON_USER and os.geteuid() != 0: - logger_broker.warn('X2Go Session Broker has been started interactively by user {username}, better run as user {daemon_username}.'.format(username=X2GOBROKER_USER, daemon_username=X2GOBROKER_DAEMON_USER)) + logger_broker.warn('X2Go Session Broker has been started interactively by user {username}, better run as user {daemon_username}.'.format(username=x2gobroker.defaults.X2GOBROKER_USER, daemon_username=x2gobroker.defaults.X2GOBROKER_DAEMON_USER)) logger_broker.info('Automatically switching to DEBUG mode due to interactive launch of this application.') elif x2gobroker.defaults.X2GOBROKER_DAEMON_USER != 'root' and os.geteuid() == 0: - logger_broker.warn('X2Go Session Broker should not be run as root, better run as user {daemon_username}.'.format(daemon_username=X2GOBROKER_DAEMON_USER)) + logger_broker.warn('X2Go Session Broker should not be run as root, better run as user {daemon_username}.'.format(daemon_username=x2gobroker.defaults.X2GOBROKER_DAEMON_USER)) elif os.geteuid() == 0: logger_broker.warn('X2Go Session Broker should not be run as root, better run as non-privileged user') @@ -100,9 +100,10 @@ if __name__ == "__main__": # import classes serving the different web.py URLs -from x2gobroker.web.plain import * -#from x2gobroker.web.json import * -#from x2gobroker.web.html import * +import x2gobroker.web.plain +#import x2gobroker.web.json +#import x2gobroker.web.html +import x2gobroker.web.extras # switch on https:// mode if x2gobroker.defaults.X2GOBROKER_SSL_CERTFILE and x2gobroker.defaults.X2GOBROKER_SSL_KEYFILE: @@ -110,9 +111,10 @@ if x2gobroker.defaults.X2GOBROKER_SSL_CERTFILE and x2gobroker.defaults.X2GOBROKE CherryPyWSGIServer.ssl_private_key = x2gobroker.defaults.X2GOBROKER_SSL_KEYFILE # define the web.py URLs -urls = ( '/plain/(.*)', 'X2GoBrokerWebPlain', -# '/json/(.*)', 'X2GoBrokerWebJson', -# '/html/(.*)', 'X2GoBrokerWebHtml', +urls = ( '/plain/(.*)', 'x2gobroker.web.plainX2Go.BrokerWeb', +# '/json/(.*)', 'x2gobroker.web.json.X2GoBrokerWeb', +# '/html/(.*)', 'x2gobroker.web.html.X2GoBrokerWeb', + '/pubkeys/', 'x2gobroker.web.extras.X2GoBrokerPubKeyService', ) # run the web.py standalone daemon... diff --git a/x2gobroker/defaults.py b/x2gobroker/defaults.py index 0a99af4..6c377c4 100644 --- a/x2gobroker/defaults.py +++ b/x2gobroker/defaults.py @@ -23,6 +23,7 @@ import os import uuid import getpass +import socket import logging from loggers import logger_broker, logger_access, logger_error, X2GOBROKER_DAEMON_USER @@ -89,11 +90,16 @@ if os.environ.has_key('X2GOBROKER_SSL_KEYFILE'): else: X2GOBROKER_SSL_KEYFILE = "" - ### ### static / hard-coded defaults ### +if socket.gethostname().find('.') >= 0: + X2GOBROKER_HOSTNAME = socket.gethostname() +else: + X2GOBROKER_HOSTNAME = socket.gethostbyaddr(socket.gethostname())[0] + + X2GOBROKER_SESSIONPROFILES = "/etc/x2go/broker/x2gobroker-sessionprofiles.conf" # the home directory of the user that the daemon/cgi runs as diff --git a/x2gobroker/web/extras.py b/x2gobroker/web/extras.py new file mode 100644 index 0000000..728aaec --- /dev/null +++ b/x2gobroker/web/extras.py @@ -0,0 +1,57 @@ +#!/usr/bin/env python + +# This file is part of the X2Go Project - http://www.x2go.org +# Copyright (C) 2011-2012 by Oleksandr Shneyder <oleksandr.shneyder@obviously-nice.de> +# Copyright (C) 2011-2012 by Heinz-Markus Graesing <heinz-m.graesing@obviously-nice.de> +# Copyright (C) 2012 by Mike Gabriel <mike.gabriel@das-netzwerkteam.de> +# +# X2Go Session Broker is free software; you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as published by +# the Free Software Foundation; either version 3 of the License, or +# (at your option) any later version. +# +# X2Go Session Broker is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with this program; if not, write to the +# Free Software Foundation, Inc., +# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA. + +# modules +import os.path +import paramiko +import x2gobroker.defaults + +class X2GoBrokerPubKeyService: + + http_header_items = { + 'Content-Type': 'text/plain; charset=utf-8', + 'Expires': '+1h', + } + + def _gen_http_header(self): + + for http_header_item in self.http_header_items.keys(): + web.header(http_header_item, self.http_header_items[http_header_item]) + + def GET(self): + + output = "" + + broker_home = x2gobroker.defaults.X2GOBROKER_HOME + + if os.path.exists('{home}/.ssh/id_rsa.pub'.format(home=broker_home)): + pubkey = paramiko.RSAKey(filename='{home}/.ssh/id_rsa'.format(home=broker_home)) + output += 'ssh-rsa {pubkey} {user}@{hostname}\n'.format(pubkey=str(pubkey.get_base64()), user=x2gobroker.defaults.X2GOBROKER_DAEMON_USER, hostname=x2gobroker.defaults.X2GOBROKER_HOSTNAME) + + if os.path.exists('{home}/.ssh/id_dsa.pub'.format(home=broker_home)): + pubkey = paramiko.DSSKey(filename='{home}/.ssh/id_dsa'.format(home=broker_home)) + output += 'ssh-dss {pubkey} {user}@{hostname}\n'.format(pubkey=str(pubkey.get_base64()), user=x2gobroker.defaults.X2GOBROKER_DAEMON_USER, hostname=x2gobroker.defaults.X2GOBROKER_HOSTNAME) + + if not output: + return web.notfound() + + return output diff --git a/x2gobroker/web/html.py b/x2gobroker/web/html.py index a85a1ff..1a0b1db 100644 --- a/x2gobroker/web/html.py +++ b/x2gobroker/web/html.py @@ -26,7 +26,7 @@ import web # Python X2Go Broker modules from x2gobroker.defaults import X2GOBROKER_DEFAULT_BACKEND as _X2GOBROKER_DEFAULT_BACKEND -class X2GoBrokerWebHtml: +class X2GoBrokerWeb: http_header_items = { 'Content-Type': 'text/html; charset=utf-8', diff --git a/x2gobroker/web/json.py b/x2gobroker/web/json.py index 04743b5..ef35a0f 100644 --- a/x2gobroker/web/json.py +++ b/x2gobroker/web/json.py @@ -22,7 +22,7 @@ # modules -class X2GoBrokerWebJson: +class X2GoBrokerWeb: # MUSIC OF THE FUTURE pass \ No newline at end of file diff --git a/x2gobroker/web/plain.py b/x2gobroker/web/plain.py index 2e88de9..07c36b2 100644 --- a/x2gobroker/web/plain.py +++ b/x2gobroker/web/plain.py @@ -29,7 +29,7 @@ import x2gobroker.defaults from x2gobroker.loggers import logger_broker, logger_error -class X2GoBrokerWebPlain: +class X2GoBrokerWeb: http_header_items = { 'Content-Type': 'text/plain; charset=utf-8', hooks/post-receive -- x2gobroker.git (HTTP(S) Session broker for X2Go) This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "x2gobroker.git" (HTTP(S) Session broker for X2Go).