This is an automated email from the git hooks/post-receive script. x2go pushed a change to branch master in repository x2goserver. from 0a10ed5 Trigger Xsession code for SUSE systems (look for /etc/SUSE-brand or /etc/SuSE-release for SUSE system recognition). (Fixes: #671). new 1a9983e Fix cross-user X2Go Desktop Sharing after being broken by implementing clipboard mode feature (and probably other code changes). The 1 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "adds" were already present in the repository and have only been added to this reference. Summary of changes: X2Go/Server/Agent.pm | 6 +++- X2Go/Server/Agent/NX.pm | 34 +++++++++++++-------- X2Go/Server/DB/SQLite3.pm | 8 ++--- X2Go/Utils.pm | 5 +-- debian/changelog | 2 ++ x2goserver/bin/x2golistdesktops | 18 ++++++----- x2goserver/bin/x2golistshadowsessions | 4 ++- x2goserver/bin/x2gostartagent | 52 +++++++++++++++++++++++--------- x2goserver/lib/x2gochangestatus | 2 +- x2goserver/lib/x2gocreatesession | 2 +- x2goserver/lib/x2gocreateshadowsession | 4 +-- 11 files changed, 90 insertions(+), 47 deletions(-) -- Alioth's /srv/git/_hooks_/post-receive-email on /srv/git/code.x2go.org/x2goserver.git
This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch master in repository x2goserver. commit 1a9983eada2994337304832610d838f99e7b3f4e Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Sun Nov 16 01:27:44 2014 +0100 Fix cross-user X2Go Desktop Sharing after being broken by implementing clipboard mode feature (and probably other code changes). --- X2Go/Server/Agent.pm | 6 +++- X2Go/Server/Agent/NX.pm | 34 +++++++++++++-------- X2Go/Server/DB/SQLite3.pm | 8 ++--- X2Go/Utils.pm | 5 +-- debian/changelog | 2 ++ x2goserver/bin/x2golistdesktops | 18 ++++++----- x2goserver/bin/x2golistshadowsessions | 4 ++- x2goserver/bin/x2gostartagent | 52 +++++++++++++++++++++++--------- x2goserver/lib/x2gochangestatus | 2 +- x2goserver/lib/x2gocreatesession | 2 +- x2goserver/lib/x2gocreateshadowsession | 4 +-- 11 files changed, 90 insertions(+), 47 deletions(-) diff --git a/X2Go/Server/Agent.pm b/X2Go/Server/Agent.pm index 5a71ca8..c232d30 100644 --- a/X2Go/Server/Agent.pm +++ b/X2Go/Server/Agent.pm @@ -42,7 +42,7 @@ load_module $agent_module; use base 'Exporter'; -our @EXPORT=( 'session_has_terminated', 'session_is_running', 'session_is_suspended' , 'has_agent_state_file', 'get_agent_state' ); +our @EXPORT=( 'session_has_terminated', 'session_is_running', 'session_is_suspended' , 'get_agent_state_file', 'has_agent_state_file', 'get_agent_state' ); @@ -60,6 +60,10 @@ sub session_is_suspended { return $agent_module->session_is_suspended(@_); } +sub get_agent_state_file { + return $agent_module->get_agent_state_file(@_); +} + sub has_agent_state_file { return $agent_module->has_agent_state_file(@_); } diff --git a/X2Go/Server/Agent/NX.pm b/X2Go/Server/Agent/NX.pm index 3e2ada6..831b1dd 100644 --- a/X2Go/Server/Agent/NX.pm +++ b/X2Go/Server/Agent/NX.pm @@ -71,17 +71,32 @@ sub session_is_running return 0; } -sub has_agent_state_file +sub get_agent_state_file { my $sess=@_[1]; - my $user=@_[2]; + my $user; + + if ( $sess =~ m/.*-[0-9]{2,}-[0-9]{10,}_stS(0|1)XSHAD.*XSHADPP.*/ ) { + my $shadow_user = $sess; + $shadow_user =~ s/.*XSHAD(.*)XSHADPP.*/$1/; + $user = $shadow_user; + } else { + $user=@_[2]; + } + my $stateFile; if ( -d "/tmp-inst/${user}/.x2go-${user}" ) { $stateFile="/tmp-inst/${user}/.x2go-".$user."/C-".$sess."/state"; } else { $stateFile = "/tmp/.x2go-".$user."/C-".$sess."/state"; } - if ( -e $stateFile ) + return $stateFile; +} + +sub has_agent_state_file +{ + my $stateFile = get_agent_state_file(@_); + if ( -e "$stateFile" ) { return 1; } @@ -90,18 +105,11 @@ sub has_agent_state_file sub get_agent_state { - my $sess=@_[1]; - my $user=@_[2]; my $state; - my $stateFile; - if ( -d "/tmp-inst/${user}/.x2go-${user}" ) { - $stateFile="/tmp-inst/${user}/.x2go-".$user."/C-".$sess."/state"; - } else { - $stateFile = "/tmp/.x2go-".$user."/C-".$sess."/state"; - } - if (! -e $stateFile ) + my $stateFile = get_agent_state_file(@_); + if (! -e "$stateFile" ) { - syslog('warning', "$sess: state file for this session does not exists: $stateFile (this can be ignored during session startups)"); + syslog('warning', "@_[1]: state file for this session does not exist: $stateFile (this can be ignored during session startups)"); $state="UNKNOWN"; } else diff --git a/X2Go/Server/DB/SQLite3.pm b/X2Go/Server/DB/SQLite3.pm index b1441da..d693809 100644 --- a/X2Go/Server/DB/SQLite3.pm +++ b/X2Go/Server/DB/SQLite3.pm @@ -297,11 +297,9 @@ sub db_createshadowsession my $fs_port=shift or die"argument \"fs_port\" missed"; $fs_port = sanitizer('num', $fs_port) or die "argument \"fs_port\" malformed"; my $shadreq_user = shift or die "argument \"shadreq_user\" missed"; - my $fake_sid = $sid; - $fake_sid =~ s/^$shadreq_user-/$realuser-/; - check_user($fake_sid); + check_user($sid); my $sth=$dbh->prepare("update sessions set status='R',last_time=datetime('now','localtime'),cookie=?,agent_pid=?, - client=?,gr_port=?,sound_port=?,fs_port=? where session_id=? and uname=?"); + client=?,gr_port=?,sound_port=?,fs_port=?,tekictrl_port=-1,tekidata_port=-1 where session_id=? and uname=?"); $sth->execute($cookie, $pid, $client, $gr_port, $snd_port, $fs_port, $sid, $shadreq_user); if ($sth->err()) { @@ -658,7 +656,7 @@ sub check_user # session id looks like someuser-51-1304005895_stDgnome-session_dp24 # during DB insertsession it only looks like someuser-51-1304005895 my $user = "$sid"; - $user =~ s/$realuser-[0-9]{2,}-[0-9]{10,}.*/$realuser/; + $user =~ s/($realuser-[0-9]{2,}-[0-9]{10,}_st(D|R).*|.*-[0-9]{2,}-[0-9]{10,}_stS(0|1)XSHAD$realuser.*)/$realuser/; $user eq $realuser or die "$realuser is not authorized"; } diff --git a/X2Go/Utils.pm b/X2Go/Utils.pm index 61b77d3..85ee445 100644 --- a/X2Go/Utils.pm +++ b/X2Go/Utils.pm @@ -132,7 +132,7 @@ sub sanitizer { $string =~ s/[^a-zA-Z0-9\_\-\$\.\@]//g; if ($string =~ /^([a-zA-Z0-9\_\-\$\.\@]*)$/) { $string = $1; - if ($string =~ /^([a-zA-Z\_][a-zA-Z0-9\_\-\.\@]{0,31}[\$]?)\-([\d]{2,4})\-([\d]{9,12})\_[a-zA-Z0-9\_\-]*\_dp[\d]{1,2}$/) { + if ($string =~ /^([a-zA-Z\_][a-zA-Z0-9\_\-\.\@]{0,31}[\$]?)\-([\d]{2,4})\-([\d]{9,12})\_[a-zA-Z0-9\_\-\.]*\_dp[\d]{1,2}$/) { if ((length($1) > 0) and (length($1) < 32)){ return $string; } else {return 0;} @@ -159,7 +159,8 @@ sub system_capture_stdout_output { my $cmd = shift; my @args = @_; syslog("debug", "executing external command ,,$cmd'' with args: ".join(",", @args)); - return capture_stdout { system( $cmd, @args ); }; + my ($stdout, $stderr, @result) = capture { system( $cmd, @args ); }; + return $stdout; } diff --git a/debian/changelog b/debian/changelog index 6c1b987..a76dc00 100644 --- a/debian/changelog +++ b/debian/changelog @@ -182,6 +182,8 @@ x2goserver (4.0.1.19-0x2go1) UNRELEASED; urgency=medium - Make SSH agent forwarding work after having reconnected via SSH and having resumed a session. (Fixes: #672). Thanks to Robert Siemer for coming up with that idea. + - Fix cross-user X2Go Desktop Sharing after being broken by implementing + clipboard mode feature (and probably other code changes). * debian/control: + Add D (x2goserver): libfile-which-perl. * debian/x2goserver.docs: diff --git a/x2goserver/bin/x2golistdesktops b/x2goserver/bin/x2golistdesktops index 058ede8..451eac1 100755 --- a/x2goserver/bin/x2golistdesktops +++ b/x2goserver/bin/x2golistdesktops @@ -86,20 +86,24 @@ for(my $i=0;$i<@outp;$i++) } } -my $outp=`ls -1 /tmp/ | grep x2godesktopsharing_`; +my $outp=`ls -1 /tmp/ | grep x2godesktopsharing_\@*\@:*`; @outp=split("\n","$outp"); for(my $i=0;$i<@outp;$i++) { - my @ln=split("\@",@outp[$i]); - if ( @ln[1] ne $uname ) - { - push (@displays, "@ln[1]\@@ln[2]\n"); + if (( -r "/tmp/@outp[$i]" ) and ( -w "/tmp/@outp[$i]" )) { + my @ln=split("\@",@outp[$i]); + if ( @ln[1] ne $uname ) + { + push (@displays, "@ln[1]\@@ln[2]"); + } } } -if (@displays) { - print "@displays\n"; +for(my $i=0;$i<@displays;$i++) { + if ( @displays[$i] ) { + print "@displays[$i]\n"; + } } # closing syslog closelog; diff --git a/x2goserver/bin/x2golistshadowsessions b/x2goserver/bin/x2golistshadowsessions index aad9c63..ac8cfaf 100755 --- a/x2goserver/bin/x2golistshadowsessions +++ b/x2goserver/bin/x2golistshadowsessions @@ -68,7 +68,9 @@ for (my $i=0;$i<@outp;$i++) { if (@sinfo[4]eq 'R') { - if(session_is_suspended(@sinfo[1], @sinfo[11])) + my $shadow_user = @sinfo[1]; + $shadow_user =~ s/.*XSHAD(.*)XSHADPP.*/$1/; + if(session_is_suspended(@sinfo[1], $shadow_user)) { db_changestatus( 'S', @sinfo[1] ); @outp[$i] =~ s/\|R\|/\|S\|/; diff --git a/x2goserver/bin/x2gostartagent b/x2goserver/bin/x2gostartagent index cf2c373..86f08d6 100755 --- a/x2goserver/bin/x2gostartagent +++ b/x2goserver/bin/x2gostartagent @@ -34,9 +34,6 @@ if egrep "^backend[ ]*=[ ]*postgres" /etc/x2go/x2gosql/sql 1>/dev/null 2>/dev/nu elif [ -z "$USER" ]; then echo "The \$USER environment variable is not set. Aborting session startup." exit -2 -elif [ -z "$SSH_CLIENT" ]; then - echo "The \$SSH_CLIENT environment variable is not set. Aborting session startup." - exit -3 elif [ -z "$HOME" ]; then echo "The \$HOME environment variable is not set. Aborting session startup." exit -4 @@ -62,7 +59,11 @@ fi REMOTE=localhost -X2GO_CLIENT=`echo $SSH_CLIENT | awk '{print $1}'` +if [ -z "$X2GO_CLIENT" ] && [ -n "$SSH_CLIENT" ]; then + X2GO_CLIENT=`echo $SSH_CLIENT | awk '{print $1}'` +elif [ -z "$X2GO_CLIENT" ] && [ -n "$SSH_CONNECTION" ]; then + X2GO_CLIENT=`echo $SSH_CONNECTION | awk '{print $1}'` +fi $X2GO_LIB_PATH/x2gosyslog "$0" "debug" "client announced itself as ,,$X2GO_CLIENT''" X2GO_GEOMETRY="$1"; shift @@ -74,10 +75,11 @@ X2GO_KBD_TYPE="$1"; shift X2GO_SET_KBD="$1"; shift X2GO_STYPE="$1"; shift X2GO_CMD="$1"; shift -X2GO_CLIPBOARD="$1"; shift X2GO_RESIZE=1 X2GO_FULLSCREEN=0 +X2GO_CLIPBOARD="" + XAUTHORITY=${XAUTHORITY:-"$HOME/.Xauthority"} @@ -87,16 +89,16 @@ if [ "$X2GO_STYPE" == "S" ]; then SHADOW_USER=`echo $X2GO_CMD |awk '{split($0,a,"XSHAD"); print a[2]}'` SHADOW_DESKTOP=`echo $X2GO_CMD |awk '{split($0,a,"XSHAD"); print a[3]}'` - test -z $1 && { + if [ -z "$1" ]; then # can this line be removed? #echo "suser $SHADOW_USER user $USER " >> /tmp/uagent $X2GO_LIB_PATH/x2gosyslog "$0" "debug" "shadow session requested: mode $SHADOW_MODE, user: $SHADOW_USER, desktop: $SHADOW_DESKTOP" - } || { + else SHADREQ_USER="$1"; shift $X2GO_LIB_PATH/x2gosyslog "$0" "debug" "preparing shadow session request for user $SHADREQ_USER, agent starts for user ${USER}" - } + fi if [ "$SHADOW_USER" != "$USER" ]; then @@ -107,8 +109,12 @@ if [ "$X2GO_STYPE" == "S" ]; then $X2GO_LIB_PATH/x2gosyslog "$0" "debug" "command result is: $OUTPUT" if [ "${OUTPUT:0:4}" == "DENY" ]; then echo "ACCESS DENIED" 1>&2 + DENIAL_REASON="${OUTPUT:5}" + if [ -z "$DENIAL_REASON" ]; then + DENIAL_REASON="the user ,,$SHADOW_USER'' does not seem to have desktop sharing activated" + fi $X2GO_LIB_PATH/x2gosyslog "$0" "err" "ERROR: user $SHADOW_USER denied desktop sharing session" - $X2GO_LIB_PATH/x2gosyslog "$0" "err" "ERROR: reason: for desktop sharing denial ${OUTPUT:5}" + $X2GO_LIB_PATH/x2gosyslog "$0" "err" "ERROR: reason for desktop sharing denial: ${DENIAL_REASON}" exit -1 fi X2GO_COOKIE=`echo $OUTPUT | awk '{print $2}'` @@ -127,6 +133,15 @@ if [ "$X2GO_STYPE" == "S" ]; then echo $OUTPUT | awk '{print $7}' exit 0 fi +else + + # only check the SSH_CLIENT variable for non-shadow sessions + if [ -z "$SSH_CLIENT" ]; then + echo "The \$SSH_CLIENT environment variable is not set. Aborting session startup." + exit -3 + fi + + X2GO_CLIPBOARD="$1"; shift fi LIMIT=`x2gosessionlimit` @@ -202,7 +217,7 @@ while [ "$OUTPUT" != "inserted" ]; do fi done -if [ "x$X2GO_TELEKINESIS_ENABLED" == "x0" ] || ! type -p telekinesis-server 1>/dev/null; then +if [ "x$X2GO_TELEKINESIS_ENABLED" == "x0" ] || [ "x$X2GO_STYPE" = "xS" ] || ! type -p telekinesis-server 1>/dev/null; then TEKICTRL_PORT="-1" TEKIDATA_PORT="-1" X2GO_TELEKINESIS_ENABLED="0" @@ -273,7 +288,7 @@ if [ ! -d "$X2GO_TMP_ROOT" ]; then fi SESSION_DIR="${X2GO_TMP_ROOT}/C-${SESSION_NAME}" -if [ "x$X2GO_TELEKINESIS_ENABLED" != "x0" ]; then +if [ "x$X2GO_TELEKINESIS_ENABLED" != "x0" ] && [ "x$X2GO_STYPE" != "xS" ]; then mkdir -p "${SESSION_DIR}/telekinesis/remote/" fi @@ -282,11 +297,18 @@ STATE_FILE="${SESSION_DIR}/state" # do not use $TMP or $TEMP here, the session.log file location has to be accessible by root SESSION_LOG="${SESSION_DIR}/session.log" mkdir -p "${SESSION_DIR}" -chmod -f 0700 "${SESSION_DIR}" +if [ "x$X2GO_STYPE" = "xS" ]; then + chmod -f 0710 "${SESSION_DIR}" + if groups "$USER" | grep x2godesktopsharing 1>/dev/null 2>/dev/null; then + $X2GO_LIB_PATH/x2gosyslog "$0" "info" "user ,,$USER'' grants access to ${SESSION_DIR} for group ,,x2godesktopsharing''" + chown :x2godesktopsharing "${SESSION_DIR}" + fi +else + chmod -f 0700 "${SESSION_DIR}" +fi touch "${SESSION_LOG}" chmod -f 0600 "${SESSION_LOG}" - if [ ! -d "$X2GO_ROOT/ssh" ]; then mkdir "$X2GO_ROOT/ssh" fi @@ -372,8 +394,10 @@ X2GO_AGENT_RETVAL=$? X2GO_SND_PORT=1024 if [ -n "$SHADREQ_USER" ]; then - $X2GO_LIB_PATH/x2gocreateshadowsession "$SESSION_NAME" "$X2GO_COOKIE" "$X2GO_AGENT_PID" "$X2GO_CLIENT" "$GR_PORT" "$SOUND_PORT" "$FS_PORT""$SHADREQ_USER" > /dev/null + $X2GO_LIB_PATH/x2gosyslog "$0" "info" "creating new shadow session: $SESSION_NAME $X2GO_COOKIE $X2GO_AGENT_PID $X2GO_CLIENT $GR_PORT $SOUND_PORT $FS_PORT $SHADREQ_USER" + $X2GO_LIB_PATH/x2gocreateshadowsession "$SESSION_NAME" "$X2GO_COOKIE" "$X2GO_AGENT_PID" "$X2GO_CLIENT" "$GR_PORT" "$SOUND_PORT" "$FS_PORT" "$SHADREQ_USER" > /dev/null else + $X2GO_LIB_PATH/x2gosyslog "$0" "info" "creating new session: $SESSION_NAME $X2GO_COOKIE $X2GO_AGENT_PID $X2GO_CLIENT $GR_PORT $SOUND_PORT $FS_PORT $TEKICTRL_PORT $TEKIDATA_PORT" $X2GO_LIB_PATH/x2gocreatesession "$SESSION_NAME" "$X2GO_COOKIE" "$X2GO_AGENT_PID" "$X2GO_CLIENT" "$GR_PORT" "$SOUND_PORT" "$FS_PORT" "$TEKICTRL_PORT" "$TEKIDATA_PORT" > /dev/null fi diff --git a/x2goserver/lib/x2gochangestatus b/x2goserver/lib/x2gochangestatus index 3e9d992..60ac418 100755 --- a/x2goserver/lib/x2gochangestatus +++ b/x2goserver/lib/x2gochangestatus @@ -36,4 +36,4 @@ my $sid=shift or die; db_changestatus($status, $sid); # closing syslog -closelog; \ No newline at end of file +closelog; diff --git a/x2goserver/lib/x2gocreatesession b/x2goserver/lib/x2gocreatesession index 3495e90..5864175 100755 --- a/x2goserver/lib/x2gocreatesession +++ b/x2goserver/lib/x2gocreatesession @@ -43,4 +43,4 @@ my $tekidata_port=shift or die; db_createsession($sid, $cookie, $pid, $client, $gr_port, $snd_port, $fs_port, $tekictrl_port, $tekidata_port); # closing syslog -closelog; \ No newline at end of file +closelog; diff --git a/x2goserver/lib/x2gocreateshadowsession b/x2goserver/lib/x2gocreateshadowsession index 39c7184..07c26d6 100755 --- a/x2goserver/lib/x2gocreateshadowsession +++ b/x2goserver/lib/x2gocreateshadowsession @@ -30,16 +30,16 @@ openlog($0,'cons,pid','user'); setlogmask( LOG_UPTO(loglevel()) ); +my $sid=shift or die; my $cookie=shift or die; my $pid=shift or die; my $client=shift or die; my $gr_port=shift or die; my $snd_port=shift or die; my $fs_port=shift or die; -my $sid=shift or die; my $shadreq_user=shift or die; db_createshadowsession($sid, $cookie, $pid, $client, $gr_port, $snd_port, $fs_port, $shadreq_user); # closing syslog -closelog; \ No newline at end of file +closelog; -- Alioth's /srv/git/_hooks_/post-receive-email on /srv/git/code.x2go.org/x2goserver.git