The branch, master has been updated via 9941f2253b2d8ed656e0728dca5620c0e76f33ac (commit) from d8ca64f4160f1cac03cd4c8f58808aa383bc023d (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 9941f2253b2d8ed656e0728dca5620c0e76f33ac Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Mon Dec 30 02:08:21 2013 +0100 Security audit of complete code tree, avoid one-argument system calls where possible, avoid backticks, use more quotes in shell scripts. ----------------------------------------------------------------------- Summary of changes: X2Go/Server/DB.pm | 61 ++++++++++++++++++--------------- X2Go/Server/DB/PostgreSQL.pm | 2 +- debian/changelog | 2 ++ x2goserver/bin/x2gocmdexitmessage | 8 ++--- x2goserver/bin/x2gofeature | 8 ++--- x2goserver/bin/x2gofeaturelist | 6 ++-- x2goserver/bin/x2gogetservers | 2 +- x2goserver/bin/x2golistdesktops | 9 +++-- x2goserver/bin/x2golistsessions | 2 +- x2goserver/bin/x2golistshadowsessions | 4 +-- x2goserver/bin/x2gomountdirs | 22 ++++++------ x2goserver/bin/x2gopath | 13 ++++--- x2goserver/bin/x2goresume-session | 20 +++++------ x2goserver/bin/x2goruncommand | 42 +++++++++++------------ x2goserver/bin/x2gosessionlimit | 3 +- x2goserver/bin/x2goumount-session | 15 ++++---- x2goserver/bin/x2goversion | 1 - x2goserver/sbin/x2gocleansessions | 5 +-- x2goserver/sbin/x2golistsessions_root | 2 +- 19 files changed, 120 insertions(+), 107 deletions(-) The diff of changes is: diff --git a/X2Go/Server/DB.pm b/X2Go/Server/DB.pm index 2ce7a02..bf00fb1 100644 --- a/X2Go/Server/DB.pm +++ b/X2Go/Server/DB.pm @@ -38,13 +38,14 @@ use Sys::Syslog qw( :standard :macros ); use X2Go::Config qw( get_sqlconfig ); use X2Go::Log qw( loglevel ); use X2Go::Server::DB::PostgreSQL; - +use X2Go::Utils qw( system_capture_merged_output system_capture_stdout_output ); setlogmask( LOG_UPTO(loglevel()) ); + my ($uname, $pass, $uid, $pgid, $quota, $comment, $gcos, $homedir, $shell, $expire) = getpwuid(getuid()); my $Config = get_sqlconfig(); -my $x2go_lib_path=`x2gopath libexec`; +my $x2go_lib_path=system_capture_stdout_output("x2gopath", "libexec"); my $backend=$Config->param("backend"); @@ -77,7 +78,7 @@ sub dbsys_rmsessionsroot } if($backend eq 'sqlite') { - `$x2go_lib_path/libx2go-server-db-sqlite3-wrapper rmsessionsroot $sid`; + system_capture_merged_output("$x2go_lib_path/libx2go-server-db-sqlite3-wrapper", "rmsessionsroot", "$sid"); } } @@ -90,7 +91,7 @@ sub dbsys_deletemounts } if ($backend eq 'sqlite') { - `$x2go_lib_path/libx2go-server-db-sqlite3-wrapper deletemounts $sid`; + system_capture_merged_output("$x2go_lib_path/libx2go-server-db-sqlite3-wrapper", "deletemounts", "$sid"); } syslog('debug', "dbsys_deletemounts called, session ID: $sid"); } @@ -104,7 +105,7 @@ sub dbsys_listsessionsroot } if($backend eq 'sqlite') { - return split("\n",`$x2go_lib_path/libx2go-server-db-sqlite3-wrapper listsessionsroot $server`); + return split("\n",system_capture_merged_output("$x2go_lib_path/libx2go-server-db-sqlite3-wrapper", "listsessionsroot", "$server")); } } @@ -116,7 +117,7 @@ sub dbsys_listsessionsroot_all } if ($backend eq 'sqlite') { - return split("\n",`$x2go_lib_path/libx2go-server-db-sqlite3-wrapper listsessionsroot_all`); + return split("\n",system_capture_merged_output("$x2go_lib_path/libx2go-server-db-sqlite3-wrapper", "listsessionsroot_all")); } } @@ -130,7 +131,7 @@ sub dbsys_getmounts } if ($backend eq 'sqlite') { - @mounts = split("\n",`$x2go_lib_path/libx2go-server-db-sqlite3-wrapper getmounts $sid`); + @mounts = split("\n",system_capture_merged_output("$x2go_lib_path/libx2go-server-db-sqlite3-wrapper", "getmounts", "$sid")); } my $log_retval = join(" ", @mounts); syslog('debug', "dbsys_getmounts called, session ID: $sid; return value: $log_retval"); @@ -147,7 +148,7 @@ sub db_getmounts } if ($backend eq 'sqlite') { - @mounts = split("\n",`$x2go_lib_path/libx2go-server-db-sqlite3-wrapper getmounts $sid`); + @mounts = split("\n",system_capture_merged_output("$x2go_lib_path/libx2go-server-db-sqlite3-wrapper", "getmounts", "$sid")); } my $log_retval = join(" ", @mounts); syslog('debug', "db_getmounts called, session ID: $sid; return value: $log_retval"); @@ -164,7 +165,7 @@ sub db_deletemount } if ($backend eq 'sqlite') { - `$x2go_lib_path/libx2go-server-db-sqlite3-wrapper deletemount $sid \"$path\"`; + system_capture_merged_output("$x2go_lib_path/libx2go-server-db-sqlite3-wrapper", "deletemount", "$sid", "$path"); } syslog('debug', "db_deletemount called, session ID: $sid, path: $path"); } @@ -181,7 +182,7 @@ sub db_insertmount } if ($backend eq 'sqlite') { - if( `$x2go_lib_path/libx2go-server-db-sqlite3-wrapper insertmount $sid \"$path\" $client` eq "ok") + if( system_capture_merged_output("$x2go_lib_path/libx2go-server-db-sqlite3-wrapper", "insertmount", "$sid", "\"$path\"", "$client") eq "ok") { $res_ok=1; } @@ -201,7 +202,7 @@ sub db_insertsession } if ($backend eq 'sqlite') { - my $err=`$x2go_lib_path/libx2go-server-db-sqlite3-wrapper insertsession $display $server $sid`; + my $err=system_capture_merged_output("$x2go_lib_path/libx2go-server-db-sqlite3-wrapper", "insertsession", "$display", "$server", "$sid"); if ($err ne "ok") { die "$err: $x2go_lib_path/libx2go-server-db-sqlite3-wrapper insertsession $display $server $sid"; @@ -222,7 +223,7 @@ sub db_insertshadowsession } if ($backend eq 'sqlite') { - my $err=`$x2go_lib_path/libx2go-server-db-sqlite3-wrapper insertshadowsession $display $server $sid $shadreq_user`; + my $err=system_capture_merged_output("$x2go_lib_path/libx2go-server-db-sqlite3-wrapper", "insertshadowsession", "$display", "$server", "$sid", "$shadreq_user"); if ($err ne "ok") { die "$err: $x2go_lib_path/libx2go-server-db-sqlite3-wrapper insertshadowsession $display $server $sid $shadreq_user"; @@ -246,7 +247,7 @@ sub db_createsession } if ($backend eq 'sqlite') { - my $err= `$x2go_lib_path/libx2go-server-db-sqlite3-wrapper createsession $cookie $pid $client $gr_port $snd_port $fs_port $sid`; + my $err= system_capture_merged_output("$x2go_lib_path/libx2go-server-db-sqlite3-wrapper", "createsession", "$cookie", "$pid", "$client", "$gr_port", "$snd_port", "$fs_port", "$sid"); if ($err ne "ok") { die $err; @@ -272,7 +273,7 @@ sub db_createshadowsession } if ($backend eq 'sqlite') { - my $err= `$x2go_lib_path/libx2go-server-db-sqlite3-wrapper createshadowsession $cookie $pid $client $gr_port $snd_port $fs_port $sid $shadreq_user`; + my $err=system_capture_merged_output("$x2go_lib_path/libx2go-server-db-sqlite3-wrapper", "createshadowsession", "$cookie", "$pid", "$client", "$gr_port", "$snd_port", "$fs_port", "$sid", "$shadreq_user"); if ($err ne "ok") { die $err; @@ -292,7 +293,11 @@ sub db_insertport } if ($backend eq 'sqlite') { - `$x2go_lib_path/libx2go-server-db-sqlite3-wrapper insertport $server $sid $sshport`; + my $err=system_capture_merged_output("$x2go_lib_path/libx2go-server-db-sqlite3-wrapper", "insertport", "$server", "$sid", "$sshport"); + if ($err ne "ok") + { + die $err; + } } syslog('debug', "db_insertport called, session ID: $sid, server: $server, SSH port: $sshport"); } @@ -308,7 +313,7 @@ sub db_rmport } if ($backend eq 'sqlite') { - `$x2go_lib_path/libx2go-server-db-sqlite3-wrapper rmport $server $sid $sshport`; + system_capture_merged_output("$x2go_lib_path/libx2go-server-db-sqlite3-wrapper", "rmport", "$server", "$sid", "$sshport"); } syslog('debug', "db_rmport called, session ID: $sid, server: $server, SSH port: $sshport"); } @@ -326,7 +331,7 @@ sub db_resume } if ($backend eq 'sqlite') { - `$x2go_lib_path/libx2go-server-db-sqlite3-wrapper resume $client $sid $gr_port $snd_port $fs_port`; + system_capture_merged_output("$x2go_lib_path/libx2go-server-db-sqlite3-wrapper", "resume", "$client", "$sid", "$gr_port", "$snd_port", "$fs_port"); } syslog('debug', "db_resume called, session ID: $sid, client: $client, gr_port: $gr_port, sound_port: $snd_port, fs_port: $fs_port"); } @@ -341,7 +346,7 @@ sub db_changestatus } if ($backend eq 'sqlite') { - `$x2go_lib_path/libx2go-server-db-sqlite3-wrapper changestatus $status $sid`; + system_capture_merged_output("$x2go_lib_path/libx2go-server-db-sqlite3-wrapper", "changestatus", "$status", "$sid"); } syslog('debug', "db_changestatus called, session ID: $sid, new status: $status"); } @@ -356,7 +361,7 @@ sub db_getstatus } if ($backend eq 'sqlite') { - $status=`$x2go_lib_path/libx2go-server-db-sqlite3-wrapper getstatus $sid`; + $status=system_capture_merged_output("$x2go_lib_path/libx2go-server-db-sqlite3-wrapper", "getstatus", "$sid"); } syslog('debug', "db_getstatus called, session ID: $sid, return value: $status"); return $status; @@ -373,7 +378,7 @@ sub db_getdisplays } if ($backend eq 'sqlite') { - @displays = split("\n",`$x2go_lib_path/libx2go-server-db-sqlite3-wrapper getdisplays $server`); + @displays = split("\n",system_capture_merged_output("$x2go_lib_path/libx2go-server-db-sqlite3-wrapper", "getdisplays", "$server")); } my $log_retval = join(" ", @displays); syslog('debug', "db_getdisplays called, server: $server; return value: $log_retval"); @@ -391,7 +396,7 @@ sub db_getports } if ($backend eq 'sqlite') { - @ports = split("\n",`$x2go_lib_path/libx2go-server-db-sqlite3-wrapper getports $server`); + @ports = split("\n",system_capture_merged_output("$x2go_lib_path/libx2go-server-db-sqlite3-wrapper", "getports", "$server")); } my $log_retval = join(" ", @ports); syslog('debug', "db_getports called, server: $server; return value: $log_retval"); @@ -407,7 +412,7 @@ sub db_getservers } if ($backend eq 'sqlite') { - @servers = split("\n",`$x2go_lib_path/libx2go-server-db-sqlite3-wrapper getservers`); + @servers = split("\n",system_capture_merged_output("$x2go_lib_path/libx2go-server-db-sqlite3-wrapper", "getservers")); } my $log_retval = join(" ", @servers); syslog('debug', "db_getservers called, return value: $log_retval"); @@ -424,7 +429,7 @@ sub db_getagent } if($backend eq 'sqlite') { - $agent=`$x2go_lib_path/libx2go-server-db-sqlite3-wrapper getagent $sid`; + $agent=system_capture_merged_output("$x2go_lib_path/libx2go-server-db-sqlite3-wrapper", "getagent", "$sid"); } syslog('debug', "db_getagent called, session ID: $sid; return value: $agent"); return $agent; @@ -440,7 +445,7 @@ sub db_getdisplay } if ($backend eq 'sqlite') { - $display=`$x2go_lib_path/libx2go-server-db-sqlite3-wrapper getdisplay $sid`; + $display=system_capture_merged_output("$x2go_lib_path/libx2go-server-db-sqlite3-wrapper", "getdisplay", "$sid"); } syslog('debug', "db_getdisplay called, session ID: $sid; return value: $display"); return $display; @@ -455,7 +460,7 @@ sub db_listsessions } if ($backend eq 'sqlite') { - return split("\n",`$x2go_lib_path/libx2go-server-db-sqlite3-wrapper listsessions $server`); + return split("\n",system_capture_merged_output("$x2go_lib_path/libx2go-server-db-sqlite3-wrapper", "listsessions", "$server")); } } @@ -467,7 +472,7 @@ sub db_listsessions_all } if ($backend eq 'sqlite') { - return split("\n",`$x2go_lib_path/libx2go-server-db-sqlite3-wrapper listsessions_all`); + return split("\n",system_capture_merged_output("$x2go_lib_path/libx2go-server-db-sqlite3-wrapper", "listsessions_all")); } } @@ -480,7 +485,7 @@ sub db_listshadowsessions } if ($backend eq 'sqlite') { - return split("\n",`$x2go_lib_path/libx2go-server-db-sqlite3-wrapper listshadowsessions $server`); + return split("\n",system_capture_merged_output("$x2go_lib_path/libx2go-server-db-sqlite3-wrapper", "listshadowsessions", "$server")); } } @@ -492,6 +497,6 @@ sub db_listshadowsessions_all } if ($backend eq 'sqlite') { - return split("\n",`$x2go_lib_path/libx2go-server-db-sqlite3-wrapper listshadowsessions_all`); + return split("\n",system_capture_merged_output("$x2go_lib_path/libx2go-server-db-sqlite3-wrapper", "listshadowsessions_all")); } } diff --git a/X2Go/Server/DB/PostgreSQL.pm b/X2Go/Server/DB/PostgreSQL.pm index f101de8..6e94ef1 100644 --- a/X2Go/Server/DB/PostgreSQL.pm +++ b/X2Go/Server/DB/PostgreSQL.pm @@ -61,7 +61,7 @@ sub init_db if ( ! ( $dbuser and $dbpass ) ) { my $Config = get_sqlconfig; - my $x2go_lib_path=`x2gopath libexec`; + my $x2go_lib_path=system_capture_stdout_output("x2gopath", "libexec"); my $backend=$Config->param("backend"); if ( $backend ne "postgres" ) diff --git a/debian/changelog b/debian/changelog index 16b9851..5db2ff6 100644 --- a/debian/changelog +++ b/debian/changelog @@ -42,6 +42,8 @@ x2goserver (4.1.0.0-0x2go1) UNRELEASED; urgency=low - Start working on an abstraction layer (as Perl package X2Go::Server::Agent) that handles all (NX) agent specific actions. Move duplicate code into that new Perl package. + - Security audit of complete code tree, avoid one-argument system calls where + possible, avoid backticks, use more quotes in shell scripts. * debian/control: + Package X2Go::Log in separate package: libx2go-log-perl. + Package X2Go::Server::DB in separate package: libx2go-server-db-perl. diff --git a/x2goserver/bin/x2gocmdexitmessage b/x2goserver/bin/x2gocmdexitmessage index 79cd0a5..b5a2170 100755 --- a/x2goserver/bin/x2gocmdexitmessage +++ b/x2goserver/bin/x2gocmdexitmessage @@ -21,13 +21,13 @@ # Copyright (C) 2007-2013 Heinz-Markus Graesing <heinz-m.graesing@obviously-nice.de> X2GO_LIB_PATH="$(x2gopath libexec)"; -X2GO_ROOT=${HOME}/.x2go -MESSAGE_FILE=$X2GO_ROOT/C-$1/cmdoutput +X2GO_ROOT="${HOME}/.x2go" +MESSAGE_FILE="$X2GO_ROOT/C-$1/cmdoutput" -$X2GO_LIB_PATH/x2gosyslog "$0" "info" "$(basename $0) called with options: $@" +"$X2GO_LIB_PATH/x2gosyslog" "$0" "info" "$(basename $0) called with options: $@" test -f "$MESSAGE_FILE" && { - $X2GO_LIB_PATH/x2gosyslog "$0" "debug" "command output starts with: $(head -n5 $MESSAGE_FILE | sed 's/\n/ /g')" + "$X2GO_LIB_PATH/x2gosyslog" "$0" "debug" "command output starts with: "$(head -n5 "$MESSAGE_FILE" | sed 's/\n/ /g') # return command output of the command that was issued by x2goruncommand cat "$MESSAGE_FILE" diff --git a/x2goserver/bin/x2gofeature b/x2goserver/bin/x2gofeature index ee0d309..ab0e848 100755 --- a/x2goserver/bin/x2gofeature +++ b/x2goserver/bin/x2gofeature @@ -25,14 +25,14 @@ X2GO_LIB_PATH="$(x2gopath libexec)"; X2GO_SHARE_PATH="$(x2gopath share)"; -$X2GO_LIB_PATH/x2gosyslog "$0" "info" "$(basename $0) called with options: $@" +"$X2GO_LIB_PATH/x2gosyslog" "$0" "info" "$(basename $0) called with options: $@" -X2GO_FEATURE=$1 +X2GO_FEATURE="$1" # run x2gofeature scripts of X2Go extensions test -d "$X2GO_SHARE_PATH/x2gofeature.d" && { - for subscript in $X2GO_SHARE_PATH/x2gofeature.d/*.features; do - $subscript $@ && exit 0 + for subscript in "$X2GO_SHARE_PATH/x2gofeature.d/"*.features; do + "$subscript" $@ && exit 0 done } diff --git a/x2goserver/bin/x2gofeaturelist b/x2goserver/bin/x2gofeaturelist index e879e4e..9c74960 100755 --- a/x2goserver/bin/x2gofeaturelist +++ b/x2goserver/bin/x2gofeaturelist @@ -22,12 +22,12 @@ X2GO_LIB_PATH="$(x2gopath libexec)"; X2GO_SHARE_PATH="$(x2gopath share)"; -$X2GO_LIB_PATH/x2gosyslog "$0" "info" "$(basename $0) called with options: $@" +"$X2GO_LIB_PATH/x2gosyslog" "$0" "info" "$(basename $0) called with options: $@" # run x2gofeature scripts of X2Go extensions test -d "$X2GO_SHARE_PATH/x2gofeature.d" && { - for subscript in $X2GO_SHARE_PATH/x2gofeature.d/*.features; do - cat $subscript | egrep ".*\).*ok.*exit 0.*" | cut -d"\"" -f2 | cut -d"\"" -f1 + for subscript in "$X2GO_SHARE_PATH/x2gofeature.d/"*.features; do + cat "$subscript" | egrep ".*\).*ok.*exit 0.*" | cut -d"\"" -f2 | cut -d"\"" -f1 done } diff --git a/x2goserver/bin/x2gogetservers b/x2goserver/bin/x2gogetservers index 83ba5c1..5f19025 100755 --- a/x2goserver/bin/x2gogetservers +++ b/x2goserver/bin/x2gogetservers @@ -33,4 +33,4 @@ my $servers = join("\n", db_getservers); print $servers; # closing syslog -closelog; \ No newline at end of file +closelog; diff --git a/x2goserver/bin/x2golistdesktops b/x2goserver/bin/x2golistdesktops index b489286..44cc1f9 100755 --- a/x2goserver/bin/x2golistdesktops +++ b/x2goserver/bin/x2golistdesktops @@ -24,7 +24,8 @@ use strict; use Sys::Hostname; use Sys::Syslog qw( :standard :macros ); -use X2Go::Log qw(loglevel); +use X2Go::Log qw( loglevel ); +use X2Go::Utils qw( system_capture_stdout_output ); openlog($0,'cons,pid','user'); setlogmask( LOG_UPTO(loglevel()) ); @@ -42,6 +43,7 @@ if( ! $serv) $serv=hostname; } +# FIXME: finally get rid of this non-critical backtick expression my $rsess=`x2golistsessions $serv |grep _stR`; my @rsess=split("\n","$rsess"); my @rdisplays; @@ -55,7 +57,7 @@ my $rdisp=join("I",@rdisplays); $rdisp="I${rdisp}I"; my $uname=$ENV{'USER'}; -my $outp=`ls -1 /tmp/.X11-unix/`; +my $outp=system_capture_stdout_output("ls", "-1", "/tmp/.X11-unix/"); my @outp=split("\n","$outp"); for(my $i=0;$i<@outp;$i++) { @@ -66,7 +68,7 @@ for(my $i=0;$i<@outp;$i++) $checkdisp="${checkdisp}I"; if (!( $rdisp =~ m/$checkdisp/ )) { - my $inf=`xwininfo -root -display $display 2> /dev/null`; + my $inf=system_capture_stdout_output("xwininfo", "-root", "-display", "$display"); if ( $inf=~ m/geometry/) { print "$uname\@$display\n"; @@ -74,6 +76,7 @@ for(my $i=0;$i<@outp;$i++) } } +# FIXME: finally get rid of this non-critical backtick expression $outp=`ls -1 /tmp/ | grep x2godesktopsharing_`; @outp=split("\n","$outp"); diff --git a/x2goserver/bin/x2golistsessions b/x2goserver/bin/x2golistsessions index 6f44f56..1b8b6fc 100755 --- a/x2goserver/bin/x2golistsessions +++ b/x2goserver/bin/x2golistsessions @@ -70,7 +70,7 @@ for (my $i=0;$i<@outp;$i++) { if (@sinfo[4]eq 'R') { - if(session_is_suspended(@sinfo[1]), @sinfo[11]) + if(session_is_suspended(@sinfo[1], @sinfo[11])) { db_changestatus( 'S', @sinfo[1] ); @outp[$i] =~ s/\|R\|/\|S\|/; diff --git a/x2goserver/bin/x2golistshadowsessions b/x2goserver/bin/x2golistshadowsessions index 7880d53..c24873d 100755 --- a/x2goserver/bin/x2golistshadowsessions +++ b/x2goserver/bin/x2golistshadowsessions @@ -70,11 +70,11 @@ for (my $i=0;$i<@outp;$i++) { if (@sinfo[4]eq 'R') { - if(session_is_suspended(@sinfo[1]), @sinfo[11]) + if(session_is_suspended(@sinfo[1], @sinfo[11])) { db_changestatus( 'S', @sinfo[1] ); @outp[$i] =~ s/\|R\|/\|S\|/; - system( "x2goumount-session","@sinfo[1]"); + system("x2goumount-session","@sinfo[1]"); } } print "@outp[$i]\n"; diff --git a/x2goserver/bin/x2gomountdirs b/x2goserver/bin/x2gomountdirs index b5d305f..a921460 100755 --- a/x2goserver/bin/x2gomountdirs +++ b/x2goserver/bin/x2gomountdirs @@ -26,7 +26,7 @@ use File::BaseDir qw(xdg_config_home); use X2Go::Config qw( get_config ); use X2Go::Server::DB qw( db_insertmount db_deletemount ); -use X2Go::Utils qw( source_environment ); +use X2Go::Utils qw( source_environment system_capture_merged_output ); use X2Go::Log qw( loglevel ); openlog($0,'cons,pid','user'); @@ -170,7 +170,7 @@ if ( -d $ldir) if ( ! -l $ldir) { - system ("ln -s $mdir $ldir"); + system ("ln", "-s", "$mdir", "$ldir"); } if ( -d $spooldir_lnk) @@ -180,7 +180,7 @@ if ( -d $spooldir_lnk) if ( ! -l $spooldir_lnk) { - system ("ln -s $spooldir $spooldir_lnk"); + system ("ln", "-s", "$spooldir", "$spooldir_lnk"); } if ( -d $mimeboxdir_lnk) @@ -190,7 +190,7 @@ if ( -d $mimeboxdir_lnk) if ( ! -l $mimeboxdir_lnk) { - system ("ln -s $mimeboxdir $mimeboxdir_lnk"); + system ("ln", "-s", "$mimeboxdir", "$mimeboxdir_lnk"); } my $uname=$ENV{'USER'}; @@ -265,17 +265,19 @@ for (my $i=0;$i<@dirs;$i++) { $code_conv="-o $code_conv"; } - if ( -f $key ) + if ( -f "$key" ) { syslog('debug', "SSH key file has arrived: $key"); } - if ( -f $key.ident ) + if ( -f "$key.ident" ) { syslog('debug', "SSH host key has arrived: $key.ident"); } $msg = "sshfs $code_conv -o idmap=user,uid=`id -u`,gid=`id -g`,$umaskstr,ServerAliveInterval=300,Cipher=blowfish,IdentityFile=$key,UserKnownHostsFile=$key.ident \"$user\"\@$host:\"@dirs[$i]\" \"$mntpath\" -p $port"; syslog('debug', "executing: $msg"); print "inserted, $msg\n"; + + # FIXME: this system call should be converted to a multi-argument system call while pertaining the redirect of stderr to the mounts.log file if (system("sshfs $code_conv -o idmap=user,uid=`id -u`,gid=`id -g`,$umaskstr,ServerAliveInterval=300,Cipher=blowfish,IdentityFile=$key,UserKnownHostsFile=$key.ident \"$user\"\@$host:\"@dirs[$i]\" \"$mntpath\" -p $port 2>>~/mounts.log")==0) { print "mount @dirs[$i] ok\n"; @@ -303,19 +305,19 @@ for (my $i=0;$i<@dirs;$i++) $fname="$ENV{'HOME'}/Desktop"; } my $current_desktop = "NONE"; - if (($session =~ m/_stDGNOME_dp/) && system("x2gofeature X2GO_GNOMEBINDINGS >/dev/null") == 0) + if (($session =~ m/_stDGNOME_dp/) && system_capture_merged_output("x2gofeature", "X2GO_GNOMEBINDINGS") == 0) { $current_desktop="-gnome"; } - elsif (($session =~ m/_stDMATE_dp/) && system("x2gofeature X2GO_MATEBINDINGS >/dev/null") == 0) + elsif (($session =~ m/_stDMATE_dp/) && system_capture_merged_output("x2gofeature", "X2GO_MATEBINDINGS") == 0) { $current_desktop="-mate"; } - elsif (($session =~ m/_stDLXDE_dp/) && system("x2gofeature X2GO_LXDEBINDINGS >/dev/null") == 0) + elsif (($session =~ m/_stDLXDE_dp/) && system_capture_merged_output("x2gofeature", "X2GO_LXDEBINDINGS") == 0) { $current_desktop="-lxde"; } - elsif (($session =~ m/_stD.*_dp/) && system("x2gofeature X2GO_FMBINDINGS >/dev/null") == 0) + elsif (($session =~ m/_stD.*_dp/) && system_capture_merged_output("x2gofeature", "X2GO_FMBINDINGS") == 0) { $current_desktop=""; } diff --git a/x2goserver/bin/x2gopath b/x2goserver/bin/x2gopath index 1d2f9f3..9647836 100755 --- a/x2goserver/bin/x2gopath +++ b/x2goserver/bin/x2gopath @@ -22,7 +22,6 @@ # Copyright (C) 2012-2013 Mike Gabriel <mike.gabriel@das-netzwerkteam.de> # Copyright (C) 2012-2013 Jan Engelhard <jengelh@inai.de> - base="${0%/*}"; if test "$base" = "$0"; then base="."; @@ -32,12 +31,12 @@ base=$(readlink -f "$base/.."); # The following section is subject to substitution by distro packaging tools. case "$1" in - base) echo -n "$base";; - lib) echo -n "$base/lib/x2go";; - libexec) echo -n "$base/lib/x2go";; - share) echo -n "$base/share/x2go";; - nx-x11) echo -n "$base/lib/nx/X11";; - xinerama) echo -n "$base/lib/nx/X11/Xinerama";; + "base") echo -n "$base";; + "lib") echo -n "$base/lib/x2go";; + "libexec") echo -n "$base/lib/x2go";; + "share") echo -n "$base/share/x2go";; + "nx-x11") echo -n "$base/lib/nx/X11";; + "xinerama") echo -n "$base/lib/nx/X11/Xinerama";; *) exit 1;; esac; diff --git a/x2goserver/bin/x2goresume-session b/x2goserver/bin/x2goresume-session index 12669c2..a513631 100755 --- a/x2goserver/bin/x2goresume-session +++ b/x2goserver/bin/x2goresume-session @@ -41,7 +41,7 @@ then rm "$NX_XINERAMA_CONF" fi -$X2GO_LIB_PATH/x2gosyslog "$0" "info" "$(basename $0) called with options: $@" +"$X2GO_LIB_PATH/x2gosyslog" "$0" "info" "$(basename $0) called with options: $@" # rootless sessions require to be resizable @@ -71,10 +71,10 @@ SOUND_PORT=`echo "$SESSIONINFO" | awk -F, {'print $10'}` FS_PORT=`echo "$SESSIONINFO" | awk -F, {'print $14'}` SERVER=`echo "$SESSIONINFO" | awk -F, {'print $4'}` -$X2GO_LIB_PATH/x2gosyslog "$0" "debug" "old ports: $GR_PORT, $SOUND_PORT, $FS_PORT" +"$X2GO_LIB_PATH/x2gosyslog" "$0" "debug" "old ports: $GR_PORT, $SOUND_PORT, $FS_PORT" #Get all used in system ports from ss output -ss=$(PATH="$PATH:/usr/sbin:/sbin" type -P ss); +ss="$(PATH="$PATH:/usr/sbin:/sbin" type -P ss)"; USED_PORTS=$( "$ss" -nt -all | awk '{ n=split($0,lines,"\n"); for(i=1;i<=n;i++){split (lines[i],words," ");delim=split(words[4],ports,":"); if(delim>1)printf ("|%s|\n",ports[delim])} }'; @@ -178,17 +178,17 @@ echo "$NEWOPTIONS" >"${SESSION_DIR}/options" x2gofeature X2GO_RUN_EXTENSIONS &>/dev/null && x2goserver-run-extensions "$SESSION_NAME" pre-resume || true # clear old keyboard file -rm -Rf $SESSION_DIR/keyboard +rm -Rf "$SESSION_DIR/keyboard" -kill -HUP $X2GO_AGENT_PID &>/dev/null && { +kill -HUP "$X2GO_AGENT_PID" &>/dev/null && { - $X2GO_LIB_PATH/x2goresume "$X2GO_CLIENT" "$SESSION_NAME" "$GR_PORT" "$SOUND_PORT" "$FS_PORT" > /dev/null + $X2GO_LIB_PATH/x2goresume "$X2GO_CLIENT" "$SESSION_NAME" "$GR_PORT" "$SOUND_PORT" "$FS_PORT" > /dev/null $X2GO_LIB_PATH/x2gosyslog "$0" "notice" "client $X2GO_CLIENT has successfully resumed session with ID $SESSION_NAME" # set client-side keyboard model, type, variant, etc. if [ "$X2GO_SET_KBD" != "0" ] && [ "$X2GO_KBD_TYPE" == "auto" ]; then - X2GO_DISPLAY=$(echo $SESSION_NAME | cut -d"-" -f2) - export DISPLAY=:$X2GO_DISPLAY.0 + X2GO_DISPLAY="$(echo \"$SESSION_NAME\" | cut -d'-' -f2)" + export DISPLAY=":$X2GO_DISPLAY.0" x2gosetkeyboard "$SESSION_NAME" >/dev/null 2>/dev/null & fi @@ -201,11 +201,11 @@ kill -HUP $X2GO_AGENT_PID &>/dev/null && { } || { err_msg="ERROR: failed to resume session with ID $SESSION_NAME" echo "$err_msg" 1>&2 - $X2GO_LIB_PATH/x2gosyslog "$0" "err" "$err_msg" + "$X2GO_LIB_PATH/x2gosyslog" "$0" "err" "$err_msg" # If we reach here it means that the x2goagent process of the session has vanisshed # If this happens than we mark the session as finished... - $X2GO_LIB_PATH/x2gochangestatus 'F' "$SESSION_NAME" > /dev/null + "$X2GO_LIB_PATH/x2gochangestatus" 'F' "$SESSION_NAME" > /dev/null # run x2goserver-extensions for fail-resume x2gofeature X2GO_RUN_EXTENSIONS &>/dev/null && x2goserver-run-extensions "$SESSION_NAME" fail-resume || true diff --git a/x2goserver/bin/x2goruncommand b/x2goserver/bin/x2goruncommand index 5d5113c..e5f52a1 100755 --- a/x2goserver/bin/x2goruncommand +++ b/x2goserver/bin/x2goruncommand @@ -21,15 +21,15 @@ # Copyright (C) 2007-2013 Heinz-Markus Graesing <heinz-m.graesing@obviously-nice.de> DISPLAY=":$1" -X2GO_AGENT_PID=$2 -X2GO_SESSION=$3 -cmd=$5 -sndsys=$6 -X2GO_SESS_TYPE=$7 +X2GO_AGENT_PID="$2" +X2GO_SESSION="$3" +cmd="$5" +sndsys="$6" +X2GO_SESS_TYPE="$7" X2GO_LIB_PATH="$(x2gopath libexec)"; -$X2GO_LIB_PATH/x2gosyslog "$0" "info" "$(basename $0) called with options: $@" +"$X2GO_LIB_PATH/x2gosyslog" "$0" "info" "$(basename $0) called with options: $@" export DISPLAY export X2GO_AGENT_PID @@ -48,22 +48,22 @@ export NX_XINERAMA_CONF test -n $KRB5CCNAME && export KRB5CCNAME # disable rastering in >= KDE4.8 and Qt4.8 -export QT_GRAPHICSSYSTEM=native +export QT_GRAPHICSSYSTEM="native" IMEXIT="false" -NX_XINERAMA_LIBS=$(x2gopath xinerama) -NX_LIBS=$(x2gopath nx-x11) +NX_XINERAMA_LIBS="$(x2gopath xinerama)" +NX_LIBS="$(x2gopath nx-x11)" test -n "$LD_LIBRARY_PATH" && \ LD_LIBRARY_PATH="$NX_XINERAMA_LIBS:$NX_LIBS:$LD_LIBRARY_PATH" || \ LD_LIBRARY_PATH="$NX_XINERAMA_LIBS:$NX_LIBS" -$X2GO_LIB_PATH/x2gosyslog "$0" "debug" "exporting LD_LIBRARY_PATH=$LD_LIBRARY_PATH" +"$X2GO_LIB_PATH/x2gosyslog" "$0" "debug" "exporting LD_LIBRARY_PATH=$LD_LIBRARY_PATH" export LD_LIBRARY_PATH if [ "$sndsys" == "esd" ]; then - export ESPEAKER=localhost:$4 + export ESPEAKER="localhost:$4" elif [ "$sndsys" == "arts" ]; then - export ARTS_SERVER=localhost:$4 + export ARTS_SERVER="localhost:$4" fi # detect Ubuntu version via /etc/lsb-release (not supported by Debian) @@ -222,24 +222,24 @@ fi x2gofeature X2GO_RUN_EXTENSIONS &>/dev/null && x2goserver-run-extensions "$X2GO_SESSION" pre-runcommand || true sucessful_run=false -if [ "$EXEC" != "" ] && [ -x $EXEC ]; then - $X2GO_LIB_PATH/x2gosyslog "$0" "debug" "running command $EXEC" +if [ "$EXEC" != "" ] && [ -x "$EXEC" ]; then + "$X2GO_LIB_PATH/x2gosyslog" "$0" "debug" "running command $EXEC" x2gosetkeyboard >/dev/null 2>/dev/null & x2gofeature X2GO_XSESSION &>/dev/null && [ "x$X2GO_SESS_TYPE" = "xD" ] && { STARTUP="$cmd$args" - $X2GO_LIB_PATH/x2gosyslog "$0" "notice" "launching session with Xsession-x2go mechanism, using STARTUP=\"$STARTUP\"" + "$X2GO_LIB_PATH/x2gosyslog" "$0" "notice" "launching session with Xsession-x2go mechanism, using STARTUP=\"$STARTUP\"" XSESSION_EXEC="$cmd" STARTUP="/usr/bin/env LD_LIBRARY_PATH=${LD_LIBRARY_PATH} ${STARTUP}" /etc/x2go/Xsession } || { - $X2GO_LIB_PATH/x2gosyslog "$0" "debug" "executing command \"$cmd$args\"..." + "$X2GO_LIB_PATH/x2gosyslog" "$0" "debug" "executing command \"$cmd$args\"..." $EXEC_WRAPPER $cmd$args } #### some applications can quit immediately, we will wait here as long as x2goagent exists if [ "$X2GO_SESS_TYPE" == "R" ] && [ "$IMEXIT" == "false" ]; then - $X2GO_LIB_PATH/x2gosyslog "$0" "debug" "command $EXEC forked to background, waiting for agent to finish" - while [ -d /proc/$X2GO_AGENT_PID ]; do + "$X2GO_LIB_PATH/x2gosyslog" "$0" "debug" "command $EXEC forked to background, waiting for agent to finish" + while [ -d "/proc/$X2GO_AGENT_PID" ]; do sleep 1 done fi @@ -250,7 +250,7 @@ if [ "$EXEC" != "" ] && [ -x $EXEC ]; then x2gofeature X2GO_RUN_EXTENSIONS &>/dev/null && x2goserver-run-extensions "$X2GO_SESSION" post-runcommand || true else - $X2GO_LIB_PATH/x2gosyslog "$0" "err" "ERROR: command $EXEC failed to execute" + "$X2GO_LIB_PATH/x2gosyslog" "$0" "err" "ERROR: command $EXEC failed to execute" echo "X2GORUNCOMMAND ERR NOEXEC:$cmd" > "$MESSAGE_FILE" # run x2goserver-extensions for fail-runcommand @@ -261,8 +261,8 @@ fi # stop x2godesktopsharing process gracefully... x2gofeature X2GO_DESKTOPSHARING >/dev/null && x2goterminate-desktopsharing "$X2GO_SESSION" || true -kill -TERM $X2GO_AGENT_PID -$X2GO_LIB_PATH/x2gochangestatus 'F' "$X2GO_SESSION" > /dev/null +kill -TERM "$X2GO_AGENT_PID" +"$X2GO_LIB_PATH/x2gochangestatus" 'F' "$X2GO_SESSION" > /dev/null export HOSTNAME x2goumount-session "$X2GO_SESSION" diff --git a/x2goserver/bin/x2gosessionlimit b/x2goserver/bin/x2gosessionlimit index 5ef8222..4f5217e 100755 --- a/x2goserver/bin/x2gosessionlimit +++ b/x2goserver/bin/x2gosessionlimit @@ -25,6 +25,7 @@ use Sys::Syslog qw( :standard :macros ); use X2Go::Config qw( get_config); use X2Go::Log qw( loglevel ); +use X2Go::Utils qw( system_capture_merged_output ); openlog($0,'cons,pid','user'); setlogmask( LOG_UPTO(loglevel()) ); @@ -55,7 +56,7 @@ sub getGroupLimit my $uname; $uname=getpwuid($<); -my $runningsessions=`x2golistsessions --all-servers`; +my $runningsessions=system_capture_merged_output("x2golistsessions", "--all-servers"); my @sessions=split("\n",$runningsessions); my $scount=@sessions; diff --git a/x2goserver/bin/x2goumount-session b/x2goserver/bin/x2goumount-session index 18ff1a4..56b43fe 100755 --- a/x2goserver/bin/x2goumount-session +++ b/x2goserver/bin/x2goumount-session @@ -28,6 +28,7 @@ use File::BaseDir qw(xdg_config_home); use X2Go::Utils qw(source_environment); use X2Go::Server::DB qw(db_getdisplay db_getmounts db_deletemount); use X2Go::Log qw(loglevel); +use X2Go::Utils qw(system_capture_merged_output); openlog($0,'cons,pid','user'); setlogmask( LOG_UPTO(loglevel()) ); @@ -136,7 +137,8 @@ for ($i=0;$i<@outp;$i++) break: if ($found) { - if (system( "cd $tmp_dir && fusermount -u \"@line[1]\" && cd - >/dev/null" ) == 0) + chdir($tmpdir) + if (system("fusermount", "-u", "\"@line[1]\"") == 0) { syslog('notice', "successfully unmounted \"@line[1]\""); $found=0; @@ -175,19 +177,19 @@ break: $remote="$desktopdir/$remote"; my $current_desktop = 'NONE'; - if (($session =~ m/_stDGNOME_dp/) && system("x2gofeature X2GO_GNOMEBINDINGS >/dev/null") == 0) + if (($session =~ m/_stDGNOME_dp/) && system_capture_merged_output("x2gofeature", "X2GO_GNOMEBINDINGS") == 0) { $current_desktop="-gnome"; } - elsif (($session =~ m/_stDMATE_dp/) && system("x2gofeature X2GO_MATEBINDINGS >/dev/null") == 0) + elsif (($session =~ m/_stDMATE_dp/) && system_capture_merged_output("x2gofeature", "X2GO_MATEBINDINGS") == 0) { $current_desktop="-mate"; } - elsif (($session =~ m/_stDLXDE_dp/) && system("x2gofeature X2GO_LXDEBINDINGS >/dev/null") == 0) + elsif (($session =~ m/_stDLXDE_dp/) && system_capture_merged_output("x2gofeature", "X2GO_LXDEBINDINGS") == 0) { $current_desktop="-lxde"; } - elsif (($session =~ m/_st.*_dp/) && system("x2gofeature X2GO_FMBINDINGS >/dev/null") == 0) + elsif (($session =~ m/_st.*_dp/) && system_capture_merged_output("x2gofeature", "X2GO_FMBINDINGS") == 0) { $current_desktop=""; } @@ -224,7 +226,7 @@ rmdir ("$mdir/rm"); rmdir ("$mdir"); if (( ! -d "$mdir" ) && ( -l "$ENV{'HOME'}/media" )) { - system("rm -f $ENV{'HOME'}/media"); + system_capture_merged_output("rm", "-f", "$ENV{'HOME'}/media"); } rmdir ("$spooldir/C-$session"); rmdir ("$spooldir"); @@ -233,4 +235,3 @@ rmdir ("$mimeboxdir"); # closing syslog closelog; - diff --git a/x2goserver/bin/x2goversion b/x2goserver/bin/x2goversion index 1854a20..b948d87 100755 --- a/x2goserver/bin/x2goversion +++ b/x2goserver/bin/x2goversion @@ -48,4 +48,3 @@ else done cd - >/dev/null fi - diff --git a/x2goserver/sbin/x2gocleansessions b/x2goserver/sbin/x2gocleansessions index 797c5cd..8480a15 100755 --- a/x2goserver/sbin/x2gocleansessions +++ b/x2goserver/sbin/x2gocleansessions @@ -29,12 +29,13 @@ use Sys::Syslog qw( :standard :macros ); use File::ReadBackwards; -my $x2go_lib_path = `x2gopath libexec`; use X2Go::Config qw( get_config ); use X2Go::Log qw( loglevel ); use X2Go::SupeReNicer qw( superenice ); use X2Go::Server::Agent qw( session_is_suspended session_is_running session_has_terminated ); use X2Go::Server::DB qw( dbsys_rmsessionsroot ); +use X2Go::Utils qw( system_capture_stdout_output ); +my $x2go_lib_path = system_capture_stdout_output("x2gopath", "libexec"); openlog($0,'cons,pid','user'); setlogmask( LOG_UPTO(loglevel()) ); @@ -115,7 +116,7 @@ elsif ($pid == 0 ) while(sleep 2) { - my $outp=`$x2go_lib_path/x2golistsessions_sql $serv 2>/dev/null`; + my $outp=system_capture_stdout_output("$x2go_lib_path/x2golistsessions_sql", "$serv"); my @outp=split("\n","$outp"); # forget earlier remembered blocked sessions diff --git a/x2goserver/sbin/x2golistsessions_root b/x2goserver/sbin/x2golistsessions_root index b4c659c..ce8c786 100755 --- a/x2goserver/sbin/x2golistsessions_root +++ b/x2goserver/sbin/x2golistsessions_root @@ -28,11 +28,11 @@ use File::ReadBackwards; use X2Go::Log qw(loglevel); use X2Go::Utils qw(system_capture_stdout_output); use X2Go::Server::Agent qw(session_is_suspended); +my $x2go_lib_path = system_capture_stdout_output("x2gopath", "libexec"); openlog($0,'cons,pid','user'); setlogmask( LOG_UPTO(loglevel()) ); -my $x2go_lib_path = system_capture_stdout_output("x2gopath", "libexec"); my $uname; hooks/post-receive -- x2goserver.git (X2Go Server) This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "x2goserver.git" (X2Go Server).