This is an automated email from the git hooks/post-receive script. x2go pushed a change to branch master in repository x2gobroker. from 5b6cead x2gobroker.spec: no conditional addition of further source files new 76a202a Add --drop-privileges feature so that x2gobroker-daemon can drop root privileges when started via systemd. new b8ad7af update man pages The 2 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "adds" were already present in the repository and have only been added to this reference. Summary of changes: bin/x2gobroker | 30 +++++++++++++++++++++++++++++- debian/changelog | 2 ++ man/man1/x2gobroker-testauth.1 | 4 ++-- man/man1/x2gobroker.1 | 13 +++++++++---- man/man8/x2gobroker-authservice.8 | 10 +++++----- man/man8/x2gobroker-daemon-debug.8 | 2 +- man/man8/x2gobroker-keygen.8 | 2 +- man/man8/x2gobroker-pubkeyauthorizer.8 | 6 +++--- x2gobroker-daemon.service | 2 +- 9 files changed, 53 insertions(+), 18 deletions(-) -- Alioth's /srv/git/_hooks_/post-receive-email on /srv/git/code.x2go.org/x2gobroker.git
This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch master in repository x2gobroker. commit 76a202a89db4c8da7587075da96c995b76e507ca Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Tue Feb 25 13:52:09 2014 +0100 Add --drop-privileges feature so that x2gobroker-daemon can drop root privileges when started via systemd. --- bin/x2gobroker | 30 +++++++++++++++++++++++++++++- debian/changelog | 2 ++ man/man1/x2gobroker.1 | 5 +++++ x2gobroker-daemon.service | 2 +- 4 files changed, 37 insertions(+), 2 deletions(-) diff --git a/bin/x2gobroker b/bin/x2gobroker index 5086845..a8ef7ab 100755 --- a/bin/x2gobroker +++ b/bin/x2gobroker @@ -27,6 +27,8 @@ import argparse import socket import logging import atexit +import pwd, grp + try: import daemon @@ -41,7 +43,6 @@ try: except ImportError: CAN_DAEMONIZE = False - def prep_http_mode(): global urls @@ -92,6 +93,25 @@ from x2gobroker import __VERSION__ from x2gobroker import __AUTHOR__ from x2gobroker.loggers import logger_broker, logger_access, logger_error, tornado_log_request +def drop_privileges(uid=x2gobroker.defaults.X2GOBROKER_DAEMON_USER, gid=x2gobroker.defaults.X2GOBROKER_DAEMON_USER): + if os.getuid() != 0: + # We're not root so, like, whatever dude + return + + # Get the uid/gid from the name + running_uid = pwd.getpwnam(uid).pw_uid + running_gid = grp.getgrnam(gid).gr_gid + + # Remove group privileges + os.setgroups([]) + + # Try setting the new uid/gid + os.setgid(running_gid) + os.setuid(running_uid) + + # Ensure a very conservative umask + old_umask = os.umask(077) + interactive_mode_warning = False # check effective UID the broker runs as and complain appropriately... if x2gobroker.defaults.X2GOBROKER_USER != x2gobroker.defaults.X2GOBROKER_DAEMON_USER and os.geteuid() != 0: @@ -118,6 +138,11 @@ if __name__ == "__main__": {'args':['-P', '--pidfile'], 'default': pidfile, 'help': 'Alternative file path for the daemon\'s PID file', }, {'args':['-L', '--logdir'], 'default': daemon_logdir, 'help': 'Directory where log files for the process\'s stdout and stderr can be created', }, ]) + if os.getuid() == 0: + daemon_options.extend([ + {'args':['--drop-privileges'], 'default': False, 'action': 'store_true', 'help': 'Drop privileges to uid X2GOBROKER_DAEMON_USER and gid X2GOBROKER_DAEMON_GROUP', }, + ]) + sshbroker_options = [ {'args':['--task'], 'default': None, 'metavar': 'BROKER_TASK', 'help': 'broker task (listsessions, selectsession, setpass, testcon', }, {'args':['--user'], 'default': None, 'metavar': 'USER_NAME', 'help': 'Operate on behalf of this user name', }, @@ -140,6 +165,9 @@ if __name__ == "__main__": cmdline_args = p.parse_args() + if cmdline_args.drop_privileges: + drop_privileges() + if cmdline_args.config_file is not None: x2gobroker.defaults.X2GOBROKER_CONFIG = cmdline_args.config_file diff --git a/debian/changelog b/debian/changelog index 63dce8c..b0e6113 100644 --- a/debian/changelog +++ b/debian/changelog @@ -86,6 +86,8 @@ x2gobroker (0.0.3.0-0x2go1) UNRELEASED; urgency=low - Provide symlink x2gobroker-daemon. - Provide systemd service files for x2gobroker-daemon and x2gobroker-authservice. + - Add --drop-privileges feature so that x2gobroker-daemon can drop root + privileges when started via systemd. * debian/control: + Replace LDAP support with session brokerage support in LONG_DESCRIPTION. + Fix SYNOPSIS texts. diff --git a/man/man1/x2gobroker.1 b/man/man1/x2gobroker.1 index 00ccc1f..5159d60 100644 --- a/man/man1/x2gobroker.1 +++ b/man/man1/x2gobroker.1 @@ -80,6 +80,11 @@ Custom PID file location when daemonizing (default: <RUNDIR>/x2gobroker/x2gobrok .TP \*(T<\fB\-L, \-\-logdir\fR\*(T> Directory where stdout/stderr will be redirected after having daemonized (default: /var/log/x2gobroker/). +.TP +\*(T<\fB\-D, \-\-drop\-privileges\fR\*(T> +If started as root, drop privileges to uid X2GO_DAEMON_USER and gid X2GO_DAEMON_GROUP (as configured +in \fI/etc/x2go/broker/defaults.conf\fR on systemd systems or \fI/etc/defaults/python-x2gobroker\fR +on SystemV systems). .SH "FILES" /etc/x2go/x2gobroker.conf, /etc/x2go/broker/* (configuration files) .PP diff --git a/x2gobroker-daemon.service b/x2gobroker-daemon.service index fa13e00..20438d6 100644 --- a/x2gobroker-daemon.service +++ b/x2gobroker-daemon.service @@ -3,7 +3,7 @@ Description=X2Go Session Broker Daemon [Service] Type=forking -ExecStart=/usr/bin/x2gobroker-daemon +ExecStart=/usr/bin/x2gobroker-daemon -D --drop-privileges PIDFile=/run/x2gobroker/x2gobroker-daemon.pid [Install] -- Alioth's /srv/git/_hooks_/post-receive-email on /srv/git/code.x2go.org/x2gobroker.git
This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch master in repository x2gobroker. commit b8ad7afa5294b2bdc8f782f35d1f3bb77147e475 Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Tue Feb 25 13:55:59 2014 +0100 update man pages --- man/man1/x2gobroker-testauth.1 | 4 ++-- man/man1/x2gobroker.1 | 8 ++++---- man/man8/x2gobroker-authservice.8 | 10 +++++----- man/man8/x2gobroker-daemon-debug.8 | 2 +- man/man8/x2gobroker-keygen.8 | 2 +- man/man8/x2gobroker-pubkeyauthorizer.8 | 6 +++--- 6 files changed, 16 insertions(+), 16 deletions(-) diff --git a/man/man1/x2gobroker-testauth.1 b/man/man1/x2gobroker-testauth.1 index 7fea25f..24ba87b 100644 --- a/man/man1/x2gobroker-testauth.1 +++ b/man/man1/x2gobroker-testauth.1 @@ -5,7 +5,7 @@ \\$2 \(la\\$1\(ra\\$3 .. .if \n(.g .mso www.tmac -.TH x2gobroker-testauth 1 "Jan 2014" "Version 0.0.3.x" "X2Go Session Broker" +.TH x2gobroker-testauth 1 "Feb 2014" "Version 0.0.3.x" "X2Go Session Broker" .SH NAME x2gobroker-testauth \- Session Broker for X2Go (Authentication Test Utility) .SH SYNOPSIS @@ -25,7 +25,7 @@ x2gobroker-testauth \- Session Broker for X2Go (Authentication Test Utility) \fBx2gobroker-testauth\fR is an authentication test utility for X2Go Session Broker. .PP WARNING: please know that the credentials you use for testing broker authentication will -get revealed in your shell's history file (e.g. ~/.bash_history). +get revealed in your shell's history file (e.g. \fI~/.bash_history\fR). .SH COMMON OPTIONS \fBx2gobroker-testauth\fR displays some help on command line options: .TP diff --git a/man/man1/x2gobroker.1 b/man/man1/x2gobroker.1 index 5159d60..1ae8420 100644 --- a/man/man1/x2gobroker.1 +++ b/man/man1/x2gobroker.1 @@ -5,7 +5,7 @@ \\$2 \(la\\$1\(ra\\$3 .. .if \n(.g .mso www.tmac -.TH x2gobroker 1 "Jan 2014" "Version 0.0.3.x" "X2Go Session Broker" +.TH x2gobroker 1 "Feb 2014" "Version 0.0.3.x" "X2Go Session Broker" .SH NAME x2gobroker \- Session Broker for X2Go .SH SYNOPSIS @@ -58,7 +58,7 @@ It is possible to enforce a stronger authentication via an additional pre\-share cookie must be stored in a client-side file so that X2Go Client can access it and then pass it on to the X2Go Session Broker (via the X2Go Client option \-\-auth-id=<fullpath-to-file>) while authenticating against the broker. -The server-side cookie hash can be set in /etc/x2go/x2gobroker.conf (option: my-cookie). You have to set +The server-side cookie hash can be set in \fI/etc/x2go/x2gobroker.conf\fR (option: my-cookie). You have to set the option require-cookie-auth to true to enable the additional cookie comparison in the X2Go Session Broker. .TP \*(T<\fB\-\-profile-id, \-\-sid SESSION_PROFILE_ID\fR\*(T> @@ -76,10 +76,10 @@ The [address:]port that the Tornado http-engine will bind to (default: 127.0.0.1 Fork this application to background and detach from the running terminal. .TP \*(T<\fB\-P, \-\-pidfile\fR\*(T> -Custom PID file location when daemonizing (default: <RUNDIR>/x2gobroker/x2gobroker-daemon.pid). +Custom PID file location when daemonizing (default: \fI<RUNDIR>/x2gobroker/x2gobroker-daemon.pid\fR). .TP \*(T<\fB\-L, \-\-logdir\fR\*(T> -Directory where stdout/stderr will be redirected after having daemonized (default: /var/log/x2gobroker/). +Directory where stdout/stderr will be redirected after having daemonized (default: \fI/var/log/x2gobroker/\fR). .TP \*(T<\fB\-D, \-\-drop\-privileges\fR\*(T> If started as root, drop privileges to uid X2GO_DAEMON_USER and gid X2GO_DAEMON_GROUP (as configured diff --git a/man/man8/x2gobroker-authservice.8 b/man/man8/x2gobroker-authservice.8 index 65af01f..eff8569 100644 --- a/man/man8/x2gobroker-authservice.8 +++ b/man/man8/x2gobroker-authservice.8 @@ -5,7 +5,7 @@ \\$2 \(la\\$1\(ra\\$3 .. .if \n(.g .mso www.tmac -.TH x2gobroker-authservice 8 "Jan 2014" "Version 0.0.3.x" "X2Go Session Broker" +.TH x2gobroker-authservice 8 "Feb 2014" "Version 0.0.3.x" "X2Go Session Broker" .SH NAME x2gobroker-authservice \- PAM authentication service for X2Go Session Broker .SH SYNOPSIS @@ -29,7 +29,7 @@ requires root privileges in most cases (esp. for pam_unix.so). .PP Thus, the PAM authentication has been moved into a separate service. The communication between X2Go Session Broker and PAM Authentication Service is handled through a -unix domain socket file ($RUNDIR/x2gobroker/x2gobroker-authservice.socket). +unix domain socket file (\fI<RUNDIR>/x2gobroker/x2gobroker-authservice.socket\fR). .PP This command is normally started through an init script. .SH COMMON OPTIONS @@ -42,10 +42,10 @@ Display a help with all available command line options and exit. Fork this application to background and detach from the running terminal. .TP \*(T<\fB\-P, \-\-pidfile\fR\*(T> -Custom PID file location when daemonizing (default: <RUNDIR>/x2gobroker/x2gobroker-authservice.pid). +Custom PID file location when daemonizing (default: \fI<RUNDIR>/x2gobroker/x2gobroker-authservice.pid\fR). .TP \*(T<\fB\-L, \-\-logdir\fR\*(T> -Directory where stdout/stderr will be redirected after having daemonized (default: /var/log/x2gobroker/). +Directory where stdout/stderr will be redirected after having daemonized (default: \fI/var/log/x2gobroker/\fR). .TP \*(T<\fB\-s <AUTHSOCKET>, \-\-socket <AUTHSOCKET>\fR\*(T> File name of the unix domain socket file used for communication between broker and authentication service. @@ -59,7 +59,7 @@ Group ownership of the \fI<AUTHSOCKET>\fR file. \*(T<\fB\-p <PERMISSIONS>, \-\-permissions <PERMISSIONS>\fR\*(T> Set these file permissions for the \fI<AUTHSOCKET>\fR file. Use numerical permissions (e.g. 0640). .SH "FILES" -$RUNDIR/x2gobroker/x2gobroker-authservice.socket +<RUNDIR>/x2gobroker/x2gobroker-authservice.socket .SH AUTHOR This manual has been written for the X2Go project by Mike Gabriel <mike.gabriel@das-netzwerkteam.de>. diff --git a/man/man8/x2gobroker-daemon-debug.8 b/man/man8/x2gobroker-daemon-debug.8 index eb200cf..4f654ec 100644 --- a/man/man8/x2gobroker-daemon-debug.8 +++ b/man/man8/x2gobroker-daemon-debug.8 @@ -5,7 +5,7 @@ \\$2 \(la\\$1\(ra\\$3 .. .if \n(.g .mso www.tmac -.TH x2gobroker-daemon-debug 8 "Jan 2014" "Version 0.0.3.x" "X2Go Session Broker" +.TH x2gobroker-daemon-debug 8 "Feb 2014" "Version 0.0.3.x" "X2Go Session Broker" .SH NAME x2gobroker-daemon-debug \- Debug X2Go Session Broker's Standalone Daemon .SH SYNOPSIS diff --git a/man/man8/x2gobroker-keygen.8 b/man/man8/x2gobroker-keygen.8 index f1e5531..0ce7be5 100644 --- a/man/man8/x2gobroker-keygen.8 +++ b/man/man8/x2gobroker-keygen.8 @@ -5,7 +5,7 @@ \\$2 \(la\\$1\(ra\\$3 .. .if \n(.g .mso www.tmac -.TH x2gobroker-keygen 8 "Jan 2014" "Version 0.0.3.x" "X2Go Session Broker" +.TH x2gobroker-keygen 8 "Feb 2014" "Version 0.0.3.x" "X2Go Session Broker" .SH NAME x2gobroker-keygen \- Generate SSH keys for X2Go Session Broker .SH SYNOPSIS diff --git a/man/man8/x2gobroker-pubkeyauthorizer.8 b/man/man8/x2gobroker-pubkeyauthorizer.8 index 2db6dbe..8d9ee9c 100644 --- a/man/man8/x2gobroker-pubkeyauthorizer.8 +++ b/man/man8/x2gobroker-pubkeyauthorizer.8 @@ -5,7 +5,7 @@ \\$2 \(la\\$1\(ra\\$3 .. .if \n(.g .mso www.tmac -.TH x2gobroker-pubkeyauthorizer 8 "Jan 2014" "Version 0.0.3.x" "X2Go Session Broker" +.TH x2gobroker-pubkeyauthorizer 8 "Feb 2014" "Version 0.0.3.x" "X2Go Session Broker" .SH NAME x2gobroker-pubkeyauthorizer \- Retrieve public SSH keys from an X2Go Session Broker .SH SYNOPSIS @@ -23,7 +23,7 @@ x2gobroker-pubkeyauthorizer \- Retrieve public SSH keys from an X2Go Session Bro 'hy .SH DESCRIPTION \fBx2gobroker-pubkeyauthorizer\fR retrieves the X2Go Session Broker's public SSH key(s) and -adds it to ~x2gobroker/.ssh/authorized_keys. +adds it to \fI~x2gobroker/.ssh/authorized_keys\fR. .PP This command has to be executed once on each X2Go Server that is to become a member of a muli-node X2Go server farm. The execution of this command requires root-privileges. @@ -36,7 +36,7 @@ Display a help with all available command line options and exit. .TP \*(T<\fB\-b <BROKER_URL>, \-\-broker-url <BROKER_URL>\fR\*(T> The URL of the X2Go Session Broker that we want to retrieve public keys from. -The common pattern for this URL is http(s)://<broker_hostname>:<port>/pubkeys/, but may differ +The common pattern for this URL is \fIhttp(s)://<broker_hostname>:<port>/pubkeys/\fR, but may differ depending on your X2Go Session Broker setup. .SH "FILES" ~x2gobroker/.ssh/authorized_keys -- Alioth's /srv/git/_hooks_/post-receive-email on /srv/git/code.x2go.org/x2gobroker.git
-
git-admin@x2go.org