This is an automated email from the git hooks/post-receive script. x2go pushed a change to branch master in repository x2gobroker. from 1abd30c If a single-host is unreachable, return the host address, not the hostname and let X2Go Client release itself, that the host is unreachable. new 4fd93a0 x2gobroker-loadchecker: Don't freeze if load information for a complete load-balanced server farm is unavailable. new 125c6ec fix for 7b98c0514eaae794ce5880f86bab12f3a2bf9766 new 2ab4eec x2gobroker-pubkeyauthorizer: Handle replacement of SSH pubkeys with wrong/ old SSH options. The 3 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "adds" were already present in the repository and have only been added to this reference. Summary of changes: debian/changelog | 4 ++++ lib/x2gobroker-agent.pl | 6 ++++++ sbin/x2gobroker-loadchecker | 1 + sbin/x2gobroker-pubkeyauthorizer | 15 ++++++++++++--- x2gobroker/web/extras.py | 4 ++-- 5 files changed, 25 insertions(+), 5 deletions(-) -- Alioth's /srv/git/code.x2go.org/x2gobroker.git//..//_hooks_/post-receive-email on /srv/git/code.x2go.org/x2gobroker.git
This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch master in repository x2gobroker. commit 4fd93a0a156dd813730bb1e91ecfdc3b2b8bd598 Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Wed Apr 1 10:09:35 2015 +0200 x2gobroker-loadchecker: Don't freeze if load information for a complete load-balanced server farm is unavailable. --- debian/changelog | 2 ++ sbin/x2gobroker-loadchecker | 1 + 2 files changed, 3 insertions(+) diff --git a/debian/changelog b/debian/changelog index d51bd70..45e4ccd 100644 --- a/debian/changelog +++ b/debian/changelog @@ -296,6 +296,8 @@ x2gobroker (0.0.3.0-0x2go1) UNRELEASED; urgency=low - Don't enforce agent query mode "SSH" for x2gobroker-ssh anymore. - If a single-host is unreachable, return the host address, not the hostname and let X2Go Client release itself, that the host is unreachable. + - x2gobroker-loadchecker: Don't freeze if load information for a complete + load-balanced server farm is unavailable. * debian/control: + Provide separate bin:package for SSH brokerage: x2gobroker-ssh. + Replace LDAP support with session brokerage support in LONG_DESCRIPTION. diff --git a/sbin/x2gobroker-loadchecker b/sbin/x2gobroker-loadchecker index 0243dca..bdc88f6 100755 --- a/sbin/x2gobroker-loadchecker +++ b/sbin/x2gobroker-loadchecker @@ -96,6 +96,7 @@ class LoadCheckerServiceHandler(asyncore.dispatcher_with_send): if self.logger: self.logger.warning('LoadCheckServiceHandler.handle_read(): load check failure for backend={backend}, profile_id={profile_id}, hostname={hostname}: LOAD-UNAVAILABLE'.format(backend=backend, profile_id=profile_id, hostname=h)) else: if self.logger: self.logger.warning('LoadCheckServiceHandler.handle_read(): load check failure for backend={backend}, profile_id={profile_id}: LOAD-UNAVAILABLE'.format(backend=backend, profile_id=profile_id)) + output += "\n" self.send(output) def handle_close(self): -- Alioth's /srv/git/code.x2go.org/x2gobroker.git//..//_hooks_/post-receive-email on /srv/git/code.x2go.org/x2gobroker.git
This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch master in repository x2gobroker. commit 125c6ecc28f3caee61daf4311068c57e0588c358 Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Wed Apr 1 10:42:10 2015 +0200 fix for 7b98c0514eaae794ce5880f86bab12f3a2bf9766 --- lib/x2gobroker-agent.pl | 6 ++++++ x2gobroker/web/extras.py | 4 ++-- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/lib/x2gobroker-agent.pl b/lib/x2gobroker-agent.pl index 2256f8c..b408b3b 100755 --- a/lib/x2gobroker-agent.pl +++ b/lib/x2gobroker-agent.pl @@ -25,6 +25,12 @@ use File::Basename; use File::Which; use POSIX; +# are we running via SSH's ForceCommand? +if ($ENV{"SSH_ORIGINAL_COMMAND"} =~ m/\/usr\/.*\/x2go\/x2gobroker-agent\ .*/ ) { + @ARGV = split / /, $ENV{'SSH_ORIGINAL_COMMAND'}; + @ARGV = @ARGV[1..$#ARGV]; +} + my @available_tasks = ( "availabletasks", "addauthkey", diff --git a/x2gobroker/web/extras.py b/x2gobroker/web/extras.py index d4e091f..fe63492 100644 --- a/x2gobroker/web/extras.py +++ b/x2gobroker/web/extras.py @@ -73,10 +73,10 @@ class X2GoBrokerPubKeyService(_RequestHandler): if os.path.exists('{home}/.ssh/id_rsa.pub'.format(home=broker_home)): pubkey = paramiko.RSAKey(filename='{home}/.ssh/id_rsa'.format(home=broker_home)) - output += 'command=/usr/lib/x2go/x2gobroker-agent,no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa {pubkey} {user}@{hostname}\n'.format(pubkey=str(pubkey.get_base64()), user=x2gobroker.defaults.X2GOBROKER_DAEMON_USER, hostname=x2gobroker.defaults.X2GOBROKER_HOSTNAME) + output += 'command="/usr/lib/x2go/x2gobroker-agent",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa {pubkey} {user}@{hostname}\n'.format(pubkey=str(pubkey.get_base64()), user=x2gobroker.defaults.X2GOBROKER_DAEMON_USER, hostname=x2gobroker.defaults.X2GOBROKER_HOSTNAME) if os.path.exists('{home}/.ssh/id_dsa.pub'.format(home=broker_home)): pubkey = paramiko.DSSKey(filename='{home}/.ssh/id_dsa'.format(home=broker_home)) - output += 'command=/usr/lib/x2go/x2gobroker-agent,no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-dss {pubkey} {user}@{hostname}\n'.format(pubkey=str(pubkey.get_base64()), user=x2gobroker.defaults.X2GOBROKER_DAEMON_USER, hostname=x2gobroker.defaults.X2GOBROKER_HOSTNAME) + output += 'command="/usr/lib/x2go/x2gobroker-agent",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-dss {pubkey} {user}@{hostname}\n'.format(pubkey=str(pubkey.get_base64()), user=x2gobroker.defaults.X2GOBROKER_DAEMON_USER, hostname=x2gobroker.defaults.X2GOBROKER_HOSTNAME) self.write(output) -- Alioth's /srv/git/code.x2go.org/x2gobroker.git//..//_hooks_/post-receive-email on /srv/git/code.x2go.org/x2gobroker.git
This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch master in repository x2gobroker. commit 2ab4eec987ab55dd496973b1727a4e9c992c6664 Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Wed Apr 1 14:17:35 2015 +0200 x2gobroker-pubkeyauthorizer: Handle replacement of SSH pubkeys with wrong/ old SSH options. --- debian/changelog | 2 ++ sbin/x2gobroker-pubkeyauthorizer | 15 ++++++++++++--- 2 files changed, 14 insertions(+), 3 deletions(-) diff --git a/debian/changelog b/debian/changelog index 45e4ccd..0f5d81f 100644 --- a/debian/changelog +++ b/debian/changelog @@ -298,6 +298,8 @@ x2gobroker (0.0.3.0-0x2go1) UNRELEASED; urgency=low and let X2Go Client release itself, that the host is unreachable. - x2gobroker-loadchecker: Don't freeze if load information for a complete load-balanced server farm is unavailable. + - x2gobroker-pubkeyauthorizer: Handle replacement of SSH pubkeys with wrong/ + old SSH options. * debian/control: + Provide separate bin:package for SSH brokerage: x2gobroker-ssh. + Replace LDAP support with session brokerage support in LONG_DESCRIPTION. diff --git a/sbin/x2gobroker-pubkeyauthorizer b/sbin/x2gobroker-pubkeyauthorizer index 619fe20..2bf6f8d 100755 --- a/sbin/x2gobroker-pubkeyauthorizer +++ b/sbin/x2gobroker-pubkeyauthorizer @@ -145,15 +145,23 @@ if __name__ == '__main__': logger_broker.info(' Found {i} public keys at URL {url}'.format(i=len(new_pubkeys), url=cmdline_args.broker_url)) tmpfile.close() + append_newline = "" try: read_authorized_keys = open('{home}/.ssh/authorized_keys'.format(home=broker_home), 'rb') - already_authorized_keys = read_authorized_keys.read().split('\n') + _content = read_authorized_keys.read() + if _content and ord(_content[-1]) != 10: + append_newline = '\n' + already_authorized_keys = _content.split('\n') read_authorized_keys.close() except IOError: already_authorized_keys = [] append_authorized_keys = open('{home}/.ssh/authorized_keys'.format(home=broker_home), 'ab') + if append_newline: + logger_broker.warning(' The file {authorized_keys} does not end with a newline character. Adding it.'.format(authorized_keys='{home}/.ssh/authorized_keys'.format(home=broker_home))) + append_authorized_keys.write(append_newline) + i = 0 to_be_removed = [] for new_pubkey in new_pubkeys: @@ -181,8 +189,9 @@ if __name__ == '__main__': keyopts = "" if " " in keytype: keyopts, keytype = keytype.rsplit(" ", 1) - if " ".join([keytype, pubkey, owner]) in already_authorized_keys: - to_be_removed.append(" ".join([keytype, pubkey, owner])) + for authorized_key in [ k for k in already_authorized_keys if k ]: + if authorized_key.endswith(" ".join([keytype, pubkey, owner])) and not authorized_key.startswith(keyopts): + to_be_removed.append(authorized_key) if new_pubkey not in already_authorized_keys: append_authorized_keys.write('{k}\n'.format(k=new_pubkey)) -- Alioth's /srv/git/code.x2go.org/x2gobroker.git//..//_hooks_/post-receive-email on /srv/git/code.x2go.org/x2gobroker.git
-
git-admin@x2go.org