x2go-dev

x2go-dev@lists.x2go.org

5400 discussions

Bug#223: X2Go issue (in src:nx-libs) has been marked as closed
by Mike Gabriel 30 Aug '13

30 Aug '13

close #223 thanks Hello, we are very hopeful that X2Go issue #223 reported by you has been resolved in the new release (2:3.5.0.21) of the X2Go source project »src:nx-libs«. You can view the complete changelog entry of src:nx-libs (2:3.5.0.21) below, and you can use the following link to view all the code changes between this and the last release of src:nx-libs. http://code.x2go.org/gitweb?p=nx-libs.git;a=commitdiff;h=422b1f554e5cb655b8… If you feel that the issue has not been resolved satisfyingly, feel free to reopen this bug report or submit a follow-up report with further observations described based on the new released version of src:nx-libs. Thanks a lot for contributing to X2Go!!! light+love X2Go Git Admin (on behalf of the sender of this mail) --- X2Go Component: src:nx-libs Version: 2:3.5.0.21 Status: RELEASE Date: Fri, 30 Aug 2013 16:18:04 +0200 Fixes: 199 223 238 293 Changes: nx-libs (2:3.5.0.21-0) RELEASED; urgency=low . [ Mike Gabriel ] * Provide a default keystrokes.cfg in /etc/nx (for nxagent) and /etc/x2go (for x2goagent). (Fixes: #199). * Use a keystrokes.cfg that reflects the normally hard-coded defaults of a vanilla nxagent. (Fixes: #223). * Set NXAGENT_KEYSTROKEFILE to /etc/x2go/keystrokes.cfg for wrapper x2goagent. * For vanilla nxagent move keystrokes.cfg from /etc/nx to /etc/nxagent. * Tarball roller script: + Only install keystrokes.cfg when in full mode. + Only install nxproxy wrapper when in lite mode. * /debian/control: + Add B-Ds: libfontconfig1-dev, libfontenc-dev. * /debian/nx-libs-dev.install: + Remove unrelated files from -dev package. * Fix keystrokes.cfg, use Ctrl+Alt+<key> instead of just Ctrl+<key>. (Adds to fixing #223). . [ Orion Poplawski ] * Change build options so that bundled libraries are not used anymore at build time. Remove bundled libraries from rolled tarballs, as well. (Fixes: #238). * Add patch: 602_nx-X11_initgroups.full.patch. Fix calling setuid and setgid without setgroups or initgroups. There is a high probability this means it didn't relinquish all groups, and this would be a potential security issue to be fixed. Seek POS36-C on the web for details about the problem. (Fixes: #293).

2 1

Bug#199: X2Go issue (in src:nx-libs) has been marked as closed
by Mike Gabriel 30 Aug '13

30 Aug '13

close #199 thanks Hello, we are very hopeful that X2Go issue #199 reported by you has been resolved in the new release (2:3.5.0.21) of the X2Go source project »src:nx-libs«. You can view the complete changelog entry of src:nx-libs (2:3.5.0.21) below, and you can use the following link to view all the code changes between this and the last release of src:nx-libs. http://code.x2go.org/gitweb?p=nx-libs.git;a=commitdiff;h=422b1f554e5cb655b8… If you feel that the issue has not been resolved satisfyingly, feel free to reopen this bug report or submit a follow-up report with further observations described based on the new released version of src:nx-libs. Thanks a lot for contributing to X2Go!!! light+love X2Go Git Admin (on behalf of the sender of this mail) --- X2Go Component: src:nx-libs Version: 2:3.5.0.21 Status: RELEASE Date: Fri, 30 Aug 2013 16:18:04 +0200 Fixes: 199 223 238 293 Changes: nx-libs (2:3.5.0.21-0) RELEASED; urgency=low . [ Mike Gabriel ] * Provide a default keystrokes.cfg in /etc/nx (for nxagent) and /etc/x2go (for x2goagent). (Fixes: #199). * Use a keystrokes.cfg that reflects the normally hard-coded defaults of a vanilla nxagent. (Fixes: #223). * Set NXAGENT_KEYSTROKEFILE to /etc/x2go/keystrokes.cfg for wrapper x2goagent. * For vanilla nxagent move keystrokes.cfg from /etc/nx to /etc/nxagent. * Tarball roller script: + Only install keystrokes.cfg when in full mode. + Only install nxproxy wrapper when in lite mode. * /debian/control: + Add B-Ds: libfontconfig1-dev, libfontenc-dev. * /debian/nx-libs-dev.install: + Remove unrelated files from -dev package. * Fix keystrokes.cfg, use Ctrl+Alt+<key> instead of just Ctrl+<key>. (Adds to fixing #223). . [ Orion Poplawski ] * Change build options so that bundled libraries are not used anymore at build time. Remove bundled libraries from rolled tarballs, as well. (Fixes: #238). * Add patch: 602_nx-X11_initgroups.full.patch. Fix calling setuid and setgid without setgroups or initgroups. There is a high probability this means it didn't relinquish all groups, and this would be a potential security issue to be fixed. Seek POS36-C on the web for details about the problem. (Fixes: #293).

2 1

Bug#293: X2Go issue (in src:nx-libs) has been marked as closed
by Mike Gabriel 30 Aug '13

30 Aug '13

close #293 thanks Hello, we are very hopeful that X2Go issue #293 reported by you has been resolved in the new release (2:3.5.0.21) of the X2Go source project »src:nx-libs«. You can view the complete changelog entry of src:nx-libs (2:3.5.0.21) below, and you can use the following link to view all the code changes between this and the last release of src:nx-libs. http://code.x2go.org/gitweb?p=nx-libs.git;a=commitdiff;h=422b1f554e5cb655b8… If you feel that the issue has not been resolved satisfyingly, feel free to reopen this bug report or submit a follow-up report with further observations described based on the new released version of src:nx-libs. Thanks a lot for contributing to X2Go!!! light+love X2Go Git Admin (on behalf of the sender of this mail) --- X2Go Component: src:nx-libs Version: 2:3.5.0.21 Status: RELEASE Date: Fri, 30 Aug 2013 16:18:04 +0200 Fixes: 199 223 238 293 Changes: nx-libs (2:3.5.0.21-0) RELEASED; urgency=low . [ Mike Gabriel ] * Provide a default keystrokes.cfg in /etc/nx (for nxagent) and /etc/x2go (for x2goagent). (Fixes: #199). * Use a keystrokes.cfg that reflects the normally hard-coded defaults of a vanilla nxagent. (Fixes: #223). * Set NXAGENT_KEYSTROKEFILE to /etc/x2go/keystrokes.cfg for wrapper x2goagent. * For vanilla nxagent move keystrokes.cfg from /etc/nx to /etc/nxagent. * Tarball roller script: + Only install keystrokes.cfg when in full mode. + Only install nxproxy wrapper when in lite mode. * /debian/control: + Add B-Ds: libfontconfig1-dev, libfontenc-dev. * /debian/nx-libs-dev.install: + Remove unrelated files from -dev package. * Fix keystrokes.cfg, use Ctrl+Alt+<key> instead of just Ctrl+<key>. (Adds to fixing #223). . [ Orion Poplawski ] * Change build options so that bundled libraries are not used anymore at build time. Remove bundled libraries from rolled tarballs, as well. (Fixes: #238). * Add patch: 602_nx-X11_initgroups.full.patch. Fix calling setuid and setgid without setgroups or initgroups. There is a high probability this means it didn't relinquish all groups, and this would be a potential security issue to be fixed. Seek POS36-C on the web for details about the problem. (Fixes: #293).

2 1

Bug#238: X2Go issue (in src:nx-libs) has been marked as closed
by Mike Gabriel 30 Aug '13

30 Aug '13

close #238 thanks Hello, we are very hopeful that X2Go issue #238 reported by you has been resolved in the new release (2:3.5.0.21) of the X2Go source project »src:nx-libs«. You can view the complete changelog entry of src:nx-libs (2:3.5.0.21) below, and you can use the following link to view all the code changes between this and the last release of src:nx-libs. http://code.x2go.org/gitweb?p=nx-libs.git;a=commitdiff;h=1102c6c766cfca9136… If you feel that the issue has not been resolved satisfyingly, feel free to reopen this bug report or submit a follow-up report with further observations described based on the new released version of src:nx-libs. Thanks a lot for contributing to X2Go!!! light+love X2Go Git Admin (on behalf of the sender of this mail) --- X2Go Component: src:nx-libs Version: 2:3.5.0.21 Status: RELEASE Date: Fri, 30 Aug 2013 16:18:04 +0200 Fixes: 199 223 238 293 Changes: nx-libs (2:3.5.0.21-0) RELEASED; urgency=low . [ Mike Gabriel ] * Provide a default keystrokes.cfg in /etc/nx (for nxagent) and /etc/x2go (for x2goagent). (Fixes: #199). * Use a keystrokes.cfg that reflects the normally hard-coded defaults of a vanilla nxagent. (Fixes: #223). * Set NXAGENT_KEYSTROKEFILE to /etc/x2go/keystrokes.cfg for wrapper x2goagent. * For vanilla nxagent move keystrokes.cfg from /etc/nx to /etc/nxagent. * Tarball roller script: + Only install keystrokes.cfg when in full mode. + Only install nxproxy wrapper when in lite mode. * /debian/control: + Add B-Ds: libfontconfig1-dev, libfontenc-dev. * /debian/nx-libs-dev.install: + Remove unrelated files from -dev package. * Fix keystrokes.cfg, use Ctrl+Alt+<key> instead of just Ctrl+<key>. (Adds to fixing #223). . [ Orion Poplawski ] * Change build options so that bundled libraries are not used anymore at build time. Remove bundled libraries from rolled tarballs, as well. (Fixes: #238). * Add patch: 602_nx-X11_initgroups.full.patch. Fix calling setuid and setgid without setgroups or initgroups. There is a high probability this means it didn't relinquish all groups, and this would be a potential security issue to be fixed. Seek POS36-C on the web for details about the problem. (Fixes: #293).

2 1

Bug#199: X2Go issue (in src:nx-libs) has been marked as closed
by Mike Gabriel 30 Aug '13

30 Aug '13

close #199 thanks Hello, we are very hopeful that X2Go issue #199 reported by you has been resolved in the new release (2:3.5.0.21) of the X2Go source project »src:nx-libs«. You can view the complete changelog entry of src:nx-libs (2:3.5.0.21) below, and you can use the following link to view all the code changes between this and the last release of src:nx-libs. http://code.x2go.org/gitweb?p=nx-libs.git;a=commitdiff;h=1102c6c766cfca9136… If you feel that the issue has not been resolved satisfyingly, feel free to reopen this bug report or submit a follow-up report with further observations described based on the new released version of src:nx-libs. Thanks a lot for contributing to X2Go!!! light+love X2Go Git Admin (on behalf of the sender of this mail) --- X2Go Component: src:nx-libs Version: 2:3.5.0.21 Status: RELEASE Date: Fri, 30 Aug 2013 16:18:04 +0200 Fixes: 199 223 238 293 Changes: nx-libs (2:3.5.0.21-0) RELEASED; urgency=low . [ Mike Gabriel ] * Provide a default keystrokes.cfg in /etc/nx (for nxagent) and /etc/x2go (for x2goagent). (Fixes: #199). * Use a keystrokes.cfg that reflects the normally hard-coded defaults of a vanilla nxagent. (Fixes: #223). * Set NXAGENT_KEYSTROKEFILE to /etc/x2go/keystrokes.cfg for wrapper x2goagent. * For vanilla nxagent move keystrokes.cfg from /etc/nx to /etc/nxagent. * Tarball roller script: + Only install keystrokes.cfg when in full mode. + Only install nxproxy wrapper when in lite mode. * /debian/control: + Add B-Ds: libfontconfig1-dev, libfontenc-dev. * /debian/nx-libs-dev.install: + Remove unrelated files from -dev package. * Fix keystrokes.cfg, use Ctrl+Alt+<key> instead of just Ctrl+<key>. (Adds to fixing #223). . [ Orion Poplawski ] * Change build options so that bundled libraries are not used anymore at build time. Remove bundled libraries from rolled tarballs, as well. (Fixes: #238). * Add patch: 602_nx-X11_initgroups.full.patch. Fix calling setuid and setgid without setgroups or initgroups. There is a high probability this means it didn't relinquish all groups, and this would be a potential security issue to be fixed. Seek POS36-C on the web for details about the problem. (Fixes: #293).

2 1

Re: [X2Go-Dev] x2goserver packaging questions
by Mike Gabriel 30 Aug '13

30 Aug '13

HI Orion, I re-include x2go-dev, I hope that's ok. On Fr 30 Aug 2013 00:51:18 CEST Orion Poplawski wrote: > So: > > - Why split out -compat? Doesn't seem to add any dependencies. Not necessarily needed. /me thinks about removing the compat commands completely, as they have been obsolete for more then 3 years now. > - Why split out -extensions? Okay, does pull x11-xkb-utils which > isn't otherwise required, but it appears to be recommended that you > have it. rpm doesn't have the concept of "Recommends" or > "Suggests", just hard dependencies. In some setups, the site admin may decide to leave it uninstalled. (Or rather: to uninstall it after it got pulled in via Recommends: field in /debian/control). Also, removing x2goserver-extensions may ease the X2Go Server debugging in some occasions. > - Why split out -xsession? Adds dep on x11-common which appears to > not be otherwise required. Only suggested. The -xsession package is only necessary for people providing a full screen desktop shell. For people providing SaaS the -xsession package is not needed. And x11-common is normally not needed for X2Go functionality. We hook into the system's Xsession scripts (via symlinking), so that's why we depend on x11-common here. > - Why split out -fmbindings? Adds deps on xdg-utils, > desktop-file-utils (although for Fedora, this is not required, but > xdg-utils requires it). Although it seems nearly impossible to > install almost any desktop without xdg-utils (lxde and xfce seem to > require it), and it is tiny and has few dependencies. Instead of x2goserver-fmbindings people can use x2go*bindings. Also site admins may not want to add desktop icon support for locally shared folders. > - Why split out -pyhoca? Does not appear to add any dependencies. > Doesn't appear to do anything as far as I can see. The -pyhoca package is deprecated. It stems from a time when I was to shy to add functionalty to the x2goserver core package when I needed it for pyhoca-gui. This shyness is obviously gone... I will remove the x2goserver-pyhoca package in some future release completely. So ignore it. > I already split out -printing, although I'm not sure that added much > (perl(File::Basename), perl(File::Copy)), so that might have been > silly. So, I guess I could see splitting out -xsession and possibly > -fmbindings, but that's about it. Splitting out printing is a must IMHO as it creates a separate user:group (x2goprint:x2goprint). > Looking at dependencies: > > - lsof - from x2goshowblocks: > > my @outp=dbsys_getmounts( $id); > for (my $i=0;$i<@outp;$i++) > { > my $path=(split("\|",@outp[$i]))[1]; > print `su $uname -c "lsof 2>/dev/null | grep $path"`; > } > > Hmm, it's inefficient if there are more than one mount entries, but > otherwise I don't see a better way of doing it off hand. But this I > could actually imagine going into a utils/debug package. Unless it > is used for something else? Yeah. This can surely be improved. > - bc - from x2goruncommand > > echo "$DISTRIB_RELEASE >= 11.10" | bc > > Actually, not that much on my machine depends on bc. Since > x2goserver already depends on perl, I'd be tempted to use that > instead: > > perl -e "print $DISTRIB_RELEASE >= 11.10" As the x2goruncommand should be turned into Perl at some time later, I will be happy to accept a tested patch for this. Mike -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabriel(a)das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.x…

1 0

Bug#223: X2Go issue (in src:nx-libs) has been marked as pending for release
by Mike Gabriel 29 Aug '13

29 Aug '13

tag #223 pending fixed #223 2:3.5.0.21 thanks Hello, X2Go issue #223 (src:nx-libs) reported by you has been fixed in X2Go Git. You can see the changelog below, and you can check the diff of the fix at: http://code.x2go.org/gitweb?p=nx-libs.git;a=commitdiff;h=13f2b57 The issue will most likely be fixed in src:nx-libs (2:3.5.0.21). light+love X2Go Git Admin (on behalf of the sender of this mail) --- commit 13f2b57d421b6a5ee71effaa6e5da17b1554ac4e Author: Mike Gabriel <mike.gabriel(a)das-netzwerkteam.de> Date: Thu Aug 29 22:58:19 2013 +0200 Fix keystrokes.cfg, use Ctrl+Alt+<key> instead of just Ctrl+<key>. (Adds to fixing #223). diff --git a/debian/changelog b/debian/changelog index b523ee1..401f334 100644 --- a/debian/changelog +++ b/debian/changelog @@ -14,6 +14,8 @@ nx-libs (2:3.5.0.21-0) UNRELEASED; urgency=low + Add B-Ds: libfontconfig1-dev, libfontenc-dev. * /debian/nx-libs-dev.install: + Remove unrelated files from -dev package. + * Fix keystrokes.cfg, use Ctrl+Alt+<key> instead of just Ctrl+<key>. (Adds to + fixing #223). [ Orion Poplawski ] * Change build options so that bundled libraries are not used anymore at

2 1

Bug#293: X2Go issue (in src:nx-libs) has been marked as pending for release
by Mike Gabriel 29 Aug '13

29 Aug '13

tag #293 pending fixed #293 2:3.5.0.21 thanks Hello, X2Go issue #293 (src:nx-libs) reported by you has been fixed in X2Go Git. You can see the changelog below, and you can check the diff of the fix at: http://code.x2go.org/gitweb?p=nx-libs.git;a=commitdiff;h=0946b43 The issue will most likely be fixed in src:nx-libs (2:3.5.0.21). light+love X2Go Git Admin (on behalf of the sender of this mail) --- commit 0946b437570dea31365790d5cbf39c39f1b59c02 Author: Mike Gabriel <mike.gabriel(a)das-netzwerkteam.de> Date: Thu Aug 29 22:24:26 2013 +0200 Add patch: 602_nx-X11_initgroups.full.patch. Fix calling setuid and setgid without setgroups or initgroups. There is a high probability this means it didn't relinquish all groups, and this would be a potential security issue to be fixed. Seek POS36-C on the web for details about the problem. (Fixes: #293). diff --git a/debian/changelog b/debian/changelog index 2242a75..b523ee1 100644 --- a/debian/changelog +++ b/debian/changelog @@ -19,6 +19,11 @@ nx-libs (2:3.5.0.21-0) UNRELEASED; urgency=low * Change build options so that bundled libraries are not used anymore at build time. Remove bundled libraries from rolled tarballs, as well. (Fixes: #238). + * Add patch: 602_nx-X11_initgroups.full.patch. Fix calling setuid and setgid + without setgroups or initgroups. There is a high probability this means it + didn't relinquish all groups, and this would be a potential security issue + to be fixed. Seek POS36-C on the web for details about the problem. (Fixes: + #293). -- Mike Gabriel <mike.gabriel(a)das-netzwerkteam.de> Thu, 28 Mar 2013 21:07:42 +0100

2 1

setuid/setgid in libXcomp
by Orion Poplawski 29 Aug '13

29 Aug '13

Can anyone explain to my why libXcomp calls setgid/setuid in Pipe.cpp:Popen() after calling fork()? It also isn't checking the results of the call, but I'm really not sure why the calls are there in the first place. switch (pid = Fork()) { ... case 0: { // // Child. // setgid(getgid()); setuid(getuid()); Nothing is running as a setuid/setgid process is it? -- Orion Poplawski Technical Manager 303-415-9701 x222 NWRA, Boulder/CoRA Office FAX: 303-415-9702 3380 Mitchell Lane orion(a)nwra.com Boulder, CO 80301 http://www.nwra.com

3 6

Bug#293: Use initgroups() to initialize group access list
by Orion Poplawski 29 Aug '13

29 Aug '13

Package: nx-libs Tags: patch The Fedora review of nx-libs caught the following rpmlint issue: This executable is calling setuid and setgid without setgroups or initgroups. There is a high probability this mean it didn't relinquish all groups, and this would be a potential security issue to be fixed. Seek POS36-C on the web for details about the problem. Ref POS36-C: https://www.securecoding.cert.org/confluence/display/seccode/POS36-C.+Obser… This patch adds initgroups() calls to code to initialize the supplemental group list. I'm done some minimal testing (can connect to a session with client and server running this code), but I'm note sure how much that exercised it. -- Orion Poplawski Technical Manager 303-415-9701 x222 NWRA, Boulder/CoRA Office FAX: 303-415-9702 3380 Mitchell Lane orion(a)nwra.com Boulder, CO 80301 http://www.nwra.com

1 0

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

x2go-dev