Hi Mike,
Am Mittwoch, 26. Januar 2011 schrieb Mike Gabriel:
On Mi 26 Jan 2011 10:55:08 CET Martin Steigerwald wrote:
I think it would make the issue go away, but we do not want to run (insecure) NFS without rootsquash. Then chmod 777 to ~/.x2go/ssh and probably (is it needed?) ~/.x2go as well IMHO is the less invasive approach.
You are talking about the x2goserver side, aren't you.
The x2goserver package is currently undergoing a complete rewrite due to some security breaches reported a few days ago on this list.
As far as I know, Alex managed to get rid of all sudo calls in the x2goserver package. (which is also a blessing for the auth.log which got spammed with plenty of sudo log entries before).
The rewrite might solve your issues and it will be out for testing in a couple of days (AFAIK).
However, on the todo list still (i.e. my personal todo list as contributor) is taking a look at x2goprint which also uses sudo calls. These do also fail on NFS volumes (esp. when mounted with one of Kerberos's krb5<x> security mechanisms).
Good to read. Then I will just be looking forward to that new version and retest then. We do not need client side printing as we have a central CUPS server and network printers.
Thanks,
Martin Steigerwald - team(ix) GmbH - http://www.teamix.de gpg: 19E3 8D42 896F D004 08AC A0CA 1E10 C593 0399 AE90