Hi,
Am 09.08.2010 17:12 schrieb contact@gmli.fr:
- prevent users from resuming their session Is there a way to prevent this ? Or use some kind of "filter" command
automatically ?
I use a sshCommand overwriting for this, but it requires that you logon using a ssh-key.
Maybe you can adopt it for your needs:
.ssh/authorized_keys: command="/home/username/safe.pl",from="anzeiger??.domain" ssh-rsa KEY
/home/username/safe.pl: #!/usr/bin/perl
$cmd = $ENV{'SSH_ORIGINAL_COMMAND'};
#open(LOG,">>/home/username/x2gologs"); #print LOG "$cmd\n"; #close(LOG);
if ($cmd eq "export HOSTNAME && x2golistsessions") { # no resume of sessions exit; } elsif ($cmd =~ /^x2gocmdexitmessage username-[0-9]+-[a-z0-9A-Z_.]$/) { system($cmd); } elsif ($cmd =~ /^x2gostartagent (\d+x\d+|fullscreen) [a-z]+ [a-z0-9-]+ [a-z0-9_-]+ [a-z]{2,3} pc105\/[a-z]{2,3} [01]( R [a-z0-9-]+)?$/) { system($cmd); } elsif ($cmd =~ /^(setsid x2goruncommand \d+ \d+ username-\d+-\d+(?:_[a-zA-Z0-9_.-]+)? \d+) start-anzeiger-(NONE|[a-z0-9]{32}) ((?:nosnd R)?\s*>& \/dev\/null & exit)\s*$/) { system("$1 \"/home/username/startanzeiger.sh\" $3"); } elsif ($cmd =~ /^(x2goterminate-session|x2gocmdexitmessage) username-\d+-\d+_[a-zA-Z0-9_.-]+$/) { system($cmd); } else { if ($cmd =~ /^mkdir/) { exit; } open(LOG,">>/home/username/x2gologs"); print LOG "NO: $cmd\n"; close(LOG); # system($cmd); }
startanzeiger.sh: #!/bin/bash PROFILEDIR="/home/username/.mozilla/firefox/" TMPDIR=$(mktemp -d -p $PROFILEDIR) PROFILE=${TMPDIR:${#PROFILEDIR}} cp -a $PROFILEDIR/5jklba54.default/* $TMPDIR lockfile -5 -r-1 -L 20 $PROFILEDIR/lock.trg cat $PROFILEDIR/profiles-def.ini > $PROFILEDIR/profiles.ini echo "[Profile1]" >> $PROFILEDIR/profiles.ini echo "Name=$PROFILE" >> $PROFILEDIR/profiles.ini echo "IsRelative=1" >> $PROFILEDIR/profiles.ini echo "Path=$PROFILE" >> $PROFILEDIR/profiles.ini echo "Default=0" >> $PROFILEDIR/profiles.ini iceweasel -P $PROFILE rm -rf $TMPDIR
And I set up a cronjob for that user: # m h dom mon dow command 3 6 * * 6 find /home/username/.nx /home/username/.x2go/ -mindepth 1 -maxdepth 1 -mtime +5 -print0 | xargs -0 rm -rf
-- Best regards, Sven Strickroth ClamAV, a GPL anti-virus toolkit http://www.clamav.net PGP key id F5A9D4C4 @ any key-server