Bug#200: When user-directories do not exist, saving sqlpass with x2godbadmin is not possible
Package: x2goserver Version: 4.0.0.1 Tag: patch
when a user directory does not exist yet (and is deeper than /home/$USER), the call of x2godbadmin --createuser fails:
create DB user "x2gouser_test" Can't open password file /home/prod/user/test/.x2go/sqlpass at /usr/sbin/x2godbadmin line 350.
The reason is the mkdir call, which does not recursively create the directory needed. See patch attached.
- mike
Hi, Michael.
system("mkdir -p $dir/.x2go"); Are you sure that nothing will break if `$dir' contains space or some other special^W sensitive characters? Of course, i understand that using such characters in homedir path is a really bad idea but.. i think apps must be secure by design.
And second thing:
and is deeper than /home/$USER I think that this comment is wrong. As I understand, it doesn't matter how deep dir, what matters is whether user's homedir exits or not. And if I've understood correctly (manual page for x2godbadmin is too short, although comments in the program are rather good) x2godbadmin doesn't create users, it only manages DB and creates ~/.x2go/ part if it's missing. So, if user is present in system (getpwnam returns info about existing users) but his homedir is missing I think that it's better to issue some warning instead of silent homedir creation (at least because this homedir won't contain files from /etc/skel, especially ~/.profile and ~/.bashrc).
Hi Nable,
system("mkdir -p $dir/.x2go"); Are you sure that nothing will break if `$dir' contains space or some other special^W sensitive characters? Of course, i understand that using such characters in homedir path is a really bad idea but.. i think apps must be secure by design.
Well, I don't mind fixing this to be safe with special chars ... ;) I however really doubt administrators to set homedirs to something with spaces or special chars.
And second thing:
and is deeper than /home/$USER I think that this comment is wrong. As I understand, it doesn't matter how deep dir, what matters is whether user's homedir exits or not. And if I've understood correctly (manual page for x2godbadmin is too short, although comments in the program are rather good) x2godbadmin doesn't create users, it only manages DB and creates ~/.x2go/ part if it's missing.
Yes, true. It doesn't matter how deep it needs to be, however its a rather common case wanting to provide access to someone which does not have its homedir created yet.
So, if user is present in system (getpwnam returns info about existing users) but his homedir is missing I think that it's better to issue some warning instead of silent homedir creation (at least because this homedir won't contain files from /etc/skel, especially ~/.profile and ~/.bashrc).
Well, I disagree. You would simply still not be able to login. I think either error or success is the way to go - I rather decided to use success for the sake of creating an empty home. At some point you are right, as you would automatically disable pam_mkhomedir as it would not complain a missing homedir - The practial downside is the missing skeleton copy at creation time.
Ideas?
- mike
X2Go-Dev mailing list X2Go-Dev@lists.berlios.de https://lists.berlios.de/mailman/listinfo/x2go-dev
Am 07.05.2013 22:14, schrieb Michael Kromer:
Well, I don't mind fixing this to be safe with special chars ...;) I however really doubt administrators to set homedirs to something with spaces or special chars.
I could imagine that it may well happen in a mixed Windows/Linux-Environment, where user management is done in an ActiveDirectory, and certain PAM modules are used for authentication and automatic creation of homedirs. Pimplefaced Joe Random Winadmin might use "Firstname Lastname" as account naming scheme on the Windows side. If you have a PAM mechanism in place that creates missing homedirs and simply use /home/usernamepassedfromwindows, you may end up with spaces in that directory name. Or, in a multi-domain environment, with subdirectories like /home/domain1/sampleuser and /home/domain2/johndoe. And it *might* even be possible to use a special char as a domain separator instead of creating subdirectories, like /home/domain1+johndoeindomain1 /home/domain2+johndoeindomain2. I've never tried that with PAM and autocreating home directories, but I remember that "back in the days" there were issues when connecting to multiple AD domains and thus it was recommended to use a special char as separator between AD domain and user name, rather than the standard one.
Just a few words of warning from an old geezer. ;-)
I've thought a bit and finally I can write some ideas.
Well, I don't mind fixing this to be safe with special chars ... ;) I however really doubt administrators to set homedirs to something with spaces or special chars. 1.1. I was always taught that programs must be secure by design. At least one should do his best trying to achieve it. In this exact case it seems that it's not hard to make system() call more secure: see http://stackoverflow.com/questions/619926/should-i-escape-shell-arguments-in... as example. Tl;dr: One should use
system $cmd, @args' rather thansystem "$cmd @args"'. 1.2. I don't have pam_mkhomedir in my setups. But for those who have it may be better to do something like `su - $username -c /bin/true' to create a good homedir with skeleton files instead of empty one, although i'm not sure that it works, see https://bugzilla.redhat.com/show_bug.cgi?id=77791 for example. 1.3. +1 to Stefan for domain setups. I even have one. Oh, this thread brings me the idea that I should also add pam_mkhomedir to it.
Ideas?
- Somehow like this (sorry, i'm not ready to provide a patch at the moment, so just pseudoperl) : if (! -d "$dir") # Try pam_mkhomedir way open my $output, "-|", "su", ("-", "$name", "-c", "pwd"); # is using /bin/pwd better? while (<$output>) { # sorry, i don't remember the way to read full line w/o `while' chomp; if ($_ ne $dir) { # Failed? Use force. system "mkdir", ("-p", "$dir/.x2go"); # is using /bin/mkdir better? print "Here we should show some HUGE warning"; } break; } close $output; } if (! -d $dir/.x2go) { mkdir ("$dir/.x2go"); }
-
Michael Kromer -
Nable 80 -
Stefan Baur