Hello x2go people :)
i have a server running Ubuntu 11.10 with an x2goserver installation, version 3.0.99.10-0~434~oneiric1, and it is running well and stable.
We had some strange problems, though. We contacted a school, who would help us test the server under daily use, and made some test users for them, called "test-*their name*". When they, and i, tried to log into those users, the client would freeze, no error message or anything. On the server, the x2goagent would run amok, soaking up CPU power. The problem seems to occur only on users with dashes in their names.
Can anyone replicate this? it is quite strange
Venlig Hilsen / Best Regards Christoffer Krakou Fleten.net APS
On Tuesday 2012-02-21 12:58, christoffer krakou wrote:
We had some strange problems, though. We contacted a school, who would help us test the server under daily use, and made some test users for them, called "test-*their name*". When they, and i, tried to log into those users, the client would freeze, no error message or anything. On the server, the x2goagent would run amok, soaking up CPU power. The problem seems to occur only on users with dashes in their names.
Hm, and I would have expected for it to be usernames with spaces to go havoc (those occur esp. in winbind-ed environments), since the x2go stack has a notorious underquoting of shell variables all over the place.
[Exhibit 1]
./x2goserver_3.0.99.10/x2goserver/bin/x2gostartagent:
OUTPUT=x2godesktopsharing client $X2GO_CLIENT $X2GO_GEOMETRY $X2GO_LINK $X2GO_PACK $X2GO_TYPE $X2GO_KBD_LAYOUT $X2GO_KBD_TYPE $X2GO_SET_KBD $X2GO_STYPE $X2GO_CMD $USER
Hi Jan, hi Alex et al.
On Di 21 Feb 2012 13:18:27 CET Jan Engelhardt wrote:
On Tuesday 2012-02-21 12:58, christoffer krakou wrote:
We had some strange problems, though. We contacted a school, who would help us test the server under daily use, and made some test users for them, called "test-*their name*". When they, and i, tried to log into those users, the client would freeze, no error message or anything. On the server, the x2goagent would run amok, soaking up CPU power. The problem seems to occur only on users with dashes in their names.
Hm, and I would have expected for it to be usernames with spaces to go havoc (those occur esp. in winbind-ed environments), since the x2go stack has a notorious underquoting of shell variables all over the place.
[Exhibit 1] ./x2goserver_3.0.99.10/x2goserver/bin/x2gostartagent: OUTPUT=
x2godesktopsharing client $X2GO_CLIENT $X2GO_GEOMETRY $X2GO_LINK $X2GO_PACK $X2GO_TYPE $X2GO_KBD_LAYOUT $X2GO_KBD_TYPE $X2GO_SET_KBD $X2GO_STYPE $X2GO_CMD $USER
This has been fixed by two of my latest commits to x2goserver.git. The
shell scripts in the x2goserver package now have many quote pairs
where useful and sensible.
Greets, Mike
--
DAS-NETZWERKTEAM mike gabriel, dorfstr. 27, 24245 barmissen fon: +49 (4302) 281418, fax: +49 (4302) 281419
GnuPG Key ID 0xB588399B mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de
freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xf...
Hi Christoffer,
On Di 21 Feb 2012 12:58:08 CET christoffer krakou wrote:
Hello x2go people :)
i have a server running Ubuntu 11.10 with an x2goserver
installation, version 3.0.99.10-0~434~oneiric1, and it is running
well and stable.We had some strange problems, though. We contacted a school, who
would help us test the server under daily use, and made some test
users for them, called "test-*their name*". When they, and i, tried
to log into those users, the client would freeze, no error message
or anything. On the server, the x2goagent would run amok, soaking up
CPU power. The problem seems to occur only on users with dashes in
their names.Can anyone replicate this? it is quite strange
I can confirm this bug. The '-' sign is a field separator in the
session ID hash. As the username is part of the session ID all scripts
will go bonkers with usernames containing a '-'.
That indeed is worth fixing.
Mike
--
DAS-NETZWERKTEAM mike gabriel, dorfstr. 27, 24245 barmissen fon: +49 (4302) 281418, fax: +49 (4302) 281419
GnuPG Key ID 0xB588399B mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de
freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xf...
Hi Alex,
On Di 21 Feb 2012 15:03:17 CET Mike Gabriel wrote:
Hi Christoffer,
On Di 21 Feb 2012 12:58:08 CET christoffer krakou wrote:
Hello x2go people :)
i have a server running Ubuntu 11.10 with an x2goserver
installation, version 3.0.99.10-0~434~oneiric1, and it is running
well and stable.We had some strange problems, though. We contacted a school, who
would help us test the server under daily use, and made some test
users for them, called "test-*their name*". When they, and i, tried
to log into those users, the client would freeze, no error message
or anything. On the server, the x2goagent would run amok, soaking
up CPU power. The problem seems to occur only on users with dashes
in their names.Can anyone replicate this? it is quite strange
I can confirm this bug. The '-' sign is a field separator in the
session ID hash. As the username is part of the session ID all
scripts will go bonkers with usernames containing a '-'.That indeed is worth fixing.
Mike
I just took a look at this and it is not so trivial to fix...
Debian's adduser (3.110) script checks validity of user names against
this regexp:
'/^[_.A-Za-z0-9][-@_.A-Za-z0-9]*$?$/'
Using a '-' as a field separator in the session ID intereferes with
the allowed characters in usernames.
The issue has to be addressed in x2goserver, x2goclient and
python-x2go. I am not sure about the other helper applications (like
the desktop bindings, desktopsharing, etc.).
Greets, Mike
--
DAS-NETZWERKTEAM mike gabriel, dorfstr. 27, 24245 barmissen fon: +49 (4302) 281418, fax: +49 (4302) 281419
GnuPG Key ID 0xB588399B mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de
freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xf...
Am 21.02.2012 16:40, schrieb Mike Gabriel:
I just took a look at this and it is not so trivial to fix...
Debian's adduser (3.110) script checks validity of user names against this regexp:
'/^[_.A-Za-z0-9][-@_.A-Za-z0-9]*$?$/'
Using a '-' as a field separator in the session ID intereferes with the allowed characters in usernames.
The issue has to be addressed in x2goserver, x2goclient and python-x2go. I am not sure about the other helper applications (like the desktop bindings, desktopsharing, etc.).
Nasty bash hacker approach:
- "#" isn't allowed, so it would work as a separator instead of the dash
- To avoid confusion when server and client aren't using the same version, prefix the string with "#" when it's the new version where all dashes are replaced with "#"
- in x2goclient, *only* replace the dashes when you detect that the username does in fact contain a dash - that way, a new client can talk to an old server (unless the username contains a dash, in which case it would break - but that's what happens with an old client and old server as well, so nothing gained, but also nothing lost)
Variant: Only apply the substitution to the user name field, i.e.: myusername-remaining-parts-of-string -> myusername-remaining-parts-of-string my-user-name-remaining-parts-of-string ->#my#user#name-remaining-parts-of-string
(Of course, if "#" causes trouble, too, substitute another character that isn't allowed by the above regex.)
-Stefan
HI Stefan,
On Di 21 Feb 2012 16:51:40 CET "newsgroups.mail2@stefanbaur.de" wrote:
Am 21.02.2012 16:40, schrieb Mike Gabriel:
I just took a look at this and it is not so trivial to fix...
Debian's adduser (3.110) script checks validity of user names
against this regexp:'/^[_.A-Za-z0-9][-@_.A-Za-z0-9]*$?$/'
Using a '-' as a field separator in the session ID intereferes with
the allowed characters in usernames.The issue has to be addressed in x2goserver, x2goclient and
python-x2go. I am not sure about the other helper applications
(like the desktop bindings, desktopsharing, etc.).Nasty bash hacker approach: old server as well, so nothing gained, but also nothing lost)
- "#" isn't allowed, so it would work as a separator instead of the dash
- To avoid confusion when server and client aren't using the same
version, prefix the string with "#" when it's the new version where
all dashes are replaced with "#"- in x2goclient, *only* replace the dashes when you detect that the
username does in fact contain a dash - that way, a new client can
talk to an old server (unless the username contains a dash, in which
case it would break - but that's what happens with an old client andVariant: Only apply the substitution to the user name field, i.e.: myusername-remaining-parts-of-string -> myusername-remaining-parts-of-string my-user-name-remaining-parts-of-string
->#my#user#name-remaining-parts-of-string(Of course, if "#" causes trouble, too, substitute another character
that isn't allowed by the above regex.)
The solution is to pass the session id hash backwards.
Greets, Mike
--
DAS-NETZWERKTEAM mike gabriel, dorfstr. 27, 24245 barmissen fon: +49 (4302) 281418, fax: +49 (4302) 281419
GnuPG Key ID 0xB588399B mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de
freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xf...
Hi Christoffer,
On Di 21 Feb 2012 12:58:08 CET christoffer krakou wrote:
Hello x2go people :)
i have a server running Ubuntu 11.10 with an x2goserver
installation, version 3.0.99.10-0~434~oneiric1, and it is running
well and stable.We had some strange problems, though. We contacted a school, who
would help us test the server under daily use, and made some test
users for them, called "test-*their name*". When they, and i, tried
to log into those users, the client would freeze, no error message
or anything. On the server, the x2goagent would run amok, soaking up
CPU power. The problem seems to occur only on users with dashes in
their names.Can anyone replicate this? it is quite strange
The issue has been addressed in the server code with Git commit: http://code.x2go.org/gitweb?p=x2goserver.git;a=commitdiff;h=305f7e897420aa9b...
However, x2goclient as well as python-x2go have to become aware of "-"
in usernames.
The patch is fully compliant with older x2goclient implementations.
However, there is still a patch needed for x2goclient and python-x2go.
With python-x2go (pyhoca-gui) the session startup already works. Just
tested with x2goclient, as well, which worked out fine, as well.
However, all features and add-ons for/of X2Go have to be tested
against this new "-"-character-in-user-demands.
The applied patch only addresses X2Go servers running with the SQLite
DB backend (default installation). For PostgreSQL DB backend X2Go
servers, the issue has to be investigated still.
Christoffer! Your (and others) turn! (Debian packages are already
available, Ubuntu packages will come over night, test from the nightly
repositories, please)
Mike
--
DAS-NETZWERKTEAM mike gabriel, dorfstr. 27, 24245 barmissen fon: +49 (4302) 281418, fax: +49 (4302) 281419
GnuPG Key ID 0xB588399B mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de
freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xf...
On 02/21/2012 04:48 PM, Mike Gabriel wrote:
Christoffer! Your (and others) turn! (Debian packages are already available, Ubuntu packages will come over night, test from the nightly repositories, please)
Hello mike.
When i log into the server with old usernames (without dashes), the client hangs until i kill it. No errors, nothing in the log on the server. At one time, a user got stuck in a loop where ssh constantly opened sessions, and closed sessions for the user.
When i log on with a new username (with dashes), it looks as if it goes through the logon process on the client, then just closes again, returning to the login screen. The server log shows the following:
/var/log/auth.log Feb 22 10:29:49 fleten-01 sshd[7901]: Accepted password for test-1 from 2.129.49.246 port 53921 ssh2 Feb 22 10:29:49 fleten-01 sshd[7901]: pam_unix(sshd:session): session opened for user test-1 by (uid=0) Feb 22 10:29:57 fleten-01 sshd[8650]: Accepted password for test-1 from 2.129.49.246 port 53925 ssh2 Feb 22 10:29:57 fleten-01 sshd[8650]: pam_unix(sshd:session): session opened for user test-1 by (uid=0) Feb 22 10:29:57 fleten-01 sshd[8653]: Accepted password for test-1 from 2.129.49.246 port 53926 ssh2 Feb 22 10:29:57 fleten-01 sshd[8653]: pam_unix(sshd:session): session opened for user test-1 by (uid=0) Feb 22 10:30:01 fleten-01 sshd[8991]: Received disconnect from 2.129.49.246: 11: Bye Bye Feb 22 10:30:01 fleten-01 sshd[8650]: pam_unix(sshd:session): session closed for user test-1 Feb 22 10:30:01 fleten-01 sshd[9048]: Received disconnect from 2.129.49.246: 11: Bye Bye Feb 22 10:30:01 fleten-01 sshd[8653]: pam_unix(sshd:session): session closed for user test-1 Feb 22 10:30:01 fleten-01 sshd[7901]: pam_unix(sshd:session): session closed for user test-1 Feb 22 10:30:02 fleten-01 su[9456]: Successful su for test-1 by root Feb 22 10:30:02 fleten-01 su[9456]: + ??? root:test-1 Feb 22 10:30:02 fleten-01 su[9456]: pam_unix(su:session): session opened for user test-1 by (uid=0) Feb 22 10:30:02 fleten-01 su[9456]: pam_unix(su:session): session closed for user test-1
i'm using ubuntu 11.10 64-bit on both server and client side. i've tested from different networks (onsite network, and mobile 3g modem). I'm using the stable client, tried on both windows and ubuntu, and the nightly-build server
-- Venlig Hilsen / Best Regards Christoffer Krakou Fleten.net APS
Just a quick update. It turns out that /var/log/syslog spits out the following:
Feb 22 11:16:07 fleten-01 /usr/bin/x2gostartagent: successfully started X2Go agent session with ID christoffer-51-1329905764_stDGNOME_dp24 Feb 22 11:16:12 fleten-01 /usr/bin/x2gomountdirs[6861]: WARNING: mounting of /home/christoffer/.x2go/S-christoffer-51-1329905764_stDGNOME_dp24/spool failed
when the login fails. Does this lead us closer to the solution?
On 02/22/2012 10:36 AM, christoffer krakou wrote:
On 02/21/2012 04:48 PM, Mike Gabriel wrote:
Christoffer! Your (and others) turn! (Debian packages are already available, Ubuntu packages will come over night, test from the nightly repositories, please)
Hello mike.
When i log into the server with old usernames (without dashes), the client hangs until i kill it. No errors, nothing in the log on the server. At one time, a user got stuck in a loop where ssh constantly opened sessions, and closed sessions for the user.
When i log on with a new username (with dashes), it looks as if it goes through the logon process on the client, then just closes again, returning to the login screen. The server log shows the following:
/var/log/auth.log Feb 22 10:29:49 fleten-01 sshd[7901]: Accepted password for test-1 from 2.129.49.246 port 53921 ssh2 Feb 22 10:29:49 fleten-01 sshd[7901]: pam_unix(sshd:session): session opened for user test-1 by (uid=0) Feb 22 10:29:57 fleten-01 sshd[8650]: Accepted password for test-1 from 2.129.49.246 port 53925 ssh2 Feb 22 10:29:57 fleten-01 sshd[8650]: pam_unix(sshd:session): session opened for user test-1 by (uid=0) Feb 22 10:29:57 fleten-01 sshd[8653]: Accepted password for test-1 from 2.129.49.246 port 53926 ssh2 Feb 22 10:29:57 fleten-01 sshd[8653]: pam_unix(sshd:session): session opened for user test-1 by (uid=0) Feb 22 10:30:01 fleten-01 sshd[8991]: Received disconnect from 2.129.49.246: 11: Bye Bye Feb 22 10:30:01 fleten-01 sshd[8650]: pam_unix(sshd:session): session closed for user test-1 Feb 22 10:30:01 fleten-01 sshd[9048]: Received disconnect from 2.129.49.246: 11: Bye Bye Feb 22 10:30:01 fleten-01 sshd[8653]: pam_unix(sshd:session): session closed for user test-1 Feb 22 10:30:01 fleten-01 sshd[7901]: pam_unix(sshd:session): session closed for user test-1 Feb 22 10:30:02 fleten-01 su[9456]: Successful su for test-1 by root Feb 22 10:30:02 fleten-01 su[9456]: + ??? root:test-1 Feb 22 10:30:02 fleten-01 su[9456]: pam_unix(su:session): session opened for user test-1 by (uid=0) Feb 22 10:30:02 fleten-01 su[9456]: pam_unix(su:session): session closed for user test-1
i'm using ubuntu 11.10 64-bit on both server and client side. i've tested from different networks (onsite network, and mobile 3g modem). I'm using the stable client, tried on both windows and ubuntu, and the nightly-build server
-- Venlig Hilsen / Best Regards Christoffer Krakou Fleten.net APS
Hi Christoffer,
On Mi 22 Feb 2012 10:36:37 CET christoffer krakou wrote:
On 02/21/2012 04:48 PM, Mike Gabriel wrote:
Christoffer! Your (and others) turn! (Debian packages are already available, Ubuntu packages will come over night, test from the nightly repositories, please)
Hello mike.
When i log into the server with old usernames (without dashes), the
client hangs until i kill it. No errors, nothing in the log on the
server. At one time, a user got stuck in a loop where ssh constantly
opened sessions, and closed sessions for the user.When i log on with a new username (with dashes), it looks as if it
goes through the logon process on the client, then just closes
again, returning to the login screen. The server log shows the
following:
Unfortunately, I made a mistake with the first approach of fixing the issue: http://code.x2go.org/gitweb?p=x2goserver.git;a=commitdiff;h=b4684ddfafa899ff...
The second approach work much better: http://code.x2go.org/gitweb?p=x2goserver.git;a=commitdiff;h=e298bd19efb2fc0b...
However, you probably test with the faulty packages. For Debian the
new packages are already online. For Ubuntu they should come today (or
maybe are already there).
Greets, Mike
--
DAS-NETZWERKTEAM mike gabriel, dorfstr. 27, 24245 barmissen fon: +49 (4302) 281418, fax: +49 (4302) 281419
GnuPG Key ID 0xB588399B mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de
freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xf...
Hi Christoffer,
On Mi 22 Feb 2012 10:36:37 CET christoffer krakou wrote:
On 02/21/2012 04:48 PM, Mike Gabriel wrote:
Christoffer! Your (and others) turn! (Debian packages are already available, Ubuntu packages will come over night, test from the nightly repositories, please)
Hello mike.
When i log into the server with old usernames (without dashes), the
client hangs until i kill it. No errors, nothing in the log on the
server. At one time, a user got stuck in a loop where ssh constantly
opened sessions, and closed sessions for the user.When i log on with a new username (with dashes), it looks as if it
goes through the logon process on the client, then just closes
again, returning to the login screen. The server log shows the
following:
Unfortunately, I made a mistake with the first approach of fixing the issue: http://code.x2go.org/gitweb?p=x2goserver.git;a=commitdiff;h=b4684ddfafa899ff...
The second approach work much better: http://code.x2go.org/gitweb?p=x2goserver.git;a=commitdiff;h=e298bd19efb2fc0b...
However, you probably test with the faulty packages. For Debian the
new packages are already online. For Ubuntu they should come today (or
maybe are already there).
Greets, Mike
--
DAS-NETZWERKTEAM mike gabriel, dorfstr. 27, 24245 barmissen fon: +49 (4302) 281418, fax: +49 (4302) 281419
GnuPG Key ID 0xB588399B mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de
freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xf...
-
christoffer krakou -
Jan Engelhardt -
Mike Gabriel -
newsgroups.mail2@stefanbaur.de