Hi Franck,
On Do 04 Jun 2015 13:31:52 CEST, BOTZ Franck (Administrateur Systèmes
et Réseaux) - DDT 67/SIDSIC/Pôle Infra wrote:
My x2gobroker installation works very well (nightly build).
Good!
I have a question about x2godbadmin and the --addgroup option.
I have supposed that run the command x2godbadmin --addgroup x2gouser
add the group in the PostgreSQL database and then all members of the
x2gouser can access to x2goserver
Don't have add users to group "x2gouser". The group is a system group
and only the user "x2gouser" may be a member of this group. If other
users get added to this group your X2Go installation can be
potentially compromised by those users (esp. if you are using the
SQLite backend).
But after that, it appears that new user add to the group can't open
a x2gosession. x2goserver say : "Can't read password file
/home/xxxx/.x2go/sqlpass".So, what do really this command ?
- Read the content of the /etc/group/
- find x2gouser line
- read the users that are member
- add on per one in the database the user and write a
~/.x2go/sqlpass for each one ?
This question has been brought up several times already.
What I do:
o create a group "with-x2go-access" (or use an already existing
group that can hold all potential X2Go Users)
o run a nightly cron job as root (x2godbadmin --addgroup with-x2go-access)
Not very elegant but working. I agree with you that the DB handling in
X2Go needs some love.
Greets, Mike
DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148
GnuPG Key ID 0x25771B31 mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de
freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xf...