Hi Mathias,
I'll be around on IRC after 10am CEST today (until 1pm).
Mike
--
DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976148
GnuPG Key ID 0x25771B13 mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de
----- Original message -----
Hi Mike,
yes I am using ACL:
[vs55-dev-mathias] user=mathias host=10.173.20.16 user=student0 name=vSphere 5.5 Dev command=XFCE sshproxyuser=mathias sshproxysameuser=false acl-groups-allow=mathias acl-groups-deny=ALL acl-clients-allow=ALL acl-any-order=deny-allow
[vs55-dev-fabian] user=fabian host=10.173.20.16 user=student0 name=vSphere 5.5 Dev command=XFCE sshproxyuser=fabian sshproxysameuser=false acl-groups-allow=fabian acl-groups-deny=ALL acl-clients-allow=ALL acl-any-order=deny-allow
I wanted to give access on a per-user basis so I used the groups that are created with the same name as the username anyways and did
addgroup username groupname
Is there a better solution?
I am connected to IRC now, we can go on there.
cheers Mathias
On 10/09/2013 10:21 PM, Mike Gabriel wrote:
Hi Mathias,
On Mi 09 Okt 2013 21:51:40 CEST, Mathias Ewald wrote:
when I get the no x2go sessions found message, broker shows
2013-10-09 16:26:55,183 - broker - INFO - client address is 79.249.113.198 2013-10-09 16:26:55,184 - broker - DEBUG - username: fabian, password: XXXXX, task: listsessions, profile_id: 2013-10-09 16:26:55,184 - broker - DEBUG - base_broker.X2GoBroker.get_authentication_mechanism(): found default-auth-mech in global config section: pam 2013-10-09 16:26:55,185 - broker - DEBUG - base_broker.X2GoBroker._do_authenticate(): authenticating user=fabian with password=<hidden> against backend=inifile. 2013-10-09 16:26:55,185 - broker - DEBUG - connecting to authentication service socket /run/x2gobroker/x2gobroker-authservice.socket 2013-10-09 16:26:55,185 - broker - DEBUG - sending username=fabian, password=<hidden>, service=x2gobroker to authentication service 2013-10-09 16:26:55,201 - broker - INFO - authentication against PAM service »x2gobroker« succeeded for user »fabian« 2013-10-09 16:26:55,201 - broker - DEBUG - base_broker.X2GoBroker.check_access(): result of authentication check is: True 2013-10-09 16:26:55,209 - broker - DEBUG - base_broker.X2GoBroker.get_session_autologin(): found default-session-autologin in global config section: False 2013-10-09 16:26:55,221 - broker - DEBUG - base_broker.X2GoBroker.get_session_autologin(): found default-session-autologin in global config section: False 2013-10-09 16:26:55,233 - broker - DEBUG - base_broker.X2GoBroker.get_session_autologin(): found default-session-autologin in global config section: False 2013-10-09 16:26:55,245 - broker - DEBUG - base_broker.X2GoBroker.get_session_autologin(): found default-session-autologin in global config section: False
Argh. The 0.0.2.3 x2gobroker is not so verbose at that point... Neither is the 0.0.3.0, actually. I have to add more debug output to checkaccess() method in the base broker code.
Do you by any chance use any ACL in the broker's session profiles config?
Mike
PS: discussing such questions on IRC would really speed up the debugging process...
X2Go-User mailing list X2Go-User@lists.berlios.de https://lists.berlios.de/mailman/listinfo/x2go-user