Hi!
Is there a chance to restrict access to x2go server to only published applications sessions in the way that a user can only establish x2go "published applications" sessions but no desktop session?
Thankfully Yours! Bernhard
-- ########################################################## Preisträger Constantinus-Preis 2012
Nutzen Sie auch unsere Apps für Android:
Übersicht über alle deutschen ICD10-Codes: https://play.google.com/store/apps/details?id=net.eaustria.icd10.release
Alle Arzneimittel und Medikamenten direkt am Smartphone: https://play.google.com/store/apps/details?id=net.eaustria.eaustria_medicati...
##########################################################
Dr. Bernhard J. Mayr, MBA
Projektkoordinator elexis-austria | Freie Software für freie Berufe Tulpenweg 10 4600 Wels, Austria Tel.: +43(0)660 31 96 763 E-Mail: bernhard.mayr@elexis-austria.net www: www.elexis-austria.net www: www.arztsoftware.it fb: www.facebook.com/elexis-austria youtube: www.youtube.com/elexisaustria
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Am 22.10.2014 um 12:46 schrieb Bernhard J. Mayr:
Is there a chance to restrict access to x2go server to only published applications sessions in the way that a user can only establish x2go "published applications" sessions but no desktop session?
The safest way (as in actually denying access, rather than just hiding it) is to use unix file system permissions and group memberships. Make sure your users are in a certain group, make sure this group has the rights to execute the published applications, but remove the right from the desktop session starter executables.
- -Stefan
BAUR-ITCS UG (haftungsbeschränkt) Geschäftsführer: Stefan Baur Eichenäckerweg 10, 89081 Ulm | Registergericht Ulm, HRB 724364 Fon/Fax 0731 40 34 66-36/-35 | USt-IdNr.: DE268653243 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32)
iQEcBAEBAgAGBQJUR446AAoJEG7d9BjNvlEZIssH/2xHlOayYpOP6/R7ef9XJmhd lJhgvlaLmVWOfJBwir1F13uNYBdW1/zReD2Za7gUpy33VZ+TYhI+N+aKkmmqhNKA clvj+LDuulpojWUsn1nbjrYYiYaxsSJckyq2y7yMz0VDqDY9dr0DNDtjO4DGUlwH nScYsdBBcv2rH2zYG9XIakwVegxUg6b1PGgo10aDxk1IRB2QHBHYJ4/tmu0OIbnZ PlgcwM4uXEreTVdXbSYTtGd/I44PB4D7F5wYN1l89aA+ben9DFEDVFDKmrcA69Ph MZ2LjlOsHHNrDWAiFm2IDUiHXx4I8zquPRbFt+R1oCtXLswFGEzsYugiCmsVjZE= =M9IF -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Am 22.10.2014 um 13:00 schrieb Stefan Baur:
Is there a chance to restrict access to x2go server to only published applications sessions in the way that a user can only establish x2go "published applications" sessions but no desktop session?
The safest way (as in actually denying access, rather than just hiding it) is to use unix file system permissions and group memberships. Make sure your users are in a certain group, make sure this group has the rights to execute the published applications, but remove the right from the desktop session starter executables.
Addendum: Of course, if you do not need a full desktop environment at all, you could also go ahead and uninstall it. X2Go in PubApp/Single App mode will run just fine without one.
- -Stefan
BAUR-ITCS UG (haftungsbeschränkt) Geschäftsführer: Stefan Baur Eichenäckerweg 10, 89081 Ulm | Registergericht Ulm, HRB 724364 Fon/Fax 0731 40 34 66-36/-35 | USt-IdNr.: DE268653243 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32)
iQEcBAEBAgAGBQJUR49uAAoJEG7d9BjNvlEZ+fAH/jxScYtvb2kEn9skEeFncl0I LxD31UmZIEtLA1Fg3up0M7LVZvCG0ft+IRPJ+IvVUTCmJIYTmIg5baaExk4aD35w GpHE2jT5eCJtvSdbCuYaVndA2DkpVIRLZECkWmKwaYUvXJnNXwWM8dNDtJulpfoh Hmtg8cjnlXyz++lBmNJD9TZBbh/KXhSRuf5Gizmbyxoni/rWdsReplDNhBUJYx5t yEO+iEAtrpPk5APQfANTqKsHPZdvdxfG0yPaI8KDvVTBAgtfHDprjLnr5CKy2Yog +8Vr5cPI8Sn7drq3fQPfCperPnMcB3hwOOPCCW5BVXpHhTWUmY+VWxVCbuca9Bs= =d14E -----END PGP SIGNATURE-----
-
Bernhard J. Mayr -
Stefan Baur