[X2Go-Commits] [x2goserver] 01/01: Fix cross-user X2Go Desktop Sharing after being broken by implementing clipboard mode feature (and probably other code changes).
git-admin at x2go.org
git-admin at x2go.org
Sun Nov 16 01:27:52 CET 2014
This is an automated email from the git hooks/post-receive script.
x2go pushed a commit to branch master
in repository x2goserver.
commit 1a9983eada2994337304832610d838f99e7b3f4e
Author: Mike Gabriel <mike.gabriel at das-netzwerkteam.de>
Date: Sun Nov 16 01:27:44 2014 +0100
Fix cross-user X2Go Desktop Sharing after being broken by implementing clipboard mode feature (and probably other code changes).
---
X2Go/Server/Agent.pm | 6 +++-
X2Go/Server/Agent/NX.pm | 34 +++++++++++++--------
X2Go/Server/DB/SQLite3.pm | 8 ++---
X2Go/Utils.pm | 5 +--
debian/changelog | 2 ++
x2goserver/bin/x2golistdesktops | 18 ++++++-----
x2goserver/bin/x2golistshadowsessions | 4 ++-
x2goserver/bin/x2gostartagent | 52 +++++++++++++++++++++++---------
x2goserver/lib/x2gochangestatus | 2 +-
x2goserver/lib/x2gocreatesession | 2 +-
x2goserver/lib/x2gocreateshadowsession | 4 +--
11 files changed, 90 insertions(+), 47 deletions(-)
diff --git a/X2Go/Server/Agent.pm b/X2Go/Server/Agent.pm
index 5a71ca8..c232d30 100644
--- a/X2Go/Server/Agent.pm
+++ b/X2Go/Server/Agent.pm
@@ -42,7 +42,7 @@ load_module $agent_module;
use base 'Exporter';
-our @EXPORT=( 'session_has_terminated', 'session_is_running', 'session_is_suspended' , 'has_agent_state_file', 'get_agent_state' );
+our @EXPORT=( 'session_has_terminated', 'session_is_running', 'session_is_suspended' , 'get_agent_state_file', 'has_agent_state_file', 'get_agent_state' );
@@ -60,6 +60,10 @@ sub session_is_suspended {
return $agent_module->session_is_suspended(@_);
}
+sub get_agent_state_file {
+ return $agent_module->get_agent_state_file(@_);
+}
+
sub has_agent_state_file {
return $agent_module->has_agent_state_file(@_);
}
diff --git a/X2Go/Server/Agent/NX.pm b/X2Go/Server/Agent/NX.pm
index 3e2ada6..831b1dd 100644
--- a/X2Go/Server/Agent/NX.pm
+++ b/X2Go/Server/Agent/NX.pm
@@ -71,17 +71,32 @@ sub session_is_running
return 0;
}
-sub has_agent_state_file
+sub get_agent_state_file
{
my $sess=@_[1];
- my $user=@_[2];
+ my $user;
+
+ if ( $sess =~ m/.*-[0-9]{2,}-[0-9]{10,}_stS(0|1)XSHAD.*XSHADPP.*/ ) {
+ my $shadow_user = $sess;
+ $shadow_user =~ s/.*XSHAD(.*)XSHADPP.*/$1/;
+ $user = $shadow_user;
+ } else {
+ $user=@_[2];
+ }
+
my $stateFile;
if ( -d "/tmp-inst/${user}/.x2go-${user}" ) {
$stateFile="/tmp-inst/${user}/.x2go-".$user."/C-".$sess."/state";
} else {
$stateFile = "/tmp/.x2go-".$user."/C-".$sess."/state";
}
- if ( -e $stateFile )
+ return $stateFile;
+}
+
+sub has_agent_state_file
+{
+ my $stateFile = get_agent_state_file(@_);
+ if ( -e "$stateFile" )
{
return 1;
}
@@ -90,18 +105,11 @@ sub has_agent_state_file
sub get_agent_state
{
- my $sess=@_[1];
- my $user=@_[2];
my $state;
- my $stateFile;
- if ( -d "/tmp-inst/${user}/.x2go-${user}" ) {
- $stateFile="/tmp-inst/${user}/.x2go-".$user."/C-".$sess."/state";
- } else {
- $stateFile = "/tmp/.x2go-".$user."/C-".$sess."/state";
- }
- if (! -e $stateFile )
+ my $stateFile = get_agent_state_file(@_);
+ if (! -e "$stateFile" )
{
- syslog('warning', "$sess: state file for this session does not exists: $stateFile (this can be ignored during session startups)");
+ syslog('warning', "@_[1]: state file for this session does not exist: $stateFile (this can be ignored during session startups)");
$state="UNKNOWN";
}
else
diff --git a/X2Go/Server/DB/SQLite3.pm b/X2Go/Server/DB/SQLite3.pm
index b1441da..d693809 100644
--- a/X2Go/Server/DB/SQLite3.pm
+++ b/X2Go/Server/DB/SQLite3.pm
@@ -297,11 +297,9 @@ sub db_createshadowsession
my $fs_port=shift or die"argument \"fs_port\" missed";
$fs_port = sanitizer('num', $fs_port) or die "argument \"fs_port\" malformed";
my $shadreq_user = shift or die "argument \"shadreq_user\" missed";
- my $fake_sid = $sid;
- $fake_sid =~ s/^$shadreq_user-/$realuser-/;
- check_user($fake_sid);
+ check_user($sid);
my $sth=$dbh->prepare("update sessions set status='R',last_time=datetime('now','localtime'),cookie=?,agent_pid=?,
- client=?,gr_port=?,sound_port=?,fs_port=? where session_id=? and uname=?");
+ client=?,gr_port=?,sound_port=?,fs_port=?,tekictrl_port=-1,tekidata_port=-1 where session_id=? and uname=?");
$sth->execute($cookie, $pid, $client, $gr_port, $snd_port, $fs_port, $sid, $shadreq_user);
if ($sth->err())
{
@@ -658,7 +656,7 @@ sub check_user
# session id looks like someuser-51-1304005895_stDgnome-session_dp24
# during DB insertsession it only looks like someuser-51-1304005895
my $user = "$sid";
- $user =~ s/$realuser-[0-9]{2,}-[0-9]{10,}.*/$realuser/;
+ $user =~ s/($realuser-[0-9]{2,}-[0-9]{10,}_st(D|R).*|.*-[0-9]{2,}-[0-9]{10,}_stS(0|1)XSHAD$realuser.*)/$realuser/;
$user eq $realuser or die "$realuser is not authorized";
}
diff --git a/X2Go/Utils.pm b/X2Go/Utils.pm
index 61b77d3..85ee445 100644
--- a/X2Go/Utils.pm
+++ b/X2Go/Utils.pm
@@ -132,7 +132,7 @@ sub sanitizer {
$string =~ s/[^a-zA-Z0-9\_\-\$\.\@]//g;
if ($string =~ /^([a-zA-Z0-9\_\-\$\.\@]*)$/) {
$string = $1;
- if ($string =~ /^([a-zA-Z\_][a-zA-Z0-9\_\-\.\@]{0,31}[\$]?)\-([\d]{2,4})\-([\d]{9,12})\_[a-zA-Z0-9\_\-]*\_dp[\d]{1,2}$/) {
+ if ($string =~ /^([a-zA-Z\_][a-zA-Z0-9\_\-\.\@]{0,31}[\$]?)\-([\d]{2,4})\-([\d]{9,12})\_[a-zA-Z0-9\_\-\.]*\_dp[\d]{1,2}$/) {
if ((length($1) > 0) and (length($1) < 32)){
return $string;
} else {return 0;}
@@ -159,7 +159,8 @@ sub system_capture_stdout_output {
my $cmd = shift;
my @args = @_;
syslog("debug", "executing external command ,,$cmd'' with args: ".join(",", @args));
- return capture_stdout { system( $cmd, @args ); };
+ my ($stdout, $stderr, @result) = capture { system( $cmd, @args ); };
+ return $stdout;
}
diff --git a/debian/changelog b/debian/changelog
index 6c1b987..a76dc00 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -182,6 +182,8 @@ x2goserver (4.0.1.19-0x2go1) UNRELEASED; urgency=medium
- Make SSH agent forwarding work after having reconnected via SSH and
having resumed a session. (Fixes: #672). Thanks to Robert Siemer for coming
up with that idea.
+ - Fix cross-user X2Go Desktop Sharing after being broken by implementing
+ clipboard mode feature (and probably other code changes).
* debian/control:
+ Add D (x2goserver): libfile-which-perl.
* debian/x2goserver.docs:
diff --git a/x2goserver/bin/x2golistdesktops b/x2goserver/bin/x2golistdesktops
index 058ede8..451eac1 100755
--- a/x2goserver/bin/x2golistdesktops
+++ b/x2goserver/bin/x2golistdesktops
@@ -86,20 +86,24 @@ for(my $i=0;$i<@outp;$i++)
}
}
-my $outp=`ls -1 /tmp/ | grep x2godesktopsharing_`;
+my $outp=`ls -1 /tmp/ | grep x2godesktopsharing_\@*\@:*`;
@outp=split("\n","$outp");
for(my $i=0;$i<@outp;$i++)
{
- my @ln=split("\@", at outp[$i]);
- if ( @ln[1] ne $uname )
- {
- push (@displays, "@ln[1]\@@ln[2]\n");
+ if (( -r "/tmp/@outp[$i]" ) and ( -w "/tmp/@outp[$i]" )) {
+ my @ln=split("\@", at outp[$i]);
+ if ( @ln[1] ne $uname )
+ {
+ push (@displays, "@ln[1]\@@ln[2]");
+ }
}
}
-if (@displays) {
- print "@displays\n";
+for(my $i=0;$i<@displays;$i++) {
+ if ( @displays[$i] ) {
+ print "@displays[$i]\n";
+ }
}
# closing syslog
closelog;
diff --git a/x2goserver/bin/x2golistshadowsessions b/x2goserver/bin/x2golistshadowsessions
index aad9c63..ac8cfaf 100755
--- a/x2goserver/bin/x2golistshadowsessions
+++ b/x2goserver/bin/x2golistshadowsessions
@@ -68,7 +68,9 @@ for (my $i=0;$i<@outp;$i++)
{
if (@sinfo[4]eq 'R')
{
- if(session_is_suspended(@sinfo[1], @sinfo[11]))
+ my $shadow_user = @sinfo[1];
+ $shadow_user =~ s/.*XSHAD(.*)XSHADPP.*/$1/;
+ if(session_is_suspended(@sinfo[1], $shadow_user))
{
db_changestatus( 'S', @sinfo[1] );
@outp[$i] =~ s/\|R\|/\|S\|/;
diff --git a/x2goserver/bin/x2gostartagent b/x2goserver/bin/x2gostartagent
index cf2c373..86f08d6 100755
--- a/x2goserver/bin/x2gostartagent
+++ b/x2goserver/bin/x2gostartagent
@@ -34,9 +34,6 @@ if egrep "^backend[ ]*=[ ]*postgres" /etc/x2go/x2gosql/sql 1>/dev/null 2>/dev/nu
elif [ -z "$USER" ]; then
echo "The \$USER environment variable is not set. Aborting session startup."
exit -2
-elif [ -z "$SSH_CLIENT" ]; then
- echo "The \$SSH_CLIENT environment variable is not set. Aborting session startup."
- exit -3
elif [ -z "$HOME" ]; then
echo "The \$HOME environment variable is not set. Aborting session startup."
exit -4
@@ -62,7 +59,11 @@ fi
REMOTE=localhost
-X2GO_CLIENT=`echo $SSH_CLIENT | awk '{print $1}'`
+if [ -z "$X2GO_CLIENT" ] && [ -n "$SSH_CLIENT" ]; then
+ X2GO_CLIENT=`echo $SSH_CLIENT | awk '{print $1}'`
+elif [ -z "$X2GO_CLIENT" ] && [ -n "$SSH_CONNECTION" ]; then
+ X2GO_CLIENT=`echo $SSH_CONNECTION | awk '{print $1}'`
+fi
$X2GO_LIB_PATH/x2gosyslog "$0" "debug" "client announced itself as ,,$X2GO_CLIENT''"
X2GO_GEOMETRY="$1"; shift
@@ -74,10 +75,11 @@ X2GO_KBD_TYPE="$1"; shift
X2GO_SET_KBD="$1"; shift
X2GO_STYPE="$1"; shift
X2GO_CMD="$1"; shift
-X2GO_CLIPBOARD="$1"; shift
X2GO_RESIZE=1
X2GO_FULLSCREEN=0
+X2GO_CLIPBOARD=""
+
XAUTHORITY=${XAUTHORITY:-"$HOME/.Xauthority"}
@@ -87,16 +89,16 @@ if [ "$X2GO_STYPE" == "S" ]; then
SHADOW_USER=`echo $X2GO_CMD |awk '{split($0,a,"XSHAD"); print a[2]}'`
SHADOW_DESKTOP=`echo $X2GO_CMD |awk '{split($0,a,"XSHAD"); print a[3]}'`
- test -z $1 && {
+ if [ -z "$1" ]; then
# can this line be removed?
#echo "suser $SHADOW_USER user $USER " >> /tmp/uagent
$X2GO_LIB_PATH/x2gosyslog "$0" "debug" "shadow session requested: mode $SHADOW_MODE, user: $SHADOW_USER, desktop: $SHADOW_DESKTOP"
- } || {
+ else
SHADREQ_USER="$1"; shift
$X2GO_LIB_PATH/x2gosyslog "$0" "debug" "preparing shadow session request for user $SHADREQ_USER, agent starts for user ${USER}"
- }
+ fi
if [ "$SHADOW_USER" != "$USER" ]; then
@@ -107,8 +109,12 @@ if [ "$X2GO_STYPE" == "S" ]; then
$X2GO_LIB_PATH/x2gosyslog "$0" "debug" "command result is: $OUTPUT"
if [ "${OUTPUT:0:4}" == "DENY" ]; then
echo "ACCESS DENIED" 1>&2
+ DENIAL_REASON="${OUTPUT:5}"
+ if [ -z "$DENIAL_REASON" ]; then
+ DENIAL_REASON="the user ,,$SHADOW_USER'' does not seem to have desktop sharing activated"
+ fi
$X2GO_LIB_PATH/x2gosyslog "$0" "err" "ERROR: user $SHADOW_USER denied desktop sharing session"
- $X2GO_LIB_PATH/x2gosyslog "$0" "err" "ERROR: reason: for desktop sharing denial ${OUTPUT:5}"
+ $X2GO_LIB_PATH/x2gosyslog "$0" "err" "ERROR: reason for desktop sharing denial: ${DENIAL_REASON}"
exit -1
fi
X2GO_COOKIE=`echo $OUTPUT | awk '{print $2}'`
@@ -127,6 +133,15 @@ if [ "$X2GO_STYPE" == "S" ]; then
echo $OUTPUT | awk '{print $7}'
exit 0
fi
+else
+
+ # only check the SSH_CLIENT variable for non-shadow sessions
+ if [ -z "$SSH_CLIENT" ]; then
+ echo "The \$SSH_CLIENT environment variable is not set. Aborting session startup."
+ exit -3
+ fi
+
+ X2GO_CLIPBOARD="$1"; shift
fi
LIMIT=`x2gosessionlimit`
@@ -202,7 +217,7 @@ while [ "$OUTPUT" != "inserted" ]; do
fi
done
-if [ "x$X2GO_TELEKINESIS_ENABLED" == "x0" ] || ! type -p telekinesis-server 1>/dev/null; then
+if [ "x$X2GO_TELEKINESIS_ENABLED" == "x0" ] || [ "x$X2GO_STYPE" = "xS" ] || ! type -p telekinesis-server 1>/dev/null; then
TEKICTRL_PORT="-1"
TEKIDATA_PORT="-1"
X2GO_TELEKINESIS_ENABLED="0"
@@ -273,7 +288,7 @@ if [ ! -d "$X2GO_TMP_ROOT" ]; then
fi
SESSION_DIR="${X2GO_TMP_ROOT}/C-${SESSION_NAME}"
-if [ "x$X2GO_TELEKINESIS_ENABLED" != "x0" ]; then
+if [ "x$X2GO_TELEKINESIS_ENABLED" != "x0" ] && [ "x$X2GO_STYPE" != "xS" ]; then
mkdir -p "${SESSION_DIR}/telekinesis/remote/"
fi
@@ -282,11 +297,18 @@ STATE_FILE="${SESSION_DIR}/state"
# do not use $TMP or $TEMP here, the session.log file location has to be accessible by root
SESSION_LOG="${SESSION_DIR}/session.log"
mkdir -p "${SESSION_DIR}"
-chmod -f 0700 "${SESSION_DIR}"
+if [ "x$X2GO_STYPE" = "xS" ]; then
+ chmod -f 0710 "${SESSION_DIR}"
+ if groups "$USER" | grep x2godesktopsharing 1>/dev/null 2>/dev/null; then
+ $X2GO_LIB_PATH/x2gosyslog "$0" "info" "user ,,$USER'' grants access to ${SESSION_DIR} for group ,,x2godesktopsharing''"
+ chown :x2godesktopsharing "${SESSION_DIR}"
+ fi
+else
+ chmod -f 0700 "${SESSION_DIR}"
+fi
touch "${SESSION_LOG}"
chmod -f 0600 "${SESSION_LOG}"
-
if [ ! -d "$X2GO_ROOT/ssh" ]; then
mkdir "$X2GO_ROOT/ssh"
fi
@@ -372,8 +394,10 @@ X2GO_AGENT_RETVAL=$?
X2GO_SND_PORT=1024
if [ -n "$SHADREQ_USER" ]; then
- $X2GO_LIB_PATH/x2gocreateshadowsession "$SESSION_NAME" "$X2GO_COOKIE" "$X2GO_AGENT_PID" "$X2GO_CLIENT" "$GR_PORT" "$SOUND_PORT" "$FS_PORT""$SHADREQ_USER" > /dev/null
+ $X2GO_LIB_PATH/x2gosyslog "$0" "info" "creating new shadow session: $SESSION_NAME $X2GO_COOKIE $X2GO_AGENT_PID $X2GO_CLIENT $GR_PORT $SOUND_PORT $FS_PORT $SHADREQ_USER"
+ $X2GO_LIB_PATH/x2gocreateshadowsession "$SESSION_NAME" "$X2GO_COOKIE" "$X2GO_AGENT_PID" "$X2GO_CLIENT" "$GR_PORT" "$SOUND_PORT" "$FS_PORT" "$SHADREQ_USER" > /dev/null
else
+ $X2GO_LIB_PATH/x2gosyslog "$0" "info" "creating new session: $SESSION_NAME $X2GO_COOKIE $X2GO_AGENT_PID $X2GO_CLIENT $GR_PORT $SOUND_PORT $FS_PORT $TEKICTRL_PORT $TEKIDATA_PORT"
$X2GO_LIB_PATH/x2gocreatesession "$SESSION_NAME" "$X2GO_COOKIE" "$X2GO_AGENT_PID" "$X2GO_CLIENT" "$GR_PORT" "$SOUND_PORT" "$FS_PORT" "$TEKICTRL_PORT" "$TEKIDATA_PORT" > /dev/null
fi
diff --git a/x2goserver/lib/x2gochangestatus b/x2goserver/lib/x2gochangestatus
index 3e9d992..60ac418 100755
--- a/x2goserver/lib/x2gochangestatus
+++ b/x2goserver/lib/x2gochangestatus
@@ -36,4 +36,4 @@ my $sid=shift or die;
db_changestatus($status, $sid);
# closing syslog
-closelog;
\ No newline at end of file
+closelog;
diff --git a/x2goserver/lib/x2gocreatesession b/x2goserver/lib/x2gocreatesession
index 3495e90..5864175 100755
--- a/x2goserver/lib/x2gocreatesession
+++ b/x2goserver/lib/x2gocreatesession
@@ -43,4 +43,4 @@ my $tekidata_port=shift or die;
db_createsession($sid, $cookie, $pid, $client, $gr_port, $snd_port, $fs_port, $tekictrl_port, $tekidata_port);
# closing syslog
-closelog;
\ No newline at end of file
+closelog;
diff --git a/x2goserver/lib/x2gocreateshadowsession b/x2goserver/lib/x2gocreateshadowsession
index 39c7184..07c26d6 100755
--- a/x2goserver/lib/x2gocreateshadowsession
+++ b/x2goserver/lib/x2gocreateshadowsession
@@ -30,16 +30,16 @@ openlog($0,'cons,pid','user');
setlogmask( LOG_UPTO(loglevel()) );
+my $sid=shift or die;
my $cookie=shift or die;
my $pid=shift or die;
my $client=shift or die;
my $gr_port=shift or die;
my $snd_port=shift or die;
my $fs_port=shift or die;
-my $sid=shift or die;
my $shadreq_user=shift or die;
db_createshadowsession($sid, $cookie, $pid, $client, $gr_port, $snd_port, $fs_port, $shadreq_user);
# closing syslog
-closelog;
\ No newline at end of file
+closelog;
--
Alioth's /srv/git/_hooks_/post-receive-email on /srv/git/code.x2go.org/x2goserver.git
More information about the x2go-commits
mailing list