[X2Go-Commits] [x2goserver] 01/01: Fix cross-user X2Go Desktop Sharing after being broken by implementing clipboard mode feature (and probably other code changes).

git-admin at x2go.org git-admin at x2go.org
Sun Nov 16 01:27:52 CET 2014


This is an automated email from the git hooks/post-receive script.

x2go pushed a commit to branch master
in repository x2goserver.

commit 1a9983eada2994337304832610d838f99e7b3f4e
Author: Mike Gabriel <mike.gabriel at das-netzwerkteam.de>
Date:   Sun Nov 16 01:27:44 2014 +0100

    Fix cross-user X2Go Desktop Sharing after being broken by implementing clipboard mode feature (and probably other code changes).
---
 X2Go/Server/Agent.pm                   |    6 +++-
 X2Go/Server/Agent/NX.pm                |   34 +++++++++++++--------
 X2Go/Server/DB/SQLite3.pm              |    8 ++---
 X2Go/Utils.pm                          |    5 +--
 debian/changelog                       |    2 ++
 x2goserver/bin/x2golistdesktops        |   18 ++++++-----
 x2goserver/bin/x2golistshadowsessions  |    4 ++-
 x2goserver/bin/x2gostartagent          |   52 +++++++++++++++++++++++---------
 x2goserver/lib/x2gochangestatus        |    2 +-
 x2goserver/lib/x2gocreatesession       |    2 +-
 x2goserver/lib/x2gocreateshadowsession |    4 +--
 11 files changed, 90 insertions(+), 47 deletions(-)

diff --git a/X2Go/Server/Agent.pm b/X2Go/Server/Agent.pm
index 5a71ca8..c232d30 100644
--- a/X2Go/Server/Agent.pm
+++ b/X2Go/Server/Agent.pm
@@ -42,7 +42,7 @@ load_module $agent_module;
 
 use base 'Exporter';
 
-our @EXPORT=( 'session_has_terminated', 'session_is_running', 'session_is_suspended' , 'has_agent_state_file', 'get_agent_state' );
+our @EXPORT=( 'session_has_terminated', 'session_is_running', 'session_is_suspended' , 'get_agent_state_file', 'has_agent_state_file', 'get_agent_state' );
 
 
 
@@ -60,6 +60,10 @@ sub session_is_suspended {
 	return $agent_module->session_is_suspended(@_);
 }
 
+sub get_agent_state_file {
+	return $agent_module->get_agent_state_file(@_);
+}
+
 sub has_agent_state_file {
 	return $agent_module->has_agent_state_file(@_);
 }
diff --git a/X2Go/Server/Agent/NX.pm b/X2Go/Server/Agent/NX.pm
index 3e2ada6..831b1dd 100644
--- a/X2Go/Server/Agent/NX.pm
+++ b/X2Go/Server/Agent/NX.pm
@@ -71,17 +71,32 @@ sub session_is_running
 	return 0;
 }
 
-sub has_agent_state_file
+sub get_agent_state_file
 {
 	my $sess=@_[1];
-	my $user=@_[2];
+	my $user;
+
+	if ( $sess =~ m/.*-[0-9]{2,}-[0-9]{10,}_stS(0|1)XSHAD.*XSHADPP.*/ ) {
+		my $shadow_user = $sess;
+		$shadow_user =~ s/.*XSHAD(.*)XSHADPP.*/$1/;
+		$user = $shadow_user;
+	} else {
+		$user=@_[2];
+	}
+
 	my $stateFile;
 	if ( -d "/tmp-inst/${user}/.x2go-${user}" ) {
 		$stateFile="/tmp-inst/${user}/.x2go-".$user."/C-".$sess."/state";
 	} else {
 		$stateFile = "/tmp/.x2go-".$user."/C-".$sess."/state";
 	}
-	if ( -e $stateFile )
+	return $stateFile;
+}
+
+sub has_agent_state_file
+{
+	my $stateFile = get_agent_state_file(@_);
+	if ( -e "$stateFile" )
 	{
 		return 1;
 	}
@@ -90,18 +105,11 @@ sub has_agent_state_file
 
 sub get_agent_state
 {
-	my $sess=@_[1];
-	my $user=@_[2];
 	my $state;
-	my $stateFile;
-	if ( -d "/tmp-inst/${user}/.x2go-${user}" ) {
-		$stateFile="/tmp-inst/${user}/.x2go-".$user."/C-".$sess."/state";
-	} else {
-		$stateFile = "/tmp/.x2go-".$user."/C-".$sess."/state";
-	}
-	if (! -e $stateFile )
+	my $stateFile = get_agent_state_file(@_);
+	if (! -e "$stateFile" )
 	{
-		syslog('warning', "$sess: state file for this session does not exists: $stateFile (this can be ignored during session startups)");
+		syslog('warning', "@_[1]: state file for this session does not exist: $stateFile (this can be ignored during session startups)");
 		$state="UNKNOWN";
 	}
 	else
diff --git a/X2Go/Server/DB/SQLite3.pm b/X2Go/Server/DB/SQLite3.pm
index b1441da..d693809 100644
--- a/X2Go/Server/DB/SQLite3.pm
+++ b/X2Go/Server/DB/SQLite3.pm
@@ -297,11 +297,9 @@ sub db_createshadowsession
 	my $fs_port=shift or die"argument \"fs_port\" missed";
 	$fs_port = sanitizer('num', $fs_port) or die "argument \"fs_port\" malformed";
 	my $shadreq_user = shift or die "argument \"shadreq_user\" missed";
-	my $fake_sid = $sid;
-	$fake_sid =~ s/^$shadreq_user-/$realuser-/;
-	check_user($fake_sid);
+	check_user($sid);
 	my $sth=$dbh->prepare("update sessions set status='R',last_time=datetime('now','localtime'),cookie=?,agent_pid=?,
-	                       client=?,gr_port=?,sound_port=?,fs_port=? where session_id=? and uname=?");
+	                       client=?,gr_port=?,sound_port=?,fs_port=?,tekictrl_port=-1,tekidata_port=-1 where session_id=? and uname=?");
 	$sth->execute($cookie, $pid, $client, $gr_port, $snd_port, $fs_port, $sid, $shadreq_user);
 	if ($sth->err())
 	{
@@ -658,7 +656,7 @@ sub check_user
 	# session id looks like someuser-51-1304005895_stDgnome-session_dp24
 	# during DB insertsession it only looks like someuser-51-1304005895
 	my $user = "$sid";
-	$user =~ s/$realuser-[0-9]{2,}-[0-9]{10,}.*/$realuser/;
+	$user =~ s/($realuser-[0-9]{2,}-[0-9]{10,}_st(D|R).*|.*-[0-9]{2,}-[0-9]{10,}_stS(0|1)XSHAD$realuser.*)/$realuser/;
 	$user eq $realuser or die "$realuser is not authorized";
 }
 
diff --git a/X2Go/Utils.pm b/X2Go/Utils.pm
index 61b77d3..85ee445 100644
--- a/X2Go/Utils.pm
+++ b/X2Go/Utils.pm
@@ -132,7 +132,7 @@ sub sanitizer {
 		$string =~ s/[^a-zA-Z0-9\_\-\$\.\@]//g;
 		if ($string =~ /^([a-zA-Z0-9\_\-\$\.\@]*)$/) {
 			$string = $1;
-			if ($string =~ /^([a-zA-Z\_][a-zA-Z0-9\_\-\.\@]{0,31}[\$]?)\-([\d]{2,4})\-([\d]{9,12})\_[a-zA-Z0-9\_\-]*\_dp[\d]{1,2}$/) {
+			if ($string =~ /^([a-zA-Z\_][a-zA-Z0-9\_\-\.\@]{0,31}[\$]?)\-([\d]{2,4})\-([\d]{9,12})\_[a-zA-Z0-9\_\-\.]*\_dp[\d]{1,2}$/) {
 				if ((length($1) > 0) and (length($1) < 32)){
 					return $string;
 				} else {return 0;}
@@ -159,7 +159,8 @@ sub system_capture_stdout_output {
 	my $cmd = shift;
 	my @args = @_;
 	syslog("debug", "executing external command ,,$cmd'' with args: ".join(",", @args));
-	return capture_stdout { system( $cmd, @args ); };
+	my ($stdout, $stderr, @result) = capture { system( $cmd, @args ); };
+	return $stdout;
 }
 
 
diff --git a/debian/changelog b/debian/changelog
index 6c1b987..a76dc00 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -182,6 +182,8 @@ x2goserver (4.0.1.19-0x2go1) UNRELEASED; urgency=medium
     - Make SSH agent forwarding work after having reconnected via SSH and
       having resumed a session. (Fixes: #672). Thanks to Robert Siemer for coming
       up with that idea.
+    - Fix cross-user X2Go Desktop Sharing after being broken by implementing
+      clipboard mode feature (and probably other code changes).
   * debian/control:
     + Add D (x2goserver): libfile-which-perl.
   * debian/x2goserver.docs:
diff --git a/x2goserver/bin/x2golistdesktops b/x2goserver/bin/x2golistdesktops
index 058ede8..451eac1 100755
--- a/x2goserver/bin/x2golistdesktops
+++ b/x2goserver/bin/x2golistdesktops
@@ -86,20 +86,24 @@ for(my $i=0;$i<@outp;$i++)
 	}
 }
 
-my $outp=`ls -1 /tmp/ | grep x2godesktopsharing_`;
+my $outp=`ls -1 /tmp/ | grep x2godesktopsharing_\@*\@:*`;
 @outp=split("\n","$outp");
 
 for(my $i=0;$i<@outp;$i++)
 {
-	my @ln=split("\@", at outp[$i]);
-	if ( @ln[1] ne $uname )
-	{
-		push (@displays, "@ln[1]\@@ln[2]\n");
+	if (( -r "/tmp/@outp[$i]" ) and ( -w "/tmp/@outp[$i]" )) {
+		my @ln=split("\@", at outp[$i]);
+		if ( @ln[1] ne $uname )
+		{
+			push (@displays, "@ln[1]\@@ln[2]");
+		}
 	}
 }
 
-if (@displays) {
-	print "@displays\n";
+for(my $i=0;$i<@displays;$i++) {
+	if ( @displays[$i] ) {
+		print "@displays[$i]\n";
+	}
 }
 # closing syslog 
 closelog;
diff --git a/x2goserver/bin/x2golistshadowsessions b/x2goserver/bin/x2golistshadowsessions
index aad9c63..ac8cfaf 100755
--- a/x2goserver/bin/x2golistshadowsessions
+++ b/x2goserver/bin/x2golistshadowsessions
@@ -68,7 +68,9 @@ for (my $i=0;$i<@outp;$i++)
 	{ 
 		if (@sinfo[4]eq 'R')
 		{
-			if(session_is_suspended(@sinfo[1], @sinfo[11]))
+			my $shadow_user = @sinfo[1];
+			$shadow_user =~ s/.*XSHAD(.*)XSHADPP.*/$1/;
+			if(session_is_suspended(@sinfo[1], $shadow_user))
 			{
 				db_changestatus( 'S', @sinfo[1] );
 				@outp[$i] =~ s/\|R\|/\|S\|/;
diff --git a/x2goserver/bin/x2gostartagent b/x2goserver/bin/x2gostartagent
index cf2c373..86f08d6 100755
--- a/x2goserver/bin/x2gostartagent
+++ b/x2goserver/bin/x2gostartagent
@@ -34,9 +34,6 @@ if egrep "^backend[ ]*=[ ]*postgres" /etc/x2go/x2gosql/sql 1>/dev/null 2>/dev/nu
 elif [ -z "$USER" ]; then
 	echo "The \$USER environment variable is not set. Aborting session startup."
 	exit -2
-elif [ -z "$SSH_CLIENT" ]; then
-	echo "The \$SSH_CLIENT environment variable is not set. Aborting session startup."
-	exit -3
 elif [ -z "$HOME" ]; then
 	echo "The \$HOME environment variable is not set. Aborting session startup."
 	exit -4
@@ -62,7 +59,11 @@ fi
 
 REMOTE=localhost
 
-X2GO_CLIENT=`echo $SSH_CLIENT | awk '{print $1}'`
+if [ -z "$X2GO_CLIENT" ] && [ -n "$SSH_CLIENT" ]; then
+	X2GO_CLIENT=`echo $SSH_CLIENT | awk '{print $1}'`
+elif [ -z "$X2GO_CLIENT" ] && [ -n "$SSH_CONNECTION" ]; then
+	X2GO_CLIENT=`echo $SSH_CONNECTION | awk '{print $1}'`
+fi
 $X2GO_LIB_PATH/x2gosyslog "$0" "debug" "client announced itself as ,,$X2GO_CLIENT''"
 
 X2GO_GEOMETRY="$1"; shift
@@ -74,10 +75,11 @@ X2GO_KBD_TYPE="$1"; shift
 X2GO_SET_KBD="$1"; shift
 X2GO_STYPE="$1"; shift
 X2GO_CMD="$1"; shift
-X2GO_CLIPBOARD="$1"; shift
 X2GO_RESIZE=1
 X2GO_FULLSCREEN=0
 
+X2GO_CLIPBOARD=""
+
 XAUTHORITY=${XAUTHORITY:-"$HOME/.Xauthority"}
 
 
@@ -87,16 +89,16 @@ if [ "$X2GO_STYPE" == "S" ]; then
 	SHADOW_USER=`echo $X2GO_CMD |awk '{split($0,a,"XSHAD"); print a[2]}'`
 	SHADOW_DESKTOP=`echo $X2GO_CMD |awk '{split($0,a,"XSHAD"); print a[3]}'`
 
-	test -z $1 && { 
+	if [ -z "$1" ]; then
 
 		# can this line be removed?
 		#echo "suser $SHADOW_USER user $USER " >> /tmp/uagent
 
 		$X2GO_LIB_PATH/x2gosyslog "$0" "debug" "shadow session requested: mode $SHADOW_MODE, user: $SHADOW_USER, desktop: $SHADOW_DESKTOP"
-	} || {
+	else
 		SHADREQ_USER="$1"; shift
 		$X2GO_LIB_PATH/x2gosyslog "$0" "debug" "preparing shadow session request for user $SHADREQ_USER, agent starts for user ${USER}"
-	}
+	fi
 
 	if [ "$SHADOW_USER" != "$USER" ]; then
 
@@ -107,8 +109,12 @@ if [ "$X2GO_STYPE" == "S" ]; then
 		$X2GO_LIB_PATH/x2gosyslog "$0" "debug" "command result is: $OUTPUT"
 		if [ "${OUTPUT:0:4}" == "DENY" ]; then
 			echo "ACCESS DENIED" 1>&2
+			DENIAL_REASON="${OUTPUT:5}"
+			if [ -z "$DENIAL_REASON" ]; then
+				DENIAL_REASON="the user ,,$SHADOW_USER'' does not seem to have desktop sharing activated"
+			fi
 			$X2GO_LIB_PATH/x2gosyslog "$0" "err" "ERROR: user $SHADOW_USER denied desktop sharing session"
-			$X2GO_LIB_PATH/x2gosyslog "$0" "err" "ERROR: reason: for desktop sharing denial ${OUTPUT:5}"
+			$X2GO_LIB_PATH/x2gosyslog "$0" "err" "ERROR: reason for desktop sharing denial: ${DENIAL_REASON}"
 			exit -1
 		fi
 		X2GO_COOKIE=`echo $OUTPUT | awk '{print $2}'`
@@ -127,6 +133,15 @@ if [ "$X2GO_STYPE" == "S" ]; then
 		echo $OUTPUT | awk '{print $7}'
 		exit 0
 	fi
+else
+
+	# only check the SSH_CLIENT variable for non-shadow sessions
+	if [ -z "$SSH_CLIENT" ]; then
+		echo "The \$SSH_CLIENT environment variable is not set. Aborting session startup."
+		exit -3
+	fi
+
+	X2GO_CLIPBOARD="$1"; shift
 fi
 
 LIMIT=`x2gosessionlimit`
@@ -202,7 +217,7 @@ while [ "$OUTPUT"  != "inserted" ]; do
 	fi 
 done
 
-if [ "x$X2GO_TELEKINESIS_ENABLED" == "x0" ] || ! type -p telekinesis-server 1>/dev/null; then
+if [ "x$X2GO_TELEKINESIS_ENABLED" == "x0" ] || [ "x$X2GO_STYPE" = "xS" ] || ! type -p telekinesis-server 1>/dev/null; then
 	TEKICTRL_PORT="-1"
 	TEKIDATA_PORT="-1"
 	X2GO_TELEKINESIS_ENABLED="0"
@@ -273,7 +288,7 @@ if [ ! -d "$X2GO_TMP_ROOT" ]; then
 fi
 
 SESSION_DIR="${X2GO_TMP_ROOT}/C-${SESSION_NAME}"
-if [ "x$X2GO_TELEKINESIS_ENABLED" != "x0" ]; then
+if [ "x$X2GO_TELEKINESIS_ENABLED" != "x0" ] && [ "x$X2GO_STYPE" != "xS" ]; then
 	mkdir -p "${SESSION_DIR}/telekinesis/remote/"
 fi
 
@@ -282,11 +297,18 @@ STATE_FILE="${SESSION_DIR}/state"
 # do not use $TMP or $TEMP here, the session.log file location has to be accessible by root
 SESSION_LOG="${SESSION_DIR}/session.log"
 mkdir -p "${SESSION_DIR}"
-chmod -f 0700 "${SESSION_DIR}"
+if [ "x$X2GO_STYPE" = "xS" ]; then
+	chmod -f 0710 "${SESSION_DIR}"
+	if groups "$USER" | grep x2godesktopsharing 1>/dev/null 2>/dev/null; then
+		$X2GO_LIB_PATH/x2gosyslog "$0" "info" "user ,,$USER'' grants access to ${SESSION_DIR} for group ,,x2godesktopsharing''"
+		chown :x2godesktopsharing "${SESSION_DIR}"
+	fi
+else
+	chmod -f 0700 "${SESSION_DIR}"
+fi
 touch "${SESSION_LOG}"
 chmod -f 0600 "${SESSION_LOG}"
 
-
 if [ ! -d "$X2GO_ROOT/ssh" ]; then
 	mkdir "$X2GO_ROOT/ssh"
 fi
@@ -372,8 +394,10 @@ X2GO_AGENT_RETVAL=$?
 X2GO_SND_PORT=1024
 
 if [ -n "$SHADREQ_USER" ]; then
-	$X2GO_LIB_PATH/x2gocreateshadowsession "$SESSION_NAME"  "$X2GO_COOKIE" "$X2GO_AGENT_PID" "$X2GO_CLIENT" "$GR_PORT" "$SOUND_PORT" "$FS_PORT""$SHADREQ_USER" > /dev/null
+	$X2GO_LIB_PATH/x2gosyslog "$0" "info" "creating new shadow session: $SESSION_NAME $X2GO_COOKIE $X2GO_AGENT_PID $X2GO_CLIENT $GR_PORT $SOUND_PORT $FS_PORT $SHADREQ_USER"
+	$X2GO_LIB_PATH/x2gocreateshadowsession "$SESSION_NAME" "$X2GO_COOKIE" "$X2GO_AGENT_PID" "$X2GO_CLIENT" "$GR_PORT" "$SOUND_PORT" "$FS_PORT" "$SHADREQ_USER" > /dev/null
 else
+	 $X2GO_LIB_PATH/x2gosyslog "$0" "info" "creating new session: $SESSION_NAME $X2GO_COOKIE $X2GO_AGENT_PID $X2GO_CLIENT $GR_PORT $SOUND_PORT $FS_PORT $TEKICTRL_PORT $TEKIDATA_PORT"
 	$X2GO_LIB_PATH/x2gocreatesession "$SESSION_NAME" "$X2GO_COOKIE" "$X2GO_AGENT_PID" "$X2GO_CLIENT" "$GR_PORT" "$SOUND_PORT" "$FS_PORT" "$TEKICTRL_PORT" "$TEKIDATA_PORT"  > /dev/null
 fi
 
diff --git a/x2goserver/lib/x2gochangestatus b/x2goserver/lib/x2gochangestatus
index 3e9d992..60ac418 100755
--- a/x2goserver/lib/x2gochangestatus
+++ b/x2goserver/lib/x2gochangestatus
@@ -36,4 +36,4 @@ my $sid=shift or die;
 db_changestatus($status, $sid);
 
 # closing syslog 
-closelog;
\ No newline at end of file
+closelog;
diff --git a/x2goserver/lib/x2gocreatesession b/x2goserver/lib/x2gocreatesession
index 3495e90..5864175 100755
--- a/x2goserver/lib/x2gocreatesession
+++ b/x2goserver/lib/x2gocreatesession
@@ -43,4 +43,4 @@ my $tekidata_port=shift or die;
 db_createsession($sid, $cookie, $pid, $client, $gr_port, $snd_port, $fs_port, $tekictrl_port, $tekidata_port);
 
 # closing syslog 
-closelog;
\ No newline at end of file
+closelog;
diff --git a/x2goserver/lib/x2gocreateshadowsession b/x2goserver/lib/x2gocreateshadowsession
index 39c7184..07c26d6 100755
--- a/x2goserver/lib/x2gocreateshadowsession
+++ b/x2goserver/lib/x2gocreateshadowsession
@@ -30,16 +30,16 @@ openlog($0,'cons,pid','user');
 setlogmask( LOG_UPTO(loglevel()) );
 
 
+my $sid=shift or die;
 my $cookie=shift or die;
 my $pid=shift or die;
 my $client=shift or die;
 my $gr_port=shift or die;
 my $snd_port=shift or die;
 my $fs_port=shift or die;
-my $sid=shift or die;
 my $shadreq_user=shift or die;
 
 db_createshadowsession($sid, $cookie, $pid, $client, $gr_port, $snd_port, $fs_port, $shadreq_user);
 
 # closing syslog 
-closelog;
\ No newline at end of file
+closelog;

--
Alioth's /srv/git/_hooks_/post-receive-email on /srv/git/code.x2go.org/x2goserver.git


More information about the x2go-commits mailing list