[X2Go-Commits] [x2goclient] 04/04: src/onmainwindow.cpp: hook-in chgrp for ~/.x2go/etc on Windows platforms to work around a Cygwin permissions bug. Fixes: #1156.

git-admin at x2go.org git-admin at x2go.org
Thu Jun 14 04:12:22 CEST 2018 

This is an automated email from the git hooks/post-receive script.

x2go pushed a commit to branch master
in repository x2goclient.

commit f22fd1957a8b16a80588451cc3e0dab26c2d5c8b
Author: Mihai Moldovan <ionic at ionic.de>
Date:   Thu Jun 14 04:11:15 2018 +0200

    src/onmainwindow.cpp: hook-in chgrp for ~/.x2go/etc on Windows platforms to work around a Cygwin permissions bug. Fixes: #1156.
---
 debian/changelog     |   2 +
 src/onmainwindow.cpp | 117 +++++++++++++++++++++++++++++++++++++++++++++++++++
 src/onmainwindow.h   |   1 +
 3 files changed, 120 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index da8f2c1..fe06805 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -86,6 +86,8 @@ x2goclient (4.1.2.0-0x2go1) UNRELEASED; urgency=medium
       Server startup functions.
     - src/pulsemanager.cpp: use QByteArray's constData () instead of data (),
       since we'll never modify the data anyway.
+    - src/onmainwindow.cpp: hook-in chgrp for ~/.x2go/etc on Windows platforms
+      to work around a Cygwin permissions bug. Fixes: #1156.
   * x2goclient.spec:
     - Remove plugin references.
   * debian/rules:
diff --git a/src/onmainwindow.cpp b/src/onmainwindow.cpp
index fa39cd8..712bd4c 100644
--- a/src/onmainwindow.cpp
+++ b/src/onmainwindow.cpp
@@ -10397,6 +10397,118 @@ void ONMainWindow::slotSetWinServersReady()
     restoreCygnusSettings();
 }
 
+void ONMainWindow::workaround_cygwin_permissions_issue () {
+    /*
+     * Traditionally, user home directories were owned by a group called "None"
+     * (or usually also translated into the system locale, because it's
+     * Windows...).
+     *
+     * Newer versions, at least Windows 10 and higher, set the group to the
+     * user's group, quite like on Linux.
+     *
+     * This has interesting consequences for older Cygwin versions (up to
+     * 1.7.34 probably - we currently use 1.7.33).
+     * Windows has a general concept of users and groups, but keeps a database
+     * of both in a combined way, with actually unique IDs. Hence, if a
+     * directory is owned by an ID that corresponds to the user both in the
+     * owner and group ACLs, then Cygwin gets confused with owner and group
+     * permissions.
+     * Even though the effective group permissions might be "---", it somehow
+     * manages to map the effective owner permissions, that typically are
+     * "rwx", to the UNIX group permissions as well.
+     * Consequently, OpenSSH will error out complaining about the permissions
+     * of the host keys being too open, even though they really are not.
+     *
+     * To work around this problem, we will reset the group ID of
+     * ~/.x2go/etc to the None group ID, which conveniently has a reserved and
+     * fixed value of 513 (RID) or 197121 (Cygwin) across all systems.
+     *
+     * Note that we don't have to do that for ~/x2go/ssh/gen, since we disable
+     * file permission checks for user keys.
+     */
+    QString etc_dir = cygwinPath (wapiShortFileName (homeDir + "/.x2go/etc"));
+
+    QStringList args;
+    args << "-R" << "-v" << etc_dir;
+
+    QProcess chgrp;
+    chgrp.setStandardInputFile (nullDevice ());
+    chgrp.start ("chgrp", args);
+
+    bool fail = false;
+    while (!(chgrp.waitForStarted (10))) {
+        /*
+         * If the process state is still "Starting", it means that the timer in
+         * waitForStarted () ran out. Continue normal execution, otherwise
+         * handle the startup error.
+         */
+        if (QProcess::Starting != chgrp.state ()) {
+            fail = true;
+
+            break;
+        }
+
+        QCoreApplication::processEvents (QEventLoop::AllEvents, 10);
+    }
+
+    if (fail) {
+        show_RichText_WarningMsgBox (tr ("Unable to start chgrp helper."),
+                                     tr ("Changing the group permissions of the X2Go Client-specific "
+                                         "OpenSSH server configuration will not take place.")
+                                     + "\n"
+                                     + tr ("The OpenSSH server might fail to start on newer Windows "
+                                           "versions (10 and higher)."),
+                                     false);
+
+        x2goDebug << "Failed to start chgrp: " << chgrp.error ()
+                  << " with exit status " << chgrp.exitStatus ()
+                  << " and exit code " << chgrp.exitCode ()
+                  << " (invalid unless exit status was QProcess::NormalExit)"
+                  << "; continuing without directory regrouping. sshd might "
+                  << "fail to start up.";
+
+        return;
+    }
+
+    fail = false;
+    while (!(chgrp.waitForFinished (10))) {
+        /*
+         * Pretty much the same logic as above, only slightly adaptated:
+         * a timeout only makes sense if the process is still "Running".
+         * Otherwise it must have died.
+         */
+        if (QProcess::Running != chgrp.state ()) {
+            fail = true;
+
+            break;
+        }
+
+        QCoreApplication::processEvents (QEventLoop::AllEvents, 10);
+    }
+
+    fail = ((fail) || (QProcess::NormalExit != chgrp.exitStatus ()));
+
+    if (fail) {
+        show_RichText_WarningMsgBox (tr ("Execution failure of chgrp helper."),
+                                     tr ("Changing the group permissions of the X2Go Client-specific "
+                                         "OpenSSH server configuration will not take place.")
+                                     + "\n"
+                                     + tr ("The OpenSSH server might fail to start on newer Windows "
+                                           "versions (10 and higher)."),
+                                     false);
+
+        x2goDebug << "chgrp failed during execution: " << chgrp.error ()
+                  << " with exit status " << chgrp.exitStatus ()
+                  << " and exit code " << chgrp.exitCode ()
+                  << " (invalid unless exit status was QProcess::NormalExit)"
+                  << "; continuing without directory regrouping. sshd might "
+                  << "fail to start up.";
+    }
+
+    x2goDebug << "chgrp stdout: " << chgrp.readAllStandardOutput ()
+              << endl << "chgrp stderr: " << chgrp.readAllStandardError ();
+}
+
 #include <windows.h>
 #include<sstream>
 #endif
@@ -10822,8 +10934,13 @@ bool ONMainWindow::startSshd(ONMainWindow::key_types key_type)
      */
     generateEtcFiles ();
 
+#ifdef Q_OS_WIN
+    workaround_cygwin_permissions_issue ();
+#endif
+
     clientSshPort = "7022";
     QString etcDir=homeDir+"/.x2go/etc";
+
     int port=clientSshPort.toInt();
     //clientSshPort have initvalue
     while ( isServerRunning ( port ) )
diff --git a/src/onmainwindow.h b/src/onmainwindow.h
index 47eaa5e..2b78261 100644
--- a/src/onmainwindow.h
+++ b/src/onmainwindow.h
@@ -1187,6 +1187,7 @@ private:
 #ifdef Q_OS_WIN
     void saveCygnusSettings();
     void restoreCygnusSettings();
+    void workaround_cygwin_permissions_issue ();
 #endif
 #if defined  (Q_OS_WIN) || defined (Q_OS_DARWIN)
     QString getXDisplay();

--
Alioth's /home/x2go-admin/maintenancescripts/git/hooks/post-receive-email on /srv/git/code.x2go.org/x2goclient.git

More information about the x2go-commits mailing list