[X2go-dev] Prevent session suspending and resuming

Thu Aug 12 01:56:47 CEST 2010

Hi,

Am 09.08.2010 17:12 schrieb contact at gmli.fr:
> - prevent users from resuming their session
> Is there a way to prevent this ? Or use some kind of "filter" command  
> automatically ?

I use a sshCommand overwriting for this, but it requires that you logon
using a ssh-key.

Maybe you can adopt it for your needs:

.ssh/authorized_keys:
command="/home/username/safe.pl",from="anzeiger??.domain" ssh-rsa KEY

/home/username/safe.pl:
#!/usr/bin/perl

$cmd = $ENV{'SSH_ORIGINAL_COMMAND'};

#open(LOG,">>/home/username/x2gologs");
#print LOG "$cmd\n";
#close(LOG);

if ($cmd eq "export HOSTNAME && x2golistsessions") {
  # no resume of sessions
  exit;
} elsif ($cmd =~ /^x2gocmdexitmessage username-[0-9]+-[a-z0-9A-Z_.]$/) {
  system($cmd);
} elsif ($cmd =~ /^x2gostartagent (\d+x\d+|fullscreen) [a-z]+ [a-z0-9-]+
[a-z0-9_-]+ [a-z]{2,3} pc105\/[a-z]{2,3} [01]( R [a-z0-9-]+)?$/) {
  system($cmd);
} elsif ($cmd =~ /^(setsid x2goruncommand \d+ \d+
username-\d+-\d+(?:_[a-zA-Z0-9_.-]+)? \d+)
start-anzeiger-(NONE|[a-z0-9]{32}) ((?:nosnd R)?\s*>& \/dev\/null &
exit)\s*$/) {
  system("$1 \"/home/username/startanzeiger.sh\" $3");
} elsif ($cmd =~ /^(x2goterminate-session|x2gocmdexitmessage)
username-\d+-\d+_[a-zA-Z0-9_.-]+$/) {
  system($cmd);
} else {
  if ($cmd =~ /^mkdir/) { exit; }
  open(LOG,">>/home/username/x2gologs");
  print LOG "NO: $cmd\n";
  close(LOG);
#  system($cmd);
}

startanzeiger.sh:
#!/bin/bash
PROFILEDIR="/home/username/.mozilla/firefox/"
TMPDIR=$(mktemp -d -p $PROFILEDIR)
PROFILE=${TMPDIR:${#PROFILEDIR}}
cp -a $PROFILEDIR/5jklba54.default/* $TMPDIR
lockfile -5 -r-1 -L 20 $PROFILEDIR/lock.trg
cat $PROFILEDIR/profiles-def.ini > $PROFILEDIR/profiles.ini
echo "[Profile1]" >> $PROFILEDIR/profiles.ini
echo "Name=$PROFILE" >> $PROFILEDIR/profiles.ini
echo "IsRelative=1" >> $PROFILEDIR/profiles.ini
echo "Path=$PROFILE" >> $PROFILEDIR/profiles.ini
echo "Default=0" >> $PROFILEDIR/profiles.ini
iceweasel -P $PROFILE
rm -rf $TMPDIR

And I set up a cronjob for that user:
# m h  dom mon dow   command
3 6 * * 6 find /home/username/.nx /home/username/.x2go/ -mindepth 1
-maxdepth 1 -mtime +5 -print0 | xargs -0 rm -rf

-- 
Best regards,
 Sven Strickroth
 ClamAV, a GPL anti-virus toolkit   http://www.clamav.net
 PGP key id F5A9D4C4 @ any key-server