[X2go-dev] Shared DB patches
John A. Sullivan III
jsullivan at opensourcedevel.com
Sun Feb 21 05:25:06 CET 2010
Hello, all. It looks like the line numbers in x2gopgwrapper_net have
changed since I last submitted these patches. These patches have
successfully applied to the latest repository files.
To review what they are for, we felt uncomfortable both with giving our
client desktops ssh access to the single database server and having them
use the postgres super user to access the database. In our multi-tenant
environment with many vserver based X2Go Servers (one X2Go Server per
virtual machine), this was a dangerous security exposure especially
since the PostgreSQL server holds databases besides the X2Go databases.
There is an OpenOffice document included which explains the logic and
the procedures for implementing this secure shared database setup. It
eliminates both the need for ssh and to use the postgres user. Hope
they help someone else - John
-------------- next part --------------
A non-text attachment was scrubbed...
Name: MultiDBSupportNotes.odt
Type: application/vnd.oasis.opendocument.text
Size: 29604 bytes
Desc: not available
URL: <http://lists.x2go.org/pipermail/x2go-dev/attachments/20100220/21b78bb1/attachment.odt>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: x2gocreatebase.sh.diff
Type: text/x-patch
Size: 5825 bytes
Desc: not available
URL: <http://lists.x2go.org/pipermail/x2go-dev/attachments/20100220/21b78bb1/attachment.bin>
-------------- next part --------------
# x2godb.conf
# Copyright 2009 John A. Sullivan III - SSI Services, LP
# Version 0: March 24, 2009 - John Sullivan
# This file is used to set the X2Go database parameters.
# DBNAME defaults to x2go_sessions (optional)
DBNAME=
# SCHEMA defaults to "" (required if using a shared database)
#SCHEMA="$(hostname)"
SCHEMA=
# DBUSER defaults to postgres (optional)
#DBUSER="$(hostname)"
DBUSER=
# If the database server is remote and uses a non-standard SSH port,
# set the port number here
SSHPORT=22
-------------- next part --------------
A non-text attachment was scrubbed...
Name: x2gopgwrapper_local.diff
Type: text/x-patch
Size: 8026 bytes
Desc: not available
URL: <http://lists.x2go.org/pipermail/x2go-dev/attachments/20100220/21b78bb1/attachment-0001.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: x2gopgwrapper_net.diff
Type: text/x-patch
Size: 9973 bytes
Desc: not available
URL: <http://lists.x2go.org/pipermail/x2go-dev/attachments/20100220/21b78bb1/attachment-0002.bin>
More information about the x2go-dev
mailing list