[X2go-dev] Use case for an x2go user-group
Reinhard Tartler
siretart at tauware.de
Fri Feb 18 17:18:45 CET 2011
On Fri, Feb 18, 2011 at 16:55:56 (CET), John A. Sullivan III wrote:
> On Fri, 2011-02-18 at 12:32 +0100, Moritz Struebe wrote:
>> Hi there,
>>
>> we already talked to Alex, but maybe it's a good idea to ask a broader
>> audience: Has anybody got an use case where someone who has ssh access
>> is not allowed to start x2go? In short: We want to get rid of the
>> sudo-entry and use suidperl instead.
> <snip>
> Thanks for asking. I'm not sure what the issues are. Our environment
> is probably one of the most unusual because there is no root access from
> within the virtual machine - only from the host entering the VM. Users
> cannot su. That does not sound like what you are asking, though.
No. The question is if there was a legitimate use-case for having users
that can login via ssh, but are not in the x2gousers group, i.e., cannot
login via x2go.
> They also have significantly restricted access to kernel functions which
> is why the call to fusemount (I forget the exact command) fails in our
> environment and we have to move much of the functionality to the VServer
> host (which is much more efficient than running 400 instances of
> x2gocleansessions) - John
What you describe seems like a reasonably restricted Linux vserver
system to me, but doesn't really relate to the original question.
--
Gruesse/greetings,
Reinhard Tartler, KeyID 945348A4
More information about the x2go-dev
mailing list