[X2Go-Dev] Do we really need an x2gouser

Reinhard Tartler siretart at gmail.com
Sun Dec 15 00:48:33 CET 2013 

Hi Oleksandr,

Thank you very much for your email. I see the confusion. Yes, my site
has a centralized user management in the sense that all users are in
/etc/passwd but distributed via some configuration mechanism. This
means that we do not use LDAP, and the user database is imported from
somewhere else. I hesitate to use postgres because I feel it is quite
complex to setup. Also, we use dedicated VMs for each user, so there
is no need server pooling or the like.

I understand from your email that the sqlite database is used to
figure out what are the free X11 display ports. Is this correct? Would
probing for a free port work as well? If yes, then let's have every
user have its own sqlite.

Please let me know what you think.
Reinhard


On Sat, Dec 14, 2013 at 6:26 PM, Oleksandr Shneyder
<o.shneyder at phoca-gmbh.de> wrote:
> Hello Reinhard,
>
> in central DB different sessions information is stored. For example,
> used display numbers and ports. x2gostartagent look in the DB when
> assigning display and ports for new sessions. Historical x2ho has only
> postgresql support. In postgres version users have access only to his
> own entries in sessions table. sqlite support was developed for small
> one-server installation wheres installing of postgresql is oversized. To
> avoid users modify session data only user "x2gouser" has direct access
> to DB. For complex setups with central user administrations you should
> use postgresql instead of sqlite.
>
> regards
> Alex
>
> Am 14.12.2013 23:26, schrieb Reinhard Tartler:
>> Hi,
>>
>> can someone please remind me again why we need a sqlite database that
>> is shared for all users? It allows users to see what other users are
>> currently having running sessions, which I frankly don't consider very
>> important. It could even be considered a privacy issue.
>>
>> If there isn't a good reason for a shared database, why don't we have
>> x2go users have their own sqlite database in their home directory?
>> This would allow to get rid of the x2go user and all suid/sgid
>> complexity that comes with it.
>>
>> Background, I'm trying to have my new employer deploy x2go, and I'm
>> currently having trouble to explain this point. I understand that the
>> current printing implementation requires the x2goprint user, but
>> that's not an issue right now.
>>
>> Thanks, and greetings from NYC!
>>
>
>
> --
> ----------------------------------------------------
> Oleksandr Shneyder  | Email: o.shneyder at phoca-gmbh.de
> phoca GmbH          | Tel. : 0911 - 14870374 0
> Bräuhausgasse 9     | Fax. : 0911 - 14870374 9
> D-82205 Gilching    | Mobil: 0163 - 49 64 461
>
> Geschäftsführung:
> Dipl.-Inf. Oleksandr Shneyder
>
> Amtsgericht München | http://www.phoca-gmbh.de
> HRB 196 658         | http://www.x2go.org
> USt-IdNr.: DE281977973
> ----------------------------------------------------
>
>
> _______________________________________________
> X2Go-Dev mailing list
> X2Go-Dev at lists.berlios.de
> https://lists.berlios.de/mailman/listinfo/x2go-dev



-- 
regards,
    Reinhard

More information about the x2go-dev mailing list