[X2Go-User] x2godbadmin
Mike Gabriel
mike.gabriel at das-netzwerkteam.de
Sun Jun 7 23:21:39 CEST 2015
Hi Franck,
On Do 04 Jun 2015 13:31:52 CEST, BOTZ Franck (Administrateur Systèmes
et Réseaux) - DDT 67/SIDSIC/Pôle Infra wrote:
> My x2gobroker installation works very well (nightly build).
Good!
> I have a question about x2godbadmin and the --addgroup option.
>
> I have supposed that run the command x2godbadmin --addgroup x2gouser
> add the group in the PostgreSQL database and then all members of the
> x2gouser can access to x2goserver
Don't have add users to group "x2gouser". The group is a system group
and only the user "x2gouser" may be a member of this group. If other
users get added to this group your X2Go installation can be
potentially compromised by those users (esp. if you are using the
SQLite backend).
> But after that, it appears that new user add to the group can't open
> a x2gosession. x2goserver say : "Can't read password file
> /home/xxxx/.x2go/sqlpass".
>
> So, what do really this command ?
> * Read the content of the /etc/group/
> * find x2gouser line
> * read the users that are member
> * add on per one in the database the user and write a
> ~/.x2go/sqlpass for each one ?
This question has been brought up several times already.
What I do:
o create a group "with-x2go-access" (or use an already existing
group that can hold all potential X2Go Users)
o run a nightly cron job as root (x2godbadmin --addgroup with-x2go-access)
Not very elegant but working. I agree with you that the DB handling in
X2Go needs some love.
Greets,
Mike
--
DAS-NETZWERKTEAM
mike gabriel, herweg 7, 24357 fleckeby
fon: +49 (1520) 1976 148
GnuPG Key ID 0x25771B31
mail: mike.gabriel at das-netzwerkteam.de, http://das-netzwerkteam.de
freeBusy:
https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: Digitale PGP-Signatur
URL: <http://lists.x2go.org/pipermail/x2go-user/attachments/20150607/d389d0ba/attachment.pgp>
More information about the x2go-user
mailing list