[X2Go-User] x2godbadmin

Mike Gabriel mike.gabriel at das-netzwerkteam.de
Sun Jun 7 23:21:39 CEST 2015


Hi Franck,

On  Do 04 Jun 2015 13:31:52 CEST, BOTZ Franck (Administrateur Systèmes  
et Réseaux) - DDT 67/SIDSIC/Pôle Infra wrote:

> My x2gobroker installation works very well (nightly build).

Good!

> I have a question about x2godbadmin and the --addgroup option.
>
> I have supposed that run the command x2godbadmin --addgroup x2gouser  
> add the group in the PostgreSQL database and then all members of the  
> x2gouser can access to x2goserver

Don't have add users to group "x2gouser". The group is a system group  
and only the user "x2gouser" may be a member of this group. If other  
users get added to this group your X2Go installation can be  
potentially compromised by those users (esp. if you are using the  
SQLite backend).

> But after that, it appears that new user add to the group can't open  
> a x2gosession. x2goserver say : "Can't read password file  
> /home/xxxx/.x2go/sqlpass".
>
> So, what do really this command ?
>   * Read the content of the /etc/group/
>   * find x2gouser line
>   * read the users that are member
>   * add on per one in the database the user and write a  
> ~/.x2go/sqlpass for each one ?

This question has been brought up several times already.

What I do:

   o create a group "with-x2go-access" (or use an already existing  
group that can hold all potential X2Go Users)
   o run a nightly cron job as root (x2godbadmin --addgroup with-x2go-access)

Not very elegant but working. I agree with you that the DB handling in  
X2Go needs some love.

Greets,
Mike
-- 

DAS-NETZWERKTEAM
mike gabriel, herweg 7, 24357 fleckeby
fon: +49 (1520) 1976 148

GnuPG Key ID 0x25771B31
mail: mike.gabriel at das-netzwerkteam.de, http://das-netzwerkteam.de

freeBusy:
https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: Digitale PGP-Signatur
URL: <http://lists.x2go.org/pipermail/x2go-user/attachments/20150607/d389d0ba/attachment.pgp>


More information about the x2go-user mailing list