Annotation of /trunk/nxserver-freenx/patches/nxserver-freenx-0.7.3-lp-fixes.patch
Parent Directory | Revision Log
Revision 1792 -
(hide annotations)
(download)
Mon Jun 4 14:33:04 2012 UTC (12 years, 3 months ago) by niro
File size: 45400 byte(s)
Mon Jun 4 14:33:04 2012 UTC (12 years, 3 months ago) by niro
File size: 45400 byte(s)
-freenx-0.7.3 patches and files
1 | niro | 1792 | diff -rud -x .bzr freenx-server-0.7.3/ChangeLog freenx-server.fixes/ChangeLog |
2 | --- freenx-server-0.7.3/ChangeLog 2008-08-22 02:44:43.000000000 +0200 | ||
3 | +++ freenx-server.fixes/ChangeLog 2009-11-23 10:16:13.106350517 +0100 | ||
4 | @@ -1,3 +1,20 @@ | ||
5 | +xx.11.2008 FreeNX 0.7.4 | ||
6 | + * Opened the 0.7.4 development. | ||
7 | + * Fixed missing export of NX_ETC_DIR in Makefile, | ||
8 | + so node.conf.sample is installed correctly. | ||
9 | + (fabianx@bat.berlios.de) | ||
10 | + * Fixed broken round-robin load balance algorithm. | ||
11 | + (fabianx@bat.berlios.de) | ||
12 | + * Fixed --terminate|--suspend|--force-terminate for | ||
13 | + load balancing case. | ||
14 | + (fabianx@bat.berlios.de) | ||
15 | + * Fixed --terminate|--suspend|--force-terminate for | ||
16 | + usermode case. | ||
17 | + (fabianx@bat.berlios.de) | ||
18 | + * Fixed non-encrypted session mode. You might need to | ||
19 | + set EXTERNAL_PROXY_IP in node.conf. | ||
20 | + (fabianx@bat.berlios.de) | ||
21 | + | ||
22 | 18.08.2008 FreeNX 0.7.3 "Priscilla One Year Edition" | ||
23 | * Opened the 0.7.3 development. | ||
24 | * Added logging of failed authentication attempts | ||
25 | Only in freenx-server.fixes: data | ||
26 | diff -rud -x .bzr freenx-server-0.7.3/init.d/freenx-server freenx-server.fixes/init.d/freenx-server | ||
27 | --- freenx-server-0.7.3/init.d/freenx-server 2008-03-02 11:29:52.000000000 +0100 | ||
28 | +++ freenx-server.fixes/init.d/freenx-server 2009-11-23 10:16:13.100350348 +0100 | ||
29 | @@ -1,28 +1,43 @@ | ||
30 | #!/bin/bash | ||
31 | -# | ||
32 | -# Sample startup script for FreeNX server | ||
33 | -# | ||
34 | -# Coypright (c) 2007 by Fabian Franz <freenx@fabian-franz.de>. | ||
35 | -# | ||
36 | -# License: GNU GPL, version 2 | ||
37 | -# | ||
38 | -# SVN: $Id: freenx-server 485 2008-03-02 10:29:52Z fabianx $ | ||
39 | -# | ||
40 | |||
41 | -# Read the config file | ||
42 | -. $(PATH=$(cd $(dirname $0) && pwd):$PATH which nxloadconfig) -- | ||
43 | +### BEGIN INIT INFO | ||
44 | +# Provides: freenx_server | ||
45 | +# Required-Start: sshd | ||
46 | +# Required-Stop: sshd | ||
47 | +# Default-Start: 2 3 4 5 | ||
48 | +# Default-Stop: 0 1 6 | ||
49 | +# Short-Description: FreeNX Server | ||
50 | +# Description: Cleanup FreeNX Server session database at boot time | ||
51 | +### END INIT INFO | ||
52 | + | ||
53 | +PATH_BIN=/usr/lib/nx | ||
54 | |||
55 | case "$1" in | ||
56 | start) | ||
57 | - [ ! -d "/tmp/.X11-unix" ] && mkdir -m1755 /tmp/.X11-unix/ | ||
58 | + if [ ! -e "/var/run/freenx-server" ]; then | ||
59 | + [ ! -d "/tmp/.X11-unix" ] && mkdir -m1755 /tmp/.X11-unix/ | ||
60 | + $PATH_BIN/nxserver --cleanup | ||
61 | + $PATH_BIN/nxserver --start | ||
62 | + touch "/var/run/freenx-server"; | ||
63 | + else | ||
64 | + echo "Not starting freenx-server, it's already started." | ||
65 | + fi | ||
66 | + ;; | ||
67 | + restart|force-reload) | ||
68 | $PATH_BIN/nxserver --cleanup | ||
69 | $PATH_BIN/nxserver --start | ||
70 | + touch "/var/run/freenx-server"; | ||
71 | ;; | ||
72 | stop) | ||
73 | $PATH_BIN/nxserver --stop | ||
74 | $PATH_BIN/nxserver --cleanup | ||
75 | - ;; | ||
76 | + rm -f /var/run/freenx-server | ||
77 | + ;; | ||
78 | + status) | ||
79 | + [ ! -e "/var/run/freenx-server" ] || exit 3 | ||
80 | + exit 0; | ||
81 | + ;; | ||
82 | *) | ||
83 | - echo "Usage: $0 <start|stop>" | ||
84 | + echo "Usage: $0 <start|restart|stop|force-reload|status>" | ||
85 | ;; | ||
86 | esac | ||
87 | diff -rud -x .bzr freenx-server-0.7.3/Makefile freenx-server.fixes/Makefile | ||
88 | --- freenx-server-0.7.3/Makefile 2008-08-18 04:16:25.000000000 +0200 | ||
89 | +++ freenx-server.fixes/Makefile 2009-11-23 10:16:13.102350032 +0100 | ||
90 | @@ -8,7 +8,7 @@ | ||
91 | all: | ||
92 | cd nxviewer-passwd && xmkmf && make Makefiles && make depend | ||
93 | source nxloadconfig &&\ | ||
94 | - export PATH_BIN PATH_LIB CUPS_BACKEND NX_VERSION &&\ | ||
95 | + export PATH_BIN PATH_LIB CUPS_BACKEND NX_VERSION NX_ETC_DIR &&\ | ||
96 | for i in $(SUBDIRS) ; \ | ||
97 | do\ | ||
98 | echo "making" all "in $$i..."; \ | ||
99 | @@ -35,14 +35,29 @@ | ||
100 | #$(MAKE) suid_install | ||
101 | |||
102 | clean: | ||
103 | - make -C nxviewer-passwd clean | ||
104 | for i in $(SUBDIRS) ; \ | ||
105 | do\ | ||
106 | echo "making" clean "in $$i..."; \ | ||
107 | - $(MAKE) -C $$i clean || exit 1;\ | ||
108 | + if test -e "$$i/Makefile"; \ | ||
109 | + then $(MAKE) -C $$i clean || exit 1;\ | ||
110 | + else echo ignoring $$i;\ | ||
111 | + fi;\ | ||
112 | done | ||
113 | + rm -f nxviewer-passwd/Makefile.back | ||
114 | + rm -f nxviewer-passwd/Makefile | ||
115 | + rm -f nxviewer-passwd/nxpasswd/Makefile | ||
116 | + rm -f nxviewer-passwd/libvncauth/Makefile | ||
117 | |||
118 | install: | ||
119 | source nxloadconfig &&\ | ||
120 | - export PATH_BIN PATH_LIB CUPS_BACKEND NX_VERSION &&\ | ||
121 | + export PATH_BIN PATH_LIB CUPS_BACKEND NX_VERSION NX_ETC_DIR &&\ | ||
122 | $(MAKE) nxenv_install | ||
123 | + | ||
124 | +debian-tarball: | ||
125 | + mkdir freenx-server | ||
126 | + cp -r * freenx-server || echo 0 | ||
127 | + sed "s/NX_VERSION=3.2.0-74-SVN/NX_VERSION=3.2.0-74-TEAMBZR`bzr revno`/" nxloadconfig > freenx-server/nxloadconfig | ||
128 | + rm -rf freenx-server/.bzr* | ||
129 | + rm -rf freenx-server/freenx-server | ||
130 | + [ -d ".bzr" ] && tar -czf ../freenx-server_0.7.3+teambzr`bzr revno`.orig.tar.gz freenx-server | ||
131 | + rm -rf freenx-server | ||
132 | diff -rud -x .bzr freenx-server-0.7.3/node.conf.sample freenx-server.fixes/node.conf.sample | ||
133 | --- freenx-server-0.7.3/node.conf.sample 2008-08-22 02:44:43.000000000 +0200 | ||
134 | +++ freenx-server.fixes/node.conf.sample 2009-11-23 10:16:13.102350032 +0100 | ||
135 | @@ -37,7 +37,7 @@ | ||
136 | # | ||
137 | # https://mail.kde.org/mailman/listinfo/freenx-knx | ||
138 | # | ||
139 | -# SVN: $Id: node.conf.sample 580 2008-08-22 00:44:43Z fabianx $ | ||
140 | +# SVN: $Id: node.conf.sample 613 2008-09-01 20:42:31Z fabianx $ | ||
141 | |||
142 | ######################################################################### | ||
143 | # General FreeNX directives | ||
144 | @@ -47,6 +47,11 @@ | ||
145 | # different than the default hostname (as returned by `hostname`) | ||
146 | #SERVER_NAME="$(hostname)" | ||
147 | |||
148 | +# The node ip which is used by NX Node in unecnrypted session mode. | ||
149 | +# Set it if you want to use a specific external ip or the autodetection | ||
150 | +# is not working. | ||
151 | +#EXTERNAL_PROXY_IP="" | ||
152 | + | ||
153 | # The port number where local 'sshd' is listening. | ||
154 | #SSHD_PORT=22 | ||
155 | |||
156 | @@ -501,6 +506,11 @@ | ||
157 | #USER_X_STARTUP_SCRIPT=.Xclients | ||
158 | #DEFAULT_X_SESSION=/etc/X11/xdm/Xsession | ||
159 | |||
160 | +# When the session is started some distros execute some scripts to get the | ||
161 | +# environment ready. Set 1 if you want DEFAULT_X_SESSION to be called before | ||
162 | +# executing the session. | ||
163 | +#BOOTSTRAP_X_SESSION="0" | ||
164 | + | ||
165 | # The key that contains the name of the script that starts a KDE session. | ||
166 | # It's run when a 'unix-kde' session is requested by the client. | ||
167 | #COMMAND_START_KDE=startkde | ||
168 | diff -rud -x .bzr freenx-server-0.7.3/nxdesktop_helper freenx-server.fixes/nxdesktop_helper | ||
169 | --- freenx-server-0.7.3/nxdesktop_helper 2008-08-06 00:52:30.000000000 +0200 | ||
170 | +++ freenx-server.fixes/nxdesktop_helper 2009-11-23 10:16:13.099350087 +0100 | ||
171 | @@ -37,8 +37,11 @@ | ||
172 | agent_password=$(url_decode "$agent_password") | ||
173 | agent_password=$(url_decode "$agent_password") | ||
174 | |||
175 | +[ "$agent_domain" = "" ] || DOMAIN="-d $agent_domain" | ||
176 | +[ "$windows_app" = "$0" ] || [ "$windows_app" = "" ] || APPLICATION="-s \"$windows_app\"" | ||
177 | + | ||
178 | # setup commandline | ||
179 | -set -- -u "$agent_user" -k "$agent_keyboard" -d "$agent_domain" -f -s "$windows_app" $AGENT_EXTRA_OPTIONS_RDP "$agent_server" | ||
180 | +set -- -u "$agent_user" -k "$agent_keyboard" $APPLICATION $DOMAIN -f $AGENT_EXTRA_OPTIONS_RDP "$agent_server" | ||
181 | |||
182 | if [ -n "$agent_password" ] | ||
183 | then | ||
184 | diff -rud -x .bzr freenx-server-0.7.3/nxdialog freenx-server.fixes/nxdialog | ||
185 | --- freenx-server-0.7.3/nxdialog 2008-03-11 00:01:03.000000000 +0100 | ||
186 | +++ freenx-server.fixes/nxdialog 2009-11-23 10:16:13.102350032 +0100 | ||
187 | @@ -76,7 +76,10 @@ | ||
188 | # This is now fixed in NXClient 3.0.0, but still people sometimes use | ||
189 | # older clients. | ||
190 | |||
191 | -NXCLIENT="/usr/NX/bin/nxclient" | ||
192 | +[ -x "/usr/bin/nxclient" ] && NXCLIENT="/usr/bin/nxclient" | ||
193 | +[ -x "/usr/NX/bin/nxclient" ] && NXCLIENT="/usr/NX/bin/nxclient" | ||
194 | +[ -z "$NXCLIENT" ] && NXCLIENT="/usr/NX/bin/nxclient" | ||
195 | + | ||
196 | [ -x "$NXCLIENT" -a "$DIALOG_TYPE" != "printer" -a "$(file -bi $NXCLIENT)" != 'application/x-shellscript' ] \ | ||
197 | && exec ${NXCLIENT} "${PARAMS[@]}" | ||
198 | |||
199 | diff -rud -x .bzr freenx-server-0.7.3/nxkeygen freenx-server.fixes/nxkeygen | ||
200 | --- freenx-server-0.7.3/nxkeygen 2008-03-11 00:01:03.000000000 +0100 | ||
201 | +++ freenx-server.fixes/nxkeygen 2009-11-23 10:16:13.099350087 +0100 | ||
202 | @@ -18,7 +18,7 @@ | ||
203 | # Read the config file | ||
204 | . $(PATH=$(cd $(dirname $0) && pwd):$PATH which nxloadconfig) -- | ||
205 | |||
206 | -NX_KEY_DIR="$NX_HOME_DIR/.ssh" | ||
207 | +[ -z "$NX_KEY_DIR" ] && NX_KEY_DIR="$NX_HOME_DIR/.ssh" | ||
208 | DATE="`date '+%Y%m%d-%H%M%S'`" | ||
209 | NX_CLIENT_KEY="${NX_KEY_DIR}/client.id_dsa.key" | ||
210 | NX_SERVER_KEY="${NX_KEY_DIR}/server.id_dsa.pub.key" | ||
211 | @@ -69,5 +69,10 @@ | ||
212 | echo "on their computers." | ||
213 | } | ||
214 | |||
215 | +if [ -f "${NX_SERVER_KEY}" -a -f "${NX_CLIENT_KEY}" -a ! -z "$NX_DONT_OVERRIDE" ]; then | ||
216 | + echo "Not overriding the existing key" | ||
217 | + exit | ||
218 | +fi | ||
219 | + | ||
220 | main "$@" | ||
221 | |||
222 | diff -rud -x .bzr freenx-server-0.7.3/nxloadconfig freenx-server.fixes/nxloadconfig | ||
223 | --- freenx-server-0.7.3/nxloadconfig 2008-08-22 02:44:43.000000000 +0200 | ||
224 | +++ freenx-server.fixes/nxloadconfig 2009-11-23 10:16:13.103349734 +0100 | ||
225 | @@ -5,7 +5,7 @@ | ||
226 | # | ||
227 | # License: GPL, version 2 | ||
228 | # | ||
229 | -# SVN: $Id: nxloadconfig 580 2008-08-22 00:44:43Z fabianx $ | ||
230 | +# SVN: $Id: nxloadconfig 613 2008-09-01 20:42:31Z fabianx $ | ||
231 | # | ||
232 | # ======================================================================== | ||
233 | |||
234 | @@ -52,7 +52,7 @@ | ||
235 | # DO NOT TOUCH unless you REALLY know what you are doing | ||
236 | ######################################################################### | ||
237 | |||
238 | -NX_VERSION=3.2.0-73 | ||
239 | +NX_VERSION=3.2.0-74-SVN | ||
240 | NX_LICENSE="OS (GPL, using backend: %BACKEND%)" | ||
241 | |||
242 | # Where can different nx components be found | ||
243 | @@ -85,7 +85,15 @@ | ||
244 | # General FreeNX directives | ||
245 | |||
246 | SERVER_NAME="$(hostname)" | ||
247 | -SSHD_PORT=22 | ||
248 | +EXTERNAL_PROXY_IP="" | ||
249 | +if [ -r "/etc/ssh/sshd_config" ] | ||
250 | +then | ||
251 | + SSHD_PORT=$(grep "^ *Port " -m 1 /etc/ssh/sshd_config | awk '{ print $2 ;}') | ||
252 | + [ -z $(echo "$SSHD_PORT" | egrep "^[1-9][0-9]{0,4}$") ] && SSHD_PORT=22 | ||
253 | +else | ||
254 | + SSHD_PORT=22 | ||
255 | +fi | ||
256 | + | ||
257 | |||
258 | # Authentication / Security directives | ||
259 | |||
260 | @@ -184,8 +192,14 @@ | ||
261 | |||
262 | DEFAULT_X_WM="" | ||
263 | KILL_DEFAULT_X_WM="1" | ||
264 | +BOOTSTRAP_X_SESSION="0" | ||
265 | USER_X_STARTUP_SCRIPT=.Xclients | ||
266 | DEFAULT_X_SESSION=/etc/X11/xdm/Xsession | ||
267 | +COMMAND_GDM_X_SESSION="/etc/gdm/Xsession custom" | ||
268 | +if [ ! -x "$COMMAND_GDM_X_SESSION" ] | ||
269 | +then | ||
270 | + COMMAND_GDM_X_SESSION="/etc/X11/Xsession" | ||
271 | +fi | ||
272 | COMMAND_START_KDE=startkde | ||
273 | COMMAND_START_GNOME=gnome-session | ||
274 | COMMAND_START_CDE=cdwm | ||
275 | @@ -207,6 +221,21 @@ | ||
276 | COMMAND_X11VNC="x11vnc" | ||
277 | COMMAND_TASKSET="taskset" | ||
278 | |||
279 | +COMMAND_NXSHADOWACL="$PATH_BIN/nxshadowacl" | ||
280 | +COMMAND_NXACL="$PATH_BIN/nxacl" | ||
281 | +COMMAND_NXCHECKLOAD="$PATH_BIN/nxcheckload" | ||
282 | +COMMAND_NXAGENT="$PATH_BIN/nxagent" | ||
283 | + | ||
284 | +# Guest directives | ||
285 | +ENABLE_GUEST_LOGIN="0" | ||
286 | +COMMAND_GUEST_LOGIN="/usr/lib/nx/guest/nxnode" | ||
287 | +# Try to use protected enviroment for guest sessions | ||
288 | +COMMAND_GUEST_X_SESSION="/usr/share/gdm/guest-session/Xsession custom" | ||
289 | +if [ ! -x "/usr/share/gdm/guest-session/Xsession" ] | ||
290 | +then | ||
291 | + COMMAND_GUEST_X_SESSION=$COMMAND_GDM_X_SESSION | ||
292 | +fi | ||
293 | + | ||
294 | # Misc directives | ||
295 | |||
296 | ENABLE_1_5_0_BACKEND="" | ||
297 | @@ -287,12 +316,25 @@ | ||
298 | { ! mywhich "$PATH_BIN/nxdesktop"; } >/dev/null 2>&1 && ENABLE_EXTERNAL_NXDESKTOP="1" | ||
299 | { ! mywhich "$PATH_BIN/nxviewer"; } >/dev/null 2>&1 && ENABLE_EXTERNAL_NXVIEWER="1" | ||
300 | { ! mywhich "$COMMAND_VNCPASSWD" && which vncpasswd; } >/dev/null 2>&1 && COMMAND_VNCPASSWD=$(which vncpasswd) | ||
301 | + { ! mywhich "$COMMAND_NXSHADOWACL" && test -f /etc/nxserver/nxshadowacl; } >/dev/null 2>&1 && COMMAND_NXSHADOWACL=/etc/nxserver/nxshadowacl | ||
302 | + { ! mywhich "$COMMAND_NXACL" && test -f /etc/nxserver/nxacl; } >/dev/null 2>&1 && COMMAND_NXACL=/etc/nxserver/nxacl | ||
303 | + { ! mywhich "$COMMAND_NXCHECKLOAD" && test -f /etc/nxserver/nxcheckload; } >/dev/null 2>&1 && COMMAND_NXCHECKLOAD=/etc/nxserver/nxcheckload | ||
304 | + { ! mywhich "$COMMAND_NXAGENT" && which nxagent; } >/dev/null 2>&1 && COMMAND_NXAGENT=$(which nxagent) | ||
305 | fi | ||
306 | |||
307 | ######################################################################### | ||
308 | # node.conf file evaluation | ||
309 | ######################################################################### | ||
310 | |||
311 | +SHARED_CONFS="/usr/share/freenx-server" | ||
312 | +if [ -d $SHARED_CONFS/node.conf.d ] | ||
313 | +then | ||
314 | + for i in $SHARED_CONFS/node.conf.d/* | ||
315 | + do | ||
316 | + [ -e $i ] && . $i | ||
317 | + done | ||
318 | +fi | ||
319 | + | ||
320 | if [ -d $NX_ETC_DIR/node.conf.d ] | ||
321 | then | ||
322 | for i in $NX_ETC_DIR/node.conf.d/* | ||
323 | @@ -317,7 +359,7 @@ | ||
324 | [ -z "$APPLICATION_LIBRARY_PATH" ] && APPLICATION_LIBRARY_PATH=$PATH_LIB | ||
325 | [ -z "$APPLICATION_LIBRARY_PRELOAD" ] && APPLICATION_LIBRARY_PRELOAD="$APPLICATION_LIBRARY_PATH/libX11.so.6.2:$APPLICATION_LIBRARY_PATH/libXext.so.6.4:$APPLICATION_LIBRARY_PATH/libXcomp.so:$APPLICATION_LIBRARY_PATH/libXcompext.so:$APPLICATION_LIBRARY_PATH/libXrender.so.1.2" | ||
326 | |||
327 | -NX_BACKEND_VERSION=$(strings $PATH_BIN/nxagent 2>/dev/null | egrep 'NXAGENT - Version' | sed 's/.*Version //g') | ||
328 | +NX_BACKEND_VERSION=$(strings $COMMAND_NXAGENT 2>/dev/null | egrep 'NXAGENT - Version' | sed 's/.*Version //g') | ||
329 | |||
330 | [ "$ENABLE_1_5_0_BACKEND" = "1" ] && NX_BACKEND_VERSION="1.5.0" # forced the backend | ||
331 | |||
332 | @@ -354,19 +396,19 @@ | ||
333 | ERROR="yes" && echo "Error: Invalid value \"PATH_BIN=$PATH_BIN\"" | ||
334 | # Check for NX agents ... | ||
335 | |||
336 | - [ ! -x "$PATH_BIN/nxagent" ] && \ | ||
337 | + [ ! -x "$COMMAND_NXAGENT" ] && \ | ||
338 | ERROR="yes" && echo "Error: Could not find nxagent in $PATH_BIN. Please install some OSS components." | ||
339 | |||
340 | - if [ "ENABLE_EXTERNAL_NXDESKTOP" = "1" ] | ||
341 | + if [ "$ENABLE_EXTERNAL_NXDESKTOP" = "1" ] | ||
342 | then | ||
343 | [ ! mywhich "$COMMAND_RDESKTOP" >/dev/null 2>&1 ] && \ | ||
344 | WARNING="yes" && echo "Warning: Could not find COMMAND_RDESKTOP=$COMMAND_RDESKTOP. RDP sessions won't work." | ||
345 | else | ||
346 | [ ! -x "$PATH_BIN/nxdesktop" ] && \ | ||
347 | - WARNING="yes" && echo "Warning: Could not find nxdesktop in $PATH_BIN. RDP sessions won't work." | ||
348 | + WARNING="yes" && echo "Warning: Could not find nxdesktop in $PATH_BIN. RDP sessions won't work. Ignore if you use NX > 3.2" | ||
349 | fi | ||
350 | |||
351 | - if [ "ENABLE_EXTERNAL_NXVIEWER" = "1" ] | ||
352 | + if [ "$ENABLE_EXTERNAL_NXVIEWER" = "1" ] | ||
353 | then | ||
354 | [ ! mywhich "$COMMAND_VNCVIEWER" >/dev/null 2>&1 ] && \ | ||
355 | WARNING="yes" && echo "Warning: Could not find COMMAND_VNCVIEWER=$COMMAND_VNCVIEWER. VNC sessions won't work." | ||
356 | @@ -374,7 +416,7 @@ | ||
357 | WARNING="yes" && echo "Warning: Could not find COMMAND_VNCPASSWD=$COMMAND_VNCPASSWD. VNC sessions won't work." | ||
358 | else | ||
359 | [ ! -x "$PATH_BIN/nxviewer" ] && \ | ||
360 | - WARNING="yes" && echo "Warning: Could not find nxviewer in $PATH_BIN. VNC sessions won't work." | ||
361 | + WARNING="yes" && echo "Warning: Could not find nxviewer in $PATH_BIN. VNC sessions won't work. Ignore if you use NX > 3.2" | ||
362 | fi | ||
363 | |||
364 | [ ! mywhich "$COMMAND_X11VNC" >/dev/null 2>&1 ] && \ | ||
365 | @@ -400,10 +442,12 @@ | ||
366 | |||
367 | OLD_IFS=$IFS | ||
368 | IFS=":" | ||
369 | - for LIBRARY in $APPLICATION_LIBRARY_PRELOAD; do | ||
370 | - [ ! -e $LIBRARY ] && \ | ||
371 | - WARNING="yes" && echo "Warning: Invalid value \"APPLICATION_LIBRARY_PRELOAD=$APPLICATION_LIBRARY_PRELOAD\". $LIBRARY could not be found. Users will not be able to run a single application in non-rootless mode." && break ; | ||
372 | - done | ||
373 | + if [ "$SET_LD_LIBRARY_PATH" = "1" ]; then | ||
374 | + for LIBRARY in $APPLICATION_LIBRARY_PRELOAD; do | ||
375 | + [ ! -e $LIBRARY ] && \ | ||
376 | + WARNING="yes" && echo "Warning: Invalid value \"APPLICATION_LIBRARY_PRELOAD=$APPLICATION_LIBRARY_PRELOAD\". $LIBRARY could not be found. Users will not be able to run a single application in non-rootless mode." && break ; | ||
377 | + done | ||
378 | + fi | ||
379 | IFS=$OLD_IFS | ||
380 | |||
381 | [ -z "$SSH_AUTHORIZED_KEYS" ] && \ | ||
382 | @@ -579,7 +623,7 @@ | ||
383 | && echo " Users will not be able to enable printing." | ||
384 | [ -z "$(strings $COMMAND_CUPSD | egrep 'CUPS\/1.2')" ] && \ | ||
385 | WARNING="yes" && echo "Warning: Invalid cupsd version of \"$COMMAND_CUPSD\". Need version 1.2." \ | ||
386 | - && echo " Users will not be able to enable printing." | ||
387 | + && echo " Users will not be able to enable printing. Ignore if you use cups > 1.2" | ||
388 | ! mywhich "$COMMAND_MD5SUM" >/dev/null 2>&1 && \ | ||
389 | ERROR="yes" && echo "Error: Invalid value \"COMMAND_MD5SUM=$COMMAND_MD5SUM\"" | ||
390 | |||
391 | @@ -606,8 +650,8 @@ | ||
392 | [ -z $(echo "$ENABLE_ROOTLESS_MODE" | egrep "^[0|1]$") ] && \ | ||
393 | ERROR="yes" && echo "Error: Invalid value \"ENABLE_ROOTLESS_MODE=$ENABLE_ROOTLESS_MODE\"" | ||
394 | |||
395 | - [ -z "$(strings $PATH_BIN/nxagent | egrep 'NXAGENT - Version 1.5.0|NXAGENT - Version 2.[01].0|NXAGENT - Version 3.[012].0')" ] && \ | ||
396 | - WARNING="yes" && echo "Error: Could not find 1.5.0 or 2.[01].0 or 3.[01].0 version string in nxagent. NX 1.5.0 or 2.[01].0 or 3.[012].0 backend is needed for this version of FreeNX." | ||
397 | + [ -z "$(strings $COMMAND_NXAGENT | egrep 'NXAGENT - Version 1.5.0|NXAGENT - Version 2.[01].0|NXAGENT - Version 3.[0123].0')" ] && \ | ||
398 | + WARNING="yes" && echo "Error: Could not find 1.5.0 or 2.[01].0 or 3.[0123].0 version string in nxagent. NX 1.5.0 or 2.[01].0 or 3.[0123].0 backend is needed for this version of FreeNX." | ||
399 | |||
400 | [ -z $(echo "$ENABLE_USESSION" | egrep "^[0|1]$") ] && \ | ||
401 | ERROR="yes" && echo "Error: Invalid value \"ENABLE_USESSION=$ENABLE_USESSION\"" | ||
402 | diff -rud -x .bzr freenx-server-0.7.3/nxnode freenx-server.fixes/nxnode | ||
403 | --- freenx-server-0.7.3/nxnode 2008-08-22 02:44:43.000000000 +0200 | ||
404 | +++ freenx-server.fixes/nxnode 2009-11-23 10:16:13.104350274 +0100 | ||
405 | @@ -13,7 +13,7 @@ | ||
406 | # | ||
407 | # License: GNU GPL, version 2 | ||
408 | # | ||
409 | -# SVN: $Id: nxnode 580 2008-08-22 00:44:43Z fabianx $ | ||
410 | +# SVN: $Id: nxnode 613 2008-09-01 20:42:31Z fabianx $ | ||
411 | # | ||
412 | # 21.06.2004: - Full reconnection support | ||
413 | |||
414 | @@ -217,7 +217,11 @@ | ||
415 | unix-cde) | ||
416 | NODE_STARTX=$COMMAND_START_CDE | ||
417 | ;; | ||
418 | - unix-application|windows-helper|vnc-helper) | ||
419 | + windows-helper) | ||
420 | + application="$PATH_BIN/nxdesktop_helper" | ||
421 | + NODE_STARTX=$application | ||
422 | + ;; | ||
423 | + unix-application|vnc-helper) | ||
424 | [ "$application" = "xterm" ] && application=$COMMAND_XTERM | ||
425 | NODE_STARTX=$application | ||
426 | ;; | ||
427 | @@ -303,6 +307,7 @@ | ||
428 | fi | ||
429 | |||
430 | [ "$cups" = "1" -a "$ENABLE_CUPS_SERVER_EXPORT" = "1" ] && export CUPS_SERVER="$USER_FAKE_HOME/.nx/C-$sess_id/cups/cups.sock" | ||
431 | + [ "$samba" = "1" -a "$ENABLE_CUPS_SERVER_EXPORT" = "1" ] && [ -d "$USER_FAKE_HOME/.nx/C-$sess_id/cups" ] && export CUPS_SERVER="$USER_FAKE_HOME/.nx/C-$sess_id/cups/cups.sock" | ||
432 | |||
433 | if [ "$ENABLE_SAMBA_PRELOAD" = "1" -a -x "$PATH_BIN/nxredir" ] | ||
434 | then | ||
435 | @@ -332,6 +337,33 @@ | ||
436 | [ -d /etc/X11/Xresources ] && xrdb -display :$display -merge /etc/X11/Xresources/* >>"$USER_FAKE_HOME/.nx/C-$sess_id/session" 2>&1 | ||
437 | |||
438 | # | ||
439 | + # Use Xsession to execute the Desktop session | ||
440 | + # | ||
441 | + | ||
442 | + case $type in | ||
443 | + unix-gnome) | ||
444 | + export STARTUP="$NODE_APPLICATION" | ||
445 | + if [ "$login_method" = "GUEST" ] | ||
446 | + then | ||
447 | + NODE_APPLICATION=$COMMAND_GUEST_X_SESSION | ||
448 | + elif [ "$BOOTSTRAP_X_SESSION" = "1" ] | ||
449 | + then | ||
450 | + NODE_APPLICATION=$COMMAND_GDM_X_SESSION | ||
451 | + fi | ||
452 | + ;; | ||
453 | + unix-kde|unix-cde) | ||
454 | + export STARTUP="$NODE_APPLICATION" | ||
455 | + if [ "$login_method" = "GUEST" ] | ||
456 | + then | ||
457 | + NODE_APPLICATION=$COMMAND_GUEST_X_SESSION | ||
458 | + elif [ "$BOOTSTRAP_X_SESSION" = "1" ] | ||
459 | + then | ||
460 | + NODE_APPLICATION=$DEFAULT_X_SESSION | ||
461 | + fi | ||
462 | + ;; | ||
463 | + esac | ||
464 | + | ||
465 | + # | ||
466 | # Startup the application | ||
467 | # | ||
468 | |||
469 | @@ -370,6 +402,12 @@ | ||
470 | node_agent_persistent_session() | ||
471 | { | ||
472 | P="-nopersistent" | ||
473 | + # Guest sessions are always nonpersistent | ||
474 | + if [ "$login_method" = "GUEST" ] | ||
475 | + then | ||
476 | + echo "$P" | ||
477 | + return | ||
478 | + fi | ||
479 | OLD_IFS=$IFS | ||
480 | IFS="," | ||
481 | [ "$ENABLE_PERSISTENT_SESSION" = "all" ] && P="-persistent" | ||
482 | @@ -540,7 +578,8 @@ | ||
483 | |||
484 | # Start the agent | ||
485 | |||
486 | - PATH="$PATH_BIN:$PATH" $PATH_BIN/nxagent $P $R -name "NX - $user@$SERVER_NAME:$display - $session (GPL Edition)" -option "$USER_FAKE_HOME/.nx/C-$sess_id/options" $K $G $B $FP $AGENT_EXTRA_OPTIONS_X :$display 2>&3 & | ||
487 | + #PATH="$PATH_BIN:$PATH" $COMMAND_NXAGENT $P $R -name "NX - $user@$SERVER_NAME:$display - $session (GPL Edition)" -option "$USER_FAKE_HOME/.nx/C-$sess_id/options" $K $G $B $FP $AGENT_EXTRA_OPTIONS_X :$display 2>&3 & | ||
488 | + PATH="$PATH_BIN:$PATH" $COMMAND_NXAGENT $P $R -name "NX - $user@$SERVER_NAME:$display - $session (GPL Edition)" -option "$USER_FAKE_HOME/.nx/C-$sess_id/options" $B $FP $AGENT_EXTRA_OPTIONS_X :$display 2>&3 & | ||
489 | fi | ||
490 | |||
491 | # | ||
492 | @@ -699,7 +738,15 @@ | ||
493 | [ -e "$USER_FAKE_HOME/.nx/C-$sess_id/scripts/mpoint" ] || return | ||
494 | cat "$USER_FAKE_HOME/.nx/C-$sess_id/scripts/mpoint" | while read mpoint | ||
495 | do | ||
496 | - $COMMAND_SMBUMOUNT "$mpoint" >/dev/null 2>/dev/null | ||
497 | + for i in `seq 1 15` ; do | ||
498 | + if [ "$(mount | grep "$mpoint" | wc -l)" -ne 0 ] ; then | ||
499 | + $COMMAND_SMBUMOUNT "$mpoint" >/dev/null 2>/dev/null | ||
500 | + [ $? -ne 0 ] && $COMMAND_SMBUMOUNT -f "$mpoint" >/dev/null 2>/dev/null | ||
501 | + else | ||
502 | + break | ||
503 | + fi | ||
504 | + sleep 0.5s | ||
505 | + done | ||
506 | done | ||
507 | } | ||
508 | |||
509 | @@ -842,9 +889,9 @@ | ||
510 | |||
511 | if stringinstring "Session: Display failure detected at" "$line" | ||
512 | then | ||
513 | - echo "NX> 596 Error: Session $1 failed. Reason was: $line" | ||
514 | if [ "$1" = "restore" ] | ||
515 | then | ||
516 | + echo "NX> 596 Error: Session $1 failed. Reason was: $line" | ||
517 | kill $NODE_TAIL_PID | ||
518 | break | ||
519 | fi | ||
520 | @@ -1030,6 +1077,7 @@ | ||
521 | session=$(getparam session) | ||
522 | type=$(getparam type | sed 's/%2d/-/g') | ||
523 | application=$(getparam application) | ||
524 | + windows_app=$(getparam application) | ||
525 | cache=$(getparam cache) | ||
526 | images=$(getparam images) | ||
527 | cookie=$(getparam cookie) | ||
528 | @@ -1078,6 +1126,8 @@ | ||
529 | # Rootless fix from 2x nxserver 1.5.0 | ||
530 | realtype=$type | ||
531 | [ "$type" = "unix-application" -o "$type" = "unix-default" ] && realtype="unix-desktop" | ||
532 | + [ "$type" = "unix-gnome" ] && realtype="gnome" | ||
533 | + [ "$type" = "unix-kde" ] && realtype="kde" | ||
534 | |||
535 | # NX 2.1.0 file-sharing port options | ||
536 | client=$(getparam client) | ||
537 | @@ -1132,6 +1182,8 @@ | ||
538 | shadowdisplay=$(getparam shadowdisplay) | ||
539 | shadowhost=$(getparam shadowhost) | ||
540 | |||
541 | + # Authentication method needed by guest mode. | ||
542 | + login_method=$(getparam login_method) | ||
543 | |||
544 | sess_id="$SERVER_NAME-$display-$uniqueid" | ||
545 | NXSESSION_DIRECTORY="$USER_FAKE_HOME/.nx/C-$sess_id" | ||
546 | @@ -1143,7 +1195,7 @@ | ||
547 | export agent_password | ||
548 | export agent_server | ||
549 | export agent_domain | ||
550 | - export windows_app=$application | ||
551 | + export windows_app | ||
552 | agent_keyboard="" | ||
553 | [ "$ENABLE_EXTERNAL_NXDESKTOP_KEYBOARD" = "1" ] && agent_keyboard=$(echo "$keyboard" | cut -d'/' -f2) | ||
554 | export agent_keyboard | ||
555 | @@ -1184,6 +1236,17 @@ | ||
556 | [ -z "$userip" -a "$host" = "127.0.0.1" ] && userip="127.0.0.1" | ||
557 | [ -z "$userip" ] && userip="*" | ||
558 | fi | ||
559 | + | ||
560 | + # We need our own external IP | ||
561 | + proxyip="$EXTERNAL_PROXY_IP" | ||
562 | + | ||
563 | + if [ -z "$proxyip" -a -n "$host" ] | ||
564 | + then | ||
565 | + [ "$host" = "127.0.0.1" ] && host=$(hostname) | ||
566 | + proxyip=$(ping -c1 "$host" | grep 'PING' | cut -d'(' -f2 | cut -d')' -f1) | ||
567 | + fi | ||
568 | + | ||
569 | + [ -z "$proxyip" ] && proxyip="127.0.0.1" | ||
570 | |||
571 | # ok, lets make the session dir first: | ||
572 | |||
573 | @@ -1245,7 +1308,7 @@ | ||
574 | umask 0077 | ||
575 | |||
576 | cat << EOF > "$USER_FAKE_HOME/.nx/C-$sess_id/options" | ||
577 | -${keyboard:+keyboard=$keyboard,}${kbtype:+kbtype=$kbtype,}${kbload:+kbload=$kbload,}${keymap:+keymap=$keymap,}${resize:+resize=$resize,}${CACHE}${IMAGES}${PACK}link=$link,nodelay=$nodelay,type=$realtype,cleanup=0,${ACCEPT}cookie=$proxy_cookie,id=$sess_id,samba=$samba,media=$media${sync:+,sync=$sync}${cups:+,cups=$cups}${keybd:+,keybd=$keybd}${aux:+,aux=$aux}${http:+,http=$http}${rdpcolors:+,rdpcolors=$rdpcolors}${rdpcache:+,rdpcache=$rdpcache}${fullscreen:+,fullscreen=1}${clipboard:+,clipboard=$clipboard}${menu:+,menu=$menu}:$display | ||
578 | +nx/nx,${keyboard:+keyboard=$keyboard,}${kbtype:+kbtype=$kbtype,}${kbload:+kbload=$kbload,}${keymap:+keymap=$keymap,}${geometry:+geometry=$geometry,}${client:+client=$client,}${resize:+resize=$resize,}${CACHE}${IMAGES}${PACK}link=$link,nodelay=$nodelay,type=$realtype${clipboard:+,clipboard=$clipboard}${composite:+composite=$composite},cleanup=0,product=LFE/None/LFEN/None,shmem=1,${backingstore:+backingstore=$backingstore,}shpix=1,${ACCEPT}cookie=$proxy_cookie,id=$sess_id,samba=$samba,media=$media${sync:+,sync=$sync}${cups:+,cups=$cups}${keybd:+,keybd=$keybd}${aux:+,aux=$aux}${http:+,http=$http}${rdpcolors:+,rdpcolors=$rdpcolors}${rdpcache:+,rdpcache=$rdpcache}${fullscreen:+,fullscreen=1}${menu:+,menu=$menu}:$display | ||
579 | EOF | ||
580 | umask $OLD_UMASK | ||
581 | #samba=$samba, | ||
582 | @@ -1316,7 +1379,7 @@ | ||
583 | NX> 705 Session display: $display | ||
584 | NX> 703 Session type: $type | ||
585 | NX> 701 Proxy cookie: $proxy_cookie | ||
586 | -NX> 702 Proxy IP: $userip | ||
587 | +NX> 702 Proxy IP: $proxyip | ||
588 | NX> 706 Agent cookie: $cookie | ||
589 | NX> 704 Session cache: $type | ||
590 | NX> 707 SSL tunneling: $ssl_tunnel | ||
591 | @@ -1509,7 +1572,7 @@ | ||
592 | echo "NX> 716 Starting NX Agent ..." | ||
593 | shift | ||
594 | [ "$SET_LD_LIBRARY_PATH" = "1" ] && export LD_LIBRARY_PATH="$AGENT_LIBRARY_PATH:$LD_LIBRARY_PATH" | ||
595 | - PATH="$PATH:$PATH_BIN" $PATH_BIN/nxagent -name "NX Agent Test - Args: $@" $@ | ||
596 | + PATH="$PATH:$PATH_BIN" $COMMAND_NXAGENT -name "NX Agent Test - Args: $@" $@ | ||
597 | echo "NX> 716 NX Agent exited with status: $?" | ||
598 | ;; | ||
599 | --setkey) | ||
600 | diff -rud -x .bzr freenx-server-0.7.3/nxnode-login freenx-server.fixes/nxnode-login | ||
601 | --- freenx-server-0.7.3/nxnode-login 2008-03-11 00:01:03.000000000 +0100 | ||
602 | +++ freenx-server.fixes/nxnode-login 2009-11-23 10:16:13.105349977 +0100 | ||
603 | @@ -61,7 +61,10 @@ | ||
604 | if { "$auth_method"=="ssh" } { | ||
605 | set pid [spawn -noecho $command_ssh -2 -x -l "$user" "$host" -o "NumberOfPasswordPrompts 1" -p "$port" "$executable $command" ] | ||
606 | } elseif { "$auth_method"=="su" } { | ||
607 | + set env(LANG) "C" | ||
608 | set pid [spawn -noecho su - "$user" -c "$executable $command" ] | ||
609 | +} elseif { "$auth_method"=="guest" } { | ||
610 | + set pid [spawn -noecho $executable $command ] | ||
611 | } else { | ||
612 | exit 1 | ||
613 | } | ||
614 | diff -rud -x .bzr freenx-server-0.7.3/nxredir/Makefile freenx-server.fixes/nxredir/Makefile | ||
615 | --- freenx-server-0.7.3/nxredir/Makefile 2008-07-31 20:12:33.000000000 +0200 | ||
616 | +++ freenx-server.fixes/nxredir/Makefile 2009-11-23 10:16:13.100350348 +0100 | ||
617 | @@ -1,14 +1,16 @@ | ||
618 | -all: libnxredir.so.0 | ||
619 | +all: libnxredir.so | ||
620 | |||
621 | CC=gcc | ||
622 | CFLAGS=-g -O2 -Wall -fPIC | ||
623 | -LIBNAME=libnxredir.so.0 | ||
624 | +LIBNAME=libnxredir.so | ||
625 | +VERSION=0 | ||
626 | |||
627 | -libnxredir.so.0: nxredir.o | ||
628 | - $(CC) -fPIC $(CFLAGS) -nostdlib -shared -o $(LIBNAME) nxredir.o -ldl -lc | ||
629 | +libnxredir.so: nxredir.o | ||
630 | + $(CC) -fPIC $(CFLAGS) -nostdlib -shared -Wl,-soname,$(LIBNAME).$(VERSION) -o $(LIBNAME).$(VERSION) nxredir.o -ldl -lc | ||
631 | |||
632 | clean: | ||
633 | rm -f $(LIBNAME) | ||
634 | + rm -f $(LIBNAME).$(VERSION) | ||
635 | rm -f *.o | ||
636 | |||
637 | ifneq ($(NX_VERSION),) | ||
638 | @@ -21,7 +23,7 @@ | ||
639 | perl -pi -e "s,CUPS_BACKEND=.*,CUPS_BACKEND=\"$$CUPS_BACKEND\",g" $(DESTDIR)/$$CUPS_BACKEND/nxsmb | ||
640 | else | ||
641 | install: all | ||
642 | - install -m755 libnxredir.so.0 $(DESTDIR)/usr/lib | ||
643 | + install -m755 libnxredir.so $(DESTDIR)/usr/lib | ||
644 | install -m755 nxredir $(DESTDIR)/usr/bin | ||
645 | install -m755 nxsmb $(DESTDIR)/usr/lib/cups/backend/ | ||
646 | endif | ||
647 | diff -rud -x .bzr freenx-server-0.7.3/nxserver freenx-server.fixes/nxserver | ||
648 | --- freenx-server-0.7.3/nxserver 2008-08-22 02:44:43.000000000 +0200 | ||
649 | +++ freenx-server.fixes/nxserver 2009-11-23 10:16:13.100350348 +0100 | ||
650 | @@ -11,7 +11,7 @@ | ||
651 | # | ||
652 | # License: GNU GPL, version 2 | ||
653 | # | ||
654 | -# SVN: $Id: nxserver 580 2008-08-22 00:44:43Z fabianx $ | ||
655 | +# SVN: $Id: nxserver 612 2008-08-25 03:28:15Z fabianx $ | ||
656 | # | ||
657 | |||
658 | # Read the config file | ||
659 | @@ -295,9 +295,9 @@ | ||
660 | then | ||
661 | [ -z "$(getparam shadowcookie)" ] && continue | ||
662 | |||
663 | - if [ -x "$PATH_BIN/nxshadowacl" ] | ||
664 | + if [ -x "$COMMAND_NXSHADOWACL" ] | ||
665 | then | ||
666 | - $PATH_BIN/nxshadowacl "$(getparam userName)" "$USER" || continue | ||
667 | + $COMMAND_NXSHADOWACL "$(getparam userName)" "$USER" || continue | ||
668 | fi | ||
669 | fi | ||
670 | fi | ||
671 | @@ -334,7 +334,7 @@ | ||
672 | elif [ "$4" = "shadow" ] | ||
673 | then | ||
674 | available=$(getparam status) | ||
675 | - printf "%-7s %-16s %32s %8s %5s %-14s %-11s %s\n" "$(getparam display)" "$(getparam type)" "$(getparam sessionId)" "$options" "$depth" "$geom" "$available" "$(getparam sessionName) (Shadowed)" >> $TMPFILE | ||
676 | + printf "%-7s %-16s %32s %8s %5s %-14s %-11s %s\n" "$(getparam display)" "$(getparam type)" "$(getparam sessionId)" "$options" "$depth" "$geom" "$available" "$(getparam sessionName) ($(getparam userName)) (Shadowed)" >> $TMPFILE | ||
677 | else | ||
678 | # only unix-* sessions can be resumed, but other session types can still be terminated | ||
679 | stringinstring "unix-" "$4" || available="N/A" | ||
680 | @@ -344,14 +344,14 @@ | ||
681 | egrep -q "^userName=$1$" $i && let SESSION_COUNT_USER=$SESSION_COUNT_USER+1 | ||
682 | done | ||
683 | |||
684 | - if [ "$4" = "vnc" -a "$ENABLE_DESKTOP_SHARING" = "1" ] | ||
685 | + if [ "$4" = "vnc" -o "$4" = "shadow" -a "$ENABLE_DESKTOP_SHARING" = "1" ] | ||
686 | then | ||
687 | export DESKTOP_SHARING_IDS="" | ||
688 | for i in $(LC_ALL=C netstat -ln --protocol=unix | egrep 'X11-unix/X[0-9]$' | sed 's/.*X\(.*\)/\1/g') | ||
689 | do | ||
690 | uniqueid=$(echo $[$RANDOM*$RANDOM] | $COMMAND_MD5SUM | cut -d" " -f1 | tr "[a-z]" "[A-Z]") | ||
691 | DESKTOP_SHARING_IDS="$DESKTOP_SHARING_IDS $uniqueid=$i" | ||
692 | - printf "%-7s %-16s %32s %8s %5s %-14s %-11s %s\n" "$i" "vnc-local" "$uniqueid" "--------" "$udepth" "$(echo $3 | cut -d'x' -f1,2)" "Running" "X$i (Local)" >> $TMPFILE | ||
693 | + printf "%-7s %-16s %32s %8s %5s %-14s %-11s %s\n" "$i" "Local" "$uniqueid" "--------" "$udepth" "$(echo $3 | cut -d'x' -f1,2)" "Running" "X$i (Local)" >> $TMPFILE | ||
694 | done | ||
695 | fi | ||
696 | |||
697 | @@ -796,6 +796,33 @@ | ||
698 | |||
699 | USER=$USER2 | ||
700 | |||
701 | + # Guest authentication | ||
702 | + if [ "$USER" = "NX guest user" ] | ||
703 | + then | ||
704 | + if [ "$ENABLE_GUEST_LOGIN" != "1" -o ! -x "$COMMAND_GUEST_LOGIN" ] | ||
705 | + then | ||
706 | + if [ "$ENABLE_GUEST_LOGIN" != "1" ] | ||
707 | + then | ||
708 | + echo_x "NX> 404 ERROR: guest authentication not enabled" | ||
709 | + else | ||
710 | + echo_x "NX> 404 ERROR: $COMMAND_GUEST_LOGIN not correct" | ||
711 | + fi | ||
712 | + echo_x "NX> 999 Bye" | ||
713 | + if [ "$ENABLE_LOG_FAILED_LOGINS" = "1" ] | ||
714 | + then | ||
715 | + logger -t nxserver -i -p auth.info "($(whoami)) Failed login for user=$USER from IP=$(echo $SSH_CLIENT | awk '{print $1}')" | ||
716 | + fi | ||
717 | + exit 1 | ||
718 | + fi | ||
719 | + log 6 -n "guest " | ||
720 | + nxnode_login "" -- guest "" "" "$COMMAND_GUEST_LOGIN" --check 2>&1 >/dev/null | ||
721 | + if [ $? -eq 0 ] | ||
722 | + then | ||
723 | + LOGIN_SUCCESS="1" | ||
724 | + LOGIN_METHOD="GUEST" | ||
725 | + fi | ||
726 | + fi | ||
727 | + | ||
728 | # PASSDB based auth | ||
729 | if [ "$ENABLE_PASSDB_AUTHENTICATION" = "1" -a "$LOGIN_SUCCESS" = "0" ] | ||
730 | then | ||
731 | @@ -916,7 +943,10 @@ | ||
732 | export NODE_HOSTNAME | ||
733 | |||
734 | # Use nxnode-login? | ||
735 | - if [ "$LOGIN_METHOD" = "SSH" ] | ||
736 | + if [ "$LOGIN_METHOD" = "GUEST" ] | ||
737 | + then | ||
738 | + NXNODE_TOSEND="$@" nxnode_login "" -- guest "" "" "$COMMAND_GUEST_LOGIN" "$CMD" 2>&1 | log_tee | ||
739 | + elif [ "$LOGIN_METHOD" = "SSH" ] | ||
740 | then | ||
741 | export COMMAND_SSH | ||
742 | NXNODE_TOSEND="$@" nxnode_login "$PASS" -- ssh "$USER" "$SSHD_PORT" "$PATH_BIN/nxnode" "$CMD" 2>&1 | log_tee | ||
743 | @@ -987,10 +1017,10 @@ | ||
744 | do | ||
745 | case "$CMD" in | ||
746 | "NX> 706"*) | ||
747 | - if [ -x "$PATH_BIN/nxshadowacl" ] | ||
748 | + if [ -x "$COMMAND_NXSHADOWACL" ] | ||
749 | then | ||
750 | # check if we should save the cookie | ||
751 | - $PATH_BIN/nxshadowacl "$USER" | ||
752 | + $COMMAND_NXSHADOWACL "$USER" | ||
753 | |||
754 | if [ $? -eq 0 ] | ||
755 | then | ||
756 | @@ -1074,10 +1104,10 @@ | ||
757 | do | ||
758 | case "$CMD" in | ||
759 | "NX> 706"*) | ||
760 | - if [ -x "$PATH_BIN/nxshadowacl" ] | ||
761 | + if [ -x "$COMMAND_NXSHADOWACL" ] | ||
762 | then | ||
763 | # check if we should save the cookie | ||
764 | - $PATH_BIN/nxshadowacl "$USER" | ||
765 | + $COMMAND_NXSHADOWACL "$USER" | ||
766 | |||
767 | if [ $? -eq 0 ] | ||
768 | then | ||
769 | @@ -1192,7 +1222,7 @@ | ||
770 | # Lock held | ||
771 | |||
772 | SERVER_LB_NR=$(cat $NX_SESS_DIR/round-robin 2>/dev/null) | ||
773 | - let SERVER_LB_NR=(SERVER_LB_NR+1) % SERVER_LB_NR_OF_HOSTS | ||
774 | + let SERVER_LB_NR=(SERVER_LB_NR+1)%SERVER_LB_NR_OF_HOSTS | ||
775 | echo $SERVER_LB_NR >$NX_SESS_DIR/round-robin | ||
776 | |||
777 | # Exit critical section | ||
778 | @@ -1211,7 +1241,7 @@ | ||
779 | |||
780 | for i in $LOAD_BALANCE_SERVERS | ||
781 | do | ||
782 | - SERVER_LB_LOAD=$($NX_DIR/bin/nxcheckload $i) | ||
783 | + SERVER_LB_LOAD=$($COMMAND_NXCHECKLOAD $i) | ||
784 | [ -z "$SERVER_LB_LOAD" ] && continue | ||
785 | |||
786 | if [ $SERVER_LB_LOAD -gt $SERVER_LB_MAX ] | ||
787 | @@ -1263,6 +1293,7 @@ | ||
788 | server_get_params $CMD | ||
789 | PARAMS=$SERVER_PARAMS | ||
790 | PARAMS="$PARAMS&clientproto=$PROTO" | ||
791 | + PARAMS="$PARAMS&login_method=$LOGIN_METHOD" | ||
792 | CMDLINE=$PARAMS | ||
793 | echo_x | ||
794 | |||
795 | @@ -1344,8 +1375,7 @@ | ||
796 | if [ "$ENABLE_EXTERNAL_NXDESKTOP" = "1" -a "$(getparam type)" = "windows" ] | ||
797 | then | ||
798 | type="windows-helper" | ||
799 | - application="$PATH_BIN/nxdesktop_helper" | ||
800 | - PARAMS="$PARAMS&type=$type&application=$application&freenx_export_agents=1" | ||
801 | + PARAMS="$PARAMS&type=$type&freenx_export_agents=1" | ||
802 | CMDLINE=$PARAMS | ||
803 | fi | ||
804 | |||
805 | @@ -1381,10 +1411,10 @@ | ||
806 | return 1 | ||
807 | fi | ||
808 | |||
809 | - if [ -x "$PATH_BIN/nxacl" ] | ||
810 | + if [ -x "$COMMAND_NXACL" ] | ||
811 | then | ||
812 | - log 3 "Info: Using $PATH_BIN/nxacl to change session parameters or deny session." | ||
813 | - NEW_PARAMS=$($PATH_BIN/nxacl "$CMDLINE") | ||
814 | + log 3 "Info: Using $COMMAND_NXACL to change session parameters or deny session." | ||
815 | + NEW_PARAMS=$($COMMAND_NXACL "$CMDLINE") | ||
816 | if [ $? -ne 0 ] | ||
817 | then | ||
818 | echo_x "NX> 596 The session failed due to a nxacl policy setting: $NEW_PARAMS" | ||
819 | @@ -1444,6 +1474,14 @@ | ||
820 | continue | ||
821 | fi | ||
822 | |||
823 | + let PROXY_DISPLAY=$SESS_DISPLAY+4000 | ||
824 | + if $COMMAND_NETCAT -z "$SERVER_HOST" $PROXY_DISPLAY | ||
825 | + then | ||
826 | + log 2 "Warning: nxagent proxy without .nX$SESS_DISPLAY-lock found on host:port $SERVER_HOST:$AGENT_DISPLAY." | ||
827 | + let SESS_DISPLAY=$SESS_DISPLAY+1 | ||
828 | + continue | ||
829 | + fi | ||
830 | + | ||
831 | # Now check for the other enabled services | ||
832 | |||
833 | let SAMBA_DISPLAY=$SESS_DISPLAY+3000 | ||
834 | @@ -1961,71 +1999,71 @@ | ||
835 | session_history "$user" "$sessid" | ||
836 | } | ||
837 | |||
838 | -cmd_terminate() | ||
839 | +cmd_execute() | ||
840 | { | ||
841 | - CMD_PARAMS=$(cmd_parse_3_params "$2") | ||
842 | - [ -z "$CMD_PARAMS" ] && exit 1 | ||
843 | - for i in $CMD_PARAMS; | ||
844 | + cmd_host="$1" | ||
845 | + cmd_user="$2" | ||
846 | + cmd_cmd="$3" | ||
847 | + | ||
848 | + if [ "$ENABLE_USERMODE_AUTHENTICATION" = "1" ] | ||
849 | + then | ||
850 | + sh -c "$cmd_cmd" | ||
851 | + elif [ "$cmd_host" = "127.0.0.1" -o "$cmd_host" = "localhost" ] | ||
852 | + then | ||
853 | + su - "$cmd_user" -c "$cmd_cmd" | ||
854 | + else | ||
855 | + ssh "$cmd_host" su - "$cmd_user" -c "'$cmd_cmd'" | ||
856 | + fi | ||
857 | +} | ||
858 | + | ||
859 | +cmd_terminate_or_send() | ||
860 | +{ | ||
861 | + CMD="$1" | ||
862 | + | ||
863 | + if [ "$CMD" = "--broadcast" ] | ||
864 | + then | ||
865 | + CMD_PARAMS=$(session_find_all) | ||
866 | + [ -z "$CMD_PARAMS" ] && cmd_abort "Error: No running session could be found." | ||
867 | + else | ||
868 | + CMD_PARAMS=$(cmd_parse_3_params "$2") | ||
869 | + [ -z "$CMD_PARAMS" ] && exit 1 | ||
870 | + shift | ||
871 | + fi | ||
872 | + shift | ||
873 | + | ||
874 | + for i in $CMD_PARAMS | ||
875 | do | ||
876 | CMDLINE=$(session_get_cmdline $i) | ||
877 | cmd_sessionid=$(getparam sessionId) | ||
878 | + cmd_display=$(getparam display) | ||
879 | cmd_user=$(getparam userName) | ||
880 | cmd_type=$(getparam type) | ||
881 | cmd_status=$(getparam status) | ||
882 | + cmd_host=$(getparam host) | ||
883 | |||
884 | # is it a "good" session? | ||
885 | - case "$1" in | ||
886 | + case "$CMD" in | ||
887 | --suspend) | ||
888 | if [ "$cmd_status" = "Running" ] && stringinstring "unix-" "$cmd_type" | ||
889 | then | ||
890 | - echo "sessionid=$cmd_sessionid" | su - "$cmd_user" -c "$PATH_BIN/nxnode --suspend" | ||
891 | + echo "sessionid=$cmd_sessionid" | cmd_execute "$cmd_host" "$cmd_user" "$PATH_BIN/nxnode --suspend" | ||
892 | fi | ||
893 | ;; | ||
894 | --terminate) | ||
895 | - echo "sessionid=$cmd_sessionid" | su - "$cmd_user" -c "$PATH_BIN/nxnode --terminate" | ||
896 | + echo "sessionid=$cmd_sessionid" | cmd_execute "$cmd_host" "$cmd_user" "$PATH_BIN/nxnode --terminate" | ||
897 | ;; | ||
898 | --force-terminate) | ||
899 | - echo "sessionid=$cmd_sessionid" | su - "$cmd_user" -c "$PATH_BIN/nxnode --terminate" | ||
900 | + echo "sessionid=$cmd_sessionid" | cmd_execute "$cmd_host" "$cmd_user" "$PATH_BIN/nxnode --terminate" | ||
901 | session_close $cmd_sessionid | ||
902 | ;; | ||
903 | - esac | ||
904 | - done | ||
905 | - | ||
906 | -} | ||
907 | - | ||
908 | -cmd_send() | ||
909 | -{ | ||
910 | - if [ "$1" = "--broadcast" ] | ||
911 | - then | ||
912 | - CMD_PARAMS=$(session_find_all) | ||
913 | - [ -z "$CMD_PARAMS" ] && cmd_abort "Error: No running session could be found." | ||
914 | - else | ||
915 | - CMD_PARAMS=$(cmd_parse_3_params "$2") | ||
916 | - [ -z "$CMD_PARAMS" ] && exit 1 | ||
917 | - shift | ||
918 | - fi | ||
919 | - shift | ||
920 | - for i in $CMD_PARAMS; | ||
921 | - do | ||
922 | - CMDLINE=$(session_get_cmdline $i) | ||
923 | - cmd_display=$(getparam display) | ||
924 | - cmd_user=$(getparam userName) | ||
925 | - cmd_type=$(getparam type) | ||
926 | - cmd_status=$(getparam status) | ||
927 | - cmd_host=$(getparam host) | ||
928 | - | ||
929 | - # is it a "good" session? | ||
930 | - if [ "$cmd_status" = "Running" ] && stringinstring "unix-" "$cmd_type" | ||
931 | - then | ||
932 | - if [ "$cmd_host" = "127.0.0.1" -o "$cmd_host" = "localhost" ] | ||
933 | + --send|--broadcast) | ||
934 | + # is it a "good" session? | ||
935 | + if [ "$cmd_status" = "Running" ] && stringinstring "unix-" "$cmd_type" | ||
936 | then | ||
937 | - su - "$cmd_user" -c "$PATH_BIN/nxdialog --dialog ok --caption \"NX Administrator Message\" --message \"$@\" -display \":$cmd_display\" &" | ||
938 | - else | ||
939 | - ssh $cmd_host su - "$cmd_user" -c "'$PATH_BIN/nxdialog --dialog ok --caption \"NX Administrator Message\" --message \"$@\" -display \":$cmd_display\" &'" | ||
940 | + cmd_execute "$cmd_host" "$cmd_user" "$PATH_BIN/nxdialog --dialog ok --caption \"NX Administrator Message\" --message \"$@\" -display \":$cmd_display\" &" | ||
941 | fi | ||
942 | - fi | ||
943 | + esac | ||
944 | done | ||
945 | - #nxnode_start --send "$CMD_PARAMS" | ||
946 | } | ||
947 | |||
948 | # | ||
949 | @@ -2099,13 +2137,13 @@ | ||
950 | cmd_history "$@" | ||
951 | ;; | ||
952 | --terminate|--suspend|--force-terminate) | ||
953 | - cmd_terminate "$@" | ||
954 | + cmd_terminate_or_send "$@" | ||
955 | ;; | ||
956 | --cleanup) | ||
957 | - cmd_terminate "--force-terminate" "*" | ||
958 | + cmd_terminate_or_send "--force-terminate" "*" | ||
959 | ;; | ||
960 | --send|--broadcast) | ||
961 | - cmd_send "$@" | ||
962 | + cmd_terminate_or_send "$@" | ||
963 | ;; | ||
964 | *) | ||
965 | cmd_abort "Error: Function $CMD not implemented yet." | ||
966 | Only in freenx-server.fixes/nx-session-launcher: freenx.session.policy | ||
967 | diff -rud -x .bzr freenx-server-0.7.3/nx-session-launcher/nx-session-launcher freenx-server.fixes/nx-session-launcher/nx-session-launcher | ||
968 | --- freenx-server-0.7.3/nx-session-launcher/nx-session-launcher 2008-08-05 19:54:32.000000000 +0200 | ||
969 | +++ freenx-server.fixes/nx-session-launcher/nx-session-launcher 2009-11-23 10:16:13.105349977 +0100 | ||
970 | @@ -1,31 +1,170 @@ | ||
971 | #!/usr/bin/env python | ||
972 | |||
973 | +import xml.parsers.expat as expat | ||
974 | import os | ||
975 | import gobject | ||
976 | import dbus | ||
977 | import sys | ||
978 | +import logging | ||
979 | + | ||
980 | +logging.basicConfig (level=logging.ERROR, format='%(asctime)s %(name)-12s %(levelname)-8s %(message)s', stream=sys.stderr) | ||
981 | +log = logging.getLogger ("nx-session-launcher") | ||
982 | +log.debug ("Starting nx-session-launcher") | ||
983 | |||
984 | +# Getting the system dbus | ||
985 | bus = dbus.SystemBus () | ||
986 | |||
987 | -manager_obj = bus.get_object ('org.freedesktop.ConsoleKit', '/org/freedesktop/ConsoleKit/Manager') | ||
988 | -manager = dbus.Interface (manager_obj, 'org.freedesktop.ConsoleKit.Manager') | ||
989 | +USE_PK_CREDENTIALS = False | ||
990 | |||
991 | -params = dbus.Array ([], signature = "(sv)") | ||
992 | -params.append (("unix-user", dbus.Int32 (os.getuid(), variant_level=1))) | ||
993 | -params.append (("session-type", dbus.String ("nx", variant_level=1))) | ||
994 | -params.append (("x11-display", dbus.String (os.environ['DISPLAY'], variant_level=1))) | ||
995 | -params.append (("is-local", dbus.Boolean (True, variant_level=1))) | ||
996 | +# ------------------- ConsoleKit integration ------------------------ | ||
997 | |||
998 | -cookie = manager.OpenSessionWithParameters (params) | ||
999 | -os.environ['XDG_SESSION_COOKIE'] = cookie | ||
1000 | +# Getting the ConsoleKit object | ||
1001 | +ck_manager_obj = bus.get_object ('org.freedesktop.ConsoleKit', '/org/freedesktop/ConsoleKit/Manager') | ||
1002 | +ck_manager = dbus.Interface (ck_manager_obj, 'org.freedesktop.ConsoleKit.Manager') | ||
1003 | +objs = ck_manager.GetSeats () | ||
1004 | |||
1005 | -current_session = manager.GetSessionForCookie (cookie) | ||
1006 | -session_obj = bus.get_object ('org.freedesktop.ConsoleKit', current_session) | ||
1007 | -session = dbus.Interface (session_obj, 'org.freedesktop.ConsoleKit.Session') | ||
1008 | +nx_create_session = os.getenv('NX_CREATE_CK_SESSION') | ||
1009 | +create_session = True | ||
1010 | +if nx_create_session == "false": | ||
1011 | + create_session = False | ||
1012 | |||
1013 | -properties = dbus.Interface (session_obj, 'org.freedesktop.DBus.Properties') | ||
1014 | -properties.Set ("org.freedesktop.DBus.Properties", "active", dbus.Boolean (True, variant_level=1)) | ||
1015 | +nx_session_type = os.getenv('NX_SESSION_TYPE') | ||
1016 | +if nx_session_type == None: | ||
1017 | + nx_session_type = "nx" | ||
1018 | +display = os.getenv('DISPLAY') | ||
1019 | |||
1020 | -os.setreuid(os.getuid(), os.getuid()) | ||
1021 | -os.spawnvp(os.P_WAIT, sys.argv[1], []) | ||
1022 | +# Get the current session | ||
1023 | +current_cookie = os.getenv('XDG_SESSION_COOKIE') | ||
1024 | +current_session = None | ||
1025 | +if current_cookie != None: | ||
1026 | + current_session = ck_manager.GetSessionForCookie (current_cookie) | ||
1027 | + | ||
1028 | +def takeOwnership(): | ||
1029 | + log.debug ("NX_CREATE_CK_SESSION = " + current_cookie) | ||
1030 | + log.debug ("Not creating a CK session") | ||
1031 | + | ||
1032 | + session_obj = bus.get_object ('org.freedesktop.ConsoleKit', current_session) | ||
1033 | + session = dbus.Interface (session_obj, 'org.freedesktop.ConsoleKit.Session') | ||
1034 | + | ||
1035 | + properties = dbus.Interface (session_obj, 'org.freedesktop.DBus.Properties') | ||
1036 | + try: | ||
1037 | + properties.Set ("org.freedesktop.DBus.Properties", "active", dbus.Boolean (True, variant_level=1)) | ||
1038 | + properties.Set ("org.freedesktop.DBus.Properties", "is-local", dbus.Boolean (True, variant_level=1)) | ||
1039 | + properties.Set ("org.freedesktop.DBus.Properties", "session-type", dbus.String (nx_session_type, variant_level=1)) | ||
1040 | + if display != None: | ||
1041 | + properties.Set ("org.freedesktop.DBus.Properties", "x11-display", dbus.String (display, variant_level=1)) | ||
1042 | + log.debug ("Ownership taken") | ||
1043 | + return True | ||
1044 | + except expat.ExpatError, e: | ||
1045 | + error_string = str(e) | ||
1046 | + log.error ("Error: " + error_string) | ||
1047 | + log.error ("Falling back to create a new session") | ||
1048 | + return False | ||
1049 | + except dbus.DBusException, e: | ||
1050 | + error_string = str(e) | ||
1051 | + log.error ("Error: " + error_string) | ||
1052 | + log.error ("Falling back to create a new session") | ||
1053 | + return False | ||
1054 | + except Exception, e: | ||
1055 | + error_string = str(e) | ||
1056 | + log.error ("Error: " + error_string) | ||
1057 | + log.error ("Falling back to create a new session") | ||
1058 | + return False | ||
1059 | + | ||
1060 | +def createSession(): | ||
1061 | + try: | ||
1062 | + # Defining the session attributes | ||
1063 | + params = dbus.Array ([], signature = "(sv)") | ||
1064 | + params.append (("unix-user", dbus.Int32 (os.getuid(), variant_level=1))) | ||
1065 | + params.append (("session-type", dbus.String (nx_session_type, variant_level=1))) | ||
1066 | + if display != None: | ||
1067 | + params.append (("x11-display", dbus.String (display, variant_level=1))) | ||
1068 | + params.append (("is-local", dbus.Boolean (True, variant_level=1))) | ||
1069 | + | ||
1070 | + # Create the ConsoleKit session | ||
1071 | + cookie = ck_manager.OpenSessionWithParameters (params) | ||
1072 | + log.debug ("Session " + cookie + " created") | ||
1073 | + | ||
1074 | + # Exporting the XDG_SESSION_COOKIE variable | ||
1075 | + os.environ['XDG_SESSION_COOKIE'] = cookie | ||
1076 | + | ||
1077 | + # Getting the ConsoleKit session | ||
1078 | + current_session = ck_manager.GetSessionForCookie (cookie) | ||
1079 | + session_obj = bus.get_object ('org.freedesktop.ConsoleKit', current_session) | ||
1080 | + session = dbus.Interface (session_obj, 'org.freedesktop.ConsoleKit.Session') | ||
1081 | + | ||
1082 | + # Setting the session as active | ||
1083 | + properties = dbus.Interface (session_obj, 'org.freedesktop.DBus.Properties') | ||
1084 | + properties.Set ("org.freedesktop.DBus.Properties", "active", dbus.Boolean (True, variant_level=1)) | ||
1085 | + | ||
1086 | + except dbus.DBusException, e: | ||
1087 | + # Dbus error problably you don't have the dbus rule installed or your launcher is not suid nx | ||
1088 | + # Open session without the parameters | ||
1089 | + log.error ("Failed to create a CK session using parameters") | ||
1090 | + | ||
1091 | + error_string = str(e) | ||
1092 | + log.error ("Error: " + error_string) | ||
1093 | + | ||
1094 | + # Create the ConsoleKit session | ||
1095 | + cookie = ck_manager.OpenSession () | ||
1096 | + log.debug ("Session " + cookie + " created") | ||
1097 | + | ||
1098 | + # Exporting the XDG_SESSION_COOKIE variable | ||
1099 | + os.environ['XDG_SESSION_COOKIE'] = cookie | ||
1100 | + | ||
1101 | +def checkPermission (): | ||
1102 | + if USE_PK_CREDENTIALS == False: | ||
1103 | + return True | ||
1104 | + | ||
1105 | + policykit = bus.get_object ('org.freedesktop.PolicyKit', '/', "org/freedesktop/PolicyKit") | ||
1106 | + | ||
1107 | + if(policykit == None): | ||
1108 | + log.error ("Error: Could not get PolicyKit D-Bus Interface\n") | ||
1109 | + else: | ||
1110 | + polkit_interface = dbus.Interface (policykit, 'org.freedesktop.PolicyKit') | ||
1111 | + | ||
1112 | + try: | ||
1113 | + granted = polkit_interface.IsProcessAuthorized ("freenx.session.create", os.getpid(), "false") | ||
1114 | + | ||
1115 | + if granted == "yes": | ||
1116 | + return True | ||
1117 | + else: | ||
1118 | + return False | ||
1119 | + | ||
1120 | + except dbus.DBusException, e : | ||
1121 | + # Dbus error problably you don't have the PolicyKit rule installed | ||
1122 | + error_string = str(e) | ||
1123 | + log.error ("Error: " + error_string) | ||
1124 | + | ||
1125 | + | ||
1126 | +if create_session and ( current_session == None or not takeOwnership () ): | ||
1127 | + log.debug("Creating a new session") | ||
1128 | + createSession () | ||
1129 | + pid = os.fork () | ||
1130 | + if pid == -1: | ||
1131 | + log.rrror ("error forking child") | ||
1132 | + elif pid == 0: | ||
1133 | + log.debug ("Forked") | ||
1134 | + else: | ||
1135 | + # Parent | ||
1136 | + status = os.waitpid (pid, 0) | ||
1137 | + os._exit (0) | ||
1138 | + | ||
1139 | +if os.geteuid () != os.getuid (): | ||
1140 | + # Drop setuid privilege | ||
1141 | + os.setreuid(os.getuid(), os.getuid()) | ||
1142 | + | ||
1143 | + os.environ ['NX_CREATE_CK_SESSION'] = "false" | ||
1144 | + | ||
1145 | + # Reexecute this script to really drop euid privilege | ||
1146 | +# os.spawnvp (os.P_WAIT, sys.argv[0], sys.argv) | ||
1147 | +# sys.exit() | ||
1148 | + | ||
1149 | +args = sys.argv | ||
1150 | +args.pop(0) | ||
1151 | +log.info ("Launching the program\n") | ||
1152 | +if checkPermission (): | ||
1153 | + os.execvp(args[0], args) | ||
1154 | +else: | ||
1155 | + log.error ("You don't have permission to execute the action\n") | ||
1156 | |||
1157 | diff -rud -x .bzr freenx-server-0.7.3/nx-session-launcher/nx-session-launcher-suid.c freenx-server.fixes/nx-session-launcher/nx-session-launcher-suid.c | ||
1158 | --- freenx-server-0.7.3/nx-session-launcher/nx-session-launcher-suid.c 2008-08-05 19:54:32.000000000 +0200 | ||
1159 | +++ freenx-server.fixes/nx-session-launcher/nx-session-launcher-suid.c 2009-11-23 10:16:13.098350105 +0100 | ||
1160 | @@ -23,8 +23,8 @@ | ||
1161 | #include <stdlib.h> | ||
1162 | #include <stdio.h> | ||
1163 | |||
1164 | -#ifndef NXSERVER_COMMAND | ||
1165 | -#define NXSERVER_COMMAND "/usr/bin/nx-session-launcher" | ||
1166 | +#ifndef SESSION_LAUNCHER_COMMAND | ||
1167 | +#define SESSION_LAUNCHER_COMMAND "/usr/bin/nx-session-launcher" | ||
1168 | #endif | ||
1169 | |||
1170 | #define CK_LAUNCH_SESSION_COMMAND "/usr/bin/ck-launch-session" | ||
1171 | @@ -47,7 +47,7 @@ | ||
1172 | new_argv[0] = CK_LAUNCH_SESSION_COMMAND; | ||
1173 | |||
1174 | }else{ | ||
1175 | - new_argv[0] = NXSERVER_COMMAND; | ||
1176 | + new_argv[0] = SESSION_LAUNCHER_COMMAND; | ||
1177 | } | ||
1178 | |||
1179 | return execv(new_argv[0], new_argv); | ||
1180 | diff -rud -x .bzr freenx-server-0.7.3/nx-session-launcher/README freenx-server.fixes/nx-session-launcher/README | ||
1181 | --- freenx-server-0.7.3/nx-session-launcher/README 2008-08-05 23:30:58.000000000 +0200 | ||
1182 | +++ freenx-server.fixes/nx-session-launcher/README 2009-11-23 10:16:13.098350105 +0100 | ||
1183 | @@ -1,6 +1,8 @@ | ||
1184 | -The unlock buttons on Users and Groups or Network are greyed out and un-accessible. Tried running from a term 'sudo users-admin' with the same results. | ||
1185 | +The unlock buttons on Users and Groups or Network are greyed out and un-accessible. | ||
1186 | +Running from a term 'sudo users-admin' should work the same way. (Not in Ubuntu due | ||
1187 | +to bug https://bugs.edge.launchpad.net/ubuntu/+source/policykit/+bug/210897) | ||
1188 | |||
1189 | -To correct the problem follow this steps: | ||
1190 | +If you are not using a packed version, correct the problem by following this steps: | ||
1191 | - Copy nx-session-launcher and nx-session-launcher-suid to /usr/bin | ||
1192 | - Execute $ chown nx /usr/bin/nx-session-launcher-suid | ||
1193 | - Execute $ chmod 4755 /usr/bin/nx-session-launcher-suid |