From 6b3c46d7e1e9b14987b21cfc5d9f50c5928cc2ca Mon Sep 17 00:00:00 2001 From: Rosa Date: Wed, 1 Feb 2012 21:01:36 +0400 Subject: [PATCH] Automatic import for version 0.7.3 --- .abf.yml | 2 + freenx-nxserver.logrotate | 8 + freenx-server-0.7.3-connection-fix.patch | 29 + freenx-server-0.7.3-lp-fixes.patch | 1193 ++++++++++++++++++++++ freenx-server-r104-fixes.patch | 494 +++++++++ freenx.spec | 386 +++++++ 6 files changed, 2112 insertions(+) create mode 100644 .abf.yml create mode 100644 freenx-nxserver.logrotate create mode 100644 freenx-server-0.7.3-connection-fix.patch create mode 100644 freenx-server-0.7.3-lp-fixes.patch create mode 100644 freenx-server-r104-fixes.patch create mode 100644 freenx.spec diff --git a/.abf.yml b/.abf.yml new file mode 100644 index 0000000..88191b6 --- /dev/null +++ b/.abf.yml @@ -0,0 +1,2 @@ +sources: + "freenx-server-0.7.3.tar.gz": 888344f946cfb0802e2532e6b93601248c909eb8 diff --git a/freenx-nxserver.logrotate b/freenx-nxserver.logrotate new file mode 100644 index 0000000..b185a9a --- /dev/null +++ b/freenx-nxserver.logrotate @@ -0,0 +1,8 @@ +/var/log/nxserver.log { + compress + create 600 nx root + notifempty + missingok + monthly +} + diff --git a/freenx-server-0.7.3-connection-fix.patch b/freenx-server-0.7.3-connection-fix.patch new file mode 100644 index 0000000..f3944e1 --- /dev/null +++ b/freenx-server-0.7.3-connection-fix.patch @@ -0,0 +1,29 @@ +--- nxserver.bak 2011-02-13 16:37:48.284013842 -0500 ++++ nxserver 2011-02-13 16:41:25.180489647 -0500 +@@ -1447,7 +1447,7 @@ + # Now check for the other enabled services + + let SAMBA_DISPLAY=$SESS_DISPLAY+3000 +- if [ "$(getparam 'samba')" = 1 ] && $COMMAND_NETCAT -z "$SERVER_HOST" $SAMBA_DISPLAY ++ if [ "$(getparam 'samba')" = 1 ] && $COMMAND_NETCAT -z "$SERVER_HOST" $SAMBA_DISPLAY 2>/dev/null + then + log 2 "Warning: Skipping $SERVER_HOST:$AGENT_DISPLAY as samba port is not free." + let SESS_DISPLAY=$SESS_DISPLAY+1 +@@ -1455,7 +1455,7 @@ + fi + + let MEDIA_DISPLAY=$SESS_DISPLAY+7000 +- if [ "$(getparam 'media')" = 1 ] && $COMMAND_NETCAT -z "$SERVER_HOST" $MEDIA_DISPLAY ++ if [ "$(getparam 'media')" = 1 ] && $COMMAND_NETCAT -z "$SERVER_HOST" $MEDIA_DISPLAY 2>/dev/null + then + log 2 "Warning: Skipping $SERVER_HOST:$AGENT_DISPLAY as media port is not free." + let SESS_DISPLAY=$SESS_DISPLAY+1 +@@ -1464,7 +1464,7 @@ + + + let CUPS_DISPLAY=$SESS_DISPLAY+9000 +- if [ "$(getparam 'cups')" = 1 ] && $COMMAND_NETCAT -z "$SERVER_HOST" $CUPS_DISPLAY ++ if [ "$(getparam 'cups')" = 1 ] && $COMMAND_NETCAT -z "$SERVER_HOST" $CUPS_DISPLAY 2>/dev/null + then + log 2 "Warning: Skipping $SERVER_HOST:$AGENT_DISPLAY as cups port is not free." + let SESS_DISPLAY=$SESS_DISPLAY+1 diff --git a/freenx-server-0.7.3-lp-fixes.patch b/freenx-server-0.7.3-lp-fixes.patch new file mode 100644 index 0000000..1cad251 --- /dev/null +++ b/freenx-server-0.7.3-lp-fixes.patch @@ -0,0 +1,1193 @@ +diff -rud -x .bzr freenx-server-0.7.3/ChangeLog freenx-server.fixes/ChangeLog +--- freenx-server-0.7.3/ChangeLog 2008-08-22 02:44:43.000000000 +0200 ++++ freenx-server.fixes/ChangeLog 2009-11-23 10:16:13.106350517 +0100 +@@ -1,3 +1,20 @@ ++xx.11.2008 FreeNX 0.7.4 ++ * Opened the 0.7.4 development. ++ * Fixed missing export of NX_ETC_DIR in Makefile, ++ so node.conf.sample is installed correctly. ++ (fabianx@bat.berlios.de) ++ * Fixed broken round-robin load balance algorithm. ++ (fabianx@bat.berlios.de) ++ * Fixed --terminate|--suspend|--force-terminate for ++ load balancing case. ++ (fabianx@bat.berlios.de) ++ * Fixed --terminate|--suspend|--force-terminate for ++ usermode case. ++ (fabianx@bat.berlios.de) ++ * Fixed non-encrypted session mode. You might need to ++ set EXTERNAL_PROXY_IP in node.conf. ++ (fabianx@bat.berlios.de) ++ + 18.08.2008 FreeNX 0.7.3 "Priscilla One Year Edition" + * Opened the 0.7.3 development. + * Added logging of failed authentication attempts +Only in freenx-server.fixes: data +diff -rud -x .bzr freenx-server-0.7.3/init.d/freenx-server freenx-server.fixes/init.d/freenx-server +--- freenx-server-0.7.3/init.d/freenx-server 2008-03-02 11:29:52.000000000 +0100 ++++ freenx-server.fixes/init.d/freenx-server 2009-11-23 10:16:13.100350348 +0100 +@@ -1,28 +1,43 @@ + #!/bin/bash +-# +-# Sample startup script for FreeNX server +-# +-# Coypright (c) 2007 by Fabian Franz . +-# +-# License: GNU GPL, version 2 +-# +-# SVN: $Id: freenx-server 485 2008-03-02 10:29:52Z fabianx $ +-# + +-# Read the config file +-. $(PATH=$(cd $(dirname $0) && pwd):$PATH which nxloadconfig) -- ++### BEGIN INIT INFO ++# Provides: freenx_server ++# Required-Start: sshd ++# Required-Stop: sshd ++# Default-Start: 2 3 4 5 ++# Default-Stop: 0 1 6 ++# Short-Description: FreeNX Server ++# Description: Cleanup FreeNX Server session database at boot time ++### END INIT INFO ++ ++PATH_BIN=/usr/lib/nx + + case "$1" in + start) +- [ ! -d "/tmp/.X11-unix" ] && mkdir -m1755 /tmp/.X11-unix/ ++ if [ ! -e "/var/run/freenx-server" ]; then ++ [ ! -d "/tmp/.X11-unix" ] && mkdir -m1755 /tmp/.X11-unix/ ++ $PATH_BIN/nxserver --cleanup ++ $PATH_BIN/nxserver --start ++ touch "/var/run/freenx-server"; ++ else ++ echo "Not starting freenx-server, it's already started." ++ fi ++ ;; ++ restart|force-reload) + $PATH_BIN/nxserver --cleanup + $PATH_BIN/nxserver --start ++ touch "/var/run/freenx-server"; + ;; + stop) + $PATH_BIN/nxserver --stop + $PATH_BIN/nxserver --cleanup +- ;; ++ rm -f /var/run/freenx-server ++ ;; ++ status) ++ [ ! -e "/var/run/freenx-server" ] || exit 3 ++ exit 0; ++ ;; + *) +- echo "Usage: $0 " ++ echo "Usage: $0 " + ;; + esac +diff -rud -x .bzr freenx-server-0.7.3/Makefile freenx-server.fixes/Makefile +--- freenx-server-0.7.3/Makefile 2008-08-18 04:16:25.000000000 +0200 ++++ freenx-server.fixes/Makefile 2009-11-23 10:16:13.102350032 +0100 +@@ -8,7 +8,7 @@ + all: + cd nxviewer-passwd && xmkmf && make Makefiles && make depend + source nxloadconfig &&\ +- export PATH_BIN PATH_LIB CUPS_BACKEND NX_VERSION &&\ ++ export PATH_BIN PATH_LIB CUPS_BACKEND NX_VERSION NX_ETC_DIR &&\ + for i in $(SUBDIRS) ; \ + do\ + echo "making" all "in $$i..."; \ +@@ -35,14 +35,29 @@ + #$(MAKE) suid_install + + clean: +- make -C nxviewer-passwd clean + for i in $(SUBDIRS) ; \ + do\ + echo "making" clean "in $$i..."; \ +- $(MAKE) -C $$i clean || exit 1;\ ++ if test -e "$$i/Makefile"; \ ++ then $(MAKE) -C $$i clean || exit 1;\ ++ else echo ignoring $$i;\ ++ fi;\ + done ++ rm -f nxviewer-passwd/Makefile.back ++ rm -f nxviewer-passwd/Makefile ++ rm -f nxviewer-passwd/nxpasswd/Makefile ++ rm -f nxviewer-passwd/libvncauth/Makefile + + install: + source nxloadconfig &&\ +- export PATH_BIN PATH_LIB CUPS_BACKEND NX_VERSION &&\ ++ export PATH_BIN PATH_LIB CUPS_BACKEND NX_VERSION NX_ETC_DIR &&\ + $(MAKE) nxenv_install ++ ++debian-tarball: ++ mkdir freenx-server ++ cp -r * freenx-server || echo 0 ++ sed "s/NX_VERSION=3.2.0-74-SVN/NX_VERSION=3.2.0-74-TEAMBZR`bzr revno`/" nxloadconfig > freenx-server/nxloadconfig ++ rm -rf freenx-server/.bzr* ++ rm -rf freenx-server/freenx-server ++ [ -d ".bzr" ] && tar -czf ../freenx-server_0.7.3+teambzr`bzr revno`.orig.tar.gz freenx-server ++ rm -rf freenx-server +diff -rud -x .bzr freenx-server-0.7.3/node.conf.sample freenx-server.fixes/node.conf.sample +--- freenx-server-0.7.3/node.conf.sample 2008-08-22 02:44:43.000000000 +0200 ++++ freenx-server.fixes/node.conf.sample 2009-11-23 10:16:13.102350032 +0100 +@@ -37,7 +37,7 @@ + # + # https://mail.kde.org/mailman/listinfo/freenx-knx + # +-# SVN: $Id: node.conf.sample 580 2008-08-22 00:44:43Z fabianx $ ++# SVN: $Id: node.conf.sample 613 2008-09-01 20:42:31Z fabianx $ + + ######################################################################### + # General FreeNX directives +@@ -47,6 +47,11 @@ + # different than the default hostname (as returned by `hostname`) + #SERVER_NAME="$(hostname)" + ++# The node ip which is used by NX Node in unecnrypted session mode. ++# Set it if you want to use a specific external ip or the autodetection ++# is not working. ++#EXTERNAL_PROXY_IP="" ++ + # The port number where local 'sshd' is listening. + #SSHD_PORT=22 + +@@ -501,6 +506,11 @@ + #USER_X_STARTUP_SCRIPT=.Xclients + #DEFAULT_X_SESSION=/etc/X11/xdm/Xsession + ++# When the session is started some distros execute some scripts to get the ++# environment ready. Set 1 if you want DEFAULT_X_SESSION to be called before ++# executing the session. ++#BOOTSTRAP_X_SESSION="0" ++ + # The key that contains the name of the script that starts a KDE session. + # It's run when a 'unix-kde' session is requested by the client. + #COMMAND_START_KDE=startkde +diff -rud -x .bzr freenx-server-0.7.3/nxdesktop_helper freenx-server.fixes/nxdesktop_helper +--- freenx-server-0.7.3/nxdesktop_helper 2008-08-06 00:52:30.000000000 +0200 ++++ freenx-server.fixes/nxdesktop_helper 2009-11-23 10:16:13.099350087 +0100 +@@ -37,8 +37,11 @@ + agent_password=$(url_decode "$agent_password") + agent_password=$(url_decode "$agent_password") + ++[ "$agent_domain" = "" ] || DOMAIN="-d $agent_domain" ++[ "$windows_app" = "$0" ] || [ "$windows_app" = "" ] || APPLICATION="-s \"$windows_app\"" ++ + # setup commandline +-set -- -u "$agent_user" -k "$agent_keyboard" -d "$agent_domain" -f -s "$windows_app" $AGENT_EXTRA_OPTIONS_RDP "$agent_server" ++set -- -u "$agent_user" -k "$agent_keyboard" $APPLICATION $DOMAIN -f $AGENT_EXTRA_OPTIONS_RDP "$agent_server" + + if [ -n "$agent_password" ] + then +diff -rud -x .bzr freenx-server-0.7.3/nxdialog freenx-server.fixes/nxdialog +--- freenx-server-0.7.3/nxdialog 2008-03-11 00:01:03.000000000 +0100 ++++ freenx-server.fixes/nxdialog 2009-11-23 10:16:13.102350032 +0100 +@@ -76,7 +76,10 @@ + # This is now fixed in NXClient 3.0.0, but still people sometimes use + # older clients. + +-NXCLIENT="/usr/NX/bin/nxclient" ++[ -x "/usr/bin/nxclient" ] && NXCLIENT="/usr/bin/nxclient" ++[ -x "/usr/NX/bin/nxclient" ] && NXCLIENT="/usr/NX/bin/nxclient" ++[ -z "$NXCLIENT" ] && NXCLIENT="/usr/NX/bin/nxclient" ++ + [ -x "$NXCLIENT" -a "$DIALOG_TYPE" != "printer" -a "$(file -bi $NXCLIENT)" != 'application/x-shellscript' ] \ + && exec ${NXCLIENT} "${PARAMS[@]}" + +diff -rud -x .bzr freenx-server-0.7.3/nxkeygen freenx-server.fixes/nxkeygen +--- freenx-server-0.7.3/nxkeygen 2008-03-11 00:01:03.000000000 +0100 ++++ freenx-server.fixes/nxkeygen 2009-11-23 10:16:13.099350087 +0100 +@@ -18,7 +18,7 @@ + # Read the config file + . $(PATH=$(cd $(dirname $0) && pwd):$PATH which nxloadconfig) -- + +-NX_KEY_DIR="$NX_HOME_DIR/.ssh" ++[ -z "$NX_KEY_DIR" ] && NX_KEY_DIR="$NX_HOME_DIR/.ssh" + DATE="`date '+%Y%m%d-%H%M%S'`" + NX_CLIENT_KEY="${NX_KEY_DIR}/client.id_dsa.key" + NX_SERVER_KEY="${NX_KEY_DIR}/server.id_dsa.pub.key" +@@ -69,5 +69,10 @@ + echo "on their computers." + } + ++if [ -f "${NX_SERVER_KEY}" -a -f "${NX_CLIENT_KEY}" -a ! -z "$NX_DONT_OVERRIDE" ]; then ++ echo "Not overriding the existing key" ++ exit ++fi ++ + main "$@" + +diff -rud -x .bzr freenx-server-0.7.3/nxloadconfig freenx-server.fixes/nxloadconfig +--- freenx-server-0.7.3/nxloadconfig 2008-08-22 02:44:43.000000000 +0200 ++++ freenx-server.fixes/nxloadconfig 2009-11-23 10:16:13.103349734 +0100 +@@ -5,7 +5,7 @@ + # + # License: GPL, version 2 + # +-# SVN: $Id: nxloadconfig 580 2008-08-22 00:44:43Z fabianx $ ++# SVN: $Id: nxloadconfig 613 2008-09-01 20:42:31Z fabianx $ + # + # ======================================================================== + +@@ -52,7 +52,7 @@ + # DO NOT TOUCH unless you REALLY know what you are doing + ######################################################################### + +-NX_VERSION=3.2.0-73 ++NX_VERSION=3.2.0-74-SVN + NX_LICENSE="OS (GPL, using backend: %BACKEND%)" + + # Where can different nx components be found +@@ -85,7 +85,15 @@ + # General FreeNX directives + + SERVER_NAME="$(hostname)" +-SSHD_PORT=22 ++EXTERNAL_PROXY_IP="" ++if [ -r "/etc/ssh/sshd_config" ] ++then ++ SSHD_PORT=$(grep "^ *Port " -m 1 /etc/ssh/sshd_config | awk '{ print $2 ;}') ++ [ -z $(echo "$SSHD_PORT" | egrep "^[1-9][0-9]{0,4}$") ] && SSHD_PORT=22 ++else ++ SSHD_PORT=22 ++fi ++ + + # Authentication / Security directives + +@@ -184,8 +192,14 @@ + + DEFAULT_X_WM="" + KILL_DEFAULT_X_WM="1" ++BOOTSTRAP_X_SESSION="0" + USER_X_STARTUP_SCRIPT=.Xclients + DEFAULT_X_SESSION=/etc/X11/xdm/Xsession ++COMMAND_GDM_X_SESSION="/etc/gdm/Xsession custom" ++if [ ! -x "$COMMAND_GDM_X_SESSION" ] ++then ++ COMMAND_GDM_X_SESSION="/etc/X11/Xsession" ++fi + COMMAND_START_KDE=startkde + COMMAND_START_GNOME=gnome-session + COMMAND_START_CDE=cdwm +@@ -207,6 +221,21 @@ + COMMAND_X11VNC="x11vnc" + COMMAND_TASKSET="taskset" + ++COMMAND_NXSHADOWACL="$PATH_BIN/nxshadowacl" ++COMMAND_NXACL="$PATH_BIN/nxacl" ++COMMAND_NXCHECKLOAD="$PATH_BIN/nxcheckload" ++COMMAND_NXAGENT="$PATH_BIN/nxagent" ++ ++# Guest directives ++ENABLE_GUEST_LOGIN="0" ++COMMAND_GUEST_LOGIN="/usr/lib/nx/guest/nxnode" ++# Try to use protected enviroment for guest sessions ++COMMAND_GUEST_X_SESSION="/usr/share/gdm/guest-session/Xsession custom" ++if [ ! -x "/usr/share/gdm/guest-session/Xsession" ] ++then ++ COMMAND_GUEST_X_SESSION=$COMMAND_GDM_X_SESSION ++fi ++ + # Misc directives + + ENABLE_1_5_0_BACKEND="" +@@ -287,12 +316,25 @@ + { ! mywhich "$PATH_BIN/nxdesktop"; } >/dev/null 2>&1 && ENABLE_EXTERNAL_NXDESKTOP="1" + { ! mywhich "$PATH_BIN/nxviewer"; } >/dev/null 2>&1 && ENABLE_EXTERNAL_NXVIEWER="1" + { ! mywhich "$COMMAND_VNCPASSWD" && which vncpasswd; } >/dev/null 2>&1 && COMMAND_VNCPASSWD=$(which vncpasswd) ++ { ! mywhich "$COMMAND_NXSHADOWACL" && test -f /etc/nxserver/nxshadowacl; } >/dev/null 2>&1 && COMMAND_NXSHADOWACL=/etc/nxserver/nxshadowacl ++ { ! mywhich "$COMMAND_NXACL" && test -f /etc/nxserver/nxacl; } >/dev/null 2>&1 && COMMAND_NXACL=/etc/nxserver/nxacl ++ { ! mywhich "$COMMAND_NXCHECKLOAD" && test -f /etc/nxserver/nxcheckload; } >/dev/null 2>&1 && COMMAND_NXCHECKLOAD=/etc/nxserver/nxcheckload ++ { ! mywhich "$COMMAND_NXAGENT" && which nxagent; } >/dev/null 2>&1 && COMMAND_NXAGENT=$(which nxagent) + fi + + ######################################################################### + # node.conf file evaluation + ######################################################################### + ++SHARED_CONFS="/usr/share/freenx-server" ++if [ -d $SHARED_CONFS/node.conf.d ] ++then ++ for i in $SHARED_CONFS/node.conf.d/* ++ do ++ [ -e $i ] && . $i ++ done ++fi ++ + if [ -d $NX_ETC_DIR/node.conf.d ] + then + for i in $NX_ETC_DIR/node.conf.d/* +@@ -317,7 +359,7 @@ + [ -z "$APPLICATION_LIBRARY_PATH" ] && APPLICATION_LIBRARY_PATH=$PATH_LIB + [ -z "$APPLICATION_LIBRARY_PRELOAD" ] && APPLICATION_LIBRARY_PRELOAD="$APPLICATION_LIBRARY_PATH/libX11.so.6.2:$APPLICATION_LIBRARY_PATH/libXext.so.6.4:$APPLICATION_LIBRARY_PATH/libXcomp.so:$APPLICATION_LIBRARY_PATH/libXcompext.so:$APPLICATION_LIBRARY_PATH/libXrender.so.1.2" + +-NX_BACKEND_VERSION=$(strings $PATH_BIN/nxagent 2>/dev/null | egrep 'NXAGENT - Version' | sed 's/.*Version //g') ++NX_BACKEND_VERSION=$(strings $COMMAND_NXAGENT 2>/dev/null | egrep 'NXAGENT - Version' | sed 's/.*Version //g') + + [ "$ENABLE_1_5_0_BACKEND" = "1" ] && NX_BACKEND_VERSION="1.5.0" # forced the backend + +@@ -354,19 +396,19 @@ + ERROR="yes" && echo "Error: Invalid value \"PATH_BIN=$PATH_BIN\"" + # Check for NX agents ... + +- [ ! -x "$PATH_BIN/nxagent" ] && \ ++ [ ! -x "$COMMAND_NXAGENT" ] && \ + ERROR="yes" && echo "Error: Could not find nxagent in $PATH_BIN. Please install some OSS components." + +- if [ "ENABLE_EXTERNAL_NXDESKTOP" = "1" ] ++ if [ "$ENABLE_EXTERNAL_NXDESKTOP" = "1" ] + then + [ ! mywhich "$COMMAND_RDESKTOP" >/dev/null 2>&1 ] && \ + WARNING="yes" && echo "Warning: Could not find COMMAND_RDESKTOP=$COMMAND_RDESKTOP. RDP sessions won't work." + else + [ ! -x "$PATH_BIN/nxdesktop" ] && \ +- WARNING="yes" && echo "Warning: Could not find nxdesktop in $PATH_BIN. RDP sessions won't work." ++ WARNING="yes" && echo "Warning: Could not find nxdesktop in $PATH_BIN. RDP sessions won't work. Ignore if you use NX > 3.2" + fi + +- if [ "ENABLE_EXTERNAL_NXVIEWER" = "1" ] ++ if [ "$ENABLE_EXTERNAL_NXVIEWER" = "1" ] + then + [ ! mywhich "$COMMAND_VNCVIEWER" >/dev/null 2>&1 ] && \ + WARNING="yes" && echo "Warning: Could not find COMMAND_VNCVIEWER=$COMMAND_VNCVIEWER. VNC sessions won't work." +@@ -374,7 +416,7 @@ + WARNING="yes" && echo "Warning: Could not find COMMAND_VNCPASSWD=$COMMAND_VNCPASSWD. VNC sessions won't work." + else + [ ! -x "$PATH_BIN/nxviewer" ] && \ +- WARNING="yes" && echo "Warning: Could not find nxviewer in $PATH_BIN. VNC sessions won't work." ++ WARNING="yes" && echo "Warning: Could not find nxviewer in $PATH_BIN. VNC sessions won't work. Ignore if you use NX > 3.2" + fi + + [ ! mywhich "$COMMAND_X11VNC" >/dev/null 2>&1 ] && \ +@@ -400,10 +442,12 @@ + + OLD_IFS=$IFS + IFS=":" +- for LIBRARY in $APPLICATION_LIBRARY_PRELOAD; do +- [ ! -e $LIBRARY ] && \ +- WARNING="yes" && echo "Warning: Invalid value \"APPLICATION_LIBRARY_PRELOAD=$APPLICATION_LIBRARY_PRELOAD\". $LIBRARY could not be found. Users will not be able to run a single application in non-rootless mode." && break ; +- done ++ if [ "$SET_LD_LIBRARY_PATH" = "1" ]; then ++ for LIBRARY in $APPLICATION_LIBRARY_PRELOAD; do ++ [ ! -e $LIBRARY ] && \ ++ WARNING="yes" && echo "Warning: Invalid value \"APPLICATION_LIBRARY_PRELOAD=$APPLICATION_LIBRARY_PRELOAD\". $LIBRARY could not be found. Users will not be able to run a single application in non-rootless mode." && break ; ++ done ++ fi + IFS=$OLD_IFS + + [ -z "$SSH_AUTHORIZED_KEYS" ] && \ +@@ -579,7 +623,7 @@ + && echo " Users will not be able to enable printing." + [ -z "$(strings $COMMAND_CUPSD | egrep 'CUPS\/1.2')" ] && \ + WARNING="yes" && echo "Warning: Invalid cupsd version of \"$COMMAND_CUPSD\". Need version 1.2." \ +- && echo " Users will not be able to enable printing." ++ && echo " Users will not be able to enable printing. Ignore if you use cups > 1.2" + ! mywhich "$COMMAND_MD5SUM" >/dev/null 2>&1 && \ + ERROR="yes" && echo "Error: Invalid value \"COMMAND_MD5SUM=$COMMAND_MD5SUM\"" + +@@ -606,8 +650,8 @@ + [ -z $(echo "$ENABLE_ROOTLESS_MODE" | egrep "^[0|1]$") ] && \ + ERROR="yes" && echo "Error: Invalid value \"ENABLE_ROOTLESS_MODE=$ENABLE_ROOTLESS_MODE\"" + +- [ -z "$(strings $PATH_BIN/nxagent | egrep 'NXAGENT - Version 1.5.0|NXAGENT - Version 2.[01].0|NXAGENT - Version 3.[012].0')" ] && \ +- WARNING="yes" && echo "Error: Could not find 1.5.0 or 2.[01].0 or 3.[01].0 version string in nxagent. NX 1.5.0 or 2.[01].0 or 3.[012].0 backend is needed for this version of FreeNX." ++ [ -z "$(strings $COMMAND_NXAGENT | egrep 'NXAGENT - Version 1.5.0|NXAGENT - Version 2.[01].0|NXAGENT - Version 3.[0123].0')" ] && \ ++ WARNING="yes" && echo "Error: Could not find 1.5.0 or 2.[01].0 or 3.[0123].0 version string in nxagent. NX 1.5.0 or 2.[01].0 or 3.[0123].0 backend is needed for this version of FreeNX." + + [ -z $(echo "$ENABLE_USESSION" | egrep "^[0|1]$") ] && \ + ERROR="yes" && echo "Error: Invalid value \"ENABLE_USESSION=$ENABLE_USESSION\"" +diff -rud -x .bzr freenx-server-0.7.3/nxnode freenx-server.fixes/nxnode +--- freenx-server-0.7.3/nxnode 2008-08-22 02:44:43.000000000 +0200 ++++ freenx-server.fixes/nxnode 2009-11-23 10:16:13.104350274 +0100 +@@ -13,7 +13,7 @@ + # + # License: GNU GPL, version 2 + # +-# SVN: $Id: nxnode 580 2008-08-22 00:44:43Z fabianx $ ++# SVN: $Id: nxnode 613 2008-09-01 20:42:31Z fabianx $ + # + # 21.06.2004: - Full reconnection support + +@@ -217,7 +217,11 @@ + unix-cde) + NODE_STARTX=$COMMAND_START_CDE + ;; +- unix-application|windows-helper|vnc-helper) ++ windows-helper) ++ application="$PATH_BIN/nxdesktop_helper" ++ NODE_STARTX=$application ++ ;; ++ unix-application|vnc-helper) + [ "$application" = "xterm" ] && application=$COMMAND_XTERM + NODE_STARTX=$application + ;; +@@ -303,6 +307,7 @@ + fi + + [ "$cups" = "1" -a "$ENABLE_CUPS_SERVER_EXPORT" = "1" ] && export CUPS_SERVER="$USER_FAKE_HOME/.nx/C-$sess_id/cups/cups.sock" ++ [ "$samba" = "1" -a "$ENABLE_CUPS_SERVER_EXPORT" = "1" ] && [ -d "$USER_FAKE_HOME/.nx/C-$sess_id/cups" ] && export CUPS_SERVER="$USER_FAKE_HOME/.nx/C-$sess_id/cups/cups.sock" + + if [ "$ENABLE_SAMBA_PRELOAD" = "1" -a -x "$PATH_BIN/nxredir" ] + then +@@ -332,6 +337,33 @@ + [ -d /etc/X11/Xresources ] && xrdb -display :$display -merge /etc/X11/Xresources/* >>"$USER_FAKE_HOME/.nx/C-$sess_id/session" 2>&1 + + # ++ # Use Xsession to execute the Desktop session ++ # ++ ++ case $type in ++ unix-gnome) ++ export STARTUP="$NODE_APPLICATION" ++ if [ "$login_method" = "GUEST" ] ++ then ++ NODE_APPLICATION=$COMMAND_GUEST_X_SESSION ++ elif [ "$BOOTSTRAP_X_SESSION" = "1" ] ++ then ++ NODE_APPLICATION=$COMMAND_GDM_X_SESSION ++ fi ++ ;; ++ unix-kde|unix-cde) ++ export STARTUP="$NODE_APPLICATION" ++ if [ "$login_method" = "GUEST" ] ++ then ++ NODE_APPLICATION=$COMMAND_GUEST_X_SESSION ++ elif [ "$BOOTSTRAP_X_SESSION" = "1" ] ++ then ++ NODE_APPLICATION=$DEFAULT_X_SESSION ++ fi ++ ;; ++ esac ++ ++ # + # Startup the application + # + +@@ -370,6 +402,12 @@ + node_agent_persistent_session() + { + P="-nopersistent" ++ # Guest sessions are always nonpersistent ++ if [ "$login_method" = "GUEST" ] ++ then ++ echo "$P" ++ return ++ fi + OLD_IFS=$IFS + IFS="," + [ "$ENABLE_PERSISTENT_SESSION" = "all" ] && P="-persistent" +@@ -540,7 +578,8 @@ + + # Start the agent + +- PATH="$PATH_BIN:$PATH" $PATH_BIN/nxagent $P $R -name "NX - $user@$SERVER_NAME:$display - $session (GPL Edition)" -option "$USER_FAKE_HOME/.nx/C-$sess_id/options" $K $G $B $FP $AGENT_EXTRA_OPTIONS_X :$display 2>&3 & ++ #PATH="$PATH_BIN:$PATH" $COMMAND_NXAGENT $P $R -name "NX - $user@$SERVER_NAME:$display - $session (GPL Edition)" -option "$USER_FAKE_HOME/.nx/C-$sess_id/options" $K $G $B $FP $AGENT_EXTRA_OPTIONS_X :$display 2>&3 & ++ PATH="$PATH_BIN:$PATH" $COMMAND_NXAGENT $P $R -name "NX - $user@$SERVER_NAME:$display - $session (GPL Edition)" -option "$USER_FAKE_HOME/.nx/C-$sess_id/options" $B $FP $AGENT_EXTRA_OPTIONS_X :$display 2>&3 & + fi + + # +@@ -699,7 +738,15 @@ + [ -e "$USER_FAKE_HOME/.nx/C-$sess_id/scripts/mpoint" ] || return + cat "$USER_FAKE_HOME/.nx/C-$sess_id/scripts/mpoint" | while read mpoint + do +- $COMMAND_SMBUMOUNT "$mpoint" >/dev/null 2>/dev/null ++ for i in `seq 1 15` ; do ++ if [ "$(mount | grep "$mpoint" | wc -l)" -ne 0 ] ; then ++ $COMMAND_SMBUMOUNT "$mpoint" >/dev/null 2>/dev/null ++ [ $? -ne 0 ] && $COMMAND_SMBUMOUNT -f "$mpoint" >/dev/null 2>/dev/null ++ else ++ break ++ fi ++ sleep 0.5s ++ done + done + } + +@@ -842,9 +889,9 @@ + + if stringinstring "Session: Display failure detected at" "$line" + then +- echo "NX> 596 Error: Session $1 failed. Reason was: $line" + if [ "$1" = "restore" ] + then ++ echo "NX> 596 Error: Session $1 failed. Reason was: $line" + kill $NODE_TAIL_PID + break + fi +@@ -1030,6 +1077,7 @@ + session=$(getparam session) + type=$(getparam type | sed 's/%2d/-/g') + application=$(getparam application) ++ windows_app=$(getparam application) + cache=$(getparam cache) + images=$(getparam images) + cookie=$(getparam cookie) +@@ -1078,6 +1126,8 @@ + # Rootless fix from 2x nxserver 1.5.0 + realtype=$type + [ "$type" = "unix-application" -o "$type" = "unix-default" ] && realtype="unix-desktop" ++ [ "$type" = "unix-gnome" ] && realtype="gnome" ++ [ "$type" = "unix-kde" ] && realtype="kde" + + # NX 2.1.0 file-sharing port options + client=$(getparam client) +@@ -1132,6 +1182,8 @@ + shadowdisplay=$(getparam shadowdisplay) + shadowhost=$(getparam shadowhost) + ++ # Authentication method needed by guest mode. ++ login_method=$(getparam login_method) + + sess_id="$SERVER_NAME-$display-$uniqueid" + NXSESSION_DIRECTORY="$USER_FAKE_HOME/.nx/C-$sess_id" +@@ -1143,7 +1195,7 @@ + export agent_password + export agent_server + export agent_domain +- export windows_app=$application ++ export windows_app + agent_keyboard="" + [ "$ENABLE_EXTERNAL_NXDESKTOP_KEYBOARD" = "1" ] && agent_keyboard=$(echo "$keyboard" | cut -d'/' -f2) + export agent_keyboard +@@ -1184,6 +1236,17 @@ + [ -z "$userip" -a "$host" = "127.0.0.1" ] && userip="127.0.0.1" + [ -z "$userip" ] && userip="*" + fi ++ ++ # We need our own external IP ++ proxyip="$EXTERNAL_PROXY_IP" ++ ++ if [ -z "$proxyip" -a -n "$host" ] ++ then ++ [ "$host" = "127.0.0.1" ] && host=$(hostname) ++ proxyip=$(ping -c1 "$host" | grep 'PING' | cut -d'(' -f2 | cut -d')' -f1) ++ fi ++ ++ [ -z "$proxyip" ] && proxyip="127.0.0.1" + + # ok, lets make the session dir first: + +@@ -1245,7 +1308,7 @@ + umask 0077 + + cat << EOF > "$USER_FAKE_HOME/.nx/C-$sess_id/options" +-${keyboard:+keyboard=$keyboard,}${kbtype:+kbtype=$kbtype,}${kbload:+kbload=$kbload,}${keymap:+keymap=$keymap,}${resize:+resize=$resize,}${CACHE}${IMAGES}${PACK}link=$link,nodelay=$nodelay,type=$realtype,cleanup=0,${ACCEPT}cookie=$proxy_cookie,id=$sess_id,samba=$samba,media=$media${sync:+,sync=$sync}${cups:+,cups=$cups}${keybd:+,keybd=$keybd}${aux:+,aux=$aux}${http:+,http=$http}${rdpcolors:+,rdpcolors=$rdpcolors}${rdpcache:+,rdpcache=$rdpcache}${fullscreen:+,fullscreen=1}${clipboard:+,clipboard=$clipboard}${menu:+,menu=$menu}:$display ++nx/nx,${keyboard:+keyboard=$keyboard,}${kbtype:+kbtype=$kbtype,}${kbload:+kbload=$kbload,}${keymap:+keymap=$keymap,}${geometry:+geometry=$geometry,}${client:+client=$client,}${resize:+resize=$resize,}${CACHE}${IMAGES}${PACK}link=$link,nodelay=$nodelay,type=$realtype${clipboard:+,clipboard=$clipboard}${composite:+composite=$composite},cleanup=0,product=LFE/None/LFEN/None,shmem=1,${backingstore:+backingstore=$backingstore,}shpix=1,${ACCEPT}cookie=$proxy_cookie,id=$sess_id,samba=$samba,media=$media${sync:+,sync=$sync}${cups:+,cups=$cups}${keybd:+,keybd=$keybd}${aux:+,aux=$aux}${http:+,http=$http}${rdpcolors:+,rdpcolors=$rdpcolors}${rdpcache:+,rdpcache=$rdpcache}${fullscreen:+,fullscreen=1}${menu:+,menu=$menu}:$display + EOF + umask $OLD_UMASK + #samba=$samba, +@@ -1316,7 +1379,7 @@ + NX> 705 Session display: $display + NX> 703 Session type: $type + NX> 701 Proxy cookie: $proxy_cookie +-NX> 702 Proxy IP: $userip ++NX> 702 Proxy IP: $proxyip + NX> 706 Agent cookie: $cookie + NX> 704 Session cache: $type + NX> 707 SSL tunneling: $ssl_tunnel +@@ -1509,7 +1572,7 @@ + echo "NX> 716 Starting NX Agent ..." + shift + [ "$SET_LD_LIBRARY_PATH" = "1" ] && export LD_LIBRARY_PATH="$AGENT_LIBRARY_PATH:$LD_LIBRARY_PATH" +- PATH="$PATH:$PATH_BIN" $PATH_BIN/nxagent -name "NX Agent Test - Args: $@" $@ ++ PATH="$PATH:$PATH_BIN" $COMMAND_NXAGENT -name "NX Agent Test - Args: $@" $@ + echo "NX> 716 NX Agent exited with status: $?" + ;; + --setkey) +diff -rud -x .bzr freenx-server-0.7.3/nxnode-login freenx-server.fixes/nxnode-login +--- freenx-server-0.7.3/nxnode-login 2008-03-11 00:01:03.000000000 +0100 ++++ freenx-server.fixes/nxnode-login 2009-11-23 10:16:13.105349977 +0100 +@@ -61,7 +61,10 @@ + if { "$auth_method"=="ssh" } { + set pid [spawn -noecho $command_ssh -2 -x -l "$user" "$host" -o "NumberOfPasswordPrompts 1" -p "$port" "$executable $command" ] + } elseif { "$auth_method"=="su" } { ++ set env(LANG) "C" + set pid [spawn -noecho su - "$user" -c "$executable $command" ] ++} elseif { "$auth_method"=="guest" } { ++ set pid [spawn -noecho $executable $command ] + } else { + exit 1 + } +diff -rud -x .bzr freenx-server-0.7.3/nxredir/Makefile freenx-server.fixes/nxredir/Makefile +--- freenx-server-0.7.3/nxredir/Makefile 2008-07-31 20:12:33.000000000 +0200 ++++ freenx-server.fixes/nxredir/Makefile 2009-11-23 10:16:13.100350348 +0100 +@@ -1,14 +1,16 @@ +-all: libnxredir.so.0 ++all: libnxredir.so + + CC=gcc + CFLAGS=-g -O2 -Wall -fPIC +-LIBNAME=libnxredir.so.0 ++LIBNAME=libnxredir.so ++VERSION=0 + +-libnxredir.so.0: nxredir.o +- $(CC) -fPIC $(CFLAGS) -nostdlib -shared -o $(LIBNAME) nxredir.o -ldl -lc ++libnxredir.so: nxredir.o ++ $(CC) -fPIC $(CFLAGS) -nostdlib -shared -Wl,-soname,$(LIBNAME).$(VERSION) -o $(LIBNAME).$(VERSION) nxredir.o -ldl -lc + + clean: + rm -f $(LIBNAME) ++ rm -f $(LIBNAME).$(VERSION) + rm -f *.o + + ifneq ($(NX_VERSION),) +@@ -21,7 +23,7 @@ + perl -pi -e "s,CUPS_BACKEND=.*,CUPS_BACKEND=\"$$CUPS_BACKEND\",g" $(DESTDIR)/$$CUPS_BACKEND/nxsmb + else + install: all +- install -m755 libnxredir.so.0 $(DESTDIR)/usr/lib ++ install -m755 libnxredir.so $(DESTDIR)/usr/lib + install -m755 nxredir $(DESTDIR)/usr/bin + install -m755 nxsmb $(DESTDIR)/usr/lib/cups/backend/ + endif +diff -rud -x .bzr freenx-server-0.7.3/nxserver freenx-server.fixes/nxserver +--- freenx-server-0.7.3/nxserver 2008-08-22 02:44:43.000000000 +0200 ++++ freenx-server.fixes/nxserver 2009-11-23 10:16:13.100350348 +0100 +@@ -11,7 +11,7 @@ + # + # License: GNU GPL, version 2 + # +-# SVN: $Id: nxserver 580 2008-08-22 00:44:43Z fabianx $ ++# SVN: $Id: nxserver 612 2008-08-25 03:28:15Z fabianx $ + # + + # Read the config file +@@ -295,9 +295,9 @@ + then + [ -z "$(getparam shadowcookie)" ] && continue + +- if [ -x "$PATH_BIN/nxshadowacl" ] ++ if [ -x "$COMMAND_NXSHADOWACL" ] + then +- $PATH_BIN/nxshadowacl "$(getparam userName)" "$USER" || continue ++ $COMMAND_NXSHADOWACL "$(getparam userName)" "$USER" || continue + fi + fi + fi +@@ -334,7 +334,7 @@ + elif [ "$4" = "shadow" ] + then + available=$(getparam status) +- printf "%-7s %-16s %32s %8s %5s %-14s %-11s %s\n" "$(getparam display)" "$(getparam type)" "$(getparam sessionId)" "$options" "$depth" "$geom" "$available" "$(getparam sessionName) (Shadowed)" >> $TMPFILE ++ printf "%-7s %-16s %32s %8s %5s %-14s %-11s %s\n" "$(getparam display)" "$(getparam type)" "$(getparam sessionId)" "$options" "$depth" "$geom" "$available" "$(getparam sessionName) ($(getparam userName)) (Shadowed)" >> $TMPFILE + else + # only unix-* sessions can be resumed, but other session types can still be terminated + stringinstring "unix-" "$4" || available="N/A" +@@ -344,14 +344,14 @@ + egrep -q "^userName=$1$" $i && let SESSION_COUNT_USER=$SESSION_COUNT_USER+1 + done + +- if [ "$4" = "vnc" -a "$ENABLE_DESKTOP_SHARING" = "1" ] ++ if [ "$4" = "vnc" -o "$4" = "shadow" -a "$ENABLE_DESKTOP_SHARING" = "1" ] + then + export DESKTOP_SHARING_IDS="" + for i in $(LC_ALL=C netstat -ln --protocol=unix | egrep 'X11-unix/X[0-9]$' | sed 's/.*X\(.*\)/\1/g') + do + uniqueid=$(echo $[$RANDOM*$RANDOM] | $COMMAND_MD5SUM | cut -d" " -f1 | tr "[a-z]" "[A-Z]") + DESKTOP_SHARING_IDS="$DESKTOP_SHARING_IDS $uniqueid=$i" +- printf "%-7s %-16s %32s %8s %5s %-14s %-11s %s\n" "$i" "vnc-local" "$uniqueid" "--------" "$udepth" "$(echo $3 | cut -d'x' -f1,2)" "Running" "X$i (Local)" >> $TMPFILE ++ printf "%-7s %-16s %32s %8s %5s %-14s %-11s %s\n" "$i" "Local" "$uniqueid" "--------" "$udepth" "$(echo $3 | cut -d'x' -f1,2)" "Running" "X$i (Local)" >> $TMPFILE + done + fi + +@@ -796,6 +796,33 @@ + + USER=$USER2 + ++ # Guest authentication ++ if [ "$USER" = "NX guest user" ] ++ then ++ if [ "$ENABLE_GUEST_LOGIN" != "1" -o ! -x "$COMMAND_GUEST_LOGIN" ] ++ then ++ if [ "$ENABLE_GUEST_LOGIN" != "1" ] ++ then ++ echo_x "NX> 404 ERROR: guest authentication not enabled" ++ else ++ echo_x "NX> 404 ERROR: $COMMAND_GUEST_LOGIN not correct" ++ fi ++ echo_x "NX> 999 Bye" ++ if [ "$ENABLE_LOG_FAILED_LOGINS" = "1" ] ++ then ++ logger -t nxserver -i -p auth.info "($(whoami)) Failed login for user=$USER from IP=$(echo $SSH_CLIENT | awk '{print $1}')" ++ fi ++ exit 1 ++ fi ++ log 6 -n "guest " ++ nxnode_login "" -- guest "" "" "$COMMAND_GUEST_LOGIN" --check 2>&1 >/dev/null ++ if [ $? -eq 0 ] ++ then ++ LOGIN_SUCCESS="1" ++ LOGIN_METHOD="GUEST" ++ fi ++ fi ++ + # PASSDB based auth + if [ "$ENABLE_PASSDB_AUTHENTICATION" = "1" -a "$LOGIN_SUCCESS" = "0" ] + then +@@ -916,7 +943,10 @@ + export NODE_HOSTNAME + + # Use nxnode-login? +- if [ "$LOGIN_METHOD" = "SSH" ] ++ if [ "$LOGIN_METHOD" = "GUEST" ] ++ then ++ NXNODE_TOSEND="$@" nxnode_login "" -- guest "" "" "$COMMAND_GUEST_LOGIN" "$CMD" 2>&1 | log_tee ++ elif [ "$LOGIN_METHOD" = "SSH" ] + then + export COMMAND_SSH + NXNODE_TOSEND="$@" nxnode_login "$PASS" -- ssh "$USER" "$SSHD_PORT" "$PATH_BIN/nxnode" "$CMD" 2>&1 | log_tee +@@ -987,10 +1017,10 @@ + do + case "$CMD" in + "NX> 706"*) +- if [ -x "$PATH_BIN/nxshadowacl" ] ++ if [ -x "$COMMAND_NXSHADOWACL" ] + then + # check if we should save the cookie +- $PATH_BIN/nxshadowacl "$USER" ++ $COMMAND_NXSHADOWACL "$USER" + + if [ $? -eq 0 ] + then +@@ -1074,10 +1104,10 @@ + do + case "$CMD" in + "NX> 706"*) +- if [ -x "$PATH_BIN/nxshadowacl" ] ++ if [ -x "$COMMAND_NXSHADOWACL" ] + then + # check if we should save the cookie +- $PATH_BIN/nxshadowacl "$USER" ++ $COMMAND_NXSHADOWACL "$USER" + + if [ $? -eq 0 ] + then +@@ -1192,7 +1222,7 @@ + # Lock held + + SERVER_LB_NR=$(cat $NX_SESS_DIR/round-robin 2>/dev/null) +- let SERVER_LB_NR=(SERVER_LB_NR+1) % SERVER_LB_NR_OF_HOSTS ++ let SERVER_LB_NR=(SERVER_LB_NR+1)%SERVER_LB_NR_OF_HOSTS + echo $SERVER_LB_NR >$NX_SESS_DIR/round-robin + + # Exit critical section +@@ -1211,7 +1241,7 @@ + + for i in $LOAD_BALANCE_SERVERS + do +- SERVER_LB_LOAD=$($NX_DIR/bin/nxcheckload $i) ++ SERVER_LB_LOAD=$($COMMAND_NXCHECKLOAD $i) + [ -z "$SERVER_LB_LOAD" ] && continue + + if [ $SERVER_LB_LOAD -gt $SERVER_LB_MAX ] +@@ -1263,6 +1293,7 @@ + server_get_params $CMD + PARAMS=$SERVER_PARAMS + PARAMS="$PARAMS&clientproto=$PROTO" ++ PARAMS="$PARAMS&login_method=$LOGIN_METHOD" + CMDLINE=$PARAMS + echo_x + +@@ -1344,8 +1375,7 @@ + if [ "$ENABLE_EXTERNAL_NXDESKTOP" = "1" -a "$(getparam type)" = "windows" ] + then + type="windows-helper" +- application="$PATH_BIN/nxdesktop_helper" +- PARAMS="$PARAMS&type=$type&application=$application&freenx_export_agents=1" ++ PARAMS="$PARAMS&type=$type&freenx_export_agents=1" + CMDLINE=$PARAMS + fi + +@@ -1381,10 +1411,10 @@ + return 1 + fi + +- if [ -x "$PATH_BIN/nxacl" ] ++ if [ -x "$COMMAND_NXACL" ] + then +- log 3 "Info: Using $PATH_BIN/nxacl to change session parameters or deny session." +- NEW_PARAMS=$($PATH_BIN/nxacl "$CMDLINE") ++ log 3 "Info: Using $COMMAND_NXACL to change session parameters or deny session." ++ NEW_PARAMS=$($COMMAND_NXACL "$CMDLINE") + if [ $? -ne 0 ] + then + echo_x "NX> 596 The session failed due to a nxacl policy setting: $NEW_PARAMS" +@@ -1444,6 +1474,14 @@ + continue + fi + ++ let PROXY_DISPLAY=$SESS_DISPLAY+4000 ++ if $COMMAND_NETCAT -z "$SERVER_HOST" $PROXY_DISPLAY ++ then ++ log 2 "Warning: nxagent proxy without .nX$SESS_DISPLAY-lock found on host:port $SERVER_HOST:$AGENT_DISPLAY." ++ let SESS_DISPLAY=$SESS_DISPLAY+1 ++ continue ++ fi ++ + # Now check for the other enabled services + + let SAMBA_DISPLAY=$SESS_DISPLAY+3000 +@@ -1961,71 +1999,71 @@ + session_history "$user" "$sessid" + } + +-cmd_terminate() ++cmd_execute() + { +- CMD_PARAMS=$(cmd_parse_3_params "$2") +- [ -z "$CMD_PARAMS" ] && exit 1 +- for i in $CMD_PARAMS; ++ cmd_host="$1" ++ cmd_user="$2" ++ cmd_cmd="$3" ++ ++ if [ "$ENABLE_USERMODE_AUTHENTICATION" = "1" ] ++ then ++ sh -c "$cmd_cmd" ++ elif [ "$cmd_host" = "127.0.0.1" -o "$cmd_host" = "localhost" ] ++ then ++ su - "$cmd_user" -c "$cmd_cmd" ++ else ++ ssh "$cmd_host" su - "$cmd_user" -c "'$cmd_cmd'" ++ fi ++} ++ ++cmd_terminate_or_send() ++{ ++ CMD="$1" ++ ++ if [ "$CMD" = "--broadcast" ] ++ then ++ CMD_PARAMS=$(session_find_all) ++ [ -z "$CMD_PARAMS" ] && cmd_abort "Error: No running session could be found." ++ else ++ CMD_PARAMS=$(cmd_parse_3_params "$2") ++ [ -z "$CMD_PARAMS" ] && exit 1 ++ shift ++ fi ++ shift ++ ++ for i in $CMD_PARAMS + do + CMDLINE=$(session_get_cmdline $i) + cmd_sessionid=$(getparam sessionId) ++ cmd_display=$(getparam display) + cmd_user=$(getparam userName) + cmd_type=$(getparam type) + cmd_status=$(getparam status) ++ cmd_host=$(getparam host) + + # is it a "good" session? +- case "$1" in ++ case "$CMD" in + --suspend) + if [ "$cmd_status" = "Running" ] && stringinstring "unix-" "$cmd_type" + then +- echo "sessionid=$cmd_sessionid" | su - "$cmd_user" -c "$PATH_BIN/nxnode --suspend" ++ echo "sessionid=$cmd_sessionid" | cmd_execute "$cmd_host" "$cmd_user" "$PATH_BIN/nxnode --suspend" + fi + ;; + --terminate) +- echo "sessionid=$cmd_sessionid" | su - "$cmd_user" -c "$PATH_BIN/nxnode --terminate" ++ echo "sessionid=$cmd_sessionid" | cmd_execute "$cmd_host" "$cmd_user" "$PATH_BIN/nxnode --terminate" + ;; + --force-terminate) +- echo "sessionid=$cmd_sessionid" | su - "$cmd_user" -c "$PATH_BIN/nxnode --terminate" ++ echo "sessionid=$cmd_sessionid" | cmd_execute "$cmd_host" "$cmd_user" "$PATH_BIN/nxnode --terminate" + session_close $cmd_sessionid + ;; +- esac +- done +- +-} +- +-cmd_send() +-{ +- if [ "$1" = "--broadcast" ] +- then +- CMD_PARAMS=$(session_find_all) +- [ -z "$CMD_PARAMS" ] && cmd_abort "Error: No running session could be found." +- else +- CMD_PARAMS=$(cmd_parse_3_params "$2") +- [ -z "$CMD_PARAMS" ] && exit 1 +- shift +- fi +- shift +- for i in $CMD_PARAMS; +- do +- CMDLINE=$(session_get_cmdline $i) +- cmd_display=$(getparam display) +- cmd_user=$(getparam userName) +- cmd_type=$(getparam type) +- cmd_status=$(getparam status) +- cmd_host=$(getparam host) +- +- # is it a "good" session? +- if [ "$cmd_status" = "Running" ] && stringinstring "unix-" "$cmd_type" +- then +- if [ "$cmd_host" = "127.0.0.1" -o "$cmd_host" = "localhost" ] ++ --send|--broadcast) ++ # is it a "good" session? ++ if [ "$cmd_status" = "Running" ] && stringinstring "unix-" "$cmd_type" + then +- su - "$cmd_user" -c "$PATH_BIN/nxdialog --dialog ok --caption \"NX Administrator Message\" --message \"$@\" -display \":$cmd_display\" &" +- else +- ssh $cmd_host su - "$cmd_user" -c "'$PATH_BIN/nxdialog --dialog ok --caption \"NX Administrator Message\" --message \"$@\" -display \":$cmd_display\" &'" ++ cmd_execute "$cmd_host" "$cmd_user" "$PATH_BIN/nxdialog --dialog ok --caption \"NX Administrator Message\" --message \"$@\" -display \":$cmd_display\" &" + fi +- fi ++ esac + done +- #nxnode_start --send "$CMD_PARAMS" + } + + # +@@ -2099,13 +2137,13 @@ + cmd_history "$@" + ;; + --terminate|--suspend|--force-terminate) +- cmd_terminate "$@" ++ cmd_terminate_or_send "$@" + ;; + --cleanup) +- cmd_terminate "--force-terminate" "*" ++ cmd_terminate_or_send "--force-terminate" "*" + ;; + --send|--broadcast) +- cmd_send "$@" ++ cmd_terminate_or_send "$@" + ;; + *) + cmd_abort "Error: Function $CMD not implemented yet." +Only in freenx-server.fixes/nx-session-launcher: freenx.session.policy +diff -rud -x .bzr freenx-server-0.7.3/nx-session-launcher/nx-session-launcher freenx-server.fixes/nx-session-launcher/nx-session-launcher +--- freenx-server-0.7.3/nx-session-launcher/nx-session-launcher 2008-08-05 19:54:32.000000000 +0200 ++++ freenx-server.fixes/nx-session-launcher/nx-session-launcher 2009-11-23 10:16:13.105349977 +0100 +@@ -1,31 +1,170 @@ + #!/usr/bin/env python + ++import xml.parsers.expat as expat + import os + import gobject + import dbus + import sys ++import logging ++ ++logging.basicConfig (level=logging.ERROR, format='%(asctime)s %(name)-12s %(levelname)-8s %(message)s', stream=sys.stderr) ++log = logging.getLogger ("nx-session-launcher") ++log.debug ("Starting nx-session-launcher") + ++# Getting the system dbus + bus = dbus.SystemBus () + +-manager_obj = bus.get_object ('org.freedesktop.ConsoleKit', '/org/freedesktop/ConsoleKit/Manager') +-manager = dbus.Interface (manager_obj, 'org.freedesktop.ConsoleKit.Manager') ++USE_PK_CREDENTIALS = False + +-params = dbus.Array ([], signature = "(sv)") +-params.append (("unix-user", dbus.Int32 (os.getuid(), variant_level=1))) +-params.append (("session-type", dbus.String ("nx", variant_level=1))) +-params.append (("x11-display", dbus.String (os.environ['DISPLAY'], variant_level=1))) +-params.append (("is-local", dbus.Boolean (True, variant_level=1))) ++# ------------------- ConsoleKit integration ------------------------ + +-cookie = manager.OpenSessionWithParameters (params) +-os.environ['XDG_SESSION_COOKIE'] = cookie ++# Getting the ConsoleKit object ++ck_manager_obj = bus.get_object ('org.freedesktop.ConsoleKit', '/org/freedesktop/ConsoleKit/Manager') ++ck_manager = dbus.Interface (ck_manager_obj, 'org.freedesktop.ConsoleKit.Manager') ++objs = ck_manager.GetSeats () + +-current_session = manager.GetSessionForCookie (cookie) +-session_obj = bus.get_object ('org.freedesktop.ConsoleKit', current_session) +-session = dbus.Interface (session_obj, 'org.freedesktop.ConsoleKit.Session') ++nx_create_session = os.getenv('NX_CREATE_CK_SESSION') ++create_session = True ++if nx_create_session == "false": ++ create_session = False + +-properties = dbus.Interface (session_obj, 'org.freedesktop.DBus.Properties') +-properties.Set ("org.freedesktop.DBus.Properties", "active", dbus.Boolean (True, variant_level=1)) ++nx_session_type = os.getenv('NX_SESSION_TYPE') ++if nx_session_type == None: ++ nx_session_type = "nx" ++display = os.getenv('DISPLAY') + +-os.setreuid(os.getuid(), os.getuid()) +-os.spawnvp(os.P_WAIT, sys.argv[1], []) ++# Get the current session ++current_cookie = os.getenv('XDG_SESSION_COOKIE') ++current_session = None ++if current_cookie != None: ++ current_session = ck_manager.GetSessionForCookie (current_cookie) ++ ++def takeOwnership(): ++ log.debug ("NX_CREATE_CK_SESSION = " + current_cookie) ++ log.debug ("Not creating a CK session") ++ ++ session_obj = bus.get_object ('org.freedesktop.ConsoleKit', current_session) ++ session = dbus.Interface (session_obj, 'org.freedesktop.ConsoleKit.Session') ++ ++ properties = dbus.Interface (session_obj, 'org.freedesktop.DBus.Properties') ++ try: ++ properties.Set ("org.freedesktop.DBus.Properties", "active", dbus.Boolean (True, variant_level=1)) ++ properties.Set ("org.freedesktop.DBus.Properties", "is-local", dbus.Boolean (True, variant_level=1)) ++ properties.Set ("org.freedesktop.DBus.Properties", "session-type", dbus.String (nx_session_type, variant_level=1)) ++ if display != None: ++ properties.Set ("org.freedesktop.DBus.Properties", "x11-display", dbus.String (display, variant_level=1)) ++ log.debug ("Ownership taken") ++ return True ++ except expat.ExpatError, e: ++ error_string = str(e) ++ log.error ("Error: " + error_string) ++ log.error ("Falling back to create a new session") ++ return False ++ except dbus.DBusException, e: ++ error_string = str(e) ++ log.error ("Error: " + error_string) ++ log.error ("Falling back to create a new session") ++ return False ++ except Exception, e: ++ error_string = str(e) ++ log.error ("Error: " + error_string) ++ log.error ("Falling back to create a new session") ++ return False ++ ++def createSession(): ++ try: ++ # Defining the session attributes ++ params = dbus.Array ([], signature = "(sv)") ++ params.append (("unix-user", dbus.Int32 (os.getuid(), variant_level=1))) ++ params.append (("session-type", dbus.String (nx_session_type, variant_level=1))) ++ if display != None: ++ params.append (("x11-display", dbus.String (display, variant_level=1))) ++ params.append (("is-local", dbus.Boolean (True, variant_level=1))) ++ ++ # Create the ConsoleKit session ++ cookie = ck_manager.OpenSessionWithParameters (params) ++ log.debug ("Session " + cookie + " created") ++ ++ # Exporting the XDG_SESSION_COOKIE variable ++ os.environ['XDG_SESSION_COOKIE'] = cookie ++ ++ # Getting the ConsoleKit session ++ current_session = ck_manager.GetSessionForCookie (cookie) ++ session_obj = bus.get_object ('org.freedesktop.ConsoleKit', current_session) ++ session = dbus.Interface (session_obj, 'org.freedesktop.ConsoleKit.Session') ++ ++ # Setting the session as active ++ properties = dbus.Interface (session_obj, 'org.freedesktop.DBus.Properties') ++ properties.Set ("org.freedesktop.DBus.Properties", "active", dbus.Boolean (True, variant_level=1)) ++ ++ except dbus.DBusException, e: ++ # Dbus error problably you don't have the dbus rule installed or your launcher is not suid nx ++ # Open session without the parameters ++ log.error ("Failed to create a CK session using parameters") ++ ++ error_string = str(e) ++ log.error ("Error: " + error_string) ++ ++ # Create the ConsoleKit session ++ cookie = ck_manager.OpenSession () ++ log.debug ("Session " + cookie + " created") ++ ++ # Exporting the XDG_SESSION_COOKIE variable ++ os.environ['XDG_SESSION_COOKIE'] = cookie ++ ++def checkPermission (): ++ if USE_PK_CREDENTIALS == False: ++ return True ++ ++ policykit = bus.get_object ('org.freedesktop.PolicyKit', '/', "org/freedesktop/PolicyKit") ++ ++ if(policykit == None): ++ log.error ("Error: Could not get PolicyKit D-Bus Interface\n") ++ else: ++ polkit_interface = dbus.Interface (policykit, 'org.freedesktop.PolicyKit') ++ ++ try: ++ granted = polkit_interface.IsProcessAuthorized ("freenx.session.create", os.getpid(), "false") ++ ++ if granted == "yes": ++ return True ++ else: ++ return False ++ ++ except dbus.DBusException, e : ++ # Dbus error problably you don't have the PolicyKit rule installed ++ error_string = str(e) ++ log.error ("Error: " + error_string) ++ ++ ++if create_session and ( current_session == None or not takeOwnership () ): ++ log.debug("Creating a new session") ++ createSession () ++ pid = os.fork () ++ if pid == -1: ++ log.rrror ("error forking child") ++ elif pid == 0: ++ log.debug ("Forked") ++ else: ++ # Parent ++ status = os.waitpid (pid, 0) ++ os._exit (0) ++ ++if os.geteuid () != os.getuid (): ++ # Drop setuid privilege ++ os.setreuid(os.getuid(), os.getuid()) ++ ++ os.environ ['NX_CREATE_CK_SESSION'] = "false" ++ ++ # Reexecute this script to really drop euid privilege ++# os.spawnvp (os.P_WAIT, sys.argv[0], sys.argv) ++# sys.exit() ++ ++args = sys.argv ++args.pop(0) ++log.info ("Launching the program\n") ++if checkPermission (): ++ os.execvp(args[0], args) ++else: ++ log.error ("You don't have permission to execute the action\n") + +diff -rud -x .bzr freenx-server-0.7.3/nx-session-launcher/nx-session-launcher-suid.c freenx-server.fixes/nx-session-launcher/nx-session-launcher-suid.c +--- freenx-server-0.7.3/nx-session-launcher/nx-session-launcher-suid.c 2008-08-05 19:54:32.000000000 +0200 ++++ freenx-server.fixes/nx-session-launcher/nx-session-launcher-suid.c 2009-11-23 10:16:13.098350105 +0100 +@@ -23,8 +23,8 @@ + #include + #include + +-#ifndef NXSERVER_COMMAND +-#define NXSERVER_COMMAND "/usr/bin/nx-session-launcher" ++#ifndef SESSION_LAUNCHER_COMMAND ++#define SESSION_LAUNCHER_COMMAND "/usr/bin/nx-session-launcher" + #endif + + #define CK_LAUNCH_SESSION_COMMAND "/usr/bin/ck-launch-session" +@@ -47,7 +47,7 @@ + new_argv[0] = CK_LAUNCH_SESSION_COMMAND; + + }else{ +- new_argv[0] = NXSERVER_COMMAND; ++ new_argv[0] = SESSION_LAUNCHER_COMMAND; + } + + return execv(new_argv[0], new_argv); +diff -rud -x .bzr freenx-server-0.7.3/nx-session-launcher/README freenx-server.fixes/nx-session-launcher/README +--- freenx-server-0.7.3/nx-session-launcher/README 2008-08-05 23:30:58.000000000 +0200 ++++ freenx-server.fixes/nx-session-launcher/README 2009-11-23 10:16:13.098350105 +0100 +@@ -1,6 +1,8 @@ +-The unlock buttons on Users and Groups or Network are greyed out and un-accessible. Tried running from a term 'sudo users-admin' with the same results. ++The unlock buttons on Users and Groups or Network are greyed out and un-accessible. ++Running from a term 'sudo users-admin' should work the same way. (Not in Ubuntu due ++to bug https://bugs.edge.launchpad.net/ubuntu/+source/policykit/+bug/210897) + +-To correct the problem follow this steps: ++If you are not using a packed version, correct the problem by following this steps: + - Copy nx-session-launcher and nx-session-launcher-suid to /usr/bin + - Execute $ chown nx /usr/bin/nx-session-launcher-suid + - Execute $ chmod 4755 /usr/bin/nx-session-launcher-suid diff --git a/freenx-server-r104-fixes.patch b/freenx-server-r104-fixes.patch new file mode 100644 index 0000000..66e43c2 --- /dev/null +++ b/freenx-server-r104-fixes.patch @@ -0,0 +1,494 @@ +diff -rud -x .bzr freenx-server/init.d/freenx-server freenx-server.fixes/init.d/freenx-server +--- freenx-server/init.d/freenx-server 2009-11-23 10:16:13.100350348 +0100 ++++ freenx-server.fixes/init.d/freenx-server 2009-11-23 11:18:49.590351559 +0100 +@@ -1,43 +1,92 @@ + #!/bin/bash ++# ++# Sample startup script for FreeNX server ++# ++# Coypright (c) 2007 by Fabian Franz . ++# ++# License: GNU GPL, version 2 ++# ++# SVN: $Id: freenx-server 485 2008-03-02 10:29:52Z fabianx $ ++# ++# Modified to be chkconfig compatible by Johnny Hughes ++# ++# chkconfig: 2345 91 35 ++# description: Creates /tmp/.X11-unix/ if required and cleans up dead \ ++# NX sessions. + +-### BEGIN INIT INFO +-# Provides: freenx_server +-# Required-Start: sshd +-# Required-Stop: sshd +-# Default-Start: 2 3 4 5 +-# Default-Stop: 0 1 6 +-# Short-Description: FreeNX Server +-# Description: Cleanup FreeNX Server session database at boot time +-### END INIT INFO + +-PATH_BIN=/usr/lib/nx ++# Read the config file ++. /usr/bin/nxloadconfig -- ++ ++# Source function library. ++. /etc/init.d/functions ++prog="freenx-server" ++ ++start() { ++ su -s /bin/bash - nx -c "$PATH_BIN/nxserver --cleanup" > /dev/null 2>&1 < /dev/null ++ if [ ! -d "/tmp/.X11-unix" ]; then ++ mkdir -m1777 /tmp/.X11-unix/ ++ ret=$? ++ else ++ X11_owner=`/bin/ls -ald /tmp/.X11-unix | /bin/gawk {'print $3'}` ++ if [ "$X11_owner" != "root" ]; then ++ /bin/chown root /tmp/.X11-unix ++ fi ++ ret=0 ++ fi ++ if [ $ret -eq 0 ]; then ++ touch /var/lock/subsys/freenx-server ++ action $"Starting $prog: " /bin/true ++ else ++ action $"Starting $prog: " /bin/false ++ fi ++ echo ++ return $ret ++} ++ ++stop() { ++ su -s /bin/bash - nx -c "$PATH_BIN/nxserver --cleanup" > /dev/null 2>&1 < /dev/null ++ if [ -e "/var/lock/subsys/freenx-server" ]; then ++ rm -f /var/lock/subsys/freenx-server ++ ret=$? ++ else ++ ret=0 ++ fi ++ if [ $ret -eq 0 ]; then ++ action $"Stopping $prog: " /bin/true ++ else ++ action $"Stopping $prog: " /bin/false ++ fi ++ echo ++ return $ret ++} ++ ++restart() { ++ echo $"Restarting $prog:" ++ stop ++ start ++} + + case "$1" in +- start) +- if [ ! -e "/var/run/freenx-server" ]; then +- [ ! -d "/tmp/.X11-unix" ] && mkdir -m1755 /tmp/.X11-unix/ +- $PATH_BIN/nxserver --cleanup +- $PATH_BIN/nxserver --start +- touch "/var/run/freenx-server"; +- else +- echo "Not starting freenx-server, it's already started." +- fi +- ;; +- restart|force-reload) +- $PATH_BIN/nxserver --cleanup +- $PATH_BIN/nxserver --start +- touch "/var/run/freenx-server"; +- ;; +- stop) +- $PATH_BIN/nxserver --stop +- $PATH_BIN/nxserver --cleanup +- rm -f /var/run/freenx-server +- ;; +- status) +- [ ! -e "/var/run/freenx-server" ] || exit 3 +- exit 0; +- ;; +- *) +- echo "Usage: $0 " +- ;; ++ start) ++ start ++ ;; ++ stop) ++ stop ++ ;; ++ restart) ++ restart ++ ;; ++ status) ++ if [ -e "/var/lock/subsys/freenx-server" ]; then ++ echo $"$prog is running" ++ else ++ echo $"$prog is stopped" ++ fi ++ ;; ++ *) ++ echo $"Usage: $prog {start|stop|restart|status}" ++ exit 1 + esac ++ ++exit $? +diff -rud -x .bzr freenx-server/nxloadconfig freenx-server.fixes/nxloadconfig +--- freenx-server/nxloadconfig 2009-11-23 10:16:13.103349734 +0100 ++++ freenx-server.fixes/nxloadconfig 2009-11-23 12:54:19.852601780 +0100 +@@ -112,11 +112,28 @@ + + # Restriction directives + +-DISPLAY_BASE=1000 ++#JJK: DISPLAY_BASE=1000 ++#JJK: Change DISPLAY_BASE to 2000 to avoid conflict of DISPLAY_BASE+7000 with nasd ++DISPLAY_BASE=2000 + SESSION_LIMIT=200 + SESSION_USER_LIMIT="" #Calculated + DISPLAY_LIMIT=200 + ++#JJK: Added the following to allow printing when using cifs mount ++#JJK: Note the smb print port (#139) must then be tunnelled manually ++#JJK: from on the server to port 139 on the host ++#JJK: by running on the client: ++#JJK: ssh ... -R ::139 ++#JJK: If SAMBA_MOUNT_SHARE_PROTOCOL="smbfs" (technically, if it doesn't equal ++#JJK 'cifs' or in most cases 'both') then the ssh tunnel is automatically ++#JJK: set up from port on the server to port 139 ++#JJK: on the remote client. ++#JJK: Note in *all* cases, the cups printer on the client is accessed from ++#JJK: the server via the command line, using the following -h flag: ++#JJK: -h localhost: [-P ] ++#JJK: or via the CUPS web browser using: ++#JJK: http://localhost: ++SMBPORT_OFFSET=8000 + ENABLE_PERSISTENT_SESSION="all" + DISABLE_PERSISTENT_SESSION="" + +@@ -174,7 +191,11 @@ + ENABLE_CUPS_SEAMLESS="0" + CUPS_SEAMLESS_DELAY="10" + ENABLE_FOOMATIC="1" +-COMMAND_FOOMATIC="/usr/lib/cups/driver/foomatic-ppdfile" ++#JJK: COMMAND_FOOMATIC="/usr/lib/cups/driver/foomatic-ppdfile" ++COMMAND_FOOMATIC="/usr/bin/foomatic-ppdfile" ++ ++#JJK: added the following path referenced in nxprint ++PPD_DIR="/usr/share/cups/model" #JJK: Note /usr/share/ppd on some systems + + CUPS_BACKEND="/usr/lib/cups/backend" + CUPS_IPP_BACKEND="$CUPS_BACKEND/nxipp" +@@ -194,7 +215,8 @@ + KILL_DEFAULT_X_WM="1" + BOOTSTRAP_X_SESSION="0" + USER_X_STARTUP_SCRIPT=.Xclients +-DEFAULT_X_SESSION=/etc/X11/xdm/Xsession ++#JJK: DEFAULT_X_SESSION=/etc/X11/xdm/Xsession ++DEFAULT_X_SESSION=/etc/X11/xinit/Xsession + COMMAND_GDM_X_SESSION="/etc/gdm/Xsession custom" + if [ ! -x "$COMMAND_GDM_X_SESSION" ] + then +@@ -213,7 +235,7 @@ + COMMAND_SSH=ssh + COMMAND_SSH_KEYGEN=ssh-keygen + COMMAND_CUPSD=/usr/sbin/cupsd +-COMMAND_MD5SUM="openssl md5" ++COMMAND_MD5SUM="md5sum" + COMMAND_PERL=perl + COMMAND_RDESKTOP="rdesktop" + COMMAND_VNCVIEWER="vncviewer" +@@ -357,7 +379,7 @@ + [ -z "$AGENT_LIBRARY_PATH" ] && AGENT_LIBRARY_PATH=$PATH_LIB + [ -z "$PROXY_LIBRARY_PATH" ] && PROXY_LIBRARY_PATH=$PATH_LIB + [ -z "$APPLICATION_LIBRARY_PATH" ] && APPLICATION_LIBRARY_PATH=$PATH_LIB +-[ -z "$APPLICATION_LIBRARY_PRELOAD" ] && APPLICATION_LIBRARY_PRELOAD="$APPLICATION_LIBRARY_PATH/libX11.so.6.2:$APPLICATION_LIBRARY_PATH/libXext.so.6.4:$APPLICATION_LIBRARY_PATH/libXcomp.so:$APPLICATION_LIBRARY_PATH/libXcompext.so:$APPLICATION_LIBRARY_PATH/libXrender.so.1.2" ++[ -z "$APPLICATION_LIBRARY_PRELOAD" ] && APPLICATION_LIBRARY_PRELOAD="$APPLICATION_LIBRARY_PATH/libX11.so.6:$APPLICATION_LIBRARY_PATH/libXext.so.6:$APPLICATION_LIBRARY_PATH/libXcomp.so.3:$APPLICATION_LIBRARY_PATH/libXcompext.so.3:$APPLICATION_LIBRARY_PATH/libXrender.so.1" + + NX_BACKEND_VERSION=$(strings $COMMAND_NXAGENT 2>/dev/null | egrep 'NXAGENT - Version' | sed 's/.*Version //g') + +diff -rud -x .bzr freenx-server/nxnode freenx-server.fixes/nxnode +--- freenx-server/nxnode 2009-11-23 10:16:13.104350274 +0100 ++++ freenx-server.fixes/nxnode 2009-11-23 11:15:44.385476686 +0100 +@@ -20,6 +20,20 @@ + # Read the config file + . $(PATH=$(cd $(dirname $0) && pwd):$PATH which nxloadconfig) --userconf + ++#JJK: Added following 'if' stanza as a kluge since the following variables ++#JJK: need to be set in cmd_node_smbmount node_umount_smb ++#JJK: but they are currently set only in startsession which is called ++#JJK: separately from nxserver via ssh so environment variables ++#JJK: aren't preserved. ++if [[ "$SAMBA_MOUNT_SHARE_PROTOCOL" = "cifs" || \ ++ ( "$SAMBA_MOUNT_SHARE_PROTOCOL" = "both" && \ ++ `which "$COMMAND_SMBMOUNT_CIFS"` && `which "$COMMAND_SMBUMOUNT_CIFS"` ) \ ++ ]] > /dev/null 2>&1; then ++ COMMAND_SMBMOUNT=$COMMAND_SMBMOUNT_CIFS ++ COMMAND_SMBUMOUNT=$COMMAND_SMBUMOUNT_CIFS ++ SAMBA_MOUNT_SHARE_PROTOCOL="cifs" ++fi ++ + # + # ----------------------------------------------------------------------------- + # Startup of nxnode +@@ -659,11 +673,27 @@ + touch "$USER_FAKE_HOME/.nx/C-$sess_id/pids/cupsd" + + mkdir -p "$USER_FAKE_HOME/.nx/C-$sess_id/cups/spool/tmp" "$USER_FAKE_HOME/.nx/C-$sess_id/cups/spool/certs" "$USER_FAKE_HOME/.nx/C-$sess_id/cups/ppd" "$USER_FAKE_HOME/.nx/C-$sess_id/cups/cache" ++ mkdir -p "$USER_FAKE_HOME/.nx/C-$sess_id/cups/log" #JJK cups log file home ++ ++#JJK: Modifications to cupsd.conf ++#JJK: - Added SystemGroup line in order to add $USER to SystemGroup ++#JJK: - Moved all the log files to log/ ++#JJK: - Set AccessLog to: log/access_log (was /dev/null) ++#JJK: - Added listening on $NODE_CUPSD_PORT ++#JJK: Listen localhost: $NODE_CUPSD_PORT ++#JJK: - Removed following line because directive is specific to Debian ++#JJK: PidFile $USER_FAKE_HOME/.nx/C-$sess_id/pids/cupsd ++#JJK: - Access restrictions borrowed from /etc/cups/cupsd.conf ++#JJK: - Default policy borrowed from /etc/cups/cupsd.conf but modified ++#JJK: to allow Add, Delete, and Default printer without (password) ++#JJK: authentication ++#JJK: - Note for more detailed logging set: LogLevel debug + + cat < $USER_FAKE_HOME/.nx/C-$sess_id/cups/cupsd.conf +-AccessLog /dev/null +-ErrorLog error_log +-PageLog page_log ++SystemGroup sys root $USER ++AccessLog log/access_log ++ErrorLog log/error_log ++PageLog log/page_log + LogLevel info + TempDir $USER_FAKE_HOME/.nx/C-$sess_id/cups/spool/tmp + RequestRoot $USER_FAKE_HOME/.nx/C-$sess_id/cups/spool +@@ -671,19 +701,60 @@ + StateDir $USER_FAKE_HOME/.nx/C-$sess_id/cups/ + CacheDir $USER_FAKE_HOME/.nx/C-$sess_id/cups/cache + ++Listen localhost:$NODE_CUPSD_PORT + Listen $NODE_CUPSD_SOCKET + Browsing Off + ServerName localhost +-PidFile $USER_FAKE_HOME/.nx/C-$sess_id/pids/cupsd + ++#JJK: Restrict access to the server... + + Order Deny,Allow + Deny From All + Allow from 127.0.0.1 + + ++#JJK: Restrict access to the admin pages... ++ ++ Encryption Required ++ Order allow,deny ++ Allow localhost ++ ++ ++#JJK: Restrict access to configuration files... ++ ++ AuthType Basic ++ Require user @SYSTEM ++ Order allow,deny ++ Allow localhost ++ ++ + # Allow everything for anonymous, because we are protected through UNIX socket ++#JJK: Since allowing access via $NODE_CUPSD_PORT, need to add protection + ++ #JJK: Job-related operations must be done by the owner or an adminstrator... ++ ++ Require user @OWNER @SYSTEM ++ Order deny,allow ++ ++ ++ #JJK:All administration operations require an adminstrator to authenticate... ++ ++ AuthType Basic ++ Require user @SYSTEM ++ Order deny,allow ++ ++ ++ #JJK: Except need to allow these for nxnode to work ++ ++ Order deny,allow ++ ++ ++ # Only the owner or an administrator can cancel or authenticate a job... ++ ++ Require user @OWNER @SYSTEM ++ Order deny,allow ++ ++ + + AuthType None + Order deny,allow +@@ -695,9 +766,17 @@ + + # copy mime.* files + cp -af "$CUPS_ETC"/mime.* "$USER_FAKE_HOME/.nx/C-$sess_id/cups/" ++ #JJK: Also copy over pstoraster.convs ++ cp -af "$CUPS_ETC"/mime.* "$CUPS_ETC"/pstoraster.convs "$USER_FAKE_HOME/.nx/C-$sess_id/cups/" + + # start cupsd +- $COMMAND_CUPSD -c "$USER_FAKE_HOME/.nx/C-$sess_id/cups/cupsd.conf" &>/dev/null /dev/null /dev/null "$USER_FAKE_HOME/.nx/C-$sess_id/pids/cupsd" + + # setup KDE + if [ "$ENABLE_KDE_CUPS" = "1" -a -e "$KDE_PRINTRC" ] +@@ -747,6 +826,7 @@ + fi + sleep 0.5s + done ++ rmdir "$mpoint" >/dev/null 2>/dev/null #JJK:Remove mount point if empty + done + } + +@@ -1166,6 +1246,7 @@ + + COMMAND_SMBMOUNT=/bin/true + COMMAND_SMBUMOUNT=/bin/true ++ smbport=139 #JJK: still may want to do printer sharing... + else # smbfs + smbport=139 + fi +@@ -1436,7 +1517,8 @@ + password=$(getparam password) + share=$(getparam share) + computername=$(getparam computername) +- dir=$(getparam dir | sed 's|$(SHARES)|MyShares|g') ++#JJK: dir=$(getparam dir | sed 's|$(SHARES)|MyShares|g') ++ dir=$(getparam dir | sed 's/\(%24\|\$\)(SHARES)/MyShares/g') + # rdir=$(getparam dir | sed 's|$(SHARES)/||g') + display=$(cd $USER_FAKE_HOME/.nx/; echo C-$SERVER_NAME-*-$sessionid | awk 'BEGIN {FS="-"} {i=NF-1; print $i}') + mkdir -p "$HOME/$dir" +@@ -1456,6 +1538,7 @@ + echo "$HOME/$dir" >> "$USER_FAKE_HOME/.nx/C-$SERVER_NAME-$display-$sessionid/scripts/mpoint" + else + $PATH_BIN/nxdialog -dialog ok -caption "NXServer Message" -message "Info: Share: '//$computername/$share' failed to mount: $error" -display :$display & ++ rmdir "$HOME/$dir" >/dev/null 2>/dev/null #JJK: Remove mount point if empty + fi + } + +@@ -1478,6 +1561,12 @@ + # this will also setup the userspace cupsd + export CUPS_SERVER=$(node_cupsd_get_socket) + ++#JJK: The following if-stanza kludge added to enable printing when smbport=cifs ++#JJK: since smb printing won't work when forwarded over port 445 ++ if [ "$SAMBA_MOUNT_SHARE_PROTOCOL" = "cifs" ] ; then ++ let port=$port+$SMBPORT_OFFSET ++ fi ++ + if [ "$type" = "smb" ] + then + if [ -x "$CUPS_BACKEND/nxsmb" ] +@@ -1506,6 +1595,9 @@ + + if [ "$ENABLE_CUPS_SEAMLESS" != "1" ] + then ++ #JJK: Export the following variables for use by nxdialog/nxprint ++ #JJK: Note they are also exported in nxdialog but doesn't help there ++ export ENABLE_FOOMATIC COMMAND_FOOMATIC PPD_DIR + MODEL=$($PATH_BIN/nxdialog -printer "$NAME" -display :$display) + [ -z "$MODEL" -o "$MODEL" = "cancel: aborted" ] && return + else +@@ -1513,7 +1605,11 @@ + MODEL="download_cached" + fi + +- PUBLIC="-u allow:$USER" ++#JJK: I like to also allow 'guest' so you can do things like print ++#JJK: testpages from the CUPS web interface. Note this is required ++#JJK: even for the original user to print test pages ++#JJK: PUBLIC="-u allow:$USER" ++ PUBLIC="-u allow:$USER,guest" + [ "$public" == "1" ] && PUBLIC="" + + if [ "$MODEL" = "download_new" -o "$MODEL" = "download_cached" ] +diff -rud -x .bzr freenx-server/nxprint freenx-server.fixes/nxprint +--- freenx-server/nxprint 2009-11-23 10:16:13.102350032 +0100 ++++ freenx-server.fixes/nxprint 2009-11-23 10:52:01.353353153 +0100 +@@ -51,7 +51,8 @@ + if [ -z "$(find $UTILITY_DRIVERS_CACHE.all -mmin -60 2> /dev/null)" ] + then + { +- cd /usr/share/ppd/ ++#JJK: cd /usr/share/ppd/ ++ cd $PPD_DIR + awk -F '"' '/\*Manufacturer:/ { a[FILENAME]=$2 } + /\*NickName:/ { b[FILENAME]=$2 } + END { +diff -rud -x .bzr freenx-server/nxredir/Makefile freenx-server.fixes/nxredir/Makefile +--- freenx-server/nxredir/Makefile 2009-11-23 10:16:13.100350348 +0100 ++++ freenx-server.fixes/nxredir/Makefile 2009-11-23 11:57:13.481350660 +0100 +@@ -9,13 +9,12 @@ + $(CC) -fPIC $(CFLAGS) -nostdlib -shared -Wl,-soname,$(LIBNAME).$(VERSION) -o $(LIBNAME).$(VERSION) nxredir.o -ldl -lc + + clean: +- rm -f $(LIBNAME) + rm -f $(LIBNAME).$(VERSION) + rm -f *.o + + ifneq ($(NX_VERSION),) + install: all +- install -m755 $(LIBNAME) $(DESTDIR)/$$PATH_LIB/ ++ install -m755 $(LIBNAME).$(VERSION) $(DESTDIR)/$$PATH_LIB/ + install -m755 nxredir $(DESTDIR)/$$PATH_BIN/ + install -m755 nxsmb $(DESTDIR)/$$CUPS_BACKEND/ + perl -pi -e "s,PATH_LIB=.*,PATH_LIB=\"$$PATH_LIB\",g" $(DESTDIR)/$$PATH_BIN/nxredir +diff -rud -x .bzr freenx-server/nxredir/nxsmb freenx-server.fixes/nxredir/nxsmb +--- freenx-server/nxredir/nxsmb 2009-11-23 10:16:13.098350105 +0100 ++++ freenx-server.fixes/nxredir/nxsmb 2009-11-23 10:52:01.354352855 +0100 +@@ -18,6 +18,11 @@ + PROTOCOL=$(echo $DEVICE_URI | cut -d/ -f4) + PRINTER=$(echo $DEVICE_URI | cut -d/ -f5) + ++if [ "$#" -eq 0 ] ++then ++ exit 0 ++fi ++ + if [ -z "$PRINTER" ] # old style setup + then + echo "Warning: Not using nxredir library. The DEVICE_URI is not in the right format." +diff -rud -x .bzr freenx-server/nxserver freenx-server.fixes/nxserver +--- freenx-server/nxserver 2009-11-23 10:16:13.100350348 +0100 ++++ freenx-server.fixes/nxserver 2009-11-23 10:52:01.356476314 +0100 +@@ -17,6 +17,22 @@ + # Read the config file + . $(PATH=$(cd $(dirname $0) && pwd):$PATH which nxloadconfig) -- + ++if test ! -e $NX_ETC_DIR/users.id_dsa; then ++ $COMMAND_SSH_KEYGEN -q -t dsa -N "" -f $NX_ETC_DIR/users.id_dsa ++fi ++ ++if test ! -e $NX_ETC_DIR/client.id_dsa.key -o ! -e $NX_ETC_DIR/server.id_dsa.pub.key; then ++ $COMMAND_SSH_KEYGEN -q -t dsa -N "" -f $NX_ETC_DIR/local.id_dsa ++ mv -f $NX_ETC_DIR/local.id_dsa $NX_ETC_DIR/client.id_dsa.key ++ mv -f $NX_ETC_DIR/local.id_dsa.pub $NX_ETC_DIR/server.id_dsa.pub.key ++ chmod 0600 $NX_ETC_DIR/client.id_dsa.key $NX_ETC_DIR/server.id_dsa.pub.key ++fi ++ ++if test ! -s $NX_HOME_DIR/.ssh/known_hosts -a -e /etc/ssh/ssh_host_rsa_key.pub; then ++ echo -n "127.0.0.1 " > $NX_HOME_DIR/.ssh/known_hosts ++ cat /etc/ssh/ssh_host_rsa_key.pub >> $NX_HOME_DIR/.ssh/known_hosts 2>/dev/null ++fi ++ + # following two functions are Copyright by Klaus Knopper + + stringinstring(){ +@@ -1466,7 +1482,7 @@ + done + + # Check if there is already an agent running on that display on that host +- let AGENT_DISPLAY=$SESS_DISPLAY+6000 ++ let AGENT_DISPLAY=$SESS_DISPLAY-$DISPLAY_BASE+6000 + if $COMMAND_NETCAT -z "$SERVER_HOST" $AGENT_DISPLAY 2>/dev/null + then + log 2 "Warning: Stray nxagent without .nX$SESS_DISPLAY-lock found on host:port $SERVER_HOST:$AGENT_DISPLAY." diff --git a/freenx.spec b/freenx.spec new file mode 100644 index 0000000..591edb4 --- /dev/null +++ b/freenx.spec @@ -0,0 +1,386 @@ +# --with NomachineKey +# Allow login with the key shipped with the NoMachine client. +# This can be a security risk, so it is disabled by default +# and an SSH key is generated at install time. +%bcond_with NomachineKey + +Summary: Free NX implementation +Name: freenx +Version: 0.7.3 +Release: %mkrel 10 +License: GPLv2 +Group: Networking/Remote access +URL: http://freenx.berlios.de/ +Source0: http://download.berlios.de/freenx/freenx-server-%{version}.tar.gz +Source1: freenx-nxserver.logrotate +Patch0: freenx-server-0.7.3-lp-fixes.patch +Patch1: freenx-server-r104-fixes.patch +Patch2: freenx-server-0.7.3-connection-fix.patch +Requires: expect +Requires: netcat +Requires: nxagent +Requires: nxproxy +Requires: openssh-server +Requires: Xdialog +Requires: xmessage +Requires: xterm +Requires(pre): rpm-helper +Requires(post): expect +BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root + +%description +NoMachine NX is the next-generation X compression and roundtrip +suppression scheme. It can operate remote X11 sessions over 56k +modem dialup links or anything better. + +This package contains a free (GPL) implementation of the nxserver +component. + +%prep +%setup -q -n %{name}-server-%{version} +%patch0 -p1 -b .lp +%patch1 -p1 -b .fixes +%patch2 -p0 -b .connection-fix + +%build +perl -pi -e "s|/var/lib/nxserver/home|%{_localstatedir}/lib/nxserver/nxhome|" nxloadconfig +pushd nxserver-helper +%make +popd + +# README.install.urpmi doesn't work yet. +cat << EOF > README.urpmi +After installing this package, an nx user is created (this is a +system user, do not try to log in as him), with a home located +at %{_localstatedir}/lib/nxserver/nxhome. His password is a random +32-character password. + +%if %with NomachineKey +Using Nomachine ssh key, warning, this is a potential security risk. +%else +Your user must install the key located at: +%{_localstatedir}/lib/nxserver/nxhome/.ssh/client.id_dsa.key +to log in. + +For knx, put it in: %{_datadir}/knx/ with world-readable right. +For nomachine.com Nx client for windows put it in : C:\Program +Files\NX Client for Windows\share + +You user will now be able to log in using their username +and password provided you have ssh logins enabled for them +%endif +EOF + +%install +rm -rf %{buildroot} +mkdir -p %{buildroot}%{_bindir} +mkdir -p %{buildroot}%{_sbindir} +install -m 755 {nxdialog,nxkeygen,nxloadconfig,nxnode,nxnode-login,nxserver,nxserver-helper/nxserver-helper} %{buildroot}%{_bindir} +install -m 755 nxsetup %{buildroot}%{_sbindir} + +mkdir -p %{buildroot}%{_localstatedir}/lib/nxserver/nxhome/.ssh +mkdir -p %{buildroot}%{_localstatedir}/lib/nxserver/db/{closed,failed,running} +mkdir -p %{buildroot}%{_sysconfdir}/nxserver +mkdir -p %{buildroot}%{_logdir} +/bin/touch %{buildroot}%{_sysconfdir}/nxserver/{passwords,passwords.orig,users.id_dsa,users.id_dsa.pub} +/bin/touch %{buildroot}%{_localstatedir}/lib/nxserver/nxhome/.ssh/{server.id_dsa.pub.key,client.id_dsa.key,authorized_keys2,known_hosts} +/bin/touch %{buildroot}%{_logdir}/nxserver.log +install node.conf.sample %{buildroot}%{_sysconfdir}/nxserver/node.conf +#/bin/echo 'ENABLE_1_5_0_BACKEND="1"' >> %{buildroot}%{_sysconfdir}/nxserver/node.conf +/bin/echo 'ENABLE_2_0_0_BACKEND="1"' >> %{buildroot}%{_sysconfdir}/nxserver/node.conf +/bin/echo 'ENABLE_ROOTLESS_MODE="1"' >> %{buildroot}%{_sysconfdir}/nxserver/node.conf +mkdir -p %{buildroot}%{_sysconfdir}/logrotate.d +cp -a %{SOURCE1} %{buildroot}%{_sysconfdir}/logrotate.d/%{name} + +# install init script +install -D -m 755 init.d/freenx-server %{buildroot}%{_initrddir}/freenx-server + +# tell spec-helper to not remove passwords.orig +export DONT_CLEANUP=1 + +%clean +rm -rf %{buildroot} + +%pre +if [ $1 = 1 ]; then + %_pre_useradd nx %{_localstatedir}/lib/nxserver/nxhome %{_bindir}/nxserver +fi + +%postun +if [ $1 = 0 ]; then + %_postun_userdel nx +fi + +%post +%_post_service freenx-server + +# make a link from %{_usr}/X11R6/lib/X11/fonts -> %{_datadir}/fonts if needed +[ ! -d %{_usr}/X11R6/lib/X11/fonts ] && %{__ln_s} %{_datadir}/fonts %{_usr}/X11R6/lib/X11/ +if [ $1 = 1 ]; then + %{_bindir}/ssh-keygen -f %{_sysconfdir}/nxserver/users.id_dsa -t dsa -N "" 2>&1 > /dev/null + chown nx.root %{_sysconfdir}/nxserver/users.id_dsa + chmod 600 %{_sysconfdir}/nxserver/users.id_dsa + +%if %with NomachineKey + cat << EOF > %{_localstatedir}/lib/nxserver/nxhome/.ssh/authorized_keys2 +ssh-dss AAAAB3NzaC1kc3MAAACBAJe/0DNBePG9dYLWq7cJ0SqyRf1iiZN/IbzrmBvgPTZnBa5FT/0Lcj39sRYt1paAlhchwUmwwIiSZaON5JnJOZ6jKkjWIuJ9MdTGfdvtY1aLwDMpxUVoGwEaKWOyin02IPWYSkDQb6cceuG9NfPulS9iuytdx0zIzqvGqfvudtufAAAAFQCwosRXR2QA8OSgFWSO6+kGrRJKiwAAAIEAjgvVNAYWSrnFD+cghyJbyx60AAjKtxZ0r/Pn9k94Qt2rvQoMnGgt/zU0v/y4hzg+g3JNEmO1PdHh/wDPVOxlZ6Hb5F4IQnENaAZ9uTZiFGqhBO1c8Wwjiq/MFZy3jZaidarLJvVs8EeT4mZcWxwm7nIVD4lRU2wQ2lj4aTPcepMAAACANlgcCuA4wrC+3Cic9CFkqiwO/Rn1vk8dvGuEQqFJ6f6LVfPfRTfaQU7TGVLk2CzY4dasrwxJ1f6FsT8DHTNGnxELPKRuLstGrFY/PR7KeafeFZDf+fJ3mbX5nxrld3wi5titTnX+8s4IKv29HJguPvOK/SI7cjzA+SqNfD7qEo8= root@nettuno +EOF +%else + %{_bindir}/ssh-keygen -q -t dsa -N '' -f %{_localstatedir}/lib/nxserver/nxhome/.ssh/local.id_dsa 2>&1 > /dev/null + mv -f %{_localstatedir}/lib/nxserver/nxhome/.ssh/local.id_dsa %{_localstatedir}/lib/nxserver/nxhome/.ssh/client.id_dsa.key + mv -f %{_localstatedir}/lib/nxserver/nxhome/.ssh/local.id_dsa.pub %{_localstatedir}/lib/nxserver/nxhome/.ssh/server.id_dsa.pub.key + cat %{_localstatedir}/lib/nxserver/nxhome/.ssh/server.id_dsa.pub.key > %{_localstatedir}/lib/nxserver/nxhome/.ssh/authorized_keys2 + +%endif + /bin/echo -n "127.0.0.1 " > %{_localstatedir}/lib/nxserver/nxhome/.ssh/known_hosts + cat %{_sysconfdir}/ssh/ssh_host_rsa_key.pub >> %{_localstatedir}/lib/nxserver/nxhome/.ssh/known_hosts + chmod 600 %{_localstatedir}/lib/nxserver/nxhome/.ssh/* + chown nx.root %{_localstatedir}/lib/nxserver/nxhome/.ssh/* + %create_ghostfile %{_sysconfdir}/nxserver/users.id_dsa.pub root root 644 + %create_ghostfile %{_sysconfdir}/nxserver/passwords.orig nx root 600 + %create_ghostfile %{_sysconfdir}/nxserver/passwords nx root 600 + %create_ghostfile %{_logdir}/nxserver.log nx root 600 + %{_bindir}/mkpasswd -l 32 | %{_bindir}/passwd --stdin nx 2>&1 > /dev/null +fi + +%preun +%_preun_service freenx-server + +%files +%defattr(0644,root,root,0755) +%doc AUTHORS README.urpmi +%attr(0755,root,root) %{_bindir}/nxdialog +%attr(0755,root,root) %{_bindir}/nxkeygen +%attr(0755,root,root) %{_bindir}/nxloadconfig +%attr(0755,root,root) %{_bindir}/nxnode +%attr(0755,root,root) %{_bindir}/nxnode-login +%attr(0755,root,root) %{_bindir}/nxserver +%attr(0755,root,root) %{_bindir}/nxserver-helper +%attr(0755,root,root) %{_sbindir}/nxsetup +%config(noreplace) %{_sysconfdir}/logrotate.d/%{name} +%attr(0755,root,root) %{_initrddir}/freenx-server +%attr(755,nx,root) %dir %{_sysconfdir}/nxserver +%attr(755,nx,root) %dir %{_localstatedir}/lib/nxserver +%attr(755,nx,root) %dir %{_localstatedir}/lib/nxserver/db +%attr(700,nx,root) %dir %{_localstatedir}/lib/nxserver/db/closed +%attr(700,nx,root) %dir %{_localstatedir}/lib/nxserver/db/failed +%attr(700,nx,root) %dir %{_localstatedir}/lib/nxserver/db/running +%attr(755,nx,root) %dir %{_localstatedir}/lib/nxserver/nxhome +%attr(700,nx,root) %dir %{_localstatedir}/lib/nxserver/nxhome/.ssh +%attr(644,nx,root) %config(noreplace) %{_sysconfdir}/nxserver/node.conf +%attr(600,nx,root) %ghost %{_sysconfdir}/nxserver/passwords +%attr(600,nx,root) %ghost %{_sysconfdir}/nxserver/users.id_dsa +%attr(644,root,root) %ghost %{_sysconfdir}/nxserver/users.id_dsa.pub +%attr(600,nx,root) %ghost %{_sysconfdir}/nxserver/passwords.orig +%attr(600,nx,root) %ghost %{_localstatedir}/lib/nxserver/nxhome/.ssh/known_hosts +%attr(600,nx,root) %ghost %{_localstatedir}/lib/nxserver/nxhome/.ssh/authorized_keys2 +%attr(600,nx,root) %ghost %{_localstatedir}/lib/nxserver/nxhome/.ssh/client.id_dsa.key +%attr(600,nx,root) %ghost %{_localstatedir}/lib/nxserver/nxhome/.ssh/server.id_dsa.pub.key +# E: freenx non-root-user-log-file /var/log/nxserver.log nx +%attr(600,nx,root) %ghost %{_logdir}/nxserver.log + + +%changelog +* Mon Feb 28 2011 Funda Wang 0.7.3-10mdv2011.0 ++ Revision: 640868 +- rebuild + +* Mon Feb 14 2011 Lev Givon 0.7.3-9 ++ Revision: 637651 +- Patch nxserver connection problem (#61008). + +* Mon Feb 14 2011 Lev Givon 0.7.3-8 ++ Revision: 637644 +- Correct path to nxloadconfig (#61530). + Use su instead of runuser in init script. + +* Sun Dec 05 2010 Oden Eriksson 0.7.3-7mdv2011.0 ++ Revision: 610766 +- rebuild + +* Tue Jun 01 2010 Ahmad Samir 0.7.3-6mdv2010.1 ++ Revision: 546825 +- drop patche0, it's old and doesn't apply anyway +- add two patches from Fedora, should fix (mdv#59579) and (mdv#59572) +- drop patches 2,3 as they're part of the Fedora patches now +- renumber the patches + +* Sun Mar 28 2010 Ahmad Samir 0.7.3-5mdv2010.1 ++ Revision: 528539 +- really sync sources +- clean spec +- add patch from CentOS to use the init script to make sure /tmp/.X11-unix + exists otherwise freenx fails to work, also the init script cleans out dead + NX sessions (fixes mdv bug#51240) + +* Mon Nov 30 2009 Ahmad Samir 0.7.3-4mdv2010.1 ++ Revision: 471959 +- Remove ENABLE_1_5_0_BACKEND="1" (fix bug #51242) + +* Fri Sep 11 2009 Thierry Vignaud 0.7.3-3mdv2010.0 ++ Revision: 437593 +- rebuild + +* Tue Dec 16 2008 Adam Williamson 0.7.3-2mdv2009.1 ++ Revision: 314711 +- package is no longer noarch, nxserver-helper is a binary +- build and install nxserver-helper: needed for slave mode to work, which + seems to be upstream's preferred method now + +* Tue Dec 09 2008 Adam Williamson 0.7.3-1mdv2009.1 ++ Revision: 312057 +- update nxagent version patch for 3.3.0 +- drop removeunix-sockets.patch (merged upstream) +- drop 0.7.1-0.7.2-405-417.patch (superseded by 0.7.3) +- new license policy +- new release 0.7.3 + +* Thu Jul 24 2008 Thierry Vignaud 0.7.1-7mdv2009.0 ++ Revision: 245399 +- rebuild + + + Pixel + - adapt to %%_localstatedir now being /var instead of /var/lib (#22312) + +* Thu Jan 31 2008 Emmanuel Blindauer 0.7.1-5mdv2008.1 ++ Revision: 160624 +- fixed typo + +* Mon Jan 28 2008 Emmanuel Blindauer 0.7.1-4mdv2008.1 ++ Revision: 159077 +- fix patch +- BS: fix the patch and make what I say! +- removed 0.7.0 source +- fix typo +- removed typo +- update patch for 3.1.0 +- really patch for 3.1.0 + +* Sun Jan 27 2008 Emmanuel Blindauer 0.7.1-2mdv2008.1 ++ Revision: 158781 +- readd patch +- remove patch ?! +- dont forget to bump release +- added patch for nx-3.1.0 + added patch for testing unix sockets (Yves-Gael Cheny) + +* Sun Jan 27 2008 Emmanuel Blindauer 0.7.1-1mdv2008.1 ++ Revision: 158691 +- bumped to 0.7.2 (0.7.1 + svn upgrade) + removed patch0 (merged uptream) + + + Olivier Blin + - restore BuildRoot + + + Thierry Vignaud + - kill re-definition of %%buildroot on Pixel's request + +* Thu Sep 06 2007 Jérôme Soyer 0.7.0-1mdv2008.0 ++ Revision: 80702 +- New release 0.7.0 + +* Mon Aug 20 2007 Emmanuel Blindauer 0.6.0-3mdv2008.0 ++ Revision: 67230 ++ rebuild (emptylog) + +* Mon Aug 20 2007 Emmanuel Blindauer 0.6.0-2mdv2008.0 ++ Revision: 67215 +- really fix the missing link. REALLY! + + +* Wed Mar 14 2007 Emmanuel Blindauer 0.6.0-2mdv2007.1 ++ Revision: 143892 +- don't forget to increase release +- remove the link fonts from package +- Fixes creation of /usr/X11R6/lib/X11/fonts if not available + + + David Walluck + - update sources + - 0.6.0 + macros + use macros for paths + create users.id_dsa.pub ghostfile + use %%bcond_with + some grammar fixes + bunzip2 souces and patches and use more consistent names + use more explicit file list + +* Thu Jan 04 2007 Crispin Boylan 0.5.0-3.rev281.3mdv2007.1 ++ Revision: 103936 +- Fix typo in Requires + +* Wed Jan 03 2007 Crispin Boylan 0.5.0-3.rev281.2mdv2007.1 ++ Revision: 103901 +- Actually bump revision + +* Wed Jan 03 2007 Crispin Boylan 0.5.0-3.rev281.1mdv2007.1 ++ Revision: 103891 +- Fix Requires (#26321) +- Import freenx + +* Thu Sep 21 2006 Emmanuel Blindauer 0.5.0-3.rev281.1mdv2007.0 +- upgrade to svn 281 to be compatible with nx-2.0.0 and nxclient v2 +- enable NX 2.0.0 backend +- add link for fonts to support /usr/share/fonts + +* Sun Jul 30 2006 Couriousous 0.5.0-2mdv2007.0 +- Add expect to requires(post) + +* Thu Jul 13 2006 Couriousous 0.5.0-1mdv2007.0 +- 0.5.0 + +* Mon Aug 08 2005 Couriousous 0.4.4-1mdk +- 0.4.4 + +* Sun Jul 31 2005 Couriousous 0.4.3-2mdk +- Enable NX 1.5.0 backend + +* Sat Jul 30 2005 Couriousous 0.4.3-1mdk +- 0.4.3 + +* Sun Jul 24 2005 Couriousous 0.4.2-1mdk +- 0.4.2 ( Bugfix ) + +* Wed Jun 29 2005 Couriousous 0.4.1-1mdk +- 0.4.1 ( Bugfix ) + +* Fri May 13 2005 Emmanuel Blindauer 0.4.0-2mdk +- Rebuild for the right /var/lib + +* Thu May 12 2005 Emmanuel Blindauer 0.4.0-1mdk +- 0.4 release +- Rediff P1 + +* Fri Apr 01 2005 Couriousous 0.3.1-2mdk +- Package nxclient binary ( fix #15140 ) + +* Tue Mar 22 2005 Couriousous 0.3.1-1mdk +- Final 0.3.1 + +* Sat Mar 12 2005 Couriousous 0.3.1-0.pre1.1mdk +- Add bugfixes from upstream ( == 0.3.1-pre1 ) + +* Thu Mar 10 2005 Emmanuel Blindauer 0.3.0-3mdk +- Really fix permissions, only users in root group were able to log. + +* Thu Mar 10 2005 Emmanuel Blindauer 0.3.0-2mdk +- Fix permissions on node.conf (or no-one can log in) + +* Sun Mar 06 2005 Couriousous 0.3.0-1mdk +- 0.3.0 +- Some spec tweak + +* Wed Feb 23 2005 Couriousous 0.2.8-2mdk +- Try to fix bug #13670 + +* Fri Feb 11 2005 Couriousous 0.2.8-1mdk +- 0.2.8 + +* Sat Dec 25 2004 Couriousous 0.2.7-2mdk +- Better README.urpmi from Matthew Roller + +* Fri Dec 03 2004 couriousous 0.2.7-1mdk +- First Mandrakelinux release +- Automatic setup +- Set nx home as /var/lib/nxserver/nxhome +