Djam/freenx
1
0
Fork 0
mirror of https://abf.rosa.ru/djam/freenx.git synced 2025-02-22 21:42:58 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
freenx/freenx-server-0.7.3-lp-fixes.patch
Rosa 6b3c46d7e1 Automatic import for version 0.7.3
2012-02-01 21:01:36 +04:00

1193 lines
44 KiB
Diff
Raw Permalink Blame History

diff -rud -x .bzr freenx-server-0.7.3/ChangeLog freenx-server.fixes/ChangeLog
--- freenx-server-0.7.3/ChangeLog 2008-08-22 02:44:43.000000000 +0200
+++ freenx-server.fixes/ChangeLog 2009-11-23 10:16:13.106350517 +0100
@@ -1,3 +1,20 @@
+xx.11.2008 FreeNX 0.7.4
+ * Opened the 0.7.4 development.
+ * Fixed missing export of NX_ETC_DIR in Makefile,
+ so node.conf.sample is installed correctly.
+ (fabianx@bat.berlios.de)
+ * Fixed broken round-robin load balance algorithm.
+ (fabianx@bat.berlios.de)
+ * Fixed --terminate|--suspend|--force-terminate for
+ load balancing case.
+ (fabianx@bat.berlios.de)
+ * Fixed --terminate|--suspend|--force-terminate for
+ usermode case.
+ (fabianx@bat.berlios.de)
+ * Fixed non-encrypted session mode. You might need to
+ set EXTERNAL_PROXY_IP in node.conf.
+ (fabianx@bat.berlios.de)
+
18.08.2008 FreeNX 0.7.3 "Priscilla One Year Edition"
* Opened the 0.7.3 development.
* Added logging of failed authentication attempts
Only in freenx-server.fixes: data
diff -rud -x .bzr freenx-server-0.7.3/init.d/freenx-server freenx-server.fixes/init.d/freenx-server
--- freenx-server-0.7.3/init.d/freenx-server 2008-03-02 11:29:52.000000000 +0100
+++ freenx-server.fixes/init.d/freenx-server 2009-11-23 10:16:13.100350348 +0100
@@ -1,28 +1,43 @@
#!/bin/bash
-#
-# Sample startup script for FreeNX server
-#
-# Coypright (c) 2007 by Fabian Franz <freenx@fabian-franz.de>.
-#
-# License: GNU GPL, version 2
-#
-# SVN: $Id: freenx-server 485 2008-03-02 10:29:52Z fabianx $
-#
-# Read the config file
-. $(PATH=$(cd $(dirname $0) && pwd):$PATH which nxloadconfig) --
+### BEGIN INIT INFO
+# Provides: freenx_server
+# Required-Start: sshd
+# Required-Stop: sshd
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: FreeNX Server
+# Description: Cleanup FreeNX Server session database at boot time
+### END INIT INFO
+
+PATH_BIN=/usr/lib/nx
case "$1" in
start)
- [ ! -d "/tmp/.X11-unix" ] && mkdir -m1755 /tmp/.X11-unix/
+ if [ ! -e "/var/run/freenx-server" ]; then
+ [ ! -d "/tmp/.X11-unix" ] && mkdir -m1755 /tmp/.X11-unix/
+ $PATH_BIN/nxserver --cleanup
+ $PATH_BIN/nxserver --start
+ touch "/var/run/freenx-server";
+ else
+ echo "Not starting freenx-server, it's already started."
+ fi
+ ;;
+ restart|force-reload)
$PATH_BIN/nxserver --cleanup
$PATH_BIN/nxserver --start
+ touch "/var/run/freenx-server";
;;
stop)
$PATH_BIN/nxserver --stop
$PATH_BIN/nxserver --cleanup
- ;;
+ rm -f /var/run/freenx-server
+ ;;
+ status)
+ [ ! -e "/var/run/freenx-server" ] || exit 3
+ exit 0;
+ ;;
*)
- echo "Usage: $0 <start|stop>"
+ echo "Usage: $0 <start|restart|stop|force-reload|status>"
;;
esac
diff -rud -x .bzr freenx-server-0.7.3/Makefile freenx-server.fixes/Makefile
--- freenx-server-0.7.3/Makefile 2008-08-18 04:16:25.000000000 +0200
+++ freenx-server.fixes/Makefile 2009-11-23 10:16:13.102350032 +0100
@@ -8,7 +8,7 @@
all:
cd nxviewer-passwd && xmkmf && make Makefiles && make depend
source nxloadconfig &&\
- export PATH_BIN PATH_LIB CUPS_BACKEND NX_VERSION &&\
+ export PATH_BIN PATH_LIB CUPS_BACKEND NX_VERSION NX_ETC_DIR &&\
for i in $(SUBDIRS) ; \
do\
echo "making" all "in $$i..."; \
@@ -35,14 +35,29 @@
#$(MAKE) suid_install
clean:
- make -C nxviewer-passwd clean
for i in $(SUBDIRS) ; \
do\
echo "making" clean "in $$i..."; \
- $(MAKE) -C $$i clean || exit 1;\
+ if test -e "$$i/Makefile"; \
+ then $(MAKE) -C $$i clean || exit 1;\
+ else echo ignoring $$i;\
+ fi;\
done
+ rm -f nxviewer-passwd/Makefile.back
+ rm -f nxviewer-passwd/Makefile
+ rm -f nxviewer-passwd/nxpasswd/Makefile
+ rm -f nxviewer-passwd/libvncauth/Makefile
install:
source nxloadconfig &&\
- export PATH_BIN PATH_LIB CUPS_BACKEND NX_VERSION &&\
+ export PATH_BIN PATH_LIB CUPS_BACKEND NX_VERSION NX_ETC_DIR &&\
$(MAKE) nxenv_install
+
+debian-tarball:
+ mkdir freenx-server
+ cp -r * freenx-server || echo 0
+ sed "s/NX_VERSION=3.2.0-74-SVN/NX_VERSION=3.2.0-74-TEAMBZR`bzr revno`/" nxloadconfig > freenx-server/nxloadconfig
+ rm -rf freenx-server/.bzr*
+ rm -rf freenx-server/freenx-server
+ [ -d ".bzr" ] && tar -czf ../freenx-server_0.7.3+teambzr`bzr revno`.orig.tar.gz freenx-server
+ rm -rf freenx-server
diff -rud -x .bzr freenx-server-0.7.3/node.conf.sample freenx-server.fixes/node.conf.sample
--- freenx-server-0.7.3/node.conf.sample 2008-08-22 02:44:43.000000000 +0200
+++ freenx-server.fixes/node.conf.sample 2009-11-23 10:16:13.102350032 +0100
@@ -37,7 +37,7 @@
#
# https://mail.kde.org/mailman/listinfo/freenx-knx
#
-# SVN: $Id: node.conf.sample 580 2008-08-22 00:44:43Z fabianx $
+# SVN: $Id: node.conf.sample 613 2008-09-01 20:42:31Z fabianx $
#########################################################################
# General FreeNX directives
@@ -47,6 +47,11 @@
# different than the default hostname (as returned by `hostname`)
#SERVER_NAME="$(hostname)"
+# The node ip which is used by NX Node in unecnrypted session mode.
+# Set it if you want to use a specific external ip or the autodetection
+# is not working.
+#EXTERNAL_PROXY_IP=""
+
# The port number where local 'sshd' is listening.
#SSHD_PORT=22
@@ -501,6 +506,11 @@
#USER_X_STARTUP_SCRIPT=.Xclients
#DEFAULT_X_SESSION=/etc/X11/xdm/Xsession
+# When the session is started some distros execute some scripts to get the
+# environment ready. Set 1 if you want DEFAULT_X_SESSION to be called before
+# executing the session.
+#BOOTSTRAP_X_SESSION="0"
+
# The key that contains the name of the script that starts a KDE session.
# It's run when a 'unix-kde' session is requested by the client.
#COMMAND_START_KDE=startkde
diff -rud -x .bzr freenx-server-0.7.3/nxdesktop_helper freenx-server.fixes/nxdesktop_helper
--- freenx-server-0.7.3/nxdesktop_helper 2008-08-06 00:52:30.000000000 +0200
+++ freenx-server.fixes/nxdesktop_helper 2009-11-23 10:16:13.099350087 +0100
@@ -37,8 +37,11 @@
agent_password=$(url_decode "$agent_password")
agent_password=$(url_decode "$agent_password")
+[ "$agent_domain" = "" ] || DOMAIN="-d $agent_domain"
+[ "$windows_app" = "$0" ] || [ "$windows_app" = "" ] || APPLICATION="-s \"$windows_app\""
+
# setup commandline
-set -- -u "$agent_user" -k "$agent_keyboard" -d "$agent_domain" -f -s "$windows_app" $AGENT_EXTRA_OPTIONS_RDP "$agent_server"
+set -- -u "$agent_user" -k "$agent_keyboard" $APPLICATION $DOMAIN -f $AGENT_EXTRA_OPTIONS_RDP "$agent_server"
if [ -n "$agent_password" ]
then
diff -rud -x .bzr freenx-server-0.7.3/nxdialog freenx-server.fixes/nxdialog
--- freenx-server-0.7.3/nxdialog 2008-03-11 00:01:03.000000000 +0100
+++ freenx-server.fixes/nxdialog 2009-11-23 10:16:13.102350032 +0100
@@ -76,7 +76,10 @@
# This is now fixed in NXClient 3.0.0, but still people sometimes use
# older clients.
-NXCLIENT="/usr/NX/bin/nxclient"
+[ -x "/usr/bin/nxclient" ] && NXCLIENT="/usr/bin/nxclient"
+[ -x "/usr/NX/bin/nxclient" ] && NXCLIENT="/usr/NX/bin/nxclient"
+[ -z "$NXCLIENT" ] && NXCLIENT="/usr/NX/bin/nxclient"
+
[ -x "$NXCLIENT" -a "$DIALOG_TYPE" != "printer" -a "$(file -bi $NXCLIENT)" != 'application/x-shellscript' ] \
&& exec ${NXCLIENT} "${PARAMS[@]}"
diff -rud -x .bzr freenx-server-0.7.3/nxkeygen freenx-server.fixes/nxkeygen
--- freenx-server-0.7.3/nxkeygen 2008-03-11 00:01:03.000000000 +0100
+++ freenx-server.fixes/nxkeygen 2009-11-23 10:16:13.099350087 +0100
@@ -18,7 +18,7 @@
# Read the config file
. $(PATH=$(cd $(dirname $0) && pwd):$PATH which nxloadconfig) --
-NX_KEY_DIR="$NX_HOME_DIR/.ssh"
+[ -z "$NX_KEY_DIR" ] && NX_KEY_DIR="$NX_HOME_DIR/.ssh"
DATE="`date '+%Y%m%d-%H%M%S'`"
NX_CLIENT_KEY="${NX_KEY_DIR}/client.id_dsa.key"
NX_SERVER_KEY="${NX_KEY_DIR}/server.id_dsa.pub.key"
@@ -69,5 +69,10 @@
echo "on their computers."
}
+if [ -f "${NX_SERVER_KEY}" -a -f "${NX_CLIENT_KEY}" -a ! -z "$NX_DONT_OVERRIDE" ]; then
+ echo "Not overriding the existing key"
+ exit
+fi
+
main "$@"
diff -rud -x .bzr freenx-server-0.7.3/nxloadconfig freenx-server.fixes/nxloadconfig
--- freenx-server-0.7.3/nxloadconfig 2008-08-22 02:44:43.000000000 +0200
+++ freenx-server.fixes/nxloadconfig 2009-11-23 10:16:13.103349734 +0100
@@ -5,7 +5,7 @@
#
# License: GPL, version 2
#
-# SVN: $Id: nxloadconfig 580 2008-08-22 00:44:43Z fabianx $
+# SVN: $Id: nxloadconfig 613 2008-09-01 20:42:31Z fabianx $
#
# ========================================================================
@@ -52,7 +52,7 @@
# DO NOT TOUCH unless you REALLY know what you are doing
#########################################################################
-NX_VERSION=3.2.0-73
+NX_VERSION=3.2.0-74-SVN
NX_LICENSE="OS (GPL, using backend: %BACKEND%)"
# Where can different nx components be found
@@ -85,7 +85,15 @@
# General FreeNX directives
SERVER_NAME="$(hostname)"
-SSHD_PORT=22
+EXTERNAL_PROXY_IP=""
+if [ -r "/etc/ssh/sshd_config" ]
+then
+ SSHD_PORT=$(grep "^ *Port " -m 1 /etc/ssh/sshd_config | awk '{ print $2 ;}')
+ [ -z $(echo "$SSHD_PORT" | egrep "^[1-9][0-9]{0,4}$") ] && SSHD_PORT=22
+else
+ SSHD_PORT=22
+fi
+
# Authentication / Security directives
@@ -184,8 +192,14 @@
DEFAULT_X_WM=""
KILL_DEFAULT_X_WM="1"
+BOOTSTRAP_X_SESSION="0"
USER_X_STARTUP_SCRIPT=.Xclients
DEFAULT_X_SESSION=/etc/X11/xdm/Xsession
+COMMAND_GDM_X_SESSION="/etc/gdm/Xsession custom"
+if [ ! -x "$COMMAND_GDM_X_SESSION" ]
+then
+ COMMAND_GDM_X_SESSION="/etc/X11/Xsession"
+fi
COMMAND_START_KDE=startkde
COMMAND_START_GNOME=gnome-session
COMMAND_START_CDE=cdwm
@@ -207,6 +221,21 @@
COMMAND_X11VNC="x11vnc"
COMMAND_TASKSET="taskset"
+COMMAND_NXSHADOWACL="$PATH_BIN/nxshadowacl"
+COMMAND_NXACL="$PATH_BIN/nxacl"
+COMMAND_NXCHECKLOAD="$PATH_BIN/nxcheckload"
+COMMAND_NXAGENT="$PATH_BIN/nxagent"
+
+# Guest directives
+ENABLE_GUEST_LOGIN="0"
+COMMAND_GUEST_LOGIN="/usr/lib/nx/guest/nxnode"
+# Try to use protected enviroment for guest sessions
+COMMAND_GUEST_X_SESSION="/usr/share/gdm/guest-session/Xsession custom"
+if [ ! -x "/usr/share/gdm/guest-session/Xsession" ]
+then
+ COMMAND_GUEST_X_SESSION=$COMMAND_GDM_X_SESSION
+fi
+
# Misc directives
ENABLE_1_5_0_BACKEND=""
@@ -287,12 +316,25 @@
{ ! mywhich "$PATH_BIN/nxdesktop"; } >/dev/null 2>&1 && ENABLE_EXTERNAL_NXDESKTOP="1"
{ ! mywhich "$PATH_BIN/nxviewer"; } >/dev/null 2>&1 && ENABLE_EXTERNAL_NXVIEWER="1"
{ ! mywhich "$COMMAND_VNCPASSWD" && which vncpasswd; } >/dev/null 2>&1 && COMMAND_VNCPASSWD=$(which vncpasswd)
+ { ! mywhich "$COMMAND_NXSHADOWACL" && test -f /etc/nxserver/nxshadowacl; } >/dev/null 2>&1 && COMMAND_NXSHADOWACL=/etc/nxserver/nxshadowacl
+ { ! mywhich "$COMMAND_NXACL" && test -f /etc/nxserver/nxacl; } >/dev/null 2>&1 && COMMAND_NXACL=/etc/nxserver/nxacl
+ { ! mywhich "$COMMAND_NXCHECKLOAD" && test -f /etc/nxserver/nxcheckload; } >/dev/null 2>&1 && COMMAND_NXCHECKLOAD=/etc/nxserver/nxcheckload
+ { ! mywhich "$COMMAND_NXAGENT" && which nxagent; } >/dev/null 2>&1 && COMMAND_NXAGENT=$(which nxagent)
fi
#########################################################################
# node.conf file evaluation
#########################################################################
+SHARED_CONFS="/usr/share/freenx-server"
+if [ -d $SHARED_CONFS/node.conf.d ]
+then
+ for i in $SHARED_CONFS/node.conf.d/*
+ do
+ [ -e $i ] && . $i
+ done
+fi
+
if [ -d $NX_ETC_DIR/node.conf.d ]
then
for i in $NX_ETC_DIR/node.conf.d/*
@@ -317,7 +359,7 @@
[ -z "$APPLICATION_LIBRARY_PATH" ] && APPLICATION_LIBRARY_PATH=$PATH_LIB
[ -z "$APPLICATION_LIBRARY_PRELOAD" ] && APPLICATION_LIBRARY_PRELOAD="$APPLICATION_LIBRARY_PATH/libX11.so.6.2:$APPLICATION_LIBRARY_PATH/libXext.so.6.4:$APPLICATION_LIBRARY_PATH/libXcomp.so:$APPLICATION_LIBRARY_PATH/libXcompext.so:$APPLICATION_LIBRARY_PATH/libXrender.so.1.2"
-NX_BACKEND_VERSION=$(strings $PATH_BIN/nxagent 2>/dev/null | egrep 'NXAGENT - Version' | sed 's/.*Version //g')
+NX_BACKEND_VERSION=$(strings $COMMAND_NXAGENT 2>/dev/null | egrep 'NXAGENT - Version' | sed 's/.*Version //g')
[ "$ENABLE_1_5_0_BACKEND" = "1" ] && NX_BACKEND_VERSION="1.5.0" # forced the backend
@@ -354,19 +396,19 @@
ERROR="yes" && echo "Error: Invalid value \"PATH_BIN=$PATH_BIN\""
# Check for NX agents ...
- [ ! -x "$PATH_BIN/nxagent" ] && \
+ [ ! -x "$COMMAND_NXAGENT" ] && \
ERROR="yes" && echo "Error: Could not find nxagent in $PATH_BIN. Please install some OSS components."
- if [ "ENABLE_EXTERNAL_NXDESKTOP" = "1" ]
+ if [ "$ENABLE_EXTERNAL_NXDESKTOP" = "1" ]
then
[ ! mywhich "$COMMAND_RDESKTOP" >/dev/null 2>&1 ] && \
WARNING="yes" && echo "Warning: Could not find COMMAND_RDESKTOP=$COMMAND_RDESKTOP. RDP sessions won't work."
else
[ ! -x "$PATH_BIN/nxdesktop" ] && \
- WARNING="yes" && echo "Warning: Could not find nxdesktop in $PATH_BIN. RDP sessions won't work."
+ WARNING="yes" && echo "Warning: Could not find nxdesktop in $PATH_BIN. RDP sessions won't work. Ignore if you use NX > 3.2"
fi
- if [ "ENABLE_EXTERNAL_NXVIEWER" = "1" ]
+ if [ "$ENABLE_EXTERNAL_NXVIEWER" = "1" ]
then
[ ! mywhich "$COMMAND_VNCVIEWER" >/dev/null 2>&1 ] && \
WARNING="yes" && echo "Warning: Could not find COMMAND_VNCVIEWER=$COMMAND_VNCVIEWER. VNC sessions won't work."
@@ -374,7 +416,7 @@
WARNING="yes" && echo "Warning: Could not find COMMAND_VNCPASSWD=$COMMAND_VNCPASSWD. VNC sessions won't work."
else
[ ! -x "$PATH_BIN/nxviewer" ] && \
- WARNING="yes" && echo "Warning: Could not find nxviewer in $PATH_BIN. VNC sessions won't work."
+ WARNING="yes" && echo "Warning: Could not find nxviewer in $PATH_BIN. VNC sessions won't work. Ignore if you use NX > 3.2"
fi
[ ! mywhich "$COMMAND_X11VNC" >/dev/null 2>&1 ] && \
@@ -400,10 +442,12 @@
OLD_IFS=$IFS
IFS=":"
- for LIBRARY in $APPLICATION_LIBRARY_PRELOAD; do
- [ ! -e $LIBRARY ] && \
- WARNING="yes" && echo "Warning: Invalid value \"APPLICATION_LIBRARY_PRELOAD=$APPLICATION_LIBRARY_PRELOAD\". $LIBRARY could not be found. Users will not be able to run a single application in non-rootless mode." && break ;
- done
+ if [ "$SET_LD_LIBRARY_PATH" = "1" ]; then
+ for LIBRARY in $APPLICATION_LIBRARY_PRELOAD; do
+ [ ! -e $LIBRARY ] && \
+ WARNING="yes" && echo "Warning: Invalid value \"APPLICATION_LIBRARY_PRELOAD=$APPLICATION_LIBRARY_PRELOAD\". $LIBRARY could not be found. Users will not be able to run a single application in non-rootless mode." && break ;
+ done
+ fi
IFS=$OLD_IFS
[ -z "$SSH_AUTHORIZED_KEYS" ] && \
@@ -579,7 +623,7 @@
&& echo " Users will not be able to enable printing."
[ -z "$(strings $COMMAND_CUPSD | egrep 'CUPS\/1.2')" ] && \
WARNING="yes" && echo "Warning: Invalid cupsd version of \"$COMMAND_CUPSD\". Need version 1.2." \
- && echo " Users will not be able to enable printing."
+ && echo " Users will not be able to enable printing. Ignore if you use cups > 1.2"
! mywhich "$COMMAND_MD5SUM" >/dev/null 2>&1 && \
ERROR="yes" && echo "Error: Invalid value \"COMMAND_MD5SUM=$COMMAND_MD5SUM\""
@@ -606,8 +650,8 @@
[ -z $(echo "$ENABLE_ROOTLESS_MODE" | egrep "^[0|1]$") ] && \
ERROR="yes" && echo "Error: Invalid value \"ENABLE_ROOTLESS_MODE=$ENABLE_ROOTLESS_MODE\""
- [ -z "$(strings $PATH_BIN/nxagent | egrep 'NXAGENT - Version 1.5.0|NXAGENT - Version 2.[01].0|NXAGENT - Version 3.[012].0')" ] && \
- WARNING="yes" && echo "Error: Could not find 1.5.0 or 2.[01].0 or 3.[01].0 version string in nxagent. NX 1.5.0 or 2.[01].0 or 3.[012].0 backend is needed for this version of FreeNX."
+ [ -z "$(strings $COMMAND_NXAGENT | egrep 'NXAGENT - Version 1.5.0|NXAGENT - Version 2.[01].0|NXAGENT - Version 3.[0123].0')" ] && \
+ WARNING="yes" && echo "Error: Could not find 1.5.0 or 2.[01].0 or 3.[0123].0 version string in nxagent. NX 1.5.0 or 2.[01].0 or 3.[0123].0 backend is needed for this version of FreeNX."
[ -z $(echo "$ENABLE_USESSION" | egrep "^[0|1]$") ] && \
ERROR="yes" && echo "Error: Invalid value \"ENABLE_USESSION=$ENABLE_USESSION\""
diff -rud -x .bzr freenx-server-0.7.3/nxnode freenx-server.fixes/nxnode
--- freenx-server-0.7.3/nxnode 2008-08-22 02:44:43.000000000 +0200
+++ freenx-server.fixes/nxnode 2009-11-23 10:16:13.104350274 +0100
@@ -13,7 +13,7 @@
#
# License: GNU GPL, version 2
#
-# SVN: $Id: nxnode 580 2008-08-22 00:44:43Z fabianx $
+# SVN: $Id: nxnode 613 2008-09-01 20:42:31Z fabianx $
#
# 21.06.2004: - Full reconnection support
@@ -217,7 +217,11 @@
unix-cde)
NODE_STARTX=$COMMAND_START_CDE
;;
- unix-application|windows-helper|vnc-helper)
+ windows-helper)
+ application="$PATH_BIN/nxdesktop_helper"
+ NODE_STARTX=$application
+ ;;
+ unix-application|vnc-helper)
[ "$application" = "xterm" ] && application=$COMMAND_XTERM
NODE_STARTX=$application
;;
@@ -303,6 +307,7 @@
fi
[ "$cups" = "1" -a "$ENABLE_CUPS_SERVER_EXPORT" = "1" ] && export CUPS_SERVER="$USER_FAKE_HOME/.nx/C-$sess_id/cups/cups.sock"
+ [ "$samba" = "1" -a "$ENABLE_CUPS_SERVER_EXPORT" = "1" ] && [ -d "$USER_FAKE_HOME/.nx/C-$sess_id/cups" ] && export CUPS_SERVER="$USER_FAKE_HOME/.nx/C-$sess_id/cups/cups.sock"
if [ "$ENABLE_SAMBA_PRELOAD" = "1" -a -x "$PATH_BIN/nxredir" ]
then
@@ -332,6 +337,33 @@
[ -d /etc/X11/Xresources ] && xrdb -display :$display -merge /etc/X11/Xresources/* >>"$USER_FAKE_HOME/.nx/C-$sess_id/session" 2>&1
#
+ # Use Xsession to execute the Desktop session
+ #
+
+ case $type in
+ unix-gnome)
+ export STARTUP="$NODE_APPLICATION"
+ if [ "$login_method" = "GUEST" ]
+ then
+ NODE_APPLICATION=$COMMAND_GUEST_X_SESSION
+ elif [ "$BOOTSTRAP_X_SESSION" = "1" ]
+ then
+ NODE_APPLICATION=$COMMAND_GDM_X_SESSION
+ fi
+ ;;
+ unix-kde|unix-cde)
+ export STARTUP="$NODE_APPLICATION"
+ if [ "$login_method" = "GUEST" ]
+ then
+ NODE_APPLICATION=$COMMAND_GUEST_X_SESSION
+ elif [ "$BOOTSTRAP_X_SESSION" = "1" ]
+ then
+ NODE_APPLICATION=$DEFAULT_X_SESSION
+ fi
+ ;;
+ esac
+
+ #
# Startup the application
#
@@ -370,6 +402,12 @@
node_agent_persistent_session()
{
P="-nopersistent"
+ # Guest sessions are always nonpersistent
+ if [ "$login_method" = "GUEST" ]
+ then
+ echo "$P"
+ return
+ fi
OLD_IFS=$IFS
IFS=","
[ "$ENABLE_PERSISTENT_SESSION" = "all" ] && P="-persistent"
@@ -540,7 +578,8 @@
# Start the agent
- PATH="$PATH_BIN:$PATH" $PATH_BIN/nxagent $P $R -name "NX - $user@$SERVER_NAME:$display - $session (GPL Edition)" -option "$USER_FAKE_HOME/.nx/C-$sess_id/options" $K $G $B $FP $AGENT_EXTRA_OPTIONS_X :$display 2>&3 &
+ #PATH="$PATH_BIN:$PATH" $COMMAND_NXAGENT $P $R -name "NX - $user@$SERVER_NAME:$display - $session (GPL Edition)" -option "$USER_FAKE_HOME/.nx/C-$sess_id/options" $K $G $B $FP $AGENT_EXTRA_OPTIONS_X :$display 2>&3 &
+ PATH="$PATH_BIN:$PATH" $COMMAND_NXAGENT $P $R -name "NX - $user@$SERVER_NAME:$display - $session (GPL Edition)" -option "$USER_FAKE_HOME/.nx/C-$sess_id/options" $B $FP $AGENT_EXTRA_OPTIONS_X :$display 2>&3 &
fi
#
@@ -699,7 +738,15 @@
[ -e "$USER_FAKE_HOME/.nx/C-$sess_id/scripts/mpoint" ] || return
cat "$USER_FAKE_HOME/.nx/C-$sess_id/scripts/mpoint" | while read mpoint
do
- $COMMAND_SMBUMOUNT "$mpoint" >/dev/null 2>/dev/null
+ for i in `seq 1 15` ; do
+ if [ "$(mount | grep "$mpoint" | wc -l)" -ne 0 ] ; then
+ $COMMAND_SMBUMOUNT "$mpoint" >/dev/null 2>/dev/null
+ [ $? -ne 0 ] && $COMMAND_SMBUMOUNT -f "$mpoint" >/dev/null 2>/dev/null
+ else
+ break
+ fi
+ sleep 0.5s
+ done
done
}
@@ -842,9 +889,9 @@
if stringinstring "Session: Display failure detected at" "$line"
then
- echo "NX> 596 Error: Session $1 failed. Reason was: $line"
if [ "$1" = "restore" ]
then
+ echo "NX> 596 Error: Session $1 failed. Reason was: $line"
kill $NODE_TAIL_PID
break
fi
@@ -1030,6 +1077,7 @@
session=$(getparam session)
type=$(getparam type | sed 's/%2d/-/g')
application=$(getparam application)
+ windows_app=$(getparam application)
cache=$(getparam cache)
images=$(getparam images)
cookie=$(getparam cookie)
@@ -1078,6 +1126,8 @@
# Rootless fix from 2x nxserver 1.5.0
realtype=$type
[ "$type" = "unix-application" -o "$type" = "unix-default" ] && realtype="unix-desktop"
+ [ "$type" = "unix-gnome" ] && realtype="gnome"
+ [ "$type" = "unix-kde" ] && realtype="kde"
# NX 2.1.0 file-sharing port options
client=$(getparam client)
@@ -1132,6 +1182,8 @@
shadowdisplay=$(getparam shadowdisplay)
shadowhost=$(getparam shadowhost)
+ # Authentication method needed by guest mode.
+ login_method=$(getparam login_method)
sess_id="$SERVER_NAME-$display-$uniqueid"
NXSESSION_DIRECTORY="$USER_FAKE_HOME/.nx/C-$sess_id"
@@ -1143,7 +1195,7 @@
export agent_password
export agent_server
export agent_domain
- export windows_app=$application
+ export windows_app
agent_keyboard=""
[ "$ENABLE_EXTERNAL_NXDESKTOP_KEYBOARD" = "1" ] && agent_keyboard=$(echo "$keyboard" | cut -d'/' -f2)
export agent_keyboard
@@ -1184,6 +1236,17 @@
[ -z "$userip" -a "$host" = "127.0.0.1" ] && userip="127.0.0.1"
[ -z "$userip" ] && userip="*"
fi
+
+ # We need our own external IP
+ proxyip="$EXTERNAL_PROXY_IP"
+
+ if [ -z "$proxyip" -a -n "$host" ]
+ then
+ [ "$host" = "127.0.0.1" ] && host=$(hostname)
+ proxyip=$(ping -c1 "$host" | grep 'PING' | cut -d'(' -f2 | cut -d')' -f1)
+ fi
+
+ [ -z "$proxyip" ] && proxyip="127.0.0.1"
# ok, lets make the session dir first:
@@ -1245,7 +1308,7 @@
umask 0077
cat << EOF > "$USER_FAKE_HOME/.nx/C-$sess_id/options"
-${keyboard:+keyboard=$keyboard,}${kbtype:+kbtype=$kbtype,}${kbload:+kbload=$kbload,}${keymap:+keymap=$keymap,}${resize:+resize=$resize,}${CACHE}${IMAGES}${PACK}link=$link,nodelay=$nodelay,type=$realtype,cleanup=0,${ACCEPT}cookie=$proxy_cookie,id=$sess_id,samba=$samba,media=$media${sync:+,sync=$sync}${cups:+,cups=$cups}${keybd:+,keybd=$keybd}${aux:+,aux=$aux}${http:+,http=$http}${rdpcolors:+,rdpcolors=$rdpcolors}${rdpcache:+,rdpcache=$rdpcache}${fullscreen:+,fullscreen=1}${clipboard:+,clipboard=$clipboard}${menu:+,menu=$menu}:$display
+nx/nx,${keyboard:+keyboard=$keyboard,}${kbtype:+kbtype=$kbtype,}${kbload:+kbload=$kbload,}${keymap:+keymap=$keymap,}${geometry:+geometry=$geometry,}${client:+client=$client,}${resize:+resize=$resize,}${CACHE}${IMAGES}${PACK}link=$link,nodelay=$nodelay,type=$realtype${clipboard:+,clipboard=$clipboard}${composite:+composite=$composite},cleanup=0,product=LFE/None/LFEN/None,shmem=1,${backingstore:+backingstore=$backingstore,}shpix=1,${ACCEPT}cookie=$proxy_cookie,id=$sess_id,samba=$samba,media=$media${sync:+,sync=$sync}${cups:+,cups=$cups}${keybd:+,keybd=$keybd}${aux:+,aux=$aux}${http:+,http=$http}${rdpcolors:+,rdpcolors=$rdpcolors}${rdpcache:+,rdpcache=$rdpcache}${fullscreen:+,fullscreen=1}${menu:+,menu=$menu}:$display
EOF
umask $OLD_UMASK
#samba=$samba,
@@ -1316,7 +1379,7 @@
NX> 705 Session display: $display
NX> 703 Session type: $type
NX> 701 Proxy cookie: $proxy_cookie
-NX> 702 Proxy IP: $userip
+NX> 702 Proxy IP: $proxyip
NX> 706 Agent cookie: $cookie
NX> 704 Session cache: $type
NX> 707 SSL tunneling: $ssl_tunnel
@@ -1509,7 +1572,7 @@
echo "NX> 716 Starting NX Agent ..."
shift
[ "$SET_LD_LIBRARY_PATH" = "1" ] && export LD_LIBRARY_PATH="$AGENT_LIBRARY_PATH:$LD_LIBRARY_PATH"
- PATH="$PATH:$PATH_BIN" $PATH_BIN/nxagent -name "NX Agent Test - Args: $@" $@
+ PATH="$PATH:$PATH_BIN" $COMMAND_NXAGENT -name "NX Agent Test - Args: $@" $@
echo "NX> 716 NX Agent exited with status: $?"
;;
--setkey)
diff -rud -x .bzr freenx-server-0.7.3/nxnode-login freenx-server.fixes/nxnode-login
--- freenx-server-0.7.3/nxnode-login 2008-03-11 00:01:03.000000000 +0100
+++ freenx-server.fixes/nxnode-login 2009-11-23 10:16:13.105349977 +0100
@@ -61,7 +61,10 @@
if { "$auth_method"=="ssh" } {
set pid [spawn -noecho $command_ssh -2 -x -l "$user" "$host" -o "NumberOfPasswordPrompts 1" -p "$port" "$executable $command" ]
} elseif { "$auth_method"=="su" } {
+ set env(LANG) "C"
set pid [spawn -noecho su - "$user" -c "$executable $command" ]
+} elseif { "$auth_method"=="guest" } {
+ set pid [spawn -noecho $executable $command ]
} else {
exit 1
}
diff -rud -x .bzr freenx-server-0.7.3/nxredir/Makefile freenx-server.fixes/nxredir/Makefile
--- freenx-server-0.7.3/nxredir/Makefile 2008-07-31 20:12:33.000000000 +0200
+++ freenx-server.fixes/nxredir/Makefile 2009-11-23 10:16:13.100350348 +0100
@@ -1,14 +1,16 @@
-all: libnxredir.so.0
+all: libnxredir.so
CC=gcc
CFLAGS=-g -O2 -Wall -fPIC
-LIBNAME=libnxredir.so.0
+LIBNAME=libnxredir.so
+VERSION=0
-libnxredir.so.0: nxredir.o
- $(CC) -fPIC $(CFLAGS) -nostdlib -shared -o $(LIBNAME) nxredir.o -ldl -lc
+libnxredir.so: nxredir.o
+ $(CC) -fPIC $(CFLAGS) -nostdlib -shared -Wl,-soname,$(LIBNAME).$(VERSION) -o $(LIBNAME).$(VERSION) nxredir.o -ldl -lc
clean:
rm -f $(LIBNAME)
+ rm -f $(LIBNAME).$(VERSION)
rm -f *.o
ifneq ($(NX_VERSION),)
@@ -21,7 +23,7 @@
perl -pi -e "s,CUPS_BACKEND=.*,CUPS_BACKEND=\"$$CUPS_BACKEND\",g" $(DESTDIR)/$$CUPS_BACKEND/nxsmb
else
install: all
- install -m755 libnxredir.so.0 $(DESTDIR)/usr/lib
+ install -m755 libnxredir.so $(DESTDIR)/usr/lib
install -m755 nxredir $(DESTDIR)/usr/bin
install -m755 nxsmb $(DESTDIR)/usr/lib/cups/backend/
endif
diff -rud -x .bzr freenx-server-0.7.3/nxserver freenx-server.fixes/nxserver
--- freenx-server-0.7.3/nxserver 2008-08-22 02:44:43.000000000 +0200
+++ freenx-server.fixes/nxserver 2009-11-23 10:16:13.100350348 +0100
@@ -11,7 +11,7 @@
#
# License: GNU GPL, version 2
#
-# SVN: $Id: nxserver 580 2008-08-22 00:44:43Z fabianx $
+# SVN: $Id: nxserver 612 2008-08-25 03:28:15Z fabianx $
#
# Read the config file
@@ -295,9 +295,9 @@
then
[ -z "$(getparam shadowcookie)" ] && continue
- if [ -x "$PATH_BIN/nxshadowacl" ]
+ if [ -x "$COMMAND_NXSHADOWACL" ]
then
- $PATH_BIN/nxshadowacl "$(getparam userName)" "$USER" || continue
+ $COMMAND_NXSHADOWACL "$(getparam userName)" "$USER" || continue
fi
fi
fi
@@ -334,7 +334,7 @@
elif [ "$4" = "shadow" ]
then
available=$(getparam status)
- printf "%-7s %-16s %32s %8s %5s %-14s %-11s %s\n" "$(getparam display)" "$(getparam type)" "$(getparam sessionId)" "$options" "$depth" "$geom" "$available" "$(getparam sessionName) (Shadowed)" >> $TMPFILE
+ printf "%-7s %-16s %32s %8s %5s %-14s %-11s %s\n" "$(getparam display)" "$(getparam type)" "$(getparam sessionId)" "$options" "$depth" "$geom" "$available" "$(getparam sessionName) ($(getparam userName)) (Shadowed)" >> $TMPFILE
else
# only unix-* sessions can be resumed, but other session types can still be terminated
stringinstring "unix-" "$4" || available="N/A"
@@ -344,14 +344,14 @@
egrep -q "^userName=$1$" $i && let SESSION_COUNT_USER=$SESSION_COUNT_USER+1
done
- if [ "$4" = "vnc" -a "$ENABLE_DESKTOP_SHARING" = "1" ]
+ if [ "$4" = "vnc" -o "$4" = "shadow" -a "$ENABLE_DESKTOP_SHARING" = "1" ]
then
export DESKTOP_SHARING_IDS=""
for i in $(LC_ALL=C netstat -ln --protocol=unix | egrep 'X11-unix/X[0-9]$' | sed 's/.*X\(.*\)/\1/g')
do
uniqueid=$(echo $[$RANDOM*$RANDOM] | $COMMAND_MD5SUM | cut -d" " -f1 | tr "[a-z]" "[A-Z]")
DESKTOP_SHARING_IDS="$DESKTOP_SHARING_IDS $uniqueid=$i"
- printf "%-7s %-16s %32s %8s %5s %-14s %-11s %s\n" "$i" "vnc-local" "$uniqueid" "--------" "$udepth" "$(echo $3 | cut -d'x' -f1,2)" "Running" "X$i (Local)" >> $TMPFILE
+ printf "%-7s %-16s %32s %8s %5s %-14s %-11s %s\n" "$i" "Local" "$uniqueid" "--------" "$udepth" "$(echo $3 | cut -d'x' -f1,2)" "Running" "X$i (Local)" >> $TMPFILE
done
fi
@@ -796,6 +796,33 @@
USER=$USER2
+ # Guest authentication
+ if [ "$USER" = "NX guest user" ]
+ then
+ if [ "$ENABLE_GUEST_LOGIN" != "1" -o ! -x "$COMMAND_GUEST_LOGIN" ]
+ then
+ if [ "$ENABLE_GUEST_LOGIN" != "1" ]
+ then
+ echo_x "NX> 404 ERROR: guest authentication not enabled"
+ else
+ echo_x "NX> 404 ERROR: $COMMAND_GUEST_LOGIN not correct"
+ fi
+ echo_x "NX> 999 Bye"
+ if [ "$ENABLE_LOG_FAILED_LOGINS" = "1" ]
+ then
+ logger -t nxserver -i -p auth.info "($(whoami)) Failed login for user=$USER from IP=$(echo $SSH_CLIENT | awk '{print $1}')"
+ fi
+ exit 1
+ fi
+ log 6 -n "guest "
+ nxnode_login "" -- guest "" "" "$COMMAND_GUEST_LOGIN" --check 2>&1 >/dev/null
+ if [ $? -eq 0 ]
+ then
+ LOGIN_SUCCESS="1"
+ LOGIN_METHOD="GUEST"
+ fi
+ fi
+
# PASSDB based auth
if [ "$ENABLE_PASSDB_AUTHENTICATION" = "1" -a "$LOGIN_SUCCESS" = "0" ]
then
@@ -916,7 +943,10 @@
export NODE_HOSTNAME
# Use nxnode-login?
- if [ "$LOGIN_METHOD" = "SSH" ]
+ if [ "$LOGIN_METHOD" = "GUEST" ]
+ then
+ NXNODE_TOSEND="$@" nxnode_login "" -- guest "" "" "$COMMAND_GUEST_LOGIN" "$CMD" 2>&1 | log_tee
+ elif [ "$LOGIN_METHOD" = "SSH" ]
then
export COMMAND_SSH
NXNODE_TOSEND="$@" nxnode_login "$PASS" -- ssh "$USER" "$SSHD_PORT" "$PATH_BIN/nxnode" "$CMD" 2>&1 | log_tee
@@ -987,10 +1017,10 @@
do
case "$CMD" in
"NX> 706"*)
- if [ -x "$PATH_BIN/nxshadowacl" ]
+ if [ -x "$COMMAND_NXSHADOWACL" ]
then
# check if we should save the cookie
- $PATH_BIN/nxshadowacl "$USER"
+ $COMMAND_NXSHADOWACL "$USER"
if [ $? -eq 0 ]
then
@@ -1074,10 +1104,10 @@
do
case "$CMD" in
"NX> 706"*)
- if [ -x "$PATH_BIN/nxshadowacl" ]
+ if [ -x "$COMMAND_NXSHADOWACL" ]
then
# check if we should save the cookie
- $PATH_BIN/nxshadowacl "$USER"
+ $COMMAND_NXSHADOWACL "$USER"
if [ $? -eq 0 ]
then
@@ -1192,7 +1222,7 @@
# Lock held
SERVER_LB_NR=$(cat $NX_SESS_DIR/round-robin 2>/dev/null)
- let SERVER_LB_NR=(SERVER_LB_NR+1) % SERVER_LB_NR_OF_HOSTS
+ let SERVER_LB_NR=(SERVER_LB_NR+1)%SERVER_LB_NR_OF_HOSTS
echo $SERVER_LB_NR >$NX_SESS_DIR/round-robin
# Exit critical section
@@ -1211,7 +1241,7 @@
for i in $LOAD_BALANCE_SERVERS
do
- SERVER_LB_LOAD=$($NX_DIR/bin/nxcheckload $i)
+ SERVER_LB_LOAD=$($COMMAND_NXCHECKLOAD $i)
[ -z "$SERVER_LB_LOAD" ] && continue
if [ $SERVER_LB_LOAD -gt $SERVER_LB_MAX ]
@@ -1263,6 +1293,7 @@
server_get_params $CMD
PARAMS=$SERVER_PARAMS
PARAMS="$PARAMS&clientproto=$PROTO"
+ PARAMS="$PARAMS&login_method=$LOGIN_METHOD"
CMDLINE=$PARAMS
echo_x
@@ -1344,8 +1375,7 @@
if [ "$ENABLE_EXTERNAL_NXDESKTOP" = "1" -a "$(getparam type)" = "windows" ]
then
type="windows-helper"
- application="$PATH_BIN/nxdesktop_helper"
- PARAMS="$PARAMS&type=$type&application=$application&freenx_export_agents=1"
+ PARAMS="$PARAMS&type=$type&freenx_export_agents=1"
CMDLINE=$PARAMS
fi
@@ -1381,10 +1411,10 @@
return 1
fi
- if [ -x "$PATH_BIN/nxacl" ]
+ if [ -x "$COMMAND_NXACL" ]
then
- log 3 "Info: Using $PATH_BIN/nxacl to change session parameters or deny session."
- NEW_PARAMS=$($PATH_BIN/nxacl "$CMDLINE")
+ log 3 "Info: Using $COMMAND_NXACL to change session parameters or deny session."
+ NEW_PARAMS=$($COMMAND_NXACL "$CMDLINE")
if [ $? -ne 0 ]
then
echo_x "NX> 596 The session failed due to a nxacl policy setting: $NEW_PARAMS"
@@ -1444,6 +1474,14 @@
continue
fi
+ let PROXY_DISPLAY=$SESS_DISPLAY+4000
+ if $COMMAND_NETCAT -z "$SERVER_HOST" $PROXY_DISPLAY
+ then
+ log 2 "Warning: nxagent proxy without .nX$SESS_DISPLAY-lock found on host:port $SERVER_HOST:$AGENT_DISPLAY."
+ let SESS_DISPLAY=$SESS_DISPLAY+1
+ continue
+ fi
+
# Now check for the other enabled services
let SAMBA_DISPLAY=$SESS_DISPLAY+3000
@@ -1961,71 +1999,71 @@
session_history "$user" "$sessid"
}
-cmd_terminate()
+cmd_execute()
{
- CMD_PARAMS=$(cmd_parse_3_params "$2")
- [ -z "$CMD_PARAMS" ] && exit 1
- for i in $CMD_PARAMS;
+ cmd_host="$1"
+ cmd_user="$2"
+ cmd_cmd="$3"
+
+ if [ "$ENABLE_USERMODE_AUTHENTICATION" = "1" ]
+ then
+ sh -c "$cmd_cmd"
+ elif [ "$cmd_host" = "127.0.0.1" -o "$cmd_host" = "localhost" ]
+ then
+ su - "$cmd_user" -c "$cmd_cmd"
+ else
+ ssh "$cmd_host" su - "$cmd_user" -c "'$cmd_cmd'"
+ fi
+}
+
+cmd_terminate_or_send()
+{
+ CMD="$1"
+
+ if [ "$CMD" = "--broadcast" ]
+ then
+ CMD_PARAMS=$(session_find_all)
+ [ -z "$CMD_PARAMS" ] && cmd_abort "Error: No running session could be found."
+ else
+ CMD_PARAMS=$(cmd_parse_3_params "$2")
+ [ -z "$CMD_PARAMS" ] && exit 1
+ shift
+ fi
+ shift
+
+ for i in $CMD_PARAMS
do
CMDLINE=$(session_get_cmdline $i)
cmd_sessionid=$(getparam sessionId)
+ cmd_display=$(getparam display)
cmd_user=$(getparam userName)
cmd_type=$(getparam type)
cmd_status=$(getparam status)
+ cmd_host=$(getparam host)
# is it a "good" session?
- case "$1" in
+ case "$CMD" in
--suspend)
if [ "$cmd_status" = "Running" ] && stringinstring "unix-" "$cmd_type"
then
- echo "sessionid=$cmd_sessionid" | su - "$cmd_user" -c "$PATH_BIN/nxnode --suspend"
+ echo "sessionid=$cmd_sessionid" | cmd_execute "$cmd_host" "$cmd_user" "$PATH_BIN/nxnode --suspend"
fi
;;
--terminate)
- echo "sessionid=$cmd_sessionid" | su - "$cmd_user" -c "$PATH_BIN/nxnode --terminate"
+ echo "sessionid=$cmd_sessionid" | cmd_execute "$cmd_host" "$cmd_user" "$PATH_BIN/nxnode --terminate"
;;
--force-terminate)
- echo "sessionid=$cmd_sessionid" | su - "$cmd_user" -c "$PATH_BIN/nxnode --terminate"
+ echo "sessionid=$cmd_sessionid" | cmd_execute "$cmd_host" "$cmd_user" "$PATH_BIN/nxnode --terminate"
session_close $cmd_sessionid
;;
- esac
- done
-
-}
-
-cmd_send()
-{
- if [ "$1" = "--broadcast" ]
- then
- CMD_PARAMS=$(session_find_all)
- [ -z "$CMD_PARAMS" ] && cmd_abort "Error: No running session could be found."
- else
- CMD_PARAMS=$(cmd_parse_3_params "$2")
- [ -z "$CMD_PARAMS" ] && exit 1
- shift
- fi
- shift
- for i in $CMD_PARAMS;
- do
- CMDLINE=$(session_get_cmdline $i)
- cmd_display=$(getparam display)
- cmd_user=$(getparam userName)
- cmd_type=$(getparam type)
- cmd_status=$(getparam status)
- cmd_host=$(getparam host)
-
- # is it a "good" session?
- if [ "$cmd_status" = "Running" ] && stringinstring "unix-" "$cmd_type"
- then
- if [ "$cmd_host" = "127.0.0.1" -o "$cmd_host" = "localhost" ]
+ --send|--broadcast)
+ # is it a "good" session?
+ if [ "$cmd_status" = "Running" ] && stringinstring "unix-" "$cmd_type"
then
- su - "$cmd_user" -c "$PATH_BIN/nxdialog --dialog ok --caption \"NX Administrator Message\" --message \"$@\" -display \":$cmd_display\" &"
- else
- ssh $cmd_host su - "$cmd_user" -c "'$PATH_BIN/nxdialog --dialog ok --caption \"NX Administrator Message\" --message \"$@\" -display \":$cmd_display\" &'"
+ cmd_execute "$cmd_host" "$cmd_user" "$PATH_BIN/nxdialog --dialog ok --caption \"NX Administrator Message\" --message \"$@\" -display \":$cmd_display\" &"
fi
- fi
+ esac
done
- #nxnode_start --send "$CMD_PARAMS"
}
#
@@ -2099,13 +2137,13 @@
cmd_history "$@"
;;
--terminate|--suspend|--force-terminate)
- cmd_terminate "$@"
+ cmd_terminate_or_send "$@"
;;
--cleanup)
- cmd_terminate "--force-terminate" "*"
+ cmd_terminate_or_send "--force-terminate" "*"
;;
--send|--broadcast)
- cmd_send "$@"
+ cmd_terminate_or_send "$@"
;;
*)
cmd_abort "Error: Function $CMD not implemented yet."
Only in freenx-server.fixes/nx-session-launcher: freenx.session.policy
diff -rud -x .bzr freenx-server-0.7.3/nx-session-launcher/nx-session-launcher freenx-server.fixes/nx-session-launcher/nx-session-launcher
--- freenx-server-0.7.3/nx-session-launcher/nx-session-launcher 2008-08-05 19:54:32.000000000 +0200
+++ freenx-server.fixes/nx-session-launcher/nx-session-launcher 2009-11-23 10:16:13.105349977 +0100
@@ -1,31 +1,170 @@
#!/usr/bin/env python
+import xml.parsers.expat as expat
import os
import gobject
import dbus
import sys
+import logging
+
+logging.basicConfig (level=logging.ERROR, format='%(asctime)s %(name)-12s %(levelname)-8s %(message)s', stream=sys.stderr)
+log = logging.getLogger ("nx-session-launcher")
+log.debug ("Starting nx-session-launcher")
+# Getting the system dbus
bus = dbus.SystemBus ()
-manager_obj = bus.get_object ('org.freedesktop.ConsoleKit', '/org/freedesktop/ConsoleKit/Manager')
-manager = dbus.Interface (manager_obj, 'org.freedesktop.ConsoleKit.Manager')
+USE_PK_CREDENTIALS = False
-params = dbus.Array ([], signature = "(sv)")
-params.append (("unix-user", dbus.Int32 (os.getuid(), variant_level=1)))
-params.append (("session-type", dbus.String ("nx", variant_level=1)))
-params.append (("x11-display", dbus.String (os.environ['DISPLAY'], variant_level=1)))
-params.append (("is-local", dbus.Boolean (True, variant_level=1)))
+# ------------------- ConsoleKit integration ------------------------
-cookie = manager.OpenSessionWithParameters (params)
-os.environ['XDG_SESSION_COOKIE'] = cookie
+# Getting the ConsoleKit object
+ck_manager_obj = bus.get_object ('org.freedesktop.ConsoleKit', '/org/freedesktop/ConsoleKit/Manager')
+ck_manager = dbus.Interface (ck_manager_obj, 'org.freedesktop.ConsoleKit.Manager')
+objs = ck_manager.GetSeats ()
-current_session = manager.GetSessionForCookie (cookie)
-session_obj = bus.get_object ('org.freedesktop.ConsoleKit', current_session)
-session = dbus.Interface (session_obj, 'org.freedesktop.ConsoleKit.Session')
+nx_create_session = os.getenv('NX_CREATE_CK_SESSION')
+create_session = True
+if nx_create_session == "false":
+ create_session = False
-properties = dbus.Interface (session_obj, 'org.freedesktop.DBus.Properties')
-properties.Set ("org.freedesktop.DBus.Properties", "active", dbus.Boolean (True, variant_level=1))
+nx_session_type = os.getenv('NX_SESSION_TYPE')
+if nx_session_type == None:
+ nx_session_type = "nx"
+display = os.getenv('DISPLAY')
-os.setreuid(os.getuid(), os.getuid())
-os.spawnvp(os.P_WAIT, sys.argv[1], [])
+# Get the current session
+current_cookie = os.getenv('XDG_SESSION_COOKIE')
+current_session = None
+if current_cookie != None:
+ current_session = ck_manager.GetSessionForCookie (current_cookie)
+
+def takeOwnership():
+ log.debug ("NX_CREATE_CK_SESSION = " + current_cookie)
+ log.debug ("Not creating a CK session")
+
+ session_obj = bus.get_object ('org.freedesktop.ConsoleKit', current_session)
+ session = dbus.Interface (session_obj, 'org.freedesktop.ConsoleKit.Session')
+
+ properties = dbus.Interface (session_obj, 'org.freedesktop.DBus.Properties')
+ try:
+ properties.Set ("org.freedesktop.DBus.Properties", "active", dbus.Boolean (True, variant_level=1))
+ properties.Set ("org.freedesktop.DBus.Properties", "is-local", dbus.Boolean (True, variant_level=1))
+ properties.Set ("org.freedesktop.DBus.Properties", "session-type", dbus.String (nx_session_type, variant_level=1))
+ if display != None:
+ properties.Set ("org.freedesktop.DBus.Properties", "x11-display", dbus.String (display, variant_level=1))
+ log.debug ("Ownership taken")
+ return True
+ except expat.ExpatError, e:
+ error_string = str(e)
+ log.error ("Error: " + error_string)
+ log.error ("Falling back to create a new session")
+ return False
+ except dbus.DBusException, e:
+ error_string = str(e)
+ log.error ("Error: " + error_string)
+ log.error ("Falling back to create a new session")
+ return False
+ except Exception, e:
+ error_string = str(e)
+ log.error ("Error: " + error_string)
+ log.error ("Falling back to create a new session")
+ return False
+
+def createSession():
+ try:
+ # Defining the session attributes
+ params = dbus.Array ([], signature = "(sv)")
+ params.append (("unix-user", dbus.Int32 (os.getuid(), variant_level=1)))
+ params.append (("session-type", dbus.String (nx_session_type, variant_level=1)))
+ if display != None:
+ params.append (("x11-display", dbus.String (display, variant_level=1)))
+ params.append (("is-local", dbus.Boolean (True, variant_level=1)))
+
+ # Create the ConsoleKit session
+ cookie = ck_manager.OpenSessionWithParameters (params)
+ log.debug ("Session " + cookie + " created")
+
+ # Exporting the XDG_SESSION_COOKIE variable
+ os.environ['XDG_SESSION_COOKIE'] = cookie
+
+ # Getting the ConsoleKit session
+ current_session = ck_manager.GetSessionForCookie (cookie)
+ session_obj = bus.get_object ('org.freedesktop.ConsoleKit', current_session)
+ session = dbus.Interface (session_obj, 'org.freedesktop.ConsoleKit.Session')
+
+ # Setting the session as active
+ properties = dbus.Interface (session_obj, 'org.freedesktop.DBus.Properties')
+ properties.Set ("org.freedesktop.DBus.Properties", "active", dbus.Boolean (True, variant_level=1))
+
+ except dbus.DBusException, e:
+ # Dbus error problably you don't have the dbus rule installed or your launcher is not suid nx
+ # Open session without the parameters
+ log.error ("Failed to create a CK session using parameters")
+
+ error_string = str(e)
+ log.error ("Error: " + error_string)
+
+ # Create the ConsoleKit session
+ cookie = ck_manager.OpenSession ()
+ log.debug ("Session " + cookie + " created")
+
+ # Exporting the XDG_SESSION_COOKIE variable
+ os.environ['XDG_SESSION_COOKIE'] = cookie
+
+def checkPermission ():
+ if USE_PK_CREDENTIALS == False:
+ return True
+
+ policykit = bus.get_object ('org.freedesktop.PolicyKit', '/', "org/freedesktop/PolicyKit")
+
+ if(policykit == None):
+ log.error ("Error: Could not get PolicyKit D-Bus Interface\n")
+ else:
+ polkit_interface = dbus.Interface (policykit, 'org.freedesktop.PolicyKit')
+
+ try:
+ granted = polkit_interface.IsProcessAuthorized ("freenx.session.create", os.getpid(), "false")
+
+ if granted == "yes":
+ return True
+ else:
+ return False
+
+ except dbus.DBusException, e :
+ # Dbus error problably you don't have the PolicyKit rule installed
+ error_string = str(e)
+ log.error ("Error: " + error_string)
+
+
+if create_session and ( current_session == None or not takeOwnership () ):
+ log.debug("Creating a new session")
+ createSession ()
+ pid = os.fork ()
+ if pid == -1:
+ log.rrror ("error forking child")
+ elif pid == 0:
+ log.debug ("Forked")
+ else:
+ # Parent
+ status = os.waitpid (pid, 0)
+ os._exit (0)
+
+if os.geteuid () != os.getuid ():
+ # Drop setuid privilege
+ os.setreuid(os.getuid(), os.getuid())
+
+ os.environ ['NX_CREATE_CK_SESSION'] = "false"
+
+ # Reexecute this script to really drop euid privilege
+# os.spawnvp (os.P_WAIT, sys.argv[0], sys.argv)
+# sys.exit()
+
+args = sys.argv
+args.pop(0)
+log.info ("Launching the program\n")
+if checkPermission ():
+ os.execvp(args[0], args)
+else:
+ log.error ("You don't have permission to execute the action\n")
diff -rud -x .bzr freenx-server-0.7.3/nx-session-launcher/nx-session-launcher-suid.c freenx-server.fixes/nx-session-launcher/nx-session-launcher-suid.c
--- freenx-server-0.7.3/nx-session-launcher/nx-session-launcher-suid.c 2008-08-05 19:54:32.000000000 +0200
+++ freenx-server.fixes/nx-session-launcher/nx-session-launcher-suid.c 2009-11-23 10:16:13.098350105 +0100
@@ -23,8 +23,8 @@
#include <stdlib.h>
#include <stdio.h>
-#ifndef NXSERVER_COMMAND
-#define NXSERVER_COMMAND "/usr/bin/nx-session-launcher"
+#ifndef SESSION_LAUNCHER_COMMAND
+#define SESSION_LAUNCHER_COMMAND "/usr/bin/nx-session-launcher"
#endif
#define CK_LAUNCH_SESSION_COMMAND "/usr/bin/ck-launch-session"
@@ -47,7 +47,7 @@
new_argv[0] = CK_LAUNCH_SESSION_COMMAND;
}else{
- new_argv[0] = NXSERVER_COMMAND;
+ new_argv[0] = SESSION_LAUNCHER_COMMAND;
}
return execv(new_argv[0], new_argv);
diff -rud -x .bzr freenx-server-0.7.3/nx-session-launcher/README freenx-server.fixes/nx-session-launcher/README
--- freenx-server-0.7.3/nx-session-launcher/README 2008-08-05 23:30:58.000000000 +0200
+++ freenx-server.fixes/nx-session-launcher/README 2009-11-23 10:16:13.098350105 +0100
@@ -1,6 +1,8 @@
-The unlock buttons on Users and Groups or Network are greyed out and un-accessible. Tried running from a term 'sudo users-admin' with the same results.
+The unlock buttons on Users and Groups or Network are greyed out and un-accessible.
+Running from a term 'sudo users-admin' should work the same way. (Not in Ubuntu due
+to bug https://bugs.edge.launchpad.net/ubuntu/+source/policykit/+bug/210897)
-To correct the problem follow this steps:
+If you are not using a packed version, correct the problem by following this steps:
- Copy nx-session-launcher and nx-session-launcher-suid to /usr/bin
- Execute $ chown nx /usr/bin/nx-session-launcher-suid
- Execute $ chmod 4755 /usr/bin/nx-session-launcher-suid
Reference in a new issue View git blame Copy permalink