X2Go Bug report logs -
#1012
Session reconnect doesn't work (x2gobroker)
Full log
🔗
View this message in rfc822 format
[Message part 1 (text/plain, inline)]
package: x2gobroker
version: 0.0.3.0
Situation: two identical nodes, only difference is DNS name + IP
Desired result: load-balanced X2Go systems, where a suspended session
can be resumed
Actual outcome: Each connect starts a new session, suspended sessions
are left dangling forever
Questions:
1) Is x2gobroker-daemon needed at all for ssh-only connections to the
broker?
2) Did I miss any obvious steps?
3) What would be the suggested path to debug this?
A full typescript recording of the installation process is available,
but as no command returned any error messages, let me shorten it down to
the commands that were executed:
# commands executed on both first and second node
apt-get install x2gobroker -y
cp /etc/x2go/x2gobroker.conf /etc/x2go/x2gobroker.conf.orig
vi /etc/x2go/x2gobroker.conf # see diff below
apt-get install x2gobroker-agent -y
cp /etc/x2go/broker/x2gobroker-sessionprofiles.conf
/etc/x2go/broker/x2gobroker-sessionprofiles.conf.orig
vi /etc/x2go/broker/x2gobroker-sessionprofiles.conf # see diff below
x2gobroker-keygen
cp /var/lib/x2gobroker/.ssh/id_rsa.pub /tmp/
cd /tmp/
vi id_rsa.pub # added a blank and the server name to end of file
python -m SimpleHTTPServer 8081 # run temporary web server so second
node can fetch the file
# once both web servers were up, the following commands were executed
# on BOTH nodes:
x2gobroker-pubkeyauthorizer -t http://firstnode:8081/id_rsa.pub
x2gobroker-pubkeyauthorizer -t http://secondnode:8081/id_rsa.pub
# Sadly, no working session reconnect with these command line
# parameters - it always starts a new session:
x2goclient
--broker-url=ssh://accountwithapublickey@firstnode:22/usr/bin/x2gobroker
--broker-autologin
# This is using x2goclient-4.0.5.0-2015.07.31
# taking a closer look at
# http://wiki.x2go.org/doku.php/doc:installation:x2gobroker:
# maybe x2gobroker-daemon is missing? So ...
apt-get install x2gobroker-daemon -y # this also pulls in
x2gobroker-authservice
# Sadly, no change, still no working session reconnect :-(
# ---------------------------------------------------------
diff -u /etc/x2go/x2gobroker.conf.orig /etc/x2go/x2gobroker.conf
--- /etc/x2go/x2gobroker.conf.orig 2016-03-19 18:39:02.034407506 +0100
+++ /etc/x2go/x2gobroker.conf 2016-03-19 19:56:05.781729565 +0100
@@ -241,6 +241,7 @@
# The agent query mode can be configured on a per-broker-backend basis, the
# below value is the default.
#default-agent-query-mode=NONE
+default-agent-query-mode=SSH
# Probe SSH port of X2Go Servers (availability check)
#
@@ -254,7 +255,7 @@
# Per default, we set this to "true" here. The portscan feature can be
# deactivated on a per-session-profile basis (use:
broker-portscan-x2goservers =
# false in the session profile configuration).
-#default-portscan-x2goservers = true
+default-portscan-x2goservers = false
# Use load checker for querying X2Go Servers' loads in regular intervals
#
@@ -294,13 +295,13 @@
# o the session profile does not block queries to the load checker daemon
# on a per profile basis
#
-#default-use-load-checker = false
+default-use-load-checker = true
# If the x2gobroker-loadchecker daemon gets used, define here how
# many seconds to sleep between cycles of querying system load from the
# associated X2Go Servers.
#
-#load-checker-intervals = 300
+load-checker-intervals = 300
###
@@ -345,9 +346,8 @@
#desktop-shell = KDE
[broker_inifile]
-#enable = true
-#session-profiles = /etc/x2go/broker/x2gobroker-sessionprofiles.conf
-#use-load-checker = false
+enable = true
+session-profiles = /etc/x2go/broker/x2gobroker-sessionprofiles.conf
#[broker_ldap] -> MUSIC OF THE FUTURE
#enable = false
# ---------------------------------------------------------
# ---------------------------------------------------------
diff -u /etc/x2go/broker/x2gobroker-sessionprofiles.conf.orig
/etc/x2go/broker/x2gobroker-sessionprofiles.conf
--- /etc/x2go/broker/x2gobroker-sessionprofiles.conf.orig
2016-03-19 19:19:33.995277777 +0100
+++ /etc/x2go/broker/x2gobroker-sessionprofiles.conf 2016-03-19
19:58:45.407309387 +0100
@@ -63,146 +63,12 @@
directrdp=false
user=BROKER_USER
-[localhost-kde]
-name=KDE - localhost
-host=localhost
-command=KDE
+[GloveBox]
+host=firstnode (firstnodeip), secondnode (secondnodeip)
+name=GloveBox
+published=true
usebrokerpass=true
-
-[localhost-mate]
-name=MATE - localhost
-host=localhost
-command=MATE
-usebrokerpass=true
-
-[localhost-shadow]
-name=SHADOW - localhost
-# don't even try load-balancing here... it makes not sense and won't
work (first given host will be used!)
-host=localhost
-command=SHADOW
-usebrokerpass=true
-
-### EXAMPLES: Below you find some config examples. Adapt them to your
needs or
-### simply write your own session profiles and remove the examples below.
-
-##
-## EXAMPLE: pool-A (staff servers)
-##
-## The pool-A contains three X2Go Servers (server-A, server-B and
server-C).
-
-## The staff of our example institute falls into two groups of users:
-## gnome-users and kde-users.
-## The gnome-users log into server-A or server-B, depending on their client
-## subnet (IP configuration of the client).
-## The kde-users login to server-C (server-C can be reached from the whole
-## intranet).
-##
-## The client IP based split-up of the GNOME users allows some
primitive load
-## balancing.
-##
-## If staff people are members of both groups (kde-users, gnome-users) both
-## session profiles will be shown in X2Go Client.
-##
-
-#[pool-A-server-A]
-#user=
-#host=server-a.pool-a.domain.local
-#name=GNOME - pool-A (srv-A)
-#command=GNOME
-#rootless=false
-#acl-groups-allow=gnome-users,admins
-#acl-groups-deny=ALL
-#acl-clients-deny=ALL
-#acl-clients-allow=10.1.0.0/16
-#acl-any-order=deny-allow
-#broker-session-autologin=true
-
-#[pool-A-server-B]
-#user=
-#host=server-b.pool-a.domain.local
-#name=GNOME - pool-A (srv-B)
-#command=GNOME
-#rootless=false
-#acl-groups-allow=gnome-users,admins
-#acl-groups-deny=ALL
-#acl-clients-deny=ALL
-#acl-clients-allow=10.2.0.0/16
-#acl-any-order=deny-allow
-#broker-session-autologin=true
-
-#[pool-A-server-C]
-#user=
-#host=server-c.pool-a.domain.local
-#name=KDE - pool-A (srv-C)
-#command=KDE
-#rootless=false
-#acl-groups-allow=kde-users,admins
-#acl-groups-deny=ALL
-#acl-any-order=deny-allow
-#broker-session-autologin=true
-
-##
-## EXAMPLE: pool-B (e.g. webserver in the DMZ or on the internet)
-##
-## The pool-B is a single X2Go Server (server-D) that is
-## hosted externally. The server-D has an official internet IP.
-##
-## The session profile for server-D shall be provided to the
-## admins group only.
-##
-## Furthermore, the session profile for server-D shall only get
-## offered to a member of the admins group if the admin is sitting
-## in front of one of the admin client machines.
-##
-
-#[pool-B-server-D-LXDE]
-#user=
-#host=server-d (server-d.domain.internet)
-#name=LXDE - srv-D
-#command=LXDE
-#rootless=false
-#acl-groups-allow=admins
-#acl-groups-deny=ALL
-## make sure hostnames in client ACLs are resolvable via libnss!!!
-#acl-clients-deny=ALL
-#acl-clients-allow=admin-machine1.domain.local,
admin-machine2.domain.local, admin-machine3.domain.local
-#acl-any-order=deny-allow
-
-##
-## EXAMPLE: pool-C (REAL LOAD BALANCING!!!)
-##
-## The pool-C is a server pool for students. Our example institute
-## knows 200-300 students and has to offer working places for
-## every student.
-##
-## The resource limits on these servers are pretty strict, so staff members
-## normally stay away from these machines, anyway. Only two test account
-## get this session profile into their X2Go Clients.
-##
-## The pool-C contains 6 X2Go Servers that serve all students users
together
-## as a load balance server farm. The servers' hostnames are s-E1,
s-E2, ...
-## (as found in /etc/hostname). The hosts, however, are not configured
in DNS
-## so we give their IPs explicitly (also works for IPv6).
-##
-## Make sure to install x2gobroker-agent on all these 6 X2Go Servers.
Also make
-## sure to once run the script x2gobroker-keygen on the broker host and
once
-## the script x2gobroker-pubkeyauthorizer per X2Go Server.
-##
-## All 6 X2Go Servers have to be configured to use the PostgreSQL X2Go
session
-## DB backend.
-##
-
-#[pool-C-XFCE]
-#user=
-#host=s-E1 (10.0.2.11),s-E2 (10.0.2.12),s-E3 (10.0.2.13),s-E4
(10.0.2.14),s-E5 (10.0.2.15)
-#name=XFCE - pool-C
-#command=XFCE
-#rootless=false
-#acl-users-allow=testuser-A,testuser-B
-#acl-users-deny=ALL
-#acl-groups-allow=students,admins
-#acl-groups-deny=ALL
-#acl-any-order=deny-allow
# this server pool has a special broker setup for SSH authorized_keys
-#broker-session-autologin=true
-#broker-authorized-keys=/var/lib/x2gobroker/ssh/%u/authorized_keys
+broker-session-autologin=true
+broker-authorized-keys=/etc/ssh/authorized_keys.d/%u
# ---------------------------------------------------------
# ---------------------------------------------------------
dpkg -l|grep x2go
ii cups-x2go
3.0.1.3-0x2go1+git20160127.135+jessie.main.1 all Virtual
X2Go printer for CUPS
ii libnx-x11-6:i386
2:3.5.0.32-0x2go1+git20160126.734+jessie.main.1 i386 nx-X11
client-side library
ii libnx-xcomposite1:i386
2:3.5.0.32-0x2go1+git20160126.734+jessie.main.1 i386 nx-X11
Composite extension library
ii libnx-xdamage1:i386
2:3.5.0.32-0x2go1+git20160126.734+jessie.main.1 i386 nx-X11
damaged region extension library
ii libnx-xdmcp6:i386
2:3.5.0.32-0x2go1+git20160126.734+jessie.main.1 i386 nx-X11
Display Manager Control Protocol library
ii libnx-xext6:i386
2:3.5.0.32-0x2go1+git20160126.734+jessie.main.1 i386 nx-X11
miscellaneous extension library
ii libnx-xfixes3:i386
2:3.5.0.32-0x2go1+git20160126.734+jessie.main.1 i386 nx-X11
miscellaneous 'fixes' extension library
ii libnx-xinerama1:i386
2:3.5.0.32-0x2go1+git20160126.734+jessie.main.1 i386 nx-X11
Xinerama extension library
ii libnx-xpm4:i386
2:3.5.0.32-0x2go1+git20160126.734+jessie.main.1 i386 nx-X11
pixmap library
ii libnx-xrandr2:i386
2:3.5.0.32-0x2go1+git20160126.734+jessie.main.1 i386 nx-X11
RandR extension library
ii libnx-xrender1:i386
2:3.5.0.32-0x2go1+git20160126.734+jessie.main.1 i386 nx-X11
Rendering Extension client library
ii libnx-xtst6:i386
2:3.5.0.32-0x2go1+git20160126.734+jessie.main.1 i386 nx-X11
Testing -- Record extension library
ii libxcomp3:i386
2:3.5.0.32-0x2go1+git20160126.734+jessie.main.1 i386 nx-X11
compression library
ii libxcompext3:i386
2:3.5.0.32-0x2go1+git20160126.734+jessie.main.1 i386 nx-X11
protocol compression extensions library
ii libxcompshad3:i386
2:3.5.0.32-0x2go1+git20160126.734+jessie.main.1 i386 nx-X11
shadowing library
ii nx-x11-common
2:3.5.0.32-0x2go1+git20160126.734+jessie.main.1 all nx-X11
(common files)
ii nxagent
2:3.5.0.32-0x2go1+git20160126.734+jessie.main.1 i386 NX agent
ii python-x2gobroker
0.0.3.0-0x2go1+git20160126.999+jessie.main.1 all X2Go
Session Broker (Python modules)
ii x2go-keyring
2012.07.23~jessie~main~17~build1 all GnuPG keys
of all X2Go developers and the X2Go archive
ii x2goagent
2:3.5.0.32-0x2go1+git20160126.734+jessie.main.1 all X2Go agent
ii x2gobroker
0.0.3.0-0x2go1+git20160126.999+jessie.main.1 all X2Go
Session Broker (executable)
ii x2gobroker-agent
0.0.3.0-0x2go1+git20160126.999+jessie.main.1 i386 X2Go
Session Broker (remote agent)
ii x2gobroker-authservice
0.0.3.0-0x2go1+git20160126.999+jessie.main.1 all X2Go
Session Broker (PAM authentication service)
ii x2gobroker-daemon
0.0.3.0-0x2go1+git20160126.999+jessie.main.1 all X2Go
Session Broker (standalone daemon)
ii x2goserver
4.0.1.19-0x2go2+git20160126.1064+jessie.main.1 i386 X2Go server
daemon scripts
ii x2goserver-extensions
4.0.1.19-0x2go2+git20160126.1064+jessie.main.1 all X2Go server
daemon scripts (extensions)
ii x2goserver-printing
4.0.1.19-0x2go2+git20160126.1064+jessie.main.1 all X2Go server
daemon scripts (printing)
ii x2goserver-xsession
4.0.1.19-0x2go2+git20160126.1064+jessie.main.1 all X2Go server
daemon scripts (Xsession runner)
# ---------------------------------------------------------
cat /etc/apt/sources.list
# Security Updates
deb http://security.debian.org/ jessie/updates main contrib non-free
deb-src http://security.debian.org/ jessie/updates main contrib non-free
# Backports
deb http://ftp.debian.org/debian/ jessie-backports main contrib non-free
# ClamAV etc.
deb http://ftp.debian.org/debian jessie-updates main contrib non-free
deb-src http://ftp.debian.org/debian jessie-updates main contrib non-free
# Stable
deb http://ftp.de.debian.org/debian/ jessie main contrib non-free
deb-src http://ftp.de.debian.org/debian/ jessie main contrib non-free
# X2go Repository
deb http://packages.x2go.org/debian jessie main
# X2go Repository (sources)
deb-src http://packages.x2go.org/debian jessie main
# ---------------------------------------------------------
# ---------------------------------------------------------
cat /etc/debian_version
8.3
# ---------------------------------------------------------
Kind Regards,
Stefan Baur
--
BAUR-ITCS UG (haftungsbeschränkt)
Geschäftsführer: Stefan Baur
Eichenäckerweg 10, 89081 Ulm | Registergericht Ulm, HRB 724364
Fon/Fax 0731 40 34 66-36/-35 | USt-IdNr.: DE268653243
[signature.asc (application/pgp-signature, attachment)]
Send a report that this bug log contains spam.
X2Go Developers <owner@bugs.x2go.org>.
Last modified:
Thu Nov 21 15:34:39 2024;
Machine Name:
ymir.das-netzwerkteam.de
X2Go Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.