From unknown Mon Apr 13 00:06:36 2026 X-Loop: owner@bugs.x2go.org Subject: Bug#1012: [X2Go-Dev] Bug#1012: Session reconnect doesn't work (x2gobroker) Reply-To: Mike Gabriel , 1012@bugs.x2go.org Resent-From: Mike Gabriel Resent-To: x2go-dev@lists.x2go.org Resent-CC: X2Go Developers X-Loop: owner@bugs.x2go.org Resent-Date: Tue, 22 Mar 2016 11:20:01 +0000 Resent-Message-ID: Resent-Sender: owner@bugs.x2go.org X-X2Go-PR-Message: followup 1012 X-X2Go-PR-Package: x2gobroker X-X2Go-PR-Keywords: not-a-bug Received: via spool by 1012-submit@bugs.x2go.org id=B1012.145864531322565 (code B ref 1012); Tue, 22 Mar 2016 11:20:01 +0000 Received: (at 1012) by bugs.x2go.org; 22 Mar 2016 11:15:13 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=-1.9 required=3.0 tests=BAYES_00,URIBL_BLOCKED autolearn=ham version=3.3.2 Received: from localhost (localhost [127.0.0.1]) by ymir.das-netzwerkteam.de (Postfix) with ESMTP id D8CFF5DAB9 for <1012@bugs.x2go.org>; Tue, 22 Mar 2016 12:15:10 +0100 (CET) X-Virus-Scanned: Debian amavisd-new at ymir.das-netzwerkteam.de Received: from ymir.das-netzwerkteam.de ([127.0.0.1]) by localhost (ymir.das-netzwerkteam.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bJGYCS5x4epT for <1012@bugs.x2go.org>; Tue, 22 Mar 2016 12:15:04 +0100 (CET) Received: from freya.das-netzwerkteam.de (freya.das-netzwerkteam.de [88.198.48.199]) by ymir.das-netzwerkteam.de (Postfix) with ESMTPS id 6C7335DA92 for <1012@bugs.x2go.org>; Tue, 22 Mar 2016 12:15:04 +0100 (CET) Received: from grimnir.das-netzwerkteam.de (grimnir.das-netzwerkteam.de [78.46.204.98]) by freya.das-netzwerkteam.de (Postfix) with ESMTPS id AECC242E0; Tue, 22 Mar 2016 12:15:03 +0100 (CET) Received: from localhost (localhost [127.0.0.1]) by grimnir.das-netzwerkteam.de (Postfix) with ESMTP id 605C33C736; Tue, 22 Mar 2016 12:15:03 +0100 (CET) X-Virus-Scanned: Debian amavisd-new at grimnir.das-netzwerkteam.de Received: from grimnir.das-netzwerkteam.de ([127.0.0.1]) by localhost (grimnir.das-netzwerkteam.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id emjG8zBqOLCQ; Tue, 22 Mar 2016 12:14:57 +0100 (CET) Received: from das-netzwerkteam.de (localhost [127.0.0.1]) by grimnir.das-netzwerkteam.de (Postfix) with ESMTPS id 487173B993; Tue, 22 Mar 2016 12:14:57 +0100 (CET) Received: from 213.158.96.150 ([213.158.96.150]) by mail.das-netzwerkteam.de (Horde Framework) with HTTP; Tue, 22 Mar 2016 11:14:57 +0000 Date: Tue, 22 Mar 2016 11:14:57 +0000 Message-ID: <20160322111457.Horde.Hg9FaccmAt5vBIUkY4EzXqq@mail.das-netzwerkteam.de> From: Mike Gabriel To: Stefan Baur , 1012@bugs.x2go.org In-Reply-To: <56F1136B.5000102@baur-itcs.de> User-Agent: Horde Application Framework 5 Accept-Language: de,en Organization: DAS-NETZWERKTEAM X-Originating-IP: 213.158.96.150 X-Remote-Browser: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Firefox/38.0 Iceweasel/38.6.1 Content-Type: multipart/signed; boundary="=_rpdc1mIfqVU5-t2YsjiBi0U"; protocol="application/pgp-signature"; micalg=pgp-sha256 MIME-Version: 1.0 This message is in MIME format and has been PGP signed. --=_rpdc1mIfqVU5-t2YsjiBi0U Content-Type: text/plain; charset=utf-8; format=flowed; DelSp=Yes Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi Stefan, ah, sorry, missed your initial post around #1012. On Di 22 M=C3=A4r 2016 10:42:03 CET, Stefan Baur wrote: > package: x2gobroker > version: 0.0.3.0 > > Situation: two identical nodes, only difference is DNS name + IP > Desired result: load-balanced X2Go systems, where a suspended session > can be resumed > > Actual outcome: Each connect starts a new session, suspended sessions > are left dangling forever > > Questions: > 1) Is x2gobroker-daemon needed at all for ssh-only connections to the > broker? No. But I recommend starting with x2gobroker-daemon, because it allows=20= =20 much=20easier debugging. > 2) Did I miss any obvious steps? What were your steps? (ah... ok... posted below...) > 3) What would be the suggested path to debug this? Use http brokerage for debugging. Run x2gobroker-daemon-debug as root on the cmdline and post suspicious messages here. Where do you actually have the X2Go Broker installed? On both X2Go=20=20 Servers?=20This is a non-recommended setup. The recommended setup is: on broker machine, several X2Go Servers or two broker machines (with DNS round robin), several X2Go Servers > A full typescript ecording of the installation process is available, > but as no command returned any error messages, let me shorten it down to > the commands that were executed: > > # commands executed on both first and second node > apt-get install x2gobroker -y > cp /etc/x2go/x2gobroker.conf /etc/x2go/x2gobroker.conf.orig > vi /etc/x2go/x2gobroker.conf # see diff below > apt-get install x2gobroker-agent -y > cp /etc/x2go/broker/x2gobroker-sessionprofiles.conf > /etc/x2go/broker/x2gobroker-sessionprofiles.conf.orig > vi /etc/x2go/broker/x2gobroker-sessionprofiles.conf # see diff below > x2gobroker-keygen > cp /var/lib/x2gobroker/.ssh/id_rsa.pub /tmp/ > cd /tmp/ > vi id_rsa.pub # added a blank and the server name to end of file > python -m SimpleHTTPServer 8081 # run temporary web server so second > node can fetch the file > # once both web servers were up, the following commands were executed > # on BOTH nodes: > x2gobroker-pubkeyauthorizer -t http://firstnode:8081/id_rsa.pub > x2gobroker-pubkeyauthorizer -t http://secondnode:8081/id_rsa.pub > # Sadly, no working session reconnect with these command line > # parameters - it always starts a new session: > x2goclient > --broker-url=3Dssh://accountwithapublickey@firstnode:22/usr/bin/x2gobroke= r > --broker-autologin > # This is using x2goclient-4.0.5.0-2015.07.31 You could play with the x2gobroker-testagent script and investigate=20=20 the=20calls to the X2Go Server side x2gobroker-agent. You could also check if you can use the broker-autologin feature on a=20=20 per=20session basis. x2gobroker-daemon-debug will be your friend... > # taking a closer look at > # http://wiki.x2go.org/doku.php/doc:installation:x2gobroker: > # maybe x2gobroker-daemon is missing? So ... It depends on what brokerage you want to use: x2gobroker-ssh -> SSH=20=20 brokerage,=20x2gobroker-daemon or x2gobroker-wsgi -> http brokerage. > apt-get install x2gobroker-daemon -y # this also pulls in > x2gobroker-authservice Yes. It is required for the pam authmech inside the broker daemon. If=20=20 you=20authenticate directly against LDAP or HTTPS, then=20=20 x2gobroker-authservice=20is not needed. > # Sadly, no change, still no working session reconnect :-( > > # --------------------------------------------------------- > > diff -u /etc/x2go/x2gobroker.conf.orig /etc/x2go/x2gobroker.conf > --- /etc/x2go/x2gobroker.conf.orig 2016-03-19 18:39:02.034407506 +01= 00 > +++ /etc/x2go/x2gobroker.conf 2016-03-19 19:56:05.781729565 +0100 > @@ -241,6 +241,7 @@ > # The agent query mode can be configured on a per-broker-backend basis, = the > # below value is the default. > #default-agent-query-mode=3DNONE > +default-agent-query-mode=3DSSH > > # Probe SSH port of X2Go Servers (availability check) > # > @@ -254,7 +255,7 @@ > # Per default, we set this to "true" here. The portscan feature can be > # deactivated on a per-session-profile basis (use: > broker-portscan-x2goservers =3D > # false in the session profile configuration). > -#default-portscan-x2goservers =3D true > +default-portscan-x2goservers =3D false > > # Use load checker for querying X2Go Servers' loads in regular intervals > # > @@ -294,13 +295,13 @@ > # o the session profile does not block queries to the load checker dae= mon > # on a per profile basis > # > -#default-use-load-checker =3D false > +default-use-load-checker =3D true Do you have x2gobroker-loadchecker install on the broker server?=20=20 Shouldn't=20cause your failure, but still... > # If the x2gobroker-loadchecker daemon gets used, define here how > # many seconds to sleep between cycles of querying system load from the > # associated X2Go Servers. > # > -#load-checker-intervals =3D 300 > +load-checker-intervals =3D 300 > > > ### > @@ -345,9 +346,8 @@ > #desktop-shell =3D KDE > > [broker_inifile] > -#enable =3D true > -#session-profiles =3D /etc/x2go/broker/x2gobroker-sessionprofiles.conf > -#use-load-checker =3D false > +enable =3D true > +session-profiles =3D /etc/x2go/broker/x2gobroker-sessionprofiles.conf > > #[broker_ldap] -> MUSIC OF THE FUTURE > #enable =3D false > Please consider contracting me, on such a project. The X2Go Broker's=20=20 code=20says it all. If reading the code is problematic, consider=20=20 contracting=20me for supervision. Mike --=20 DAS-NETZWERKTEAM mike=20gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/mailxchange/kronolith/fb.php?u=3Dm.gabriel= %40das-netzwerkteam.de --=_rpdc1mIfqVU5-t2YsjiBi0U Content-Type: application/pgp-signature Content-Description: Digitale PGP-Signatur Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAABCAAGBQJW8SkxAAoJEJr0azAldxsxzsYP/1XmZggZkMruINB28fyBWDAL kwyH6IhC1TYrpFjQwoSc+w2Q//gBKIzjr7oJ907XV5lVL5zUZ9HP+39Z1h3h+5at qn0EihgorZQg/G4/ykVN6z4Av8uQOAHTze4kIDFEpW7XjWBpyhJOHq3MLs2Gk5FQ ywWM2BH5GTWHKXzFCEg3fN5Yi4VK6xfF2bd/X7iGJQJ02CK42iQELBC4dfW/TN/j fkh3DLAdviP6bBxduqrGZwYe5EsotZxHY4STH/NfEtgpIeTbHGWgIgmGxw6EnpBd KE0OPI5787AiUQ9uQdjRNwLbvCp7Ui/MkSTcSMEhIgbRn6eOgZA6cing7h0GCW8x ArJ2JHPv0FS+fAQiOulxPCB/y4uTXk5CuiZU9G+rCQhmdujM7Qn07d2z5i88O2ms iDxouQlYmK+7GBYSZa1SaKqdNRbVrYxH7kkipFVMDMEmGl9kSLBMklax+91MTv0j O+zuofbhl+LNs+YzQRbKAtgSSjxGW6N3mdK0Zhqox7aKs/s6nPdpqfeAZcTty9Tb aUwD1xI98MfgYkT9zlGzjQix30/cLs13CtTTZP4KS9fQw5T2fLl4cgMmUkjX0/W4 JFRzMmsGB9X8cb+tSLC9+e98IOOP5y8m2xJ65Ky5p0HJlzwjWACOeo3GJCC91TMH skkuB3ZyQnhaIUQHDq4m =rKgt -----END PGP SIGNATURE----- --=_rpdc1mIfqVU5-t2YsjiBi0U--