X2Go Bug report logs - #1012
Session reconnect doesn't work (x2gobroker)

version graph

Package: x2gobroker; Maintainer for x2gobroker is X2Go Developers <x2go-dev@lists.x2go.org>; Source for x2gobroker is src:x2gobroker.

Reported by: Stefan Baur <X2Go-ML-1@baur-itcs.de>

Date: Tue, 22 Mar 2016 09:45:01 UTC

Severity: normal

Tags: moreinfo

Found in version 0.0.3.0

Full log

🔗 View this message in rfc822 format

X-Loop: owner@bugs.x2go.org
Subject: Bug#1012: [X2Go-Dev] Bug#1012: Session reconnect doesn't work (x2gobroker)
Reply-To: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>, 1012@bugs.x2go.org
Resent-From: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
Resent-To: x2go-dev@lists.x2go.org
Resent-CC: X2Go Developers <x2go-dev@lists.x2go.org>
X-Loop: owner@bugs.x2go.org
Resent-Date: Tue, 22 Mar 2016 11:20:01 +0000
Resent-Message-ID: <handler.1012.B1012.145864531322565@bugs.x2go.org>
Resent-Sender: owner@bugs.x2go.org
X-X2Go-PR-Message: followup 1012
X-X2Go-PR-Package: x2gobroker
X-X2Go-PR-Keywords: not-a-bug
Received: via spool by 1012-submit@bugs.x2go.org id=B1012.145864531322565
          (code B ref 1012); Tue, 22 Mar 2016 11:20:01 +0000
Received: (at 1012) by bugs.x2go.org; 22 Mar 2016 11:15:13 +0000
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on
	ymir.das-netzwerkteam.de
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=3.0 tests=BAYES_00,URIBL_BLOCKED
	autolearn=ham version=3.3.2
Received: from localhost (localhost [127.0.0.1])
	by ymir.das-netzwerkteam.de (Postfix) with ESMTP id D8CFF5DAB9
	for <1012@bugs.x2go.org>; Tue, 22 Mar 2016 12:15:10 +0100 (CET)
X-Virus-Scanned: Debian amavisd-new at ymir.das-netzwerkteam.de
Received: from ymir.das-netzwerkteam.de ([127.0.0.1])
	by localhost (ymir.das-netzwerkteam.de [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id bJGYCS5x4epT for <1012@bugs.x2go.org>;
	Tue, 22 Mar 2016 12:15:04 +0100 (CET)
Received: from freya.das-netzwerkteam.de (freya.das-netzwerkteam.de [88.198.48.199])
	by ymir.das-netzwerkteam.de (Postfix) with ESMTPS id 6C7335DA92
	for <1012@bugs.x2go.org>; Tue, 22 Mar 2016 12:15:04 +0100 (CET)
Received: from grimnir.das-netzwerkteam.de (grimnir.das-netzwerkteam.de [78.46.204.98])
	by freya.das-netzwerkteam.de (Postfix) with ESMTPS id AECC242E0;
	Tue, 22 Mar 2016 12:15:03 +0100 (CET)
Received: from localhost (localhost [127.0.0.1])
	by grimnir.das-netzwerkteam.de (Postfix) with ESMTP id 605C33C736;
	Tue, 22 Mar 2016 12:15:03 +0100 (CET)
X-Virus-Scanned: Debian amavisd-new at grimnir.das-netzwerkteam.de
Received: from grimnir.das-netzwerkteam.de ([127.0.0.1])
	by localhost (grimnir.das-netzwerkteam.de [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id emjG8zBqOLCQ; Tue, 22 Mar 2016 12:14:57 +0100 (CET)
Received: from das-netzwerkteam.de (localhost [127.0.0.1])
	by grimnir.das-netzwerkteam.de (Postfix) with ESMTPS id 487173B993;
	Tue, 22 Mar 2016 12:14:57 +0100 (CET)
Received: from 213.158.96.150 ([213.158.96.150]) by mail.das-netzwerkteam.de
 (Horde Framework) with HTTP; Tue, 22 Mar 2016 11:14:57 +0000
Date: Tue, 22 Mar 2016 11:14:57 +0000
Message-ID: <20160322111457.Horde.Hg9FaccmAt5vBIUkY4EzXqq@mail.das-netzwerkteam.de>
From: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
To: Stefan Baur <X2Go-ML-1@baur-itcs.de>, 1012@bugs.x2go.org
In-Reply-To: <56F1136B.5000102@baur-itcs.de>
User-Agent: Horde Application Framework 5
Accept-Language: de,en
Organization: DAS-NETZWERKTEAM
X-Originating-IP: 213.158.96.150
X-Remote-Browser: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101
 Firefox/38.0 Iceweasel/38.6.1
Content-Type: multipart/signed; boundary="=_rpdc1mIfqVU5-t2YsjiBi0U";
 protocol="application/pgp-signature"; micalg=pgp-sha256
MIME-Version: 1.0

[Message part 1 (text/plain, inline)]
Hi Stefan,

ah, sorry, missed your initial post around #1012.

On  Di 22 Mär 2016 10:42:03 CET, Stefan Baur wrote:

> package: x2gobroker
> version: 0.0.3.0
>
> Situation:      two identical nodes, only difference is DNS name + IP
> Desired result: load-balanced X2Go systems, where a suspended session
>                 can be resumed
>
> Actual outcome: Each connect starts a new session, suspended sessions
>                 are left dangling forever
>
> Questions:
> 1) Is x2gobroker-daemon needed at all for ssh-only connections to the
>    broker?

No. But I recommend starting with x2gobroker-daemon, because it allows  
much easier debugging.

> 2) Did I miss any obvious steps?

What were your steps? (ah... ok... posted below...)

> 3) What would be the suggested path to debug this?

Use http brokerage for debugging. Run

  x2gobroker-daemon-debug

as root on the cmdline and post suspicious messages here.


Where do you actually have the X2Go Broker installed? On both X2Go  
Servers? This is a non-recommended setup.

The recommended setup is:

  on broker machine, several X2Go Servers

or

  two broker machines (with DNS round robin), several X2Go Servers


> A full typescript ecording of the installation process is available,
> but as no command returned any error messages, let me shorten it down to
> the commands that were executed:
>
> # commands executed on both first and second node
> apt-get install x2gobroker -y
> cp /etc/x2go/x2gobroker.conf /etc/x2go/x2gobroker.conf.orig
> vi /etc/x2go/x2gobroker.conf # see diff below
> apt-get install x2gobroker-agent -y
> cp /etc/x2go/broker/x2gobroker-sessionprofiles.conf
> /etc/x2go/broker/x2gobroker-sessionprofiles.conf.orig
> vi /etc/x2go/broker/x2gobroker-sessionprofiles.conf # see diff below
> x2gobroker-keygen
> cp /var/lib/x2gobroker/.ssh/id_rsa.pub /tmp/
> cd /tmp/
> vi id_rsa.pub # added a blank and the server name to end of file
> python -m SimpleHTTPServer 8081 # run temporary web server so second
> node can fetch the file

> # once both web servers were up, the following commands were executed
> # on BOTH nodes:
> x2gobroker-pubkeyauthorizer -t http://firstnode:8081/id_rsa.pub
> x2gobroker-pubkeyauthorizer -t http://secondnode:8081/id_rsa.pub

> # Sadly, no working session reconnect with these command line
> # parameters - it always starts a new session:
> x2goclient
> --broker-url=ssh://accountwithapublickey@firstnode:22/usr/bin/x2gobroker
> --broker-autologin
> # This is using x2goclient-4.0.5.0-2015.07.31

You could play with the x2gobroker-testagent script and investigate  
the calls to the X2Go Server side x2gobroker-agent.

You could also check if you can use the broker-autologin feature on a  
per session basis. x2gobroker-daemon-debug will be your friend...

> # taking a closer look at
> # http://wiki.x2go.org/doku.php/doc:installation:x2gobroker:
> # maybe x2gobroker-daemon is missing? So ...

It depends on what brokerage you want to use: x2gobroker-ssh -> SSH  
brokerage, x2gobroker-daemon or x2gobroker-wsgi -> http brokerage.

> apt-get install x2gobroker-daemon -y # this also pulls in
> x2gobroker-authservice

Yes. It is required for the pam authmech inside the broker daemon. If  
you authenticate directly against LDAP or HTTPS, then  
x2gobroker-authservice is not needed.

> # Sadly, no change, still no working session reconnect :-(
>
> # ---------------------------------------------------------
>
> diff -u /etc/x2go/x2gobroker.conf.orig /etc/x2go/x2gobroker.conf
> --- /etc/x2go/x2gobroker.conf.orig      2016-03-19 18:39:02.034407506 +0100
> +++ /etc/x2go/x2gobroker.conf   2016-03-19 19:56:05.781729565 +0100
> @@ -241,6 +241,7 @@
>  # The agent query mode can be configured on a per-broker-backend basis, the
>  # below value is the default.
>  #default-agent-query-mode=NONE
> +default-agent-query-mode=SSH
>
>  # Probe SSH port of X2Go Servers (availability check)
>  #
> @@ -254,7 +255,7 @@
>  # Per default, we set this to "true" here. The portscan feature can be
>  # deactivated on a per-session-profile basis (use:
> broker-portscan-x2goservers =
>  # false in the session profile configuration).
> -#default-portscan-x2goservers = true
> +default-portscan-x2goservers = false
>
>  # Use load checker for querying X2Go Servers' loads in regular intervals
>  #
> @@ -294,13 +295,13 @@
>  #   o the session profile does not block queries to the load checker daemon
>  #     on a per profile basis
>  #
> -#default-use-load-checker = false
> +default-use-load-checker = true

Do you have x2gobroker-loadchecker install on the broker server?  
Shouldn't cause your failure, but still...

>  # If the x2gobroker-loadchecker daemon gets used, define here how
>  # many seconds to sleep between cycles of querying system load from the
>  # associated X2Go Servers.
>  #
> -#load-checker-intervals = 300
> +load-checker-intervals = 300
>
>
>  ###
> @@ -345,9 +346,8 @@
>  #desktop-shell = KDE
>
>  [broker_inifile]
> -#enable = true
> -#session-profiles = /etc/x2go/broker/x2gobroker-sessionprofiles.conf
> -#use-load-checker = false
> +enable = true
> +session-profiles = /etc/x2go/broker/x2gobroker-sessionprofiles.conf
>
>  #[broker_ldap] -> MUSIC OF THE FUTURE
>  #enable = false
>

Please consider contracting me, on such a project. The X2Go Broker's  
code says it all. If reading the code is problematic, consider  
contracting me for supervision.

Mike
-- 

DAS-NETZWERKTEAM
mike gabriel, herweg 7, 24357 fleckeby
fon: +49 (1520) 1976 148

GnuPG Key ID 0x25771B31
mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de

freeBusy:
https://mail.das-netzwerkteam.de/mailxchange/kronolith/fb.php?u=m.gabriel%40das-netzwerkteam.de

[Message part 2 (application/pgp-signature, inline)]

Send a report that this bug log contains spam.

X2Go Developers <owner@bugs.x2go.org>. Last modified: Thu Apr 18 14:22:49 2024; Machine Name: ymir.das-netzwerkteam.de

X2Go Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.