From arun.lisieux@gmail.com Mon Aug 29 11:33:48 2016 Received: (at 1063) by bugs.x2go.org; 29 Aug 2016 09:33:51 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=0.7 required=3.0 tests=BAYES_50,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM,HTML_MESSAGE,URIBL_BLOCKED autolearn=ham version=3.3.2 Received: from localhost (localhost [127.0.0.1]) by ymir.das-netzwerkteam.de (Postfix) with ESMTP id 5A9B85DA95 for <1063@bugs.x2go.org>; Mon, 29 Aug 2016 11:33:48 +0200 (CEST) X-Virus-Scanned: Debian amavisd-new at ymir.das-netzwerkteam.de Received: from ymir.das-netzwerkteam.de ([127.0.0.1]) by localhost (ymir.das-netzwerkteam.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zjRiWVrFskaW for <1063@bugs.x2go.org>; Mon, 29 Aug 2016 11:33:41 +0200 (CEST) Received: from mail-qk0-f172.google.com (mail-qk0-f172.google.com [209.85.220.172]) by ymir.das-netzwerkteam.de (Postfix) with ESMTPS id 75BC55DA8E for <1063@bugs.x2go.org>; Mon, 29 Aug 2016 11:33:41 +0200 (CEST) Received: by mail-qk0-f172.google.com with SMTP id l2so132107992qkf.3 for <1063@bugs.x2go.org>; Mon, 29 Aug 2016 02:33:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=Xto6CQCbwxeK2t1u7e8YxiPCSQUUgaPBVSAx4VNM6uQ=; b=I65PeBdCu6nOh1qMCVLIwkj7O/B7obs8hUAQra/baeBe1JvcqmWjQooOFAD+OxM4RT fEQIFK72ySnWok1yLwZxLbJFB3zLs8P07oRccr1cE5lXi1+kwElUnF6LRVAUyz8MXMzY j1c869+10+UCpo0aS9lFC/bsGoWH7TMVsqYR6r102qyrgnW0yBiARvx2fC62HhBeqc5X LmErGOApkUQPQmiVb3cFffEdt9XjCFvfdWHJNPu2opEWuGy/0kmP2W+pPKoECd0P91uc ieXpLEl1Bi1dV4FtdHniZXrU6YwJKsPiTPwX7Yg8iytKoSHM8kCW2VO+C+Y99Rn6tZ/R uUKA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=Xto6CQCbwxeK2t1u7e8YxiPCSQUUgaPBVSAx4VNM6uQ=; b=Pjtcl3YI2Ox3GIWSgQijiomPK25Cj15hNPictuVD2TpNIgNTnKv9qAnRZG7CPNNGkd Wdrgmok7CkKBeMbkjPnhNBoJ++5MEELKpVwSDBIdfo3Uln4/tDKr46Px8IvL28qz8+Mc zI8JCRI5lt4S14qu3ucQAL3I5WgFKMRMHWuGdVrR6e1fXGq6W9qT1wquFHpSOMSroEt2 fMFzaP8Xurdky6IBCBQXjB5+61yHvXDWszEnDS5LcnQAI+2i+2g8y6c54ySqj/Wbr7yG fv59sF7K6BxWH+nRHN2Dzl46yMF3xjYWKQItRxuqxQNLOBMQ4CU2u8JFOyWvxcARNEH1 xH8Q== X-Gm-Message-State: AE9vXwO5c66jC/NAzm2UiRkdSTyY6b+c3wDNKEitUZUEcAS1BIBJQ2mtC13w0kF7rkjMtghHHcSLctasyobAsg== X-Received: by 10.55.130.70 with SMTP id e67mr17186491qkd.101.1472463220174; Mon, 29 Aug 2016 02:33:40 -0700 (PDT) MIME-Version: 1.0 Received: by 10.55.175.197 with HTTP; Mon, 29 Aug 2016 02:33:39 -0700 (PDT) In-Reply-To: <406759e0-2a96-8582-cc8e-46cd28a2779b@ionic.de> References: <6b41f5b6-82ff-273c-ff64-390c17a44dea@ionic.de> <406759e0-2a96-8582-cc8e-46cd28a2779b@ionic.de> From: Sivachidambaram Somu Date: Mon, 29 Aug 2016 15:03:39 +0530 Message-ID: Subject: Re: CreateDB fails with error `DBI connect('dbname=/var/lib/x2go/x2go_sessions', '', ...) failed` To: Mihai Moldovan Cc: 1063@bugs.x2go.org Content-Type: multipart/alternative; boundary=94eb2c074b0a2ef3e8053b328fb3 --94eb2c074b0a2ef3e8053b328fb3 Content-Type: text/plain; charset=UTF-8 My bad. I have given below the output of the mount command on my machine. % mount /dev/xvda1 on / type auto (rw,noatime) proc on /proc type proc (rw) sysfs on /sys type sysfs (rw) devpts on /dev/pts type devpts (rw,gid=5,mode=620) tmpfs on /dev/shm type tmpfs (rw) /dev/mapper/ephemeralVG-ephemeral on /local type ext4 (rw) none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw) fusectl on /sys/fs/fuse/connections type fusectl (rw) Also, I meant "x2go_sessions" file. The x2golistsessions script is executable by all users and present under /usr/bin as you said. % ls -lhrt /usr/bin/x2golist* -rwxr-xr-x 1 root root 3.3K Apr 27 2015 */usr/bin/x2golistsessions* -rwxr-xr-x 1 root root 1.4K Apr 27 2015 */usr/bin/x2golistmounts* -rwxr-xr-x 1 root root 3.0K Apr 27 2015 */usr/bin/x2golistdesktops* Regards, Siva Chidambaram Somu On Sat, Aug 27, 2016 at 10:03 PM, Mihai Moldovan wrote: > On 27.08.2016 12:38 PM, Sivachidambaram Somu wrote: > > About the SUID, I have not disabled it myself. Let me check the OS > defaults > > again and give an update on that. > > Looks like I haven't been explicit enough, sorry. > > What's the output of "mount"? > > > > Also, I'm able to open them file 'x2golistsessions' in Vim as root. As > you have > > pointed out, the operation fails as a normal user. > > Wait... do you *really* mean x2golistsessions, or rather the database file > called x2go_sessions? > > The script itself (x2golistsessions) should always be read- and executable > by > any user. > > > I've also been looking around if disabling SUID support directly in the > kernel > is possible, but haven't found anything related to this. Looks like the > only way > to achieve that is via a mount flag. If that's not the case, I'm running > dry here. > > > > Mihai > > --94eb2c074b0a2ef3e8053b328fb3 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
My bad. I have given below the output of the mount command= on my machine.

% mount

/dev/xvda1 on / type auto (rw,noatime)

proc on /proc type proc (rw)

sysfs on /sys type sysfs (rw)

devpts on /dev/pts type devpts (rw,gid=3D5,m= ode=3D620)

tmpfs on /dev/shm type tmpfs (rw)

/dev/mapper/ephemeralVG-ephemeral on /local = type ext4 (rw)

none on /proc/sys/fs/binfmt_misc type binfmt= _misc (rw)

fusectl on /sys/fs/fuse/connections type fus= ectl (rw)

Also, I meant &q= uot;x2go_sessions" file. The x= 2golistsessions script is executable by all users and present under /usr/bi= n as you said.

% ls -lhrt /usr/bin/x2golist*

-rwxr-xr-x 1 root root 3.3K Apr 27=C2=A0 2015 /= usr/bin/x2golistsessions

-rwxr= -xr-x 1 root root 1.4K Apr 27=C2=A0 2015 /usr/bi= n/x2golistmounts

-rwxr-xr-x 1 root root 3.0K Apr 2= 7=C2=A0 2015 /usr/bin/x2golistdesktops


Regards,
Siva = Chidambaram Somu

On Sat, Aug 27, 2016 at 10:03 PM, Mihai Mold= ovan <ionic@ionic.de> wrote:
= On 27.08.2016 12:38 PM, Sivachidambaram Somu wrote:
> About the SUID, I have not disabled it myself. Let me check the OS def= aults
> again and give an update on that.

Looks like I haven't been explicit enough, sorry.

What's the output of "mount"?


> Also, I'm able to open them file 'x2golistsessions' in Vim= as root. As you have
> pointed out, the operation fails as a normal user.

Wait... do you *really* mean x2golistsessions, or rather the databas= e file
called x2go_sessions?

The script itself (x2golistsessions) should always be read- and executable = by
any user.


I've also been looking around if disabling SUID support directly in the= kernel
is possible, but haven't found anything related to this. Looks like the= only way
to achieve that is via a mount flag. If that's not the case, I'm ru= nning dry here.



Mihai


--94eb2c074b0a2ef3e8053b328fb3--