X2Go Bug report logs - #1145
x2godbadmin + postgres + non-existent home directory = wrong ownerships

Package: x2goserver; Maintainer for x2goserver is X2Go Developers <x2go-dev@lists.x2go.org>; Source for x2goserver is src:x2goserver.

Reported by: Stefan Baur <X2Go-ML-1@baur-itcs.de>

Date: Tue, 7 Feb 2017 13:15:02 UTC

Severity: normal

Full log


Message #5 received at submit@bugs.x2go.org (full text, mbox, reply):

Received: (at submit) by bugs.x2go.org; 7 Feb 2017 13:11:18 +0000
From X2Go-ML-1@baur-itcs.de  Tue Feb  7 14:11:17 2017
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on
	ymir.das-netzwerkteam.de
X-Spam-Level: 
X-Spam-Status: No, score=0.5 required=3.0 tests=BAYES_40,RCVD_IN_SORBS_SPAM
	autolearn=no version=3.3.2
Received: from localhost (localhost [127.0.0.1])
	by ymir.das-netzwerkteam.de (Postfix) with ESMTP id 4D23B5DA49
	for <submit@bugs.x2go.org>; Tue,  7 Feb 2017 14:11:17 +0100 (CET)
X-Virus-Scanned: Debian amavisd-new at ymir.das-netzwerkteam.de
Received: from ymir.das-netzwerkteam.de ([127.0.0.1])
	by localhost (ymir.das-netzwerkteam.de [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id iZeOc2NeCB2q for <submit@bugs.x2go.org>;
	Tue,  7 Feb 2017 14:11:10 +0100 (CET)
Received: from mout.kundenserver.de (mout.kundenserver.de [212.227.17.24])
	by ymir.das-netzwerkteam.de (Postfix) with ESMTPS id EB28F5DA2D
	for <submit@bugs.x2go.org>; Tue,  7 Feb 2017 14:11:09 +0100 (CET)
Received: from [192.168.0.23] ([78.43.90.159]) by mrelayeu.kundenserver.de
 (mreue104 [212.227.15.145]) with ESMTPSA (Nemesis) id
 0LbagN-1c8fTS0SHT-00lCL6 for <submit@bugs.x2go.org>; Tue, 07 Feb 2017
 14:11:09 +0100
From: Stefan Baur <X2Go-ML-1@baur-itcs.de>
To: submit@bugs.x2go.org
Subject: x2godbadmin + postgres + non-existent home directory = wrong
 ownerships
Message-ID: <8fbce1f7-5f1a-465b-615b-b2ccf6b87b51@baur-itcs.de>
Date: Tue, 7 Feb 2017 14:10:44 +0100
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101
 Thunderbird/45.7.0
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
 protocol="application/pgp-signature";
 boundary="SPC0gVL5keIis9lSnB9KngdroAoG5hkkA"
X-Provags-ID: V03:K0:FtZPxmnSp98oAcm42LVueVM3D0vGYRACPIhgrbhmaNd7GW/HtDZ
 lXa0+m/NqHLdc0qpGyjquS1IZZFoisQJ6NcRYpQ/HRG2fR49iVNlrKlRFOl/NrPWcw5C/bw
 wqqOfAXueaTeTtO+BP8iQeaFcuTtWHwO+dJi3gHIU6d1kOA7FSWHG4Jj0wH3VOZmUe37Q1G
 S5eXpxecs0g0i0AcqEyTw==
X-UI-Out-Filterresults: notjunk:1;V01:K0:JeIDDkOVbKo=:+ohNp0KG/W3meDWvfSYfBt
 HWOarbuyagQAFh2+vohrk1h/4Y8DQT1gHx09UuUy3T94kA9xgl1J98sZqQeC6hYLMZz6q6zRN
 MiGFuTh9IYOAr8uwJqYJyzA9ZOzpxQ24O/9lYfBI8tFgelCJYpSqRtRlVnv/OCUW4YtG0yeZa
 MkB1HS8EceNJxxYTNM8Z5PygNP2raHe7RQ+uB0g9rnfrUjp6XGgovBXnMPhO2+TPKRR1/MoxF
 Iw6f7+MAdCeHVrndZCWcJ/vmecKutq2+vXGjFjtIfCMN7F0stqHre6y5AbHvgJp9JciW2pL3b
 P8LbXX88xxiBA+hFnX6O4Ckfm39t/rWeRULdVoRIkZ91YzlowQCdGO/pF/iFBCtRp7gcDgeGn
 GiUpPERdjEzT5aSnlrcXKfUK6VvDnEcOUgLsQYdA8i0pAMId/BULyU/o3z1J0+mznpCD6nm9B
 Y+o/wYiPcQvMTDkc7SY1AGIiZAA2OtOzcQYR1ZLKSeELWHK6TodemF2+u6uBRDNi/cMTFfl4U
 5CqyFgNdpsrfeUg9teCCazZweqgPCGdxVS4BIqYPSq+19GT3YAQhplLMp85uyXuDMxFbjCOfV
 /3StAnwGmJJUNwrFygS9y8hg03HKeSDD9HFgdtjkJb3GUEsj1iGGXaMyun/kQUOe8y5IUINjp
 LymLpdDOoJn9Jv7rNUjbn0KbsTmwdUfn7y+xRAMxKSWpKd3h9L3EIZEl/E0fuM//vFas=
[Message part 1 (text/plain, inline)]
package: x2goserver

When x2godbadmin is used with a postgres database, and the user name
given doesn't yet have a home directory, it creates this home directory.
(see line 368 and following of /usr/sbin/x2godbadmin).

However, it fails to set the proper UID/GID ownerships for
/home/<username> - only the files below it have the proper ownership.

The proper way how to determine the correct UID for /home/<username> is
simple - use the UID that has been determined previously and that is
used as $uid within /usr/sbin/x2godbadmin.

The proper way how to determine the correct *GID* is more tricky, I
believe.  I can only speak for Debian here - this may be
distribution-specific:

You need to check if /etc/default/useradd contains a line
USERGROUPS_ENAB=yes
(which might also be "yes", or 'yes', or Yes, YES, ... you get the idea)

Check if that value is set to any variant of yes, or not set at all:
If yes: Check if the user already has a group named after them:
        If yes, use the GID of that group.
        If no, create a new group with a name matching the username,
        and assign the GID of that group.

If no (meaning the value is set to any variant of no, "no", 'no', No, etc.):
      Check if /etc/default/useradd contains a valid GID value for
      a variable named GROUP:
      If it does, assign that GID.
      If it doesn't, assign GID 100.

This pseudocode builds on the documentation found in "man useradd" on
Debian Jessie, after confirming the default value of USERGROUPS_ENAB is,
in fact, "unset".

Kind Regards,
Stefan Baur

-- 
BAUR-ITCS UG (haftungsbeschränkt)
Geschäftsführer: Stefan Baur
Eichenäckerweg 10, 89081 Ulm | Registergericht Ulm, HRB 724364
Fon/Fax 0731 40 34 66-36/-35 | USt-IdNr.: DE268653243

[signature.asc (application/pgp-signature, attachment)]

Send a report that this bug log contains spam.


X2Go Developers <owner@bugs.x2go.org>. Last modified: Thu Nov 21 16:29:02 2024; Machine Name: ymir.das-netzwerkteam.de

X2Go Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.