X2Go Bug report logs - #1234
acl-users-allow=ALL superceeds acl-users-deny

version graph

Package: x2gobroker; Maintainer for x2gobroker is X2Go Developers <x2go-dev@lists.x2go.org>; Source for x2gobroker is src:x2gobroker.

Reported by: Walid MOGHRABI <w.moghrabi@servicemagic.eu>

Date: Tue, 21 Nov 2017 17:30:02 UTC

Severity: normal

Tags: patch, pending

Fixed in version 0.0.4.0

Done: X2Go Release Manager X2Go Release Manager <git-admin@x2go.org>

Bug is archived. No further changes may be made.

Full log

🔗 View this message in rfc822 format

X-Loop: owner@bugs.x2go.org
Subject: Bug#1234: acl-users-allow=ALL superceeds acl-users-deny
Reply-To: Walid MOGHRABI <w.moghrabi@servicemagic.eu>, 1234@bugs.x2go.org
Resent-From: Walid MOGHRABI <w.moghrabi@servicemagic.eu>
Resent-To: x2go-dev@lists.x2go.org
Resent-CC: X2Go Developers <x2go-dev@lists.x2go.org>
X-Loop: owner@bugs.x2go.org
Resent-Date: Tue, 21 Nov 2017 17:30:02 +0000
Resent-Message-ID: <handler.1234.B.151128513816366@bugs.x2go.org>
Resent-Sender: owner@bugs.x2go.org
X-X2Go-PR-Message: report 1234
X-X2Go-PR-Package: x2gobroker
X-X2Go-PR-Keywords: patch
Received: via spool by submit@bugs.x2go.org id=B.151128513816366
          (code B); Tue, 21 Nov 2017 17:30:02 +0000
Received: (at submit) by bugs.x2go.org; 21 Nov 2017 17:25:38 +0000
X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on
	ymir.das-netzwerkteam.de
X-Spam-Level: 
X-Spam-Status: No, score=0.7 required=3.0 tests=BAYES_50,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,URIBL_BLOCKED autolearn=ham autolearn_force=no
	version=3.4.1
Received: from localhost (localhost [127.0.0.1])
	by ymir.das-netzwerkteam.de (Postfix) with ESMTP id 236335DACF
	for <submit@bugs.x2go.org>; Tue, 21 Nov 2017 18:25:37 +0100 (CET)
X-Virus-Scanned: Debian amavisd-new at ymir.das-netzwerkteam.de
Received: from ymir.das-netzwerkteam.de ([127.0.0.1])
	by localhost (ymir.das-netzwerkteam.de [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id RQPJDRIQegSA for <submit@bugs.x2go.org>;
	Tue, 21 Nov 2017 18:25:29 +0100 (CET)
Received: from zm-01.servicemagic.eu (zm-01.servicemagic.eu [176.31.236.17])
	by ymir.das-netzwerkteam.de (Postfix) with ESMTPS id B1E415DACB
	for <submit@bugs.x2go.org>; Tue, 21 Nov 2017 18:25:29 +0100 (CET)
Received: from localhost (localhost.localdomain [127.0.0.1])
	by zm-01.servicemagic.eu (Postfix) with ESMTP id D32F28182764A
	for <submit@bugs.x2go.org>; Tue, 21 Nov 2017 18:25:28 +0100 (CET)
DKIM-Filter: OpenDKIM Filter v2.11.0 zm-01.servicemagic.eu D32F28182764A
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=servicemagic.eu;
	s=frmailing; t=1511285128;
	bh=QKmLM2TdlaXzJ36gWvOiQ7c78G6AKzRhsAgK6lAmNwA=;
	h=Date:From:To:In-Reply-To:Subject:From;
	b=XQ4eNmHyyI0/sB9riyPH0L2XmGk51aKfpYh6AcrGLpqY6BLP57lllOJRwK7wQUR/0
	 mI3qD/1QyHL0pmvWSknzoQn7GZ/C/EIxcdicxOeKCFBhcDTBDDcHblU8/1+hr7BadN
	 XPJqaykTJ4Zv+aQYUdwNIlm07ygfxCBjIXebTR3Q=
X-Amavis-Modified: Mail body modified (using disclaimer) -
	zm-01.servicemagic.eu
X-Virus-Scanned: amavisd-new at servicemagic.eu
Received: from zm-01.servicemagic.eu ([127.0.0.1])
	by localhost (zm-01.servicemagic.eu [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id FzM3EMNZLojE for <submit@bugs.x2go.org>;
	Tue, 21 Nov 2017 18:25:23 +0100 (CET)
Received: from zm-01.servicemagic.eu (localhost.localdomain [127.0.0.1])
	by zm-01.servicemagic.eu (Postfix) with ESMTP id EE51781D547FB
	for <submit@bugs.x2go.org>; Tue, 21 Nov 2017 18:23:32 +0100 (CET)
Date: Tue, 21 Nov 2017 18:23:32 +0100 (CET)
From: Walid MOGHRABI <w.moghrabi@servicemagic.eu>
To: submit@bugs.x2go.org
Message-ID: <2074085984.30965501.1511285012453.JavaMail.root@servicemagic.eu>
In-Reply-To: <973808472.30963275.1511284532921.JavaMail.root@servicemagic.eu>
MIME-Version: 1.0
Content-Type: multipart/mixed; 
	boundary="----=_Part_30965499_1827115678.1511285012453"
X-Originating-IP: [10.33.100.47]
X-Mailer: Zimbra 7.2.0_GA_2669 (ZimbraWebClient - GC62 (Linux)/7.2.0_GA_2669)

[Message part 1 (text/plain, inline)]
package: x2gobroker
priority: normal
tags: patch

When using ACLs with the session broker, I wanted to give access to a session setting to ALL users EXCEPT some (namely "formation{1..9}").
I tried this but it didn't work :

=================================================
[TRAVAUX]
fullscreen=true
clipboard=none
name=TRAVAUX
host=tce-server (10.10.10.1)
acl-users-allow=ALL
acl-users-deny=formation1, formation2, formation3, formation4, formation5, formation6, formation7, formation8, formation9
acl-any-order=deny-allow
=================================================

I played with many settings, changing order, using only the "acl-users-deny" option, ... none of them worked as expected.

I ended in thinking that there was a bug with acl-users-allow=ALL which was taking over any other setting.

I did a little fix that seem to work, at least for this use case.

Regards,
Walid Moghrabi

TRAVAUX.COM
BAT I - PARC CEZANNE 2 290 AVENUE GALILEE - CS 80403
13591 AIX EN PROVENCE CEDEX 3

---
DISCLAIMER: This e-mail is private and confidential and may contain proprietary or legally privileged information. It is for the intended recipient only. If you have received this email in error, please notify the author by replying to it and then destroy it. If you are not the intended recipient you must not use, disclose, distribute, copy, print or rely on this e-mail or any attachment. Thank you
[x2gobroker_acl-users-allow.patch (text/x-patch, attachment)]

Send a report that this bug log contains spam.

X2Go Developers <owner@bugs.x2go.org>. Last modified: Tue Nov 4 10:01:25 2025; Machine Name: ymir.das-netzwerkteam.de

X2Go Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.