From unknown Thu Mar 28 12:41:46 2024 X-Loop: owner@bugs.x2go.org Subject: Bug#179: x2goclient in broker-mode does not allow logout Reply-To: Anders Bruun Olsen , 179@bugs.x2go.org Resent-From: Anders Bruun Olsen Resent-To: x2go-dev@lists.berlios.de Resent-CC: X2Go Developers X-Loop: owner@bugs.x2go.org Resent-Date: Fri, 19 Apr 2013 08:48:01 +0000 Resent-Message-ID: Resent-Sender: owner@bugs.x2go.org X-X2Go-PR-Message: report 179 X-X2Go-PR-Package: x2goclient X-X2Go-PR-Keywords: Received: via spool by submit@bugs.x2go.org id=B.136636050519435 (code B); Fri, 19 Apr 2013 08:48:01 +0000 Received: (at submit) by bugs.x2go.org; 19 Apr 2013 08:35:05 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=HTML_MESSAGE, RCVD_IN_DNSWL_NONE,T_DKIM_INVALID,URIBL_BLOCKED autolearn=ham version=3.3.2 Received: from eu1sys200aog123.obsmtp.com (eu1sys200aog123.obsmtp.com [207.126.144.155]) by ymir (Postfix) with SMTP id A12EF5DB05 for ; Fri, 19 Apr 2013 10:35:04 +0200 (CEST) Received: from mail-oa0-f72.google.com ([209.85.219.72]) (using TLSv1) by eu1sys200aob123.postini.com ([207.126.147.11]) with SMTP ID DSNKUXEBuK8DY79O570xNB+oGDZYKbPgGTGf@postini.com; Fri, 19 Apr 2013 08:35:04 UTC Received: by mail-oa0-f72.google.com with SMTP id i18so1284480oag.7 for ; Fri, 19 Apr 2013 01:35:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dsl.dk; s=google; h=x-received:mime-version:x-received:date:message-id:subject:from:to :content-type; bh=GWHOC8HEugtsoCQYelYXl5dg6k/24wKd3dTEBA+RVl0=; b=DGbGnuH1vJbnEXj+FAhC+Nuj3hpCxcBbmPFLRKs9XWClV9ZzemLXKqOfHH7g2iT7fD m+TsdO4Wc8SCSQffsXKF7RFFis5Je9/lse5gsuNcmm97DgKY7JhoDHptoqn66G7/yJc+ Ll+GWt5vjQSbT+NiGnOLO8iT8pbThhKEmEedc= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-received:mime-version:x-received:date:message-id:subject:from:to :content-type:x-gm-message-state; bh=GWHOC8HEugtsoCQYelYXl5dg6k/24wKd3dTEBA+RVl0=; b=hEAM493C+Xr5e+o/jgPc9BUiSrWSEmUs1fEuZMUBLfGfkbjCNxN2co2cKbDid+t1zh RM1uJk1WQq7TbI+BNwubRyoa/ixb+u+bhPSQGkyxKSAYWm3EHmnNZmuNVbfANcZzn8sl xeSwd2nQ8wKo7119yqrrw7xJyRPyNvx6HFoKlzxvEeCcin0BrWJkt2lsBBHSdDiEw64o wKqigYeJFmP//0I0QoFKiH2ivRIyNy2Vt0aog0zIGRBmuvosDMt40PTN1YzhdW14jmWx LAXpU/IezWjzS9Bqf6DFRMu0Ch/6/oAVZFBU5SnVEpCJUd48FqSJ0yNkCcaIMB42Kfg9 j6VQ== X-Received: by 10.182.106.102 with SMTP id gt6mr3154942obb.37.1366360503457; Fri, 19 Apr 2013 01:35:03 -0700 (PDT) MIME-Version: 1.0 X-Received: by 10.182.106.102 with SMTP id gt6mr3154931obb.37.1366360503160; Fri, 19 Apr 2013 01:35:03 -0700 (PDT) Received: by 10.182.87.200 with HTTP; Fri, 19 Apr 2013 01:35:03 -0700 (PDT) Date: Fri, 19 Apr 2013 10:35:03 +0200 Message-ID: From: Anders Bruun Olsen To: submit@bugs.x2go.org Content-Type: multipart/alternative; boundary=e89a8fb1fe346d272e04dab29874 X-Gm-Message-State: ALoCoQmdq1W8gFmlWvziOzqVwrn4YO2AM/XbewqB6lLaVIFgpRo42k/NbpErdJHB32HAvS6h/9txf8h4fu142w46uEO5p6gnTFWL+m/sWoenD2VVs5t8uwX8GflWjlgokjDy12Iel2NsL+Yr7xNyouwsO5xt4cE7SA== --e89a8fb1fe346d272e04dab29874 Content-Type: text/plain; charset=UTF-8 Package: x2goclient Version: 4.0.1.0 When you have logged in to a server in broker-mode, there is no way to de-authenticate from the broker, other than closing x2goclient. This is not a problem on a normal desktop machine, but on thinclients, it is not really possible to close x2goclient, other than rebooting/shutting down the machine. This means that users can't go to a thinclient, login and work, logout and walk away from the machine to allow a different user to use it, without rebooting the machine after having logged out. This is not acceptable behavior for a thinclient setup. I think logging out of an x2goserver should also trigger a deauthenticate from the broker, as this mimicks the way x2goclient works when not in broker-mode. -- Anders Bruun Olsen It-ansvarlig Det Danske Sprog- og Litteraturselskab (Society for Danish Language and Literature) --e89a8fb1fe346d272e04dab29874 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
Package: x2goclient
Version: 4.0.1.0

When you have logged in to a server in broker-mode, there is no way= to de-authenticate from the broker, other than closing x2goclient. This is= not a problem on a normal desktop machine, but on thinclients, it is not r= eally possible to close x2goclient, other than rebooting/shutting down the = machine. This means that users can't go to a thinclient, login and work= , logout and walk away from the machine to allow a different user to use it= , without rebooting the machine after having logged out. This is not accept= able behavior for a thinclient setup. I think logging out of an x2goserver = should also trigger a deauthenticate from the broker, as this mimicks the w= ay x2goclient works when not in broker-mode.

--
Anders Bruun Olsen
It-ansvarlig
Det Danske Spro= g- og Litteraturselskab
(Society for Danish Language and Literature)
--e89a8fb1fe346d272e04dab29874-- From unknown Thu Mar 28 12:41:46 2024 X-Loop: owner@bugs.x2go.org Subject: Bug#179: [X2Go-Dev] Bug#179: x2goclient in broker-mode does not allow logout Reply-To: Mike Gabriel , 179@bugs.x2go.org Resent-From: Mike Gabriel Resent-To: x2go-dev@lists.berlios.de Resent-CC: X2Go Developers X-Loop: owner@bugs.x2go.org Resent-Date: Fri, 19 Apr 2013 13:03:01 +0000 Resent-Message-ID: Resent-Sender: owner@bugs.x2go.org X-X2Go-PR-Message: followup 179 X-X2Go-PR-Package: x2goclient X-X2Go-PR-Keywords: Received: via spool by 179-submit@bugs.x2go.org id=B179.1366375882355 (code B ref 179); Fri, 19 Apr 2013 13:03:01 +0000 Received: (at 179) by bugs.x2go.org; 19 Apr 2013 12:51:22 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=URIBL_BLOCKED autolearn=ham version=3.3.2 Received: from freya.das-netzwerkteam.de (freya.das-netzwerkteam.de [88.198.48.199]) by ymir (Postfix) with ESMTPS id 6FE0F5DB05; Fri, 19 Apr 2013 14:51:22 +0200 (CEST) Received: from grimnir.das-netzwerkteam.de (grimnir.das-netzwerkteam.de [78.46.204.98]) by freya.das-netzwerkteam.de (Postfix) with ESMTPS id 4AD491325; Fri, 19 Apr 2013 14:51:22 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by grimnir.das-netzwerkteam.de (Postfix) with ESMTP id 422283BA0B; Fri, 19 Apr 2013 14:51:22 +0200 (CEST) X-Virus-Scanned: Debian amavisd-new at grimnir.das-netzwerkteam.de Received: from grimnir.das-netzwerkteam.de ([127.0.0.1]) by localhost (grimnir.das-netzwerkteam.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2j9nsbQGE3Px; Fri, 19 Apr 2013 14:51:22 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by grimnir.das-netzwerkteam.de (Postfix) with ESMTP id 231703BB8F; Fri, 19 Apr 2013 14:51:22 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by grimnir.das-netzwerkteam.de (Postfix) with ESMTP id F24773BA0B; Fri, 19 Apr 2013 14:51:21 +0200 (CEST) Received: by grimnir.das-netzwerkteam.de (Postfix, from userid 33) id 33C043BB8F; Fri, 19 Apr 2013 14:51:21 +0200 (CEST) Received: from 46.115.72.47 ([46.115.72.47]) by mail.das-netzwerkteam.de (Horde Framework) with HTTP; Fri, 19 Apr 2013 14:51:21 +0200 Message-ID: <20130419145121.23571ckii30rlfpl@mail.das-netzwerkteam.de> X-Priority: 3 (Normal) Date: Fri, 19 Apr 2013 14:51:21 +0200 From: Mike Gabriel To: Anders Bruun Olsen , 179@bugs.x2go.org Cc: control@bugs.x2go.org References: In-Reply-To: MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=_19upjpte1zux"; protocol="application/pgp-signature"; micalg="pgp-sha1" Content-Transfer-Encoding: 7bit User-Agent: Internet Messaging Program (IMP) H3 (4.3.4) This message is in MIME format and has been PGP signed. --=_19upjpte1zux Content-Type: text/plain; charset=UTF-8; DelSp="Yes"; format="flowed" Content-Disposition: inline Content-Transfer-Encoding: 7bit severity #179 grave tag #179 confirmed thanks Hi Anders, On Fr 19 Apr 2013 10:35:03 CEST Anders Bruun Olsen wrote: > Package: x2goclient > Version: 4.0.1.0 > > When you have logged in to a server in broker-mode, there is no way to > de-authenticate from the broker, other than closing x2goclient. This is not > a problem on a normal desktop machine, but on thinclients, it is not really > possible to close x2goclient, other than rebooting/shutting down the > machine. This means that users can't go to a thinclient, login and work, > logout and walk away from the machine to allow a different user to use it, > without rebooting the machine after having logged out. This is not > acceptable behavior for a thinclient setup. I think logging out of an > x2goserver should also trigger a deauthenticate from the broker, as this > mimicks the way x2goclient works when not in broker-mode. I consider this as a grave issue and see to getting it fixed ASAP. Greets, Mike -- DAS-NETZWERKTEAM mike gabriel, rothenstein 5, 24214 neudorf-bornstein fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb --=_19upjpte1zux Content-Type: application/pgp-signature Content-Description: Digitale PGP-Unterschrift Content-Disposition: inline Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAABAgAGBQJRcT3JAAoJEJr0azAldxsxB1AP/ieWqEnu7eyXa3eueG2apw72 H7UrxDOJqBJuFrPdoNE9zBm2JXJrPtRcq3BAE8KkclT+9FhuRidpLo+vn9cKhc4j COOeGmZurofvKO0CkxJqmOrE0d9CTvXKH84Z+OBUfZp6c0E/RCl28XK5HApy1k8U isZqMh46NPVHhPAjG58QI2Xi3AYy95NW7pr3p3oskTorm62MugNtFgzeE/ZIVHCU chnV2qvNSiT5LYRjAAvQzKNVAZ7YBnkNVLCGzcHUF4U+cef3edX/Rhr5vM/MX8b5 5mVYJYHha72s0dV1mdA33dyddm82CfIOAW46Avjh22O/cd7jUkImA+NFcs3jL4Rw ddwaJQQtxNUBaoMfTHZgZY125swaNKzLWi+CfMpWLNAlsEpqb9aXOulMtbceCdwj +AuhRIqjzAu1nCfpkHXjA17ezaASl+Eth8T9YLkIUgpEcCf7a/GsffnDoWSqBSFY 01ozzRlgLHpL5DdCiHwNfTpk/bcqQyaU18jxoQZC/4WvrUpSPAXFxqxAwwLlOCXa 1e4bMQD9+oNGR4J9/kUhhq1wDRw3f1/JcpS7RV/3yb+DBdEwC7Af+gKUtevNpybB HaV53l6rCIPdsMGL+E4W3os1jEEJ1Y5jlORz7pnHj0zIY7HXIzdYdJUkDw6IzZAx KktQ9NaSflrWvk/PbUKD =bdDr -----END PGP SIGNATURE----- --=_19upjpte1zux-- From unknown Thu Mar 28 12:41:46 2024 X-Loop: owner@bugs.x2go.org Subject: Bug#179: X2Go issue (in src:x2goclient) has been marked as pending for release Reply-To: Mike Gabriel , 179@bugs.x2go.org Resent-From: Mike Gabriel Resent-To: x2go-dev@lists.berlios.de Resent-CC: X2Go Developers X-Loop: owner@bugs.x2go.org Resent-Date: Wed, 12 Jun 2013 12:03:02 +0000 Resent-Message-ID: Resent-Sender: owner@bugs.x2go.org X-X2Go-PR-Message: followup 179 X-X2Go-PR-Package: x2goclient X-X2Go-PR-Keywords: confirmed Received: via spool by 179-submit@bugs.x2go.org id=B179.137103810124190 (code B ref 179); Wed, 12 Jun 2013 12:03:02 +0000 Received: (at 179) by bugs.x2go.org; 12 Jun 2013 11:55:01 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=NO_RELAYS,URIBL_BLOCKED autolearn=unavailable version=3.3.2 Received: by ymir (Postfix, from userid 1005) id BB3B35DB26; Wed, 12 Jun 2013 13:54:53 +0200 (CEST) From: Mike Gabriel To: 179-submitter@bugs.x2go.org Cc: control@bugs.x2go.org, 179@bugs.x2go.org Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit X-Mailer: http://snipr.com/post-receive-tag-pending Message-Id: <20130612115453.BB3B35DB26@ymir> Date: Wed, 12 Jun 2013 13:54:53 +0200 (CEST) tag #179 pending fixed #179 4.0.1.1 thanks Hello, X2Go issue #179 (src:x2goclient) reported by you has been fixed in X2Go Git. You can see the changelog below, and you can check the diff of the fix at: http://code.x2go.org/gitweb?p=x2goclient.git;a=commitdiff;h=e3b8739 The issue will most likely be fixed in src:x2goclient (4.0.1.1). light+love X2Go Git Admin (on behalf of the sender of this mail) --- commit e3b87397d75a7e246d29c4f94b1368e092f27207 Author: Mike Gabriel Date: Wed Jun 12 13:23:05 2013 +0200 Add cmdline option --broker-autologoff: Enforce re-authentication against X2Go Session Broker after a session has been suspended or terminated. (Fixes: #179). diff --git a/debian/changelog b/debian/changelog index 84daa74..c2dcc38 100644 --- a/debian/changelog +++ b/debian/changelog @@ -20,6 +20,9 @@ x2goclient (4.0.1.1-0~x2go1) UNRELEASED; urgency=low patch was applied. Segfault only occurred if the tray icon was not used. - Show session name in notification bubbles. - Update German translation. + - Add cmdline option --broker-autologoff: Enforce re-authentication against + X2Go Session Broker after a session has been suspended or terminated. + (Fixes: #179). [ Ezra Bühler ] * New upstream version (4.0.1.1): From unknown Thu Mar 28 12:41:46 2024 X-Loop: owner@bugs.x2go.org Subject: Bug#179: [X2Go-Dev] Bug#179: X2Go issue (in src:x2goclient) has been marked as pending for release Reply-To: Nable 80 , 179@bugs.x2go.org Resent-From: Nable 80 Resent-To: x2go-dev@lists.berlios.de Resent-CC: X2Go Developers X-Loop: owner@bugs.x2go.org Resent-Date: Wed, 12 Jun 2013 12:48:01 +0000 Resent-Message-ID: Resent-Sender: owner@bugs.x2go.org X-X2Go-PR-Message: followup 179 X-X2Go-PR-Package: x2goclient X-X2Go-PR-Keywords: confirmed pending Received: via spool by 179-submit@bugs.x2go.org id=B179.13710403873270 (code B ref 179); Wed, 12 Jun 2013 12:48:01 +0000 Received: (at 179) by bugs.x2go.org; 12 Jun 2013 12:33:07 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=-0.7 required=5.0 tests=FREEMAIL_FROM, RCVD_IN_DNSWL_LOW,T_DKIM_INVALID,URIBL_BLOCKED autolearn=ham version=3.3.2 Received: from mail-bk0-f46.google.com (mail-bk0-f46.google.com [209.85.214.46]) by ymir (Postfix) with ESMTPS id 742DA5DB15 for <179@bugs.x2go.org>; Wed, 12 Jun 2013 14:33:06 +0200 (CEST) Received: by mail-bk0-f46.google.com with SMTP id na10so4523643bkb.33 for <179@bugs.x2go.org>; Wed, 12 Jun 2013 05:33:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=Y5uyKtsYLYR/FP9qjh8iRymB2LNCBBasJMSVQgDUXOc=; b=tmm7Hmw3sC4mW62VXFhwLkeYyr6CqkZmNPW6qJosXCS1tZK91VhYJth56ggDhd1xvF /UqDjW+vQd9ClrePuqs/CVhWWPvMr4lRf18bSbAxFo7k3xUvVdXiQ9o4ZHZmQ3O4sQFS s+DXcNDizuRzj54AC21YevgLMnmR/NYRfaRW9N0vm6mbKt7hhIz4snb6fgYGzA6fEwzT mrMCsJ1kCWF5RlnSpeloyjQljUmPQtoDwpbEhMeZyfm/f+yfSq0O15lztkKl8rfJnYE4 PHYT7pTnXtUZSDIcA/bNsLhsoJ9yQ+D0cyLmfY0gXWBQLV4YEiggXTzta+SgQtHw/fGz G6zg== MIME-Version: 1.0 X-Received: by 10.204.191.132 with SMTP id dm4mr3086083bkb.66.1371040386096; Wed, 12 Jun 2013 05:33:06 -0700 (PDT) Received: by 10.204.230.197 with HTTP; Wed, 12 Jun 2013 05:33:06 -0700 (PDT) In-Reply-To: <20130612115453.BB3B35DB26@ymir> References: <20130612115453.BB3B35DB26@ymir> Date: Wed, 12 Jun 2013 16:33:06 +0400 Message-ID: From: Nable 80 To: Mike Gabriel , 179@bugs.x2go.org, x2go-dev@lists.berlios.de Content-Type: text/plain; charset=ISO-8859-1 Hi, Mike. What do you think about making this behaviour default? Because doing logoff by default seems to be a more secure way (and default settings should be secure) + it doesn't require you to close-and-reopen window if you want to de-authenticate from the broker (and switch to other sessions). I think it would be a good idea, especially if this session broker system is mainly aimed at setups with thin clients (less configuration changes for main use-case). From unknown Thu Mar 28 12:41:46 2024 X-Loop: owner@bugs.x2go.org Subject: Bug#179: [X2Go-Dev] Bug#179: X2Go issue (in src:x2goclient) has been marked as pending for release Reply-To: Anders Bruun Olsen , 179@bugs.x2go.org Resent-From: Anders Bruun Olsen Resent-To: x2go-dev@lists.berlios.de Resent-CC: X2Go Developers X-Loop: owner@bugs.x2go.org Resent-Date: Wed, 12 Jun 2013 13:03:02 +0000 Resent-Message-ID: Resent-Sender: owner@bugs.x2go.org X-X2Go-PR-Message: followup 179 X-X2Go-PR-Package: x2goclient X-X2Go-PR-Keywords: confirmed pending Received: via spool by 179-submit@bugs.x2go.org id=B179.137104217010192 (code B ref 179); Wed, 12 Jun 2013 13:03:02 +0000 Received: (at 179) by bugs.x2go.org; 12 Jun 2013 13:02:50 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=HTML_MESSAGE, RCVD_IN_DNSWL_BLOCKED,T_DKIM_INVALID,URIBL_BLOCKED autolearn=ham version=3.3.2 X-Greylist: delayed 447 seconds by postgrey-1.34 at ymir; Wed, 12 Jun 2013 15:02:49 CEST Received: from eu1sys200aog117.obsmtp.com (eu1sys200aog117.obsmtp.com [207.126.144.143]) by ymir (Postfix) with SMTP id 5CF545DB15 for <179@bugs.x2go.org>; Wed, 12 Jun 2013 15:02:49 +0200 (CEST) Received: from mail-ob0-f178.google.com ([209.85.214.178]) (using TLSv1) by eu1sys200aob117.postini.com ([207.126.147.11]) with SMTP ID DSNKUbhxedYh/xN0BnfcituSXlCSjyyQSYv0@postini.com; Wed, 12 Jun 2013 13:02:49 UTC Received: by mail-ob0-f178.google.com with SMTP id fb19so13333789obc.9 for <179@bugs.x2go.org>; Wed, 12 Jun 2013 06:02:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dsl.dk; s=google; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=Haiz47H0sEMYBev//8eVAJRqkgvkIO9u7/P0IogircY=; b=GlAioZyFEYr0BerVnhnhR5HP0MLd62QEpKBukLozi5w8urnDUMn9Woo70ErlAKAVNh 3qJSRFMnZ/kLGarkQ9rds7+x/++ZxMt3h+skhERTZIKLlbumCmHhhy35869vYZ8FX7AA ac2k1qKkNrDK6ArHT7giyHyiKzvDVe4uNegEU= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:x-gm-message-state; bh=Haiz47H0sEMYBev//8eVAJRqkgvkIO9u7/P0IogircY=; b=JJqrvXRJJ5/Ti49P090EuHZaTJug2W7g6djtMqTHUSMKiIi2KkZCPC97v3xMJI3n1f jE4dEsZa7PxdqubkHaEP5iRv5rjRLgby+tsCwBrauahPTAAI2NCcsxlDXe1KaJkaMZNd SS+SSoDPFyCdvobQBR2YUaVCSaSsTGaJXycMNyUnYuF3THpj4dVk4fg4fqk0qWPRpVbm JH1I5afJx54VFNqkMQdtPSFWagwGwGbIkTtpcZxKk+A+2igiWL8apqltiZXfLHf9e0nv K+LeBoUq++tq4wtEiMve+OTXySOfKTgb/ndks02iIgPI8t1eUQeXcKfCIJE881v98klm ChLA== X-Received: by 10.60.61.80 with SMTP id n16mr15140819oer.46.1371041720744; Wed, 12 Jun 2013 05:55:20 -0700 (PDT) MIME-Version: 1.0 X-Received: by 10.60.61.80 with SMTP id n16mr15140805oer.46.1371041720419; Wed, 12 Jun 2013 05:55:20 -0700 (PDT) Received: by 10.182.45.193 with HTTP; Wed, 12 Jun 2013 05:55:20 -0700 (PDT) In-Reply-To: References: <20130612115453.BB3B35DB26@ymir> Date: Wed, 12 Jun 2013 14:55:20 +0200 Message-ID: From: Anders Bruun Olsen To: 179@bugs.x2go.org Content-Type: multipart/alternative; boundary=001a11331014b825e404def48636 X-Gm-Message-State: ALoCoQlw9oDKHnNKKsOlGn12gmR2Qz0b1xZGc0KKfBicBwQEXn9Q/TTOtZapLclSwzrqiIqh2HqLxz+5YTyCBf0NfppVrL0xxjfRndTOX+oVbW7L3NvC54zAjm0my1nmJjDY3Y4JsWBNXCh5m1mE8+CvS3Lrhen3Eg== --001a11331014b825e404def48636 Content-Type: text/plain; charset=UTF-8 I personally think that it would be better to de-auth from the broker by default, and then have a commandline option that tells x2goclient to stay authenticated to the broker, when the connection to a server ends. 2013/6/12 Nable 80 > Hi, Mike. > > What do you think about making this behaviour default? > Because doing logoff by default seems to be a more secure way (and > default settings should be secure) + it doesn't require you to > close-and-reopen window if you want to de-authenticate from the broker > (and switch to other sessions). > I think it would be a good idea, especially if this session broker > system is mainly aimed at setups with thin clients (less configuration > changes for main use-case). > _______________________________________________ > X2Go-Dev mailing list > X2Go-Dev@lists.berlios.de > https://lists.berlios.de/mailman/listinfo/x2go-dev > -- Anders Bruun Olsen It-ansvarlig Det Danske Sprog- og Litteraturselskab (Society for Danish Language and Literature) --001a11331014b825e404def48636 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
I personally think that it would be better to de-auth from= the broker by default, and then have a commandline option that tells x2goc= lient to stay authenticated to the broker, when the connection to a server = ends.


2013/6/12 Nab= le 80 <nable.maininbox@googlemail.com>
Hi, Mike.

What do you think about making this behaviour default?
Because doing logoff by default seems to be a more secure way (and
default settings should be secure) + it doesn't require you to
close-and-reopen window if you want to de-authenticate from the broker
(and switch to other sessions).
I think it would be a good idea, especially if this session broker
system is mainly aimed at setups with thin clients (less configuration
changes for main use-case).
_______________________________________________
X2Go-Dev mailing list
X2Go-Dev@lists.berlios.de<= br> https://lists.berlios.de/mailman/listinfo/x2go-dev



--
Anders Bruun= Olsen
It-ansvarlig
Det Danske Sprog- og Litteraturselskab
(Societ= y for Danish Language and Literature)
--001a11331014b825e404def48636-- From unknown Thu Mar 28 12:41:46 2024 X-Loop: owner@bugs.x2go.org Subject: Bug#179: X2Go issue (in src:x2goclient) has been marked as closed Reply-To: Mike Gabriel , 179@bugs.x2go.org Resent-From: Mike Gabriel Resent-To: x2go-dev@lists.berlios.de Resent-CC: X2Go Developers X-Loop: owner@bugs.x2go.org Resent-Date: Wed, 11 Sep 2013 10:18:05 +0000 Resent-Message-ID: Resent-Sender: owner@bugs.x2go.org X-X2Go-PR-Message: followup 179 X-X2Go-PR-Package: x2goclient X-X2Go-PR-Keywords: confirmed pending Received: via spool by 179-submit@bugs.x2go.org id=B179.137889407717567 (code B ref 179); Wed, 11 Sep 2013 10:18:05 +0000 Received: (at 179) by bugs.x2go.org; 11 Sep 2013 10:07:57 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,NO_RELAYS, URIBL_BLOCKED autolearn=unavailable version=3.3.2 Received: by ymir (Postfix, from userid 1005) id 9370C5DB37; Wed, 11 Sep 2013 12:07:08 +0200 (CEST) From: Mike Gabriel To: 179-submitter@bugs.x2go.org Cc: control@bugs.x2go.org, 179@bugs.x2go.org Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit Message-Id: <20130911100708.9370C5DB37@ymir> Date: Wed, 11 Sep 2013 12:07:08 +0200 (CEST) close #179 thanks Hello, we are very hopeful that X2Go issue #179 reported by you has been resolved in the new release (4.0.1.1) of the X2Go source project »src:x2goclient«. You can view the complete changelog entry of src:x2goclient (4.0.1.1) below, and you can use the following link to view all the code changes between this and the last release of src:x2goclient. http://code.x2go.org/gitweb?p=x2goclient.git;a=commitdiff;h=dad4fcc24868504be24ccc9a3ab0fcac41859080;hp=1b4260f86a6fda01c5263fa3d27504677a3cdfac If you feel that the issue has not been resolved satisfyingly, feel free to reopen this bug report or submit a follow-up report with further observations described based on the new released version of src:x2goclient. Thanks a lot for contributing to X2Go!!! light+love X2Go Git Admin (on behalf of the sender of this mail) --- X2Go Component: src:x2goclient Version: 4.0.1.1 Status: RELEASE Date: Wed, 11 Sep 2013 12:06:02 +0200 Fixes: 141 142 151 164 165 177 179 183 214 222 226 243 255 Changes: x2goclient (4.0.1.1) RELEASED; urgency=low . [ Nicolai Hansen ] * New upstream version (4.0.1.1): - Update Danish translation file. . [ Terje Andersen ] * New upstream version (4.0.1.1): - Update Norwegian Bokmaal translation file. . [ Oleksandr Shneyder ] * New upstream version (4.0.1.1): - Use "127.0.0.1" instead of localhost to avoid wrong IPv6 hostname resolution. (Fixes: #151). - Wait for x2gocmdexitmessage to return before closing in hidden mode. - Support for published applications in X2Go Plugin - Support for "shadow" mode in X2Go Plugin . [ Mike Gabriel ] * New upstream version (4.0.1.1): - If a priv SSH key has been specified, skip the autologin procedure. Let's consider a given SSH private key that fails to log the user in as an overall login failure. (Fixes: #141). - Avoid multiple selectUserSession requests when in broker mode. - Properly set the remote server address received via selectUserSession method when in broker mode. (Fixes: #226). - Fix segmentation fault that started occurring since the custom trayIcon patch was applied. Segfault only occurred if the tray icon was not used. - Show session name in notification bubbles. - Update German translation. - Add cmdline option --broker-autologoff: Enforce re-authentication against X2Go Session Broker after a session has been suspended or terminated. (Fixes: #179). - Enable full access desktop sharing across user accounts. (Fixes: #222). - Make X2Go Client aware of the MATE desktop environment. - Make X2Go Client work in SSH broker mode without the need of a auth-id file. . [ Heinrich Schuchardt ] * New upstream version (4.0.1.1): - Call ssh_clean_pubkey_hash() for deallocating public key hashes instead of just calling free(). Required under MS Windows as documented in libssh2 API. (Fixes: #243). (For further details see: http://api.libssh.org/master/group__libssh__session.html). * Provide bin:package with debug symbols for X2Go Client. (Fixes: #255). . [ Ezra Bühler ] * New upstream version (4.0.1.1): - Fix auto-resume when session type is »Single Application«. (Fixes: #183). . [ Ricardo Díaz Martín ] * New upstream version (4.0.1.1): - Fix detection of maximum screen area available for a session. (Fixes: #165). - Use the session icon as tray icon, pop up notification bubble that informs about current session actions. (Fixes: #177). - Allow for setting maximum available desktop size as window size via the session profile card. Unfortunately, this feature is for now only available on Linux. (Fixes: #214). . [ Otto Kjell ] * New upstream version (4.0.1.1): - Enable debug mode through cmd line parameter. (Fixes: #142). - Standardize output to stdout+stderr and make it parseable. . [ Orion Poplawski ] * New upstream version (4.0.1.1): - Instead of using a hard-code DPI of 96, use local DPI settings for new sessions if not explicitly set in session profile (Fixes: #164). . [ Daniel Lindgren ] * New upstream version (4.0.1.1): - Update Swedish translation file. . [ Ricardo Díaz Martín ] * New upstream version (4.0.1.1): - Update Spanish translation file. From unknown Thu Mar 28 12:41:46 2024 MIME-Version: 1.0 X-Mailer: MIME-tools 5.502 (Entity 5.502) X-Loop: owner@bugs.x2go.org From: owner@bugs.x2go.org (X2Go Bug Tracking System) Subject: Bug#179 closed by Mike Gabriel (X2Go issue (in src:x2goclient) has been marked as closed) Message-ID: References: <20130911100708.9370C5DB37@ymir> X-X2go-PR-Keywords: confirmed pending X-X2go-PR-Message: they-closed 179 X-X2go-PR-Package: x2goclient X-X2go-PR-Source: x2goclient Date: Wed, 11 Sep 2013 10:18:11 +0000 Content-Type: multipart/mixed; boundary="----------=_1378894691-25020-0" This is a multi-part message in MIME format... ------------=_1378894691-25020-0 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 This is an automatic notification regarding your Bug report which was filed against the x2goclient package: #179: x2goclient in broker-mode does not allow logout It has been closed by Mike Gabriel . Their explanation is attached below along with your original report. If this explanation is unsatisfactory and you have not received a better one in a separate message then please contact Mike Gabriel by replying to this email. --=20 X2Go Bug Tracking System Contact owner@bugs.x2go.org with problems ------------=_1378894691-25020-0 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at control) by bugs.x2go.org; 11 Sep 2013 10:07:33 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,NO_RELAYS, URIBL_BLOCKED autolearn=ham version=3.3.2 Received: by ymir (Postfix, from userid 1005) id 9370C5DB37; Wed, 11 Sep 2013 12:07:08 +0200 (CEST) From: Mike Gabriel To: 179-submitter@bugs.x2go.org Cc: control@bugs.x2go.org, 179@bugs.x2go.org Subject: X2Go issue (in src:x2goclient) has been marked as closed Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit Message-Id: <20130911100708.9370C5DB37@ymir> Date: Wed, 11 Sep 2013 12:07:08 +0200 (CEST) close #179 thanks Hello, we are very hopeful that X2Go issue #179 reported by you has been resolved in the new release (4.0.1.1) of the X2Go source project »src:x2goclient«. You can view the complete changelog entry of src:x2goclient (4.0.1.1) below, and you can use the following link to view all the code changes between this and the last release of src:x2goclient. http://code.x2go.org/gitweb?p=x2goclient.git;a=commitdiff;h=dad4fcc24868504be24ccc9a3ab0fcac41859080;hp=1b4260f86a6fda01c5263fa3d27504677a3cdfac If you feel that the issue has not been resolved satisfyingly, feel free to reopen this bug report or submit a follow-up report with further observations described based on the new released version of src:x2goclient. Thanks a lot for contributing to X2Go!!! light+love X2Go Git Admin (on behalf of the sender of this mail) --- X2Go Component: src:x2goclient Version: 4.0.1.1 Status: RELEASE Date: Wed, 11 Sep 2013 12:06:02 +0200 Fixes: 141 142 151 164 165 177 179 183 214 222 226 243 255 Changes: x2goclient (4.0.1.1) RELEASED; urgency=low . [ Nicolai Hansen ] * New upstream version (4.0.1.1): - Update Danish translation file. . [ Terje Andersen ] * New upstream version (4.0.1.1): - Update Norwegian Bokmaal translation file. . [ Oleksandr Shneyder ] * New upstream version (4.0.1.1): - Use "127.0.0.1" instead of localhost to avoid wrong IPv6 hostname resolution. (Fixes: #151). - Wait for x2gocmdexitmessage to return before closing in hidden mode. - Support for published applications in X2Go Plugin - Support for "shadow" mode in X2Go Plugin . [ Mike Gabriel ] * New upstream version (4.0.1.1): - If a priv SSH key has been specified, skip the autologin procedure. Let's consider a given SSH private key that fails to log the user in as an overall login failure. (Fixes: #141). - Avoid multiple selectUserSession requests when in broker mode. - Properly set the remote server address received via selectUserSession method when in broker mode. (Fixes: #226). - Fix segmentation fault that started occurring since the custom trayIcon patch was applied. Segfault only occurred if the tray icon was not used. - Show session name in notification bubbles. - Update German translation. - Add cmdline option --broker-autologoff: Enforce re-authentication against X2Go Session Broker after a session has been suspended or terminated. (Fixes: #179). - Enable full access desktop sharing across user accounts. (Fixes: #222). - Make X2Go Client aware of the MATE desktop environment. - Make X2Go Client work in SSH broker mode without the need of a auth-id file. . [ Heinrich Schuchardt ] * New upstream version (4.0.1.1): - Call ssh_clean_pubkey_hash() for deallocating public key hashes instead of just calling free(). Required under MS Windows as documented in libssh2 API. (Fixes: #243). (For further details see: http://api.libssh.org/master/group__libssh__session.html). * Provide bin:package with debug symbols for X2Go Client. (Fixes: #255). . [ Ezra Bühler ] * New upstream version (4.0.1.1): - Fix auto-resume when session type is »Single Application«. (Fixes: #183). . [ Ricardo Díaz Martín ] * New upstream version (4.0.1.1): - Fix detection of maximum screen area available for a session. (Fixes: #165). - Use the session icon as tray icon, pop up notification bubble that informs about current session actions. (Fixes: #177). - Allow for setting maximum available desktop size as window size via the session profile card. Unfortunately, this feature is for now only available on Linux. (Fixes: #214). . [ Otto Kjell ] * New upstream version (4.0.1.1): - Enable debug mode through cmd line parameter. (Fixes: #142). - Standardize output to stdout+stderr and make it parseable. . [ Orion Poplawski ] * New upstream version (4.0.1.1): - Instead of using a hard-code DPI of 96, use local DPI settings for new sessions if not explicitly set in session profile (Fixes: #164). . [ Daniel Lindgren ] * New upstream version (4.0.1.1): - Update Swedish translation file. . [ Ricardo Díaz Martín ] * New upstream version (4.0.1.1): - Update Spanish translation file. ------------=_1378894691-25020-0 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at submit) by bugs.x2go.org; 19 Apr 2013 08:35:05 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=HTML_MESSAGE, RCVD_IN_DNSWL_NONE,T_DKIM_INVALID,URIBL_BLOCKED autolearn=ham version=3.3.2 Received: from eu1sys200aog123.obsmtp.com (eu1sys200aog123.obsmtp.com [207.126.144.155]) by ymir (Postfix) with SMTP id A12EF5DB05 for ; Fri, 19 Apr 2013 10:35:04 +0200 (CEST) Received: from mail-oa0-f72.google.com ([209.85.219.72]) (using TLSv1) by eu1sys200aob123.postini.com ([207.126.147.11]) with SMTP ID DSNKUXEBuK8DY79O570xNB+oGDZYKbPgGTGf@postini.com; Fri, 19 Apr 2013 08:35:04 UTC Received: by mail-oa0-f72.google.com with SMTP id i18so1284480oag.7 for ; Fri, 19 Apr 2013 01:35:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dsl.dk; s=google; h=x-received:mime-version:x-received:date:message-id:subject:from:to :content-type; bh=GWHOC8HEugtsoCQYelYXl5dg6k/24wKd3dTEBA+RVl0=; b=DGbGnuH1vJbnEXj+FAhC+Nuj3hpCxcBbmPFLRKs9XWClV9ZzemLXKqOfHH7g2iT7fD m+TsdO4Wc8SCSQffsXKF7RFFis5Je9/lse5gsuNcmm97DgKY7JhoDHptoqn66G7/yJc+ Ll+GWt5vjQSbT+NiGnOLO8iT8pbThhKEmEedc= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-received:mime-version:x-received:date:message-id:subject:from:to :content-type:x-gm-message-state; bh=GWHOC8HEugtsoCQYelYXl5dg6k/24wKd3dTEBA+RVl0=; b=hEAM493C+Xr5e+o/jgPc9BUiSrWSEmUs1fEuZMUBLfGfkbjCNxN2co2cKbDid+t1zh RM1uJk1WQq7TbI+BNwubRyoa/ixb+u+bhPSQGkyxKSAYWm3EHmnNZmuNVbfANcZzn8sl xeSwd2nQ8wKo7119yqrrw7xJyRPyNvx6HFoKlzxvEeCcin0BrWJkt2lsBBHSdDiEw64o wKqigYeJFmP//0I0QoFKiH2ivRIyNy2Vt0aog0zIGRBmuvosDMt40PTN1YzhdW14jmWx LAXpU/IezWjzS9Bqf6DFRMu0Ch/6/oAVZFBU5SnVEpCJUd48FqSJ0yNkCcaIMB42Kfg9 j6VQ== X-Received: by 10.182.106.102 with SMTP id gt6mr3154942obb.37.1366360503457; Fri, 19 Apr 2013 01:35:03 -0700 (PDT) MIME-Version: 1.0 X-Received: by 10.182.106.102 with SMTP id gt6mr3154931obb.37.1366360503160; Fri, 19 Apr 2013 01:35:03 -0700 (PDT) Received: by 10.182.87.200 with HTTP; Fri, 19 Apr 2013 01:35:03 -0700 (PDT) Date: Fri, 19 Apr 2013 10:35:03 +0200 Message-ID: Subject: x2goclient in broker-mode does not allow logout From: Anders Bruun Olsen To: submit@bugs.x2go.org Content-Type: multipart/alternative; boundary=e89a8fb1fe346d272e04dab29874 X-Gm-Message-State: ALoCoQmdq1W8gFmlWvziOzqVwrn4YO2AM/XbewqB6lLaVIFgpRo42k/NbpErdJHB32HAvS6h/9txf8h4fu142w46uEO5p6gnTFWL+m/sWoenD2VVs5t8uwX8GflWjlgokjDy12Iel2NsL+Yr7xNyouwsO5xt4cE7SA== --e89a8fb1fe346d272e04dab29874 Content-Type: text/plain; charset=UTF-8 Package: x2goclient Version: 4.0.1.0 When you have logged in to a server in broker-mode, there is no way to de-authenticate from the broker, other than closing x2goclient. This is not a problem on a normal desktop machine, but on thinclients, it is not really possible to close x2goclient, other than rebooting/shutting down the machine. This means that users can't go to a thinclient, login and work, logout and walk away from the machine to allow a different user to use it, without rebooting the machine after having logged out. This is not acceptable behavior for a thinclient setup. I think logging out of an x2goserver should also trigger a deauthenticate from the broker, as this mimicks the way x2goclient works when not in broker-mode. -- Anders Bruun Olsen It-ansvarlig Det Danske Sprog- og Litteraturselskab (Society for Danish Language and Literature) --e89a8fb1fe346d272e04dab29874 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
Package: x2goclient
Version: 4.0.1.0

When you have logged in to a server in broker-mode, there is no way= to de-authenticate from the broker, other than closing x2goclient. This is= not a problem on a normal desktop machine, but on thinclients, it is not r= eally possible to close x2goclient, other than rebooting/shutting down the = machine. This means that users can't go to a thinclient, login and work= , logout and walk away from the machine to allow a different user to use it= , without rebooting the machine after having logged out. This is not accept= able behavior for a thinclient setup. I think logging out of an x2goserver = should also trigger a deauthenticate from the broker, as this mimicks the w= ay x2goclient works when not in broker-mode.

--
Anders Bruun Olsen
It-ansvarlig
Det Danske Spro= g- og Litteraturselskab
(Society for Danish Language and Literature)
--e89a8fb1fe346d272e04dab29874-- ------------=_1378894691-25020-0--