From michael.kromer@netitwork.net Tue May 7 22:21:48 2013 Received: (at 200) by bugs.x2go.org; 7 May 2013 20:21:49 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=MIME_QP_LONG_LINE, URIBL_BLOCKED autolearn=ham version=3.3.2 X-Greylist: delayed 422 seconds by postgrey-1.34 at ymir; Tue, 07 May 2013 22:21:48 CEST Received: from mozart.netitwork.net (mozart.netitwork.de [176.9.23.210]) by ymir (Postfix) with ESMTP id 91ADC5DB18 for <200@bugs.x2go.org>; Tue, 7 May 2013 22:21:48 +0200 (CEST) Received: from mozart.netitwork.net (localhost [127.0.0.1]) by mozart.netitwork.net (Postfix) with ESMTP id 00C221400E0; Tue, 7 May 2013 22:14:46 +0200 (CEST) Received: from mozart.netitwork.net (localhost [127.0.0.1]) by mozart (esets_smtp); Tue, 07 May 2013 22:14:46 +0200 X-Virus-Scanner: This message was checked by ESET Mail Security for Linux/BSD. For more information on ESET Mail Security, please, visit our website: http://www.eset.com/. Received: from mozart.netitwork.de (localhost [127.0.0.1]) by mozart.netitwork.net (Postfix) with ESMTP id E51EE1400CC; Tue, 7 May 2013 22:14:45 +0200 (CEST) Subject: AW: [X2Go-Dev] Bug#200: Bug#200: When user-directories do not exist, saving sqlpass with x2godbadmin is not possible From: =?utf-8?Q?Michael_Kromer?= To: =?utf-8?Q?Nable_80?= , =?utf-8?Q?200=40bugs=2Ex2go=2Eorg?= <200@bugs.x2go.org>, =?utf-8?Q?x2go-dev=40lists=2Eberlios=2Ede?= Date: Tue, 7 May 2013 22:14:45 +0200 Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable In-Reply-To: References: X-Priority: 3 (Normal) X-Mailer: Zarafa 7.1.0-36420 Message-Id: X-ESET-AntiSpam: OK;2;calc;2013-05-07 22:14:46;1305072214469162;79A8 Hi Nable, > > system("mkdir -p $dir/.x2go"); > Are you sure that nothing will break if `$dir' contains space or some > other special^W sensitive characters=3F Of course, i understand that > using such characters in homedir path is a really bad idea but.. i > think apps must be secure by design. Well, I don't mind fixing this to be safe with special chars ... ;) I however really doubt administrators to set homedirs to something with spaces or special chars. =20 > And second thing: > > and is deeper than /home/$USER > I think that this comment is wrong. As I understand, it doesn't matter > how deep dir, what matters is whether user's homedir exits or not. And > if I've understood correctly (manual page for x2godbadmin is too > short, although comments in the program are rather good) x2godbadmin > doesn't create users, it only manages DB and creates ~/.x2go/ part if > it's missing. Yes, true. It doesn't matter how deep it needs to be, however its a rather common case wanting to provide access to someone which does not have its homedir created yet. > So, if user is present in system (getpwnam returns info about existing > users) but his homedir is missing I think that it's better to issue > some warning instead of silent homedir creation (at least because this > homedir won't contain files from /etc/skel, especially ~/.profile and > ~/.bashrc). Well, I disagree. You would simply still not be able to login. I think either error or success is the way to go - I rather decided to use success for the sake of creating an empty home. At some point you are right, as you would automatically disable pam_mkhomedir as it would not complain a missing homedir - The practial downside is the missing skeleton copy at creation time. Ideas=3F - mike > _______________________________________________ > X2Go-Dev mailing list > X2Go-Dev@lists.berlios.de > https://lists.berlios.de/mailman/listinfo/x2go-dev >=20 >=20 >=20