X2Go Bug report logs - #504
nxagent fails to come up on servers using

version graph

Package: nxagent; Maintainer for nxagent is X2Go Developers <x2go-dev@lists.x2go.org>; Source for nxagent is src:nx-libs.

Reported by: Orion Poplawski <orion@cora.nwra.com>

Date: Tue, 27 May 2014 19:45:01 UTC

Severity: normal

Tags: pending

Fixed in version 2:3.5.0.25

Done: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>

Bug is archived. No further changes may be made.

Full log

🔗 View this message in rfc822 format

X-Loop: owner@bugs.x2go.org
Subject: Bug#504: Fwd: [Bug 1100985] New: x2go clients fail to connect to servers using polyinstantiated /tmp directories
Reply-To: Orion Poplawski <orion@cora.nwra.com>, 504@bugs.x2go.org
Resent-From: Orion Poplawski <orion@cora.nwra.com>
Resent-To: x2go-dev@lists.x2go.org
Resent-CC: X2Go Developers <x2go-dev@lists.x2go.org>
X-Loop: owner@bugs.x2go.org
Resent-Date: Tue, 27 May 2014 19:45:01 +0000
Resent-Message-ID: <handler.504.B.140121961221357@bugs.x2go.org>
Resent-Sender: owner@bugs.x2go.org
X-X2Go-PR-Message: report 504
X-X2Go-PR-Package: x2goserver
X-X2Go-PR-Keywords: 
Received: via spool by submit@bugs.x2go.org id=B.140121961221357
          (code B); Tue, 27 May 2014 19:45:01 +0000
Received: (at submit) by bugs.x2go.org; 27 May 2014 19:40:12 +0000
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on
	ymir.das-netzwerkteam.de
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,T_DKIM_INVALID,
	URIBL_BLOCKED autolearn=ham version=3.3.2
Received: from mail.cora.nwra.com (mercury.cora.nwra.com [4.28.99.165])
	by ymir.das-netzwerkteam.de (Postfix) with ESMTPS id 6379A3D166
	for <submit@bugs.x2go.org>; Tue, 27 May 2014 21:40:11 +0200 (CEST)
Received: from [10.10.20.7] (barry.cora.nwra.com [10.10.20.7])
	(authenticated bits=0)
	by mail.cora.nwra.com (8.14.4/8.14.4) with ESMTP id s4RJe8tV016161
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO)
	for <submit@bugs.x2go.org>; Tue, 27 May 2014 13:40:09 -0600
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=cora.nwra.com;
	s=default; t=1401219609;
	bh=y7n87pJwsLL3dflDABq8BG7Wrn5IFP4DrHw519ZsJAk=;
	h=Message-ID:Date:From:MIME-Version:To:Subject:References:
	 In-Reply-To:Content-Type:Content-Transfer-Encoding;
	b=HEqQOE3B1WqGggT44iEpmcKZDjDOBlQkGyYnthj6lsF1kbi92mV/EMiNOuw8mNL8s
	 9gpTEGteoJUtWn2v/HZn9u4qEkIlqP50bhFeCea+PqwombUhBtUt8MM3B6xUcaQ+1A
	 LfLUxH/voHtC6QzTEPsh+jefFgRjgDTJ4W9UgIXw=
Message-ID: <5384EA18.7010203@cora.nwra.com>
Date: Tue, 27 May 2014 13:40:08 -0600
From: Orion Poplawski <orion@cora.nwra.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.5.0
MIME-Version: 1.0
To: submit@bugs.x2go.org
References: <bug-1100985-140047@bugzilla.redhat.com>
In-Reply-To: <bug-1100985-140047@bugzilla.redhat.com>
X-Forwarded-Message-Id: <bug-1100985-140047@bugzilla.redhat.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit

Package: x2goserver


-------- Original Message --------
Subject: [Bug 1100985] New: x2go clients fail to connect to servers using 
polyinstantiated /tmp directories
Date: Sun, 25 May 2014 00:13:13 +0000
From: bugzilla@redhat.com
To: orion@cora.nwra.com

https://bugzilla.redhat.com/show_bug.cgi?id=1100985

            Bug ID: 1100985
           Summary: x2go clients fail to connect to servers using
                    polyinstantiated /tmp directories
           Product: Fedora EPEL
           Version: el6
         Component: x2goserver
          Assignee: orion@cora.nwra.com
          Reporter: rgm+rh@gnu.org
        QA Contact: extras-qa@fedoraproject.org
                CC: orion@cora.nwra.com



Hi,


Description of problem:

If the RHEL6 host that acts as the server for x2go has enabled polyinstantiated
/tmp directories as per

https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Security-Enhanced_Linux/polyinstantiated-directories.html

then x2go clients cannot connect. They fail with

  The remote proxy closed the connection while negotiating
  the session. This may be due to the wrong authentication
  credentials passed to the server.

It seems that x2go needs the directory /tmp/.X11-unix/ to exist, be owned
by root, and be mode 1777.


Version-Release number of selected component (if applicable):

x2goserver-4.0.1.13-4.el6.x86_64
RHEL 6.5


How reproducible:

100%.


Steps to Reproduce:
1. Uncomment the line in /etc/security/namespace.conf that reads:
#/tmp     /tmp-inst/           level      root,adm

2. Try to log in to that host via x2goclient.


Actual results:

x2go fails.


Expected results:

x2go works.


Additional info:

A workaround is to add something like the following to the end of
/etc/security/namespace.init:

if [ "$1" = "/tmp" ]; then
    XSOCKDIR=/tmp/.X11-unix
    if [ ! -d $XSOCKDIR ]; then
        mkdir $XSOCKDIR
        chmod 1777 $XSOCKDIR
    fi
fi

It would be great if x2go could fix this itself though.
Ideally it would either not need /tmp/.X11-unix, or be able to create it itself
when needed.


Thanks.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are the assignee for the bug.

Send a report that this bug log contains spam.

X2Go Developers <owner@bugs.x2go.org>. Last modified: Thu Nov 21 15:24:57 2024; Machine Name: ymir.das-netzwerkteam.de

X2Go Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.