From alavaliant@ra09.com Tue Feb 10 06:51:02 2015 Received: (at submit) by bugs.x2go.org; 10 Feb 2015 05:51:06 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=0.8 required=5.0 tests=BAYES_50,URIBL_BLOCKED autolearn=ham version=3.3.2 X-Greylist: delayed 2224 seconds by postgrey-1.34 at ymir.das-netzwerkteam.de; Tue, 10 Feb 2015 06:51:01 CET Received: from thetower.ra09.com (ra09.com [202.124.104.240]) by ymir.das-netzwerkteam.de (Postfix) with ESMTPS id DD7953BE64 for ; Tue, 10 Feb 2015 06:51:01 +0100 (CET) Received: from localhost ([127.0.0.1] helo=private.ra09.com) by thetower.ra09.com with esmtp (Exim 4.80) (envelope-from ) id 1YL38y-0003o3-Tc for submit@bugs.x2go.org; Tue, 10 Feb 2015 18:13:53 +1300 MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="=_773b835ab8d0c5d10826fa71d4305850" Date: Tue, 10 Feb 2015 18:13:52 +1300 From: Jason Alavaliant To: submit@bugs.x2go.org Subject: x2gobroker-agent.pl commands break if user shell environment has login settings it doesn't like Message-ID: <981e2e7256215a6351c339829d0e9d67@private.ra09.com> X-Sender: alavaliant@ra09.com User-Agent: Roundcube Webmail/1.0.5 --=_773b835ab8d0c5d10826fa71d4305850 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII; format=flowed Package: x2gobroker-agent Version: 0.0.2.3 One of my users started to get their connections to the x2go broker failing with 'Error downloading http://x2go-broker-url/plain/inifile - server replied: Internal Server Error' Tracking back through the commands the broker was logging the issue turned out be /usr/lib/x2go/x2gobroker-agent $USER listsessions (and other commands that x2gobroker-agent.pl runs by su - username -c command) returning things like OK [1] 32542 klipper: Command not found. [1] + exit 1 klipper which was a result of how the command is run; since the x2gobroker-agent $USER FOO commands all internally su to the named user to run the command it results in the user's environment being sourced which puts them at the risk of being broken by the user's environment. My user in this case had embedded a command that didn't exist on the broker host to run as soon as their shell environment was created which caused the broker to error out. (possibly compounded by in this case the shell tcsh being used as the user's default shell - tcsh in my experience being very temperamental with it's startup files - a single failure will stop the environment file sourcing to error our instantly and not process further lines. I've not had time to cross compare with bash etc and see if this problem only exists for tcsh or if it effects most shells). I managed to work around the issue in my case by fixing the su commands in x2gobroker-agent.pl to use /bin/sh (which links to /bin/dash) on my system to avoid user shell startup file environment issues breaking logging in via the broker. It feels more like a workaround that a proper fix to me so I'm not suggesting the attached patch for merging, rather just as an example of how I got around it in my case. My feeling is that there must be a better way to ensure these x2gobroker-agent commands can't be broken by the user env but I'm not managing to come up with a better solution currently. Thanks Jason --=_773b835ab8d0c5d10826fa71d4305850 Content-Transfer-Encoding: base64 Content-Type: text/x-diff; name=patch-x2gobroker-agent-fix-su-tcsh-env-bugs.patch Content-Disposition: attachment; filename=patch-x2gobroker-agent-fix-su-tcsh-env-bugs.patch; size=1564 LS0tIG9sZC94MmdvL3gyZ29icm9rZXItYWdlbnQucGwJMjAxNS0wMi0xMCAxNjoyMTo0Mi44NDQ4 NTk4MjQgKzEzMDAKKysrIG5ldy94MmdvL3gyZ29icm9rZXItYWdlbnQucGwJMjAxNS0wMi0xMCAx NjoyNDowOS43NDU1OTU3MDcgKzEzMDAKQEAgLTEwOSw3ICsxMDksNyBAQAogewogCUluaXRYMkdv VXNlcigkdWlkLCAkdWlkTnVtYmVyLCAkZ2lkTnVtYmVyLCAkaG9tZSk7CiAJcHJpbnQgIk9LXG4i OwotCWV4ZWMgKCIvYmluL3N1IC0gJHVpZCAtYyBcIngyZ29saXN0c2Vzc2lvbnMgLS1hbGwtc2Vy dmVyc1wiIik7CisJZXhlYyAoIi9iaW4vc3UgLSAkdWlkIC1zIC9iaW4vc2ggLWMgXCJ4MmdvbGlz dHNlc3Npb25zIC0tYWxsLXNlcnZlcnNcIiIpOwogfQogCiBpZiggKCRtb2RlIGVxICdmaW5kYnVz eXNlcnZlcnNfYnlfc2Vzc2lvbnN0YXRzJykgfHwgKCRtb2RlIGVxICdmaW5kYnVzeXNlcnZlcnMn KSkKQEAgLTEzNSw3ICsxMzUsNyBAQAogCiAJSW5pdFgyR29Vc2VyKCR1aWQsICR1aWROdW1iZXIs ICRnaWROdW1iZXIsICRob21lKTsKIAlwcmludCAiT0tcbiI7Ci0JbXkgJGJ1c3lfc2VydmVycyA9 IGAvYmluL3N1IC0gJHVpZCAtYyBcIngyZ29nZXRzZXJ2ZXJzXCJgOworCW15ICRidXN5X3NlcnZl cnMgPSBgL2Jpbi9zdSAtICR1aWQgLXMgL2Jpbi9zaCAtYyBcIngyZ29nZXRzZXJ2ZXJzXCJgOwog CiAJbXkgJXNlcnZlcl9sb2FkID0gKCk7CiAJbXkgJG51bV9zZXNzaW9ucyA9IDA7CkBAIC0xNjEs NyArMTYxLDcgQEAKIHsKIAlJbml0WDJHb1VzZXIoJHVpZCwgJHVpZE51bWJlciwgJGdpZE51bWJl ciwgJGhvbWUpOwogCXByaW50ICJPS1xuIjsKLQlleGVjICgiL2Jpbi9zdSAtICR1aWQgLWMgXCJ4 MmdvZ2V0c2VydmVyc1wiIik7CisJZXhlYyAoIi9iaW4vc3UgLSAkdWlkIC1zIC9iaW4vc2ggLWMg XCJ4MmdvZ2V0c2VydmVyc1wiIik7CiB9CiAKIGlmKCRtb2RlIGVxICdhZGRhdXRoa2V5JykKQEAg LTE4Nyw3ICsxODcsNyBAQAogCUluaXRYMkdvVXNlcigkdWlkLCAkdWlkTnVtYmVyLCAkZ2lkTnVt YmVyLCAkaG9tZSk7CiAJcHJpbnQgIk9LXG4iOwogCW15ICRzaWQ9c2hpZnQ7Ci0JZXhlYyAoIi9i aW4vc3UgLSAkdWlkIC1jIFwiXCQoeDJnb3BhdGggbGliKS94MmdvY2hhbmdlc3RhdHVzIFMgJHNp ZFwiIik7CisJZXhlYyAoIi9iaW4vc3UgLSAkdWlkIC1zIC9iaW4vc2ggLWMgXCJcJCh4MmdvcGF0 aCBsaWIpL3gyZ29jaGFuZ2VzdGF0dXMgUyAkc2lkXCIiKTsKIH0KIAogaWYoJG1vZGUgZXEgJ3Rl cm1pbmF0ZXNlc3Npb24nKQpAQCAtMTk1LDcgKzE5NSw3IEBACiAJSW5pdFgyR29Vc2VyKCR1aWQs ICR1aWROdW1iZXIsICRnaWROdW1iZXIsICRob21lKTsKIAlwcmludCAiT0tcbiI7CiAJbXkgJHNp ZD1zaGlmdDsKLQlleGVjICgiL2Jpbi9zdSAtICR1aWQgLWMgXCJcJCh4MmdvcGF0aCBsaWIpL3gy Z29jaGFuZ2VzdGF0dXMgVCAkc2lkXCIiKTsKKwlleGVjICgiL2Jpbi9zdSAtICR1aWQgLXMgL2Jp bi9zaCAtYyBcIlwkKHgyZ29wYXRoIGxpYikveDJnb2NoYW5nZXN0YXR1cyBUICRzaWRcIiIpOwog fQogCiBpZigkbW9kZSBlcSAncGluZycpCg== --=_773b835ab8d0c5d10826fa71d4305850--