From unknown Thu Mar 28 18:38:15 2024 X-Loop: owner@bugs.x2go.org Subject: Bug#1174: file is blocked (stDXFCE_dp24) Reply-To: Felix B. =?UTF-8?Q?M=C3=BCller?= , 1174@bugs.x2go.org Resent-From: Felix B. =?UTF-8?Q?M=C3=BCller?= Resent-To: x2go-dev@lists.x2go.org Resent-CC: owner@bugs.x2go.org X-Loop: owner@bugs.x2go.org Resent-Date: Fri, 05 May 2017 17:05:01 +0000 Resent-Message-ID: Resent-Sender: owner@bugs.x2go.org X-X2Go-PR-Message: report 1174 X-X2Go-PR-Package: x2go-server X-X2Go-PR-Keywords: Received: via spool by submit@bugs.x2go.org id=B.149400374313200 (code B); Fri, 05 May 2017 17:05:01 +0000 Received: (at submit) by bugs.x2go.org; 5 May 2017 17:02:23 +0000 X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=-2.7 required=3.0 tests=BAYES_50,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW,RCVD_IN_MSPIKE_H2 autolearn=ham autolearn_force=no version=3.4.1 Received: from localhost (localhost [127.0.0.1]) by ymir.das-netzwerkteam.de (Postfix) with ESMTP id 2EDCD5DAD0 for ; Fri, 5 May 2017 19:02:22 +0200 (CEST) X-Virus-Scanned: Debian amavisd-new at ymir.das-netzwerkteam.de Received: from ymir.das-netzwerkteam.de ([127.0.0.1]) by localhost (ymir.das-netzwerkteam.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SxviTwkmwkm2 for ; Fri, 5 May 2017 19:02:15 +0200 (CEST) Received: from mout.gmx.net (mout.gmx.net [212.227.17.20]) by ymir.das-netzwerkteam.de (Postfix) with ESMTPS id D56FC5DACF for ; Fri, 5 May 2017 19:02:14 +0200 (CEST) Received: from desktop6 ([91.44.40.247]) by mail.gmx.com (mrgmx101 [212.227.17.168]) with ESMTPSA (Nemesis) id 0MZ8fw-1dL4F00bNc-00Kz0w for ; Fri, 05 May 2017 19:02:14 +0200 From: Felix B. =?UTF-8?Q?M=C3=BCller?= To: Date: Fri, 5 May 2017 19:02:13 +0200 Message-ID: <000001d2c5c1$57bd7600$07386200$@gmx.net> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Mailer: Microsoft Outlook 14.0 Thread-Index: AdLFwUdRAiItF5ojSlWt3+gfmKSvWQ== Content-Language: de X-Provags-ID: V03:K0:u0V/dhozLXzvKC81dcELAExYuikGBXzgfAUbk2ZCOZRaY/8vYKk /Hw1FJjPTLmpWWsHMSks/cPhnZrKPqviZSDVYrfO6dlejtYwXDES/iu1O/dwAAzESCgHUwF Vtc6Oic2vq4pPj4aq5/Jv6AkGnF66kMIOhzoNgIK//Jcabuv8td5/imNPfDPnyrr3J4MogL oUB/j3o4uP8lLGQDOCG1Q== X-UI-Out-Filterresults: notjunk:1;V01:K0:1e9O+KwVQLU=:kUFxy9kBZBqEyJ2wp0JqoC Yfsy8dww1LB/S/Sti9qRSXiRiZoOZBPNKL6x4Kxe8yyQIJ3B9q8xt/czrQJ6NE3NW6924NEOu IwiNz7SxLPcvuGPOdgfC6d1kILVqrHtgcyZQULObCdJiAIsRhBXGf/IsxKgSfxZDGYn7DSMqf n4vSlx2G8gcgifRD2eQutelbCfpcUirRXB8byn5k6IZIF+yavUI6ySm16DPtI9p420I6VsOod OOrelMbpSoHsLFLck94GcRRaCElCT6Fjn+W6P/8xfgsILubeLd7uMtsAdvOS+jPRf1AbzYy6d Q5BxuXqPD/1R59YB4IXpQBev1JbljLF+npFUGhfQ1BMOj+XLOZQ+dIltQe6WCo+u2iPQc7Liq V0dUBNkVDBzPXx6snGFYxd9CemGpuuScpqgc0NnTqcDOnnXD5ju95mbZWGWFvatSfKbb8Aq07 V0cavxGGnZplxYbqa/OTwrtiVp+uHjDa5v2d4aZrSoPoaj8Om2XdxwN5+CsPxmr/Z2VV/kqH+ EJxdSUe5oj4NyYTzkjfTQBjzvMl+qzLV8TNEvSedqGPhABRT07QOuxdkyQx/aN+L68+Di1iLr 2QLpPb3ylPepeXtcp7/X7J4U55PfDfC7PP5GlGlsUCAdTQ7m7xAo0mOzsEPr7+0Ky62cGxAh1 nCaNvrtd3m/oUjlvQJjd2SnBiu/LY7CP9sJ+HroIHn+6Fj84tIHpGrMhajKSaMbXqienP9+C6 aMnP8utZBLZmDGuHqi1SfDuISeLJOtCWtSONmjprVjp7xMKBpOSZxCsV877rgGf+IZLY0bZ6d Mr/N/fW Package: x2go-server Version: 4.0.1.20 Dear all, I have an Ubuntu 16.04.2 LTS (Server) which is integrated in the Windows Active Directory (AD). The user authentification is done via Kerberos=A0 followed here: https://help.ubuntu.com/community/ActiveDirectoryWinbindHowto The directories are also mounted automatically every time the user logs = on via pam_mount: =A0 This works quite nice and I can login via ssh with the user names of the = AD. I also would like to use x2go for the AD users. However, it works fine = when I try to connect to the server (called ssh or ssh2) from the internal network (192.168.0.0). The users get their remote desktops. However, if = they try to login remotely from another subnet the session could not be initialized. I was looking for the problem the last 3 weeks. Of course = the first idea was due to a misconfigured firewall. The configuration is as follows: INTERNET ----- NAT1 -----(192.168.183.0)------ =A0NAT2 = ----(192.168.0.0)------ ssh-server=20 I replaced the firewall, I put the PC (ssh-server) directly after the = NAT. I had a look in all network connections with wireshark. I opened all = ports. None of these things solved the problem. However, I can login with a = local user (user account on the ssh-server) on the ssh-server but not with a = user of the AD (username test01). I set the logging to the debug mode and I = see that a file is always blocked. I do not understand why this file is = blocked if I login from another subnet. Maybe this is not a bug =96 I do not = know and I do not understand this behavior. May=A0 5 16:08:41 ssh2 /usr/sbin/x2gocleansessions[1717]: test01-50-1493993318_stDXFCE_dp24: updating session status from 'R' to = 'F'. May=A0 5 16:08:41 ssh2 /usr/sbin/x2gocleansessions[1717]: test01-50-1493993318_stDXFCE_dp24: is blocked. May=A0 5 16:08:41 ssh2 /usr/sbin/x2gocleansessions[1717]: test01-50-1493993318_stDXFCE_dp24: adding to finished list. May=A0 5 16:08:41 ssh2 /usr/bin/x2goumount-session[11035]: = x2goumount-session has been called with options: Any ideas? Best regards!