From unknown Fri Mar 29 14:53:12 2024 X-Loop: owner@bugs.x2go.org Subject: Bug#1145: [X2Go-Dev] Bug#1145: x2godbadmin + postgres + non-existent home directory = wrong ownerships Reply-To: Stefan Baur , 1145@bugs.x2go.org Resent-From: Stefan Baur Resent-To: x2go-dev@lists.x2go.org Resent-CC: X2Go Developers X-Loop: owner@bugs.x2go.org Resent-Date: Tue, 07 Feb 2017 22:55:01 +0000 Resent-Message-ID: Resent-Sender: owner@bugs.x2go.org X-X2Go-PR-Message: followup 1145 X-X2Go-PR-Package: x2goserver X-X2Go-PR-Keywords: Received: via spool by 1145-submit@bugs.x2go.org id=B1145.14865080581972 (code B ref 1145); Tue, 07 Feb 2017 22:55:01 +0000 Received: (at 1145) by bugs.x2go.org; 7 Feb 2017 22:54:18 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=-0.5 required=3.0 tests=BAYES_05 autolearn=ham version=3.3.2 Received: from localhost (localhost [127.0.0.1]) by ymir.das-netzwerkteam.de (Postfix) with ESMTP id 1D9165DA49 for <1145@bugs.x2go.org>; Tue, 7 Feb 2017 23:54:17 +0100 (CET) X-Virus-Scanned: Debian amavisd-new at ymir.das-netzwerkteam.de Received: from ymir.das-netzwerkteam.de ([127.0.0.1]) by localhost (ymir.das-netzwerkteam.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PvicZvHTVDj0 for <1145@bugs.x2go.org>; Tue, 7 Feb 2017 23:54:10 +0100 (CET) X-Greylist: delayed 753 seconds by postgrey-1.34 at ymir.das-netzwerkteam.de; Tue, 07 Feb 2017 23:54:10 CET Received: from mout.kundenserver.de (mout.kundenserver.de [217.72.192.75]) by ymir.das-netzwerkteam.de (Postfix) with ESMTPS id 706BF5DA2D for <1145@bugs.x2go.org>; Tue, 7 Feb 2017 23:54:10 +0100 (CET) Received: from [192.168.0.23] ([78.43.90.159]) by mrelayeu.kundenserver.de (mreue102 [212.227.15.145]) with ESMTPSA (Nemesis) id 0LbrjI-1cC6Mu41qe-00jGD3; Tue, 07 Feb 2017 23:41:37 +0100 To: Nable , 1145@bugs.x2go.org References: <8fbce1f7-5f1a-465b-615b-b2ccf6b87b51@baur-itcs.de> From: Stefan Baur Message-ID: <2889078d-8670-e2b9-c92e-f303690e0388@baur-itcs.de> Date: Tue, 7 Feb 2017 23:41:17 +0100 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.7.0 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="Wa4qi4TJKBgLTJICjgwjoPHP08CXrPR49" X-Provags-ID: V03:K0:GTLt9p39GtizAfBx+NmXdfVOz6O//bIMAwxQMzDoaxwx76XG+Gl +bwDlvtUfuouVKbkxA9ynFTwdmvtvVBQVVDRN70GpYoqdZJwwJ0yghzOrXMb6cfOuyff4+q UMFpndx7DqK9TTZnuW9pcEYoJAsgxzbDJu04qOMcxewzE6xMEvd/maSwSlsMAgZJnXbb/ot 4aHPf47WxMXAP4id1ELlQ== X-UI-Out-Filterresults: notjunk:1;V01:K0:FiTQYGj6frs=:Y30cssZnwlLgdOpvNyszVl V4DamgcB9OcCg5f07q3lEX6VJ9Q41BhI/wxVzj1f4ZwfIOEUDv4zcYYISYWdYd+HcNenkZm2A EisST4oLQ/94dzPen5mNiPttjAig7vd8F+70uoEAl6RLq56bZ+GJRbbYRi3Ulpz/tA/iepVwt IdyVXSvJSSxud0apLn3ltywDd4S7rAYcXympD35ADgDs55zhT5d9tkg3LnL2Iqs71EmbE3tIS YMBqnFwFCOst+vuf9DUTiSu9IGiFxyJB182xf1l+CRAAmtzwEiQiYF0L/s6O+WqnEyHGguL8u WW4WNdCFEwtTOpiSX78PzVbXnSMu06Y2xT12H/yUylPlUTcjcfYxtoGemUSAYm2h4x6TPQrem B1meeRPlQNZhQay3vissGPdujuhZ54x/ovdM8OuJKqJvWCguN87Z2P36bUFWI/87s3FawQUrX T/ic+RQcV/K1mCQWuVFbiUmaAxvubOBNHcRb0Fp0/tkODy4Q4l94R17pzYRe0bOiuv6cLCGag VnVNJTzvIqE14DKjisqvW4BczcRnE1hcA7KrF6j/5xxAKBy4fI31nePrPBnfx/+UjWP3kp6NT umwKJ7+jMGeNOBoXMlIP4t3B+SwLt2fQ6BGgX3000YiS+9PgjlSom+ZYcq33xK9kYm9AOX0+2 wZobVjtVuiDOVAXsa9HAMJc13GAxJr/oKXZso3v8koiNl4YjBsdKcvYXQ2BselDzlOO4= This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --Wa4qi4TJKBgLTJICjgwjoPHP08CXrPR49 Content-Type: multipart/mixed; boundary="96LpLKAvGp30Cf81O6lq77t2p9IHP5aoM"; protected-headers="v1" From: Stefan Baur To: Nable , 1145@bugs.x2go.org Message-ID: <2889078d-8670-e2b9-c92e-f303690e0388@baur-itcs.de> Subject: Re: [X2Go-Dev] Bug#1145: x2godbadmin + postgres + non-existent home directory = wrong ownerships References: <8fbce1f7-5f1a-465b-615b-b2ccf6b87b51@baur-itcs.de> In-Reply-To: --96LpLKAvGp30Cf81O6lq77t2p9IHP5aoM Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Am 07.02.2017 um 23:14 schrieb Nable: >> When x2godbadmin is used with a postgres database, and the user name >> given doesn't yet have a home directory, it creates this home director= y. > I've thought that creation of home directories is a task for useradd > (for local users) or pam_mkhomedir from libpam-modules (in case of > centralized database of network logins) and there may be even more > existing alternatives. Should this non-trivial code be implemented > once again in X2Go tools instead of trying to keep things closer to a > UNIX-way? Well, there already is code in there that is doing it - it just does it wrong in this particular case. Of course, we could argue that the entire piece of code should be removed - but how would you handle things in this particular case? Having no /home/ is something that is most likely to happen with non-local accounts. pam_mkhomedir fixes this and creates it on the spot - IF, and only IF the user logs in. x2godbadmin, however, needs to be run - on the x2goserver - by root - before the user logs in -> chicken and egg. So - to expand this bug - what we'd need is some piece of code that does what pam_mkhomedir does (not only create the directory and set ownership/permissions, *but also* populate it with the contents of /etc/skel) - but for a user other than the one that's currently logged in. Are you aware of anything that does that and that we could call? -Stefan --=20 BAUR-ITCS UG (haftungsbeschr=C3=A4nkt) Gesch=C3=A4ftsf=C3=BChrer: Stefan Baur Eichen=C3=A4ckerweg 10, 89081 Ulm | Registergericht Ulm, HRB 724364 Fon/Fax 0731 40 34 66-36/-35 | USt-IdNr.: DE268653243 --96LpLKAvGp30Cf81O6lq77t2p9IHP5aoM-- --Wa4qi4TJKBgLTJICjgwjoPHP08CXrPR49 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCAAGBQJYmk0QAAoJEG7d9BjNvlEZWYsH/RzdkoFc0ZzB+EKVWiPLR8// P79ZC4LPWfUk2R/ylq5SM5Ft8Z17b5GCsufQMxbYzHgtcH/J2yfBMId0d0bIP282 ie2taXL/f7kr3gYJ87EPMPi7JSX6RO91Rfc3PK7/zKvI0ILB8wG2hR6ZcLhitQ57 k+u1nALjj9yH8qJrTNOLU9OQEwCp6yXVw2rGeYuh0kr0IVBMN1MVrwFGgA9yMy4h B7P7T5wXkpvI2+iDvmMYCYOkB0j6XwFUnudirooOGPURMU+YxBTO9kqHFNBv1vAL CCafTcpFCxueo3bV63rS9iWTT2Sspe4x3SeDwOQej69PMo0mMvflnadKDzWWtfk= =DNiT -----END PGP SIGNATURE----- --Wa4qi4TJKBgLTJICjgwjoPHP08CXrPR49--