Summary: | net-misc/xrdp - groups listed in /etc/group are not applied on logon | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Chris <cjdl01> |
Component: | Current packages | Assignee: | Patrick McLean <chutzpah> |
Status: | RESOLVED WONTFIX | ||
Severity: | normal | CC: | dubnerm |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | x86 | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 171411 | ||
Bug Blocks: | |||
Attachments: | ebuild and patches for xrdp-0.4.1 |
Description
Chris
2007-05-01 19:51:55 UTC
The problem is worse than I thought. It doesn't get better restarting xrdp by hand, it just looks like it does. logged into the console, groups work as expected: (logged in as joe on the console) # groups users cdrw cdrom joe (logged in as joe remotely (through rdp in kde environment in a konsole) # groups root bin daemon sys adm tape disk wheel floppy It seems to take groups at random. This is extremely bad. It renders the system completely unusable for my users as they cannot access the folders they should have permission to. Please help. Okay... I have found that this is a bug with xrdp-0.3.1. I was hoping for a work-around, but the problem is in the sesman binary itself. The maintainer of that application stated that it is fixed in 0.3.2. Since 0.3.2 is not in the portage tree, I compiled it by hand. There were no issues with the compile itself, but there was a problem with xrdp finding libxrdp.so because it was not in the search path (compiled in the binary). I made a link to /lib/libxrdp.so, and it started up fine. It seems to have solved the group problem, but opened the door for another equally as big problem... KDE does not seem to want to start... Still working on that. But, because of this major flaw in xrdp-0.3.1, maybe 0.3.2 should be put in the portage tree (assuming that the startwm.sh issue is fixable). (In reply to comment #2) This was confirmed as a bug. It was, in fact, fixed in 3.2, and seems to be okay in 4.0. One can temporary fix this bug by inserting to /usr/lib/xrdp/startwm.sh following lines: pgroups=`groups|tr ' ' '\n'|sort` ugroups=`groups "$USER"|tr ' ' '\n'|sort` if [[ $pgroups != $ugroups ]] ; then exec sudo -H -u $USER "$0" "$@" fi This is ugly and bug-provoke, but works. NB: Use this only until you install 0.3.2 which should fix the bug. Hi, If you look closely, you'll find that the groups you become member of through xrdp is the same groups that root is member of (plus the user specific group). If I'm not mistaking, this is a serious security issue. Upgrading to 0.4.1 solved this for me. Now lets get this into portage. I have made my own personal ebuild to be placed in the portage overlay - it's a copy of the 0.3.1 ebuild with some minor modifications and new patches. I have attached the files to this bug - BUT PLEASE NOTE: use them at your own discretion. I am not a developer, so I cannot rule out any slips. It builds and works on my system. Someone will need to check them before committing it to portage. On a side note: Does anyone know, why I cannot change the keyboard layout in my remote session? If I try it manually using setxkbmap, I get the error message "XKB extension not present on :11.0" Created attachment 175398 [details]
ebuild and patches for xrdp-0.4.1
(In reply to comment #5) > On a side note: > Does anyone know, why I cannot change the keyboard layout in my remote session? > If I try it manually using setxkbmap, I get the error message "XKB extension > not present on :11.0" > I can't get keyboard input to work at all! Not even at the session manager window. If I supply my username and my VNC password using the client, I can get a desktop/window manager/xterm but I can't type anything. If I don't, I get the login box, but still can't type anything. Oh, and I understand there's an "other" way xrdp works besides just forwarding to a VNC server, but I have no idea what that is. The documentation for this is pretty poor. I think the Gentoo wiki used to have information about how to configure it, but, you know. > I can't get keyboard input to work at all! Not even at the session manager
> window.
Let me amend that. I can't get keyboard input to work using Microsoft Remote Desktop Connection for Mac OS X. It works fine with other clients. Weird.
The package has been removed from portage. |