|
»
Running a particular application in freenx server
|
View:
New views
3 Messages
—
Rating Filter:
Alert me
|
 |
Running a particular application in freenx server
by Peter McGregor-3
::
Rate this Message:
Hello
I would like to force a user to run an application in freenx. I have set this up in the client ok, but I would like to enforce it in the server I have been looking at modifying nxacl, but it does not seem to be called from my nxserver. I have copied the nxacl sample file to /etc/nxserver I would appreciate if someone could tell me how to run nxacl, or alternatively, how I could modify node.conf thank you Peter McGregor I am running centos 5.3, with freenx and nx installed using yum, with the epel repository. ie -bash-3.2# ls -l /etc/nxserver total 72 -rw------- 1 nx root 668 Oct 23 16:12 client.id_dsa.key -rwxr-xr-x 1 nx root 22426 Oct 28 19:00 node.conf -rwxr-xr-x 1 nx root 22348 Aug 31 14:02 node.conf.sample -rwxr-xr-x 1 nx root 1123 Oct 28 18:46 nxacl -rwxr-xr-x 1 root root 1106 Oct 28 17:46 nxacl.sample -rw------- 1 nx root 0 Oct 23 16:12 passwords -rw------- 1 nx root 0 Oct 23 16:12 passwords.orig -rw------- 1 nx root 602 Oct 23 16:12 server.id_dsa.pub.key -rw------- 1 nx root 668 Oct 23 16:12 users.id_dsa -rw-r--r-- 1 nx root 602 Oct 23 16:12 users.id_dsa.pub -bash-3.2# cat nxacl #!/bin/bash # Syntax: getparam <param> getparam() { stringinstring "&$1=" "$CMDLINE" || return 1 echo "$CMDLINE" | tr "&" "\n" | egrep "^"$1"=" | awk -F= '{ VAL=$2 } END { print VAL }' return 0 } # Syntax: changeparam <param> <value> # Don't use & in value its the separator. changeparam() { CMDLINE=$(echo "$CMDLINE" | tr "&" "\n" | sed "s&^$1=.*&$1=$2&g" | tr "\n" "&") } CMDLINE="$1" # Example 0: All allowed allow_all() { # Parameters unchanged echo "$CMDLINE" echo "it works" # Session allowed exit 0 } # Example 1: Allow only unix-kde sessions, deny others allow_unix_kde() { type=$(getparam type) if [ "$type" != "unix-kde" ] then echo "Only sessions with type unix-kde are allowed." exit 1 fi allow_all } # Example 3: Allow only unix-kde sessions, change type always to unix-kde and virtualdesktop=1, rootless=0 allow_unix_kde_2() { changeparam type unix-kde changeparam virtualdesktop 1 changeparam rootless 0 allow_all } # # You can make as complex samples as you want, if you have one, I would be very interested! # Fabian # # Send it to: FreeNX-kNX@.... # allow_all My log file(I changed log level in node.conf to 5(info)) is - NX SERVER START: -c /usr/bin/nxserver - ORIG_COMMAND= -- NX SERVER START: - ORIG_COMMAND= Info: Using fds #4 and #3 for communication with nxnode. HELLO NXSERVER - Version 3.2.0-73 OS (GPL, using backend: not detected) NX> 105 hello NXCLIENT - Version 3.2.0 NX> 134 Accepted protocol: 3.2.0 NX> 105 SET SHELL_MODE SHELL NX> 105 SET AUTH_MODE PASSWORD NX> 105 login NX> 101 User: peter NX> 102 Password: NX> 103 Welcome to: vessel2 user: peter NX> 105 listsession --user="peter" --status="suspended,running" --geometry="1920x1080x32+render" --type="unix-application" NX> 127 Sessions list of user 'peter' for reconnect: Display Type Session ID Options Depth Screen Status Session Name ------- ---------------- -------------------------------- -------- ----- -------------- ----------- ------------------------------ NX> 148 Server capacity: not reached for user: peter NX> 105 startsession --rootless="1" --virtualdesktop="0" --application="/usr/bin/firefox" --link="adsl" --backingstore="1" --encryption="1" --cache="16M" --images="64M" --shmem="1" --shpix="1" --strict="0" --composite="1" --samba="1" --cups="1" --media="0" --session="vessel2" --type="unix-application" --client="macosx" --keyboard="query" --screeninfo="1877x1036x32+render" NX> 1000 NXNODE - Version 3.2.0-73 OS (GPL, using backend: not detected) NX> 700 Session id: vessel2-1000-E3E827CE5D9F80B95BD26D87A0F7CED7 NX> 705 Session display: 1000 NX> 703 Session type: unix-application NX> 701 Proxy cookie: 166dbbddd8ca8038d71412542b1cf84b NX> 702 Proxy IP: 127.0.0.1 NX> 706 Agent cookie: 166dbbddd8ca8038d71412542b1cf84b NX> 704 Session cache: unix-application NX> 707 SSL tunneling: 1 NX> 709 File-sharing port: 445 NX> 1009 Session status: starting NX> 710 Session status: running NX> 1002 Commit NX> 1006 Session status: running NX> 105 addprinter --type="ipp" --username="mac" --port="3000" --session_id="E3E827CE5D9F80B95BD26D87A0F7CED7" --printer="HP_deskjet_9300" password="******" --model="NULL" --defaultPrinter="1" --public="1" NX> 719 CUPS printer: running NX> 105 bye Bye NX> 999 Bye NX-12835->--addprinter> 1000 NXNODE - Version 3.2.0-73 OS (GPL, using backend: not detected) NX-12835->--addprinter> 1001 Bye. NX> 1009 Session status: terminating Info: Closing connection to slave with pid 12541. 12835->--addprinter 1001 Bye. NX> 1006 Session status: closed NX> 1001 Bye. Info: Closing connection to slave with pid 12541. ________________________________________________________________ Were you helped on this list with your FreeNX problem? Then please write up the solution in the FreeNX Wiki/FAQ: http://openfacts2.berlios.de/wikien/index.php/BerliosProject:FreeNX_-_FAQ Don't forget to check the NX Knowledge Base: http://www.nomachine.com/kb/ ________________________________________________________________ FreeNX-kNX mailing list --- FreeNX-kNX@... https://mail.kde.org/mailman/listinfo/freenx-knx ________________________________________________________________ |
|
|
Re: Running a particular application in freenx server
by ChrisB-6
::
Rate this Message:
Peter McGregor <freenx@...> wrote on 28/10/2009 07:01:13: > Hello > > I would like to force a user to run an application in freenx. I have > set this up in the client ok, but I would like to enforce it in the server Do you mean like a "rootless" application set on the client in :- Configure,General,Desktop,Custom ???? Ah yes, firefox rootless . . . To run nxacl you just : - cp /usr/bin/nxacl.sample /usr/bin/nxacl and make sure it is executable by normal users !! -rwxr-xr-x 1 root root 1437 2009-10-28 12:32 /usr/bin/nxacl If it exists as an excutable, then nxserver runs it. Then you need to customize it so that the relevent $USER can only run whatever. Try if [ "$USER" = "doris-on-windows" ] then changeparam type unix-application changeparam rootless 1 changeparam virtualdesktop 0 changeparam application /usr/bin/ooffice fi allow_all You may well need to patch changeparam if you want to change a type=unix-kde to type=unix-application rootless=1 application=/where/ever/whatever. changeparam() { if [ "$(echo "$CMDLINE" | tr "&" "\n" | egrep -c "^$1=" )" -lt 1 ] then CMDLINE="$CMDLINE""&$1=$2" # Not all parameters are given all the time !! else CMDLINE=$(echo "$CMDLINE" | tr "&" "\n" | sed "s&^$1=.*&$1=$2&g" | tr "\n" "&") fi } This is because you can't "changeparam" a "param" if "the param" is absent and the server is using defaults . . . . . . and application= isn't normally there. Be carefull, this has no param validator so you can add all&any garbage you (don't)want to . . . and you can end up with zombie sessions which aren't displaying anything if the app doesn't get fired off. Also it seems to take longer to terminate the session, which can get people who terminate by mistake and try to re-connect immediately !! > > I have been looking at modifying nxacl, but it does not seem to be > called from my nxserver. > > I have copied the nxacl sample file to /etc/nxserver > > I would appreciate if someone could tell me how to run nxacl, or > alternatively, how I could modify node.conf > > thank you > > Peter McGregor > > ________________________________________________________________ > Were you helped on this list with your FreeNX problem? > Then please write up the solution in the FreeNX Wiki/FAQ: > > http://openfacts2.berlios.de/wikien/index.php/BerliosProject:FreeNX_-_FAQ > > Don't forget to check the NX Knowledge Base: > http://www.nomachine.com/kb/ > > ________________________________________________________________ > FreeNX-kNX mailing list --- FreeNX-kNX@... > https://mail.kde.org/mailman/listinfo/freenx-knx > ________________________________________________________________ ________________________________________________________________ Were you helped on this list with your FreeNX problem? Then please write up the solution in the FreeNX Wiki/FAQ: http://openfacts2.berlios.de/wikien/index.php/BerliosProject:FreeNX_-_FAQ Don't forget to check the NX Knowledge Base: http://www.nomachine.com/kb/ ________________________________________________________________ FreeNX-kNX mailing list --- FreeNX-kNX@... https://mail.kde.org/mailman/listinfo/freenx-knx ________________________________________________________________ |
|
|
Re: Running a particular application in freenx server
by Peter McGregor-3
::
Rate this Message:
Thanks
I've used your code and my application is being called properly now. cheers peter chris@... wrote:
________________________________________________________________ Were you helped on this list with your FreeNX problem? Then please write up the solution in the FreeNX Wiki/FAQ: http://openfacts2.berlios.de/wikien/index.php/BerliosProject:FreeNX_-_FAQ Don't forget to check the NX Knowledge Base: http://www.nomachine.com/kb/ ________________________________________________________________ FreeNX-kNX mailing list --- FreeNX-kNX@... https://mail.kde.org/mailman/listinfo/freenx-knx ________________________________________________________________ |
| Free embeddable forum powered by Nabble | Forum Help |
