[FreeNX-kNX] Running a particular application in freenx server
Peter McGregor
freenx at pdadevelopments.co.nz
Wed Oct 28 07:01:13 UTC 2009
Hello
I would like to force a user to run an application in freenx. I have
set this up in the client ok, but I would like to enforce it in the server
I have been looking at modifying nxacl, but it does not seem to be
called from my nxserver.
I have copied the nxacl sample file to /etc/nxserver
I would appreciate if someone could tell me how to run nxacl, or
alternatively, how I could modify node.conf
thank you
Peter McGregor
I am running centos 5.3, with freenx and nx installed using yum, with
the epel repository.
ie
-bash-3.2# ls -l /etc/nxserver
total 72
-rw------- 1 nx root 668 Oct 23 16:12 client.id_dsa.key
-rwxr-xr-x 1 nx root 22426 Oct 28 19:00 node.conf
-rwxr-xr-x 1 nx root 22348 Aug 31 14:02 node.conf.sample
-rwxr-xr-x 1 nx root 1123 Oct 28 18:46 nxacl
-rwxr-xr-x 1 root root 1106 Oct 28 17:46 nxacl.sample
-rw------- 1 nx root 0 Oct 23 16:12 passwords
-rw------- 1 nx root 0 Oct 23 16:12 passwords.orig
-rw------- 1 nx root 602 Oct 23 16:12 server.id_dsa.pub.key
-rw------- 1 nx root 668 Oct 23 16:12 users.id_dsa
-rw-r--r-- 1 nx root 602 Oct 23 16:12 users.id_dsa.pub
-bash-3.2# cat nxacl
#!/bin/bash
# Syntax: getparam <param>
getparam()
{
stringinstring "&$1=" "$CMDLINE" || return 1
echo "$CMDLINE" | tr "&" "\n" | egrep "^"$1"=" | awk -F= '{ VAL=$2 }
END { print VAL }'
return 0
}
# Syntax: changeparam <param> <value>
# Don't use & in value its the separator.
changeparam()
{
CMDLINE=$(echo "$CMDLINE" | tr "&" "\n" | sed "s&^$1=.*&$1=$2&g" | tr
"\n" "&")
}
CMDLINE="$1"
# Example 0: All allowed
allow_all()
{
# Parameters unchanged
echo "$CMDLINE"
echo "it works"
# Session allowed
exit 0
}
# Example 1: Allow only unix-kde sessions, deny others
allow_unix_kde()
{
type=$(getparam type)
if [ "$type" != "unix-kde" ]
then
echo "Only sessions with type unix-kde are allowed."
exit 1
fi
allow_all
}
# Example 3: Allow only unix-kde sessions, change type always to
unix-kde and virtualdesktop=1, rootless=0
allow_unix_kde_2()
{
changeparam type unix-kde
changeparam virtualdesktop 1
changeparam rootless 0
allow_all
}
#
# You can make as complex samples as you want, if you have one, I would
be very interested!
# Fabian
#
# Send it to: FreeNX-kNX at kde.org.
#
allow_all
My log file(I changed log level in node.conf to 5(info)) is
- NX SERVER START: -c /usr/bin/nxserver - ORIG_COMMAND=
-- NX SERVER START: - ORIG_COMMAND=
Info: Using fds #4 and #3 for communication with nxnode.
HELLO NXSERVER - Version 3.2.0-73 OS (GPL, using backend: not detected)
NX> 105 hello NXCLIENT - Version 3.2.0
NX> 134 Accepted protocol: 3.2.0
NX> 105 SET SHELL_MODE SHELL
NX> 105 SET AUTH_MODE PASSWORD
NX> 105 login
NX> 101 User: peter
NX> 102 Password:
NX> 103 Welcome to: vessel2 user: peter
NX> 105 listsession --user="peter" --status="suspended,running"
--geometry="1920x1080x32+render" --type="unix-application"
NX> 127 Sessions list of user 'peter' for reconnect:
Display Type Session ID Options Depth
Screen Status Session Name
------- ---------------- -------------------------------- -------- -----
-------------- ----------- ------------------------------
NX> 148 Server capacity: not reached for user: peter
NX> 105 startsession --rootless="1" --virtualdesktop="0"
--application="/usr/bin/firefox" --link="adsl" --backingstore="1"
--encryption="1" --cache="16M" --images="64M" --shmem="1" --shpix="1"
--strict="0" --composite="1" --samba="1" --cups="1" --media="0"
--session="vessel2" --type="unix-application" --client="macosx"
--keyboard="query" --screeninfo="1877x1036x32+render"
NX> 1000 NXNODE - Version 3.2.0-73 OS (GPL, using backend: not detected)
NX> 700 Session id: vessel2-1000-E3E827CE5D9F80B95BD26D87A0F7CED7
NX> 705 Session display: 1000
NX> 703 Session type: unix-application
NX> 701 Proxy cookie: 166dbbddd8ca8038d71412542b1cf84b
NX> 702 Proxy IP: 127.0.0.1
NX> 706 Agent cookie: 166dbbddd8ca8038d71412542b1cf84b
NX> 704 Session cache: unix-application
NX> 707 SSL tunneling: 1
NX> 709 File-sharing port: 445
NX> 1009 Session status: starting
NX> 710 Session status: running
NX> 1002 Commit
NX> 1006 Session status: running
NX> 105 addprinter --type="ipp" --username="mac" --port="3000"
--session_id="E3E827CE5D9F80B95BD26D87A0F7CED7"
--printer="HP_deskjet_9300" password="******" --model="NULL"
--defaultPrinter="1" --public="1"
NX> 719 CUPS printer: running
NX> 105 bye
Bye
NX> 999 Bye
NX-12835->--addprinter> 1000 NXNODE - Version 3.2.0-73 OS (GPL, using
backend: not detected)
NX-12835->--addprinter> 1001 Bye.
NX> 1009 Session status: terminating
Info: Closing connection to slave with pid 12541.
12835->--addprinter 1001 Bye.
NX> 1006 Session status: closed
NX> 1001 Bye.
Info: Closing connection to slave with pid 12541.
More information about the FreeNX-kNX
mailing list