[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2021/01/25 00:19 Browser : Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.66 Safari/537.36 IP-Address : 82.212.29.219 Hostname: HSI-KBW-082-212-029-219.hsi.kabelbw.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1611533899 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [Starting the Build] This is part two of the patch to create Images for the Raspberry Pi User: stefanbaur @@ -248,13 +248,16 @@ . ./x2go-tce-config # Create Timestamp LBX2GO_TIMESTAMP=$(date +"%Y%m%d%H%M%S") + + exec > >(tee "/tmp/$LBX2GO_TIMESTAMP.log") 2>&1 # Set Directory name - LBX2GO_TCEDIR="./live-build-x2go-${LBX2GO_TIMESTAMP}-${LBX2GO_IMAGETYPE}-$(echo "$LBX2GO_ARCH" | awk '{print $2}')-${LBX2GO_CONFIG##*/}" + LBX2GO_TCEDIR="./live-build-x2go-${LBX2GO_TIMESTAMP}-${LBX2GO_IMAGETYPE}-$(echo $LBX2GO_ARCH | awk '{print $2}')-${LBX2GO_CONFIG##*/}" if [ -z "$LBX2GO_ARCH" ] || + ( echo "$LBX2GO_ARCH" | grep -q "arm" && [ -z "$LBX2GO_ARCH_MODEL" ] ) || [ -z "$LBX2GO_SPACE" ] || [ -z "$LBX2GO_CONFIG" ] || [ -z "$LBX2GO_DEFAULTS" ] || [ -z "$LBX2GO_DEBVERSION" ] || @@ -264,8 +267,9 @@ [ -z "$LBX2GO_BOOTLOADER" ] || [ -z "$LBX2GO_ARCHIVE_AREAS" ]; then echo -e "One or more of the following variables is unset:" echo -e "LBX2GO_ARCH: '${LBX2GO_ARCH}'" + echo "$LBX2GO_ARCH" | grep -q "arm" && echo -e "LBX2GO_ARCH_MODEL: '${LBX2GO_ARCH_MODEL}'" echo -e "LBX2GO_SPACE: '${LBX2GO_SPACE}'" echo -e "LBX2GO_DEFAULTS: '${LBX2GO_DEFAULTS}'" echo -e "LBX2GO_DEBVERSION: '${LBX2GO_DEBVERSION}'" echo -e "LBX2GO_CONFIG: '${LBX2GO_CONFIG}'" @@ -280,24 +284,82 @@ # This will create a timestamped subdirectory for the build mkdir -p $LBX2GO_TCEDIR cd $LBX2GO_TCEDIR + X2GO_LBCONFIG_STRING=$(cat <+ # This will copy any patches we have prepared if [ -d "../patch" ] ; then cp -a ../patch/* config/ fi + # This will copy any patches we have prepared for minidesktop if [ -d "../patch-minidesktop" ] && (echo "$LBX2GO_CONFIG" | grep -q minidesktop) ; then cp -a ../patch-minidesktop/* config/ fi + + # This checks if a bootloader directory is present (e.g. because of a custom splash.svg) + # and adds all other files that might be missing (live-build won't add them automatically + # if the directory already exists) + if [ -d config/bootloaders ] ; then + rsync -aPH --ignore-existing --exclude="splash.svg" /usr/share/live/build/bootloaders/* config/bootloaders + fi + # When enabled, this silences the audible beep at syslinux/isolinux/pxelinux/extlinux startup. + # Note that this is an accessibility feature for blind users, so use with care. + sed -e "s/$(echo -e "\07")//g" -i config/bootloaders/*/menu.cfg + # This enables an i386-only package in the sources.list file when an i386 build is requested - if echo "$LBX2GO_ARCH" | grep -q -i "i386" ; then + if echo $LBX2GO_ARCH | grep -q -i "i386" ; then sed -i -e 's/# for i386 only #//' config/package-lists/desktop.list.chroot fi + + # This is part of our experimental ARM support + # It adds required arm64-only packages when an arm64 build is requested + if echo $LBX2GO_ARCH | grep -q "arm" ; then + + # firmware for wifi + echo "firmware-brcm80211/buster-backports" >>config/package-lists/raspi.list.chroot + + if [ "$LBX2GO_ARCH_MODEL" = "Pi3" ] ; then + # modules required for Raspberry Pi 3 LAN + echo "crc16" >> config/includes.chroot/etc/initramfs-tools/modules + echo "mii" >> config/includes.chroot/etc/initramfs-tools/modules + echo "smsc95xx" >> config/includes.chroot/etc/initramfs-tools/modules + echo "usbcore" >> config/includes.chroot/etc/initramfs-tools/modules + echo "usbnet" >> config/includes.chroot/etc/initramfs-tools/modules + echo "fake-hwclock" >>config/package-lists/raspi.list.chroot + echo "usbutils" >>config/package-lists/raspi.list.chroot + + # firmware for basic raspi functions - required for boot on Pi3 + echo "raspi3-firmware/buster" >>config/package-lists/raspi.list.chroot + # standard linux kernel - for Pi3 + echo "linux-image-arm64/buster" >>config/package-lists/raspi.list.chroot + + elif [ "$LBX2GO_ARCH_MODEL" = "Pi4" ] ; then + # firmware for basic raspi functions - required for boot on Pi4 + echo "raspi3-firmware/buster-backports" >>config/package-lists/raspi.list.chroot + echo "raspi-firmware/buster-backports" >>config/package-lists/raspi.list.chroot + + # newer linux
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2021/01/25 00:18 Browser : Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.66 Safari/537.36 IP-Address : 82.212.29.219 Hostname: HSI-KBW-082-212-029-219.hsi.kabelbw.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1610241860 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [Configuring the Build] This is part one of the patch to create Images for the Raspberry Pi User: stefanbaur @@ -42,18 +42,22 @@ # simple check for apt-cacher-ng being active - if # we have a successful connect on port 3142, assume # it's apt-cacher-ng and use it - - if nc -z 127.0.0.1 3142 ; then + # + if nc -z 127.0.0.1 3142 ; then # bad idea with apt-cacher-ng, but will work with e.g. squid - # export https_proxy=http://127.0.0.1:3128/ + # export https_proxy=http://127.0.0.1:3128/ # export http_proxy=http://127.0.0.1:3128/ # export ftp_proxy=http://127.0.0.1:3128/ export LB_APT_FTP_PROXY=http://127.0.0.1:3142/ export LB_APT_HTTP_PROXY=http://127.0.0.1:3142/ fi + + # set these to true to save source files + #export LB_SOURCE="true" + #export LBX2GO_GETSRC="true" # Select ONE of the following git reposities # this one loosely corresponds to "stable" # export LBX2GO_CONFIG='git://code.x2go.org/live-build-x2go.git::feature/openbox-magic-pixel-workaround-buster' @@ -69,18 +73,32 @@ # 32-Bit, larger memory footprint, but faster performance on i686 and newer # export LBX2GO_ARCH='-a i386 -k 686-pae' # 32-Bit, smallest memory footprint - not available on buster # export LBX2GO_ARCH='--architectures i386 --linux-flavours 586' - # EXPERIMENTAL: For ARM (Raspberry Pi), try: - # export LBX2GO_ARCH='-a arm64' - # Note that ARM builds are currently not working, at least not on the Pi. + # For ARM (Raspberry Pi): + #export LBX2GO_ARCH='-a arm64' + #export LBX2GO_ARCH_MODEL='Pi4' # you can also set this to 'Pi3'. Note that there must not be any whitespace between 'Pi' and the digit. # If you want to use the stock ISO image as created by this script, add your boot parameters here # export LBX2GO_BOOTAPPEND_LIVE="boot=live components noswap lang=de vconsole.keymap=de keyboard-layouts=de locales=de_DE.UTF-8 silent quiet pubkey=http://x2go/x2go-tce/config/authorized_keys sessionsurl=http://x2go/x2go-tce/config/sessions toram" + + if echo -e "$LBX2GO_CONFIG" | grep -q "openbox"; then + LBX2GO_BOOTAPPEND_LIVE+="fastpo " + export LBX2GO_BOOTAPPEND_LIVE + elif echo -e "$LBX2GO_CONFIG" | grep -q "minidesktop"; then + LBX2GO_BOOTAPPEND_LIVE+='timezone=Europe/Berlin noautologin ' # if you use nottyautologin instead of noautologin, an autologin will be set for the account "user", which conflicts our setting for the account "x2gothinclient" + export LBX2GO_BOOTAPPEND_LIVE + fi # detect if the selected git repo is meant to build a buster, stretch or jessie image if [ -z "${LBX2GO_CONFIG##*-stretch}" ] ; then export LBX2GO_DEBVERSION="stretch" + export LBX2GO_BOOTAPPEND_LIVE+=" net.ifnames=0 biosdevname=0" + elif [ -z "${LBX2GO_CONFIG##*-buster-heuler}" ] ; then + export LBX2GO_DEBVERSION="buster" + export LBX2GO_BOOTAPPEND_LIVE+=" net.ifnames=0 biosdevname=0" + elif [ -z "${LBX2GO_CONFIG##*-buster-heuler-bpo}" ] ; then + export LBX2GO_DEBVERSION="buster" export LBX2GO_BOOTAPPEND_LIVE+=" net.ifnames=0 biosdevname=0" elif [ -z "${LBX2GO_CONFIG##*-buster}" ] ; then export LBX2GO_DEBVERSION="buster" export LBX2GO_BOOTAPPEND_LIVE+=" net.ifnames=0 biosdevname=0" @@ -95,9 +113,9 @@ export LBX2GO_BOOTLOADERPARAMNAME="--bootloader" fi # set boot loader type - leave this unchanged unless you really know what you're doing - if echo "$LBX2GO_ARCH" | awk '{print $2}' | grep -q "arm" && ! dpkg --print-architecture | grep -q 'arm'; then + if echo $LBX2GO_ARCH | awk '{print $2}' | grep -q "arm" ; then # This is part of our experimental ARM support LBX2GO_BOOTLOADERPARAMNAME=" " LBX2GO_BOOTLOADER=" " else @@ -136,11 +154,21 @@ $LBX2GO_BOOTLOADERPARAMNAME $LBX2GO_BOOTLOADER --distribution $LBX2GO_DEBVERSION" # This is part of our experimental ARM support - if echo "$LBX2GO_ARCH" | grep -q 'arm'; then + if echo $LBX2GO_ARCH | grep -q 'arm' && ! dpkg --print-architecture | grep -q 'arm' ; then export LBX2GO_DEFAULTS+=" --bootstrap-qemu-arch arm64 \ - --bootstrap-qemu-static /usr/bin/qemu-arm-static" + --bootstrap-qemu-static /usr/bin/qemu-aarch64-static \ + --apt-options \"--yes -oAPT::Default-Release=${LBX2GO_DEBVERSION} -oAPT::Immediate-Configure=false\" " + fi + + # This is part of our experimental ARM support + # This makes sure the resulting disk image is at least 1GB in
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2021/01/10 01:24 Browser : Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:84.0) Gecko/20100101 Firefox/84.0 IP-Address : 82.212.29.219 Hostname: HSI-KBW-082-212-029-219.hsi.kabelbw.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1599472538 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [Configuring the Build] don't use qemu when building arm on arm User: stefanbaur @@ -95,9 +95,9 @@ export LBX2GO_BOOTLOADERPARAMNAME="--bootloader" fi # set boot loader type - leave this unchanged unless you really know what you're doing - if echo "$LBX2GO_ARCH" | awk '{print $2}' | grep -q "arm" ; then + if echo "$LBX2GO_ARCH" | awk '{print $2}' | grep -q "arm" && ! dpkg --print-architecture | grep -q 'arm'; then # This is part of our experimental ARM support LBX2GO_BOOTLOADERPARAMNAME=" " LBX2GO_BOOTLOADER=" " else -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2020/09/07 09:55 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:68.9) Gecko/20100101 Goanna/4.6 Firefox/68.9 PaleMoon/28.13.0 IP-Address : 82.212.29.219 Hostname: HSI-KBW-082-212-029-219.hsi.kabelbw.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1592909790 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: User: stefanbaur @@ -514,9 +514,11 @@ === Required unless using the X2Go Session Broker: Adding the x2go-tce.sessions session configuration file to your HTTP or FTP Server === Again, this is assuming you already have an existing, working HTTP or FTP server setup. - * run X2GoClient on any computer you like, and configure a session the same way it should appear on the ThinClient when using a Windows client, run x2goclient.exe --portable, or it will store the session information in the registry, rather than in a "sessions" file. + * run X2GoClient on any computer you like, and configure a session the same way it should appear on the ThinClient + when using a Windows client, run x2goclient.exe --portable, or it will store the session information in the registry, rather than in a "sessions" file. + * locate the "sessions" file you just created - it should be at ~/.x2goclient/sessions * copy it to x2go-tce.sessions * using an editor of your choice, edit x2go-tce.sessions so it contains only the sessions you want to appear on the ThinClient, and none that might have been created earlier. * log on to your HTTP or FTP server and change to the x2go-tce directory in your webroot/ftproot. -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2020/06/23 10:56 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:68.9) Gecko/20100101 Goanna/4.6 Firefox/68.9 PaleMoon/28.10.0 IP-Address : 78.43.58.112 Hostname: HSI-KBW-078-043-058-112.hsi4.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1573691914 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: fastpo has been added quite a while ago User: stefanbaur @@ -1153,16 +1153,17 @@ FIXME for MATE-MiniDesktop, it might make sense to teach the image how to do LDAP auth (preferably with LDAPS or LDAP+TLS) and use lightdm without the auto-login. That way, a local screensaver //with// locking functionality (prompting for the actual user's LDAP password) should be possible - and LDAP credential passthrough to X2GoClient should work, too (though that might require kerberos in addition to LDAP,we'll see). FIXME Scripts triggered by if-up should check if a new download is really necessary. - FIXME Feature request: In TCE (not MMD), use + = List of closed ToDos/FIXMEs for this page = + * Feature request: In TCE (not MMD), use while ! (grep "^/dev/" /etc/mtab | grep -q rw ) ; do # rw-mounted physical devices detected echo s >/proc/sysrq-trigger # sync all echo u >/proc/sysrq-trigger # remount all (physdevs) ro done echo o >/proc/sysrq-trigger # force fast shutdown/poweroff for faster poweroff when boot parameter ''fastpo'' is set - = List of closed ToDos/FIXMEs for this page = + * ''audioout='', ''blank='', ''*blankdpmsfix'', ''nodpms'', ''xinerama='', are currently unsupported in MiniDesktop-Mode, but this is being worked on, by outsourcing them into scripts under ''/etc/X11/Xsession.d/'' (currently, they reside in ''/lib/live/config/2900-x2go-thinclientconfig'' - which doesn't exist in the MiniDesktop branches - and from there, they get written to ''~/.xsession'' - fixed in github repo, soon in x2go repo * It would be nice to have a boot parameter ''xroot=[0xaabbcc|URI1[|URI2|...]]'' for the desktop background image/color, and a boot parameter ''xrootmode=center|fill|scale|tile'' to determine how the image(s) should be positioned (if the parameter has been set, but something is wrong, it should default to the "grey mesh" background) - fixed in github repo, soon in x2go repo * It would also be nice to have boot parameters ''xsaverimages=[URI1[|URI2|...]]'', ''xsaveridletime=n'', ''xsaverimgtime=n'', for a local, non-locking slideshow screensaver (if no images are specified/downloaded by the time it activates, it should just blank the screen). That way, one could display a slideshow without having to push the images across the network every time - fixed in github repo, soon in x2go repo * Boot parameters ''blankdpmsfix'' and ''earlyblankdpmsfix'' still leave the screen blank for too long, when used in netboot mode (especially over slow links). Two ways to solve this are to either use local storage, or to use the initrd with the squashfs merged into it. A third, new option would be a boot parameter ''initrdblankdpmsfix'', where the un-blanking code of ''earlyblankdpmsfix'' is applied in the initrd already - fixed in github repo, soon in x2go repo -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/11/14 00:38 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:60.9) Gecko/20100101 Goanna/4.4 Firefox/60.9 PaleMoon/28.7.2 IP-Address : 109.193.81.67 Hostname: HSI-KBW-109-193-081-067.hsi7.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1573691864 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [Starting the Build] User: stefanbaur @@ -289,9 +289,9 @@ # This is a crude hack to detect crossbuilds for ARM on Intel/AMD hardware. # It makes some necessary changes, and also tries to speed up squashfs creation. if (uname -r | grep -q 'i.86' || uname -r | grep -q 'amd64') && \ -echo "$LB_X2GO_ARCH" | grep -q 'arm'; then +echo "$LBX2GO_ARCH" | grep -q 'arm'; then # This command removes all references to fuseext and x2gothinclient from the # package list files. Currently needed as there are no ARM packages for either. echo "WARNING: Removing all references to fuseext and x2gothinclient from the build." -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/11/14 00:37 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:60.9) Gecko/20100101 Goanna/4.4 Firefox/60.9 PaleMoon/28.7.2 IP-Address : 109.193.81.67 Hostname: HSI-KBW-109-193-081-067.hsi7.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1568835409 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [Configuring the Build] User: stefanbaur @@ -136,9 +136,9 @@ $LBX2GO_BOOTLOADERPARAMNAME $LBX2GO_BOOTLOADER --distribution $LBX2GO_DEBVERSION" # This is part of our experimental ARM support - if echo "$LB_X2GO_ARCH" | grep -q 'arm'; then + if echo "$LBX2GO_ARCH" | grep -q 'arm'; then export LBX2GO_DEFAULTS+=" --bootstrap-qemu-arch arm64 \ --bootstrap-qemu-static /usr/bin/qemu-arm-static" fi -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/09/18 19:31 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:60.9) Gecko/20100101 Goanna/4.4 Firefox/60.9 PaleMoon/28.7.1 IP-Address : 109.193.81.67 Hostname: HSI-KBW-109-193-081-067.hsi7.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1568834946 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [Starting the Build] updated script for experimental ARM support User: stefanbaur @@ -273,16 +273,127 @@ echo 'rm -rf ./usr/share/man/*' >>./config/hooks/0112-remove-folders.hook.chroot [ "$LBX2GO_IMAGETYPE" != "netboot" ] && echo 'rm -rf ./var/lib/apt/lists/*' >>./config/hooks/0112-remove-folders.hook.chroot chmod 755 ./config/hooks/0112-remove-folders.hook.chroot fi + + if [ -n "$LB_APT_HTTP_PROXY" ] || [ -n "$LB_APT_FTP_PROXY" ]; then + echo "NOTICE: apt proxy variable(s) is/are set." + echo "NOTICE: Trying to use the proxy for all downloads." + echo "NOTICE: If this fails, look for #SETPROXY in the $0 source." + # Here, we should have reached a point where it is safe to point all proxy variables + # at the apt-cacher-ng proxy. If you're seeing errors during your build that hint + # at files not being downloaded, disable these three entries. + export https_proxy=$LB_APT_HTTP_PROXY + export http_proxy=$LB_APT_HTTP_PROXY + export ftp_proxy=$LB_APT_FTP_PROXY + fi + + # This is a crude hack to detect crossbuilds for ARM on Intel/AMD hardware. + # It makes some necessary changes, and also tries to speed up squashfs creation. + if (uname -r | grep -q 'i.86' || uname -r | grep -q 'amd64') && \ +echo "$LB_X2GO_ARCH" | grep -q 'arm'; then + + # This command removes all references to fuseext and x2gothinclient from the + # package list files. Currently needed as there are no ARM packages for either. + echo "WARNING: Removing all references to fuseext and x2gothinclient from the build." + sed -e 's/^.*fuseext.*$//g' -e 's/^.*x2gothinclient.*$//g' -i ./config/package-lists/* + + # This command removes the X2Go repository from the directory where additional + # archives are stored. Currently needed as the X2Go repository offers no arm64 + # packages, but Debian Buster does - so that's what we're falling back to. + echo "WARNING: Removing all references to the X2Go repository from the build." + rm ./config/archives/*x2go* + + # The following is a hack to reduce squashfs creation time. We're replacing mksquashfs + # in the changeroot environment with a wrapper script that drops the original + # mksquashfs call into a file. + + # We need to do this as a background task, waiting for the mksquashfs executable to + # appear in the changeroot; as the changeroot will only be created later on, once + # lb build is called. + + # The other background task waits until the command file has been created, then + # it applies some necessary patches to it, and starts the mksquashfs command natively + # on the build host, rather than in the changeroot environment. + # This is because in the changeroot, we'd be running the ARM mksquashfs in a qemu + # software emulation of the ARM architecture, while on the host, we can use all the + # native, raw CPU power and cores available to us. + + # To make sure we don't have any lingering processes in the background, we're passing + # our own PID along to the background tasks, and tell them to terminate if our PID + # disappears while they're still in their waiting/looping state. + + MASTERPID=$$ + + # Replace mksquashfs in chroot with script + # (script will undo this upon completion) + ( + # wait until the chroot has been populated or until our parent process dies + while ! [ -x ./chroot/usr/bin/mksquashfs ]; do + ps $MASTERPID >/dev/null || exit 1 + sleep 1 + done + # make sure we don't overwrite the real executable if it has already been + # moved out of the way + if ! [ -x ./chroot/usr/bin/mksquashfs.real ]; then + cp ./chroot/usr/bin/mksquashfs ./chroot/usr/bin/mksquashfs.real + fi +echo '#!/bin/bash' >./chroot/usr/bin/mksquashfs +# log the name we've been called with and all parameters into this file +echo 'echo "$0 $@" >/tmp/filesystem.squashfs.temp' >>./chroot/usr/bin/mksquashfs +# once the native mksquashfs is complete, we will remove this file +echo 'while [ -f /tmp/filesystem.squashfs.temp ]; do' >>./chroot/usr/bin/mksquashfs +echo '
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/09/18 19:36 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:60.9) Gecko/20100101 Goanna/4.4 Firefox/60.9 PaleMoon/28.7.1 IP-Address : 109.193.81.67 Hostname: HSI-KBW-109-193-081-067.hsi7.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1568835336 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [Configuring the Build] removed superfluous # sign, probably vim or wiki autocomplete going crazy User: stefanbaur @@ -42,9 +42,9 @@ # simple check for apt-cacher-ng being active - if # we have a successful connect on port 3142, assume # it's apt-cacher-ng and use it - # + if nc -z 127.0.0.1 3142 ; then # bad idea with apt-cacher-ng, but will work with e.g. squid # export https_proxy=http://127.0.0.1:3128/ # export http_proxy=http://127.0.0.1:3128/ -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/09/18 19:35 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:60.9) Gecko/20100101 Goanna/4.4 Firefox/60.9 PaleMoon/28.7.1 IP-Address : 109.193.81.67 Hostname: HSI-KBW-109-193-081-067.hsi7.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1568835286 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [Configuring the Build] added some double quotes (stylefix) User: stefanbaur @@ -95,9 +95,9 @@ export LBX2GO_BOOTLOADERPARAMNAME="--bootloader" fi # set boot loader type - leave this unchanged unless you really know what you're doing - if echo $LBX2GO_ARCH | awk '{print $2}' | grep -q "arm" ; then + if echo "$LBX2GO_ARCH" | awk '{print $2}' | grep -q "arm" ; then # This is part of our experimental ARM support LBX2GO_BOOTLOADERPARAMNAME=" " LBX2GO_BOOTLOADER=" " else -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/09/18 19:34 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:60.9) Gecko/20100101 Goanna/4.4 Firefox/60.9 PaleMoon/28.7.1 IP-Address : 109.193.81.67 Hostname: HSI-KBW-109-193-081-067.hsi7.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1568835097 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [Starting the Build] added some double quotes (stylefix) User: stefanbaur @@ -206,9 +206,9 @@ # Create Timestamp LBX2GO_TIMESTAMP=$(date +"%Y%m%d%H%M%S") # Set Directory name - LBX2GO_TCEDIR="./live-build-x2go-${LBX2GO_TIMESTAMP}-${LBX2GO_IMAGETYPE}-$(echo $LBX2GO_ARCH | awk '{print $2}')-${LBX2GO_CONFIG##*/}" + LBX2GO_TCEDIR="./live-build-x2go-${LBX2GO_TIMESTAMP}-${LBX2GO_IMAGETYPE}-$(echo "$LBX2GO_ARCH" | awk '{print $2}')-${LBX2GO_CONFIG##*/}" if [ -z "$LBX2GO_ARCH" ] || [ -z "$LBX2GO_SPACE" ] || [ -z "$LBX2GO_CONFIG" ] || @@ -255,9 +255,9 @@ fi # This is for minidesktop builds only if [ -f config/package-lists/firefox-langpacks.list.chroot ]; then if [ -n "$LBX2GO_LANG" ]; then - for LBX2GO_SINGLE_LANG in $(echo $LBX2GO_LANG | tr ';' ' '); do + for LBX2GO_SINGLE_LANG in $(echo "$LBX2GO_LANG" | tr ';' ' '); do echo "LANG: '$LBX2GO_SINGLE_LANG'" sed -i -e 's/#firefox-esr-l10n-'$LBX2GO_SINGLE_LANG'$/firefox-esr-l10n-'$LBX2GO_SINGLE_LANG'/' config/package-lists/firefox-langpacks.list.chroot done else @@ -391,10 +391,10 @@ ln $(realpath ./chroot/initrd.img) ./x2go-tce-initrd.img ln ./binary/live/filesystem.squashfs ./x2go-tce-filesystem.squashfs if [ "$LBX2GO_IMAGETYPE" = "hdd" ] ; then - ln ./live-image-$(echo $LBX2GO_ARCH | awk '{print $2}').img \ - ./x2go-tce-live-image-$(echo $LBX2GO_ARCH | awk '{print $2}').img + ln ./live-image-$(echo "$LBX2GO_ARCH" | awk '{print $2}').img \ +./x2go-tce-live-image-$(echo "$LBX2GO_ARCH" | awk '{print $2}').img fi if [ "$LBX2GO_IMAGETYPE" = "netboot" ] ; then if [ "$LBX2GO_NOSQUASHFS" = "true" ] ; then (cd binary; echo live$'\n'live/filesystem.squashfs |cpio -o -H newc | gzip --fast) >./x2go-tce-filesystem.cpio.gz @@ -405,14 +405,14 @@ fi fi if [ "$LBX2GO_IMAGETYPE" = "iso" ] || [ "$LBX2GO_IMAGETYPE" = "iso-hybrid" ] ; then genisoimage -o ./x2go-tce-squashfs-only.iso -R -J -graft-points live/filesystem.squashfs=./x2go-tce-filesystem.squashfs - if [ -e ./live-image-$(echo $LBX2GO_ARCH | awk '{print $2}').hybrid.iso ] ; then - ln ./live-image-$(echo $LBX2GO_ARCH | awk '{print $2}').hybrid.iso \ - ./original-x2go-tce-live-image-$(echo $LBX2GO_ARCH | awk '{print $2}').hybrid.iso - elif [ -e ./live-image-$(echo $LBX2GO_ARCH | awk '{print $2}').iso ] ; then - ln ./live-image-$(echo $LBX2GO_ARCH | awk '{print $2}').iso \ -./original-x2go-tce-live-image-$(echo $LBX2GO_ARCH | awk '{print $2}').iso + if [ -e ./live-image-$(echo "$LBX2GO_ARCH" | awk '{print $2}').hybrid.iso ] ; then + ln ./live-image-$(echo "$LBX2GO_ARCH" | awk '{print $2}').hybrid.iso \ +./original-x2go-tce-live-image-$(echo "$LBX2GO_ARCH" | awk '{print $2}').hybrid.iso + elif [ -e ./live-image-$(echo "$LBX2GO_ARCH" | awk '{print $2}').iso ] ; then + ln ./live-image-$(echo "$LBX2GO_ARCH" | awk '{print $2}').iso \ +./original-x2go-tce-live-image-$(echo "$LBX2GO_ARCH" | awk '{print $2}').iso fi mv ./x2go-tce-filesystem.squashfs ./original-x2go-tce-filesystem.squashfs fi # create timestamp file -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/09/18 19:29 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:60.9) Gecko/20100101 Goanna/4.4 Firefox/60.9 PaleMoon/28.7.1 IP-Address : 109.193.81.67 Hostname: HSI-KBW-109-193-081-067.hsi7.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1568721748 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [Configuring the Build] updated configuration for experimental ARM support User: stefanbaur @@ -42,22 +42,22 @@ # simple check for apt-cacher-ng being active - if # we have a successful connect on port 3142, assume # it's apt-cacher-ng and use it - + # if nc -z 127.0.0.1 3142 ; then - # bad idea with apt-cacher-ng, but will work with e.g. squid - # export https_proxy=http://127.0.0.1:3128/ - # export http_proxy=http://127.0.0.1:3128/ - # export ftp_proxy=http://127.0.0.1:3128/ + # bad idea with apt-cacher-ng, but will work with e.g. squid + # export https_proxy=http://127.0.0.1:3128/ + # export http_proxy=http://127.0.0.1:3128/ + # export ftp_proxy=http://127.0.0.1:3128/ - export LB_APT_FTP_PROXY=http://127.0.0.1:3142/ - export LB_APT_HTTP_PROXY=http://127.0.0.1:3142/ + export LB_APT_FTP_PROXY=http://127.0.0.1:3142/ + export LB_APT_HTTP_PROXY=http://127.0.0.1:3142/ fi # Select ONE of the following git reposities # this one loosely corresponds to "stable" - #export LBX2GO_CONFIG='git://code.x2go.org/live-build-x2go.git::feature/openbox-magic-pixel-workaround-buster' + # export LBX2GO_CONFIG='git://code.x2go.org/live-build-x2go.git::feature/openbox-magic-pixel-workaround-buster' # this one loosely corresponds to "heuler" export LBX2GO_CONFIG='https://github.com/LinuxHaus/live-build-x2go::feature/openbox-magic-pixel-workaround-buster' # NOTE: Add "-stretch" to the end of the LBX2GO_CONFIG string to create a stretch build, and "-buster" for a buster build # NOTE: As of 2019-08-27, buster builds are only available via the github repo and for the feature/openbox-magic-pixel-workaround-buster and feature/mate-minidesktop-buster branches @@ -66,35 +66,44 @@ # (feel free to use long or short options) # for 64-Bit builds, use: export LBX2GO_ARCH='-a amd64 -k amd64' # 32-Bit, larger memory footprint, but faster performance on i686 and newer - #export LBX2GO_ARCH='-a i386 -k 686-pae' + # export LBX2GO_ARCH='-a i386 -k 686-pae' # 32-Bit, smallest memory footprint - not available on buster # export LBX2GO_ARCH='--architectures i386 --linux-flavours 586' + # EXPERIMENTAL: For ARM (Raspberry Pi), try: + # export LBX2GO_ARCH='-a arm64' + # Note that ARM builds are currently not working, at least not on the Pi. # If you want to use the stock ISO image as created by this script, add your boot parameters here - #export LBX2GO_BOOTAPPEND_LIVE="boot=live components noswap lang=de vconsole.keymap=de keyboard-layouts=de locales=de_DE.UTF-8 silent quiet pubkey=http://x2go/x2go-tce/config/authorized_keys sessionsurl=http://x2go/x2go-tce/config/sessions toram" + # export LBX2GO_BOOTAPPEND_LIVE="boot=live components noswap lang=de vconsole.keymap=de keyboard-layouts=de locales=de_DE.UTF-8 silent quiet pubkey=http://x2go/x2go-tce/config/authorized_keys sessionsurl=http://x2go/x2go-tce/config/sessions toram" # detect if the selected git repo is meant to build a buster, stretch or jessie image if [ -z "${LBX2GO_CONFIG##*-stretch}" ] ; then - export LBX2GO_DEBVERSION="stretch" - export LBX2GO_BOOTAPPEND_LIVE+=" net.ifnames=0 biosdevname=0" + export LBX2GO_DEBVERSION="stretch" + export LBX2GO_BOOTAPPEND_LIVE+=" net.ifnames=0 biosdevname=0" elif [ -z "${LBX2GO_CONFIG##*-buster}" ] ; then - export LBX2GO_DEBVERSION="buster" - export LBX2GO_BOOTAPPEND_LIVE+=" net.ifnames=0 biosdevname=0" + export LBX2GO_DEBVERSION="buster" + export LBX2GO_BOOTAPPEND_LIVE+=" net.ifnames=0 biosdevname=0" else - export LBX2GO_DEBVERSION="jessie" + export LBX2GO_DEBVERSION="jessie" fi # newer versions of live-build use the plural form of this parameter if $(LANG=C lb config --help | grep -q bootloaders) ; then - export LBX2GO_BOOTLOADERPARAMNAME="--bootloaders" + export LBX2GO_BOOTLOADERPARAMNAME="--bootloaders" else - export LBX2GO_BOOTLOADERPARAMNAME="--bootloader" + export LBX2GO_BOOTLOADERPARAMNAME="--bootloader" fi # set boot loader type - leave this unchanged unless you really know what you're doing - export LBX2GO_BOOTLOADER="syslinux" + if echo $LBX2GO_ARCH | awk '{print $2}' | grep -q "arm" ; then + # This is part of our experimental ARM support + LBX2GO_BOOTLOADERPARAMNAME=" " + LBX2GO_BOOTLOADER=" " + else + export LBX2GO_BOOTLOADER="syslinux" + fi # These options are meant to reduce the image size. # Feel free to adapt them after consulting "man lb_config" export
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/09/17 12:02 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:60.9) Gecko/20100101 Goanna/4.4 Firefox/60.9 PaleMoon/28.7.1 IP-Address : 109.193.81.67 Hostname: HSI-KBW-109-193-081-067.hsi7.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1568718946 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [Starting the Build] we need to fetch kernel and initrd from the chroot directory to be buildtype-independent User: stefanbaur @@ -261,10 +261,10 @@ chmod 755 ./config/hooks/0112-remove-folders.hook.chroot fi if lb build ; then echo -e "Build is done: '$LBX2GO_TCEDIR'" - ln ./binary/live/vmlinuz ./x2go-tce-vmlinuz - ln ./binary/live/initrd.img ./x2go-tce-initrd.img + ln $(realpath ./chroot/vmlinuz) ./x2go-tce-vmlinuz + ln $(realpath ./chroot/initrd.img) ./x2go-tce-initrd.img ln ./binary/live/filesystem.squashfs ./x2go-tce-filesystem.squashfs if [ "$LBX2GO_IMAGETYPE" = "hdd" ] ; then ln ./live-image-$(echo $LBX2GO_ARCH | awk '{print $2}').img \ -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/09/17 10:43 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:60.9) Gecko/20100101 Goanna/4.4 Firefox/60.9 PaleMoon/28.7.1 IP-Address : 109.193.81.67 Hostname: HSI-KBW-109-193-081-067.hsi7.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1568716930 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [Build system prerequisites for all variants] added netcat to list of required packages User: stefanbaur @@ -29,9 +29,9 @@ * You need a Debian Buster system to build the image. (Other distributions based on Debian might work, but this is untested.) * We suggest using a 64-Bit system, however, it is possible to use a 32-Bit system if you don't want to build a 64-Bit ThinClient image. * We suggest leaving at least 4 GB of free disk space so the build won't abort due to insufficient disk space while packages are downloaded, unpacked and copied around. * Make sure your package list is up to date by running: sudo apt-get update - * Install the required package(s) by running: sudo apt-get install genisoimage git-core live-build live-config-doc live-manual-html live-boot-doc lsb-release + * Install the required package(s) by running: sudo apt-get install genisoimage git-core live-build live-config-doc live-manual-html live-boot-doc lsb-release netcat-traditional * If you want to speed up subsequent builds, install the recommended package(s) by running: sudo apt-get install apt-cacher-ng * If you want to be prepared to be able to cross-build across different architectures (e.g. building an ARM image on an Intel/AMD build host) - a feature coming soon - install the optional package(s) by running: sudo apt-get install qemu-user-static = Building your own X2Go-TCE Image = -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/09/17 10:42 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:60.9) Gecko/20100101 Goanna/4.4 Firefox/60.9 PaleMoon/28.7.1 IP-Address : 109.193.81.67 Hostname: HSI-KBW-109-193-081-067.hsi7.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1568716569 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [Build system prerequisites for all variants] updated list of required, recommended and optional packages User: stefanbaur @@ -29,9 +29,11 @@ * You need a Debian Buster system to build the image. (Other distributions based on Debian might work, but this is untested.) * We suggest using a 64-Bit system, however, it is possible to use a 32-Bit system if you don't want to build a 64-Bit ThinClient image. * We suggest leaving at least 4 GB of free disk space so the build won't abort due to insufficient disk space while packages are downloaded, unpacked and copied around. * Make sure your package list is up to date by running: sudo apt-get update - * Install the required packages by running: sudo apt-get install genisoimage git-core live-build live-config-doc live-manual-html live-boot-doc + * Install the required package(s) by running: sudo apt-get install genisoimage git-core live-build live-config-doc live-manual-html live-boot-doc lsb-release + * If you want to speed up subsequent builds, install the recommended package(s) by running: sudo apt-get install apt-cacher-ng + * If you want to be prepared to be able to cross-build across different architectures (e.g. building an ARM image on an Intel/AMD build host) - a feature coming soon - install the optional package(s) by running: sudo apt-get install qemu-user-static = Building your own X2Go-TCE Image = Configuring the Build Change to a directory where you want to save your builds, and save the following file as x2go-tce-config: -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/09/17 10:36 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:60.9) Gecko/20100101 Goanna/4.4 Firefox/60.9 PaleMoon/28.7.1 IP-Address : 109.193.81.67 Hostname: HSI-KBW-109-193-081-067.hsi7.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1568714088 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [Configuring the Build] added simple check for apt-cacher-ng User: stefanbaur @@ -36,8 +36,21 @@ Configuring the Build Change to a directory where you want to save your builds, and save the following file as x2go-tce-config: # NOTE: This file gets sourced by the actual buildscript - so place it in the same directory as the buildscript or adjust the path in the buildscript. + + # simple check for apt-cacher-ng being active - if + # we have a successful connect on port 3142, assume + # it's apt-cacher-ng and use it + + if nc -z 127.0.0.1 3142 ; then + export https_proxy=http://127.0.0.1:3142/ + export http_proxy=http://127.0.0.1:3142/ + export ftp_proxy=http://127.0.0.1:3142/ + + export LB_APT_FTP_PROXY=$ftp_proxy + export LB_APT_HTTP_PROXY=$http_proxy + fi # Select ONE of the following git reposities # this one loosely corresponds to "stable" #export LBX2GO_CONFIG='git://code.x2go.org/live-build-x2go.git::feature/openbox-magic-pixel-workaround-buster' -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/09/17 09:54 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:60.9) Gecko/20100101 Goanna/4.4 Firefox/60.9 PaleMoon/28.7.1 IP-Address : 109.193.81.67 Hostname: HSI-KBW-109-193-081-067.hsi7.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1568709960 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [Configuring the Build] updated warnng notice User: stefanbaur @@ -140,9 +140,9 @@ # to create an iso image that can also be dd'ed to USB media: #export LBX2GO_IMAGETYPE='iso-hybrid' # to create a netboot-image: export LBX2GO_IMAGETYPE='netboot' - # NOT RECOMMENDED: + # /!\ the options below are NOT RECOMMENDED unless you use live-build from Debian Buster /!\ # to create an image that can be written to a hard disk (for older live-build versions, this # always results in a "build failed" message, even though the build might have worked - use # live-build from Buster and things will work): # export LBX2GO_IMAGETYPE='hdd' -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/09/17 08:46 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:60.9) Gecko/20100101 Goanna/4.4 Firefox/60.9 PaleMoon/28.7.1 IP-Address : 109.193.81.67 Hostname: HSI-KBW-109-193-081-067.hsi7.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1568706133 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [Starting the Build] updated post-build packaging steps User: stefanbaur @@ -245,12 +245,17 @@ chmod 755 ./config/hooks/0112-remove-folders.hook.chroot fi if lb build ; then echo -e "Build is done: '$LBX2GO_TCEDIR'" + ln ./binary/live/vmlinuz ./x2go-tce-vmlinuz + ln ./binary/live/initrd.img ./x2go-tce-initrd.img ln ./binary/live/filesystem.squashfs ./x2go-tce-filesystem.squashfs + + if [ "$LBX2GO_IMAGETYPE" = "hdd" ] ; then + ln ./live-image-$(echo $LBX2GO_ARCH | awk '{print $2}').img \ +./x2go-tce-live-image-$(echo $LBX2GO_ARCH | awk '{print $2}').img + fi if [ "$LBX2GO_IMAGETYPE" = "netboot" ] ; then - ln ./tftpboot/live/vmlinuz ./x2go-tce-vmlinuz - ln ./tftpboot/live/initrd.img ./x2go-tce-initrd.img if [ "$LBX2GO_NOSQUASHFS" = "true" ] ; then (cd binary; echo live$'\n'live/filesystem.squashfs |cpio -o -H newc | gzip --fast) >./x2go-tce-filesystem.cpio.gz cat ./x2go-tce-initrd.img ./x2go-tce-filesystem.cpio.gz >./x2go-tce-initrd-with-fs.img || exit 1 rm ./x2go-tce-filesystem.cpio.gz @@ -258,15 +263,16 @@ # rm ./x2go-tce-filesystem.squashfs ./x2go-tce-initrd.img fi fi if [ "$LBX2GO_IMAGETYPE" = "iso" ] || [ "$LBX2GO_IMAGETYPE" = "iso-hybrid" ] ; then - ln ./binary/live/vmlinuz ./x2go-tce-vmlinuz - ln ./binary/live/initrd.img ./x2go-tce-initrd.img genisoimage -o ./x2go-tce-squashfs-only.iso -R -J -graft-points live/filesystem.squashfs=./x2go-tce-filesystem.squashfs - [ -e ./live-image-amd64.hybrid.iso ] && ln ./live-image-amd64.hybrid.iso ./original-x2go-tce-live-image-amd64.hybrid.iso - [ -e ./live-image-amd64.iso ] && ln ./live-image-amd64.iso ./original-x2go-tce-live-image-amd64.iso - [ -e ./live-image-i386.hybrid.iso ] && ln ./live-image-i386.hybrid.iso ./original-x2go-tce-live-image-i386.hybrid.iso - [ -e ./live-image-i386.iso ] && ln ./live-image-i386.iso ./original-x2go-tce-live-image-i386.iso + if [ -e ./live-image-$(echo $LBX2GO_ARCH | awk '{print $2}').hybrid.iso ] ; then + ln ./live-image-$(echo $LBX2GO_ARCH | awk '{print $2}').hybrid.iso \ +./original-x2go-tce-live-image-$(echo $LBX2GO_ARCH | awk '{print $2}').hybrid.iso + elif [ -e ./live-image-$(echo $LBX2GO_ARCH | awk '{print $2}').iso ] ; then + ln ./live-image-$(echo $LBX2GO_ARCH | awk '{print $2}').iso \ +./original-x2go-tce-live-image-$(echo $LBX2GO_ARCH | awk '{print $2}').iso + fi mv ./x2go-tce-filesystem.squashfs ./original-x2go-tce-filesystem.squashfs fi # create timestamp file stat -c %Y ./config/includes.chroot/lib >./x2go-tce-timestamp -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/09/17 07:42 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:60.9) Gecko/20100101 Goanna/4.4 Firefox/60.9 PaleMoon/28.7.1 IP-Address : 109.193.81.67 Hostname: HSI-KBW-109-193-081-067.hsi7.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1568705813 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [Starting the Build] updated build failed message for HDD builds and pre-Debian-Buster build attempts User: stefanbaur @@ -282,11 +282,17 @@ lb clean rm -rf ./cache fi else - # note that imagetype hdd always ends here, - # due to a harmless error that can be safely ignored, but which sets the error code to != 0 echo -e "Build failed: '$LBX2GO_TCEDIR'" + if [ "$LBX2GO_IMAGETYPE" = "hdd" ] ; then + echo "Looks like you tried to build an hdd image." + echo "Older (pre-Debian-Buster) releases of live-build show a harmless error during" + echo "the build, that can be safely ignored - but will still get you a 'Build failed'" + echo "message in turn. So if you're running an older Debian release, you might want to" + echo "look at the content of your build directory - maybe your build was successful" + echo "after all, and this script was merely unable to detect it (computers are dumb)." + fi fi cd .. fi -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/09/17 07:36 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:60.9) Gecko/20100101 Goanna/4.4 Firefox/60.9 PaleMoon/28.7.1 IP-Address : 109.193.81.67 Hostname: HSI-KBW-109-193-081-067.hsi7.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1566935702 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [Configuring the Build] added note that live-build from Buster can create hdd and tar builds just fine User: stefanbaur @@ -141,12 +141,13 @@ #export LBX2GO_IMAGETYPE='iso-hybrid' # to create a netboot-image: export LBX2GO_IMAGETYPE='netboot' # NOT RECOMMENDED: - # to create an image that can be written to a hard disk (always results - # in a "build failed" message, even though the build might have worked): + # to create an image that can be written to a hard disk (for older live-build versions, this + # always results in a "build failed" message, even though the build might have worked - use + # live-build from Buster and things will work): # export LBX2GO_IMAGETYPE='hdd' - # to create a tar file only (seems to be broken in live-build): + # to create a tar file only (seems to be broken in older live-build versions - Buster works): # export LBX2GO_IMAGETYPE='tar' if [ "$LBX2GO_IMAGETYPE" = "netboot" ]; then LBX2GO_DEFAULTS+=" $LBX2GO_BOOTLOADER" -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/08/27 19:51 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:60.9) Gecko/20100101 Goanna/4.3 Firefox/60.9 PaleMoon/28.6.1 IP-Address : 109.193.81.67 Hostname: HSI-KBW-109-193-081-067.hsi7.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1566935245 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: Updated explanations how to use the scripts User: stefanbaur @@ -35,8 +35,9 @@ * Install the required packages by running: sudo apt-get install genisoimage git-core live-build live-config-doc live-manual-html live-boot-doc = Building your own X2Go-TCE Image = Configuring the Build + Change to a directory where you want to save your builds, and save the following file as x2go-tce-config: # NOTE: This file gets sourced by the actual buildscript - so place it in the same directory as the buildscript or adjust the path in the buildscript. # Select ONE of the following git reposities @@ -155,8 +156,9 @@ Live-Patching the Build This patch is required if you need USB mount capability on the ThinClient while [[http://bugs.x2go.org/cgi-bin/bugreport.cgi?bug=1136|Bug #1136]] is still unresolved. + Save this script in the directory where you want to save your builds and run it before calling the buildscript. #!/bin/bash mkdir -p ./patch/includes.chroot/usr/lib/x2go/tce/ @@ -164,9 +166,9 @@ chmod 755 ./patch/includes.chroot/usr/lib/x2go/tce/x2gousbmount Starting the Build - Change to a directory where you want to save your builds, and run the following commands: + In the directory where you want to save your builds, save the following file as x2go-tce-build, and run it (e.g. via //sudo bash ./x2go-tce-build//): #!/bin/bash # read (source) the config file -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/08/27 19:55 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:60.9) Gecko/20100101 Goanna/4.3 Firefox/60.9 PaleMoon/28.6.1 IP-Address : 109.193.81.67 Hostname: HSI-KBW-109-193-081-067.hsi7.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1566935672 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [History, Rationale, Outlook] Typofix User: stefanbaur @@ -13,9 +13,9 @@ The disadvantage is that your ThinClient now needs at least 512 MB to 1 GB of RAM (see below). Working with 256 MB is possible when you use local storage instead of netbooting (don't use the ''toram'' parameter, either), but not really recommended. However, the huge advantage is that there no longer is a need for any high-availibility setup concerning NFS (nor HTTP/HTTPS/FTP). If you follow our advice of loading the entire image into the ThinClient's RAM, or using local storage, all you need is an HTTP (HTTPS optional for later stages) or FTP server with a dedicated IP, if you want to use netbooting. It is also possible to deploy the image to the ThinClient's local storage, if present, and have it update in the background. - Besides, making changes to/updating the classic, NFS-based TCE (henceforth referred to as TCE-Classic) with the entire filesystem, not just its compressed image, spread out over the NFS share was rather finicky - with the current TCE-Live, you build and deploy a new image every time you make a change, and you can test it on a single client without interrupting your production environment. The //local storage// feature can also be used to create a portable version of both X2Go-TCE and X2goClient for Windows, sharing the same configuration, on CD/DVD/USB media. + Besides, making changes to/updating the classic, NFS-based TCE (henceforth referred to as TCE-Classic) with the entire filesystem, not just its compressed image, spread out over the NFS share was rather finicky - with the current TCE-Live, you build and deploy a new image every time you make a change, and you can test it on a single client without interrupting your production environment. The //local storage// feature can also be used to create a portable version of both X2Go-TCE and X2GoClient for Windows, sharing the same configuration, on CD/DVD/USB media. We've also received reports that TCE-Classic wouldn't work with Jessie, or at least it was very hard to get it to work. Our TCE-Live works just fine with Jessie, Stretch, and Buster as well. -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/08/27 19:53 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:60.9) Gecko/20100101 Goanna/4.3 Firefox/60.9 PaleMoon/28.6.1 IP-Address : 109.193.81.67 Hostname: HSI-KBW-109-193-081-067.hsi7.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1566935494 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [History, Rationale, Outlook] - removed obsolete paragraph, updated list of Debian releases X2Go-TCE works with User: stefanbaur @@ -17,11 +17,10 @@ Besides, making changes to/updating the classic, NFS-based TCE (henceforth referred to as TCE-Classic) with the entire filesystem, not just its compressed image, spread out over the NFS share was rather finicky - with the current TCE-Live, you build and deploy a new image every time you make a change, and you can test it on a single client without interrupting your production environment. The //local storage// feature can also be used to create a portable version of both X2Go-TCE and X2goClient for Windows, sharing the same configuration, on CD/DVD/USB media. We've also received reports that TCE-Classic wouldn't work with Jessie, or at least it was very hard to get it to work. - Our TCE-Live works just fine with Jessie, and we expect it to work in Stretch and hopefully in Buster (Stretch+1) as well. - The one catch is that the live-build package in Debian/the Debian-Live project is currently looking for a new maintainer - so there is a slim chance that live-build might be removed from Debian Buster, especially if no new maintainer steps up and the live-build replacement that is currently in the works (called live-wrapper) contains all the required functionality of live-build by then. - + Our TCE-Live works just fine with Jessie, Stretch, and Buster as well. + = ThinClient prerequisites for all TCE-Live variants = * At least 1 GB of RAM //unless// you use non-NTFS local storage, in that case, 512MB or even 256MB might work - but would you really want to use a Client that has 4 Megabytes of free RAM (our test result with 256 MB RAM total) and no swapspace? * For clients with less than 1 GB of RAM and no local storage, you could also use ''httpfs='' or ''ftpfs='' instead of ''fetch='', or ''netboot=nfs nfsroot=ip-of-your-server-here:/path/to/x2go-tce-filesystem.squashfs'' when netbooting, but this will make you dependent on an uninterrupted network connection again * At least an i586-compatible CPU -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/08/27 19:47 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:60.9) Gecko/20100101 Goanna/4.3 Firefox/60.9 PaleMoon/28.6.1 IP-Address : 109.193.81.67 Hostname: HSI-KBW-109-193-081-067.hsi7.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1553015827 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: Build scripts and instructions updated for Debian Buster User: stefanbaur @@ -27,37 +27,46 @@ * At least an i586-compatible CPU * Capability to boot via PXE //or// sufficient local storage (expect 250-450 MB, depending on what you decide to include) * A graphics card and input devices (Keyboard, Mouse/Trackball/Touchpad/Trackpoint/Touchscreen, ...) that are supported by the stock Debian X Server = Build system prerequisites for all variants = - * You need a Debian Jessie system to build the image. (Other distributions based on Debian might work, but this is untested.) + * You need a Debian Buster system to build the image. (Other distributions based on Debian might work, but this is untested.) * We suggest using a 64-Bit system, however, it is possible to use a 32-Bit system if you don't want to build a 64-Bit ThinClient image. * We suggest leaving at least 4 GB of free disk space so the build won't abort due to insufficient disk space while packages are downloaded, unpacked and copied around. * Make sure your package list is up to date by running: sudo apt-get update * Install the required packages by running: sudo apt-get install genisoimage git-core live-build live-config-doc live-manual-html live-boot-doc = Building your own X2Go-TCE Image = Configuring the Build - #!/bin/bash + # NOTE: This file gets sourced by the actual buildscript - so place it in the same directory as the buildscript or adjust the path in the buildscript. + # Select ONE of the following git reposities # this one loosely corresponds to "stable" - export LBX2GO_CONFIG='git://code.x2go.org/live-build-x2go.git::feature/openbox-magic-pixel-workaround' + #export LBX2GO_CONFIG='git://code.x2go.org/live-build-x2go.git::feature/openbox-magic-pixel-workaround-buster' # this one loosely corresponds to "heuler" - #export LBX2GO_CONFIG='https://github.com/LinuxHaus/live-build-x2go::feature/openbox-magic-pixel-workaround' - # NOTE: Add "-stretch" to the end of the LBX2GO_CONFIG string to create a stretch build + export LBX2GO_CONFIG='https://github.com/LinuxHaus/live-build-x2go::feature/openbox-magic-pixel-workaround-buster' + # NOTE: Add "-stretch" to the end of the LBX2GO_CONFIG string to create a stretch build, and "-buster" for a buster build + # NOTE: As of 2019-08-27, buster builds are only available via the github repo and for the feature/openbox-magic-pixel-workaround-buster and feature/mate-minidesktop-buster branches # Select ONE of the following LBX2GO_ARCH lines and comment out the others # (feel free to use long or short options) # for 64-Bit builds, use: export LBX2GO_ARCH='-a amd64 -k amd64' # 32-Bit, larger memory footprint, but faster performance on i686 and newer - # export LBX2GO_ARCH='-a i386 -k 686-pae' - # 32-Bit, smallest memory footprint + #export LBX2GO_ARCH='-a i386 -k 686-pae' + # 32-Bit, smallest memory footprint - not available on buster # export LBX2GO_ARCH='--architectures i386 --linux-flavours 586' - # detect if the selected git repo is meant to build a stretch or jessie image + # If you want to use the stock ISO image as created by this script, add your boot parameters here + #export LBX2GO_BOOTAPPEND_LIVE="boot=live components noswap lang=de vconsole.keymap=de keyboard-layouts=de locales=de_DE.UTF-8 silent quiet pubkey=http://x2go/x2go-tce/config/authorized_keys sessionsurl=http://x2go/x2go-tce/config/sessions toram" + + # detect if the selected git repo is meant to build a buster, stretch or jessie image if [ -z "${LBX2GO_CONFIG##*-stretch}" ] ; then export LBX2GO_DEBVERSION="stretch" + export LBX2GO_BOOTAPPEND_LIVE+=" net.ifnames=0 biosdevname=0" + elif [ -z "${LBX2GO_CONFIG##*-buster}" ] ; then + export LBX2GO_DEBVERSION="buster" + export LBX2GO_BOOTAPPEND_LIVE+=" net.ifnames=0 biosdevname=0" else export LBX2GO_DEBVERSION="jessie" fi @@ -119,27 +128,31 @@ export LBX2GO_TCE_SHRINK="true" # This patches the squashfs file into the initrd. Only parsed when image type "netboot" is set. # Will require boot parameter live-media=/ instead of fetch=... - # Both TFTP client and TFTP server must support file transfers >32MB for this to work, if you want to deploy this initrd via TFTP, - # so e.g. atftpd will not work - tftpd-hpa, howeverm seems to have no problem with larger files. + # Both TFTP client and TFTP server must support file transfers >32MB for this to work, if you want to deploy this initrd via
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/08/27 19:54 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:60.9) Gecko/20100101 Goanna/4.3 Firefox/60.9 PaleMoon/28.6.1 IP-Address : 109.193.81.67 Hostname: HSI-KBW-109-193-081-067.hsi7.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1566935619 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [X2Go-ThinClientEditon-Live (TCE-Live, formerly known as TCE-NG)] - this page no longer needs a warning at the top User: stefanbaur @@ -1,7 +1,6 @@ == X2Go-ThinClientEditon-Live (TCE-Live, formerly known as TCE-NG) == - This page is very much Work in Progess. Please leave a note on x2go-u...@lists.x2go.org if you're interested in trying this out, so we can guide you along if something goes wrong. If you are looking for installation instructions for the classic, NFS-filesystem-based X2Go-ThinClient, please go [[wiki:advanced:tce:install|here]] -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/03/19 17:17 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 109.193.81.67 Hostname: HSI-KBW-109-193-081-067.hsi7.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1553014729 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [What options are available under FURTHER-OPTIONS-GO-HERE?] added note that pavol is primarily for MMD User: stefanbaur @@ -612,9 +612,9 @@ * ''ldap2=ldap-backupserver-2.example.com:389'' - this allows you to specify the second of up to two LDAP backup servers when using LDAP authentication * ''nodpms'' - Will not touch DPMS settings at all (by default, ''blank=0'' does both ''xset s off'' and ''xset -dpms''). Use this along with ''blank=n'' if you do want to blank the screen, but your screen is confused by DPMS settings. * ''nomagicpixel=1'' or ''nomagicpixel=2'' - you should set ''nomagicpixel=1'' while the "magic pixel" (clicking in the upper right corner of the screen will minimize a fullscreen session) is still active in thinclient mode (this feature is expected to be disabled at some point in the future). ''nomagicpixel=1'' will disable the window manager when exactly 3 windows are detected (that's the usual situation when a fullscreen session is active). It will re-enable openbox whenever more or less than 3 windows are detected. If this fails for you, you can try ''nomagicpixel=2'', which will try to trigger on the window-minimize command and restore it to fullscreen (this will cause a short screen flickering effect). Note that ''nomagicpixel=2'' will make your ThinClient unusable when trying to run the actual X2Go-TCE client as a virtual machine guest (the //X2GoServer// you connect to may be a VM guest, no problems there). To live with the magic pixel bug, simply do not add this option at all. * ''ntp="server1 server2 ... servern"'' - this allows you to specify your own NTP server. If this parameter is not used, time will be synced with standard Debian NTP servers. To disable NTP syncing entirely, use ''ntp=false'' (feature available via github repo, soon via x2go repo too) - * ''pavol=[n:]volume%[|[n:]volume% ...]'' - Allows you to set default volume levels for one or more audio output devices. ''pavol=50%'' will set the default audio output device (#0) to 50%. ''pavol=1:99%'' will set audio output device #1 to 99%. ''pavol="0:50%|1:99%"'' will set audio output device #0 to 50%, and audio output device #1 to 99% (feature available via github repo, soon via x2go repo too). + * ''pavol=[n:]volume%[|[n:]volume% ...]'' - Allows you to set default volume levels for one or more audio output devices. ''pavol=50%'' will set the default audio output device (#0) to 50%. ''pavol=1:99%'' will set audio output device #1 to 99%. ''pavol="0:50%|1:99%"'' will set audio output device #0 to 50%, and audio output device #1 to 99%. Note that this opion only makes sense in MATE-MiniDesktop mode, as regular TCE sessions get their volume levels restored from the host they connect to. (''pavol'' feature available via github repo, soon via x2go repo too). * ''pubkey=tftp|http|https|ftp://your-http-server-ip-or-dns-here/x2go-tce/x2go-tce.authorized_keys'' - Allows you to add an ssh public key file to the ThinClient, so your administrators can log in remotely using SSH. Note that this file needs to be chmodded 644, not 600, on the web server. **Attention: Whoever manages to spoof this server name will have root access to your ThinClients.** Using HTTPS will mitigate this - an attacker would not only have to spoof the server name, but also the matching certificate. * ''session=sessionname'' - use this to specify a session by name that should be pre-selected on startup. The name must be listed in the sessions file and may only contain characters from the following charset: //a-zA-Z0-9.:/ _-// (We suggest naming the default session ''default'' and using ''session=default''.) When using a session name with blanks, please enclose the sessionname in either single or double quotes, like so: ''session="session name"'' / ''session='session name''' * ''tcedebug'' - this switches X2GoClient into debug mode and will also lead to increased logging to /var/log/x2goclient and to tty9 * ''tcpprint'' - Will allow you to use local LPT/USB printers like "dumb" network printers (listening to port 9100 and above). Requires MAC->IP mapping in DHCP server (and optionally, DNS->IP mapping), or static IPs - else your print jobs will end up on random devices. This setup is preferred over the X2GoClient's built-in printing for locally attached printers if X2GoServer and ThinClients are on the same network. It is not recommended when your X2Go connection goes across the internet or when the ThinClient is actually a
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/03/19 16:58 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 109.193.81.67 Hostname: HSI-KBW-109-193-081-067.hsi7.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1553014457 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [What options are available under FURTHER-OPTIONS-GO-HERE?] added description for audio output volume control User: stefanbaur @@ -612,8 +612,9 @@ * ''ldap2=ldap-backupserver-2.example.com:389'' - this allows you to specify the second of up to two LDAP backup servers when using LDAP authentication * ''nodpms'' - Will not touch DPMS settings at all (by default, ''blank=0'' does both ''xset s off'' and ''xset -dpms''). Use this along with ''blank=n'' if you do want to blank the screen, but your screen is confused by DPMS settings. * ''nomagicpixel=1'' or ''nomagicpixel=2'' - you should set ''nomagicpixel=1'' while the "magic pixel" (clicking in the upper right corner of the screen will minimize a fullscreen session) is still active in thinclient mode (this feature is expected to be disabled at some point in the future). ''nomagicpixel=1'' will disable the window manager when exactly 3 windows are detected (that's the usual situation when a fullscreen session is active). It will re-enable openbox whenever more or less than 3 windows are detected. If this fails for you, you can try ''nomagicpixel=2'', which will try to trigger on the window-minimize command and restore it to fullscreen (this will cause a short screen flickering effect). Note that ''nomagicpixel=2'' will make your ThinClient unusable when trying to run the actual X2Go-TCE client as a virtual machine guest (the //X2GoServer// you connect to may be a VM guest, no problems there). To live with the magic pixel bug, simply do not add this option at all. * ''ntp="server1 server2 ... servern"'' - this allows you to specify your own NTP server. If this parameter is not used, time will be synced with standard Debian NTP servers. To disable NTP syncing entirely, use ''ntp=false'' (feature available via github repo, soon via x2go repo too) + * ''pavol=[n:]volume%[|[n:]volume% ...]'' - Allows you to set default volume levels for one or more audio output devices. ''pavol=50%'' will set the default audio output device (#0) to 50%. ''pavol=1:99%'' will set audio output device #1 to 99%. ''pavol="0:50%|1:99%"'' will set audio output device #0 to 50%, and audio output device #1 to 99% (feature available via github repo, soon via x2go repo too). * ''pubkey=tftp|http|https|ftp://your-http-server-ip-or-dns-here/x2go-tce/x2go-tce.authorized_keys'' - Allows you to add an ssh public key file to the ThinClient, so your administrators can log in remotely using SSH. Note that this file needs to be chmodded 644, not 600, on the web server. **Attention: Whoever manages to spoof this server name will have root access to your ThinClients.** Using HTTPS will mitigate this - an attacker would not only have to spoof the server name, but also the matching certificate. * ''session=sessionname'' - use this to specify a session by name that should be pre-selected on startup. The name must be listed in the sessions file and may only contain characters from the following charset: //a-zA-Z0-9.:/ _-// (We suggest naming the default session ''default'' and using ''session=default''.) When using a session name with blanks, please enclose the sessionname in either single or double quotes, like so: ''session="session name"'' / ''session='session name''' * ''tcedebug'' - this switches X2GoClient into debug mode and will also lead to increased logging to /var/log/x2goclient and to tty9 * ''tcpprint'' - Will allow you to use local LPT/USB printers like "dumb" network printers (listening to port 9100 and above). Requires MAC->IP mapping in DHCP server (and optionally, DNS->IP mapping), or static IPs - else your print jobs will end up on random devices. This setup is preferred over the X2GoClient's built-in printing for locally attached printers if X2GoServer and ThinClients are on the same network. It is not recommended when your X2Go connection goes across the internet or when the ThinClient is actually a laptop roaming between different networks. **Attention: When used without ''tcpprintonlyfrom'' (see below), this means anyone that can reach your thin client via e.g. ping can also send print jobs to it!** -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/03/19 16:54 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 109.193.81.67 Hostname: HSI-KBW-109-193-081-067.hsi7.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1553014423 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of open ToDos/FIXMEs for this page] Removed issue that is now listed under fixed issues User: stefanbaur @@ -960,10 +960,8 @@ FIXME for MATE-MiniDesktop, it might make sense to teach the image how to do LDAP auth (preferably with LDAPS or LDAP+TLS) and use lightdm without the auto-login. That way, a local screensaver //with// locking functionality (prompting for the actual user's LDAP password) should be possible - and LDAP credential passthrough to X2GoClient should work, too (though that might require kerberos in addition to LDAP,we'll see). FIXME Scripts triggered by if-up should check if a new download is really necessary. - - FIXME in MiniDesktop mode, some local sound control features required (taskbar or app like pavucontrol; default volume via boot parameter), also, it seems that sound isn't really working in MiniDesktop mode, as seen when trying to use YouTube. Probably pulseaudio-related. Taskbar App is there, was blocked by pulseaudio being spawned separately. Still needs save/restore feature/boot parameter. FIXME Feature request: In TCE (not MMD), use while ! (grep "^/dev/" /etc/mtab | grep -q rw ) ; do # rw-mounted physical devices detected echo s >/proc/sysrq-trigger # sync all -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/03/19 16:53 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 109.193.81.67 Hostname: HSI-KBW-109-193-081-067.hsi7.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1552987706 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of closed ToDos/FIXMEs for this page] Volume Control Applet now available in MMD User: stefanbaur @@ -983,8 +983,8 @@ * Automount script expansion is in the works. Will fully support VFAT, NTFS, hfs, hpfs, will offer read-only support for ext* via fuseext2 (that way, file ownership/permissions are ignored). - fixed. * ''homepageurl='' (only available in MiniDesktop-Mode) is currently undocumented. Supports multiple URLs separated with pipes. - fixed * Maybe we should add symlinks to the mount points created by the automounter: Currently, we create ''/media/vendor_model_name/sdxn'' as a mount point. The idea is to allow the user to find their portable device using the vendor/model name description. However, this is unusable for scripting, as the ''//x//'' in ''sdxn'' may change any time. We should replace ''//sdx//'' with ''//partition//'' (or have corresponding symlinks created), but what should we do for //superfloppies// that only have ''sdx'' with no partition number? We could mount them as ''/media/vendor_model_name/partition/'' or directly at ''/media/vendor_model_name/''. Also, symlinks using labels and uuids, similar to ''/dev/by-*'' would be handy for scripting. Another problem: when replacing ''sdx'', what will happen when a user inserts two media with the same vendor/model name at the same time? Blindly replacing the string would make one of them inaccessible due to overwriting the symlink(s). We'd have to start checking active mounts and enumerate them like ''/media/vendor_model_name/1/partitionn'' or ''/media/vendor_model_name-1/partitionn''. - fixed. When a label is detected, a symlink is now created under ''/media/vendor_model_name/label'' that points to ''/media/vendor_model_name/partitionn''. * ''nomagicpixel='' is unsupported in MiniDesktop-Mode and will be unsupported there forever, as it doesn't make sense for MiniDesktop-Mode (there is a task bar available, so a session that has been minimized accidentally can be re-selected by the users themselves). - unfixable. - + * volume control applet for MiniDesktop mode has been added - fixed in github repo, soon in x2go repo (to save/restore volume control settings, using the "persistence" feature of live-build is probably the better way to go) The live-config "builtin" command ''live-config.nottyautologin'' does not do the same as our ''nouser'' command. ''live-config.nottyautologin'' means "there's a login prompt, but you just need to enter username ''user'' and password ''live'' to login" - this is not what we want. We need a solution to entirely block user logons. -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/03/19 09:28 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 109.193.81.67 Hostname: HSI-KBW-109-193-081-067.hsi7.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1549584760 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of open ToDos/FIXMEs for this page] Updated state of audio support in MMD User: stefanbaur @@ -961,9 +961,9 @@ FIXME for MATE-MiniDesktop, it might make sense to teach the image how to do LDAP auth (preferably with LDAPS or LDAP+TLS) and use lightdm without the auto-login. That way, a local screensaver //with// locking functionality (prompting for the actual user's LDAP password) should be possible - and LDAP credential passthrough to X2GoClient should work, too (though that might require kerberos in addition to LDAP,we'll see). FIXME Scripts triggered by if-up should check if a new download is really necessary. - FIXME in MiniDesktop mode, some local sound control features required (taskbar or app like pavucontrol; default volume via boot parameter), also, it seems that sound isn't really working in MiniDesktop mode, as seen when trying to use YouTube. Probably pulseaudio-related. + FIXME in MiniDesktop mode, some local sound control features required (taskbar or app like pavucontrol; default volume via boot parameter), also, it seems that sound isn't really working in MiniDesktop mode, as seen when trying to use YouTube. Probably pulseaudio-related. Taskbar App is there, was blocked by pulseaudio being spawned separately. Still needs save/restore feature/boot parameter. FIXME Feature request: In TCE (not MMD), use while ! (grep "^/dev/" /etc/mtab | grep -q rw ) ; do # rw-mounted physical devices detected echo s >/proc/sysrq-trigger # sync all -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/02/08 00:12 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 109.193.81.67 Hostname: HSI-KBW-109-193-081-067.hsi7.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1549133987 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of open ToDos/FIXMEs for this page] added new item "fastpo" boot parameter User: stefanbaur @@ -962,8 +962,16 @@ FIXME Scripts triggered by if-up should check if a new download is really necessary. FIXME in MiniDesktop mode, some local sound control features required (taskbar or app like pavucontrol; default volume via boot parameter), also, it seems that sound isn't really working in MiniDesktop mode, as seen when trying to use YouTube. Probably pulseaudio-related. + + FIXME Feature request: In TCE (not MMD), use + while ! (grep "^/dev/" /etc/mtab | grep -q rw ) ; do # rw-mounted physical devices detected + echo s >/proc/sysrq-trigger # sync all + echo u >/proc/sysrq-trigger # remount all (physdevs) ro + done + echo o >/proc/sysrq-trigger # force fast shutdown/poweroff + for faster poweroff when boot parameter ''fastpo'' is set = List of closed ToDos/FIXMEs for this page = * ''audioout='', ''blank='', ''*blankdpmsfix'', ''nodpms'', ''xinerama='', are currently unsupported in MiniDesktop-Mode, but this is being worked on, by outsourcing them into scripts under ''/etc/X11/Xsession.d/'' (currently, they reside in ''/lib/live/config/2900-x2go-thinclientconfig'' - which doesn't exist in the MiniDesktop branches - and from there, they get written to ''~/.xsession'' - fixed in github repo, soon in x2go repo * It would be nice to have a boot parameter ''xroot=[0xaabbcc|URI1[|URI2|...]]'' for the desktop background image/color, and a boot parameter ''xrootmode=center|fill|scale|tile'' to determine how the image(s) should be positioned (if the parameter has been set, but something is wrong, it should default to the "grey mesh" background) - fixed in github repo, soon in x2go repo * It would also be nice to have boot parameters ''xsaverimages=[URI1[|URI2|...]]'', ''xsaveridletime=n'', ''xsaverimgtime=n'', for a local, non-locking slideshow screensaver (if no images are specified/downloaded by the time it activates, it should just blank the screen). That way, one could display a slideshow without having to push the images across the network every time - fixed in github repo, soon in x2go repo -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/02/02 18:58 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 109.193.81.67 Hostname: HSI-KBW-109-193-081-067.hsi7.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1548883990 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [Prerequisites] added note regarding problematic tftp server User: stefanbaur @@ -258,9 +258,9 @@ * You need an existing DHCP/PXE/TFTP setup with the usual pxelinux.0/pxelinux.cfg boot and configuration files, and a directory where kernel and initrd can be stored. This is not covered here, though we might add a separate howto for that some time later on. * Note that whoever manages to spoof this server name can deploy rogue images to your ThinClients. If this is a serious issue for you, consider using local storage media and the autoupdater instead. * It **might** be possible to already use HTTPS in this early stage when using iPXE. This is untested and requires building your own iPXE image. see http://ipxe.org/crypto for details. Alternatively, use ipxe.lkrn (from [[http://boot.ipxe.org/ipxe.lkrn]]) and pxelinux.0 in combination with scripted ipxe commands in the pxelinux.cfg. * You will also need an HTTP/HTTPS/FTP server with a dedicated IP (no name-based virtual hosts) for the squashfs image. - **Note:** set LBX2GO_NOSQUASHFS=true and use iPXE (e.g. with ipxe.lkrn + pxelinux.0) if you cannot use an IP for your host. Another option (untested) is explained [[https://blog.jacekk.info/2016/01/debian-live-webboot-dns/|here]] - * This image cannot be deployed via TFTP as it is too large - some TFTP servers refuse to serve files lager than 32MB, and some TFTP clients have problems with that as well. + * This image cannot be deployed via TFTP as it is too large - some TFTP servers (atftpd in particular) refuse to serve files lager than 32MB, and some TFTP clients have problems with that as well. * Also, even if you have a TFTP server/client combination that handles files larger than 32 MB, it will still be wy slower than the HTTP/FTP transfer. * Note that whoever manages to spoof this server name can deploy rogue images to your ThinClients. If this is a serious issue for you, consider using local storage media and the autoupdater instead. * It **might** be possible to use HTTPS with the ''fetch='' command. This is untested. * Once your setup fulfills all the requirements listed above, go ahead and build the image using the scripts listed in [[doc:howto:tce#configuring_the_build|Configuring the Build]] - make sure to choose ''export LBX2GO_IMAGETYPE='netboot''' (this should be the default) -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/30 21:33 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 109.193.81.67 Hostname: HSI-KBW-109-193-081-067.hsi7.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1548883099 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of open ToDos/FIXMEs for this page] more packages still needed for xinerama support and blanking support User: stefanbaur @@ -918,9 +918,9 @@ libssh2-1 libstartup-notification0 libxft2 libxss1 vim-runtime rsync xserver-xorg-input-wacom xserver-xorg-video-all \ xserver-xorg-video-amdgpu xserver-xorg-video-ati xserver-xorg-video-nouveau xserver-xorg-video-qxl \ xserver-xorg-video-radeon xserver-xorg-video-vmware libdrm-amdgpu1 libdrm-nouveau2 libdrm-radeon1 libllvm3.9 libsensors4 \ libxatracker2 xprintidle feh xdotool openbox libxapian30 libpipeline1 libnpth0 libksba8 libseccomp2 libsqlite3-0 libxdo3 \ - libnewt0.52 libslang2 libxinerama1 keyutils libassuan0 libdatrie1 libevent-2.0-5 libthai-data libthai0 libxcursor1 \ + libnewt0.52 libslang2 keyutils libassuan0 libdatrie1 libevent-2.0-5 libthai-data libthai0 \ pinentry-curses trickle libxapian30 libpcsclite1 libdbus-glib-1-2 libfuse2 libpipeline1 libusb-1.0-0 libxv1 xnest \ xserver-xephyr rdesktop freerdp-x11 traceroute screen net-tools less ntfs-3g fuse locales cifs-utils xterm libgssglue1 \ libntfs-3g871 libtalloc2 libtcl8.6 libtk8.6 libutempter0 libvncclient1 libvncserver1 libwbclient0 libxcb-xf86dri0 \ libxcb-xv0 samba-common tcl tcl8.6 tk tk8.6 xbitmaps nfs-common rpcbind atmel-firmware bluez-firmware \ -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/30 21:18 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 109.193.81.67 Hostname: HSI-KBW-109-193-081-067.hsi7.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1548880943 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of open ToDos/FIXMEs for this page] we need to keep some more packages to enable xset User: stefanbaur @@ -918,21 +918,21 @@ libssh2-1 libstartup-notification0 libxft2 libxss1 vim-runtime rsync xserver-xorg-input-wacom xserver-xorg-video-all \ xserver-xorg-video-amdgpu xserver-xorg-video-ati xserver-xorg-video-nouveau xserver-xorg-video-qxl \ xserver-xorg-video-radeon xserver-xorg-video-vmware libdrm-amdgpu1 libdrm-nouveau2 libdrm-radeon1 libllvm3.9 libsensors4 \ libxatracker2 xprintidle feh xdotool openbox libxapian30 libpipeline1 libnpth0 libksba8 libseccomp2 libsqlite3-0 libxdo3 \ - libnewt0.52 libxmuu1 libxrandr2 libslang2 libxinerama1 libxcursor1 cpp cpp-6 keyutils libassuan0 libdatrie1 libevent-2.0-5 \ - libisl15 libmpc3 libmpfr4 libthai-data libthai0 libxcursor1 pinentry-curses trickle libxapian30 libpcsclite1 \ - libdbus-glib-1-2 libfuse2 libpipeline1 libusb-1.0-0 libxv1 xnest xserver-xephyr rdesktop freerdp-x11 traceroute screen \ - net-tools less ntfs-3g fuse locales cifs-utils xterm libgssglue1 libntfs-3g871 libtalloc2 libtcl8.6 libtk8.6 libutempter0 \ - libvncclient1 libvncserver1 libwbclient0 libxcb-xf86dri0 libxcb-xv0 samba-common tcl tcl8.6 tk tk8.6 xbitmaps nfs-common \ - rpcbind atmel-firmware bluez-firmware dahdi-firmware-nonfree hdmi2usb-fx2-firmware iso-codes ixo-usb-jtag libc-l10n \ - libnfsidmap2 libtirpc1 x11vnc x11vnc-data libapparmor1 systemd apt-utils libapt-inst2.0 libfreerdp-cache1.1 \ - libfreerdp-client1.1 libfreerdp-codec1.1 libfreerdp-common1.1.0 libfreerdp-core1.1 libfreerdp-crypto1.1 libfreerdp-gdi1.1 \ - libfreerdp-locale1.1 libfreerdp-primitives1.1 libfreerdp-rail1.1 libfreerdp-utils1.1 libwinpr-crt0.1 libwinpr-crypto0.1 \ - libwinpr-dsparse0.1 libwinpr-environment0.1 libwinpr-file0.1 libwinpr-handle0.1 libwinpr-heap0.1 libwinpr-input0.1 \ - libwinpr-interlocked0.1 libwinpr-library0.1 libwinpr-path0.1 libwinpr-pool0.1 libwinpr-registry0.1 libwinpr-rpc0.1 \ - libwinpr-sspi0.1 libwinpr-synch0.1 libwinpr-sysinfo0.1 libwinpr-thread0.1 libwinpr-utils0.1 firmware-amd-graphics \ - firmware-atheros firmware-bnx2 firmware-bnx2x firmware-brcm80211 firmware-cavium firmware-crystalhd firmware-intel-sound \ + libnewt0.52 libslang2 libxinerama1 keyutils libassuan0 libdatrie1 libevent-2.0-5 libthai-data libthai0 libxcursor1 \ + pinentry-curses trickle libxapian30 libpcsclite1 libdbus-glib-1-2 libfuse2 libpipeline1 libusb-1.0-0 libxv1 xnest \ + xserver-xephyr rdesktop freerdp-x11 traceroute screen net-tools less ntfs-3g fuse locales cifs-utils xterm libgssglue1 \ + libntfs-3g871 libtalloc2 libtcl8.6 libtk8.6 libutempter0 libvncclient1 libvncserver1 libwbclient0 libxcb-xf86dri0 \ + libxcb-xv0 samba-common tcl tcl8.6 tk tk8.6 xbitmaps nfs-common rpcbind atmel-firmware bluez-firmware \ + dahdi-firmware-nonfree hdmi2usb-fx2-firmware iso-codes ixo-usb-jtag libc-l10n libnfsidmap2 libtirpc1 x11vnc x11vnc-data \ + libapparmor1 systemd apt-utils libapt-inst2.0 libfreerdp-cache1.1 libfreerdp-client1.1 libfreerdp-codec1.1 \ + libfreerdp-common1.1.0 libfreerdp-core1.1 libfreerdp-crypto1.1 libfreerdp-gdi1.1 libfreerdp-locale1.1 \ + libfreerdp-primitives1.1 libfreerdp-rail1.1 libfreerdp-utils1.1 libwinpr-crt0.1 libwinpr-crypto0.1 libwinpr-dsparse0.1 \ + libwinpr-environment0.1 libwinpr-file0.1 libwinpr-handle0.1 libwinpr-heap0.1 libwinpr-input0.1 libwinpr-interlocked0.1 \ + libwinpr-library0.1 libwinpr-path0.1 libwinpr-pool0.1 libwinpr-registry0.1 libwinpr-rpc0.1 libwinpr-sspi0.1 \ + libwinpr-synch0.1 libwinpr-sysinfo0.1
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/30 20:42 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 109.193.81.67 Hostname: HSI-KBW-109-193-081-067.hsi7.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1548880696 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of open ToDos/FIXMEs for this page] User: stefanbaur @@ -950,9 +950,9 @@ fi mkdir -p binary/live mksquashfs squashfs-root binary/live/filesystem.squashfs -comp xz -Xbcj x86 -b 1024K -Xdict-size 1024K -noappend rm -rf squashfs-root - ln binary/live/filesystem.squashfs x2go-tce-filesystem-stripped.squashfs + ln -f binary/live/filesystem.squashfs x2go-tce-filesystem-stripped.squashfs (cd binary; echo live$'\n'live/filesystem.squashfs |cpio -o -H newc | gzip --fast) >./tce-filesystem-stripped.cpio.gz cat ./x2go-tce-initrd.img ./tce-filesystem-stripped.cpio.gz >./x2go-tce-initrd-with-fs-stripped.img rm ./tce-filesystem-stripped.cpio.gz -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/30 20:38 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 109.193.81.67 Hostname: HSI-KBW-109-193-081-067.hsi7.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1548880523 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of open ToDos/FIXMEs for this page] more formatting User: stefanbaur @@ -947,9 +947,10 @@ fi if [ -f binary/live/filesystem.squashfs ] ; then mv binary/live/filesystem.squashfs binary/live/filesystem.squashfs.old fi - mkdir -p binary/live && mksquashfs squashfs-root binary/live/filesystem.squashfs -comp xz -Xbcj x86 -b 1024K -Xdict-size 1024K -noappend + mkdir -p binary/live + mksquashfs squashfs-root binary/live/filesystem.squashfs -comp xz -Xbcj x86 -b 1024K -Xdict-size 1024K -noappend rm -rf squashfs-root ln binary/live/filesystem.squashfs x2go-tce-filesystem-stripped.squashfs (cd binary; echo live$'\n'live/filesystem.squashfs |cpio -o -H newc | gzip --fast) >./tce-filesystem-stripped.cpio.gz cat ./x2go-tce-initrd.img ./tce-filesystem-stripped.cpio.gz >./x2go-tce-initrd-with-fs-stripped.img -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/30 20:35 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 109.193.81.67 Hostname: HSI-KBW-109-193-081-067.hsi7.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1548880487 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of open ToDos/FIXMEs for this page] more formatting User: stefanbaur @@ -941,9 +941,10 @@ mkdir -p squashfs-root/home/user touch squashfs-root/home/user/.xsession umount squashfs-root/proc if ! grep '^eval $THROTTLINGCOMMAND' squashfs-root/etc/X11/Xsession.d/61x11-start-x2goclient | grep -q -- ' --thinclient ' ; then - sed -i -e 's#eval \$THROTTLINGCOMMAND x2goclient#eval \$THROTTLINGCOMMAND x2goclient --thinclient#g' squashfs-root/etc/X11/Xsession.d/61x11-start-x2goclient + sed -i -e 's#eval \$THROTTLINGCOMMAND x2goclient#eval \$THROTTLINGCOMMAND x2goclient --thinclient#g' \ + squashfs-root/etc/X11/Xsession.d/61x11-start-x2goclient fi if [ -f binary/live/filesystem.squashfs ] ; then mv binary/live/filesystem.squashfs binary/live/filesystem.squashfs.old fi -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/30 20:34 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 109.193.81.67 Hostname: HSI-KBW-109-193-081-067.hsi7.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1548880226 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of open ToDos/FIXMEs for this page] some formatting User: stefanbaur @@ -905,29 +905,49 @@ - check if this could be turned into a build parameter. Note that this makes only sense for a netboot image that uses X2Go sessions only, and no NTFS media (neither fixed disk nor USB). Also, this causes an X startup failure during boot that needs to be worked around (by touching /home/user/.xsession). Here's a script to do all of this automatically (needs to be run as root in the builddir: #!/bin/bash -e - if [ $UID -ne 0 ] ; then echo "Must be root." exit 1 fi - unsquashfs x2go-tce-filesystem.squashfs mount --bind /proc squashfs-root/proc - - chroot squashfs-root apt purge -y acpi-support-base acpid acpi-support pm-utils powermgmt-base gnupg gnupg-agent whiptail vim vim-common vim-tiny xxd xinetd libcroco3 libcurl3 libexif12 libgdk-pixbuf2.0-0 libgdk-pixbuf2.0-common libgif7 libid3tag0 libimlib2 libnghttp2-14 libobrender32v5 libobt2v5 libpango-1.0-0 libpangocairo-1.0-0 libpangoft2-1.0-0 libpangoxft-1.0-0 librsvg2-2 librtmp1 libssh2-1 libstartup-notification0 libxft2 libxss1 vim-runtime rsync xserver-xorg-input-wacom xserver-xorg-video-all xserver-xorg-video-amdgpu xserver-xorg-video-ati xserver-xorg-video-nouveau xserver-xorg-video-qxl xserver-xorg-video-radeon xserver-xorg-video-vmware libdrm-amdgpu1 libdrm-nouveau2 libdrm-radeon1 libllvm3.9 libsensors4 libxatracker2 xprintidle feh xdotool openbox libxapian30 libpipeline1 libnpth0 libksba8 libseccomp2 libsqlite3-0 libxdo3 libnewt0.52 libxmuu1 libxrandr2 libslang2 libxinerama1 libxcursor1 cpp cpp-6 keyutils libassuan0 libdatrie1 libevent-2.0-5 libisl15 libmpc3 libmpfr4 libthai-data libthai0 libxcursor1 pinentry-curses trickle libxapian30 libpcsclite1 libdbus-glib-1-2 libfuse2 libpipeline1 libusb-1.0-0 libxv1 xnest xserver-xephyr rdesktop freerdp-x11 traceroute screen net-tools less ntfs-3g fuse locales cifs-utils xterm libgssglue1 libntfs-3g871 libtalloc2 libtcl8.6 libtk8.6 libutempter0 libvncclient1 libvncserver1 libwbclient0 libxcb-xf86dri0 libxcb-xv0 samba-common tcl tcl8.6 tk tk8.6 xbitmaps nfs-common rpcbind atmel-firmware bluez-firmware dahdi-firmware-nonfree hdmi2usb-fx2-firmware iso-codes ixo-usb-jtag libc-l10n libnfsidmap2 libtirpc1 x11vnc x11vnc-data libapparmor1 systemd apt-utils libapt-inst2.0 libfreerdp-cache1.1 libfreerdp-client1.1 libfreerdp-codec1.1 libfreerdp-common1.1.0 libfreerdp-core1.1 libfreerdp-crypto1.1 libfreerdp-gdi1.1 libfreerdp-locale1.1 libfreerdp-primitives1.1 libfreerdp-rail1.1 libfreerdp-utils1.1 libwinpr-crt0.1 libwinpr-crypto0.1 libwinpr-dsparse0.1 libwinpr-environment0.1 libwinpr-file0.1 libwinpr-handle0.1 libwinpr-heap0.1 libwinpr-input0.1 libwinpr-interlocked0.1 libwinpr-library0.1 libwinpr-path0.1 libwinpr-pool0.1 libwinpr-registry0.1 libwinpr-rpc0.1 libwinpr-sspi0.1 libwinpr-synch0.1 libwinpr-sysinfo0.1 libwinpr-thread0.1 libwinpr-utils0.1 firmware-amd-graphics firmware-atheros firmware-bnx2 firmware-bnx2x firmware-brcm80211 firmware-cavium firmware-crystalhd firmware-intel-sound firmware-intelwimax firmware-ipw2x00 firmware-ivtv firmware-iwlwifi firmware-libertas firmware-linux firmware-linux-free firmware-linux-nonfree firmware-misc-nonfree firmware-myricom firmware-netxen firmware-qlogic firmware-realtek firmware-samsung firmware-siano firmware-ti-connectivity firmware-zd1211 - + chroot squashfs-root apt purge -y acpi-support-base acpid acpi-support pm-utils powermgmt-base gnupg gnupg-agent whiptail vim vim-common vim-tiny xxd xinetd \ + libcroco3 libcurl3 libexif12 libgdk-pixbuf2.0-0 libgdk-pixbuf2.0-common libgif7 libid3tag0 libimlib2 libnghttp2-14 \ + libobrender32v5 libobt2v5 libpango-1.0-0 libpangocairo-1.0-0 libpangoft2-1.0-0 libpangoxft-1.0-0 librsvg2-2 librtmp1 \ + libssh2-1 libstartup-notification0 libxft2 libxss1 vim-runtime rsync xserver-xorg-input-wacom xserver-xorg-video-all \ + xserver-xorg-video-amdgpu xserver-xorg-video-ati xserver-xorg-video-nouveau xserver-xorg-video-qxl \ + xserver-xorg-video-radeon xserver-xorg-video-vmware libdrm-amdgpu1 libdrm-nouveau2 libdrm-radeon1 libllvm3.9 libsensors4 \ + libxatracker2 xprintidle feh xdotool openbox libxapian30 libpipeline1 libnpth0 libksba8 libseccomp2 libsqlite3-0 libxdo3 \ + libnewt0.52
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/30 20:30 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 109.193.81.67 Hostname: HSI-KBW-109-193-081-067.hsi7.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1548880143 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of open ToDos/FIXMEs for this page] ./tce-filesystem-stripped.cpio.gz can be removed at the end User: stefanbaur @@ -931,8 +931,9 @@ rm -rf squashfs-root ln binary/live/filesystem.squashfs x2go-tce-filesystem-stripped.squashfs (cd binary; echo live$'\n'live/filesystem.squashfs |cpio -o -H newc | gzip --fast) >./tce-filesystem-stripped.cpio.gz cat ./x2go-tce-initrd.img ./tce-filesystem-stripped.cpio.gz >./x2go-tce-initrd-with-fs-stripped.img + rm ./tce-filesystem-stripped.cpio.gz FIXME for MATE-MiniDesktop, it might make sense to teach the image how to do LDAP auth (preferably with LDAPS or LDAP+TLS) and use lightdm without the auto-login. That way, a local screensaver //with// locking functionality (prompting for the actual user's LDAP password) should be possible - and LDAP credential passthrough to X2GoClient should work, too (though that might require kerberos in addition to LDAP,we'll see). -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/30 20:29 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 109.193.81.67 Hostname: HSI-KBW-109-193-081-067.hsi7.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1548879774 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of open ToDos/FIXMEs for this page] x11-xserver-utils needs to stay so we can keep the screen from going blank User: stefanbaur @@ -914,9 +914,9 @@ unsquashfs x2go-tce-filesystem.squashfs mount --bind /proc squashfs-root/proc - chroot squashfs-root apt purge -y acpi-support-base acpid acpi-support pm-utils powermgmt-base gnupg gnupg-agent whiptail vim vim-common vim-tiny xxd xinetd libcroco3 libcurl3 libexif12 libgdk-pixbuf2.0-0 libgdk-pixbuf2.0-common libgif7 libid3tag0 libimlib2 libnghttp2-14 libobrender32v5 libobt2v5 libpango-1.0-0 libpangocairo-1.0-0 libpangoft2-1.0-0 libpangoxft-1.0-0 librsvg2-2 librtmp1 libssh2-1 libstartup-notification0 libxft2 libxss1 vim-runtime rsync xserver-xorg-input-wacom xserver-xorg-video-all xserver-xorg-video-amdgpu xserver-xorg-video-ati xserver-xorg-video-nouveau xserver-xorg-video-qxl xserver-xorg-video-radeon xserver-xorg-video-vmware libdrm-amdgpu1 libdrm-nouveau2 libdrm-radeon1 libllvm3.9 libsensors4 libxatracker2 xprintidle feh xdotool openbox libxapian30 libpipeline1 libnpth0 libksba8 libseccomp2 libsqlite3-0 libxdo3 libnewt0.52 libxmuu1 libxrandr2 x11-xserver-utils libslang2 libxinerama1 libxcursor1 cpp cpp-6 keyutils libassuan0 libdatrie1 libevent-2.0-5 libisl15 libmpc3 libmpfr4 libthai-data libthai0 libxcursor1 pinentry-curses trickle libxapian30 libpcsclite1 libdbus-glib-1-2 libfuse2 libpipeline1 libusb-1.0-0 libxv1 xnest xserver-xephyr rdesktop freerdp-x11 traceroute screen net-tools less ntfs-3g fuse locales cifs-utils xterm libgssglue1 libntfs-3g871 libtalloc2 libtcl8.6 libtk8.6 libutempter0 libvncclient1 libvncserver1 libwbclient0 libxcb-xf86dri0 libxcb-xv0 samba-common tcl tcl8.6 tk tk8.6 xbitmaps nfs-common rpcbind atmel-firmware bluez-firmware dahdi-firmware-nonfree hdmi2usb-fx2-firmware iso-codes ixo-usb-jtag libc-l10n libnfsidmap2 libtirpc1 x11vnc x11vnc-data libapparmor1 systemd apt-utils libapt-inst2.0 libfreerdp-cache1.1 libfreerdp-client1.1 libfreerdp-codec1.1 libfreerdp-common1.1.0 libfreerdp-core1.1 libfreerdp-crypto1.1 libfreerdp-gdi1.1 libfreerdp-locale1.1 libfreerdp-primitives1.1 libfreerdp-rail1.1 libfreerdp-utils1.1 libwinpr-crt0.1 libwinpr-crypto0.1 libwinpr-dsparse0.1 libwinpr-environment0.1 libwinpr-file0.1 libwinpr-handle0.1 libwinpr-heap0.1 libwinpr-input0.1 libwinpr-interlocked0.1 libwinpr-library0.1 libwinpr-path0.1 libwinpr-pool0.1 libwinpr-registry0.1 libwinpr-rpc0.1 libwinpr-sspi0.1 libwinpr-synch0.1 libwinpr-sysinfo0.1 libwinpr-thread0.1 libwinpr-utils0.1 firmware-amd-graphics firmware-atheros firmware-bnx2 firmware-bnx2x firmware-brcm80211 firmware-cavium firmware-crystalhd firmware-intel-sound firmware-intelwimax firmware-ipw2x00 firmware-ivtv firmware-iwlwifi firmware-libertas firmware-linux firmware-linux-free firmware-linux-nonfree firmware-misc-nonfree firmware-myricom firmware-netxen firmware-qlogic firmware-realtek firmware-samsung firmware-siano firmware-ti-connectivity firmware-zd1211 + chroot squashfs-root apt purge -y acpi-support-base acpid acpi-support pm-utils powermgmt-base gnupg gnupg-agent whiptail vim vim-common vim-tiny xxd xinetd libcroco3 libcurl3 libexif12 libgdk-pixbuf2.0-0 libgdk-pixbuf2.0-common libgif7 libid3tag0 libimlib2 libnghttp2-14 libobrender32v5 libobt2v5 libpango-1.0-0 libpangocairo-1.0-0 libpangoft2-1.0-0 libpangoxft-1.0-0 librsvg2-2 librtmp1 libssh2-1 libstartup-notification0 libxft2 libxss1 vim-runtime rsync xserver-xorg-input-wacom xserver-xorg-video-all xserver-xorg-video-amdgpu xserver-xorg-video-ati xserver-xorg-video-nouveau xserver-xorg-video-qxl xserver-xorg-video-radeon xserver-xorg-video-vmware libdrm-amdgpu1 libdrm-nouveau2 libdrm-radeon1 libllvm3.9 libsensors4 libxatracker2 xprintidle feh xdotool openbox libxapian30 libpipeline1 libnpth0 libksba8 libseccomp2 libsqlite3-0 libxdo3 libnewt0.52 libxmuu1 libxrandr2 libslang2 libxinerama1 libxcursor1 cpp cpp-6 keyutils libassuan0 libdatrie1 libevent-2.0-5 libisl15 libmpc3 libmpfr4 libthai-data libthai0 libxcursor1 pinentry-curses trickle libxapian30 libpcsclite1 libdbus-glib-1-2 libfuse2 libpipeline1 libusb-1.0-0 libxv1 xnest xserver-xephyr rdesktop freerdp-x11 traceroute screen net-tools less ntfs-3g fuse locales cifs-utils xterm libgssglue1 libntfs-3g871 libtalloc2 libtcl8.6 libtk8.6 libutempter0 libvncclient1 libvncserver1 libwbclient0 libxcb-xf86dri0 libxcb-xv0 samba-common tcl tcl8.6 tk tk8.6 xbitmaps nfs-common rpcbind atmel-firmware bluez-firmware dahdi-firmware-nonfree hdmi2usb-fx2-firmware iso-codes
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/30 20:22 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 109.193.81.67 Hostname: HSI-KBW-109-193-081-067.hsi7.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1547993665 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of open ToDos/FIXMEs for this page] update image shrinking info User: stefanbaur @@ -900,10 +900,40 @@ FIXME ''2200-xserver-xorg-getxorgconf'' all scripts accepting URLs in boot parameters should be taught to understand ''file:///'' URLs. Such files can be included in the image by placing them in the ''./patch/includes.chroot/'' directory (in a suitable subdirectory) and referencing them from there. FIXME it would be cool if most of the TCE-specific boot parameters could be placed into a file that in turn can be specified as a boot parameter, to reduce clutter and boot parameter length. This could be aCGI script, even, thus making it possible to distribute different configs depending on the source IP of the ThinClient, rather than the MAC Address. Said file would then have to be sourced by the scripts, after they have extracted everything from /proc/cmdline. This will make adding the feature easier, by simply deciding that parameters from this file take precendence over boot parameters. One might argue that boot parameters should take precedence over the config file, but this sounds way more complicated to implement. - FIXME A smaller image size can be achieved by removing the following packages from the squashfs: ''libxapian30 libpcsclite1 libdbus-glib-1-2 libfuse2 libpipeline1 libusb-1.0-0 libxv1 xnest xserver-xephyr rdesktop freerdp-x11 traceroute screen net-tools less ntfs-3g fuse locales cifs-utils xterm libgssglue1 libntfs-3g871 libtalloc2 libtcl8.6 libtk8.6 libutempter0 libvncclient1 libvncserver1 libwbclient0 libxcb-xf86dri0 libxcb-xv0 samba-common tcl tcl8.6 tk tk8.6 xbitmaps nfs-common rpcbind atmel-firmware bluez-firmware dahdi-firmware-nonfree hdmi2usb-fx2-firmware iso-codes ixo-usb-jtag libc-l10n libnfsidmap2 libtirpc1 firmware* x11vnc* libfreerdp* libwinpr* - libapparmor1 systemd apt-utils libapt-inst2.0'' - check if this could be turned into a build parameter. Note that this makes only sense for a netboot image that uses X2Go sessions only, and no NTFS media (neither fixed disk nor USB). Further reduction needs to be investigated: ''acpi-support-base* acpid* acpi-support* pm-utils* powermgmt-base* gnupg gnupg-agent whiptail vim* vim-common* vim-tiny* xxd* xinetd libcroco3* libcurl3* libexif12* libgdk-pixbuf2.0-0* libgdk-pixbuf2.0-common* libgif7* libid3tag0* libimlib2* libnghttp2-14* libobrender32v5* libobt2v5* libpango-1.0-0* libpangocairo-1.0-0* libpangoft2-1.0-0* libpangoxft-1.0-0* librsvg2-2* librtmp1* libssh2-1* libstartup-notification0* libxft2* libxss1* vim-runtime* xprintidle feh xdotool openbox rsync xserver-xorg-input-wacom* xserver-xorg-video-all* xserver-xorg-video-amdgpu* xserver-xorg-video-ati* xserver-xorg-video-nouveau* xserver-xorg-video-qxl* xserver-xorg-video-radeon* xserver-xorg-video-vmware* libdrm-amdgpu1* libdrm-nouveau2* libdrm-radeon1* libllvm3.9* libsensors4* libxatracker2*'' causes an X startup failure during boot (things seem to work when X is started manually afterwards, which makes this especially bizarre) + FIXME A smaller image size can be achieved by removing the following packages from the squashfs: ''libxapian30 libpcsclite1 libdbus-glib-1-2 libfuse2 libpipeline1 libusb-1.0-0 libxv1 xnest xserver-xephyr rdesktop freerdp-x11 traceroute screen net-tools less ntfs-3g fuse locales cifs-utils xterm libgssglue1 libntfs-3g871 libtalloc2 libtcl8.6 libtk8.6 libutempter0 libvncclient1 libvncserver1 libwbclient0 libxcb-xf86dri0 libxcb-xv0 samba-common tcl tcl8.6 tk tk8.6 xbitmaps nfs-common rpcbind atmel-firmware bluez-firmware dahdi-firmware-nonfree hdmi2usb-fx2-firmware iso-codes ixo-usb-jtag libc-l10n libnfsidmap2 libtirpc1 firmware* x11vnc* libfreerdp* libwinpr* libapparmor1 systemd apt-utils libapt-inst2.0 acpi-support-base* acpid* acpi-support* pm-utils* powermgmt-base* gnupg gnupg-agent whiptail vim* vim-common* vim-tiny* xxd* xinetd libcroco3* libcurl3* libexif12* libgdk-pixbuf2.0-0* libgdk-pixbuf2.0-common* libgif7* libid3tag0* libimlib2* libnghttp2-14* libobrender32v5* libobt2v5* libpango-1.0-0* libpangocairo-1.0-0* libpangoft2-1.0-0* libpangoxft-1.0-0* librsvg2-2* librtmp1* libssh2-1* libstartup-notification0* libxft2* libxss1* vim-runtime* xprintidle feh xdotool openbox rsync xserver-xorg-input-wacom* xserver-xorg-video-all* xserver-xorg-video-amdgpu* xserver-xorg-video-ati* xserver-xorg-video-nouveau* xserver-xorg-video-qxl* xserver-xorg-video-radeon* xserver-xorg-video-vmware* libdrm-amdgpu1* libdrm-nouveau2* libdrm-radeon1*
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/20 14:14 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 149.172.203.221 Hostname: HSI-KBW-149-172-203-221.hsi13.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1547993646 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [History, Rationale, Outlook] User: stefanbaur @@ -10,9 +10,9 @@ = History, Rationale, Outlook = During the time of Debian Wheezy being Debian's stable release, we started developing a new ThinClientEdition then called TCE-Next Generation, or TCE-NG for short - one that is based on Debian-Live and thus does no longer rely on NFS (though NFS can still be used to deploy the image - but we do not recommend that approach). Instead, the entire image is loaded into the RAM of the ThinClient machine. To avoid confusion, and because it has since left the "NG" state, we now call it TCE-Live. - The disadvantage is that your ThinClient now needs at least 512MB to 1 GB of RAM (see below). Working with 256 MB is possible when you use local storage instead of netbooting (don't use the ''toram'' parameter, either), but not really recommended. + The disadvantage is that your ThinClient now needs at least 512 MB to 1 GB of RAM (see below). Working with 256 MB is possible when you use local storage instead of netbooting (don't use the ''toram'' parameter, either), but not really recommended. However, the huge advantage is that there no longer is a need for any high-availibility setup concerning NFS (nor HTTP/HTTPS/FTP). If you follow our advice of loading the entire image into the ThinClient's RAM, or using local storage, all you need is an HTTP (HTTPS optional for later stages) or FTP server with a dedicated IP, if you want to use netbooting. It is also possible to deploy the image to the ThinClient's local storage, if present, and have it update in the background. Besides, making changes to/updating the classic, NFS-based TCE (henceforth referred to as TCE-Classic) with the entire filesystem, not just its compressed image, spread out over the NFS share was rather finicky - with the current TCE-Live, you build and deploy a new image every time you make a change, and you can test it on a single client without interrupting your production environment. The //local storage// feature can also be used to create a portable version of both X2Go-TCE and X2goClient for Windows, sharing the same configuration, on CD/DVD/USB media. -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/20 14:14 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 149.172.203.221 Hostname: HSI-KBW-149-172-203-221.hsi13.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1547984367 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [History, Rationale, Outlook] updated minimum RAM requirements User: stefanbaur @@ -10,9 +10,9 @@ = History, Rationale, Outlook = During the time of Debian Wheezy being Debian's stable release, we started developing a new ThinClientEdition then called TCE-Next Generation, or TCE-NG for short - one that is based on Debian-Live and thus does no longer rely on NFS (though NFS can still be used to deploy the image - but we do not recommend that approach). Instead, the entire image is loaded into the RAM of the ThinClient machine. To avoid confusion, and because it has since left the "NG" state, we now call it TCE-Live. - The disadvantage is that your ThinClient now needs at least 1 GB of RAM (see below). + The disadvantage is that your ThinClient now needs at least 512MB to 1 GB of RAM (see below). Working with 256 MB is possible when you use local storage instead of netbooting (don't use the ''toram'' parameter, either), but not really recommended. However, the huge advantage is that there no longer is a need for any high-availibility setup concerning NFS (nor HTTP/HTTPS/FTP). If you follow our advice of loading the entire image into the ThinClient's RAM, or using local storage, all you need is an HTTP (HTTPS optional for later stages) or FTP server with a dedicated IP, if you want to use netbooting. It is also possible to deploy the image to the ThinClient's local storage, if present, and have it update in the background. Besides, making changes to/updating the classic, NFS-based TCE (henceforth referred to as TCE-Classic) with the entire filesystem, not just its compressed image, spread out over the NFS share was rather finicky - with the current TCE-Live, you build and deploy a new image every time you make a change, and you can test it on a single client without interrupting your production environment. The //local storage// feature can also be used to create a portable version of both X2Go-TCE and X2goClient for Windows, sharing the same configuration, on CD/DVD/USB media. -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/20 11:39 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 149.172.203.221 Hostname: HSI-KBW-149-172-203-221.hsi13.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1547904225 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of open ToDos/FIXMEs for this page] added new item regarding sound in MiniDesktop mode User: stefanbaur @@ -906,8 +906,10 @@ FIXME for MATE-MiniDesktop, it might make sense to teach the image how to do LDAP auth (preferably with LDAPS or LDAP+TLS) and use lightdm without the auto-login. That way, a local screensaver //with// locking functionality (prompting for the actual user's LDAP password) should be possible - and LDAP credential passthrough to X2GoClient should work, too (though that might require kerberos in addition to LDAP,we'll see). FIXME Scripts triggered by if-up should check if a new download is really necessary. + + FIXME in MiniDesktop mode, some local sound control features required (taskbar or app like pavucontrol; default volume via boot parameter), also, it seems that sound isn't really working in MiniDesktop mode, as seen when trying to use YouTube. Probably pulseaudio-related. = List of closed ToDos/FIXMEs for this page = * ''audioout='', ''blank='', ''*blankdpmsfix'', ''nodpms'', ''xinerama='', are currently unsupported in MiniDesktop-Mode, but this is being worked on, by outsourcing them into scripts under ''/etc/X11/Xsession.d/'' (currently, they reside in ''/lib/live/config/2900-x2go-thinclientconfig'' - which doesn't exist in the MiniDesktop branches - and from there, they get written to ''~/.xsession'' - fixed in github repo, soon in x2go repo * It would be nice to have a boot parameter ''xroot=[0xaabbcc|URI1[|URI2|...]]'' for the desktop background image/color, and a boot parameter ''xrootmode=center|fill|scale|tile'' to determine how the image(s) should be positioned (if the parameter has been set, but something is wrong, it should default to the "grey mesh" background) - fixed in github repo, soon in x2go repo * It would also be nice to have boot parameters ''xsaverimages=[URI1[|URI2|...]]'', ''xsaveridletime=n'', ''xsaverimgtime=n'', for a local, non-locking slideshow screensaver (if no images are specified/downloaded by the time it activates, it should just blank the screen). That way, one could display a slideshow without having to push the images across the network every time - fixed in github repo, soon in x2go repo -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/19 13:23 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 149.172.203.221 Hostname: HSI-KBW-149-172-203-221.hsi13.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1547845278 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of open ToDos/FIXMEs for this page] added new item regarding if-up User: stefanbaur @@ -904,8 +904,10 @@ FIXME A smaller image size can be achieved by removing the following packages from the squashfs: ''libxapian30 libpcsclite1 libdbus-glib-1-2 libfuse2 libpipeline1 libusb-1.0-0 libxv1 xnest xserver-xephyr rdesktop freerdp-x11 traceroute screen net-tools less ntfs-3g fuse locales cifs-utils xterm libgssglue1 libntfs-3g871 libtalloc2 libtcl8.6 libtk8.6 libutempter0 libvncclient1 libvncserver1 libwbclient0 libxcb-xf86dri0 libxcb-xv0 samba-common tcl tcl8.6 tk tk8.6 xbitmaps nfs-common rpcbind atmel-firmware bluez-firmware dahdi-firmware-nonfree hdmi2usb-fx2-firmware iso-codes ixo-usb-jtag libc-l10n libnfsidmap2 libtirpc1 firmware* x11vnc* libfreerdp* libwinpr* libapparmor1 systemd apt-utils libapt-inst2.0'' - check if this could be turned into a build parameter. Note that this makes only sense for a netboot image that uses X2Go sessions only, and no NTFS media (neither fixed disk nor USB). Further reduction needs to be investigated: ''acpi-support-base* acpid* acpi-support* pm-utils* powermgmt-base* gnupg gnupg-agent whiptail vim* vim-common* vim-tiny* xxd* xinetd libcroco3* libcurl3* libexif12* libgdk-pixbuf2.0-0* libgdk-pixbuf2.0-common* libgif7* libid3tag0* libimlib2* libnghttp2-14* libobrender32v5* libobt2v5* libpango-1.0-0* libpangocairo-1.0-0* libpangoft2-1.0-0* libpangoxft-1.0-0* librsvg2-2* librtmp1* libssh2-1* libstartup-notification0* libxft2* libxss1* vim-runtime* xprintidle feh xdotool openbox rsync xserver-xorg-input-wacom* xserver-xorg-video-all* xserver-xorg-video-amdgpu* xserver-xorg-video-ati* xserver-xorg-video-nouveau* xserver-xorg-video-qxl* xserver-xorg-video-radeon* xserver-xorg-video-vmware* libdrm-amdgpu1* libdrm-nouveau2* libdrm-radeon1* libllvm3.9* libsensors4* libxatracker2*'' causes an X startup failure during boot (things seem to work when X is started manually afterwards, which makes this especially bizarre) FIXME for MATE-MiniDesktop, it might make sense to teach the image how to do LDAP auth (preferably with LDAPS or LDAP+TLS) and use lightdm without the auto-login. That way, a local screensaver //with// locking functionality (prompting for the actual user's LDAP password) should be possible - and LDAP credential passthrough to X2GoClient should work, too (though that might require kerberos in addition to LDAP,we'll see). + + FIXME Scripts triggered by if-up should check if a new download is really necessary. = List of closed ToDos/FIXMEs for this page = * ''audioout='', ''blank='', ''*blankdpmsfix'', ''nodpms'', ''xinerama='', are currently unsupported in MiniDesktop-Mode, but this is being worked on, by outsourcing them into scripts under ''/etc/X11/Xsession.d/'' (currently, they reside in ''/lib/live/config/2900-x2go-thinclientconfig'' - which doesn't exist in the MiniDesktop branches - and from there, they get written to ''~/.xsession'' - fixed in github repo, soon in x2go repo * It would be nice to have a boot parameter ''xroot=[0xaabbcc|URI1[|URI2|...]]'' for the desktop background image/color, and a boot parameter ''xrootmode=center|fill|scale|tile'' to determine how the image(s) should be positioned (if the parameter has been set, but something is wrong, it should default to the "grey mesh" background) - fixed in github repo, soon in x2go repo * It would also be nice to have boot parameters ''xsaverimages=[URI1[|URI2|...]]'', ''xsaveridletime=n'', ''xsaverimgtime=n'', for a local, non-locking slideshow screensaver (if no images are specified/downloaded by the time it activates, it should just blank the screen). That way, one could display a slideshow without having to push the images across the network every time - fixed in github repo, soon in x2go repo -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/18 21:01 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 149.172.203.221 Hostname: HSI-KBW-149-172-203-221.hsi13.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1547843014 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [What options are available under FURTHER-OPTIONS-GO-HERE?] - added info for xorg-driver parameter (standard live-boot parameter) User: stefanbaur @@ -621,8 +621,9 @@ * ''timezone=TIMEZONE'' - can be used to define a timezone other than UTC, e.g. 'Europe/Berlin'. This especially makes sense for MATE-MiniDesktop, but is nice to have in regular TCE-Live as well, because the timestamp of the log messages will show the local time instead of UTC. This is a standard parameter of live-boot, and not specific to X2Go. * ''x3270servers="host[:port][|host[:port]...]"'' - this is only available in MiniDesktop mode. It allows you to specify one or more hosts (with optional ports) for x3270 terminal emulation sessions that will be created as desktop shortcuts on the thinclient. For a default 3270 connection, the port is 23 (telnet) and does not need to be specified. For an SSL-encrypted connection (recommended), the port is 992. Hosts may be IP addresses or DNS names, and need to be separated with a ''|''. (feature available via github repo, soon via x2go repo too) * ''x5250servers="host[:port][|host[:port]...]"'' - this is only available in MiniDesktop mode. It allows you to specify one or more hosts (with optional ports) for x5250 terminal emulation sessions that will be created as desktop shortcuts on the thinclient. For a default 5250 connection, the port is 23 (telnet) and does not need to be specified. For an SSL-encrypted connection (recommended), the port is 992. Hosts may be IP addresses or DNS names, and need to be separated with a ''|''. Note that x5250 support is currently not part of the standard image available via git, as there is no x5250 executable in Debian. You can try using x3270 instead, most modern IBM i (System i, iSeries, AS/400) systems support 3270-type connections as well. If you need native 5250 support, say, with a commercial, closed-source 5250 terminal emulator, please leave a message on the X2Go-User Mailing List and we'll tell you if and how you can integrate that into your build. (feature available via github repo, soon via x2go repo too) * ''xinerama=left-of|right-of|above|below|same-as'' - Allows you to specify how multiple screens are handled (same-as clones the primary screen to all secondary screens, the other commands will cascade and thus expand the screen). Note that the current implementation will enforce "same-as" if it detects a touch screen driver (wacom) and no other pointing device. This is so you won't get stuck being unable to log off, for example, due to your touch device being limited to one screen. + * ''xorg-driver=DRIVERNAME'' - will skip graphics driver autodetection and force the specified driver instead. This is a standard parameter of live-boot, and not specific to X2Go. * ''xorg-resolution=HRESxVRES'' - will force the horizontal resolution to HRES and the vertical resolution to VRES, e.g. ''xorg-resolution=1280x1024'', useful if autodetection for the correct screen size fails, but you do get as far as seeing the X2Go GUI. This is a standard parameter of live-boot, and not specific to X2Go. * ''xorgconfurl=tftp|http|https|ftp://your-http-server-ip-or-dns-here/x2go-tce/x2go-tce.xorg.conf'' - when a client outright refuses to boot into the graphical X2Go login screen, but gets stuck at the console or a black screen instead, yet you can get the GUI to work using a regular Linux on the same hardware, you can disable the X Server's autodetection and force it to use the xorg.conf specified here. Note that you should use a more descriptive name for the file, as described below. **Attention: Whoever manages to spoof the server name can inject rogue xorg config files into your ThinClients.** To mitigate this risk, use HTTPS, where the attacker would have to spoof both server name and matching certificate. * ''xroot=[0xaabbcc|URI1[|URI2|...]]'' - can be used to set a local desktop background image or color (in hex format, with leading 0x, not leading #). On the main screen, this is only visible during startup, while additional screens will display whatever is set for them when there is no active session. The background also becomes visible for a short moment when the optional local screensaver activates or deactivates. Specifying more than one image will cause the first image to show up on the first screen, the second image on the second screen, and so on (feature available via github repo, soon via x2go repo too). *
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/18 20:23 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 149.172.203.221 Hostname: HSI-KBW-149-172-203-221.hsi13.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1547842943 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [What options are available under FURTHER-OPTIONS-GO-HERE?] properly tagged a live-build boot parameter as such User: stefanbaur @@ -621,9 +621,9 @@ * ''timezone=TIMEZONE'' - can be used to define a timezone other than UTC, e.g. 'Europe/Berlin'. This especially makes sense for MATE-MiniDesktop, but is nice to have in regular TCE-Live as well, because the timestamp of the log messages will show the local time instead of UTC. This is a standard parameter of live-boot, and not specific to X2Go. * ''x3270servers="host[:port][|host[:port]...]"'' - this is only available in MiniDesktop mode. It allows you to specify one or more hosts (with optional ports) for x3270 terminal emulation sessions that will be created as desktop shortcuts on the thinclient. For a default 3270 connection, the port is 23 (telnet) and does not need to be specified. For an SSL-encrypted connection (recommended), the port is 992. Hosts may be IP addresses or DNS names, and need to be separated with a ''|''. (feature available via github repo, soon via x2go repo too) * ''x5250servers="host[:port][|host[:port]...]"'' - this is only available in MiniDesktop mode. It allows you to specify one or more hosts (with optional ports) for x5250 terminal emulation sessions that will be created as desktop shortcuts on the thinclient. For a default 5250 connection, the port is 23 (telnet) and does not need to be specified. For an SSL-encrypted connection (recommended), the port is 992. Hosts may be IP addresses or DNS names, and need to be separated with a ''|''. Note that x5250 support is currently not part of the standard image available via git, as there is no x5250 executable in Debian. You can try using x3270 instead, most modern IBM i (System i, iSeries, AS/400) systems support 3270-type connections as well. If you need native 5250 support, say, with a commercial, closed-source 5250 terminal emulator, please leave a message on the X2Go-User Mailing List and we'll tell you if and how you can integrate that into your build. (feature available via github repo, soon via x2go repo too) * ''xinerama=left-of|right-of|above|below|same-as'' - Allows you to specify how multiple screens are handled (same-as clones the primary screen to all secondary screens, the other commands will cascade and thus expand the screen). Note that the current implementation will enforce "same-as" if it detects a touch screen driver (wacom) and no other pointing device. This is so you won't get stuck being unable to log off, for example, due to your touch device being limited to one screen. - * ''xorg-resolution=HRESxVRES'' - will force the horizontal resolution to HRES and the vertical resolution to VRES, e.g. ''xorg-resolution=1280x1024'', useful if autodetection for the correct screen size fails, but you do get as far as seeing the X2Go GUI + * ''xorg-resolution=HRESxVRES'' - will force the horizontal resolution to HRES and the vertical resolution to VRES, e.g. ''xorg-resolution=1280x1024'', useful if autodetection for the correct screen size fails, but you do get as far as seeing the X2Go GUI. This is a standard parameter of live-boot, and not specific to X2Go. * ''xorgconfurl=tftp|http|https|ftp://your-http-server-ip-or-dns-here/x2go-tce/x2go-tce.xorg.conf'' - when a client outright refuses to boot into the graphical X2Go login screen, but gets stuck at the console or a black screen instead, yet you can get the GUI to work using a regular Linux on the same hardware, you can disable the X Server's autodetection and force it to use the xorg.conf specified here. Note that you should use a more descriptive name for the file, as described below. **Attention: Whoever manages to spoof the server name can inject rogue xorg config files into your ThinClients.** To mitigate this risk, use HTTPS, where the attacker would have to spoof both server name and matching certificate. * ''xroot=[0xaabbcc|URI1[|URI2|...]]'' - can be used to set a local desktop background image or color (in hex format, with leading 0x, not leading #). On the main screen, this is only visible during startup, while additional screens will display whatever is set for them when there is no active session. The background also becomes visible for a short moment when the optional local screensaver activates or deactivates. Specifying more than one image will cause the first image to show up on the first screen, the second image on the second screen, and so on (feature available via
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/18 20:22 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 149.172.203.221 Hostname: HSI-KBW-149-172-203-221.hsi13.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1547773322 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [What options are available under FURTHER-OPTIONS-GO-HERE?] - added info for timezone parameter (standard live-boot parameter) User: stefanbaur @@ -617,8 +617,9 @@ * ''tcedebug'' - this switches X2GoClient into debug mode and will also lead to increased logging to /var/log/x2goclient and to tty9 * ''tcpprint'' - Will allow you to use local LPT/USB printers like "dumb" network printers (listening to port 9100 and above). Requires MAC->IP mapping in DHCP server (and optionally, DNS->IP mapping), or static IPs - else your print jobs will end up on random devices. This setup is preferred over the X2GoClient's built-in printing for locally attached printers if X2GoServer and ThinClients are on the same network. It is not recommended when your X2Go connection goes across the internet or when the ThinClient is actually a laptop roaming between different networks. **Attention: When used without ''tcpprintonlyfrom'' (see below), this means anyone that can reach your thin client via e.g. ping can also send print jobs to it!** * ''tcpprintonlyfrom=x.x.x.x'' - Will allow you to specify which IP address may connect to Port 9100 and above for printing to a locally attached LPT/USB printer. This should be the IP of your CUPS server or whatever print server system you use. Understands the same syntax as ''xinetd'''s ''only_from''. * ''throttle=n|n:n:n:n:n'' - Will throttle down- and upload speed (''throttle=n'') or set throttling limits as follows: download:upload:smoothingtime:smoothinglength:latency. Defaults for up- and download are 10 (KiloBytes/s), 3.0 (seconds, using decimals is permitted) smoothingtime, 20 (KiloBytes), 0 (ms). for a detailed description of these parameters, see "man trickle". You can use the first 1, 2, 3, 4 or all 5 parameters. To set down- and/or upload speed to unlimited, use the letter "u" instead of a numeric value. + * ''timezone=TIMEZONE'' - can be used to define a timezone other than UTC, e.g. 'Europe/Berlin'. This especially makes sense for MATE-MiniDesktop, but is nice to have in regular TCE-Live as well, because the timestamp of the log messages will show the local time instead of UTC. This is a standard parameter of live-boot, and not specific to X2Go. * ''x3270servers="host[:port][|host[:port]...]"'' - this is only available in MiniDesktop mode. It allows you to specify one or more hosts (with optional ports) for x3270 terminal emulation sessions that will be created as desktop shortcuts on the thinclient. For a default 3270 connection, the port is 23 (telnet) and does not need to be specified. For an SSL-encrypted connection (recommended), the port is 992. Hosts may be IP addresses or DNS names, and need to be separated with a ''|''. (feature available via github repo, soon via x2go repo too) * ''x5250servers="host[:port][|host[:port]...]"'' - this is only available in MiniDesktop mode. It allows you to specify one or more hosts (with optional ports) for x5250 terminal emulation sessions that will be created as desktop shortcuts on the thinclient. For a default 5250 connection, the port is 23 (telnet) and does not need to be specified. For an SSL-encrypted connection (recommended), the port is 992. Hosts may be IP addresses or DNS names, and need to be separated with a ''|''. Note that x5250 support is currently not part of the standard image available via git, as there is no x5250 executable in Debian. You can try using x3270 instead, most modern IBM i (System i, iSeries, AS/400) systems support 3270-type connections as well. If you need native 5250 support, say, with a commercial, closed-source 5250 terminal emulator, please leave a message on the X2Go-User Mailing List and we'll tell you if and how you can integrate that into your build. (feature available via github repo, soon via x2go repo too) * ''xinerama=left-of|right-of|above|below|same-as'' - Allows you to specify how multiple screens are handled (same-as clones the primary screen to all secondary screens, the other commands will cascade and thus expand the screen). Note that the current implementation will enforce "same-as" if it detects a touch screen driver (wacom) and no other pointing device. This is so you won't get stuck being unable to log off, for example, due to your touch device being limited to one screen. * ''xorg-resolution=HRESxVRES'' - will force the horizontal resolution to HRES and the vertical resolution to VRES, e.g. ''xorg-resolution=1280x1024'', useful if autodetection for the
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/18 01:02 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 149.172.203.221 Hostname: HSI-KBW-149-172-203-221.hsi13.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1547771080 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of open ToDos/FIXMEs for this page] added further info regarding boot parameter config file User: stefanbaur @@ -896,9 +896,9 @@ FIXME ''bg='', ''branding='', ''broker-url='', ''ldap='', ''ldap1='', ''ldap2='', ''session='', ''throttle='', are currently unsupported in MiniDesktop-Mode. This could be changed, given enough tuits. Probably the easiest way would be to have ''/lib/live/config/2900-x2go-thinclientconfig'' exist in the MiniDesktop branches as well, make it aware of which environment it is running in (TCE/TCE-MMD), and have it patch the appropriate files. FIXME ''2200-xserver-xorg-getxorgconf'' all scripts accepting URLs in boot parameters should be taught to understand ''file:///'' URLs. Such files can be included in the image by placing them in the ''./patch/includes.chroot/'' directory (in a suitable subdirectory) and referencing them from there. - FIXME it would be cool if most of the TCE-specific boot parameters could be placed into a file that in turn can be specified as a boot parameter, to reduce clutter and boot parameter length. This file would then have to be sourced by the scripts, after they have extracted everything from /proc/cmdline. This will make adding the feature easier, by simply deciding that parameters from this file take precendence over boot parameters. One might argue that boot parameters should take precedence over the config file, but this sounds way more complicated to implement. + FIXME it would be cool if most of the TCE-specific boot parameters could be placed into a file that in turn can be specified as a boot parameter, to reduce clutter and boot parameter length. This could be aCGI script, even, thus making it possible to distribute different configs depending on the source IP of the ThinClient, rather than the MAC Address. Said file would then have to be sourced by the scripts, after they have extracted everything from /proc/cmdline. This will make adding the feature easier, by simply deciding that parameters from this file take precendence over boot parameters. One might argue that boot parameters should take precedence over the config file, but this sounds way more complicated to implement. FIXME A smaller image size can be achieved by removing the following packages from the squashfs: ''libxapian30 libpcsclite1 libdbus-glib-1-2 libfuse2 libpipeline1 libusb-1.0-0 libxv1 xnest xserver-xephyr rdesktop freerdp-x11 traceroute screen net-tools less ntfs-3g fuse locales cifs-utils xterm libgssglue1 libntfs-3g871 libtalloc2 libtcl8.6 libtk8.6 libutempter0 libvncclient1 libvncserver1 libwbclient0 libxcb-xf86dri0 libxcb-xv0 samba-common tcl tcl8.6 tk tk8.6 xbitmaps nfs-common rpcbind atmel-firmware bluez-firmware dahdi-firmware-nonfree hdmi2usb-fx2-firmware iso-codes ixo-usb-jtag libc-l10n libnfsidmap2 libtirpc1 firmware* x11vnc* libfreerdp* libwinpr* libapparmor1 systemd apt-utils libapt-inst2.0'' - check if this could be turned into a build parameter. Note that this makes only sense for a netboot image that uses X2Go sessions only, and no NTFS media (neither fixed disk nor USB). Further reduction needs to be investigated: ''acpi-support-base* acpid* acpi-support* pm-utils* powermgmt-base* gnupg gnupg-agent whiptail vim* vim-common* vim-tiny* xxd* xinetd libcroco3* libcurl3* libexif12* libgdk-pixbuf2.0-0* libgdk-pixbuf2.0-common* libgif7* libid3tag0* libimlib2* libnghttp2-14* libobrender32v5* libobt2v5* libpango-1.0-0* libpangocairo-1.0-0* libpangoft2-1.0-0* libpangoxft-1.0-0* librsvg2-2* librtmp1* libssh2-1* libstartup-notification0* libxft2* libxss1* vim-runtime* xprintidle feh xdotool openbox rsync xserver-xorg-input-wacom* xserver-xorg-video-all* xserver-xorg-video-amdgpu* xserver-xorg-video-ati* xserver-xorg-video-nouveau* xserver-xorg-video-qxl* xserver-xorg-video-radeon* xserver-xorg-video-vmware* libdrm-amdgpu1* libdrm-nouveau2* libdrm-radeon1* libllvm3.9* libsensors4* libxatracker2*'' causes an X startup failure during boot (things seem to work when X is started manually afterwards, which makes this especially bizarre) -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/18 00:24 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 149.172.203.221 Hostname: HSI-KBW-149-172-203-221.hsi13.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1547749609 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [Live-Patching the Build] - script is now in git and can be fetched with wget User: stefanbaur @@ -145,292 +145,9 @@ #!/bin/bash mkdir -p ./patch/includes.chroot/usr/lib/x2go/tce/ - - cat >./patch/includes.chroot/usr/lib/x2go/tce/x2gousbmount <<'USBMOUNTPATCH' - - #!/usr/bin/perl - # Copyright (C) 2007-2017 by X2Go project, http://wiki.x2go.org - # Oleksandr Shneyder - - # X2Go is free software; you can redistribute it and/or modify - # it under the terms of the GNU General Public License as published by - # the Free Software Foundation; either version 2 of the License, or - # (at your option) any later version. - # - # X2Go is distributed in the hope that it will be useful, - # but WITHOUT ANY WARRANTY; without even the implied warranty of - # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - # GNU General Public License for more details. - # - # You should have received a copy of the GNU General Public License - # along with this program; if not, write to the - # Free Software Foundation, Inc., - # 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA. - - use strict; - use File::Path::Expand; - # comment out this "use" and the following two lines, and instead - # uncomment the block below if you need to do early boot stage - # debugging of the automounter, when rsyslogd isn't running yet - use Sys::Syslog qw( :standard :macros ); - openlog($0,'cons,pid','user'); - setlogmask( LOG_UPTO(LOG_NOTICE) ); - #open (B,">>/var/log/usbdebug"); - #sub syslog { - # print B $_[0].': '.$_[1]."\n"; - #} - - my $user; - if ( -f "/etc/x2go/x2gothinclient-minidesktop_start" ) { - # this is a minidesktop environment, which uses - # username "x2gothinclient" regardless of whether - # it runs on X2Go-TCE-Live or X2Go-TCE-NFS - $user='x2gothinclient'; - } - elsif ( -d "/lib/live/config" ) { - # this is X2Go-TCE-Live, but not with a minidesktop - # (if it were, the first condition would have matched), - # so we use Debian-Live's standard username "user" - $user='user'; - } - else { - # this is X2Go-TCE-NFS or something completely different, - # so we'll play it safe and pick the username "x2gothinclient" - # just like previous versions of this script did - $user='x2gothinclient'; - } - - # We need this as chown requires numeric uid/gid - my ($login,$pass,$uid,$gid) = getpwnam($user); - - # Some last-ditch efforts to fulfill the prerequisites for File Sharing: - # - This is stuff that should already have happened earlier in the boot process. - # - Also, if a directory already exists, we silently assume that ownership and - # permissions are correct. This is so that users that deliberately set - # different ownership/permission values don't have their settings silently - # overwritten. - - unless ( -d expand_filename("~$user/mounts") ) { - mkdir expand_filename("~$user/mounts"); - chmod 0700, expand_filename("~$user/mounts"); - chown $uid, $gid, expand_filename("~$user/mounts"); - } - - unless ( -d expand_filename("~$user/export") ) { - mkdir expand_filename("~$user/export"); - chmod 0700, expand_filename("~$user/export"); - chown $uid, $gid, expand_filename("~$user/export"); - } - - unless ( -d expand_filename("~$user/logins") ) { - mkdir expand_filename("~$user/logins"); - chmod 0700, expand_filename("~$user/logins"); - chown $uid, $gid, expand_filename("~$user/logins"); - } - - sub check_x2gothinclientmode { - my $ret = 0; - - # Check for x2gothinclientd first... - my $x=`ps ax | grep x2gothinclient`; - if ( $x=~m/thinclientd/ ) { - $ret = 1; - } - - return $ret; - } - - #TCE-NFS TCE-LiveMMD-Live - if ( check_x2gothinclientmode() || ( -x "/lib/live/config/2900-x2go-thinclientconfig" ) || ( -x "/etc/x2go/x2gothinclient-minidesktop_start" ) ) - { - syslog('notice', "some kind of thinclient mode detected"); - - open (F,">>/var/log/usb"); - - my $dev=$ENV{'DEVNAME'}; - my $model=$ENV{'ID_MODEL'}; - my $vendor=$ENV{'ID_VENDOR'}; - my $action=$ENV{'ACTION'}; - my @ldev=split("/","$dev"); - my $ldev=@ldev[@ldev-1]; - # mntdir is not the directory where the mountpoint will be rooted, - # but where tracking of mount
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/17 18:26 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 149.172.203.221 Hostname: HSI-KBW-149-172-203-221.hsi13.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1547749446 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of open ToDos/FIXMEs for this page] User: stefanbaur @@ -1184,9 +1184,9 @@ FIXME A smaller image size can be achieved by removing the following packages from the squashfs: ''libxapian30 libpcsclite1 libdbus-glib-1-2 libfuse2 libpipeline1 libusb-1.0-0 libxv1 xnest xserver-xephyr rdesktop freerdp-x11 traceroute screen net-tools less ntfs-3g fuse locales cifs-utils xterm libgssglue1 libntfs-3g871 libtalloc2 libtcl8.6 libtk8.6 libutempter0 libvncclient1 libvncserver1 libwbclient0 libxcb-xf86dri0 libxcb-xv0 samba-common tcl tcl8.6 tk tk8.6 xbitmaps nfs-common rpcbind atmel-firmware bluez-firmware dahdi-firmware-nonfree hdmi2usb-fx2-firmware iso-codes ixo-usb-jtag libc-l10n libnfsidmap2 libtirpc1 firmware* x11vnc* libfreerdp* libwinpr* libapparmor1 systemd apt-utils libapt-inst2.0'' - check if this could be turned into a build parameter. Note that this makes only sense for a netboot image that uses X2Go sessions only, and no NTFS media (neither fixed disk nor USB). Further reduction needs to be investigated: ''acpi-support-base* acpid* acpi-support* pm-utils* powermgmt-base* gnupg gnupg-agent whiptail vim* vim-common* vim-tiny* xxd* xinetd libcroco3* libcurl3* libexif12* libgdk-pixbuf2.0-0* libgdk-pixbuf2.0-common* libgif7* libid3tag0* libimlib2* libnghttp2-14* libobrender32v5* libobt2v5* libpango-1.0-0* libpangocairo-1.0-0* libpangoft2-1.0-0* libpangoxft-1.0-0* librsvg2-2* librtmp1* libssh2-1* libstartup-notification0* libxft2* libxss1* vim-runtime* xprintidle feh xdotool openbox rsync xserver-xorg-input-wacom* xserver-xorg-video-all* xserver-xorg-video-amdgpu* xserver-xorg-video-ati* xserver-xorg-video-nouveau* xserver-xorg-video-qxl* xserver-xorg-video-radeon* xserver-xorg-video-vmware* libdrm-amdgpu1* libdrm-nouveau2* libdrm-radeon1* libllvm3.9* libsensors4* libxatracker2*'' causes an X startup failure during boot (things seem to work when X is started manually afterwards, which makes this especially bizarre) - FIXME for MATE-MiniDesktop, it might make sense to teach the image how to do LDAP auth (preferably with LDAPS or LDAP+TLS) and use lightdm without the auto-login. That way, a local screensaver //with// locking functionality (prompting for the actual user's LDAP password) should be possible - and LDAP credential passthrough to X2GoClient should work, too. + FIXME for MATE-MiniDesktop, it might make sense to teach the image how to do LDAP auth (preferably with LDAPS or LDAP+TLS) and use lightdm without the auto-login. That way, a local screensaver //with// locking functionality (prompting for the actual user's LDAP password) should be possible - and LDAP credential passthrough to X2GoClient should work, too (though that might require kerberos in addition to LDAP,we'll see). = List of closed ToDos/FIXMEs for this page = * ''audioout='', ''blank='', ''*blankdpmsfix'', ''nodpms'', ''xinerama='', are currently unsupported in MiniDesktop-Mode, but this is being worked on, by outsourcing them into scripts under ''/etc/X11/Xsession.d/'' (currently, they reside in ''/lib/live/config/2900-x2go-thinclientconfig'' - which doesn't exist in the MiniDesktop branches - and from there, they get written to ''~/.xsession'' - fixed in github repo, soon in x2go repo * It would be nice to have a boot parameter ''xroot=[0xaabbcc|URI1[|URI2|...]]'' for the desktop background image/color, and a boot parameter ''xrootmode=center|fill|scale|tile'' to determine how the image(s) should be positioned (if the parameter has been set, but something is wrong, it should default to the "grey mesh" background) - fixed in github repo, soon in x2go repo * It would also be nice to have boot parameters ''xsaverimages=[URI1[|URI2|...]]'', ''xsaveridletime=n'', ''xsaverimgtime=n'', for a local, non-locking slideshow screensaver (if no images are specified/downloaded by the time it activates, it should just blank the screen). That way, one could display a slideshow without having to push the images across the network every time - fixed in github repo, soon in x2go repo -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/17 18:24 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 149.172.203.221 Hostname: HSI-KBW-149-172-203-221.hsi13.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1547749413 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [What options are available under FURTHER-OPTIONS-GO-HERE?] User: stefanbaur @@ -901,9 +901,9 @@ * ''tcpprint'' - Will allow you to use local LPT/USB printers like "dumb" network printers (listening to port 9100 and above). Requires MAC->IP mapping in DHCP server (and optionally, DNS->IP mapping), or static IPs - else your print jobs will end up on random devices. This setup is preferred over the X2GoClient's built-in printing for locally attached printers if X2GoServer and ThinClients are on the same network. It is not recommended when your X2Go connection goes across the internet or when the ThinClient is actually a laptop roaming between different networks. **Attention: When used without ''tcpprintonlyfrom'' (see below), this means anyone that can reach your thin client via e.g. ping can also send print jobs to it!** * ''tcpprintonlyfrom=x.x.x.x'' - Will allow you to specify which IP address may connect to Port 9100 and above for printing to a locally attached LPT/USB printer. This should be the IP of your CUPS server or whatever print server system you use. Understands the same syntax as ''xinetd'''s ''only_from''. * ''throttle=n|n:n:n:n:n'' - Will throttle down- and upload speed (''throttle=n'') or set throttling limits as follows: download:upload:smoothingtime:smoothinglength:latency. Defaults for up- and download are 10 (KiloBytes/s), 3.0 (seconds, using decimals is permitted) smoothingtime, 20 (KiloBytes), 0 (ms). for a detailed description of these parameters, see "man trickle". You can use the first 1, 2, 3, 4 or all 5 parameters. To set down- and/or upload speed to unlimited, use the letter "u" instead of a numeric value. * ''x3270servers="host[:port][|host[:port]...]"'' - this is only available in MiniDesktop mode. It allows you to specify one or more hosts (with optional ports) for x3270 terminal emulation sessions that will be created as desktop shortcuts on the thinclient. For a default 3270 connection, the port is 23 (telnet) and does not need to be specified. For an SSL-encrypted connection (recommended), the port is 992. Hosts may be IP addresses or DNS names, and need to be separated with a ''|''. (feature available via github repo, soon via x2go repo too) - ''x5250servers="host[:port][|host[:port]...]"'' - this is only available in MiniDesktop mode. It allows you to specify one or more hosts (with optional ports) for x5250 terminal emulation sessions that will be created as desktop shortcuts on the thinclient. For a default 5250 connection, the port is 23 (telnet) and does not need to be specified. For an SSL-encrypted connection (recommended), the port is 992. Hosts may be IP addresses or DNS names, and need to be separated with a ''|''. Note that x5250 support is currently not part of the standard image available via git, as there is no x5250 executable in Debian. You can try using x3270 instead, most modern IBM i (System i, iSeries, AS/400) systems support 3270-type connections as well. If you need native 5250 support, say, with a commercial, closed-source 5250 terminal emulator, please leave a message on the X2Go-User Mailing List and we'll tell you if and how you can integrate that into your build. (feature available via github repo, soon via x2go repo too) + * ''x5250servers="host[:port][|host[:port]...]"'' - this is only available in MiniDesktop mode. It allows you to specify one or more hosts (with optional ports) for x5250 terminal emulation sessions that will be created as desktop shortcuts on the thinclient. For a default 5250 connection, the port is 23 (telnet) and does not need to be specified. For an SSL-encrypted connection (recommended), the port is 992. Hosts may be IP addresses or DNS names, and need to be separated with a ''|''. Note that x5250 support is currently not part of the standard image available via git, as there is no x5250 executable in Debian. You can try using x3270 instead, most modern IBM i (System i, iSeries, AS/400) systems support 3270-type connections as well. If you need native 5250 support, say, with a commercial, closed-source 5250 terminal emulator, please leave a message on the X2Go-User Mailing List and we'll tell you if and how you can integrate that into your build. (feature available via github repo, soon via x2go repo too) * ''xinerama=left-of|right-of|above|below|same-as'' - Allows you to specify how multiple screens are handled (same-as clones the primary screen to all secondary screens, the other commands will
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/17 18:23 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 149.172.203.221 Hostname: HSI-KBW-149-172-203-221.hsi13.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1547747737 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [What options are available under FURTHER-OPTIONS-GO-HERE?] added lots of new options that are now available via the latest buildscripts on github User: stefanbaur @@ -885,10 +885,11 @@ * ''blank=n|n:n:n'' - Will disable (''blank=0'') or set screensaver timeout. Use ''blank=n:n:n'' to set DPMS Standby/Suspend/Off values. Standby value equals screensaver timeout value. All values are given in seconds. * ''blankdpmsfix'' - This forces the TFT do black for a few seconds during the X startup phase, then forces it back on again. This fixes an occasional "black screen" issue that occurs with some flaky client/TFT hardware combinations when using DisplayPort connectors, and could otherwise only be remediated by manually turning the TFT off and back on again. (feature available via github repo, soon via x2go repo too) * ''branding=https|http|ftp://your-http-server-ip-or-dns-here/x2go-tce/x2go-tce-branding.svg'' - use this to specify an SVG file to "brand" your X2Go-TCE with. It will replace the seal icon in the lower left of the login screen. See below for how to add this file to your HTTP, HTTPS, or FTP server. **Attention: Whoever manages to spoof the server name can inject rogue images into your ThinClients.** To mitigate this risk, use HTTPS, where the attacker would have to spoof both server name and matching certificate. * ''copysecring'' - this will scan for USB media and fixed disk media (with USB media taking precedence) at boot for one or more of the following directories: ''config/ssh'', 'ssh', ''.ssh''. The volume must be labeled ''X2GO-TCE-LIVE'' or ''PORTABLEAPP'' and may use any supported file system. Any SSH Secret Keys found there will be copied into ''/home/user/.ssh'' (in the ramdisk), with proper permissions and ownerships for the default user account. This may come in handy when you are using SSH Secret Keys on USB media, but need to log in and out of sessions often, and don't want to leave the USB media plugged in all the time/don't want to have to re-insert it before each session startup. **Attention: This poses a security risk when other people are using your ThinClient afterwards (as they will have access to your keys).** To mitigate this risk,be sure to power-cycle the ThinClient once you are done. You //should// specify this parameter when booting X2Go-TCE-Live from portable media when you want to use SSH Secret Keys, to make sure your secret key on the FAT/NTFS partition is available. But as stated above, be sure to power-cycle the machine once you're done. - * ''earlyblankdpmsfix'' - This forces the TFT do black for a few seconds during the initial boot phase (right after the squashfs was downloaded), then forces it back on again. This fixes an occasional "black screen" issue that occurs with some flaky client/TFT hardware combinations when using DisplayPort connectors, and could otherwise only be remediated by manually turning the TFT off and back on again. (feature available via github repo, soon via x2go repo too) + * ''earlyblankdpmsfix'' - This forces the TFT do black for a few seconds during the initial boot phase (right after the squashfs was downloaded), then forces it back on again. This fixes an occasional "black screen" issue that occurs with some flaky client/TFT hardware combinations when using DisplayPort connectors, and could otherwise only be remediated by manually turning the TFT off and back on again. Earlyblankdpmsfix can also be called as ''earlyblankdpmsfix='', where '''' is the blanking time in milliseconds (so, ''earlyblankdpmsfix=1500'' equals 1.5 seconds). (feature available via github repo, soon via x2go repo too) * ''homepageurl="URL1[|URL2|URLn]"'' - this is only available in MiniDesktop mode. It allows you to specify one or more web pages that show up on Browser start/when clicking the "Home" icon. URLs need to be separated with a ''|'', and the set of URLs needs to be enclosed in double quotes. Do //not// enclose each URL in double quotes separately! Correct example: ''homepageurl="https://www.google.de|https://wiki.x2go.org;'' + * ''initrdblankdpmsfix'' is the same as ''earlyblankdpmsfix'', only that it activates in the initial ramdisk already. Like ''earlyblankdpmsfix'', it can also be called as ''initrdblankdpmsfix=''. This parameter is useful if you are affected by the //black screen at boot// issue, and you are not combining squashfs and initrd into one file when netbooting. (feature available via github
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/17 17:55 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 149.172.203.221 Hostname: HSI-KBW-149-172-203-221.hsi13.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1547555492 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: Added a new troubleshooting section for audio issues User: stefanbaur @@ -965,8 +965,18 @@ * When using netbooting, do the following on your PXE/TFTP Server * create a separate configuration file "name-of-your-stubborn-hardware" for this hardware, based on the default file, * create a symlink matching "01-", followed by the first three out of the six bytes of your hardware address, each separated by "-" (say, 01-AA-BB-CC when the full MAC was shown as AA:BB:CC:DD:EE:FF), that points to the file "name-of-your-stubborn-hardware". * In your boot configuration file (either "name-of-your-stubborn-hardware", when using netbooting, or menu.lst, when using local or USB storage media and grub-legacy, or X2Go-live1.cfg/X2Go-live2.cfg, when using local or USB storage media and syslinux), add the boot parameter ''xorgconfurl=tftp|http|https|ftp://your-http-server-ip-here/x2go-tce/x2go-tce.xorg.conf.name-of-your-stubborn-hardware'' + + The session itself works fine, but Audio is not working + + First, check that the audio isn't simply muted (some cards/setups do this by default). Run ''pavucontrol'' inside the X2Go session. Check the settings on the tabs //Output Devices// and //Configuration//. If that is the case, you probably need to create a script on the server that raises the volume/toggles the mute setting upon user login. + + If that doesn't help, please boot with additional boot parameter ''audioout=list'' and look at the output on /dev/tty8 (Hit Ctrl+Alt+F8) - it will give you a list of available audio output devices. This list also gets written to ''/tmp/audiolog'' on the ThinClient. + + You might have to pick a different one from the list, by using boot parameter ''audioout='' with a particular card/output value, like: ''audioout=“alsa_card.pci-_00_1b.0|output:hdmi-stereo”'' (you need to copy the proper value from the list generated on your particular thinclient). + + If you need different settings for different manufacturers, you can try to tell them apart by MAC address and set separate pxe boot configuration files for them. = Support Tools available in X2Go-TCE = Remote Access to the ThinClient's local display (before any connection is made) -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/15 12:31 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 149.172.203.221 Hostname: HSI-KBW-149-172-203-221.hsi13.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1547555457 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [Starting the Build] added /bin/bash shebang line User: stefanbaur @@ -433,9 +433,11 @@ chmod 755 ./patch/includes.chroot/usr/lib/x2go/tce/x2gousbmount Starting the Build - Change to a directory where you want to save your builds, and run the following commands: + Change to a directory where you want to save your builds, and run the following commands: + + #!/bin/bash # Create Timestamp LBX2GO_TIMESTAMP=$(date +"%Y%m%d%H%M%S") # Set Directory name -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/15 12:30 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 149.172.203.221 Hostname: HSI-KBW-149-172-203-221.hsi13.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1547555235 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [Live-Patching the Build] added /bin/bash shebang line User: stefanbaur @@ -143,8 +143,9 @@ Live-Patching the Build This patch is required if you need USB mount capability on the ThinClient while [[http://bugs.x2go.org/cgi-bin/bugreport.cgi?bug=1136|Bug #1136]] is still unresolved. + #!/bin/bash mkdir -p ./patch/includes.chroot/usr/lib/x2go/tce/ cat >./patch/includes.chroot/usr/lib/x2go/tce/x2gousbmount <<'USBMOUNTPATCH' -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/15 12:27 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 149.172.203.221 Hostname: HSI-KBW-149-172-203-221.hsi13.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1547119158 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [Configuring the Build] added /bin/bash shebang line User: stefanbaur @@ -36,8 +36,9 @@ = Building your own X2Go-TCE Image = Configuring the Build + #!/bin/bash # Select ONE of the following git reposities # this one loosely corresponds to "stable" export LBX2GO_CONFIG='git://code.x2go.org/live-build-x2go.git::feature/openbox-magic-pixel-workaround' # this one loosely corresponds to "heuler" -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/10 11:19 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 149.172.203.221 Hostname: HSI-KBW-149-172-203-221.hsi13.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1547114273 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of open ToDos/FIXMEs for this page] added new item regarding MATE-MMD and LDAP User: stefanbaur @@ -1162,8 +1162,10 @@ FIXME it would be cool if most of the TCE-specific boot parameters could be placed into a file that in turn can be specified as a boot parameter, to reduce clutter and boot parameter length. This file would then have to be sourced by the scripts, after they have extracted everything from /proc/cmdline. This will make adding the feature easier, by simply deciding that parameters from this file take precendence over boot parameters. One might argue that boot parameters should take precedence over the config file, but this sounds way more complicated to implement. FIXME A smaller image size can be achieved by removing the following packages from the squashfs: ''libxapian30 libpcsclite1 libdbus-glib-1-2 libfuse2 libpipeline1 libusb-1.0-0 libxv1 xnest xserver-xephyr rdesktop freerdp-x11 traceroute screen net-tools less ntfs-3g fuse locales cifs-utils xterm libgssglue1 libntfs-3g871 libtalloc2 libtcl8.6 libtk8.6 libutempter0 libvncclient1 libvncserver1 libwbclient0 libxcb-xf86dri0 libxcb-xv0 samba-common tcl tcl8.6 tk tk8.6 xbitmaps nfs-common rpcbind atmel-firmware bluez-firmware dahdi-firmware-nonfree hdmi2usb-fx2-firmware iso-codes ixo-usb-jtag libc-l10n libnfsidmap2 libtirpc1 firmware* x11vnc* libfreerdp* libwinpr* libapparmor1 systemd apt-utils libapt-inst2.0'' - check if this could be turned into a build parameter. Note that this makes only sense for a netboot image that uses X2Go sessions only, and no NTFS media (neither fixed disk nor USB). Further reduction needs to be investigated: ''acpi-support-base* acpid* acpi-support* pm-utils* powermgmt-base* gnupg gnupg-agent whiptail vim* vim-common* vim-tiny* xxd* xinetd libcroco3* libcurl3* libexif12* libgdk-pixbuf2.0-0* libgdk-pixbuf2.0-common* libgif7* libid3tag0* libimlib2* libnghttp2-14* libobrender32v5* libobt2v5* libpango-1.0-0* libpangocairo-1.0-0* libpangoft2-1.0-0* libpangoxft-1.0-0* librsvg2-2* librtmp1* libssh2-1* libstartup-notification0* libxft2* libxss1* vim-runtime* xprintidle feh xdotool openbox rsync xserver-xorg-input-wacom* xserver-xorg-video-all* xserver-xorg-video-amdgpu* xserver-xorg-video-ati* xserver-xorg-video-nouveau* xserver-xorg-video-qxl* xserver-xorg-video-radeon* xserver-xorg-video-vmware* libdrm-amdgpu1* libdrm-nouveau2* libdrm-radeon1* libllvm3.9* libsensors4* libxatracker2*'' causes an X startup failure during boot (things seem to work when X is started manually afterwards, which makes this especially bizarre) + + FIXME for MATE-MiniDesktop, it might make sense to teach the image how to do LDAP auth (preferably with LDAPS or LDAP+TLS) and use lightdm without the auto-login. That way, a local screensaver //with// locking functionality (prompting for the actual user's LDAP password) should be possible - and LDAP credential passthrough to X2GoClient should work, too. = List of closed ToDos/FIXMEs for this page = * ''audioout='', ''blank='', ''*blankdpmsfix'', ''nodpms'', ''xinerama='', are currently unsupported in MiniDesktop-Mode, but this is being worked on, by outsourcing them into scripts under ''/etc/X11/Xsession.d/'' (currently, they reside in ''/lib/live/config/2900-x2go-thinclientconfig'' - which doesn't exist in the MiniDesktop branches - and from there, they get written to ''~/.xsession'' - fixed in github repo, soon in x2go repo * It would be nice to have a boot parameter ''xroot=[0xaabbcc|URI1[|URI2|...]]'' for the desktop background image/color, and a boot parameter ''xrootmode=center|fill|scale|tile'' to determine how the image(s) should be positioned (if the parameter has been set, but something is wrong, it should default to the "grey mesh" background) - fixed in github repo, soon in x2go repo * It would also be nice to have boot parameters ''xsaverimages=[URI1[|URI2|...]]'', ''xsaveridletime=n'', ''xsaverimgtime=n'', for a local, non-locking slideshow screensaver (if no images are specified/downloaded by the time it activates, it should just blank the screen). That way, one could display a slideshow without having to push the images across the network every time - fixed in github repo, soon in x2go repo -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/10 09:57 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 149.172.203.221 Hostname: HSI-KBW-149-172-203-221.hsi13.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1547113184 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of open ToDos/FIXMEs for this page] code to put the keystick.key file into the image is already there User: stefanbaur @@ -1144,9 +1144,9 @@ /devices/pci:00/:00:14.0/usb1/1-1/1-1:1.0/host2/target2:0:0/2:0:0:0/block/sdb cat /sys/devices/pci:00/:00:14.0/usb1/1-1/serial allows to determine the serial number of a USB device. Those SHOULD be unique, but sadly, they aren't (and sometimes, they are missing entirely). Therefore, a USB serial number can't be used for authentication, but it could be used for "weak" identification - so it could be used to set a default user name or a default session, or to download a particular sessions file. Authentification and "hard" identification could be implemented using OpenPGP cards, ''scdaemon'' and a script based on ''/usr/share/doc/scdaemon/examples/scd-event''. For Status ''NOCARD'', suspend the session (kill x2goclient or send a signal that means "suspend", if available, or maybe sighup nxproxy), for status ''USABLE'', run ''gpg --card-status 2>&1 | awk '$1=="Serial" && $2=="number" {print $4}''' to determine the card's serial number, then act based on that (pull new sessions file or set default user, for example, and restart x2goclient). - FIXME Automount script currently expects a LUKS password in ''/etc/keys/keystick.key'' when it believes it has found an encrypted partition on USB media. This is a problem in general, as it should be trivial to sniff out this password using a rogue client. If we want to support this feature, though, we should add code to the build script that lets the user place a password file in the image, and sets proper restrictive permissions (this would have to happen right before the ''lb build'' call). Adding a boot parameter instead of hardcoding it would allow for dynamic password files (by specifying an URI that points to a CGI script, for example - you could output a different password depending on the source IP range, thus locking media to a particular department, if your departments have different IP ranges), but on the other hand, would make it even easier to sniff out the password. It would only really make sense for Netboot installations, and also not for a MiniDesktop in any way, because you have to block the user from accessing the TCE's local environment/files. And you also have to make sure that people cannot boot rogue clients. This means a DHCP setup that is locked to known MAC addresses, and physically blocking access to the ThinClient and its network wiring - because the MAC is displayed during boot, and thus trivial to clone. + FIXME Automount script currently expects a LUKS password in ''/etc/keys/keystick.key'' when it believes it has found an encrypted partition on USB media. This is a problem in general, as it should be trivial to sniff out this password using a rogue client. Such a password file would have to be saved as ''./patch/includes.chroot/etc/keys/keystick.key'' (with the proper restrictive permissions) before starting the build. Adding a boot parameter instead of hardcoding it would allow for dynamic password files (by specifying an URI that points to a CGI script, for example - you could output a different password depending on the source IP range, thus locking media to a particular department, if your departments have different IP ranges), but on the other hand, would make it even easier to sniff out the password. It would only really make sense for Netboot installations, and also not for a MiniDesktop in any way, because you have to block the user from accessing the TCE's local environment/files. And you also have to make sure that people cannot boot rogue clients. This means a DHCP setup that is locked to known MAC addresses, and physically blocking access to the ThinClient and its network wiring - because the MAC is displayed during boot, and thus trivial to clone. FIXME ''x2gocdmanager'' is currently not part of the image, but should become part of it. While optical media are on their way out, they still exist and thus we should support them. However, the script is hardcoded for X2Go-TCE-NFS and needs to be adapted to work with both TCEs. FIXME ''pinentry-x2go'' and ''x2gosmartcardrules'' probably need further investigation to make smartcard authentication work. -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/10 09:39 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 149.172.203.221 Hostname: HSI-KBW-149-172-203-221.hsi13.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1547113145 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of open ToDos/FIXMEs for this page] User: stefanbaur @@ -1156,9 +1156,9 @@ FIXME When building a stretch TCE you need to add kernel parameters ''net.ifnames=0 biosdevname=0'' to the image's kernel parameters, else you will receive error messages about the hostname script being unable to find eth0. For a jessie TCE, it is not required. This could be fixed for iso-hybrid and netboot in the buildscript, but it will only work if people are using the image 1:1 - as soon as they start using syslinux or grub manually (as actually recommended by us), they need to add these parameters themselves. FIXME ''bg='', ''branding='', ''broker-url='', ''ldap='', ''ldap1='', ''ldap2='', ''session='', ''throttle='', are currently unsupported in MiniDesktop-Mode. This could be changed, given enough tuits. Probably the easiest way would be to have ''/lib/live/config/2900-x2go-thinclientconfig'' exist in the MiniDesktop branches as well, make it aware of which environment it is running in (TCE/TCE-MMD), and have it patch the appropriate files. - FIXME ''2200-xserver-xorg-getxorgconf'' all scripts accepting URLs in boot parameters should be taught to understand ''file://'' URLs. Such files can be included in the image by placing them in the ''./patch/includes.chroot/'' directory (in a suitable subdirectory) and referencing them from there. + FIXME ''2200-xserver-xorg-getxorgconf'' all scripts accepting URLs in boot parameters should be taught to understand ''file:///'' URLs. Such files can be included in the image by placing them in the ''./patch/includes.chroot/'' directory (in a suitable subdirectory) and referencing them from there. FIXME it would be cool if most of the TCE-specific boot parameters could be placed into a file that in turn can be specified as a boot parameter, to reduce clutter and boot parameter length. This file would then have to be sourced by the scripts, after they have extracted everything from /proc/cmdline. This will make adding the feature easier, by simply deciding that parameters from this file take precendence over boot parameters. One might argue that boot parameters should take precedence over the config file, but this sounds way more complicated to implement. FIXME A smaller image size can be achieved by removing the following packages from the squashfs: ''libxapian30 libpcsclite1 libdbus-glib-1-2 libfuse2 libpipeline1 libusb-1.0-0 libxv1 xnest xserver-xephyr rdesktop freerdp-x11 traceroute screen net-tools less ntfs-3g fuse locales cifs-utils xterm libgssglue1 libntfs-3g871 libtalloc2 libtcl8.6 libtk8.6 libutempter0 libvncclient1 libvncserver1 libwbclient0 libxcb-xf86dri0 libxcb-xv0 samba-common tcl tcl8.6 tk tk8.6 xbitmaps nfs-common rpcbind atmel-firmware bluez-firmware dahdi-firmware-nonfree hdmi2usb-fx2-firmware iso-codes ixo-usb-jtag libc-l10n libnfsidmap2 libtirpc1 firmware* x11vnc* libfreerdp* libwinpr* -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/10 09:39 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 149.172.203.221 Hostname: HSI-KBW-149-172-203-221.hsi13.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1547113040 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of open ToDos/FIXMEs for this page] User: stefanbaur @@ -1138,10 +1138,8 @@ * If a session is set to "Try auto login (via SSH Agent or default SSH key)" and NO keyfile is set, then X2GoClient will try **all** secret keys in .ssh. Showing a password prompt if a key is password-protected is handled by X2GoClient, so needs no extra work. * To specify a keyfile, either: * use ''~/.ssh/keyfilename'' as path and use ''copysecring'', or * do not use ''copysecring'' and use ''/media/vendor_model_name/sdxn/path/to/keyfile'' (or ''/media/vendor_model_name/partlabel/path/to/keyfile'', if you assigned a partition label - which is recommended for this use case) as keyfile path/name - - FIXME ''2200-xserver-xorg-getxorgconf'' all scripts accepting URLs in boot parameters should be taught to understand ''file://'' URLs. Such files can be included in the image by placing them in the ''./patch/includes.chroot/'' directory (in a suitable subdirectory) and referencing them from there. FIXME Parsing the output of e.g. udevadm info --query path /dev/sdb /devices/pci:00/:00:14.0/usb1/1-1/1-1:1.0/host2/target2:0:0/2:0:0:0/block/sdb cat /sys/devices/pci:00/:00:14.0/usb1/1-1/serial allows to determine the serial number of a USB device. Those SHOULD be unique, but sadly, they aren't (and sometimes, they are missing entirely). Therefore, a USB serial number can't be used for authentication, but it could be used for "weak" identification - so it could be used to set a default user name or a default session, or to download a particular sessions file. @@ -1157,8 +1155,10 @@ FIXME When building a stretch TCE you need to add kernel parameters ''net.ifnames=0 biosdevname=0'' to the image's kernel parameters, else you will receive error messages about the hostname script being unable to find eth0. For a jessie TCE, it is not required. This could be fixed for iso-hybrid and netboot in the buildscript, but it will only work if people are using the image 1:1 - as soon as they start using syslinux or grub manually (as actually recommended by us), they need to add these parameters themselves. FIXME ''bg='', ''branding='', ''broker-url='', ''ldap='', ''ldap1='', ''ldap2='', ''session='', ''throttle='', are currently unsupported in MiniDesktop-Mode. This could be changed, given enough tuits. Probably the easiest way would be to have ''/lib/live/config/2900-x2go-thinclientconfig'' exist in the MiniDesktop branches as well, make it aware of which environment it is running in (TCE/TCE-MMD), and have it patch the appropriate files. + + FIXME ''2200-xserver-xorg-getxorgconf'' all scripts accepting URLs in boot parameters should be taught to understand ''file://'' URLs. Such files can be included in the image by placing them in the ''./patch/includes.chroot/'' directory (in a suitable subdirectory) and referencing them from there. FIXME it would be cool if most of the TCE-specific boot parameters could be placed into a file that in turn can be specified as a boot parameter, to reduce clutter and boot parameter length. This file would then have to be sourced by the scripts, after they have extracted everything from /proc/cmdline. This will make adding the feature easier, by simply deciding that parameters from this file take precendence over boot parameters. One might argue that boot parameters should take precedence over the config file, but this sounds way more complicated to implement. FIXME A smaller image size can be achieved by removing the following packages from the squashfs: ''libxapian30 libpcsclite1 libdbus-glib-1-2 libfuse2 libpipeline1 libusb-1.0-0 libxv1 xnest xserver-xephyr rdesktop freerdp-x11 traceroute screen net-tools less ntfs-3g fuse locales cifs-utils xterm libgssglue1 libntfs-3g871 libtalloc2 libtcl8.6 libtk8.6 libutempter0 libvncclient1 libvncserver1 libwbclient0 libxcb-xf86dri0 libxcb-xv0 samba-common tcl tcl8.6 tk tk8.6 xbitmaps nfs-common rpcbind atmel-firmware bluez-firmware dahdi-firmware-nonfree hdmi2usb-fx2-firmware iso-codes ixo-usb-jtag libc-l10n libnfsidmap2 libtirpc1 firmware* x11vnc* libfreerdp* libwinpr* -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/10 09:37 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 149.172.203.221 Hostname: HSI-KBW-149-172-203-221.hsi13.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1547110208 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of open ToDos/FIXMEs for this page] added new item regarding image size User: stefanbaur @@ -1159,8 +1159,11 @@ FIXME ''bg='', ''branding='', ''broker-url='', ''ldap='', ''ldap1='', ''ldap2='', ''session='', ''throttle='', are currently unsupported in MiniDesktop-Mode. This could be changed, given enough tuits. Probably the easiest way would be to have ''/lib/live/config/2900-x2go-thinclientconfig'' exist in the MiniDesktop branches as well, make it aware of which environment it is running in (TCE/TCE-MMD), and have it patch the appropriate files. FIXME it would be cool if most of the TCE-specific boot parameters could be placed into a file that in turn can be specified as a boot parameter, to reduce clutter and boot parameter length. This file would then have to be sourced by the scripts, after they have extracted everything from /proc/cmdline. This will make adding the feature easier, by simply deciding that parameters from this file take precendence over boot parameters. One might argue that boot parameters should take precedence over the config file, but this sounds way more complicated to implement. + + FIXME A smaller image size can be achieved by removing the following packages from the squashfs: ''libxapian30 libpcsclite1 libdbus-glib-1-2 libfuse2 libpipeline1 libusb-1.0-0 libxv1 xnest xserver-xephyr rdesktop freerdp-x11 traceroute screen net-tools less ntfs-3g fuse locales cifs-utils xterm libgssglue1 libntfs-3g871 libtalloc2 libtcl8.6 libtk8.6 libutempter0 libvncclient1 libvncserver1 libwbclient0 libxcb-xf86dri0 libxcb-xv0 samba-common tcl tcl8.6 tk tk8.6 xbitmaps nfs-common rpcbind atmel-firmware bluez-firmware dahdi-firmware-nonfree hdmi2usb-fx2-firmware iso-codes ixo-usb-jtag libc-l10n libnfsidmap2 libtirpc1 firmware* x11vnc* libfreerdp* libwinpr* + libapparmor1 systemd apt-utils libapt-inst2.0'' - check if this could be turned into a build parameter. Note that this makes only sense for a netboot image that uses X2Go sessions only, and no NTFS media (neither fixed disk nor USB). Further reduction needs to be investigated: ''acpi-support-base* acpid* acpi-support* pm-utils* powermgmt-base* gnupg gnupg-agent whiptail vim* vim-common* vim-tiny* xxd* xinetd libcroco3* libcurl3* libexif12* libgdk-pixbuf2.0-0* libgdk-pixbuf2.0-common* libgif7* libid3tag0* libimlib2* libnghttp2-14* libobrender32v5* libobt2v5* libpango-1.0-0* libpangocairo-1.0-0* libpangoft2-1.0-0* libpangoxft-1.0-0* librsvg2-2* librtmp1* libssh2-1* libstartup-notification0* libxft2* libxss1* vim-runtime* xprintidle feh xdotool openbox rsync xserver-xorg-input-wacom* xserver-xorg-video-all* xserver-xorg-video-amdgpu* xserver-xorg-video-ati* xserver-xorg-video-nouveau* xserver-xorg-video-qxl* xserver-xorg-video-radeon* xserver-xorg-video-vmware* libdrm-amdgpu1* libdrm-nouveau2* libdrm-radeon1* libllvm3.9* libsensors4* libxatracker2*'' causes an X startup failure during boot (things seem to work when X is started manually afterwards, which makes this especially bizarre) = List of closed ToDos/FIXMEs for this page = * ''audioout='', ''blank='', ''*blankdpmsfix'', ''nodpms'', ''xinerama='', are currently unsupported in MiniDesktop-Mode, but this is being worked on, by outsourcing them into scripts under ''/etc/X11/Xsession.d/'' (currently, they reside in ''/lib/live/config/2900-x2go-thinclientconfig'' - which doesn't exist in the MiniDesktop branches - and from there, they get written to ''~/.xsession'' - fixed in github repo, soon in x2go repo * It would be nice to have a boot parameter ''xroot=[0xaabbcc|URI1[|URI2|...]]'' for the desktop background image/color, and a boot parameter ''xrootmode=center|fill|scale|tile'' to determine how the image(s) should be positioned (if the parameter has been set, but something is wrong, it should default to the "grey mesh" background) - fixed in github repo, soon in x2go repo * It would also be nice to have boot parameters ''xsaverimages=[URI1[|URI2|...]]'', ''xsaveridletime=n'', ''xsaverimgtime=n'', for a local, non-locking slideshow screensaver (if no images are specified/downloaded by the time it activates, it should just blank the screen). That way, one could display a slideshow without having to push the images across the network every time - fixed in github repo, soon in x2go repo -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/10 08:50 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 149.172.203.221 Hostname: HSI-KBW-149-172-203-221.hsi13.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1546964308 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of open ToDos/FIXMEs for this page] added info where file:/// URLs would point to User: stefanbaur @@ -1139,9 +1139,9 @@ * To specify a keyfile, either: * use ''~/.ssh/keyfilename'' as path and use ''copysecring'', or * do not use ''copysecring'' and use ''/media/vendor_model_name/sdxn/path/to/keyfile'' (or ''/media/vendor_model_name/partlabel/path/to/keyfile'', if you assigned a partition label - which is recommended for this use case) as keyfile path/name - FIXME ''2200-xserver-xorg-getxorgconf'' all scripts accepting URLs in boot parameters should be taught to understand ''file://'' URLs. + FIXME ''2200-xserver-xorg-getxorgconf'' all scripts accepting URLs in boot parameters should be taught to understand ''file://'' URLs. Such files can be included in the image by placing them in the ''./patch/includes.chroot/'' directory (in a suitable subdirectory) and referencing them from there. FIXME Parsing the output of e.g. udevadm info --query path /dev/sdb /devices/pci:00/:00:14.0/usb1/1-1/1-1:1.0/host2/target2:0:0/2:0:0:0/block/sdb cat /sys/devices/pci:00/:00:14.0/usb1/1-1/serial allows to determine the serial number of a USB device. Those SHOULD be unique, but sadly, they aren't (and sometimes, they are missing entirely). Therefore, a USB serial number can't be used for authentication, but it could be used for "weak" identification - so it could be used to set a default user name or a default session, or to download a particular sessions file. -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/08 16:18 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 94.217.236.160 Hostname: dslb-094-217-236-160.094.217.pools.vodafone-ip.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1546959016 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of open ToDos/FIXMEs for this page] actually, all boot parameters that accept URLs should understand file:/// syntax User: stefanbaur @@ -1139,9 +1139,9 @@ * To specify a keyfile, either: * use ''~/.ssh/keyfilename'' as path and use ''copysecring'', or * do not use ''copysecring'' and use ''/media/vendor_model_name/sdxn/path/to/keyfile'' (or ''/media/vendor_model_name/partlabel/path/to/keyfile'', if you assigned a partition label - which is recommended for this use case) as keyfile path/name - FIXME ''2200-xserver-xorg-getxorgconf'' should be taught to understand ''file://'' URLs. + FIXME ''2200-xserver-xorg-getxorgconf'' all scripts accepting URLs in boot parameters should be taught to understand ''file://'' URLs. FIXME Parsing the output of e.g. udevadm info --query path /dev/sdb /devices/pci:00/:00:14.0/usb1/1-1/1-1:1.0/host2/target2:0:0/2:0:0:0/block/sdb cat /sys/devices/pci:00/:00:14.0/usb1/1-1/serial allows to determine the serial number of a USB device. Those SHOULD be unique, but sadly, they aren't (and sometimes, they are missing entirely). Therefore, a USB serial number can't be used for authentication, but it could be used for "weak" identification - so it could be used to set a default user name or a default session, or to download a particular sessions file. -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/08 14:50 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 94.217.236.160 Hostname: dslb-094-217-236-160.094.217.pools.vodafone-ip.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1546958991 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of closed ToDos/FIXMEs for this page] User: stefanbaur @@ -1161,16 +1161,11 @@ FIXME it would be cool if most of the TCE-specific boot parameters could be placed into a file that in turn can be specified as a boot parameter, to reduce clutter and boot parameter length. This file would then have to be sourced by the scripts, after they have extracted everything from /proc/cmdline. This will make adding the feature easier, by simply deciding that parameters from this file take precendence over boot parameters. One might argue that boot parameters should take precedence over the config file, but this sounds way more complicated to implement. = List of closed ToDos/FIXMEs for this page = * ''audioout='', ''blank='', ''*blankdpmsfix'', ''nodpms'', ''xinerama='', are currently unsupported in MiniDesktop-Mode, but this is being worked on, by outsourcing them into scripts under ''/etc/X11/Xsession.d/'' (currently, they reside in ''/lib/live/config/2900-x2go-thinclientconfig'' - which doesn't exist in the MiniDesktop branches - and from there, they get written to ''~/.xsession'' - fixed in github repo, soon in x2go repo - * It would be nice to have a boot parameter ''xroot=[0xaabbcc|URI1[|URI2|...]]'' for the desktop background image/color, and a boot parameter ''xrootmode=center|fill|scale|tile'' to determine how the image(s) should be positioned (if the parameter has been set, but something is wrong, it should default to the "grey mesh" background) - fixed in github repo, soon in x2go repo - * It would also be nice to have boot parameters ''xsaverimages=[URI1[|URI2|...]]'', ''xsaveridletime=n'', ''xsaverimgtime=n'', for a local, non-locking slideshow screensaver (if no images are specified/downloaded by the time it activates, it should just blank the screen). That way, one could display a slideshow without having to push the images across the network every time - fixed in github repo, soon in x2go repo - * Boot parameters ''blankdpmsfix'' and ''earlyblankdpmsfix'' still leave the screen blank for too long, when used in netboot mode (especially over slow links). Two ways to solve this are to either use local storage, or to use the initrd with the squashfs merged into it. A third, new option would be a boot parameter ''initrdblankdpmsfix'', where the un-blanking code of ''earlyblankdpmsfix'' is applied in the initrd already - fixed in github repo, soon in x2go repo - - * There might be a race condition between the scripts handling the sshd keyfile and the ssh private key file copy task (/config ...), causing one to umount the fixed disk before the other is done reading/copying. What's weird is that there already is code that is supposed to keep this from happening, but it doesn't. - fixed in github repo, soon in x2go repo * Setting the time via NTP will fail if the TC can't establish a connection to an NTP server via the internet. It would make sense to allow specifying an internal NTP server via a boot parameter. - fixed in github repo, soon in x2go repo * ''copysecring'' currently does not work in MiniDesktop-Mode, as it copies the keys to the wrong user's homedir. - fixed in github repo, soon in x2go repo * copying ssh private keys seems to fail in MiniDesktop-Mode - possibly because of the priming/pruning/cleanup action performed on the homedirectory by the minidesktop init scripts? - should already be fixed in github repo, soon in x2go repo -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/08 14:49 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 94.217.236.160 Hostname: dslb-094-217-236-160.094.217.pools.vodafone-ip.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1546798031 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: closed some fixmes User: stefanbaur @@ -1158,18 +1158,18 @@ FIXME When building a stretch TCE you need to add kernel parameters ''net.ifnames=0 biosdevname=0'' to the image's kernel parameters, else you will receive error messages about the hostname script being unable to find eth0. For a jessie TCE, it is not required. This could be fixed for iso-hybrid and netboot in the buildscript, but it will only work if people are using the image 1:1 - as soon as they start using syslinux or grub manually (as actually recommended by us), they need to add these parameters themselves. FIXME ''bg='', ''branding='', ''broker-url='', ''ldap='', ''ldap1='', ''ldap2='', ''session='', ''throttle='', are currently unsupported in MiniDesktop-Mode. This could be changed, given enough tuits. Probably the easiest way would be to have ''/lib/live/config/2900-x2go-thinclientconfig'' exist in the MiniDesktop branches as well, make it aware of which environment it is running in (TCE/TCE-MMD), and have it patch the appropriate files. - FIXME ''audioout='', ''blank='', ''*blankdpmsfix'', ''nodpms'', ''xinerama='', are currently unsupported in MiniDesktop-Mode, but this is being worked on, by outsourcing them into scripts under ''/etc/X11/Xsession.d/'' (currently, they reside in ''/lib/live/config/2900-x2go-thinclientconfig'' - which doesn't exist in the MiniDesktop branches - and from there, they get written to ''~/.xsession'' + FIXME it would be cool if most of the TCE-specific boot parameters could be placed into a file that in turn can be specified as a boot parameter, to reduce clutter and boot parameter length. This file would then have to be sourced by the scripts, after they have extracted everything from /proc/cmdline. This will make adding the feature easier, by simply deciding that parameters from this file take precendence over boot parameters. One might argue that boot parameters should take precedence over the config file, but this sounds way more complicated to implement. + = List of closed ToDos/FIXMEs for this page = + * ''audioout='', ''blank='', ''*blankdpmsfix'', ''nodpms'', ''xinerama='', are currently unsupported in MiniDesktop-Mode, but this is being worked on, by outsourcing them into scripts under ''/etc/X11/Xsession.d/'' (currently, they reside in ''/lib/live/config/2900-x2go-thinclientconfig'' - which doesn't exist in the MiniDesktop branches - and from there, they get written to ''~/.xsession'' - fixed in github repo, soon in x2go repo - FIXME It would be nice to have a boot parameter ''xroot=[0xaabbcc|URI1[|URI2|...]]'' for the desktop background image/color, and a boot parameter ''xrootmode=center|fill|scale|tile'' to determine how the image(s) should be positioned (if the parameter has been set, but something is wrong, it should default to the "grey mesh" background) - this is being worked on. + * It would be nice to have a boot parameter ''xroot=[0xaabbcc|URI1[|URI2|...]]'' for the desktop background image/color, and a boot parameter ''xrootmode=center|fill|scale|tile'' to determine how the image(s) should be positioned (if the parameter has been set, but something is wrong, it should default to the "grey mesh" background) - fixed in github repo, soon in x2go repo - FIXME It would also be nice to have boot parameters ''xsaverimages=[URI1[|URI2|...]]'', ''xsaveridletime=n'', ''xsaverimgtime=n'', for a local, non-locking slideshow screensaver (if no images are specified/downloaded by the time it activates, it should just blank the screen). That way, one could display a slideshow without having to push the images across the network every time - this is also being worked on. + * It would also be nice to have boot parameters ''xsaverimages=[URI1[|URI2|...]]'', ''xsaveridletime=n'', ''xsaverimgtime=n'', for a local, non-locking slideshow screensaver (if no images are specified/downloaded by the time it activates, it should just blank the screen). That way, one could display a slideshow without having to push the images across the network every time - fixed in github repo, soon in x2go repo - FIXME Boot parameters ''blankdpmsfix'' and ''earlyblankdpmsfix'' still leave the screen blank for too long, when used in netboot mode (especially over slow links). Two ways to solve this are to either use local storage, or to use the initrd with the squashfs merged into it. A third, new option would be a boot parameter ''initrdblankdpmsfix'', where the un-blanking code of ''earlyblankdpmsfix'' is applied in the
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/06 18:07 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 149.172.203.221 Hostname: HSI-KBW-149-172-203-221.hsi13.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1546789389 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: added note that rsyncd could be paired with stunnel User: stefanbaur @@ -1112,9 +1112,9 @@ hosts allow = 192.168.0.0/255.255.0.0 # change this to your local subnet(s) * after you have prepared all this, execute ''service rsync start'' - * Note that whoever manages to spoof the server name can deploy rogue images to your ThinClients. Even though it is slower, using an HTTPS web server is the safer way of doing this. Be sure that your web server delivers a last-modified header for all files. + * Note that whoever manages to spoof the server name can deploy rogue images to your ThinClients. Even though it is slower, using an HTTPS web server is the safer way of doing this. Be sure that your web server delivers a last-modified header for all files. In future, support for rsyncd via stunnel might be added, if the rsync project does not add native SSL support to rsyncd before that. FIXME Some of the optional steps above could be moved to a separate subpage to reduce clutter. FIXME The steps for the build process could probably streamlined into an x2go-tcebuilder.deb Debian package -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/06 15:43 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 149.172.203.221 Hostname: HSI-KBW-149-172-203-221.hsi13.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1546789221 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of open ToDos/FIXMEs for this page] updated required methods to make certain boot parameters available in minidesktop mode User: stefanbaur @@ -1156,11 +1156,11 @@ FIXME Even though we set the hostname to ''localhost'' using the corresponding boot parameter, as recommended by Debian, changing the name via DHCP does not work for all image flavours. One way to fix this might be http://blog.schlomo.schapiro.org/2013/11/setting-hostname-from-dhcp-in-debian.html FIXME When building a stretch TCE you need to add kernel parameters ''net.ifnames=0 biosdevname=0'' to the image's kernel parameters, else you will receive error messages about the hostname script being unable to find eth0. For a jessie TCE, it is not required. This could be fixed for iso-hybrid and netboot in the buildscript, but it will only work if people are using the image 1:1 - as soon as they start using syslinux or grub manually (as actually recommended by us), they need to add these parameters themselves. - FIXME ''bg='', ''branding='', ''broker-url='', ''ldap='', ''ldap1='', ''ldap2='', ''session='', ''throttle='', are currently unsupported in MiniDesktop-Mode. This could be changed, given enough tuits. Probably the easiest way would be to outsource as many of them as possible into scripts under ''/etc/X11/Xsession.d/'' (currently, they reside in ''/lib/live/config/2900-x2go-thinclientconfig'' - which doesn't exist in the MiniDesktop branches - and from there, they get written to ''~/.xsession'' + FIXME ''bg='', ''branding='', ''broker-url='', ''ldap='', ''ldap1='', ''ldap2='', ''session='', ''throttle='', are currently unsupported in MiniDesktop-Mode. This could be changed, given enough tuits. Probably the easiest way would be to have ''/lib/live/config/2900-x2go-thinclientconfig'' exist in the MiniDesktop branches as well, make it aware of which environment it is running in (TCE/TCE-MMD), and have it patch the appropriate files. - FIXME ''audioout='', ''blank='', ''*blankdpmsfix'', ''nodpms'', ''xinerama='', are currently unsupported in MiniDesktop-Mode, but this is being worked on, using the method described above. + FIXME ''audioout='', ''blank='', ''*blankdpmsfix'', ''nodpms'', ''xinerama='', are currently unsupported in MiniDesktop-Mode, but this is being worked on, by outsourcing them into scripts under ''/etc/X11/Xsession.d/'' (currently, they reside in ''/lib/live/config/2900-x2go-thinclientconfig'' - which doesn't exist in the MiniDesktop branches - and from there, they get written to ''~/.xsession'' FIXME It would be nice to have a boot parameter ''xroot=[0xaabbcc|URI1[|URI2|...]]'' for the desktop background image/color, and a boot parameter ''xrootmode=center|fill|scale|tile'' to determine how the image(s) should be positioned (if the parameter has been set, but something is wrong, it should default to the "grey mesh" background) - this is being worked on. FIXME It would also be nice to have boot parameters ''xsaverimages=[URI1[|URI2|...]]'', ''xsaveridletime=n'', ''xsaverimgtime=n'', for a local, non-locking slideshow screensaver (if no images are specified/downloaded by the time it activates, it should just blank the screen). That way, one could display a slideshow without having to push the images across the network every time - this is also being worked on. -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/06 15:40 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 149.172.203.221 Hostname: HSI-KBW-149-172-203-221.hsi13.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1546789134 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of open ToDos/FIXMEs for this page] added further info regarding background image/color User: stefanbaur @@ -1160,9 +1160,9 @@ FIXME ''bg='', ''branding='', ''broker-url='', ''ldap='', ''ldap1='', ''ldap2='', ''session='', ''throttle='', are currently unsupported in MiniDesktop-Mode. This could be changed, given enough tuits. Probably the easiest way would be to outsource as many of them as possible into scripts under ''/etc/X11/Xsession.d/'' (currently, they reside in ''/lib/live/config/2900-x2go-thinclientconfig'' - which doesn't exist in the MiniDesktop branches - and from there, they get written to ''~/.xsession'' FIXME ''audioout='', ''blank='', ''*blankdpmsfix'', ''nodpms'', ''xinerama='', are currently unsupported in MiniDesktop-Mode, but this is being worked on, using the method described above. - FIXME It would be nice to have a boot parameter ''xroot=[0xaabbcc|URI1[|URI2|...]]'' for the desktop background image/color, and a boot parameter ''xrootmode=center|fill|scale|tile'' to determine how the image(s) should be positioned - this is being worked on. + FIXME It would be nice to have a boot parameter ''xroot=[0xaabbcc|URI1[|URI2|...]]'' for the desktop background image/color, and a boot parameter ''xrootmode=center|fill|scale|tile'' to determine how the image(s) should be positioned (if the parameter has been set, but something is wrong, it should default to the "grey mesh" background) - this is being worked on. FIXME It would also be nice to have boot parameters ''xsaverimages=[URI1[|URI2|...]]'', ''xsaveridletime=n'', ''xsaverimgtime=n'', for a local, non-locking slideshow screensaver (if no images are specified/downloaded by the time it activates, it should just blank the screen). That way, one could display a slideshow without having to push the images across the network every time - this is also being worked on. FIXME Boot parameters ''blankdpmsfix'' and ''earlyblankdpmsfix'' still leave the screen blank for too long, when used in netboot mode (especially over slow links). Two ways to solve this are to either use local storage, or to use the initrd with the squashfs merged into it. A third, new option would be a boot parameter ''initrdblankdpmsfix'', where the un-blanking code of ''earlyblankdpmsfix'' is applied in the initrd already - this is being worked on as well. -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/06 15:38 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 149.172.203.221 Hostname: HSI-KBW-149-172-203-221.hsi13.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1546788839 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of open ToDos/FIXMEs for this page] added further info regarding background image/color User: stefanbaur @@ -1162,9 +1162,9 @@ FIXME ''audioout='', ''blank='', ''*blankdpmsfix'', ''nodpms'', ''xinerama='', are currently unsupported in MiniDesktop-Mode, but this is being worked on, using the method described above. FIXME It would be nice to have a boot parameter ''xroot=[0xaabbcc|URI1[|URI2|...]]'' for the desktop background image/color, and a boot parameter ''xrootmode=center|fill|scale|tile'' to determine how the image(s) should be positioned - this is being worked on. - FIXME It would also be nice to have boot parameters ''xsaverimages=[URI1[|URI2|...]]'', ''xsaveridletime=n'', ''xsaverimgtime=n'', for a local, non-locking slideshow screensaver. That way, one could display a slideshow without having to push the images across the network every time - this is also being worked on. + FIXME It would also be nice to have boot parameters ''xsaverimages=[URI1[|URI2|...]]'', ''xsaveridletime=n'', ''xsaverimgtime=n'', for a local, non-locking slideshow screensaver (if no images are specified/downloaded by the time it activates, it should just blank the screen). That way, one could display a slideshow without having to push the images across the network every time - this is also being worked on. FIXME Boot parameters ''blankdpmsfix'' and ''earlyblankdpmsfix'' still leave the screen blank for too long, when used in netboot mode (especially over slow links). Two ways to solve this are to either use local storage, or to use the initrd with the squashfs merged into it. A third, new option would be a boot parameter ''initrdblankdpmsfix'', where the un-blanking code of ''earlyblankdpmsfix'' is applied in the initrd already - this is being worked on as well. FIXME it would be cool if most of the TCE-specific boot parameters could be placed into a file that in turn can be specified as a boot parameter, to reduce clutter and boot parameter length. This file would then have to be sourced by the scripts, after they have extracted everything from /proc/cmdline. This will make adding the feature easier, by simply deciding that parameters from this file take precendence over boot parameters. One might argue that boot parameters should take precedence over the config file, but this sounds way more complicated to implement. -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/06 15:30 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 149.172.203.221 Hostname: HSI-KBW-149-172-203-221.hsi13.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1546785194 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of open ToDos/FIXMEs for this page] added new item for slideshow screensaver User: stefanbaur @@ -1161,8 +1161,10 @@ FIXME ''audioout='', ''blank='', ''*blankdpmsfix'', ''nodpms'', ''xinerama='', are currently unsupported in MiniDesktop-Mode, but this is being worked on, using the method described above. FIXME It would be nice to have a boot parameter ''xroot=[0xaabbcc|URI1[|URI2|...]]'' for the desktop background image/color, and a boot parameter ''xrootmode=center|fill|scale|tile'' to determine how the image(s) should be positioned - this is being worked on. + + FIXME It would also be nice to have boot parameters ''xsaverimages=[URI1[|URI2|...]]'', ''xsaveridletime=n'', ''xsaverimgtime=n'', for a local, non-locking slideshow screensaver. That way, one could display a slideshow without having to push the images across the network every time - this is also being worked on. FIXME it would be cool if most of the TCE-specific boot parameters could be placed into a file that in turn can be specified as a boot parameter, to reduce clutter and boot parameter length. This file would then have to be sourced by the scripts, after they have extracted everything from /proc/cmdline. This will make adding the feature easier, by simply deciding that parameters from this file take precendence over boot parameters. One might argue that boot parameters should take precedence over the config file, but this sounds way more complicated to implement. = List of closed ToDos/FIXMEs for this page = -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/06 13:41 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 149.172.203.221 Hostname: HSI-KBW-149-172-203-221.hsi13.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1546781608 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of open ToDos/FIXMEs for this page] added info to stretch peculiarity regarding network device names User: stefanbaur @@ -1154,9 +1154,9 @@ FIXME ''pinentry-x2go'' and ''x2gosmartcardrules'' probably need further investigation to make smartcard authentication work. FIXME Even though we set the hostname to ''localhost'' using the corresponding boot parameter, as recommended by Debian, changing the name via DHCP does not work for all image flavours. One way to fix this might be http://blog.schlomo.schapiro.org/2013/11/setting-hostname-from-dhcp-in-debian.html - FIXME When building a stretch TCE you need to add kernel parameters ''net.ifnames=0 biosdevname=0'' to the image's kernel parameters, else you will receive error messages about the hostname script being unable to find eth0. For a jessie TCE, it is not required. + FIXME When building a stretch TCE you need to add kernel parameters ''net.ifnames=0 biosdevname=0'' to the image's kernel parameters, else you will receive error messages about the hostname script being unable to find eth0. For a jessie TCE, it is not required. This could be fixed for iso-hybrid and netboot in the buildscript, but it will only work if people are using the image 1:1 - as soon as they start using syslinux or grub manually (as actually recommended by us), they need to add these parameters themselves. FIXME ''bg='', ''branding='', ''broker-url='', ''ldap='', ''ldap1='', ''ldap2='', ''session='', ''throttle='', are currently unsupported in MiniDesktop-Mode. This could be changed, given enough tuits. Probably the easiest way would be to outsource as many of them as possible into scripts under ''/etc/X11/Xsession.d/'' (currently, they reside in ''/lib/live/config/2900-x2go-thinclientconfig'' - which doesn't exist in the MiniDesktop branches - and from there, they get written to ''~/.xsession'' FIXME ''audioout='', ''blank='', ''*blankdpmsfix'', ''nodpms'', ''xinerama='', are currently unsupported in MiniDesktop-Mode, but this is being worked on, using the method described above. -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/06 13:33 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 149.172.203.221 Hostname: HSI-KBW-149-172-203-221.hsi13.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1546781376 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of open ToDos/FIXMEs for this page] -> moved unfixable fixme to [List of closed ToDos/FIXMEs for this page] User: stefanbaur @@ -1161,10 +1161,8 @@ FIXME ''audioout='', ''blank='', ''*blankdpmsfix'', ''nodpms'', ''xinerama='', are currently unsupported in MiniDesktop-Mode, but this is being worked on, using the method described above. FIXME It would be nice to have a bootparameter for the desktop background/color - this is being worked on. - - FIXME ''nomagicpixel='' is currently unsupported in MiniDesktop-Mode and probably will be unsupported there forever, as it doesn't make sense for MiniDesktop-Mode. = List of closed ToDos/FIXMEs for this page = @@ -1174,9 +1172,9 @@ * copying ssh private keys seems to fail in MiniDesktop-Mode - possibly because of the priming/pruning/cleanup action performed on the homedirectory by the minidesktop init scripts? - should already be fixed in github repo, soon in x2go repo * Automount script expansion is in the works. Will fully support VFAT, NTFS, hfs, hpfs, will offer read-only support for ext* via fuseext2 (that way, file ownership/permissions are ignored). - fixed. * ''homepageurl='' (only available in MiniDesktop-Mode) is currently undocumented. Supports multiple URLs separated with pipes. - fixed * Maybe we should add symlinks to the mount points created by the automounter: Currently, we create ''/media/vendor_model_name/sdxn'' as a mount point. The idea is to allow the user to find their portable device using the vendor/model name description. However, this is unusable for scripting, as the ''//x//'' in ''sdxn'' may change any time. We should replace ''//sdx//'' with ''//partition//'' (or have corresponding symlinks created), but what should we do for //superfloppies// that only have ''sdx'' with no partition number? We could mount them as ''/media/vendor_model_name/partition/'' or directly at ''/media/vendor_model_name/''. Also, symlinks using labels and uuids, similar to ''/dev/by-*'' would be handy for scripting. Another problem: when replacing ''sdx'', what will happen when a user inserts two media with the same vendor/model name at the same time? Blindly replacing the string would make one of them inaccessible due to overwriting the symlink(s). We'd have to start checking active mounts and enumerate them like ''/media/vendor_model_name/1/partitionn'' or ''/media/vendor_model_name-1/partitionn''. - fixed. When a label is detected, a symlink is now created under ''/media/vendor_model_name/label'' that points to ''/media/vendor_model_name/partitionn''. - + * ''nomagicpixel='' is unsupported in MiniDesktop-Mode and will be unsupported there forever, as it doesn't make sense for MiniDesktop-Mode (there is a task bar available, so a session that has been minimized accidentally can be re-selected by the users themselves). - unfixable. The live-config "builtin" command ''live-config.nottyautologin'' does not do the same as our ''nouser'' command. ''live-config.nottyautologin'' means "there's a login prompt, but you just need to enter username ''user'' and password ''live'' to login" - this is not what we want. We need a solution to entirely block user logons. -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/06 13:29 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 149.172.203.221 Hostname: HSI-KBW-149-172-203-221.hsi13.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1546780856 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of open ToDos/FIXMEs for this page] added further explanation on dynamic password files and security implications User: stefanbaur @@ -1146,9 +1146,9 @@ /devices/pci:00/:00:14.0/usb1/1-1/1-1:1.0/host2/target2:0:0/2:0:0:0/block/sdb cat /sys/devices/pci:00/:00:14.0/usb1/1-1/serial allows to determine the serial number of a USB device. Those SHOULD be unique, but sadly, they aren't (and sometimes, they are missing entirely). Therefore, a USB serial number can't be used for authentication, but it could be used for "weak" identification - so it could be used to set a default user name or a default session, or to download a particular sessions file. Authentification and "hard" identification could be implemented using OpenPGP cards, ''scdaemon'' and a script based on ''/usr/share/doc/scdaemon/examples/scd-event''. For Status ''NOCARD'', suspend the session (kill x2goclient or send a signal that means "suspend", if available, or maybe sighup nxproxy), for status ''USABLE'', run ''gpg --card-status 2>&1 | awk '$1=="Serial" && $2=="number" {print $4}''' to determine the card's serial number, then act based on that (pull new sessions file or set default user, for example, and restart x2goclient). - FIXME Automount script currently expects a LUKS password in ''/etc/keys/keystick.key'' when it believes it has found an encrypted partition on USB media. This is a problem in general, as it should be trivial to sniff out this password using a rogue client. If we want to support this feature, though, we should add code to the build script that lets the user place a password file in the image, and sets proper restrictive permissions (this would have to happen right before the ''lb build'' call). Adding a boot parameter instead of hardcoding it would allow for dynamic password files, but on the other hand, would make it even easier to sniff out the password. It would only really make sense for Netboot installations, and also not for a MiniDesktop in any way, because you have to block the user from accessing the TCE's local environment/files. + FIXME Automount script currently expects a LUKS password in ''/etc/keys/keystick.key'' when it believes it has found an encrypted partition on USB media. This is a problem in general, as it should be trivial to sniff out this password using a rogue client. If we want to support this feature, though, we should add code to the build script that lets the user place a password file in the image, and sets proper restrictive permissions (this would have to happen right before the ''lb build'' call). Adding a boot parameter instead of hardcoding it would allow for dynamic password files (by specifying an URI that points to a CGI script, for example - you could output a different password depending on the source IP range, thus locking media to a particular department, if your departments have different IP ranges), but on the other hand, would make it even easier to sniff out the password. It would only really make sense for Netboot installations, and also not for a MiniDesktop in any way, because you have to block the user from accessing the TCE's local environment/files. And you also have to make sure that people cannot boot rogue clients. This means a DHCP setup that is locked to known MAC addresses, and physically blocking access to the ThinClient and its network wiring - because the MAC is displayed during boot, and thus trivial to clone. FIXME ''x2gocdmanager'' is currently not part of the image, but should become part of it. While optical media are on their way out, they still exist and thus we should support them. However, the script is hardcoded for X2Go-TCE-NFS and needs to be adapted to work with both TCEs. FIXME ''pinentry-x2go'' and ''x2gosmartcardrules'' probably need further investigation to make smartcard authentication work. -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/06 13:19 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 149.172.203.221 Hostname: HSI-KBW-149-172-203-221.hsi13.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1546780716 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of open ToDos/FIXMEs for this page] User: stefanbaur @@ -1166,9 +1166,9 @@ FIXME ''pinentry-x2go'' and ''x2gosmartcardrules'' probably need further investigation to make smartcard authentication work. FIXME Even though we set the hostname to ''localhost'' using the corresponding boot parameter, as recommended by Debian, changing the name via DHCP does not work for all image flavours. One way to fix this might be http://blog.schlomo.schapiro.org/2013/11/setting-hostname-from-dhcp-in-debian.html - FIXME At least when building a stretch TCE on a jessie system, you need to add kernel parameters ''net.ifnames=0 biosdevname=0'' to the image's kernel parameters, else you will receive error messages about the hostname script being unable to find eth0. This might not be necessary when building a stretch TCE on stretch. For a jessie TCE on jessie, it is not required. + FIXME When building a stretch TCE you need to add kernel parameters ''net.ifnames=0 biosdevname=0'' to the image's kernel parameters, else you will receive error messages about the hostname script being unable to find eth0. For a jessie TCE, it is not required. FIXME ''bg='', ''branding='', ''broker-url='', ''ldap='', ''ldap1='', ''ldap2='', ''session='', ''throttle='', are currently unsupported in MiniDesktop-Mode. This could be changed, given enough tuits. Probably the easiest way would be to outsource as many of them as possible into scripts under ''/etc/X11/Xsession.d/'' (currently, they reside in ''/lib/live/config/2900-x2go-thinclientconfig'' - which doesn't exist in the MiniDesktop branches - and from there, they get written to ''~/.xsession'' FIXME ''audioout='', ''blank='', ''*blankdpmsfix'', ''nodpms'', ''xinerama='', are currently unsupported in MiniDesktop-Mode, but this is being worked on, using the method described above. -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/06 13:18 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 149.172.203.221 Hostname: HSI-KBW-149-172-203-221.hsi13.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1546780696 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of closed ToDos/FIXMEs for this page] User: stefanbaur @@ -1185,11 +1185,10 @@ * ''copysecring'' currently does not work in MiniDesktop-Mode, as it copies the keys to the wrong user's homedir. - fixed in github repo, soon in x2go repo * copying ssh private keys seems to fail in MiniDesktop-Mode - possibly because of the priming/pruning/cleanup action performed on the homedirectory by the minidesktop init scripts? - should already be fixed in github repo, soon in x2go repo * Automount script expansion is in the works. Will fully support VFAT, NTFS, hfs, hpfs, will offer read-only support for ext* via fuseext2 (that way, file ownership/permissions are ignored). - fixed. * ''homepageurl='' (only available in MiniDesktop-Mode) is currently undocumented. Supports multiple URLs separated with pipes. - fixed - - * Maybe we should add symlinks to the mount points created by the automounter: Currently, we create ''/media/vendor_model_name/sdxn'' as a mount point. The idea is to allow the user to find their portable device using the vendor/model name description. However, this is unusable for scripting, as the ''//x//'' in ''sdxn'' may change any time. We should replace ''//sdx//'' with ''//partition//'' (or have corresponding symlinks created), but what should we do for //superfloppies// that only have ''sdx'' with no partition number? We could mount them as ''/media/vendor_model_name/partition/'' or directly at ''/media/vendor_model_name/''. Also, symlinks using labels and uuids, similar to ''/dev/by-*'' would be handy for scripting. Another problem: when replacing ''sdx'', what will happen when a user inserts two media with the same vendor/model name at the same time? Blindly replacing the string would make one of them inaccessible due to overwriting the symlink(s). We'd have to start checking active mounts and enumerate them like ''/media/vendor_model_name/1/partitionn'' or ''/media/vendor_model_name-1/partitionn''. - fixed. When a label is detected, a symlink is now created under ''/media/vendor_model_name/label'' that points to ''/media/vendor_model_name/partitionn''. + * Maybe we should add symlinks to the mount points created by the automounter: Currently, we create ''/media/vendor_model_name/sdxn'' as a mount point. The idea is to allow the user to find their portable device using the vendor/model name description. However, this is unusable for scripting, as the ''//x//'' in ''sdxn'' may change any time. We should replace ''//sdx//'' with ''//partition//'' (or have corresponding symlinks created), but what should we do for //superfloppies// that only have ''sdx'' with no partition number? We could mount them as ''/media/vendor_model_name/partition/'' or directly at ''/media/vendor_model_name/''. Also, symlinks using labels and uuids, similar to ''/dev/by-*'' would be handy for scripting. Another problem: when replacing ''sdx'', what will happen when a user inserts two media with the same vendor/model name at the same time? Blindly replacing the string would make one of them inaccessible due to overwriting the symlink(s). We'd have to start checking active mounts and enumerate them like ''/media/vendor_model_name/1/partitionn'' or ''/media/vendor_model_name-1/partitionn''. - fixed. When a label is detected, a symlink is now created under ''/media/vendor_model_name/label'' that points to ''/media/vendor_model_name/partitionn''. The live-config "builtin" command ''live-config.nottyautologin'' does not do the same as our ''nouser'' command. ''live-config.nottyautologin'' means "there's a login prompt, but you just need to enter username ''user'' and password ''live'' to login" - this is not what we want. We need a solution to entirely block user logons. -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/06 13:15 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 149.172.203.221 Hostname: HSI-KBW-149-172-203-221.hsi13.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1546780397 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of open ToDos/FIXMEs for this page] - merged two items regarding minidesktop and, from the remainder, created a new one that affects both TCE and MMD User: stefanbaur @@ -1170,15 +1170,16 @@ FIXME Even though we set the hostname to ''localhost'' using the corresponding boot parameter, as recommended by Debian, changing the name via DHCP does not work for all image flavours. One way to fix this might be http://blog.schlomo.schapiro.org/2013/11/setting-hostname-from-dhcp-in-debian.html FIXME At least when building a stretch TCE on a jessie system, you need to add kernel parameters ''net.ifnames=0 biosdevname=0'' to the image's kernel parameters, else you will receive error messages about the hostname script being unable to find eth0. This might not be necessary when building a stretch TCE on stretch. For a jessie TCE on jessie, it is not required. - FIXME ''broker-url='', ''ldap='', ''ldap1='', ''ldap2='', ''session='', ''throttle='', are currently unsupported in MiniDesktop-Mode. This could be changed, given enough tuits. Probably the easiest way would be to outsource as many of them as possible into scripts under ''/etc/X11/Xsession.d/'' (currently, they reside in ''/lib/live/config/2900-x2go-thinclientconfig'' - which doesn't exist in the MiniDesktop branches - and from there, they get written to ''~/.xsession'' + FIXME ''bg='', ''branding='', ''broker-url='', ''ldap='', ''ldap1='', ''ldap2='', ''session='', ''throttle='', are currently unsupported in MiniDesktop-Mode. This could be changed, given enough tuits. Probably the easiest way would be to outsource as many of them as possible into scripts under ''/etc/X11/Xsession.d/'' (currently, they reside in ''/lib/live/config/2900-x2go-thinclientconfig'' - which doesn't exist in the MiniDesktop branches - and from there, they get written to ''~/.xsession'' FIXME ''audioout='', ''blank='', ''*blankdpmsfix'', ''nodpms'', ''xinerama='', are currently unsupported in MiniDesktop-Mode, but this is being worked on, using the method described above. + + FIXME It would be nice to have a bootparameter for the desktop background/color - this is being worked on. FIXME ''nomagicpixel='' is currently unsupported in MiniDesktop-Mode and probably will be unsupported there forever, as it doesn't make sense for MiniDesktop-Mode. - FIXME ''bg='' and ''branding='' are currently unsupported in MiniDesktop-Mode. Adding support for these doesn't need many tuits. A third option for the desktop background could be added as well - possibly for regular TCE mode as well, overriding our default blue. = List of closed ToDos/FIXMEs for this page = * There might be a race condition between the scripts handling the sshd keyfile and the ssh private key file copy task (/config ...), causing one to umount the fixed disk before the other is done reading/copying. What's weird is that there already is code that is supposed to keep this from happening, but it doesn't. - fixed in github repo, soon in x2go repo -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/06 13:13 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 149.172.203.221 Hostname: HSI-KBW-149-172-203-221.hsi13.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1546780369 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of closed ToDos/FIXMEs for this page] User: stefanbaur @@ -1181,17 +1181,13 @@ = List of closed ToDos/FIXMEs for this page = * There might be a race condition between the scripts handling the sshd keyfile and the ssh private key file copy task (/config ...), causing one to umount the fixed disk before the other is done reading/copying. What's weird is that there already is code that is supposed to keep this from happening, but it doesn't. - fixed in github repo, soon in x2go repo - - * Setting the time via NTP will fail if the TC can't establish a connection to an NTP server via the internet. It would make sense to allow specifying an internal NTP server via a boot parameter. - fixed in github repo, soon in x2go repo - + * Setting the time via NTP will fail if the TC can't establish a connection to an NTP server via the internet. It would make sense to allow specifying an internal NTP server via a boot parameter. - fixed in github repo, soon in x2go repo * ''copysecring'' currently does not work in MiniDesktop-Mode, as it copies the keys to the wrong user's homedir. - fixed in github repo, soon in x2go repo - * copying ssh private keys seems to fail in MiniDesktop-Mode - possibly because of the priming/pruning/cleanup action performed on the homedirectory by the minidesktop init scripts? - should already be fixed in github repo, soon in x2go repo - * Automount script expansion is in the works. Will fully support VFAT, NTFS, hfs, hpfs, will offer read-only support for ext* via fuseext2 (that way, file ownership/permissions are ignored). - fixed. * ''homepageurl='' (only available in MiniDesktop-Mode) is currently undocumented. Supports multiple URLs separated with pipes. - fixed The live-config "builtin" command ''live-config.nottyautologin'' does not do the same as our ''nouser'' command. ''live-config.nottyautologin'' means "there's a login prompt, but you just need to enter username ''user'' and password ''live'' to login" - this is not what we want. We need a solution to entirely block user logons. -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/06 13:12 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 149.172.203.221 Hostname: HSI-KBW-149-172-203-221.hsi13.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1546780249 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of open ToDos/FIXMEs for this page] -> moved fixed fixmes to [List of closed ToDos/FIXMEs for this page] User: stefanbaur @@ -1178,18 +1178,20 @@ FIXME ''nomagicpixel='' is currently unsupported in MiniDesktop-Mode and probably will be unsupported there forever, as it doesn't make sense for MiniDesktop-Mode. FIXME ''bg='' and ''branding='' are currently unsupported in MiniDesktop-Mode. Adding support for these doesn't need many tuits. A third option for the desktop background could be added as well - possibly for regular TCE mode as well, overriding our default blue. - FIXME There might be a race condition between the scripts handling the sshd keyfile and the ssh private key file copy task (/config ...), causing one to umount the fixed disk before the other is done reading/copying. What's weird is that there already is code that is supposed to keep this from happening, but it doesn't. fixed in github repo, soon in x2go repo + = List of closed ToDos/FIXMEs for this page = - FIXME Setting the time via NTP will fail if the TC can't establish a connection to an NTP server via the internet. It would make sense to allow specifying an internal NTP server via a boot parameter. fixed in github repo, soon in x2go repo + * There might be a race condition between the scripts handling the sshd keyfile and the ssh private key file copy task (/config ...), causing one to umount the fixed disk before the other is done reading/copying. What's weird is that there already is code that is supposed to keep this from happening, but it doesn't. - fixed in github repo, soon in x2go repo - FIXME ''copysecring'' currently does not work in MiniDesktop-Mode, as it copies the keys to the wrong user's homedir. fixed in github repo, soon in x2go repo + * Setting the time via NTP will fail if the TC can't establish a connection to an NTP server via the internet. It would make sense to allow specifying an internal NTP server via a boot parameter. - fixed in github repo, soon in x2go repo - FIXME copying ssh private keys seems to fail in MiniDesktop-Mode - possibly because of the priming/pruning/cleanup action performed on the homedirectory by the minidesktop init scripts? should already be fixed in github repo, soon in x2go repo + * ''copysecring'' currently does not work in MiniDesktop-Mode, as it copies the keys to the wrong user's homedir. - fixed in github repo, soon in x2go repo - FIXME Automount script expansion is in the works. Will fully support VFAT, NTFS, hfs, hpfs, will offer read-only support for ext* via fuseext2 (that way, file ownership/permissions are ignored). fixed. - FIXME ''homepageurl='' (only available in MiniDesktop-Mode) is currently undocumented. Supports multiple URLs separated with pipes. + * copying ssh private keys seems to fail in MiniDesktop-Mode - possibly because of the priming/pruning/cleanup action performed on the homedirectory by the minidesktop init scripts? - should already be fixed in github repo, soon in x2go repo + + * Automount script expansion is in the works. Will fully support VFAT, NTFS, hfs, hpfs, will offer read-only support for ext* via fuseext2 (that way, file ownership/permissions are ignored). - fixed. + * ''homepageurl='' (only available in MiniDesktop-Mode) is currently undocumented. Supports multiple URLs separated with pipes. - fixed The live-config "builtin" command ''live-config.nottyautologin'' does not do the same as our ''nouser'' command. ''live-config.nottyautologin'' means "there's a login prompt, but you just need to enter username ''user'' and password ''live'' to login" - this is not what we want. We need a solution to entirely block user logons. -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/06 13:10 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 149.172.203.221 Hostname: HSI-KBW-149-172-203-221.hsi13.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1546780152 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of open ToDos/FIXMEs for this page] moved fixed issue to bottom of page User: stefanbaur @@ -1157,10 +1157,8 @@ FIXME Parsing the output of e.g. udevadm info --query path /dev/sdb /devices/pci:00/:00:14.0/usb1/1-1/1-1:1.0/host2/target2:0:0/2:0:0:0/block/sdb cat /sys/devices/pci:00/:00:14.0/usb1/1-1/serial allows to determine the serial number of a USB device. Those SHOULD be unique, but sadly, they aren't (and sometimes, they are missing entirely). Therefore, a USB serial number can't be used for authentication, but it could be used for "weak" identification - so it could be used to set a default user name or a default session, or to download a particular sessions file. Authentification and "hard" identification could be implemented using OpenPGP cards, ''scdaemon'' and a script based on ''/usr/share/doc/scdaemon/examples/scd-event''. For Status ''NOCARD'', suspend the session (kill x2goclient or send a signal that means "suspend", if available, or maybe sighup nxproxy), for status ''USABLE'', run ''gpg --card-status 2>&1 | awk '$1=="Serial" && $2=="number" {print $4}''' to determine the card's serial number, then act based on that (pull new sessions file or set default user, for example, and restart x2goclient). - - FIXME Automount script expansion is in the works. Will fully support VFAT, NTFS, hfs, hpfs, will offer read-only support for ext* via fuseext2 (that way, file ownership/permissions are ignored). fixed. FIXME Maybe we should add symlinks to the mount points created by the automounter: Currently, we create ''/media/vendor_model_name/sdxn'' as a mount point. The idea is to allow the user to find their portable device using the vendor/model name description. However, this is unusable for scripting, as the ''//x//'' in ''sdxn'' may change any time. We should replace ''//sdx//'' with ''//partition//'' (or have corresponding symlinks created), but what should we do for //superfloppies// that only have ''sdx'' with no partition number? We could mount them as ''/media/vendor_model_name/partition/'' or directly at ''/media/vendor_model_name/''. Also, symlinks using labels and uuids, similar to ''/dev/by-*'' would be handy for scripting. Another problem: when replacing ''sdx'', what will happen when a user inserts two media with the same vendor/model name at the same time? Blindly replacing the string would make one of them inaccessible due to overwriting the symlink(s). We'd have to start checking active mounts and enumerate them like ''/media/vendor_model_name/1/partitionn'' or ''/media/vendor_model_name-1/partitionn'' Fixed. When a label is detected, a symlink is now created under ''/media/vendor_model_name/label'' that points to ''/media/vendor_model_name/partitionn''. FIXME Automount script currently expects a LUKS password in ''/etc/keys/keystick.key'' when it believes it has found an encrypted partition on USB media. This is a problem in general, as it should be trivial to sniff out this password using a rogue client. If we want to support this feature, though, we should add code to the build script that lets the user place a password file in the image, and sets proper restrictive permissions (this would have to happen right before the ''lb build'' call). Adding a boot parameter instead of hardcoding it would allow for dynamic password files, but on the other hand, would make it even easier to sniff out the password. It would only really make sense for Netboot installations, and also not for a MiniDesktop in any way, because you have to block the user from accessing the TCE's local environment/files. @@ -1188,9 +1186,10 @@ FIXME ''copysecring'' currently does not work in MiniDesktop-Mode, as it copies the keys to the wrong user's homedir. fixed in github repo, soon in x2go repo FIXME copying ssh private keys seems to fail in MiniDesktop-Mode - possibly because of the priming/pruning/cleanup action performed on the homedirectory by the minidesktop init scripts? should already be fixed in github repo, soon in x2go repo + FIXME Automount script expansion is in the works. Will fully support VFAT, NTFS, hfs, hpfs, will offer read-only support for ext* via fuseext2 (that way, file ownership/permissions are ignored). fixed. FIXME ''homepageurl='' (only available in MiniDesktop-Mode) is currently undocumented. Supports multiple URLs separated with pipes. The live-config "builtin" command ''live-config.nottyautologin'' does not do the same as our ''nouser'' command.
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/06 13:09 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 149.172.203.221 Hostname: HSI-KBW-149-172-203-221.hsi13.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1546779857 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of open ToDos/FIXMEs for this page] moved fixed issues to bottom of page User: stefanbaur @@ -1150,9 +1150,8 @@ * To specify a keyfile, either: * use ''~/.ssh/keyfilename'' as path and use ''copysecring'', or * do not use ''copysecring'' and use ''/media/vendor_model_name/sdxn/path/to/keyfile'' (or ''/media/vendor_model_name/partlabel/path/to/keyfile'', if you assigned a partition label - which is recommended for this use case) as keyfile path/name - FIXME copying ssh private keys seems to fail in MiniDesktop-Mode - possibly because of the priming/pruning/cleanup action performed on the homedirectory by the minidesktop init scripts? should already be fixed in github repo, soon in x2go repo FIXME ''2200-xserver-xorg-getxorgconf'' should be taught to understand ''file://'' URLs. FIXME Parsing the output of e.g. udevadm info --query path /dev/sdb @@ -1172,24 +1171,26 @@ FIXME Even though we set the hostname to ''localhost'' using the corresponding boot parameter, as recommended by Debian, changing the name via DHCP does not work for all image flavours. One way to fix this might be http://blog.schlomo.schapiro.org/2013/11/setting-hostname-from-dhcp-in-debian.html FIXME At least when building a stretch TCE on a jessie system, you need to add kernel parameters ''net.ifnames=0 biosdevname=0'' to the image's kernel parameters, else you will receive error messages about the hostname script being unable to find eth0. This might not be necessary when building a stretch TCE on stretch. For a jessie TCE on jessie, it is not required. - - FIXME There might be a race condition between the scripts handling the sshd keyfile and the ssh private key file copy task (/config ...), causing one to umount the fixed disk before the other is done reading/copying. What's weird is that there already is code that is supposed to keep this from happening, but it doesn't. fixed in github repo, soon in x2go repo - - FIXME Setting the time via NTP will fail if the TC can't establish a connection to an NTP server via the internet. It would make sense to allow specifying an internal NTP server via a boot parameter. fixed in github repo, soon in x2go repo - - FIXME ''copysecring'' currently does not work in MiniDesktop-Mode, as it copies the keys to the wrong user's homedir. fixed in github repo, soon in x2go repo FIXME ''broker-url='', ''ldap='', ''ldap1='', ''ldap2='', ''session='', ''throttle='', are currently unsupported in MiniDesktop-Mode. This could be changed, given enough tuits. Probably the easiest way would be to outsource as many of them as possible into scripts under ''/etc/X11/Xsession.d/'' (currently, they reside in ''/lib/live/config/2900-x2go-thinclientconfig'' - which doesn't exist in the MiniDesktop branches - and from there, they get written to ''~/.xsession'' FIXME ''audioout='', ''blank='', ''*blankdpmsfix'', ''nodpms'', ''xinerama='', are currently unsupported in MiniDesktop-Mode, but this is being worked on, using the method described above. FIXME ''nomagicpixel='' is currently unsupported in MiniDesktop-Mode and probably will be unsupported there forever, as it doesn't make sense for MiniDesktop-Mode. FIXME ''bg='' and ''branding='' are currently unsupported in MiniDesktop-Mode. Adding support for these doesn't need many tuits. A third option for the desktop background could be added as well - possibly for regular TCE mode as well, overriding our default blue. + + FIXME There might be a race condition between the scripts handling the sshd keyfile and the ssh private key file copy task (/config ...), causing one to umount the fixed disk before the other is done reading/copying. What's weird is that there already is code that is supposed to keep this from happening, but it doesn't. fixed in github repo, soon in x2go repo + + FIXME Setting the time via NTP will fail if the TC can't establish a connection to an NTP server via the internet. It would make sense to allow specifying an internal NTP server via a boot parameter. fixed in github repo, soon in x2go repo + + FIXME ''copysecring'' currently does not work in MiniDesktop-Mode, as it copies the keys to the wrong user's homedir. fixed in github repo, soon in x2go repo + + FIXME copying ssh private keys seems to fail in MiniDesktop-Mode - possibly because of the priming/pruning/cleanup action performed on the homedirectory by the minidesktop init scripts? should already be fixed in github repo, soon in x2go repo FIXME
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2019/01/06 13:01 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 149.172.203.221 Hostname: HSI-KBW-149-172-203-221.hsi13.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1544927319 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of open ToDos/FIXMEs for this page] added some more thoughts on how to handle encrypted portable media User: stefanbaur @@ -1163,9 +1163,9 @@ FIXME Automount script expansion is in the works. Will fully support VFAT, NTFS, hfs, hpfs, will offer read-only support for ext* via fuseext2 (that way, file ownership/permissions are ignored). fixed. FIXME Maybe we should add symlinks to the mount points created by the automounter: Currently, we create ''/media/vendor_model_name/sdxn'' as a mount point. The idea is to allow the user to find their portable device using the vendor/model name description. However, this is unusable for scripting, as the ''//x//'' in ''sdxn'' may change any time. We should replace ''//sdx//'' with ''//partition//'' (or have corresponding symlinks created), but what should we do for //superfloppies// that only have ''sdx'' with no partition number? We could mount them as ''/media/vendor_model_name/partition/'' or directly at ''/media/vendor_model_name/''. Also, symlinks using labels and uuids, similar to ''/dev/by-*'' would be handy for scripting. Another problem: when replacing ''sdx'', what will happen when a user inserts two media with the same vendor/model name at the same time? Blindly replacing the string would make one of them inaccessible due to overwriting the symlink(s). We'd have to start checking active mounts and enumerate them like ''/media/vendor_model_name/1/partitionn'' or ''/media/vendor_model_name-1/partitionn'' Fixed. When a label is detected, a symlink is now created under ''/media/vendor_model_name/label'' that points to ''/media/vendor_model_name/partitionn''. - FIXME Automount script currently expects a LUKS password in ''/etc/keys/keystick.key'' when it believes it has found an encrypted partition on USB media. This is a problem in general, as it should be trivial to sniff out this password using a rogue client. If we want to support this feature, though, we should add code to the build script that lets the user place a password file in the image, and sets proper restrictive permissions. Adding a boot parameter instead of hardcoding it would allow for dynamic password files, but on the other hand, would make it even easier to sniff out the password. + FIXME Automount script currently expects a LUKS password in ''/etc/keys/keystick.key'' when it believes it has found an encrypted partition on USB media. This is a problem in general, as it should be trivial to sniff out this password using a rogue client. If we want to support this feature, though, we should add code to the build script that lets the user place a password file in the image, and sets proper restrictive permissions (this would have to happen right before the ''lb build'' call). Adding a boot parameter instead of hardcoding it would allow for dynamic password files, but on the other hand, would make it even easier to sniff out the password. It would only really make sense for Netboot installations, and also not for a MiniDesktop in any way, because you have to block the user from accessing the TCE's local environment/files. FIXME ''x2gocdmanager'' is currently not part of the image, but should become part of it. While optical media are on their way out, they still exist and thus we should support them. However, the script is hardcoded for X2Go-TCE-NFS and needs to be adapted to work with both TCEs. FIXME ''pinentry-x2go'' and ''x2gosmartcardrules'' probably need further investigation to make smartcard authentication work. -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2018/12/16 02:28 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 149.172.203.221 Hostname: HSI-KBW-149-172-203-221.hsi13.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1544927147 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of open ToDos/FIXMEs for this page] updated info regarding network interface names User: stefanbaur @@ -1171,9 +1171,9 @@ FIXME ''pinentry-x2go'' and ''x2gosmartcardrules'' probably need further investigation to make smartcard authentication work. FIXME Even though we set the hostname to ''localhost'' using the corresponding boot parameter, as recommended by Debian, changing the name via DHCP does not work for all image flavours. One way to fix this might be http://blog.schlomo.schapiro.org/2013/11/setting-hostname-from-dhcp-in-debian.html - FIXME At least when building a stretch TCE on a jessie system, you need to add kernel parameters ''net.ifnames=0 biosdevname=0'' to the image's kernel parameters, else you will receive error messages about the hostname script being unable to find eth0. This might not be necessary when building a stretch TCE on stretch. For a jessie TCE on jessie, it is not required. + FIXME At least when building a stretch TCE on a jessie system, you need to add kernel parameters ''net.ifnames=0 biosdevname=0'' to the image's kernel parameters, else you will receive error messages about the hostname script being unable to find eth0. This might not be necessary when building a stretch TCE on stretch. For a jessie TCE on jessie, it is not required. FIXME There might be a race condition between the scripts handling the sshd keyfile and the ssh private key file copy task (/config ...), causing one to umount the fixed disk before the other is done reading/copying. What's weird is that there already is code that is supposed to keep this from happening, but it doesn't. fixed in github repo, soon in x2go repo FIXME Setting the time via NTP will fail if the TC can't establish a connection to an NTP server via the internet. It would make sense to allow specifying an internal NTP server via a boot parameter. fixed in github repo, soon in x2go repo -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2018/12/16 02:25 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 149.172.203.221 Hostname: HSI-KBW-149-172-203-221.hsi13.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1543958019 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of open ToDos/FIXMEs for this page] fixed MMD copysecring issue User: stefanbaur @@ -1150,9 +1150,9 @@ * To specify a keyfile, either: * use ''~/.ssh/keyfilename'' as path and use ''copysecring'', or * do not use ''copysecring'' and use ''/media/vendor_model_name/sdxn/path/to/keyfile'' (or ''/media/vendor_model_name/partlabel/path/to/keyfile'', if you assigned a partition label - which is recommended for this use case) as keyfile path/name - FIXME copying ssh private keys seems to fail in MiniDesktop-Mode - possibly because of the priming/pruning/cleanup action performed on the homedirectory by the minidesktop init scripts? + FIXME copying ssh private keys seems to fail in MiniDesktop-Mode - possibly because of the priming/pruning/cleanup action performed on the homedirectory by the minidesktop init scripts? should already be fixed in github repo, soon in x2go repo FIXME ''2200-xserver-xorg-getxorgconf'' should be taught to understand ''file://'' URLs. FIXME Parsing the output of e.g. udevadm info --query path /dev/sdb -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2018/12/04 21:13 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.4 IP-Address : 149.172.203.221 Hostname: HSI-KBW-149-172-203-221.hsi13.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1525082590 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of open ToDos/FIXMEs for this page] - tested nottyautologon User: stefanbaur @@ -1129,10 +1129,8 @@ * /usr/share/x2go-tcebuilder/template-scripts (scripts we ship, with a big fat header that they should not be changed, but copied) * store the results somewhere under /var/lib/x2go-tcebuilder/ or whatever the proper place according to FHS and Debian would be * turning it into a package would mean we could add dependencies as well, so the manual apt-get install would not be neccessary * additional scripts could be added that work "automagically" if there's no PXE/TFTP/HTTP/FTP server yet - maybe in a separate package x2go-tce-setup-aids.deb which then has dependencies on atftpd and apache|lighttpd, ... - - FIXME To be checked: Does the live-config "builtin" command ''live-config.nottyautologin'' do the same as our ''nouser'' command? If yes, ''nouser'' could be removed. Note that ''live-config.nottyautologin'' **might** mean "there's a login prompt, but you just need to enter username ''user'' and password ''live'' to login" - this is not what we want. We need a solution to entirely block user logons. FIXME autodetection for SSH Private Keys might need some more bells and whistles. For USB media, this may require adding an automounter. * how about a script that patches the sessions file to enable autologin for all sessions when keys have been found? @@ -1188,4 +1186,8 @@ FIXME ''bg='' and ''branding='' are currently unsupported in MiniDesktop-Mode. Adding support for these doesn't need many tuits. A third option for the desktop background could be added as well - possibly for regular TCE mode as well, overriding our default blue. FIXME ''homepageurl='' (only available in MiniDesktop-Mode) is currently undocumented. Supports multiple URLs separated with pipes. + + The live-config "builtin" command ''live-config.nottyautologin'' does not do the same as our ''nouser'' command. ''live-config.nottyautologin'' means "there's a login prompt, but you just need to enter username ''user'' and password ''live'' to login" - this is not what we want. We need a solution to entirely block user logons. + + -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2018/04/30 10:03 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.0 IP-Address : 149.172.203.221 Hostname: HSI-KBW-149-172-203-221.hsi13.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1518447511 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: User: stefanbaur @@ -880,9 +880,9 @@ * ''bg=https|http|ftp://your-http-server-ip-or-dns-here/x2go-tce/x2go-tce-bg.svg'' - use this to specify an SVG file to "brand" your X2Go-TCE with. It will replace the blue background theme of the login screen. See below for how to add this file to your HTTP, HTTPS, or FTP server. **Attention: Whoever manages to spoof the server name can inject rogue images into your ThinClients.** To mitigate this risk, use HTTPS, where the attacker would have to spoof both server name and matching certificate. * ''blank=n|n:n:n'' - Will disable (''blank=0'') or set screensaver timeout. Use ''blank=n:n:n'' to set DPMS Standby/Suspend/Off values. Standby value equals screensaver timeout value. All values are given in seconds. * ''blankdpmsfix'' - This forces the TFT do black for a few seconds during the X startup phase, then forces it back on again. This fixes an occasional "black screen" issue that occurs with some flaky client/TFT hardware combinations when using DisplayPort connectors, and could otherwise only be remediated by manually turning the TFT off and back on again. (feature available via github repo, soon via x2go repo too) * ''branding=https|http|ftp://your-http-server-ip-or-dns-here/x2go-tce/x2go-tce-branding.svg'' - use this to specify an SVG file to "brand" your X2Go-TCE with. It will replace the seal icon in the lower left of the login screen. See below for how to add this file to your HTTP, HTTPS, or FTP server. **Attention: Whoever manages to spoof the server name can inject rogue images into your ThinClients.** To mitigate this risk, use HTTPS, where the attacker would have to spoof both server name and matching certificate. - * ''copysecring'' - this will scan for USB media and fixed disk media (with USB media taking precedence) at boot for one or more of the following directories: ''config/ssh'', 'ssh', ''.ssh''. The volume must be labeled ''X2GO-TCE-LIVE'' or ''PORTABLEAPP'' and may use any supported file system. Any SSH Secret Keys found there will be copied into ''/home/user/.ssh'' (in the ramdisk), with proper permissions and ownerships for the default user account. This may come in handy when you are using SSH Secret Keys on USB media, but need to log in and out of sessions often, and don't want to leave the USB media plugged in all the time/don't want to have to re-insert it before each session startup. **Attention: This poses a security risk when other people are using your ThinClient afterwards (as they will have access to your keys).** To mitigate this risk,be sure to power-cycle the ThinClient once you are done. You //should// specify this parameter when booting X2Go-TCE-Live from portable media when you want to use SSH Secret Keys, to make sure your secret key on the VAT/NTFS partition is available. But as stated above, be sure to power-cycle the machine once you're done. + * ''copysecring'' - this will scan for USB media and fixed disk media (with USB media taking precedence) at boot for one or more of the following directories: ''config/ssh'', 'ssh', ''.ssh''. The volume must be labeled ''X2GO-TCE-LIVE'' or ''PORTABLEAPP'' and may use any supported file system. Any SSH Secret Keys found there will be copied into ''/home/user/.ssh'' (in the ramdisk), with proper permissions and ownerships for the default user account. This may come in handy when you are using SSH Secret Keys on USB media, but need to log in and out of sessions often, and don't want to leave the USB media plugged in all the time/don't want to have to re-insert it before each session startup. **Attention: This poses a security risk when other people are using your ThinClient afterwards (as they will have access to your keys).** To mitigate this risk,be sure to power-cycle the ThinClient once you are done. You //should// specify this parameter when booting X2Go-TCE-Live from portable media when you want to use SSH Secret Keys, to make sure your secret key on the FAT/NTFS partition is available. But as stated above, be sure to power-cycle the machine once you're done. * ''earlyblankdpmsfix'' - This forces the TFT do black for a few seconds during the initial boot phase (right after the squashfs was downloaded), then forces it back on again. This fixes an occasional "black screen" issue that occurs with some flaky client/TFT hardware combinations when using DisplayPort connectors, and could otherwise only be remediated by manually turning the TFT off and
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2018/02/12 14:58 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.7.2 IP-Address : 134.3.37.90 Hostname: HSI-KBW-134-3-37-90.hsi14.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1518447424 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of open ToDos/FIXMEs for this page] User: stefanbaur @@ -1150,9 +1150,9 @@ * Situation: We have a working automounter, and ''copysecring'' will copy all keys found to the live-user's homedir under .ssh: * If a session is set to "Try auto login (via SSH Agent or default SSH key)" and NO keyfile is set, then X2GoClient will try **all** secret keys in .ssh. Showing a password prompt if a key is password-protected is handled by X2GoClient, so needs no extra work. * To specify a keyfile, either: * use ''~/.ssh/keyfilename'' as path and use ''copysecring'', or - * do not use ''copysecring'' and use ''/media/vendor_model_name/sdxn/path/to/keyfile'' as keyfile path/name + * do not use ''copysecring'' and use ''/media/vendor_model_name/sdxn/path/to/keyfile'' (or ''/media/vendor_model_name/partlabel/path/to/keyfile'', if you assigned a partition label - which is recommended for this use case) as keyfile path/name FIXME copying ssh private keys seems to fail in MiniDesktop-Mode - possibly because of the priming/pruning/cleanup action performed on the homedirectory by the minidesktop init scripts? FIXME ''2200-xserver-xorg-getxorgconf'' should be taught to understand ''file://'' URLs. -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2018/02/12 14:57 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.7.2 IP-Address : 134.3.37.90 Hostname: HSI-KBW-134-3-37-90.hsi14.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1518447267 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of open ToDos/FIXMEs for this page] - closed homepageurl fixme, fixed some minor style issues User: stefanbaur @@ -1154,9 +1154,9 @@ * do not use ''copysecring'' and use ''/media/vendor_model_name/sdxn/path/to/keyfile'' as keyfile path/name FIXME copying ssh private keys seems to fail in MiniDesktop-Mode - possibly because of the priming/pruning/cleanup action performed on the homedirectory by the minidesktop init scripts? - FIXME 2200-xserver-xorg-getxorgconf should be taught to understand file:// URLs. + FIXME ''2200-xserver-xorg-getxorgconf'' should be taught to understand ''file://'' URLs. FIXME Parsing the output of e.g. udevadm info --query path /dev/sdb /devices/pci:00/:00:14.0/usb1/1-1/1-1:1.0/host2/target2:0:0/2:0:0:0/block/sdb cat /sys/devices/pci:00/:00:14.0/usb1/1-1/serial allows to determine the serial number of a USB device. Those SHOULD be unique, but sadly, they aren't (and sometimes, they are missing entirely). Therefore, a USB serial number can't be used for authentication, but it could be used for "weak" identification - so it could be used to set a default user name or a default session, or to download a particular sessions file. @@ -1171,21 +1171,21 @@ FIXME ''x2gocdmanager'' is currently not part of the image, but should become part of it. While optical media are on their way out, they still exist and thus we should support them. However, the script is hardcoded for X2Go-TCE-NFS and needs to be adapted to work with both TCEs. FIXME ''pinentry-x2go'' and ''x2gosmartcardrules'' probably need further investigation to make smartcard authentication work. - FIXME Even though we set the hostname to localhost using the corresponding boot parameter, as recommended by Debian, changing the name via DHCP does not work for all image flavours. One way to fix this might be http://blog.schlomo.schapiro.org/2013/11/setting-hostname-from-dhcp-in-debian.html + FIXME Even though we set the hostname to ''localhost'' using the corresponding boot parameter, as recommended by Debian, changing the name via DHCP does not work for all image flavours. One way to fix this might be http://blog.schlomo.schapiro.org/2013/11/setting-hostname-from-dhcp-in-debian.html FIXME At least when building a stretch TCE on a jessie system, you need to add kernel parameters ''net.ifnames=0 biosdevname=0'' to the image's kernel parameters, else you will receive error messages about the hostname script being unable to find eth0. This might not be necessary when building a stretch TCE on stretch. For a jessie TCE on jessie, it is not required. FIXME There might be a race condition between the scripts handling the sshd keyfile and the ssh private key file copy task (/config ...), causing one to umount the fixed disk before the other is done reading/copying. What's weird is that there already is code that is supposed to keep this from happening, but it doesn't. fixed in github repo, soon in x2go repo FIXME Setting the time via NTP will fail if the TC can't establish a connection to an NTP server via the internet. It would make sense to allow specifying an internal NTP server via a boot parameter. fixed in github repo, soon in x2go repo - FIXME copysecring currently does not work in MiniDesktop-Mode, as it copies the keys to the wrong user's homedir. fixed in github repo, soon in x2go repo + FIXME ''copysecring'' currently does not work in MiniDesktop-Mode, as it copies the keys to the wrong user's homedir. fixed in github repo, soon in x2go repo FIXME ''audioout='', ''blank='', ''blankdpmsfix'', ''broker-url='', ''ldap='', ''ldap1='', ''ldap2='', ''nodpms'', ''session='', ''throttle='', ''xinerama='', are currently unsupported in MiniDesktop-Mode. This could be changed, given enough tuits. Probably the easiest way would be to outsource as many of them as possible into scripts under ''/etc/X11/Xsession.d/'' (currently, they reside in ''/lib/live/config/2900-x2go-thinclientconfig'' - which doesn't exist in the MiniDesktop branches - and from there, they get written to ''~/.xsession'' - FIXME nomagicpixel= is currently unsupported in MiniDesktop-Mode and probably will be unsupported there forever, as it doesn't make sense for MiniDesktop-Mode. + FIXME ''nomagicpixel='' is currently unsupported in MiniDesktop-Mode and probably will be unsupported there forever, as it doesn't make sense for MiniDesktop-Mode. - FIXME bg= and branding= are currently unsupported in MiniDesktop-Mode. Adding support for
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2018/02/12 14:54 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.7.2 IP-Address : 134.3.37.90 Hostname: HSI-KBW-134-3-37-90.hsi14.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1518446908 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [What options are available under FURTHER-OPTIONS-GO-HERE?] - added homepageurl description User: stefanbaur @@ -882,8 +882,9 @@ * ''blankdpmsfix'' - This forces the TFT do black for a few seconds during the X startup phase, then forces it back on again. This fixes an occasional "black screen" issue that occurs with some flaky client/TFT hardware combinations when using DisplayPort connectors, and could otherwise only be remediated by manually turning the TFT off and back on again. (feature available via github repo, soon via x2go repo too) * ''branding=https|http|ftp://your-http-server-ip-or-dns-here/x2go-tce/x2go-tce-branding.svg'' - use this to specify an SVG file to "brand" your X2Go-TCE with. It will replace the seal icon in the lower left of the login screen. See below for how to add this file to your HTTP, HTTPS, or FTP server. **Attention: Whoever manages to spoof the server name can inject rogue images into your ThinClients.** To mitigate this risk, use HTTPS, where the attacker would have to spoof both server name and matching certificate. * ''copysecring'' - this will scan for USB media and fixed disk media (with USB media taking precedence) at boot for one or more of the following directories: ''config/ssh'', 'ssh', ''.ssh''. The volume must be labeled ''X2GO-TCE-LIVE'' or ''PORTABLEAPP'' and may use any supported file system. Any SSH Secret Keys found there will be copied into ''/home/user/.ssh'' (in the ramdisk), with proper permissions and ownerships for the default user account. This may come in handy when you are using SSH Secret Keys on USB media, but need to log in and out of sessions often, and don't want to leave the USB media plugged in all the time/don't want to have to re-insert it before each session startup. **Attention: This poses a security risk when other people are using your ThinClient afterwards (as they will have access to your keys).** To mitigate this risk,be sure to power-cycle the ThinClient once you are done. You //should// specify this parameter when booting X2Go-TCE-Live from portable media when you want to use SSH Secret Keys, to make sure your secret key on the VAT/NTFS partition is available. But as stated above, be sure to power-cycle the machine once you're done. * ''earlyblankdpmsfix'' - This forces the TFT do black for a few seconds during the initial boot phase (right after the squashfs was downloaded), then forces it back on again. This fixes an occasional "black screen" issue that occurs with some flaky client/TFT hardware combinations when using DisplayPort connectors, and could otherwise only be remediated by manually turning the TFT off and back on again. (feature available via github repo, soon via x2go repo too) + * ''homepageurl="URL1[|URL2|URLn]"'' - this is only available in MiniDesktop mode. It allows you to specify one or more web pages that show up on Browser start/when clicking the "Home" icon. URLs need to be separated with a ''|'', and the set of URLs needs to be enclosed in double quotes. Do //not// enclose each URL in double quotes separately! Correct example: ''homepageurl="https://www.google.de|https://wiki.x2go.org;'' * ''ldap=ldap.example.com:389:cn=cngoeshere,dc=example,dc=com'' - this allows you to specify an LDAP server to connect to - note that this is not needed for LDAP-based authentication, only when you intend to store entire session profiles in LDAP. You should really consider using the X2Go Session Broker instead. * ''ldap1=ldap-backupserver-1.example.com:389'' - this allows you to specify the first of up to two LDAP backup servers when using LDAP authentication * ''ldap2=ldap-backupserver-2.example.com:389'' - this allows you to specify the second of up to two LDAP backup servers when using LDAP authentication * ''nodpms'' - Will not touch DPMS settings at all (by default, ''blank=0'' does both ''xset s off'' and ''xset -dpms''). Use this along with ''blank=n'' if you do want to blank the screen, but your screen is confused by DPMS settings. -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2018/02/12 14:48 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.7.2 IP-Address : 134.3.37.90 Hostname: HSI-KBW-134-3-37-90.hsi14.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1518446717 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of open ToDos/FIXMEs for this page] explained how parameters currently unsupported in MiniDesktop mode could be made to work User: stefanbaur @@ -1180,11 +1180,11 @@ FIXME Setting the time via NTP will fail if the TC can't establish a connection to an NTP server via the internet. It would make sense to allow specifying an internal NTP server via a boot parameter. fixed in github repo, soon in x2go repo FIXME copysecring currently does not work in MiniDesktop-Mode, as it copies the keys to the wrong user's homedir. fixed in github repo, soon in x2go repo - FIXME ''audioout='', ''blank='', ''blankdpmsfix'', ''broker-url='', ''ldap='', ''ldap1='', ''ldap2='', ''nodpms'', ''session='', ''throttle='', ''xinerama='', are currently unsupported in MiniDesktop-Mode. This could be changed, given enough tuits. + FIXME ''audioout='', ''blank='', ''blankdpmsfix'', ''broker-url='', ''ldap='', ''ldap1='', ''ldap2='', ''nodpms'', ''session='', ''throttle='', ''xinerama='', are currently unsupported in MiniDesktop-Mode. This could be changed, given enough tuits. Probably the easiest way would be to outsource as many of them as possible into scripts under ''/etc/X11/Xsession.d/'' (currently, they reside in ''/lib/live/config/2900-x2go-thinclientconfig'' - which doesn't exist in the MiniDesktop branches - and from there, they get written to ''~/.xsession'' FIXME nomagicpixel= is currently unsupported in MiniDesktop-Mode and probably will be unsupported there forever, as it doesn't make sense for MiniDesktop-Mode. FIXME bg= and branding= are currently unsupported in MiniDesktop-Mode. Adding support for these doesn't need many tuits. A third option for the desktop background could be added as well - possibly for regular TCE mode as well, overriding our default blue. FIXME homepageurl= (only available in MiniDesktop-Mode) is currently undocumented. Supports multiple URLs separated with pipes. -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2018/02/12 14:45 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.7.2 IP-Address : 134.3.37.90 Hostname: HSI-KBW-134-3-37-90.hsi14.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1518446606 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of open ToDos/FIXMEs for this page] added bug for minidesktop and ssh private keys User: stefanbaur @@ -1150,8 +1150,10 @@ * If a session is set to "Try auto login (via SSH Agent or default SSH key)" and NO keyfile is set, then X2GoClient will try **all** secret keys in .ssh. Showing a password prompt if a key is password-protected is handled by X2GoClient, so needs no extra work. * To specify a keyfile, either: * use ''~/.ssh/keyfilename'' as path and use ''copysecring'', or * do not use ''copysecring'' and use ''/media/vendor_model_name/sdxn/path/to/keyfile'' as keyfile path/name + + FIXME copying ssh private keys seems to fail in MiniDesktop-Mode - possibly because of the priming/pruning/cleanup action performed on the homedirectory by the minidesktop init scripts? FIXME 2200-xserver-xorg-getxorgconf should be taught to understand file:// URLs. FIXME Parsing the output of e.g. udevadm info --query path /dev/sdb -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2018/02/12 14:43 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.7.2 IP-Address : 134.3.37.90 Hostname: HSI-KBW-134-3-37-90.hsi14.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1518446464 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of open ToDos/FIXMEs for this page] updated list of parameters that are unsupported in MiniDesktop-Mode User: stefanbaur @@ -1178,11 +1178,11 @@ FIXME Setting the time via NTP will fail if the TC can't establish a connection to an NTP server via the internet. It would make sense to allow specifying an internal NTP server via a boot parameter. fixed in github repo, soon in x2go repo FIXME copysecring currently does not work in MiniDesktop-Mode, as it copies the keys to the wrong user's homedir. fixed in github repo, soon in x2go repo - FIXME blank=, broker-url=, ldap=, ldap1=, ldap2=, session=, throttle=, xinerama=, are currently unsupported in MiniDesktop-Mode. This could be changed, given enough tuits. + FIXME ''audioout='', ''blank='', ''blankdpmsfix'', ''broker-url='', ''ldap='', ''ldap1='', ''ldap2='', ''nodpms'', ''session='', ''throttle='', ''xinerama='', are currently unsupported in MiniDesktop-Mode. This could be changed, given enough tuits. FIXME nomagicpixel= is currently unsupported in MiniDesktop-Mode and probably will be unsupported there forever, as it doesn't make sense for MiniDesktop-Mode. FIXME bg= and branding= are currently unsupported in MiniDesktop-Mode. Adding support for these doesn't need many tuits. A third option for the desktop background could be added as well - possibly for regular TCE mode as well, overriding our default blue. FIXME homepageurl= (only available in MiniDesktop-Mode) is currently undocumented. Supports multiple URLs separated with pipes. -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2018/02/12 14:41 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.7.2 IP-Address : 134.3.37.90 Hostname: HSI-KBW-134-3-37-90.hsi14.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1518443351 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of open ToDos/FIXMEs for this page] added partition label support User: stefanbaur @@ -1160,9 +1160,9 @@ Authentification and "hard" identification could be implemented using OpenPGP cards, ''scdaemon'' and a script based on ''/usr/share/doc/scdaemon/examples/scd-event''. For Status ''NOCARD'', suspend the session (kill x2goclient or send a signal that means "suspend", if available, or maybe sighup nxproxy), for status ''USABLE'', run ''gpg --card-status 2>&1 | awk '$1=="Serial" && $2=="number" {print $4}''' to determine the card's serial number, then act based on that (pull new sessions file or set default user, for example, and restart x2goclient). FIXME Automount script expansion is in the works. Will fully support VFAT, NTFS, hfs, hpfs, will offer read-only support for ext* via fuseext2 (that way, file ownership/permissions are ignored). fixed. - FIXME Maybe we should add symlinks to the mount points created by the automounter: Currently, we create ''/media/vendor_model_name/sdxn'' as a mount point. The idea is to allow the user to find their portable device using the vendor/model name description. However, this is unusable for scripting, as the ''//x//'' in ''sdxn'' may change any time. We should replace ''//sdx//'' with ''//partition//'' (or have corresponding symlinks created), but what should we do for //superfloppies// that only have ''sdx'' with no partition number? We could mount them as ''/media/vendor_model_name/partition/'' or directly at ''/media/vendor_model_name/''. Also, symlinks using labels and uuids, similar to ''/dev/by-*'' would be handy for scripting. Another problem: when replacing ''sdx'', what will happen when a user inserts two media with the same vendor/model name at the same time? Blindly replacing the string would make one of them inaccessible due to overwriting the symlink(s). We'd have to start checking active mounts and enumerate them like ''media/vendor_model_name/1/partitionn/'' or ''media/vendor_model_name-1/partitionn/''. + FIXME Maybe we should add symlinks to the mount points created by the automounter: Currently, we create ''/media/vendor_model_name/sdxn'' as a mount point. The idea is to allow the user to find their portable device using the vendor/model name description. However, this is unusable for scripting, as the ''//x//'' in ''sdxn'' may change any time. We should replace ''//sdx//'' with ''//partition//'' (or have corresponding symlinks created), but what should we do for //superfloppies// that only have ''sdx'' with no partition number? We could mount them as ''/media/vendor_model_name/partition/'' or directly at ''/media/vendor_model_name/''. Also, symlinks using labels and uuids, similar to ''/dev/by-*'' would be handy for scripting. Another problem: when replacing ''sdx'', what will happen when a user inserts two media with the same vendor/model name at the same time? Blindly replacing the string would make one of them inaccessible due to overwriting the symlink(s). We'd have to start checking active mounts and enumerate them like ''/media/vendor_model_name/1/partitionn'' or ''/media/vendor_model_name-1/partitionn'' Fixed. When a label is detected, a symlink is now created under ''/media/vendor_model_name/label'' that points to ''/media/vendor_model_name/partitionn''. FIXME Automount script currently expects a LUKS password in ''/etc/keys/keystick.key'' when it believes it has found an encrypted partition on USB media. This is a problem in general, as it should be trivial to sniff out this password using a rogue client. If we want to support this feature, though, we should add code to the build script that lets the user place a password file in the image, and sets proper restrictive permissions. Adding a boot parameter instead of hardcoding it would allow for dynamic password files, but on the other hand, would make it even easier to sniff out the password. FIXME ''x2gocdmanager'' is currently not part of the image, but should become part of it. While optical media are on their way out, they still exist and thus we should support them. However, the script is hardcoded for X2Go-TCE-NFS and needs to be adapted to work with both TCEs. -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2018/02/12 13:49 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.7.2 IP-Address : 134.3.37.90 Hostname: HSI-KBW-134-3-37-90.hsi14.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1518442970 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [What options are available under FURTHER-OPTIONS-GO-HERE?] User: stefanbaur @@ -875,9 +875,9 @@ * ''broker-url=ssh://your-broker-address-here'' - this allows you to specify an X2Go Session Broker instead of a sessions file (not limited to an ssh-based broker, works with an http-based broker as well) * ''sessionsurl=https|http|ftp://your-http-server-ip-or-dns-here/x2go-tce/x2go-tce.sessions'' - use this to specify a sessions file. You need this unless you are using a session broker. See below for how to add this file to your HTTP, HTTPS, or FTP server. **Attention: Whoever manages to spoof the server name can inject rogue session config files into your ThinClients.** To mitigate this risk, use HTTPS, where the attacker would have to spoof both server name and matching certificate. === These are entirely optional === - * ''audiout=list'' / ''audiout="alsa_card.something|output:something"'' - use this to list all available audio outputs / select a particular audio output. Note that when selecting one, the parameter consists of two values (as displayed in the output on /dev/tty8 when specifying ''list'') that need to be separated with a ''|'', and the set of the two values needs to be enclosed in double quotes. Do //not// enclose each value in double quotes separately! Correct example: ''audioout="alsa_card.pci-_00_1b.0|output:hdmi-stereo"'' + * ''audioout=list'' / ''audioout="alsa_card.something|output:something"'' - use this to list all available audio outputs / select a particular audio output. Note that when selecting one, the parameter consists of two values (as displayed in the output on /dev/tty8 when specifying ''list'') that need to be separated with a ''|'', and the set of the two values needs to be enclosed in double quotes. Do //not// enclose each value in double quotes separately! Correct example: ''audioout="alsa_card.pci-_00_1b.0|output:hdmi-stereo"'' * ''bg=https|http|ftp://your-http-server-ip-or-dns-here/x2go-tce/x2go-tce-bg.svg'' - use this to specify an SVG file to "brand" your X2Go-TCE with. It will replace the blue background theme of the login screen. See below for how to add this file to your HTTP, HTTPS, or FTP server. **Attention: Whoever manages to spoof the server name can inject rogue images into your ThinClients.** To mitigate this risk, use HTTPS, where the attacker would have to spoof both server name and matching certificate. * ''blank=n|n:n:n'' - Will disable (''blank=0'') or set screensaver timeout. Use ''blank=n:n:n'' to set DPMS Standby/Suspend/Off values. Standby value equals screensaver timeout value. All values are given in seconds. * ''blankdpmsfix'' - This forces the TFT do black for a few seconds during the X startup phase, then forces it back on again. This fixes an occasional "black screen" issue that occurs with some flaky client/TFT hardware combinations when using DisplayPort connectors, and could otherwise only be remediated by manually turning the TFT off and back on again. (feature available via github repo, soon via x2go repo too) * ''branding=https|http|ftp://your-http-server-ip-or-dns-here/x2go-tce/x2go-tce-branding.svg'' - use this to specify an SVG file to "brand" your X2Go-TCE with. It will replace the seal icon in the lower left of the login screen. See below for how to add this file to your HTTP, HTTPS, or FTP server. **Attention: Whoever manages to spoof the server name can inject rogue images into your ThinClients.** To mitigate this risk, use HTTPS, where the attacker would have to spoof both server name and matching certificate. -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2018/02/12 13:42 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.7.2 IP-Address : 134.3.37.90 Hostname: HSI-KBW-134-3-37-90.hsi14.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1518442255 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [What options are available under FURTHER-OPTIONS-GO-HERE?] - added audioout parameter description User: stefanbaur @@ -875,9 +875,10 @@ * ''broker-url=ssh://your-broker-address-here'' - this allows you to specify an X2Go Session Broker instead of a sessions file (not limited to an ssh-based broker, works with an http-based broker as well) * ''sessionsurl=https|http|ftp://your-http-server-ip-or-dns-here/x2go-tce/x2go-tce.sessions'' - use this to specify a sessions file. You need this unless you are using a session broker. See below for how to add this file to your HTTP, HTTPS, or FTP server. **Attention: Whoever manages to spoof the server name can inject rogue session config files into your ThinClients.** To mitigate this risk, use HTTPS, where the attacker would have to spoof both server name and matching certificate. === These are entirely optional === - * ''bg=https|http|ftp://your-http-server-ip-or-dns-here/x2go-tce/x2go-tce-bg.svg'' - use this to specify an SVG file to "brand" your X2Go-TCE with. It will replace theblue background theme of the login screen. See below for how to add this file to your HTTP, HTTPS, or FTP server. **Attention: Whoever manages to spoof the server name can inject rogue images into your ThinClients.** To mitigate this risk, use HTTPS, where the attacker would have to spoof both server name and matching certificate. + * ''audiout=list'' / ''audiout="alsa_card.something|output:something"'' - use this to list all available audio outputs / select a particular audio output. Note that when selecting one, the parameter consists of two values (as displayed in the output on /dev/tty8 when specifying ''list'') that need to be separated with a ''|'', and the set of the two values needs to be enclosed in double quotes. Do //not// enclose each value in double quotes separately! Correct example: ''audioout="alsa_card.pci-_00_1b.0|output:hdmi-stereo"'' + * ''bg=https|http|ftp://your-http-server-ip-or-dns-here/x2go-tce/x2go-tce-bg.svg'' - use this to specify an SVG file to "brand" your X2Go-TCE with. It will replace the blue background theme of the login screen. See below for how to add this file to your HTTP, HTTPS, or FTP server. **Attention: Whoever manages to spoof the server name can inject rogue images into your ThinClients.** To mitigate this risk, use HTTPS, where the attacker would have to spoof both server name and matching certificate. * ''blank=n|n:n:n'' - Will disable (''blank=0'') or set screensaver timeout. Use ''blank=n:n:n'' to set DPMS Standby/Suspend/Off values. Standby value equals screensaver timeout value. All values are given in seconds. * ''blankdpmsfix'' - This forces the TFT do black for a few seconds during the X startup phase, then forces it back on again. This fixes an occasional "black screen" issue that occurs with some flaky client/TFT hardware combinations when using DisplayPort connectors, and could otherwise only be remediated by manually turning the TFT off and back on again. (feature available via github repo, soon via x2go repo too) * ''branding=https|http|ftp://your-http-server-ip-or-dns-here/x2go-tce/x2go-tce-branding.svg'' - use this to specify an SVG file to "brand" your X2Go-TCE with. It will replace the seal icon in the lower left of the login screen. See below for how to add this file to your HTTP, HTTPS, or FTP server. **Attention: Whoever manages to spoof the server name can inject rogue images into your ThinClients.** To mitigate this risk, use HTTPS, where the attacker would have to spoof both server name and matching certificate. * ''copysecring'' - this will scan for USB media and fixed disk media (with USB media taking precedence) at boot for one or more of the following directories: ''config/ssh'', 'ssh', ''.ssh''. The volume must be labeled ''X2GO-TCE-LIVE'' or ''PORTABLEAPP'' and may use any supported file system. Any SSH Secret Keys found there will be copied into ''/home/user/.ssh'' (in the ramdisk), with proper permissions and ownerships for the default user account. This may come in handy when you are using SSH Secret Keys on USB media, but need to log in and out of sessions often, and don't want to leave the USB media plugged in all the time/don't want to have to re-insert it before each session startup. **Attention: This poses a security risk when other people are using your ThinClient afterwards (as they will have access to your keys).** To mitigate this risk,be sure to power-cycle the
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2018/02/12 13:30 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.7.2 IP-Address : 134.3.37.90 Hostname: HSI-KBW-134-3-37-90.hsi14.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1518439212 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [What options are available under FURTHER-OPTIONS-GO-HERE?] - added earlyblankdpmsfix description User: stefanbaur @@ -880,8 +880,9 @@ * ''blank=n|n:n:n'' - Will disable (''blank=0'') or set screensaver timeout. Use ''blank=n:n:n'' to set DPMS Standby/Suspend/Off values. Standby value equals screensaver timeout value. All values are given in seconds. * ''blankdpmsfix'' - This forces the TFT do black for a few seconds during the X startup phase, then forces it back on again. This fixes an occasional "black screen" issue that occurs with some flaky client/TFT hardware combinations when using DisplayPort connectors, and could otherwise only be remediated by manually turning the TFT off and back on again. (feature available via github repo, soon via x2go repo too) * ''branding=https|http|ftp://your-http-server-ip-or-dns-here/x2go-tce/x2go-tce-branding.svg'' - use this to specify an SVG file to "brand" your X2Go-TCE with. It will replace the seal icon in the lower left of the login screen. See below for how to add this file to your HTTP, HTTPS, or FTP server. **Attention: Whoever manages to spoof the server name can inject rogue images into your ThinClients.** To mitigate this risk, use HTTPS, where the attacker would have to spoof both server name and matching certificate. * ''copysecring'' - this will scan for USB media and fixed disk media (with USB media taking precedence) at boot for one or more of the following directories: ''config/ssh'', 'ssh', ''.ssh''. The volume must be labeled ''X2GO-TCE-LIVE'' or ''PORTABLEAPP'' and may use any supported file system. Any SSH Secret Keys found there will be copied into ''/home/user/.ssh'' (in the ramdisk), with proper permissions and ownerships for the default user account. This may come in handy when you are using SSH Secret Keys on USB media, but need to log in and out of sessions often, and don't want to leave the USB media plugged in all the time/don't want to have to re-insert it before each session startup. **Attention: This poses a security risk when other people are using your ThinClient afterwards (as they will have access to your keys).** To mitigate this risk,be sure to power-cycle the ThinClient once you are done. You //should// specify this parameter when booting X2Go-TCE-Live from portable media when you want to use SSH Secret Keys, to make sure your secret key on the VAT/NTFS partition is available. But as stated above, be sure to power-cycle the machine once you're done. + * ''earlyblankdpmsfix'' - This forces the TFT do black for a few seconds during the initial boot phase (right after the squashfs was downloaded), then forces it back on again. This fixes an occasional "black screen" issue that occurs with some flaky client/TFT hardware combinations when using DisplayPort connectors, and could otherwise only be remediated by manually turning the TFT off and back on again. (feature available via github repo, soon via x2go repo too) * ''ldap=ldap.example.com:389:cn=cngoeshere,dc=example,dc=com'' - this allows you to specify an LDAP server to connect to - note that this is not needed for LDAP-based authentication, only when you intend to store entire session profiles in LDAP. You should really consider using the X2Go Session Broker instead. * ''ldap1=ldap-backupserver-1.example.com:389'' - this allows you to specify the first of up to two LDAP backup servers when using LDAP authentication * ''ldap2=ldap-backupserver-2.example.com:389'' - this allows you to specify the second of up to two LDAP backup servers when using LDAP authentication * ''nodpms'' - Will not touch DPMS settings at all (by default, ''blank=0'' does both ''xset s off'' and ''xset -dpms''). Use this along with ''blank=n'' if you do want to blank the screen, but your screen is confused by DPMS settings. -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2018/02/12 12:40 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.7.2 IP-Address : 134.3.37.90 Hostname: HSI-KBW-134-3-37-90.hsi14.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1516988459 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [Live-Patching the Build] updated USB media mount patch User: stefanbaur @@ -145,10 +145,10 @@ mkdir -p ./patch/includes.chroot/usr/lib/x2go/tce/ cat >./patch/includes.chroot/usr/lib/x2go/tce/x2gousbmount <<'USBMOUNTPATCH' - #!/usr/bin/perl + #!/usr/bin/perl # Copyright (C) 2007-2017 by X2Go project, http://wiki.x2go.org # Oleksandr Shneyder# X2Go is free software; you can redistribute it and/or modify @@ -167,9 +167,18 @@ # 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA. use strict; use File::Path::Expand; + # comment out this "use" and the following two lines, and instead + # uncomment the block below if you need to do early boot stage + # debugging of the automounter, when rsyslogd isn't running yet use Sys::Syslog qw( :standard :macros ); + openlog($0,'cons,pid','user'); + setlogmask( LOG_UPTO(LOG_NOTICE) ); + #open (B,">>/var/log/usbdebug"); + #sub syslog { + # print B $_[0].': '.$_[1]."\n"; + #} my $user; if ( -f "/etc/x2go/x2gothinclient-minidesktop_start" ) { # this is a minidesktop environment, which uses @@ -216,11 +225,8 @@ mkdir expand_filename("~$user/logins"); chmod 0700, expand_filename("~$user/logins"); chown $uid, $gid, expand_filename("~$user/logins"); } - - openlog($0,'cons,pid','user'); - setlogmask( LOG_UPTO(LOG_NOTICE) ); sub check_x2gothinclientmode { my $ret = 0; @@ -229,20 +235,15 @@ if ( $x=~m/thinclientd/ ) { $ret = 1; } - # And for x2goclient --thinclient if nothing was found. - if ( !$ret ) { - $x=`ps u -C x2goclient`; - if ( $x=~m/\W*--thinclient\W*/ ) { - $ret = 1; - } - } return $ret; } - if ( check_x2gothinclientmode() || ( -x "/etc/x2go/x2gothinclient-minidesktop_start" ) ) + #TCE-NFS TCE-Live MMD-Live + if ( check_x2gothinclientmode() || ( -x "/lib/live/config/2900-x2go-thinclientconfig" ) || ( -x "/etc/x2go/x2gothinclient-minidesktop_start" ) ) { + syslog('notice', "some kind of thinclient mode detected"); open (F,">>/var/log/usb"); my $dev=$ENV{'DEVNAME'}; @@ -274,8 +275,13 @@ print F "action: $action, device: $dev, model: $model ($ldev), total: $name\n"; mkdir("/media"); mkdir("/media/$name"); print F "$name\n"; + + if (`lsblk -ln -oRM $dev`=~/0$/) { + syslog('notice', "device is non-removable device, skipping"); + exit 0; + } if ( $action eq "add" ) { ### @@ -329,9 +335,9 @@ open (D,">",expand_filename("~$user/export/$name.$ldev")); print D "export=/media/$name/$ldev\n"; close (D); } - elsif ( system("fuseext2 $dev /media/$name/$ldev -o ro")==0 ) { + elsif ( system("fuseext2 $dev /media/$name/$ldev -o ro,allow_other")==0 ) { syslog('notice', "USB device $name ($ldev) successfully mounted readonly (ext*fs detected)"); # if mounted, inform x2goclient about it... system("touch $mntdir/$ldev.mounted"); open (D,">",expand_filename("~$user/export/$name.$ldev")); @@ -352,18 +358,35 @@ system("chown -R $user /media/$name/$ldev/dsa.key"); open (D,">",expand_filename("~$user/logins/$name.$ldev")); print D "login=/media/$name/$ldev\n"; close (D); + print F "encrypted mount successful ($ldev)\n"; } else { # on mount failures release the decrypted device again system("/sbin/cryptsetup luksClose keystick"); + print F "mount failed ($ldev)\n"; } } else { print F "cryptodisk already present\n"; } } + if ( -e "/media/$name/$ldev" ) { +
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2018/01/26 17:40 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.7.0 IP-Address : 134.3.37.90 Hostname: HSI-KBW-134-3-37-90.hsi14.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1516897914 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [Live-Patching the Build] fix vfat/ntfs detection, doesn't work in one mount command User: stefanbaur @@ -297,10 +297,18 @@ # would only cause a mount of the iso9660 raw device, # blocking the mount of individual partitions # real optical media ->x2gocdmanager/x2gothinclient-cdmanager package - if ( system("mount -tvfat,ntfs $dev /media/$name/$ldev -o uid=$user,sync,uni_xlate")==0 ) { - syslog('notice', "USB device $name ($ldev) successfully mounted (probably vfat or ntfs)"); + if ( system("mount -tntfs $dev /media/$name/$ldev -o uid=$user,sync,uni_xlate")==0 ) { + syslog('notice', "USB device $name ($ldev) successfully mounted (ntfs detected)"); + # if mounted, inform x2goclient about it... + system("touch $mntdir/$ldev.mounted"); + open (D,">",expand_filename("~$user/export/$name.$ldev")); + print D "export=/media/$name/$ldev\n"; + close (D); + } + elsif ( system("mount -tvfat $dev /media/$name/$ldev -o uid=$user,sync,uni_xlate")==0 ) { + syslog('notice', "USB device $name ($ldev) successfully mounted (vfat detected)"); # if mounted, inform x2goclient about it... system("touch $mntdir/$ldev.mounted"); open (D,">",expand_filename("~$user/export/$name.$ldev")); print D "export=/media/$name/$ldev\n"; -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2018/01/25 16:31 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.7.0 IP-Address : 134.3.37.90 Hostname: HSI-KBW-134-3-37-90.hsi14.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1516818660 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [Live-Patching the Build] User: stefanbaur @@ -220,9 +220,9 @@ openlog($0,'cons,pid','user'); setlogmask( LOG_UPTO(LOG_NOTICE) ); - sub check_x2gothinclientd { + sub check_x2gothinclientmode { my $ret = 0; # Check for x2gothinclientd first... my $x=`ps ax | grep x2gothinclient`; -- This mail was generated by DokuWiki at https://wiki.x2go.org/ ___ x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
[X2Go-Commits] [[X2Go Wiki]] page changed: doc:howto:tce
A page in your DokuWiki was added or changed. Here are the details: Date: 2018/01/24 18:31 Browser : Mozilla/5.0 (X11; Linux x86_64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.7.0 IP-Address : 134.3.37.90 Hostname: HSI-KBW-134-3-37-90.hsi14.kabel-badenwuerttemberg.de Old Revision: https://wiki.x2go.org/doku.php/doc:howto:tce?rev=1516818520 New Revision: https://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: added tcedebug description User: stefanbaur @@ -850,8 +850,9 @@ * ''nomagicpixel=1'' or ''nomagicpixel=2'' - you should set ''nomagicpixel=1'' while the "magic pixel" (clicking in the upper right corner of the screen will minimize a fullscreen session) is still active in thinclient mode (this feature is expected to be disabled at some point in the future). ''nomagicpixel=1'' will disable the window manager when exactly 3 windows are detected (that's the usual situation when a fullscreen session is active). It will re-enable openbox whenever more or less than 3 windows are detected. If this fails for you, you can try ''nomagicpixel=2'', which will try to trigger on the window-minimize command and restore it to fullscreen (this will cause a short screen flickering effect). Note that ''nomagicpixel=2'' will make your ThinClient unusable when trying to run the actual X2Go-TCE client as a virtual machine guest (the //X2GoServer// you connect to may be a VM guest, no problems there). To live with the magic pixel bug, simply do not add this option at all. * ''ntp="server1 server2 ... servern"'' - this allows you to specify your own NTP server. If this parameter is not used, time will be synced with standard Debian NTP servers. To disable NTP syncing entirely, use ''ntp=false'' (feature available via github repo, soon via x2go repo too) * ''pubkey=tftp|http|https|ftp://your-http-server-ip-or-dns-here/x2go-tce/x2go-tce.authorized_keys'' - Allows you to add an ssh public key file to the ThinClient, so your administrators can log in remotely using SSH. Note that this file needs to be chmodded 644, not 600, on the web server. **Attention: Whoever manages to spoof this server name will have root access to your ThinClients.** Using HTTPS will mitigate this - an attacker would not only have to spoof the server name, but also the matching certificate. * ''session=sessionname'' - use this to specify a session by name that should be pre-selected on startup. The name must be listed in the sessions file and may only contain characters from the following charset: //a-zA-Z0-9.:/ _-// (We suggest naming the default session ''default'' and using ''session=default''.) When using a session name with blanks, please enclose the sessionname in either single or double quotes, like so: ''session="session name"'' / ''session='session name''' + * ''tcedebug'' - this switches X2GoClient into debug mode and will also lead to increased logging to /var/log/x2goclient and to tty9 * ''tcpprint'' - Will allow you to use local LPT/USB printers like "dumb" network printers (listening to port 9100 and above). Requires MAC->IP mapping in DHCP server (and optionally, DNS->IP mapping), or static IPs - else your print jobs will end up on random devices. This setup is preferred over the X2GoClient's built-in printing for locally attached printers if X2GoServer and ThinClients are on the same network. It is not recommended when your X2Go connection goes across the internet or when the ThinClient is actually a laptop roaming between different networks. **Attention: When used without ''tcpprintonlyfrom'' (see below), this means anyone that can reach your thin client via e.g. ping can also send print jobs to it!** * ''tcpprintonlyfrom=x.x.x.x'' - Will allow you to specify which IP address may connect to Port 9100 and above for printing to a locally attached LPT/USB printer. This should be the IP of your CUPS server or whatever print server system you use. Understands the same syntax as ''xinetd'''s ''only_from''. * ''throttle=n|n:n:n:n:n'' - Will throttle down- and upload speed (''throttle=n'') or set throttling limits as follows: download:upload:smoothingtime:smoothinglength:latency. Defaults for up- and download are 10 (KiloBytes/s), 3.0 (seconds, using decimals is permitted) smoothingtime, 20 (KiloBytes), 0 (ms). for a detailed description of these parameters, see "man trickle". You can use the first 1, 2, 3, 4 or all 5 parameters. To set down- and/or upload speed to unlimited, use the letter "u" instead of a numeric value. * ''xinerama=left-of|right-of|above|below|same-as'' - Allows you to specify how multiple screens are handled (same-as clones the primary screen to all secondary screens, the other commands will cascade and thus expand the screen). Note that the current implementation will enforce "same-as" if it detects a touch screen driver (wacom) and no other pointing device. This is so you won't get stuck being unable to log off,