This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Last revision Both sides next revision | ||
wiki:advanced:multi-node:x2goserver-pgsql [2011/10/17 19:28] h1 Page moved from adding_x2go_server_postgresql_support to wiki:adding_x2go_server_postgresql_support |
wiki:advanced:multi-node:x2goserver-pgsql [2013/09/23 19:22] sunweaver |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== | + | ====== |
- | < | + | **Note: |
- | Changes since x2goserver | + | If you have one standalone X2Go server then please use the SQLite database backend (which is the default after installation of the '' |
- | The '' | + | With X2Go Server v3.0.99.0 the whole session database backend code had been fully rewritten due to a serious security issue that had been brought up by Morty, Reinhard and Arw. Sind then, the '' |
- | SQLite database (installation default) nor the PostgreSQL database. Since v3.0.99.x | + | SQLite database (installation default) nor the PostgreSQL database. Since v3.0.99.x PostgreSQL views and rules are used to restrict users from modifying or accessing data of other users. |
- | PostgreSQL views and rules are used to restrict users from modifying or accessing | + | |
- | data of other users. | + | |
- | The '' | + | For accessing |
- | the users who are allowed to take part in desktop sharing must be part of group x2gousers). | + | |
- | For accessing the X2go/ | + | ===== Preparations ===== |
- | __Preparations: | ||
- | * configure PostgreSQL server to enable TCP connections from your X2go server | + | * configure PostgreSQL server to enable TCP connections from your X2Go Server |
- | * configure PostgreSQL server for md5 authentication for users from x2goserver | + | * configure PostgreSQL server for md5 authentication for users from X2Go Server |
< | < | ||
Line 24: | Line 20: | ||
</ | </ | ||
- | __Example:__ | + | **Example:** |
< | < | ||
Line 33: | Line 29: | ||
You must create a database user which can create databases and users for | You must create a database user which can create databases and users for | ||
- | X2go database administration. You can also use the '' | + | X2Go database administration. You can also use the '' |
job. | job. | ||
Line 64: | Line 60: | ||
</ | </ | ||
- | __Database | + | ===== Database |
< | < | ||
Line 85: | Line 82: | ||
</ | </ | ||
- | Database administration using ''/ | + | ===== Database administration using ''/ |
< | < | ||
$ / | $ / | ||
- | X2Go SQL admin interface. Use it to create | + | X2Go SQL admin interface. Use it to create |
- | remove users or groups in x2go database | + | remove users or groups in X2Go session |
Usage: | Usage: | ||
x2godbadmin --createdb | x2godbadmin --createdb | ||
Line 98: | Line 97: | ||
</ | </ | ||
- | __Create | + | ==== Create |
< | < | ||
Line 104: | Line 104: | ||
</ | </ | ||
- | __Create | + | ==== Create |
< | < | ||
Line 114: | Line 115: | ||
</ | </ | ||
- | After that step users can create | + | After that step users of the posix group '' |
- | ====== | + | ===== Database Structure and Troubleshooting |
- | :!: **Before you begin!** -> Note that you are using old and insecure code... Please upgrade to a current version of x2goserver. | + | |
- | //The following documentation only exists for historical reference and it will be removed soon from this wiki.// | + | In hopefully rare cases it may become necessary to fix the X2Go session database via standard PostgreSQL tools (e.g. '' |
+ | ==== Connect to the database ==== | ||
- | Please make sure that you have added the x2go repository | + | In case it becomes necessary |
- | ==== Using an existent | + | |
- | + | ||
- | If you want to use an already existent | + | |
- | First of all, you'll need to tell the address of the target server to every x2goserver: | + | |
< | < | ||
- | # echo -n „address of postgres server“ > / | + | $ psql --user x2godbuser --password -h localhost --dbname x2go_sessions |
</ | </ | ||
- | Furthermore you'll need to allow “passwordless” authentication via SSH keys. Please don't add a “paraphrase” to the generated key: | + | As password use the password found in '' |
- | < | ||
- | # mkdir / | ||
- | # ssh-keygen -t dsa -f / | ||
- | </ | ||
- | To copy the public part of the key to the PostgreSQL | + | After successful login, |
- | <code> | + | <file> |
- | # mkdir -p ~postgres/ | + | ts-01:~ # psql --user x2godbuser |
- | # cat id_dsa-pub >> ~postgres/ | + | Password for user x2godbuser: |
- | # chown -Rf postgres: | + | Welcome to psql < |
- | # chmod -Rf go-rwx ~postgres/ | + | |
- | </code> | + | |
- | You can test the needed connection by entering following command: | + | Type: |
+ | \h for help with SQL commands | ||
+ | \? for help with psql commands | ||
+ | \g or terminate with semicolon to execute query | ||
+ | \q to quit | ||
- | <code> | + | x2go_sessions=> |
- | # ssh -i / | + | </file> |
- | </code> | + | |
- | You'll also need to run the “x2gocreatebase.sh” script as described before on the database server to create the needed instance. | + | ==== Database structure ==== |
+ | The database has five tables: | ||
- | New server packages (deb and tar.gz) are available over our heuler | + | < |
- | repository: | + | x2go_sessions=> |
- | http:// | + | List of relations |
+ | | ||
+ | --------+---------------+-------+---------- | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | (5 rows) | ||
+ | </file> | ||
- | You can install this packages with apt: | + | Three of them are important for session management: sessions, used_ports, mounts. |
- | deb http://x2go.obviously-nice.de/deb/ heuler main | + | |
+ | Furthermore, | ||
+ | |||
+ | < | ||
+ | x2go_sessions=> | ||
+ | List of relations | ||
+ | | ||
+ | --------+---------------+------+---------- | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | (4 rows) | ||
+ | |||
+ | x2go_sessions=> | ||
+ | </file> | ||
+ | |||
+ | If you want to show the content of a table or view, evoke this SQL command: | ||
+ | |||
+ | < | ||
+ | x2go_sessions=> | ||
+ | server | ||
+ | --------------+---------------------------------------+-----------------+------- | ||
+ | ts-01 | mike-57-1379961697_stRTERMINAL_dp24 | x2gouser_mike | 30019 | ||
+ | ts-01 | mike-57-1379961697_stRTERMINAL_dp24 | x2gouser_mike | 30018 | ||
+ | ts-01 | mike-57-1379961697_stRTERMINAL_dp24 | x2gouser_mike | 30020 | ||
+ | (3 rows) | ||
+ | </file> | ||
+ | |||
+ | ==== Troubleshooting ==== | ||
+ | |||
+ | If you want to remove these entries (because they are there but they by some reason should not be there), use this command set: | ||
+ | |||
+ | < | ||
+ | x2go_sessions=> | ||
+ | DELETE 1 | ||
+ | </ | ||
+ | |||
+ | ... or ... | ||
+ | |||
+ | < | ||
+ | x2go_sessions=> | ||
+ | DELETE 3 | ||
+ | </code> | ||
- | Please keep in mind, that the heuler archive is an additional repository | + | For further input on manipulating PostgreSQL database via the '' |
- | - you'll need to have the lenny repository configured as well! | + | |