This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
wiki:advanced:multi-node:x2goserver-pgsql [2011/11/02 23:33] sunweaver wiki:adding_x2go_server_postgresql_support renamed to wiki:advanced:multi-node:x2goserver-pgsql (Namespace cleanup) |
wiki:advanced:multi-node:x2goserver-pgsql [2013/03/12 20:39] sunweaver |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== | + | ====== |
- | < | + | **Note: |
- | Changes since x2goserver | + | If you have one standalone X2Go server then please use the SQLite database backend (which is the default after installation of the '' |
- | The '' | + | With X2Go Server v3.0.99.0 the whole session database backend code had been fully rewritten due to a serious security issue that had been brought up by Morty, Reinhard and Arw. Sind then, the '' |
- | SQLite database (installation default) nor the PostgreSQL database. Since v3.0.99.x | + | SQLite database (installation default) nor the PostgreSQL database. Since v3.0.99.x PostgreSQL views and rules are used to restrict users from modifying or accessing data of other users. |
- | PostgreSQL views and rules are used to restrict users from modifying or accessing | + | |
- | data of other users. | + | |
- | The '' | + | For accessing |
- | the users who are allowed to take part in desktop sharing must be part of group x2gousers). | + | |
- | For accessing the X2go/ | + | ===== Preparations ===== |
- | __Preparations: | ||
- | * configure PostgreSQL server to enable TCP connections from your X2go server | + | * configure PostgreSQL server to enable TCP connections from your X2Go Server |
- | * configure PostgreSQL server for md5 authentication for users from x2goserver | + | * configure PostgreSQL server for md5 authentication for users from X2Go Server |
< | < | ||
Line 24: | Line 20: | ||
</ | </ | ||
- | __Example:__ | + | **Example:** |
< | < | ||
Line 33: | Line 29: | ||
You must create a database user which can create databases and users for | You must create a database user which can create databases and users for | ||
- | X2go database administration. You can also use the '' | + | X2Go database administration. You can also use the '' |
job. | job. | ||
Line 64: | Line 60: | ||
</ | </ | ||
- | __Database | + | ===== Database |
< | < | ||
Line 85: | Line 82: | ||
</ | </ | ||
- | Database administration using ''/ | + | ===== Database administration using ''/ |
< | < | ||
$ / | $ / | ||
- | X2Go SQL admin interface. Use it to create | + | X2Go SQL admin interface. Use it to create |
- | remove users or groups in x2go database | + | remove users or groups in X2Go session |
Usage: | Usage: | ||
x2godbadmin --createdb | x2godbadmin --createdb | ||
Line 98: | Line 97: | ||
</ | </ | ||
- | __Create | + | ==== Create |
< | < | ||
Line 104: | Line 104: | ||
</ | </ | ||
- | __Create | + | ==== Create |
< | < | ||
Line 114: | Line 115: | ||
</ | </ | ||
- | After that step users can create x2go sessions. | + | After that step users of the posix group '' |
- | + | ||
- | ====== Installation (for x2goserver < 3.0.99.x - old code, please upgrade your x2goserver) ====== | + | |
- | :!: **Before you begin!** -> Note that you are using old and insecure code... Please upgrade to a current version | + | |
- | + | ||
- | //The following documentation only exists for historical reference and it will be removed soon from this wiki.// | + | |
- | + | ||
- | + | ||
- | Please make sure that you have added the x2go repository to your package management system. The required steps are described here: [[adding | + | |
- | ==== Using an existent database server on the network ==== | + | |
- | + | ||
- | If you want to use an already existent PostgreSQL database server in your network, you'll need to allow the x2goserver(s) access to the database server. | + | |
- | First of all, you'll need to tell the address of the target server to every x2goserver: | + | |
- | + | ||
- | < | + | |
- | # echo -n „address of postgres server“ > / | + | |
- | </ | + | |
- | + | ||
- | Furthermore you'll need to allow “passwordless” authentication via SSH keys. Please don't add a “paraphrase” to the generated key: | + | |
- | + | ||
- | < | + | |
- | # mkdir / | + | |
- | # ssh-keygen -t dsa -f / | + | |
- | </ | + | |
- | + | ||
- | To copy the public part of the key to the PostgreSQL server, you may use the “ssh-copy-id” command to combine transfer and paste command, or you can paste the key after transferring it by yourself (make sure file permissions for SSH key authentication are set correctly): | + | |
- | + | ||
- | < | + | |
- | # mkdir -p ~postgres/ | + | |
- | # cat id_dsa-pub >> ~postgres/ | + | |
- | # chown -Rf postgres: | + | |
- | # chmod -Rf go-rwx ~postgres/ | + | |
- | </ | + | |
- | + | ||
- | You can test the needed connection by entering following command: | + | |
- | + | ||
- | < | + | |
- | # ssh -i / | + | |
- | </ | + | |
- | + | ||
- | You'll also need to run the “x2gocreatebase.sh” script as described before on the database server to create | + | |
- | + | ||
- | + | ||
- | New server packages (deb and tar.gz) are available over our heuler | + | |
- | repository: | + | |
- | http:// | + | |
- | + | ||
- | You can install this packages with apt: | + | |
- | deb http:// | + | |
- | + | ||
- | Please keep in mind, that the heuler archive is an additional repository | + | |
- | - you'll need to have the lenny repository configured | + | |