User Tools

Site Tools


wiki:advanced:multi-node:x2goserver-pgsql

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
Last revision Both sides next revision
wiki:advanced:multi-node:x2goserver-pgsql [2011/11/12 15:19]
sunweaver [Using an existent database server on the network]
wiki:advanced:multi-node:x2goserver-pgsql [2013/09/23 19:22]
sunweaver
Line 1: Line 1:
-====== Installation: X2go Server with PostgreSQL database backend ======+====== X2Go Server with PostgreSQL database backend ======
  
-<note>This wiki page explains how you can configure X2Go with PostgreSQL as database backend. However, this is only recommended for sites that run more than one X2go server (X2go server clusters). If you have one standalone X2Go server then please use the SQLite database backend (which is the default after installing of the ''x2goserver'' package).</note>+**Note:** This wiki page explains how you can configure X2Go with PostgreSQL as database backend. However, this is only recommended for sites that run more than one X2Go Server (X2Go multi-node farms). 
  
-Changes since x2goserver v3.0.99.x:+If you have one standalone X2Go server then please use the SQLite database backend (which is the default after installation of the ''x2goserver'' package).
  
-The ''sudo'' command is no longer required by ''x2goserver'' to neither contact the +With X2Go Server v3.0.99.0 the whole session database backend code had been fully rewritten due to a serious security issue that had been brought up by Morty, Reinhard and Arw. Sind then, the ''sudo'' command is no longer required by ''x2goserver'' to neither contact the 
-SQLite database (installation default) nor the PostgreSQL database. Since v3.0.99.x  +SQLite database (installation default) nor the PostgreSQL database. Since v3.0.99.x PostgreSQL views and rules are used to restrict users from modifying or accessing data of other users.
-PostgreSQL views and rules are used to restrict users from modifying or accessing  +
-data of other users.+
  
-For accessing the X2go/PostgreSQL database Perl DBI has been used in x2goserver.+For accessing the X2Go/PostgreSQL database X2Go Server uses the Perl DBI package.
  
-__Preparations:__+===== Preparations =====
  
-  * configure PostgreSQL server to enable TCP connections from your X2go server host + 
-  * configure PostgreSQL server for md5 authentication for users from x2goserver in +  * configure PostgreSQL server to enable TCP connections from your X2Go Server host 
 +  * configure PostgreSQL server for md5 authentication for users from X2Go Server in 
  
 <code> <code>
Line 21: Line 20:
 </code> </code>
  
-__Example:__+**Example:**
  
 <code> <code>
Line 30: Line 29:
  
 You must create a database user which can create databases and users for You must create a database user which can create databases and users for
-X2go database administration. You can also use the ''postgres'' user to do this+X2Go database administration. You can also use the ''postgres'' user to do this
 job. job.
  
Line 61: Line 60:
 </code> </code>
  
-__Database configuration in file /etc/x2go/x2gosql/sql:__+===== Database configuration in file /etc/x2go/x2gosql/sql ===== 
  
 <code> <code>
Line 82: Line 82:
 </code> </code>
  
-Database administration using ''/usr/lib/x2go/script/x2godbadmin'' (on X2go server).+===== Database administration using ''/usr/lib/x2go/script/x2godbadmin'' (on X2Go Server===== 
  
 <code> <code>
 $ /usr/lib/x2go/script/x2godbadmin --help $ /usr/lib/x2go/script/x2godbadmin --help
-X2Go SQL admin interface. Use it to create x2go database and insert or +X2Go SQL admin interface. Use it to create the X2Go session database and insert or 
-remove users or groups in x2go database+remove users or groups in X2Go session database
 Usage: Usage:
 x2godbadmin --createdb x2godbadmin --createdb
Line 95: Line 97:
 </code> </code>
  
-__Create database (evoke on X2go server):__+==== Create database (evoke on X2Go server) ==== 
  
 <code> <code>
Line 101: Line 104:
 </code> </code>
  
-__Create database users:__+==== Create database users ==== 
  
 <code> <code>
Line 111: Line 115:
 </code> </code>
  
-After that step users can create x2go sessions.+After that step users of the posix group ''x2gousers'' can create X2Go sessions. Of course, any other group could be used here, as well.
  
-====== Installation (for x2goserver < 3.0.99.x - old code, please upgrade your x2goserver) ====== +===== Database Structure and Troubleshooting =====
-:!: **Before you begin!** -> Note that you are using old and insecure code... Please upgrade to a current version of x2goserver.+
  
-//The following documentation only exists for historical reference and it will be removed soon from this wiki.//+In hopefully rare cases it may become necessary to fix the X2Go session database via standard PostgreSQL tools (e.g. ''psql''). This should not happen and please please please report the issue [[wiki:bugs|as a bug against the x2goserver]] X2Go component. However, if you are in the unlucky situation of having to fix up the session DB, then the below lines may render useful to you.
  
 +==== Connect to the database ====
  
-Please make sure that you have added the x2go repository to your package management system. The required steps are described here: [[adding the x2go repository (debian)]]! You'll further need to have some experience with x2goprint and maybe x2goserver. +In case it becomes necessary to edit the X2Go session database on the PostgreSQL server by handconnect to the DB with this command:
-If you want to use an already existent PostgreSQL database server in your network, you'll need to allow the x2goserver(s) access to the database server+
-First of allyou'll need to tell the address of the target server to every x2goserver:+
  
 <code> <code>
-# echo -n „address of postgres server“ > /etc/x2go/sql+$ psql --user x2godbuser --password -h localhost --dbname x2go_sessions
 </code> </code>
  
-Furthermore you'll need to allow “passwordless” authentication via SSH keys. Please don't add a “paraphrase” to the generated key:+As password use the password found in ''/etc/x2go/x2gosql/passwords/x2goadmin''.
  
-<code> 
-# mkdir /root/.x2go/ssh/.pg 
-# ssh-keygen -t dsa -f /root/.x2go/ssh/.pg/id_dsa 
-</code> 
  
-To copy the public part of the key to the PostgreSQL serveryou may use the “ssh-copy-id” command to combine transfer and paste command, or you can paste the key after transferring it by yourself (make sure file permissions for SSH key authentication are set correctly):+After successful login, the ''psql'' PostgreSQL client shows these lines: 
 + 
 +<file> 
 +ts-01:~ # psql --user x2godbuser --password -h localhost --dbname x2go_sessions 
 +Password for user x2godbuser: <hidden> 
 +Welcome to psql <version>, the PostgreSQL interactive terminal. 
 + 
 +Type:  \copyright for distribution terms 
 +       \h for help with SQL commands 
 +       \? for help with psql commands 
 +       \g or terminate with semicolon to execute query 
 +       \q to quit 
 + 
 +x2go_sessions=> 
 +</file> 
 + 
 +==== Database structure ==== 
 + 
 +The database has five tables: 
 + 
 +<file> 
 +x2go_sessions=> \dt 
 +             List of relations 
 + Schema |     Name      | Type  |  Owner    
 +--------+---------------+-------+---------- 
 + public | messages      | table | postgres 
 + public | mounts        | table | postgres 
 + public | sessions      | table | postgres 
 + public | used_ports    | table | postgres 
 + public | user_messages | table | postgres 
 +(5 rows) 
 +</file> 
 + 
 +Three of them are important for session management: sessions, used_ports, mounts. 
 + 
 +Furthermore, the database defined four views: 
 + 
 +<file> 
 +x2go_sessions=> \dv 
 +            List of relations 
 + Schema |     Name      | Type |  Owner    
 +--------+---------------+------+---------- 
 + public | mounts_view   | view | postgres 
 + public | ports_view    | view | postgres 
 + public | servers_view  | view | postgres 
 + public | sessions_view | view | postgres 
 +(4 rows) 
 + 
 +x2go_sessions=>  
 +</file> 
 + 
 +If you want to show the content of a table or view, evoke this SQL command: 
 + 
 +<file> 
 +x2go_sessions=> select * from used_ports; 
 +    server    |              session_id                 creator_id    | port   
 +--------------+---------------------------------------+-----------------+------- 
 + ts-01 | mike-57-1379961697_stRTERMINAL_dp24 | x2gouser_mike | 30019 
 + ts-01 | mike-57-1379961697_stRTERMINAL_dp24 | x2gouser_mike | 30018 
 + ts-01 | mike-57-1379961697_stRTERMINAL_dp24 | x2gouser_mike | 30020 
 +(3 rows) 
 +</file
 + 
 +==== Troubleshooting ==== 
 + 
 +If you want to remove these entries (because they are there but they by some reason should not be there), use this command set:
  
 <code> <code>
-# mkdir -p ~postgres/.ssh/ +x2go_sessions=delete from used_ports where port=30020; 
-# cat id_dsa-pub >> ~postgres/.ssh/authorized_keys +DELETE 1
-# chown -Rf postgres:postgres ~postgres/.ssh +
-# chmod -Rf go-rwx ~postgres/.ssh+
 </code> </code>
  
-You can test the needed connection by entering following command:+... or ...
  
 <code> <code>
-# ssh -i /root/.x2go/ssh/.pg/id_dsa postgres@server+x2go_sessions=> delete from used_ports where session_id=mike-57-1379961697_stRTERMINAL_dp24; 
 +DELETE 3
 </code> </code>
  
-You'll also need to run the “x2gocreatebase.sh” script as described before on the database server to create the needed instance.+For further input on manipulating PostgreSQL database via the ''psql'' client tool, see the PostgreSQL reference.
  
  
wiki/advanced/multi-node/x2goserver-pgsql.txt · Last modified: 2016/03/29 19:40 by stefanbaur