This is an old revision of the document!
Note: This wiki page explains how you can configure X2Go with PostgreSQL as database backend. However, this is only recommended for sites that run more than one X2Go Server (X2Go multi-node farms).
If you have one standalone X2Go server then please use the SQLite database backend (which is the default after installation of the x2goserver
package).
With X2Go Server v3.0.99.0 the whole session database backend code had been fully rewritten due to a serious security issue that had been brought up by Morty, Reinhard and Arw. Sind then, the sudo
command is no longer required by x2goserver
to neither contact the
SQLite database (installation default) nor the PostgreSQL database. Since v3.0.99.x PostgreSQL views and rules are used to restrict users from modifying or accessing data of other users.
For accessing the X2Go/PostgreSQL database X2Go Server uses the Perl DBI package.
/etc/postgresql/(version)/main/pg_hba.conf
Example:
# IPv4 local connections: host all all 127.0.0.1/32 md5
You must create a database user which can create databases and users for
X2go database administration. You can also use the postgres
user to do this
job.
You must save the password of this user in the file
/etc/x2go/x2gosql/passwords/pgadmin
Only root should have access to this file. It will be used only for database and user creation, you may/should delete it after these tasks are done. You can set a new password using this command on your PostgreSQL server:
$ su postgres -c "psql" psql (8.4.8) You are using psql, the command-line interface to PostgreSQL. Type: \copyright for distribution terms \h for help with SQL commands \? for help with psql commands \g or terminate with semicolon to execute query \q to quit postgres=# alter user postgres encrypted password '<secret-password>'; ALTER ROLE postgres=# \q
#postgres or sqlite backend=postgres [postgres] host=localhost port=5432 #database admin (must have permissions to create databases and users) dbadmin=postgres #disable: SSL connections are never used #allow: try non-SSL, then SSL #prefer: try SSL, then non-SSL #require: connect only with SSL #default - prefer ssl=prefer
$ /usr/lib/x2go/script/x2godbadmin --help X2Go SQL admin interface. Use it to create x2go database and insert or remove users or groups in x2go database Usage: x2godbadmin --createdb x2godbadmin --listusers x2godbadmin --adduser|rmuser <UNIX user> x2godbadmin --addgroup|rmgroup <UNIX group>
Create database (evoke on X2go server):
$ x2godbadmin --createdb
Create database users:
You can add UNIX users or groups to database using commands $ x2godbadmin --adduser example <code> $ x2godbadmin --addgroup x2gousers
After that step users can create x2go sessions.