[debian-edu-commits] debian-edu/pkg-team/ 147/159: move various paths around:
Dominik George
natureshadow-guest at moszumanska.debian.org
Tue Feb 23 10:04:35 UTC 2016
This is an automated email from the git hooks/post-receive script.
natureshadow-guest pushed a commit to branch master
in repository xrdp.
commit f1ee7899ad8daffe91f78db18884caf1550b196c
Author: mirabilos <tg at mirbsd.org>
Date: Wed Sep 2 18:27:08 2015 +0200
move various paths around:
• /tmp/.xrdp is now /var/run/xrdp/sockdir
• /var/run/xrdp and /var/run/xrdp/sockdir are created by
/usr/share/xrdp/socksetup from both sysvinit and systemd,
with appropriate permissions (root:xrdp 2775/3777)
• FUSE path: ~/xrdp_client → ~/.xrdp_client
• chanserv log moves to XDG cache dir if exists
systemd orders the services in a way that all handling of
/var/run/xrdp/sockdir is done by xrdp.service, including
a dependency of xrdp-sesman.service on it, with ordering.
Upon stopping xrdp.service, /var/run/xrdp/sockdir is removed.
sysvinit just does the initialisation before anything is
started (all actions except “status”); /var/run/xrdp/sockdir
is removed after “stop”, but not during restarts.
Finally, sysvinit “status” is now again possible as regular user.
---
README.Debian | 7 --
patches/chansrvlog.diff | 42 ++++++++
patches/fusepath.diff | 22 ++++
patches/series | 3 +
patches/sockpath.diff | 271 ++++++++++++++++++++++++++++++++++++++++++++++++
patches/systemd.diff | 15 +--
socksetup | 41 ++++++++
xrdp.init | 39 +++----
xrdp.install | 1 +
9 files changed, 403 insertions(+), 38 deletions(-)
diff --git a/README.Debian b/README.Debian
index c66123c..b826420 100644
--- a/README.Debian
+++ b/README.Debian
@@ -9,13 +9,6 @@ See also: https://github.com/neutrinolabs/xrdp/issues/264
Furthermore, the package maintainers would like to know what the log
messages about /etc/xrdp/cert.pem and /etc/xrdp/key.pem are good for.
-Another security issue is the hard-coded use of /tmp/.xrdp/ which
-probably should be moved to /var/run/xrdp/sockdir/ (pre-create in
-initscript with 0:xrdp 3777; no idea about systemd); a local patch
-could fix it with the hard-coded replacement path, but that’s
-probably okay. For now, the sysvinit script creates this path and
-sanity-checks it.
-
The pulseaudio plugin from sesman/chansrv/pulse should be installed
but cannot be built due to lack of a pulseaudio-modules-dev package
in Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=794692
diff --git a/patches/chansrvlog.diff b/patches/chansrvlog.diff
new file mode 100644
index 0000000..c694535
--- /dev/null
+++ b/patches/chansrvlog.diff
@@ -0,0 +1,42 @@
+# DP: move xrdp-chansrv.log into XDG_CACHE_HOME
+
+--- a/docs/man/xrdp-chansrv.8
++++ b/docs/man/xrdp-chansrv.8
+@@ -38,6 +38,7 @@ UNIX socket used by \fBxrdp\-chansrv\fP
+ .TP
+ .I $HOME/xrdp-chansrv.log
+ Log file used by \fBxrdp\-chansrv\fP(8).
++If the XDG cache directory exists, it is placed there instead.
+
+ .SH "SEE ALSO"
+ .BR xrdp\-sesman (8),
+--- a/sesman/chansrv/chansrv.c
++++ b/sesman/chansrv/chansrv.c
+@@ -1397,7 +1397,27 @@ get_log_path()
+ log_path = g_getenv("CHANSRV_LOG_PATH");
+ if (log_path == 0)
+ {
++ log_path = g_getenv("XDG_CACHE_HOME");
++ if (!g_directory_exist(log_path)
++ log_path = 0;
++ }
++ if (log_path == 0)
++ {
+ log_path = g_getenv("HOME");
++ if (log_path != 0)
++ {
++ char* cp = malloc(strlen(log_path) + strlen("/.cache") + 1;
++
++ if (cp != 0)
++ {
++ memcpy(cp, log_path, strlen(log_path));
++ memcpy(cp + strlen(log_path), "/.cache", strlen("/.cache") + 1);
++ if (g_directory_exist(cp))
++ log_path = cp;
++ else
++ free(cp);
++ }
++ }
+ }
+ return log_path;
+ }
diff --git a/patches/fusepath.diff b/patches/fusepath.diff
new file mode 100644
index 0000000..c9a08ab
--- /dev/null
+++ b/patches/fusepath.diff
@@ -0,0 +1,22 @@
+# DP: make FUSE mount root hidden from normal ls
+
+--- a/sesman/chansrv/chansrv_fuse.c
++++ b/sesman/chansrv/chansrv_fuse.c
+@@ -39,7 +39,7 @@
+
+ //#define USE_SYNC_FLAG
+
+-static char g_fuse_mount_name[256] = "xrdp_client";
++static char g_fuse_mount_name[256] = ".xrdp_client";
+
+ /* FUSE mount point */
+ char g_fuse_root_path[256] = "";
+@@ -446,7 +446,7 @@ xfuse_init(void)
+
+ load_fuse_config();
+
+- /* define FUSE mount point to ~/xrdp_client, ~/thinclient_drives */
++ /* define FUSE mount point to ~/.xrdp_client, ~/thinclient_drives */
+ g_snprintf(g_fuse_root_path, 255, "%s/%s", g_getenv("HOME"), g_fuse_mount_name);
+ g_snprintf(g_fuse_clipboard_path, 255, "%s/.clipboard", g_fuse_root_path);
+
diff --git a/patches/series b/patches/series
index 5b870b7..bdede69 100644
--- a/patches/series
+++ b/patches/series
@@ -7,3 +7,6 @@ systemd.diff
nxstack.diff
fix_perms.diff
shutup-daemon.diff
+sockpath.diff
+fusepath.diff
+chansrvlog.diff
diff --git a/patches/sockpath.diff b/patches/sockpath.diff
new file mode 100644
index 0000000..9893049
--- /dev/null
+++ b/patches/sockpath.diff
@@ -0,0 +1,271 @@
+# DP: change location of the socket path to something less racy;
+# DP: also, rely on the initscript to create it with correct
+# DP: permissions and ownership (root:xrdp 3777)
+
+--- a/common/file_loc.h
++++ b/common/file_loc.h
+@@ -46,23 +46,23 @@
+ #endif
+
+ #if !defined(XRDP_CHANSRV_STR)
+-#define XRDP_CHANSRV_STR "/tmp/.xrdp/xrdp_chansrv_socket_%d"
++#define XRDP_CHANSRV_STR "/var/run/xrdp/sockdir/xrdp_chansrv_socket_%d"
+ #endif
+
+ #if !defined(CHANSRV_PORT_OUT_STR)
+-#define CHANSRV_PORT_OUT_STR "/tmp/.xrdp/xrdp_chansrv_audio_out_socket_%d"
++#define CHANSRV_PORT_OUT_STR "/var/run/xrdp/sockdir/xrdp_chansrv_audio_out_socket_%d"
+ #endif
+
+ #if !defined(CHANSRV_PORT_IN_STR)
+-#define CHANSRV_PORT_IN_STR "/tmp/.xrdp/xrdp_chansrv_audio_in_socket_%d"
++#define CHANSRV_PORT_IN_STR "/var/run/xrdp/sockdir/xrdp_chansrv_audio_in_socket_%d"
+ #endif
+
+ #if !defined(CHANSRV_API_STR)
+-#define CHANSRV_API_STR "/tmp/.xrdp/xrdpapi_%d"
++#define CHANSRV_API_STR "/var/run/xrdp/sockdir/xrdpapi_%d"
+ #endif
+
+ #if !defined(XRDP_X11RDP_STR)
+-#define XRDP_X11RDP_STR "/tmp/.xrdp/xrdp_display_%d"
++#define XRDP_X11RDP_STR "/var/run/xrdp/sockdir/xrdp_display_%d"
+ #endif
+
+ #endif
+--- a/common/os_calls.c
++++ b/common/os_calls.c
+@@ -128,25 +128,16 @@ g_mk_temp_dir(const char *app_name)
+ {
+ if (app_name[0] != 0)
+ {
+- if (!g_directory_exist("/tmp/.xrdp"))
++ if (!g_directory_exist("/var/run/xrdp/sockdir"))
+ {
+- if (!g_create_dir("/tmp/.xrdp"))
+- {
+- /* if failed, still check if it got created by someone else */
+- if (!g_directory_exist("/tmp/.xrdp"))
+- {
+- printf("g_mk_temp_dir: g_create_dir failed\n");
++ printf("g_mk_temp_dir: /var/run/xrdp/sockdir does not exist\n");
+ return 1;
+- }
+- }
+-
+- g_chmod_hex("/tmp/.xrdp", 0x3777);
+ }
+
+ snprintf(g_temp_base, sizeof(g_temp_base),
+- "/tmp/.xrdp/%s-XXXXXX", app_name);
++ "/var/run/xrdp/sockdir/%s-XXXXXX", app_name);
+ snprintf(g_temp_base_org, sizeof(g_temp_base_org),
+- "/tmp/.xrdp/%s-XXXXXX", app_name);
++ "/var/run/xrdp/sockdir/%s-XXXXXX", app_name);
+
+ if (mkdtemp(g_temp_base) == 0)
+ {
+--- a/docs/man/xrdp-chansrv.8
++++ b/docs/man/xrdp-chansrv.8
+@@ -30,10 +30,10 @@ Dynamic Virtual Channel
+
+ .SH FILES
+ .TP
+-.I /tmp/.xrdp/xrdp_chansrv_socket_*
++.I /var/run/xrdp/sockdir/xrdp_chansrv_socket_*
+ UNIX socket used by external programs to implement channels.
+ .TP
+-.I /tmp/.xrdp/xrdp_api_*
++.I /var/run/xrdp/sockdir/xrdp_api_*
+ UNIX socket used by \fBxrdp\-chansrv\fP to communicate with \fBxrdp\-sesman\fP.
+ .TP
+ .I $HOME/xrdp-chansrv.log
+--- a/docs/man/xrdp-dis.1
++++ b/docs/man/xrdp-dis.1
+@@ -16,7 +16,7 @@ to get the default host and display numb
+
+ .SH FILES
+ .TP
+-.I /tmp/.xrdp/xrdp_disconnect_display_*
++.I /var/run/xrdp/sockdir/xrdp_disconnect_display_*
+ UNIX socket used to communicate with the \fBxrdp\fP(8) session manager.
+
+ .SH SEE ALSO
+--- a/sesman/chansrv/pulse/module-xrdp-sink.c
++++ b/sesman/chansrv/pulse/module-xrdp-sink.c
+@@ -84,7 +84,7 @@ PA_MODULE_USAGE(
+ #define DEFAULT_SINK_NAME "xrdp-sink"
+ #define BLOCK_USEC 30000
+ //#define BLOCK_USEC (PA_USEC_PER_SEC * 2)
+-#define CHANSRV_PORT_STR "/tmp/.xrdp/xrdp_chansrv_audio_out_socket_%d"
++#define CHANSRV_PORT_STR "/var/run/xrdp/sockdir/xrdp_chansrv_audio_out_socket_%d"
+
+ struct userdata {
+ pa_core *core;
+--- a/sesman/chansrv/pulse/module-xrdp-source.c
++++ b/sesman/chansrv/pulse/module-xrdp-source.c
+@@ -72,7 +72,7 @@ PA_MODULE_USAGE(
+ #define DEFAULT_SOURCE_NAME "xrdp-source"
+ #define DEFAULT_LATENCY_TIME 10
+ #define MAX_LATENCY_USEC 1000
+-#define CHANSRV_PORT_STR "/tmp/.xrdp/xrdp_chansrv_audio_in_socket_%d"
++#define CHANSRV_PORT_STR "/var/run/xrdp/sockdir/xrdp_chansrv_audio_in_socket_%d"
+
+ struct userdata {
+ pa_core *core;
+--- a/sesman/sessvc/sessvc.c
++++ b/sesman/sessvc/sessvc.c
+@@ -55,14 +55,14 @@ chansrv_cleanup(int pid)
+ {
+ char text[256];
+
+- g_snprintf(text, 255, "/tmp/.xrdp/xrdp_chansrv_%8.8x_main_term", pid);
++ g_snprintf(text, 255, "/var/run/xrdp/sockdir/xrdp_chansrv_%8.8x_main_term", pid);
+
+ if (g_file_exist(text))
+ {
+ g_file_delete(text);
+ }
+
+- g_snprintf(text, 255, "/tmp/.xrdp/xrdp_chansrv_%8.8x_thread_done", pid);
++ g_snprintf(text, 255, "/var/run/xrdp/sockdir/xrdp_chansrv_%8.8x_thread_done", pid);
+
+ if (g_file_exist(text))
+ {
+--- a/sesman/tools/dis.c
++++ b/sesman/tools/dis.c
+@@ -50,7 +50,7 @@ int main(int argc, char **argv)
+ dis = strtol(display + 1, &p, 10);
+ memset(&sa, 0, sizeof(sa));
+ sa.sun_family = AF_UNIX;
+- sprintf(sa.sun_path, "/tmp/.xrdp/xrdp_disconnect_display_%d", dis);
++ sprintf(sa.sun_path, "/var/run/xrdp/sockdir/xrdp_disconnect_display_%d", dis);
+
+ if (access(sa.sun_path, F_OK) != 0)
+ {
+--- a/xorg/X11R7.6/rdp/rdpmain.c
++++ b/xorg/X11R7.6/rdp/rdpmain.c
+@@ -762,7 +762,7 @@ ddxGiveUp(void)
+ {
+ sprintf(unixSocketName, "/tmp/.X11-unix/X%s", display);
+ unlink(unixSocketName);
+- sprintf(unixSocketName, "/tmp/.xrdp/xrdp_disconnect_display_%s", display);
++ sprintf(unixSocketName, "/var/run/xrdp/sockdir/xrdp_disconnect_display_%s", display);
+ unlink(unixSocketName);
+
+ if (g_uds_data[0] != 0)
+@@ -816,7 +816,7 @@ ddxUseMsg(void)
+ ErrorF("X11rdp specific options\n");
+ ErrorF("-geometry WxH set framebuffer width & height\n");
+ ErrorF("-depth D set framebuffer depth\n");
+- ErrorF("-uds create and listen on /tmp/.xrdp/xrdp_display_x\n");
++ ErrorF("-uds create and listen on /var/run/xrdp/sockdir/xrdp_display_x\n");
+ ErrorF("\n");
+ exit(1);
+ }
+--- a/xorg/X11R7.6/rdp/rdpup.c
++++ b/xorg/X11R7.6/rdp/rdpup.c
+@@ -1207,15 +1207,10 @@ rdpup_init(void)
+ char *ptext;
+ int i;
+
+- if (!g_directory_exist("/tmp/.xrdp"))
++ if (!g_directory_exist("/var/run/xrdp/sockdir"))
+ {
+- if (!g_create_dir("/tmp/.xrdp"))
+- {
+- LLOGLN(0, ("rdpup_init: g_create_dir failed"));
++ LLOGLN(0, ("rdpup_init: /var/run/xrdp/sockdir does not exist"));
+ return 0;
+- }
+-
+- g_chmod_hex("/tmp/.xrdp", 0x3777);
+ }
+
+ i = atoi(display);
+@@ -1239,7 +1234,7 @@ rdpup_init(void)
+
+ if (g_use_uds)
+ {
+- g_sprintf(g_uds_data, "/tmp/.xrdp/xrdp_display_%s", display);
++ g_sprintf(g_uds_data, "/var/run/xrdp/sockdir/xrdp_display_%s", display);
+
+ if (g_listen_sck == 0)
+ {
+@@ -1277,7 +1272,7 @@ rdpup_init(void)
+
+ if (g_dis_listen_sck != 0)
+ {
+- g_sprintf(text, "/tmp/.xrdp/xrdp_disconnect_display_%s", display);
++ g_sprintf(text, "/var/run/xrdp/sockdir/xrdp_disconnect_display_%s", display);
+
+ if (g_tcp_local_bind(g_dis_listen_sck, text) == 0)
+ {
+--- a/xorgxrdp/module/rdpClientCon.c
++++ b/xorgxrdp/module/rdpClientCon.c
+@@ -1114,17 +1114,10 @@ rdpClientConInit(rdpPtr dev)
+ {
+ int i;
+
+- if (!g_directory_exist("/tmp/.xrdp"))
++ if (!g_directory_exist("/var/run/xrdp/sockdir"))
+ {
+- if (!g_create_dir("/tmp/.xrdp"))
+- {
+- if (!g_directory_exist("/tmp/.xrdp"))
+- {
+- LLOGLN(0, ("rdpup_init: g_create_dir failed"));
++ LLOGLN(0, ("rdpup_init: /var/run/xrdp/sockdir does not exist"));
+ return 0;
+- }
+- }
+- g_chmod_hex("/tmp/.xrdp", 0x3777);
+ }
+ i = atoi(display);
+ if (i < 1)
+@@ -1132,7 +1125,7 @@ rdpClientConInit(rdpPtr dev)
+ LLOGLN(0, ("rdpClientConInit: can not run at display < 1"));
+ return 0;
+ }
+- g_sprintf(dev->uds_data, "/tmp/.xrdp/xrdp_display_%s", display);
++ g_sprintf(dev->uds_data, "/var/run/xrdp/sockdir/xrdp_display_%s", display);
+ if (dev->listen_sck == 0)
+ {
+ unlink(dev->uds_data);
+--- a/xorgxrdp/module/rdpInput.c
++++ b/xorgxrdp/module/rdpInput.c
+@@ -86,7 +86,7 @@ rdpUnregisterInputCallback(rdpInputEvent
+ {
+ /* hack to cleanup
+ remove when xrdpdevTearDown is working */
+- g_sprintf(text, "/tmp/.xrdp/xrdp_display_%s", display);
++ g_sprintf(text, "/var/run/xrdp/sockdir/xrdp_display_%s", display);
+ LLOGLN(0, ("rdpUnregisterInputCallback: deleting file %s", text));
+ unlink(text);
+ }
+--- a/xrdp/xrdp.ini
++++ b/xrdp/xrdp.ini
+@@ -134,10 +134,10 @@ xrdpvr=true
+ tcutils=true
+
+ # for debugging xrdp, in section xrdp1, change port=-1 to this:
+-# port=/tmp/.xrdp/xrdp_display_10
++# port=/var/run/xrdp/sockdir/xrdp_display_10
+
+ # for debugging xrdp, add following line to section xrdp1
+-# chansrvport=/tmp/.xrdp/xrdp_chansrv_socket_7210
++# chansrvport=/var/run/xrdp/sockdir/xrdp_chansrv_socket_7210
+
+ [xrdp1]
+ name=sesman-xorgxrdp
+--- a/xrdpapi/xrdpapi.c
++++ b/xrdpapi/xrdpapi.c
+@@ -143,7 +143,7 @@ WTSVirtualChannelOpenEx(unsigned int Ses
+ memset(&s, 0, sizeof(struct sockaddr_un));
+ s.sun_family = AF_UNIX;
+ bytes = sizeof(s.sun_path);
+- snprintf(s.sun_path, bytes - 1, "/tmp/.xrdp/xrdpapi_%d", wts->display_num);
++ snprintf(s.sun_path, bytes - 1, "/var/run/xrdp/sockdir/xrdpapi_%d", wts->display_num);
+ s.sun_path[bytes - 1] = 0;
+ bytes = sizeof(struct sockaddr_un);
+
diff --git a/patches/systemd.diff b/patches/systemd.diff
index 476e521..aca04fa 100644
--- a/patches/systemd.diff
+++ b/patches/systemd.diff
@@ -2,14 +2,15 @@
--- a/instfiles/xrdp-sesman.service
+++ b/instfiles/xrdp-sesman.service
-@@ -1,14 +1,11 @@
+@@ -1,14 +1,12 @@
[Unit]
-Description=xrdp session manager
-After=syslog.target network.target
-StopWhenUnneeded=true
-BindTo=xrdp.service
+Description=Remote Desktop Protocol (RDP) session manager
-+After=network.target
++Requires=xrdp.service
++After=network.target xrdp.service
[Service]
-Type=forking
@@ -24,7 +25,7 @@
[Install]
--- a/instfiles/xrdp.service
+++ b/instfiles/xrdp.service
-@@ -1,12 +1,15 @@
+@@ -1,14 +1,17 @@
[Unit]
-Description=xrdp daemon
-Requires=xrdp-sesman.service
@@ -37,12 +38,14 @@
-PIDFile=/var/run/xrdp.pid
-EnvironmentFile=/etc/sysconfig/xrdp
+Type=simple
-+PIDFile=/var/run/xrdp/xrdp.pid
+EnvironmentFile=/etc/default/xrdp
-+RuntimeDirectory=xrdp
-+RuntimeDirectoryMode=0755
+User=xrdp
+Group=xrdp
++PermissionsStartOnly=true
++ExecStartPre=/bin/sh /usr/share/xrdp/socksetup
ExecStart=/usr/sbin/xrdp $XRDP_OPTIONS --nodaemon
ExecStop=/usr/sbin/xrdp $XRDP_OPTIONS --kill
++ExecStopPost=/bin/rm -rf /var/run/xrdp/sockdir
+ [Install]
+ WantedBy=multi-user.target
diff --git a/socksetup b/socksetup
new file mode 100644
index 0000000..9ceef98
--- /dev/null
+++ b/socksetup
@@ -0,0 +1,41 @@
+:
+
+LC_ALL=C PATH=/sbin:/usr/sbin:/bin:/usr/bin
+export LC_ALL PATH
+unset LANGUAGE
+
+case $(id -u) in
+(0) ;;
+(*)
+ echo >&2 "E: need root"
+ exit 4
+ ;;
+esac
+
+if ! test -d /var/run/xrdp; then
+ mkdir /var/run/xrdp || exit 1
+ chown root:xrdp /var/run/xrdp || exit 1
+ chmod 2775 /var/run/xrdp || exit 1
+fi
+case $(stat -c '%a,%u,%G,%F' /var/run/xrdp) in
+(2775,0,xrdp,directory) ;;
+(*)
+ echo >&2 "E: /var/run/xrdp has wrong permissions"
+ exit 1
+ ;;
+esac
+
+if ! test -d /var/run/xrdp/sockdir; then
+ mkdir /var/run/xrdp/sockdir || exit 1
+ chown root:xrdp /var/run/xrdp/sockdir || exit 1
+ chmod 3777 /var/run/xrdp/sockdir || exit 1
+fi
+case $(stat -c '%a,%u,%G,%F' /var/run/xrdp/sockdir) in
+(3777,0,xrdp,directory) ;;
+(*)
+ echo >&2 "E: /var/run/xrdp/sockdir has wrong permissions"
+ exit 1
+ ;;
+esac
+
+:
diff --git a/xrdp.init b/xrdp.init
index 6177583..15ca34c 100644
--- a/xrdp.init
+++ b/xrdp.init
@@ -25,15 +25,6 @@ unset LANGUAGE
# exit cleanly if disabled or not installed
test -x /usr/sbin/xrdp || exit 0
-# assume superuser privs below
-case $(id -u) in
-(0) ;;
-(*)
- echo >&2 "E: need root"
- exit 1
- ;;
-esac
-
# Debian/LSB init script foobar
DESC='Remote Desktop Protocol server'
NAME=xrdp
@@ -47,20 +38,19 @@ SESMAN_OPTIONS=
XRDP_OPTIONS=
test -r /etc/default/xrdp && . /etc/default/xrdp
-# create run directory
-test -d /var/run/xrdp || mkdir /var/run/xrdp || exit $?
-chown xrdp:xrdp /var/run/xrdp || exit $?
-
-# create socks directory
-test -e /tmp/.xrdp || mkdir -m3777 /tmp/.xrdp || exit $?
-case $(stat -c '%a,%u,%G,%F' /tmp/.xrdp) in
-(3777,0,xrdp,directory) ;;
-(3777,0,root,directory|3777,0,wheel,directory)
- chgrp xrdp /tmp/.xrdp
+# prepare for actions
+case $1 in
+(status)
+ # nothing to do here
+ ;;
+(start|stop|force-reload|restart|try-restart)
+ # check for root; create run-time directories
+ . /usr/share/xrdp/socksetup
;;
(*)
- echo >&2 "E: /tmp/.xrdp has wrong permissions"
- exit 1
+ # syntax error
+ echo >&2 "Usage: $0 {start|stop|status|restart|try-restart|force-reload}"
+ exit 3
;;
esac
@@ -133,6 +123,7 @@ case $1 in
test $rc -gt 1 && test $rv -lt $rc && rv=$rc
fi
rm -f /var/run/xrdp/xrdp-sesman.pid /var/run/xrdp/xrdp.pid
+ rm -rf /var/run/xrdp/sockdir
test x"$VERBOSE" = x"no" || log_end_msg $rv
;;
(status)
@@ -226,9 +217,7 @@ case $1 in
rc=$?
test $rc -gt 0 && rv=$rc
;;
-(*)
- echo >&2 "Usage: $0 {start|stop|status|restart|try-restart|force-reload}"
- exit 3
- ;;
esac
+# make “/etc/init.d/xrdp status” work for nōn-root
+(sleep 3; chmod a+r /var/run/xrdp/*.pid 2>/dev/null) &
exit 0
diff --git a/xrdp.install b/xrdp.install
index a52d82d..c97bd94 100644
--- a/xrdp.install
+++ b/xrdp.install
@@ -1 +1,2 @@
+debian/socksetup usr/share/xrdp/
debian/startwm.sh etc/xrdp/
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/debian-edu/pkg-team/xrdp.git
More information about the debian-edu-commits
mailing list