#1105:

* add "system-proxy-socket" option for contacting the system-wide proxy server * add hidden "request-start" subcommand for testing "start session" requests * don't setsid if we're changing uid git-svn-id: https://xpra.org/svn/Xpra/trunk@15906 3bb7dfac-3a0b-4e04-842a-767bc560f471
Xpra-org · May 21, 2017 · cda85dd · cda85dd
1 parent 9780474
commit cda85dd
Show file tree

Hide file tree

Showing 6 changed files with 39 additions and 10 deletions.
diff --git a/src/xpra/platform/features.py b/src/xpra/platform/features.py
@@ -17,6 +17,8 @@
 
 INPUT_DEVICES = ["auto"]
 
+SYSTEM_PROXY_SOCKET = "/var/run/xpra/system"
+
 CLIPBOARDS = []
 CLIPBOARD_WANT_TARGETS = envbool("XPRA_CLIPBOARD_WANT_TARGETS")
 CLIPBOARD_GREEDY = envbool("XPRA_CLIPBOARD_GREEDY")

diff --git a/src/xpra/platform/win32/features.py b/src/xpra/platform/win32/features.py
@@ -19,3 +19,6 @@
 DEFAULT_PULSEAUDIO_CONFIGURE_COMMANDS = []
 PRINT_COMMAND = ""
 DEFAULT_SSH_COMMAND="plink -ssh -agent"
+
+#not implemented:
+SYSTEM_PROXY_SOCKET = ""
diff --git a/src/xpra/scripts/config.py b/src/xpra/scripts/config.py
@@ -459,6 +459,7 @@ def may_create_user_config(xpra_conf_filename=DEFAULT_XPRA_CONF_FILENAME):
                     "ssh"               : str,
                     "systemd-run"       : str,
                     "systemd-run-args"  : str,
+                    "system-proxy-socket" : str,
                     "xvfb"              : str,
                     "socket-dir"        : str,
                     "mmap"              : str,
@@ -652,9 +653,9 @@ def may_create_user_config(xpra_conf_filename=DEFAULT_XPRA_CONF_FILENAME):
     "exit-with-children", "exit-with-client",
     "av-sync", "global-menus",
     "printing", "file-transfer", "download-path", "open-command", "open-files", "start-new-commands",
-    #"mmap", "mmap-group", "mdns",
-    #"auth", "vsock-auth", "tcp-auth", "ssl-auth",
-    #"bind", "bind-vsock", "bind-tcp", "bind-ssl",
+    "mmap", "mmap-group", "mdns",
+    "auth", "vsock-auth", "tcp-auth", "ssl-auth",
+    "bind", "bind-vsock", "bind-tcp", "bind-ssl",
     "start", "start-child",
     "start-after-connect", "start-child-after-connect",
     "start-on-connect", "start-child-on-connect",
@@ -711,7 +712,7 @@ def get_defaults():
     if GLOBAL_DEFAULTS is not None:
         return GLOBAL_DEFAULTS
     from xpra.platform.features import DEFAULT_SSH_COMMAND, OPEN_COMMAND, DEFAULT_PULSEAUDIO_CONFIGURE_COMMANDS, DEFAULT_PULSEAUDIO_COMMAND, \
-                                        DEFAULT_ENV, CAN_DAEMONIZE
+                                        DEFAULT_ENV, CAN_DAEMONIZE, SYSTEM_PROXY_SOCKET
     from xpra.platform.paths import get_download_dir, get_remote_run_xpra_scripts
     try:
         from xpra.platform.info import get_username
@@ -790,6 +791,7 @@ def addtrailingslash(v):
                     "ssh"               : DEFAULT_SSH_COMMAND,
                     "systemd-run"       : get_default_systemd_run(),
                     "systemd-run-args"  : "",
+                    "system-proxy-socket" : SYSTEM_PROXY_SOCKET,
                     "xvfb"              : " ".join(xvfb),
                     "socket-dir"        : "",
                     "log-dir"           : "auto",

diff --git a/src/xpra/scripts/main.py b/src/xpra/scripts/main.py
@@ -912,6 +912,9 @@ def ignore(defaults):
     group.add_option("--socket-dir", action="store",
                       dest="socket_dir", default=defaults.socket_dir,
                       help="Directory to place/look for the socket files in. Default: '%s'." % default_socket_dir_str)
+    group.add_option("--system-proxy-socket", action="store",
+                      dest="system_proxy_socket", default=defaults.system_proxy_socket,
+                      help="The socket path to use to contact the system-wide proxy serevr. Default: '%default'.")
     group.add_option("-d", "--debug", action="store",
                       dest="debug", default=defaults.debug, metavar="FILTER1,FILTER2,...",
                       help="List of categories to enable debugging for (you can also use \"all\" or \"help\", default: '%default')")
@@ -1341,7 +1344,7 @@ def attach_client():
                     getChildReaper().add_process(proc, "client-attach", cmd, ignore=True, forget=False)
                 add_when_ready(attach_client)
             return run_server(error_cb, options, mode, script_file, args, current_display)
-        elif mode in ("attach", "detach", "screenshot", "version", "info", "control", "_monitor", "print", "connect-test"):
+        elif mode in ("attach", "detach", "screenshot", "version", "info", "control", "_monitor", "print", "connect-test", "request-start"):
             return run_client(error_cb, options, args, mode)
         elif mode in ("stop", "exit") and (supports_server or supports_shadow):
             nox()
@@ -2250,6 +2253,20 @@ def handshake_complete(*args):
         if hasattr(app, "after_handshake"):
             app.after_handshake(handshake_complete)
         app.init_ui(opts, extra_args)
+        if mode=="request-start":
+            sns = {
+                   "mode"           : "start",
+                   }
+            if len(extra_args)==1:
+                sns["display"] = extra_args[0]
+            #override extra args:
+            extra_args = ["socket:%s" % opts.system_proxy_socket]
+            for x in START_COMMAND_OPTIONS:
+                fn = x.replace("-", "_")
+                v = getattr(opts, fn)
+                if v:
+                    sns[x] = v
+            app.hello_extra = {"start-new-session" : sns}
         try:
             conn, display_desc = connect()
             #UGLY warning: connect will parse the display string,
@@ -2506,13 +2523,17 @@ def start_server_subprocess(script_file, args, mode, opts, uid=getuid(), gid=get
             proc.wait()
         proc = None
     else:
-        def preexec():
-            setsid()
+        preexec_fn = None
         cmd.append("--systemd-run=no")
         if os.name=="posix" and getuid()==0 and (uid!=0 or gid!=0):
+            #we need to change uid / gid:
             cmd.append("--uid=%i" % uid)
             cmd.append("--gid=%i" % gid)
-        proc = Popen(cmd, shell=False, close_fds=True, preexec_fn=setsid)
+            preexec_fn = setsid
+            #alternative using systemd-run to change uid:
+            #sdcmd = systemd_run_command(mode, opts.systemd_run_args, False) + ["--uid=%i" % uid, "--gid=%i" % gid]
+            #cmd = sdcmd + cmd
+        proc = Popen(cmd, shell=False, close_fds=True, preexec_fn=preexec_fn)
     socket_path = identify_new_socket(proc, dotxpra, existing_sockets, matching_display, new_server_uuid, display_name, uid)
     return proc, socket_path
 

diff --git a/src/xpra/server/proxy/proxy_server.py b/src/xpra/server/proxy/proxy_server.py
@@ -353,7 +353,7 @@ def start_new_session(self, uid, gid, new_session_dict={}):
                 log.warn("Warning: ignoring invalid start override")
                 log.warn(" %s=%s", k, v)
                 continue
-            log.info("start override: %s=%s", k, v)
+            log("start override: %s=%s", k, v)
             if v is not None:
                 fn = k.replace("-", "_")
                 setattr(opts, fn, v)

diff --git a/src/xpra/server/vfb_util.py b/src/xpra/server/vfb_util.py
@@ -135,9 +135,10 @@ def preexec():
         xvfb_cmd[0] = "%s-for-Xpra-%s" % (xvfb_executable, display_name)
         xvfb_cmd.append(display_name)
         def preexec():
-            setsid()
             if getuid()==0 and (uid!=0 or gid!=0):
                 setuidgid(uid, gid)
+            else:
+                setsid()
         xvfb = subprocess.Popen(xvfb_cmd, executable=xvfb_executable, close_fds=True,
                                 stdin=subprocess.PIPE, preexec_fn=preexec)
     xauth_data = xauth_add(display_name)