#815 try to make it easier to get selinux and printing to play nice t…

…ogether: * add uid / gid debug logging to cups backend * fix "unix" vs "unix-domain" naming confusion * keep track of all unix-domain sockets we create * try to use the one most likely to work (prefer /tmp, /var and /run for sockets) * log all printer attributes git-svn-id: https://xpra.org/svn/Xpra/trunk@11544 3bb7dfac-3a0b-4e04-842a-767bc560f471
Xpra-org · Dec 30, 2015 · b147ed2 · b147ed2
1 parent 71aa73e
commit b147ed2
Show file tree

Hide file tree

Showing 5 changed files with 21 additions and 15 deletions.
diff --git a/src/cups/xpraforwarder b/src/cups/xpraforwarder
@@ -104,6 +104,7 @@ def do_main():
 	else:
 		filename = "-"
 	info("version %s, username: %s, title: %s, filename: %s, job_id: %s" % (__version__, username, title, filename, job_id))
+	info("uid=%s, gid=%s" % (os.getresuid(), os.getresgid()))
 
 	dev_uri = os.environ['DEVICE_URI']
 	info("DEVICE_URI=%s" % dev_uri)

diff --git a/src/xpra/scripts/server.py b/src/xpra/scripts/server.py
@@ -356,7 +356,7 @@ def setup_local_sockets(bind, socket_dir, socket_dirs, display_name, clobber, mm
                 setup_server_socket_path(dotxpra, sockpath, display_name, clobber, wait_for_unknown=5)
                 sock, cleanup_socket = create_unix_domain_socket(sockpath, mmap_group, socket_permissions)
                 log.info("created unix domain socket: %s", sockpath)
-                defs.append((("unix", sock, sockpath), cleanup_socket))
+                defs.append((("unix-domain", sock, sockpath), cleanup_socket))
                 sockpaths.add(sockpath)
             except Exception as e:
                 log.error("failed to create socket %s" % sockpath, exc_info=True)

diff --git a/src/xpra/server/server_base.py b/src/xpra/server/server_base.py
@@ -911,7 +911,7 @@ def get_window_id(wid):
         ss = ServerSourceClass(proto, drop_client,
                           self.idle_add, self.timeout_add, self.source_remove,
                           self.idle_timeout, self.idle_timeout_cb, self.idle_grace_timeout_cb,
-                          self._socket_dir, self.main_socket_path, self.dbus_control,
+                          self._socket_dir, self.unix_socket_paths, self.dbus_control,
                           self.get_transient_for, self.get_focus, self.get_cursor_data,
                           get_window_id,
                           self.window_filters,

diff --git a/src/xpra/server/server_core.py b/src/xpra/server/server_core.py
@@ -143,7 +143,7 @@ def __init__(self):
         self._max_connections = MAX_CONCURRENT_CONNECTIONS
         self._socket_timeout = 0.1
         self._socket_dir = None
-        self.main_socket_path = ""
+        self.unix_socket_paths = []
 
         self.session_name = ""
 
@@ -178,7 +178,7 @@ def init(self, opts):
         self.session_name = opts.session_name
         set_name("Xpra", self.session_name or "Xpra")
 
-        self.main_socket_path = ""
+        self.unix_socket_paths = []
         self._socket_dir = opts.socket_dir or opts.socket_dirs[0]
         self._tcp_proxy = opts.tcp_proxy
         self.encryption = opts.encryption
@@ -247,12 +247,13 @@ def get_auth_module(self, socket_type, auth, opts):
     def init_sockets(self, sockets):
         ### All right, we're ready to accept customers:
         for socktype, sock, info in sockets:
-            netlog("init_sockets(%s) will add %s socket %s (%s)", sockets, socktype, sock, info)
+            netlog.warn("init_sockets(%s) will add %s socket %s (%s)", sockets, socktype, sock, info)
             self.idle_add(self.add_listen_socket, socktype, sock)
             if socktype=="unix-domain" and info:
                 try:
-                    self.main_socket_path = os.path.abspath(info)
-                    netlog("main socket path: %s", self.main_socket_path)
+                    p = os.path.abspath(info)
+                    self.unix_socket_paths.append(p)
+                    netlog.warn("added unix socket path: %s", p)
                 except Exception as e:
                     log.error("failed to set socket path to %s: %s", info, e)
 

diff --git a/src/xpra/server/source.py b/src/xpra/server/source.py
@@ -204,7 +204,7 @@ class ServerSource(object):
 
     def __init__(self, protocol, disconnect_cb, idle_add, timeout_add, source_remove,
                  idle_timeout, idle_timeout_cb, idle_grace_timeout_cb,
-                 socket_dir, main_socket_path, dbus_control,
+                 socket_dir, unix_socket_paths, dbus_control,
                  get_transient_for, get_focus, get_cursor_data_cb,
                  get_window_id,
                  window_filters,
@@ -218,7 +218,7 @@ def __init__(self, protocol, disconnect_cb, idle_add, timeout_add, source_remove
                  default_speed, default_min_speed):
         log("ServerSource%s", (protocol, disconnect_cb, idle_add, timeout_add, source_remove,
                  idle_timeout, idle_timeout_cb, idle_grace_timeout_cb,
-                 socket_dir, main_socket_path, dbus_control,
+                 socket_dir, unix_socket_paths, dbus_control,
                  get_transient_for, get_focus,
                  get_window_id,
                  window_filters,
@@ -246,7 +246,7 @@ def __init__(self, protocol, disconnect_cb, idle_add, timeout_add, source_remove
         self.schedule_idle_grace_timeout()
         self.schedule_idle_timeout()
         self.socket_dir = socket_dir
-        self.main_socket_path = main_socket_path
+        self.unix_socket_paths = unix_socket_paths
         self.dbus_control = dbus_control
         self.dbus_server = None
         #pass it to window source:
@@ -1610,10 +1610,8 @@ def set_printers(self, printers, password_file, encryption, encryption_keyfile):
             except Exception as e:
                 printlog.warn("failed to remove printer %s: %s", k, e)
         #expand it here so the xpraforwarder doesn't need to import anything xpra:
-        from xpra.dotxpra import osexpand
         attributes = {"display"         : os.environ.get("DISPLAY"),
-                      "source"          : self.uuid,
-                      "socket-dir"      : osexpand(self.socket_dir)}
+                      "source"          : self.uuid}
         def makeabs(filename):
             #convert to an absolute path since the backend may run as a different user:
             return os.path.abspath(os.path.expanduser(filename))
@@ -1626,8 +1624,14 @@ def makeabs(filename):
                 attributes["encryption"] = encryption
                 attributes["encryption-keyfile"] = makeabs(encryption_keyfile)
         #if we can, tell it exactly where to connect:
-        if self.main_socket_path:
-            attributes["socket-path"] = self.main_socket_path
+        if self.unix_socket_paths:
+            #prefer sockets in public paths:
+            spath = self.unix_socket_paths[0]
+            for x in self.unix_socket_paths:
+                if x.startswith("/tmp") or x.startswith("/var") or x.startswith("/run"):
+                    spath = x
+            attributes["socket-path"] = spath
+        log("printer attributes: %s", attributes)
         for k,props in printers.items():
             if k not in self.printers:
                 self.setup_printer(k, props, attributes)