Bug 4604 - deriving session information indirectly is not robust
Summary: deriving session information indirectly is not robust
Status: NEW
Alias: None
Product: ThinLinc
Classification: Unclassified
Component: VSM Server (show other bugs)
Version: trunk
Hardware: PC Unknown
: P2 Normal
Target Milestone: LowPrio
Assignee: Peter Åstrand
Depends on: 4603
Blocks: 5775
  Show dependency treegraph
Reported: 2013-04-17 13:28 CEST by Pierre Ossman
Modified: 2020-10-27 15:41 CET (History)
1 user (show)

See Also:
Acceptance Criteria:


Description Pierre Ossman cendio 2013-04-17 13:28:33 CEST
We are in need of a privileged operation on the master to get the complete session information, not just the public stuff. One example is tlwebaccess which needs to verify the VNC port.
Comment 1 Peter Åstrand cendio 2018-02-06 14:04:38 CET
We need a better summary - what kind of problems does this actually cause?
Comment 2 Pierre Ossman cendio 2018-03-12 12:27:37 CET
The issue is ctccommon.get_tl_xvnc_processes() (and things using the same principle). Instead of getting the information needed from the session store, it tries to poke around the system using some heuristic to find the information needed.

It is currently used by:

 - tlwebaccess: Needs the VNC port for a session
 - vsmagent: Needs the VNC ports for all local sessions
 - tl-notify: Needs the display number for all local sessions

Getting the information from a reliable source is much more robust as the heuristics tend to have corner cases where they no longer work.
Comment 3 Pierre Ossman cendio 2018-03-12 12:34:41 CET
We've done fixes for this specific heuristic under bug 5573, bug 4132, bug 4750 and bug 4902. We also have the unsolved bug 5775.

We've also gotten a report that isolating users in to a chroot breaks Web Access because this call starts failing.
Comment 5 Pierre Ossman cendio 2018-06-18 14:53:46 CEST
Bug 6209 is also caused by the same principle. In that case we need the session key and our heuristic to find it on disk was failing.
Comment 6 Niko Lehto cendio 2020-10-27 15:41:26 CET
These functions were moved to tlmisc/sessioninfo.py as part of Bug 7552.

Note You need to log in before you can comment on or make changes to this bug.