rpms/freenx/devel freenx-0.7.1-sharing_and_multimedia_fixes.patch, NONE, 1.1 freenx.spec, 1.11, 1.12

Axel Thimm (athimm) fedora-extras-commits at redhat.com
Mon Dec 31 11:12:55 UTC 2007


Author: athimm

Update of /cvs/extras/rpms/freenx/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv17643

Modified Files:
	freenx.spec 
Added Files:
	freenx-0.7.1-sharing_and_multimedia_fixes.patch 
Log Message:
Addresses or fixes bugs 216802, 235592, 250343.

freenx-0.7.1-sharing_and_multimedia_fixes.patch:

--- NEW FILE freenx-0.7.1-sharing_and_multimedia_fixes.patch ---
diff -rud freenx-0.7.1/nxloadconfig freenx-0.7.1.sharing_multimedia/nxloadconfig
--- freenx-0.7.1/nxloadconfig	2007-10-15 00:25:14.000000000 +0200
+++ freenx-0.7.1.sharing_multimedia/nxloadconfig	2007-12-31 11:46:12.000000000 +0100
@@ -101,11 +101,28 @@
 
 # Restriction directives
 
-DISPLAY_BASE=1000
+#JJK: DISPLAY_BASE=1000
+#JJK: Change DISPLAY_BASE to 2000 to avoid conflict of DISPLAY_BASE+7000 with nasd
+DISPLAY_BASE=2000
 SESSION_LIMIT=200
 SESSION_USER_LIMIT="" #Calculated
 DISPLAY_LIMIT=200
 
+#JJK: Added the following to allow printing when using cifs mount
+#JJK: Note the smb print port (#139) must then be tunnelled manually
+#JJK: from <DISPLAY+3000+SMBPORT_OFFSET> on the server to port 139 on the host
+#JJK: by running on the client: 
+#JJK:   ssh ... -R <DISPLAY+3000+SMBPORT_OFFSET>:<client name>:139
+#JJK: If SAMBA_MOUNT_SHARE_PROTOCOL="smbfs" (technically, if it doesn't equal
+#JJK  'cifs' or in most cases 'both') then the ssh tunnel is automatically
+#JJK: set up from port <DISPLAY+3000> on the server to port 139 
+#JJK: on the remote client.
+#JJK: Note in *all* cases, the cups printer on the client is accessed from 
+#JJK: the server via the command line, using the following -h flag:
+#JJK:   -h localhost:<DISPLAY+9000> [-P <printer name>]
+#JJK: or via the CUPS web browser using:
+#JJK:   http://localhost:<DISPLAY+9000>
+SMBPORT_OFFSET=8000
 ENABLE_PERSISTENT_SESSION="all"
 DISABLE_PERSISTENT_SESSION=""
 
@@ -154,7 +171,11 @@
 ENABLE_CUPS_SEAMLESS="0"
 CUPS_SEAMLESS_DELAY="10"
 ENABLE_FOOMATIC="1"
-COMMAND_FOOMATIC="/usr/lib/cups/driver/foomatic-ppdfile"
+#JJK: COMMAND_FOOMATIC="/usr/lib/cups/driver/foomatic-ppdfile"
+COMMAND_FOOMATIC="/usr/bin/foomatic-ppdfile"
+
+#JJK: added the following path referenced in nxprint
+PPD_DIR="/usr/share/cups/model" #JJK: Note /usr/share/ppd on some systems
 
 CUPS_BACKEND="/usr/lib/cups/backend"
 CUPS_IPP_BACKEND="$CUPS_BACKEND/nxipp"
@@ -171,7 +192,8 @@
 DEFAULT_X_WM=""
 KILL_DEFAULT_X_WM="1"
 USER_X_STARTUP_SCRIPT=.Xclients
-DEFAULT_X_SESSION=/etc/X11/xdm/Xsession
+#JJK: DEFAULT_X_SESSION=/etc/X11/xdm/Xsession
+DEFAULT_X_SESSION=/etc/X11/xinit/Xsession
 COMMAND_START_KDE=startkde
 COMMAND_START_GNOME=gnome-session
 COMMAND_START_CDE=cdwm
Only in freenx-0.7.1: nxloadconfig.rej
diff -rud freenx-0.7.1/nxnode freenx-0.7.1.sharing_multimedia/nxnode
--- freenx-0.7.1/nxnode	2007-10-15 00:25:14.000000000 +0200
+++ freenx-0.7.1.sharing_multimedia/nxnode	2007-12-31 11:46:12.000000000 +0100
@@ -20,6 +20,20 @@
 # Read the config file
 . $(PATH=$(cd $(dirname $0) && pwd):$PATH which nxloadconfig) --userconf
 
+#JJK: Added	following 'if' stanza as a kluge since the following variables
+#JJK: need to be set in cmd_node_smbmount node_umount_smb 
+#JJK: but they are currently set only in startsession which is called 
+#JJK: separately from nxserver via ssh so environment variables 
+#JJK: aren't preserved.
+if [[ "$SAMBA_MOUNT_SHARE_PROTOCOL" = "cifs" || \
+	 ( "$SAMBA_MOUNT_SHARE_PROTOCOL" = "both" && \
+	  `which "$COMMAND_SMBMOUNT_CIFS"` && `which "$COMMAND_SMBUMOUNT_CIFS"` ) \
+			]] > /dev/null 2>&1; then
+	COMMAND_SMBMOUNT=$COMMAND_SMBMOUNT_CIFS
+	COMMAND_SMBUMOUNT=$COMMAND_SMBUMOUNT_CIFS
+	SAMBA_MOUNT_SHARE_PROTOCOL="cifs"
+fi
+
 #
 # -----------------------------------------------------------------------------
 # Startup of nxnode
@@ -593,11 +607,27 @@
 	touch "$USER_FAKE_HOME/.nx/C-$sess_id/pids/cupsd"
 	
 	mkdir -p "$USER_FAKE_HOME/.nx/C-$sess_id/cups/spool/tmp" "$USER_FAKE_HOME/.nx/C-$sess_id/cups/spool/certs" "$USER_FAKE_HOME/.nx/C-$sess_id/cups/ppd" "$USER_FAKE_HOME/.nx/C-$sess_id/cups/cache"
+	mkdir -p "$USER_FAKE_HOME/.nx/C-$sess_id/cups/log" #JJK cups log file home
+
+#JJK: Modifications to cupsd.conf
+#JJK:   - Added SystemGroup line in order to add $USER to SystemGroup
+#JJK:   - Moved all the log files to log/<log>
+#JJK:   - Set AccessLog to: log/access_log (was /dev/null)
+#JJK:   - Added listening on $NODE_CUPSD_PORT
+#JJK:	         Listen localhost: $NODE_CUPSD_PORT
+#JJK:   - Removed following line because directive is specific to Debian
+#JJK:       PidFile $USER_FAKE_HOME/.nx/C-$sess_id/pids/cupsd
+#JJK:   -  Access restrictions borrowed from /etc/cups/cupsd.conf
+#JJK:   -  Default policy borrowed from /etc/cups/cupsd.conf but modified
+#JJK:        to allow Add, Delete, and Default printer without (password)
+#JJK:        authentication
+#JJK:   - Note for more detailed logging set: LogLevel debug
 
 cat <<EOF > $USER_FAKE_HOME/.nx/C-$sess_id/cups/cupsd.conf
-AccessLog /dev/null
-ErrorLog error_log
-PageLog page_log
+SystemGroup sys root $USER
+AccessLog log/access_log
+ErrorLog log/error_log
+PageLog log/page_log
 LogLevel info
 TempDir $USER_FAKE_HOME/.nx/C-$sess_id/cups/spool/tmp
 RequestRoot $USER_FAKE_HOME/.nx/C-$sess_id/cups/spool
@@ -605,19 +635,60 @@
 StateDir $USER_FAKE_HOME/.nx/C-$sess_id/cups/
 CacheDir $USER_FAKE_HOME/.nx/C-$sess_id/cups/cache
 
+Listen localhost:$NODE_CUPSD_PORT
 Listen $NODE_CUPSD_SOCKET
 Browsing Off
 ServerName localhost
-PidFile $USER_FAKE_HOME/.nx/C-$sess_id/pids/cupsd
 
+#JJK:  Restrict access to the server...
 <Location />
 Order Deny,Allow
 Deny From All
 Allow from 127.0.0.1
 </Location>
 
+#JJK: Restrict access to the admin pages...
+<Location /admin>
+  Encryption Required
+  Order allow,deny
+  Allow localhost
+</Location>
+
+#JJK: Restrict access to configuration files...
+<Location /admin/conf>
+  AuthType Basic
+  Require user @SYSTEM
+  Order allow,deny
+  Allow localhost
+</Location>
+
 # Allow everything for anonymous, because we are protected through UNIX socket
+#JJK: Since allowing access via $NODE_CUPSD_PORT, need to add protection
 <Policy default>
+  #JJK: Job-related operations must be done by the owner or an adminstrator...
+  <Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job CUPS-Move-Job>
+    Require user @OWNER @SYSTEM
+    Order deny,allow
+  </Limit>
+
+  #JJK:All administration operations require an adminstrator to authenticate...
+  <Limit Pause-Printer Resume-Printer Set-Printer-Attributes Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After CUPS-Add-Class CUPS-Delete-Class CUPS-Accept-Jobs CUPS-Reject-Jobs>
+    AuthType Basic
+    Require user @SYSTEM
+    Order deny,allow
+  </Limit>
+
+  #JJK: Except need to allow these for nxnode to work
+  <Limit CUPS-Add-Printer CUPS-Delete-Printer CUPS-Set-Default>
+    Order deny,allow
+  </Limit>
+
+  # Only the owner or an administrator can cancel or authenticate a job...
+  <Limit Cancel-Job CUPS-Authenticate-Job>
+    Require user @OWNER @SYSTEM
+    Order deny,allow
+  </Limit>
+
   <Limit All>
     AuthType None
     Order deny,allow
@@ -629,9 +700,17 @@
 
 	# copy mime.* files
 	cp -af "$CUPS_ETC"/mime.* "$USER_FAKE_HOME/.nx/C-$sess_id/cups/"
+	#JJK: Also copy over pstoraster.convs
+	cp -af "$CUPS_ETC"/mime.* "$CUPS_ETC"/pstoraster.convs "$USER_FAKE_HOME/.nx/C-$sess_id/cups/"
 
 	# start cupsd
-	$COMMAND_CUPSD -c "$USER_FAKE_HOME/.nx/C-$sess_id/cups/cupsd.conf" &>/dev/null </dev/null
+#JJK: Note the directive PidFile in the original cupsd.conf intended for 
+#JJK: recording the pid is a Debianism. Instead, we will use the non-daemon
+#JJK: form of cupsd and capture the pid directly
+#JJK:	$COMMAND_CUPSD -c "$USER_FAKE_HOME/.nx/C-$sess_id/cups/cupsd.conf" &>/dev/null </dev/null
+	$COMMAND_CUPSD -F -c "$USER_FAKE_HOME/.nx/C-$sess_id/cups/cupsd.conf" &>/dev/null </dev/null &
+	NODE_CUPSD_PID=$!
+	echo $NODE_CUPSD_PID >"$USER_FAKE_HOME/.nx/C-$sess_id/pids/cupsd"
 
 	# setup KDE
 	if [ "$ENABLE_KDE_CUPS" = "1" -a -e "$KDE_PRINTRC" ]
@@ -673,6 +752,7 @@
 	cat "$USER_FAKE_HOME/.nx/C-$sess_id/scripts/mpoint" | while read mpoint
 	do
 		$COMMAND_SMBUMOUNT "$mpoint" >/dev/null 2>/dev/null
+		rmdir "$mpoint" >/dev/null 2>/dev/null #JJK:Remove mount point if empty
 	done
 }
 
@@ -1084,6 +1164,7 @@
 
 			COMMAND_SMBMOUNT=/bin/true
 			COMMAND_SMBUMOUNT=/bin/true
+			smbport=139    #JJK: still may want to do printer sharing...
 		else # smbfs
 			smbport=139
 		fi
@@ -1303,7 +1384,8 @@
 	password=$(getparam password)
 	share=$(getparam share)
 	computername=$(getparam computername)
-	dir=$(getparam dir | sed 's|$(SHARES)|MyShares|g')
+#JJK:	dir=$(getparam dir | sed 's|$(SHARES)|MyShares|g')
+	dir=$(getparam dir | sed 's/\(%24\|\$\)(SHARES)/MyShares/g')
 	# rdir=$(getparam dir | sed 's|$(SHARES)/||g')
 	display=$(cd $USER_FAKE_HOME/.nx/; echo C-$SERVER_NAME-*-$sessionid | awk 'BEGIN {FS="-"} {i=NF-1; print $i}') 
 	mkdir -p "$HOME/$dir"
@@ -1322,6 +1404,7 @@
 		echo "$HOME/$dir" >> "$USER_FAKE_HOME/.nx/C-$SERVER_NAME-$display-$sessionid/scripts/mpoint"
 	else
 		$PATH_BIN/nxdialog -dialog ok -caption "NXServer Message" -message "Info: Share: '//$computername/$share' failed to mount: $error" -display :$display &
+		rmdir "$HOME/$dir" >/dev/null 2>/dev/null #JJK: Remove mount point if empty
 	fi
 }
 
@@ -1344,6 +1427,12 @@
 	# this will also setup the userspace cupsd
 	export CUPS_SERVER=$(node_cupsd_get_socket)
 	
+#JJK: The following if-stanza kludge added to enable printing when smbport=cifs
+#JJK: since smb printing won't work when forwarded over port 445
+	if [ "$SAMBA_MOUNT_SHARE_PROTOCOL" = "cifs" ] ; then
+		let port=$port+$SMBPORT_OFFSET
+	fi
+
 	if [ "$type" = "smb" ]
 	then
 		DEVICE_URI="smb://$username:$password@127.0.0.1:$port/$share"
@@ -1357,6 +1446,9 @@
 
 	if [ "$ENABLE_CUPS_SEAMLESS" != "1" ]
 	then
+        #JJK: Export the following variables for use by nxdialog/nxprint
+        #JJK: Note they are also exported in nxdialog but doesn't help there
+	    export ENABLE_FOOMATIC COMMAND_FOOMATIC PPD_DIR
 		MODEL=$($PATH_BIN/nxdialog -printer "$NAME" -display :$display)
 		[ -z "$MODEL" -o "$MODEL" = "cancel: aborted" ] && return
 	else
@@ -1364,7 +1456,11 @@
 		MODEL="download_cached"
 	fi
 	
-	PUBLIC="-u allow:$USER"
+#JJK: I like to also allow 'guest' so you can do things like print
+#JJK: testpages from the CUPS web interface. Note this is required
+#JJK: even for the original user to print test pages	
+#JJK:	PUBLIC="-u allow:$USER"
+	PUBLIC="-u allow:$USER,guest"	
 	[ "$public" == "1" ] && PUBLIC=""
 
 	if [ "$MODEL" = "download_new" -o "$MODEL" = "download_cached" ]
Only in freenx-0.7.1: nxnode.rej
diff -rud freenx-0.7.1/nxprint freenx-0.7.1.sharing_multimedia/nxprint
--- freenx-0.7.1/nxprint	2007-10-15 00:25:14.000000000 +0200
+++ freenx-0.7.1.sharing_multimedia/nxprint	2007-12-31 11:46:12.000000000 +0100
@@ -51,7 +51,8 @@
 	if [ -z "$(find $UTILITY_DRIVERS_CACHE.all -mmin -60 2> /dev/null)" ]
 	then
 		{ 
-		cd /usr/share/ppd/
+#JJK:		cd /usr/share/ppd/
+		cd $PPD_DIR
 		awk -F '"' '/\*Manufacturer:/ { a[FILENAME]=$2 }
 			    /\*NickName:/ { b[FILENAME]=$2 } 
 			    END { 
Only in freenx-0.7.1: nxprint.rej


Index: freenx.spec
===================================================================
RCS file: /cvs/extras/rpms/freenx/devel/freenx.spec,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- freenx.spec	10 Dec 2007 16:23:21 -0000	1.11
+++ freenx.spec	31 Dec 2007 11:12:16 -0000	1.12
@@ -5,14 +5,17 @@
 Summary: Free Software (GPL) Implementation of the NX Server
 Name: freenx
 Version: 0.7.1
-Release: 3%{?dist}
+Release: 4%{?dist}
 License: GPLv2
 Group: Applications/Internet
 URL: http://freenx.berlios.de/
 Source0: http://download.berlios.de/freenx/%{name}-%{version}.tar.gz
 Source1: freenx.logrotate
+Patch0: freenx-0.7.1-sharing_and_multimedia_fixes.patch
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
-Requires: openssh-server nc expect nx xorg-x11-server-Xorg xorg-x11-apps perl
+Requires: nx
+Requires: openssh-server nc expect which perl
+Requires: xorg-x11-server-Xorg xorg-x11-apps
 
 %description
 NX is an exciting new technology for remote display. It provides near
@@ -22,6 +25,7 @@
 
 %prep
 %setup -q
+%patch0 -p1 -b .sharing_and_multimedia
 
 sed -i -e's,\$NX_DIR/bin,%{_pkglibexecdir},g'\
   -e's,\$NX_DIR/lib,%{_pkglibdir},g'\
@@ -80,7 +84,9 @@
 fi
 
 echo -n "127.0.0.1 " > /var/lib/nxserver/home/.ssh/known_hosts
-cat /etc/ssh/ssh_host_rsa_key.pub >> /var/lib/nxserver/home/.ssh/known_hosts
+# We do depend on openssh-server, but package installation != key
+# creation time. See also Fedora bug #235592
+cat /etc/ssh/ssh_host_rsa_key.pub >> /var/lib/nxserver/home/.ssh/known_hosts 2>/dev/null
 chown nx:root /var/lib/nxserver/home/.ssh/known_hosts
 
 %files
@@ -95,6 +101,13 @@
 %config(noreplace) %{_sysconfdir}/logrotate.d/freenx
 
 %changelog
+* Mon Dec 31 2007 Axel Thimm <Axel.Thimm at ATrpms.net> - 0.7.1-4
+- Apply Jeffrey J. Kosowsky's patches to enable multimedia and
+  file/print sharing support (Fedora bug #216802).
+- Silence %%post output, when openssh's server has never been started
+  before (Fedora bug #235592).
+- Add dependency on which (Fedora bug #250343).
+
 * Mon Dec 10 2007 Jon Ciesla <limb at jcomserv.net> - 0.7.1-3
 - Fix syntax error in logrotate file, BZ 418221.
 




More information about the fedora-extras-commits mailing list