Commit Graph

137 Commits

Author SHA1 Message Date
matt335672
ce355fc235 Allow for xrdp not being able to delete PID file
If xrdp is running with dropped privileges it won't be able to delete
the PID file it's created. Places where xrdp is stopped need to cater
for this.

It's prefereable to do this than make the PID file writeable by xrdp
with dropped privileges, as this can still lead to DoS attacks if an
attacker manages to modify the PID file from a compromised xrdp
process.
2024-07-01 11:11:21 +01:00
matt335672
bd49d2f690 Regenerate keymap files in new format 2024-05-24 16:34:19 +01:00
matt335672
d32737a993
Merge pull request #3022 from sasha0552/devel
Add mappings for media keys (VNC)
2024-05-24 16:24:15 +01:00
Schen
21e11de157 Fix a systemd dependency ("network-online.target")
- Fix a problem that the xrdp.service fail to auto-start when instructed to listen on a specific interface
- By changing the "network.target" systemd dependency to "network-online.target"
- The "network-online.target", in short, means at least one network interface has finished IP level setup.
- The previously used "network.target" is vague and does not provide such guarantee (ref: man systemd.special(7)).
- Which often cause "xrdp.service" fail to auto-start when the service is configured to listen on a specific interface (e.g. in xrdp.ini, "port=tcp://192.168.0.1:3389"). Because the interface may have not finish setting up its IP, when "xrdp.service" starts.
2024-05-22 19:11:39 +09:00
sasha0552
4502b70618
regenerate keymaps 2024-04-16 08:35:37 +00:00
matt335672
e0e9177f5e Simplify allowed system calls for xrdp
- The command 'systemd-analyze syscall-filter' shows that the group
  @system-service added to the xrdp-service SystemCallFilter
  actually includes all of the other listed groups and individual
  services.  Consequently this line can be simplified to just specify
  @system-service.

- (reversion) The SystemCallErrorNumber setting in xrdp.service has been
  removed so that unauthorized system calls cause an immediate process exit.
2024-03-22 11:40:44 +00:00
matt335672
bf53a76ea1 Remove wtmp updating code 2024-02-21 09:24:48 +00:00
BLINDAUER Emmanuel
2af2e032c3 Add the loginuid pam module, as we are starting a session.
So /proc/<uid>/loginuid will be filled by the uid of the user.
This will fix entries in 'last' with "gone - no logout" instead of
'still logged in'
2024-02-20 17:37:11 +00:00
Christopher Pitstick
ccead296e6 Fix service call filter. 2024-01-31 19:08:29 -05:00
matt335672
8fb5bd9096 Add keyring support for Debian and Arch
Adds optional calls to GNOME and KDE keyrings for Debian and Arch.

Also upstreams a current Debian patch to call pam_env.so
2023-08-30 12:37:44 +01:00
Daniel Richard G
9bf78e4a80 Add syscall filtering to xrdp systemd unit 2023-06-09 03:33:52 -04:00
Daniel Richard G
e199dba32f Simplify interaction with systemd 2023-05-15 11:05:35 -04:00
Yifan J
8be6bc137e Make pam.d directory configurable 2023-02-21 09:50:46 +08:00
matt335672
ee8c4ddc2f Add xrdp-sesman.system to distributed files
Distributed file list also now sorted for ease of checking
2022-12-12 19:41:39 +00:00
matt335672
3a0a932472 Add --reload option to sesman
Adds a --reload switch to sesman and plumbs this in
to systemctl reload xrdp-sesman.service
2022-11-09 09:46:36 +00:00
Mosakuji Hokuto
4ff968bc98
Update pamdir_suse to accommodate with TW pam.d move (#2413)
On newer builds of openSUSE tumbleweed the path of pam.d has moved from
/usr/etc/pam.d to /usr/lib/pam.d, which prevents install script to
correctly guess pam rules. Updating path in mkpamrules solves the
problem.
2022-11-08 10:05:55 +00:00
a1346054
59f8d9fe07
fix some shellcheck warnings 2022-09-03 02:05:08 +00:00
a1346054
7fe18cc1c0
fix typos 2022-09-03 02:01:48 +00:00
Roland Kaufmann
a9eb5a17d2 Detect and setup Programmer Dvorak keyboard layout
This patch will add the keyboard layout identifier for the Programmer
Dvorak keyboard layout, so that if a Windows client has that layout
active, it will be mapped to the corresponding xkeyboard-config layout
in the X server.

An XFreeRDP client knows about this layout too, and will correspondingly
map it to the identifier given here, making the layout propagate
correctly through X-to-X connections as well.

To replicate the full Windows keyboard layout several options have to
be set as well as the main layout. To avoid having these options spill
over to other layouts that are dumped, the old settings are stored
before the dump and then restored afterwards.
2020-08-26 17:55:25 +02:00
matt335672
2ec9720612 mkpamrules now supports Slackware 2020-04-26 17:27:19 +01:00
Koichiro IWAO
a20f99d3d1
Remove xrdp.sh from Makefile and document as well 2019-12-11 17:09:08 +09:00
Koichiro IWAO
5fc804c67d
remove unmaintained xrdp.sh
It is not maintained since it is added and outdated now.
2019-12-11 09:46:18 +09:00
Yifan J
732d663c70 mkpamrules: Support openSUSE's usage of /usr/etc/pam.d
to contain the pam configuration files:

https://lists.opensuse.org/opensuse-factory/2019-08/msg00113.html
2019-11-13 11:13:07 +08:00
netromnetrom
ee1c24dd47
Update Makefile.am 2019-02-05 16:54:38 +01:00
netromnetrom
09dc942d3e
Create km-00000406.ini 2019-02-05 16:53:35 +01:00
Koichiro IWAO
258a7a12ac
add Spanish (Latin Amarican) keyboard
Closes #1237.
2018-11-01 09:24:51 +09:00
Koichiro IWAO
72b5088449
FreeBSD: separate rc script into xrdp and xrdp-sesman
to improve fscd(8)[1] compatibility. fscd(8) monitors daemons and
restarts after daemons crashed. We usually want to start, stop, and
restart xrdp and xrdp-sesman separately because restarting xrdp-sesman
means losing existing sessions. This change will enable fscd(8) not to
restart xrdp-sesman together when only xrdp daemon crashes.

Now rc.d/xrdp mainly has following commands:

* start      - starts xrdp
* stop       - stops xrdp
* restart    - stops xrdp, then starts it again
* allstart   - starts both xrdp and xrdp-sesman
* allstop    - stops both
* allrestart - stops both, then start them again
* status     - returns status of xrdp

rc.d/xrdp-sesman doesn't have all- prefixed commands.

[1] https://www.freshports.org/sysutils/fsc/
2018-05-30 01:27:23 +09:00
Boris Bopp
e875cd2af5 instfiles: Add pam.d config for arch linux. 2018-03-27 12:42:51 +09:00
Vraiment
09712d70ad Added PAM support for MacOS 2018-02-07 21:21:59 +09:00
Soedarsono
3c3eb9ed73 Add dvorak keyboard layout 2017-11-01 10:24:54 -07:00
Koichiro IWAO
22dc148802 instfiles: don't include generated *.services files in distribution
Solves #848.
Pointed out by: Fuminobu TAKEYAMA (@ftake)
2017-08-16 13:50:52 +09:00
Koichiro IWAO
9f8a902476 Add a pam file for FreeBSD
as existing xrdp-sesman.unix doesn't suit FreeBSD.
2017-07-21 14:04:50 +09:00
Koichiro IWAO
e879cf5fce add TODO comments 2017-05-31 16:27:23 +09:00
Koichiro IWAO
bedf04cd9f instfiles: substitute directories in systemd service files
Do not expect prefix is always /usr. /usr/local is often used when users
compile xrdp manually.
2017-05-31 16:27:23 +09:00
Pavel Roskin
8a1de8dbc4 Remove trailing whitespace 2017-02-08 13:30:56 +09:00
Dominik George
5b2364196c Some fixes/improvements to service files. (#646)
* Add Documentation field so the systemctl help command works.
 * Remove syslog.target as syslog is normally socket-activated now.
2017-01-30 20:15:43 -02:00
Pavel Roskin
409623a65f Change BindTo to BindsTo, it was renamed in systemd long time ago
BindTo was left for compatibility.

https://lists.freedesktop.org/archives/systemd-commits/2012-July/002272.html
2017-01-20 09:05:00 -08:00
Pavel Roskin
8799bbac42 Allow PAM file selection in configure, improve autodetection, add SUSE
Use easy to understand names for config files (debian, redhat, suse,
unix). Move all autodetection to a separate script.
2017-01-15 00:57:59 -08:00
speidy
93c55e58a8 Merge branch 'devel' of https://github.com/neutrinolabs/xrdp
Conflicts:
	xorgxrdp
2016-12-22 12:04:29 -05:00
Pavel Roskin
c21b9a78f4 Distribute all files except git and github specific data
It is better to distribute a few useless file than not to distribute
needed files.
2016-12-18 00:00:11 -08:00
Westporch
be58f2d547 Sort alphabetically 2016-12-14 15:27:03 +09:00
Westporch
2bac73eba3 Add Korean keymap 2016-12-14 14:41:11 +09:00
Westporch
4681a06f6a Add Korean keymap 2016-12-14 14:33:00 +09:00
Koichiro IWAO
d1dc5b7814 instfiles: unify km-*0411.ini into km-00000411.ini
as they're identical and no longer need to duplicate them after
commit 5725200.
2016-11-30 18:38:41 +09:00
Koichiro IWAO
cab8955ea4 add Finnish keyboard
Closes #70
2016-11-02 14:49:47 +09:00
Koichiro IWAO
f62b55c547 switch newly added keymaps to 8 hex digit 2016-10-24 15:21:14 +09:00
Koichiro IWAO
c654c86206 Switch to 8 hex digit keymapfile
as the value keyboardLayout is actually 32-bit unsigned integer.
See [MS-RDPBCGR] - v20160714 p.45.
2016-10-24 15:19:23 +09:00
Itamar Reis Peixoto
d4f350758b add km-040a.ini keyboard 2016-10-21 16:33:57 -02:00
Itamar Reis Peixoto
b70f372a87 add keymap-names.txt 2016-10-21 16:30:06 -02:00
Pavel Roskin
7e8863b0f2 Add UK English keyboard and code to generate it 2016-09-05 22:12:17 -07:00