/usr/bin/ltsp-localappsd is in ltsp-client-core 5.5.7-1.
This file is owned by root:root, with mode 0o755.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 | #!/bin/sh
. /usr/share/ltsp/ltsp-client-functions
logit() {
logger -t ltsp-localappsd -p daemon.info $1
}
if [ -n "${LDM_USERNAME}" -a -n "$(/usr/bin/id ${LDM_USERNAME})" ]; then
true
else
logit "Unknown user: $LDM_USERNAME"
exit 1
fi
if [ -z "$DISPLAY" ];then
logit "Unknown DISPLAY"
exit 1
fi
# Initialize LTSP_COMMAND as blank
reset_xprop(){
xprop -root -f $1 8u -set $1 ""
}
reset_xprop LTSP_COMMAND
reset_xprop LTSP_COMMAND_WAIT
# Make sure the local user has access to X
chown ${LDM_USERNAME} $XAUTHORITY
# Check for default printer and printer filtering and export them
[ -n "$LDM_PRINTER_DEFAULT" ] && export CLIENT_ENV="${CLIENT_ENV} PRINTER=${LDM_PRINTER_DEFAULT}"
[ -n "$LDM_PRINTER_LIST" ] && export CLIENT_ENV="${CLIENT_ENV} PRINTER_LIST=${LDM_PRINTER_LIST}"
run_ltsp_localappsd(){
if [ "${LDM_USERNAME}" = "${USER}" ]; then
LANG=$LANG LANGUAGE=$LANG DISPLAY=$DISPLAY XAUTHORITY=$XAUTHORITY $CLIENT_ENV ${LTSP_COMMAND}
else
su - ${LDM_USERNAME} -c "LANG=$LANG LANGUAGE=$LANG DISPLAY=$DISPLAY XAUTHORITY=$XAUTHORITY $CLIENT_ENV ${LTSP_COMMAND}"
fi
}
# Poll for LTSP_COMMAND changes and execute
xprop -notype -root -spy LTSP_COMMAND | while read junk_x junk_y LTSP_COMMAND ; do
# Strip off leading and trailing double-quotes.
LTSP_COMMAND=${LTSP_COMMAND%\"}
LTSP_COMMAND=${LTSP_COMMAND#\"}
# If empty, nothing to execute, return to the loop.
test -n "${LTSP_COMMAND}" || continue
LTSP_COMMAND_WAIT=$(xprop -root -notype LTSP_COMMAND_WAIT |sed -e 's/^LTSP_COMMAND_WAIT = //' -e 's/^"//' -e 's/"$//')
if [ -n "${LTSP_COMMAND}" ]; then
# If LOCAL_APPS_APPS_WHITELIST is defined, reject anything not listed. Otherwise allow by default.
if [ -n "${LOCAL_APPS_WHITELIST}" ]; then
unset TEMP_ALLOW_EXEC
for cmd in $LOCAL_APPS_WHITELIST; do
if [ "$cmd" = "$(echo $LTSP_COMMAND|cut -d\ -f1)" ]; then
TEMP_ALLOW_EXEC=1
break
fi
done
if [ -z "${TEMP_ALLOW_EXEC}" ]; then
logit "Rejecting command not listed in LOCAL_APPS_WHITELIST: $LTSP_COMMAND"
reset_xprop LTSP_COMMAND
reset_xprop LTSP_COMMAND_WAIT
continue
fi
fi
logit "Executing command as username ${LDM_USERNAME}: ${LTSP_COMMAND} "
if [ "$LTSP_COMMAND_WAIT" = "true" ]; then
run_ltsp_localappsd
else
run_ltsp_localappsd &
fi
fi
reset_xprop LTSP_COMMAND
reset_xprop LTSP_COMMAND_WAIT
done
|