From 9227ee9a54a8f1bcbce1f4ca0608bc4d483d9924 Mon Sep 17 00:00:00 2001 From: Phillip Warner Date: Sat, 15 Feb 2020 08:34:19 +0700 Subject: system/xrdp: Updated for version 0.9.12. Signed-off-by: Willy Sudiarto Raharjo --- system/xrdp/README | 79 +++++++++++++++++++++++++++------------------ system/xrdp/doinst.sh | 42 +++++++++++++++++------- system/xrdp/slack-desc | 12 +++---- system/xrdp/xrdp.SlackBuild | 63 ++++++++++++++++++++++++------------ system/xrdp/xrdp.info | 8 ++--- 5 files changed, 132 insertions(+), 72 deletions(-) (limited to 'system/xrdp') diff --git a/system/xrdp/README b/system/xrdp/README index dbefe66f47ca..e127d9d09adc 100644 --- a/system/xrdp/README +++ b/system/xrdp/README @@ -1,47 +1,64 @@ -Xrdp provides a fully functional Linux terminal server, capable of accepting -connections from rdesktop and Microsoft's own terminal server/remote desktop -clients. Xrdp uses Xvnc or X11rdp (which are installed separately) to manage -the X session. This means a RDP client can connect to a VNC server on the -xrdp server machine in addition to the RDP server. Xrdp can also act as a -bridging server, allowing RDP clients to connect to other RDP or VNC servers +Xrdp provides a fully functional Linux terminal server, capable of accepting +connections from rdesktop and Microsoft's own terminal server/remote desktop +clients. Xrdp uses Xvnc or xorgxrdp (which are installed separately) to manage +the X session. This means a RDP client can connect to a VNC server on the +xrdp server machine in addition to the RDP server. Xrdp can also act as a +bridging server, allowing RDP clients to connect to other RDP or VNC servers through the xrdp server. -Xvnc is included with tightvnc (in Slackware /extra). -X11rdp can be compiled and installed by following the directions in the -thread at http://tinyurl.com/2ufoz2 (link to LinuxQuestions.org). +Xvnc is included with tigervnc (in Slackware /extra). +xorgxrdp can be compiled and installed after installing xrdp. -By default, this script will make xrdp without PAM support since PAM is not +By default, this script will make xrdp without PAM support since PAM is not installed in Slackware by default. The script supports building with PAM, but it is completely untested by us. If you want to enable PAM, run the script as follows: USE_PAM=YES ./xrdp.SlackBuild -After installing xrdp there are some configuration files in /etc/xrdp that +By default, this script will make xrdp without GVFS support, as it can cause +a problem if a session is unexpectedly terminated leaving an orphan GVFS +mount. (This can be corrected by logging into the server hosting xrdp and +running 'fusermount -uz ~/thinclient_drives'). +If you want to use drive redirection and shared clipboard support, +run the script as follows: + USE_GVFS=YES ./xrdp.SlackBuild + +After installing xrdp there are some configuration files in /etc/xrdp that can be modified: ** sesman.ini ** -sesman.ini has some useful options to take note of such as the ability to +sesman.ini has some useful options to take note of such as the ability to allow xrdp use by only a certain group and to specify the log location. -*NOTE:* The default log location is now /var/log/xrdp-sesman.log. +*NOTE:* The default log location is now /var/log/xrdp-sesman.log, and +the logs are rotated according to /etc/logrotate.d/xrdp-sesman added +by the script. ** xrdp.ini ** -xrdp.ini should be modified so that you have the options you want at the -server login screen. For instance, if you want xrdp's default options to be -like those of a Windows RDP server then change xrdp.ini so that the default -set of options under [xrdp1] corresponds to sesman-X11rdp. Similarly, you -might want to change the options (eg. port number) for VNC (listed as -"console" by default). The man page for xrdp.ini has more details on the -file. +xrdp.ini should be modified so that you have the options you want. +For instance, the server login screen can be customised. +The default protocol settings is 'ssl_protocols=TLSv1.2, TLSv1.3'. +OpenSSL 1.0.2 in Slackware 14.2 does not support TLSv1.3, which can +cause a harmless debug message. +The remote desktop client in Windows XP requires TLSv1 to connect. +When released, Windows 7 did not support TLSv1.2, but an official update +was released. +The man page for xrdp.ini has more details on the file. +*NOTE:* The default log location is now /var/log/xrdp.log, and +the logs are rotated according to /etc/logrotate.d/xrdp added +by the script. ** xrdp-xinitrc ** -xrdp-xinitrc by default tries to load one of several DE/WMs in order to -start a X11rdp session. Change this as desired to load a specific DE/WM. -A similar script can be executed on a per-user basis by creating an -executable script at ~/.xrdp-xinitrc. A utility program, xrdp-xwmconfig, -is included to allow you to use your xinit scripts during X11rdp sessions. -It works just like xwmconfig, so run it as root to set the global default, -or run it as a normal user to set only the default for that user. See the -sesman.ini man page for details about defining different names or locations -for the X11rdp startup scripts. - -FreeRDP is an optional dependency. +xrdp-xinitrc by default tries to load one of several DE/WMs in order to +start a X11rdp session. Change this as desired to load a specific DE/WM. +A similar script can be executed on a per-user basis by creating an +executable script at ~/.xrdp-xinitrc. A utility program, xrdp-xwmconfig, +is included to allow you to use your xinit scripts during sessions. +It works just like xwmconfig, so run it as root to set the global default, +or run it as a normal user to set only the default for that user. See the +sesman.ini man page for details about defining different names or locations +for the startup scripts. + +If using xorgxrdp, you will likely need a /etc/X11/Xwrapper.config wrapper +script containing a line: + allowed_users = anybody +(See 'man Xwrapper.config' for details) diff --git a/system/xrdp/doinst.sh b/system/xrdp/doinst.sh index f2aaf8f5b136..5e27a33eb624 100644 --- a/system/xrdp/doinst.sh +++ b/system/xrdp/doinst.sh @@ -11,19 +11,39 @@ config() { # Otherwise, we leave the .new copy for the admin to consider... } -preserve_perms() { - NEW="$1" - OLD="$(dirname $NEW)/$(basename $NEW .new)" - if [ -e $OLD ]; then - cp -a $OLD ${NEW}.incoming - cat $NEW > ${NEW}.incoming - mv ${NEW}.incoming $NEW - fi - config $NEW -} +# Keep same perms on rc.xrdp.new: +if [ -e etc/rc.d/rc.xrdp ]; then + cp -a etc/rc.d/rc.xrdp etc/rc.d/rc.xrdp.new.incoming + cat etc/rc.d/rc.xrdp.new > etc/rc.d/rc.xrdp.new.incoming + mv etc/rc.d/rc.xrdp.new.incoming etc/rc.d/rc.xrdp.new +fi +config etc/rc.d/rc.xrdp.new config etc/xrdp/xrdp-xinitrc.new +config etc/xrdp/reconnectwm.sh.new config etc/xrdp/rsakeys.ini.new config etc/xrdp/sesman.ini.new config etc/xrdp/xrdp.ini.new -preserve_perms etc/rc.d/rc.xrdp.new +config etc/xrdp/xrdp_keyboard.ini.new +config etc/xrdp/km-00000406.ini.new +config etc/xrdp/km-00000407.ini.new +config etc/xrdp/km-00000409.ini.new +config etc/xrdp/km-0000040a.ini.new +config etc/xrdp/km-0000040b.ini.new +config etc/xrdp/km-0000040c.ini.new +config etc/xrdp/km-00000410.ini.new +config etc/xrdp/km-00000411.ini.new +config etc/xrdp/km-00000412.ini.new +config etc/xrdp/km-00000414.ini.new +config etc/xrdp/km-00000415.ini.new +config etc/xrdp/km-00000416.ini.new +config etc/xrdp/km-00000419.ini.new +config etc/xrdp/km-0000041d.ini.new +config etc/xrdp/km-00000807.ini.new +config etc/xrdp/km-00000809.ini.new +config etc/xrdp/km-0000080a.ini.new +config etc/xrdp/km-0000080c.ini.new +config etc/xrdp/km-00000813.ini.new +config etc/xrdp/km-00000816.ini.new +config etc/xrdp/km-0000100c.ini.new +config etc/xrdp/km-00010409.ini.new diff --git a/system/xrdp/slack-desc b/system/xrdp/slack-desc index 5ba7b8ab8fa9..ed9364f6a961 100644 --- a/system/xrdp/slack-desc +++ b/system/xrdp/slack-desc @@ -8,12 +8,12 @@ |-----handy-ruler------------------------------------------------------| xrdp: xrdp (Remote Desktop Server for Linux) xrdp: -xrdp: Xrdp provides a fully functional Linux terminal server, capable of -xrdp: accepting connections from rdesktop and Microsoft's own terminal -xrdp: server and/or remote desktop clients. +xrdp: xrdp provides a graphical login to remote machines using Microsoft +xrdp: Remote Desktop Protocol (RDP). xrdp accepts connections from a +xrdp: variety of RDP clients: FreeRDP, rdesktop, NeutrinoRDP and Microsoft +xrdp: Remote Desktop Client (for Windows, Mac OS, iOS and Android). xrdp: -xrdp: Xrdp uses Xvnc or X11rdp (installed separately) to manage the -xrdp: X session. +xrdp: RDP transport is encrypted using TLS by default. xrdp: -xrdp: Homepage: http://xrdp.sourceforge.net/ +xrdp: Homepage: http://www.xrdp.org/ xrdp: diff --git a/system/xrdp/xrdp.SlackBuild b/system/xrdp/xrdp.SlackBuild index d5ff39cc11c8..520cda33c956 100644 --- a/system/xrdp/xrdp.SlackBuild +++ b/system/xrdp/xrdp.SlackBuild @@ -2,9 +2,10 @@ # Slackware build script for xrdp # Written by Phillip Warner +# Amended by David Allen PRGNAM=xrdp -VERSION=${VERSION:-0.9.4} +VERSION=${VERSION:-0.9.12} BUILD=${BUILD:-1} TAG=${TAG:-_SBo} @@ -25,6 +26,10 @@ OUTPUT=${OUTPUT:-/tmp} # then run this script as: "USE_PAM=YES ./xrdp.SlackBuild" USE_PAM=${USE_PAM:-NO} +# If you want drive redirection and shared clipboard support, +# then run this script as: "USE_GVFS=YES ./xrdp.SlackBuild" +USE_GVFS=${USE_GVFS:-NO} + if [ "$ARCH" = "i586" ]; then SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" @@ -63,9 +68,12 @@ else NOPAM_OPT="" fi -# Optional config options if built with FreeRDP: -# --enable-freerdp Build freerdp module (default: no) -# --enable-freerdp1 Build freerdp1 module (default: no) +if [ "$USE_GVFS" = "NO" ]; then + NOGVFS_OPT="--disable-fuse" +else + NOGVFS_OPT="--enable-fuse" +fi + CFLAGS="$SLKCFLAGS" \ CPPFLAGS="$SLKCFLAGS" \ ./configure \ @@ -78,16 +86,21 @@ CPPFLAGS="$SLKCFLAGS" \ --build=$ARCH-slackware-linux \ --disable-painter \ --disable-rfxcodec \ + --disable-static \ + $NOGVFS_OPT \ $NOPAM_OPT -# Fix path in what will become the init script -sed -i "s/SBINDIR=\/usr\/local\/sbin/SBINDIR=\/usr\/sbin/" instfiles/xrdp.sh - -# Change xinit script name to xrdp-xinitrc -sed -i "s/startwm.sh/xrdp-xinitrc/" instfiles/xrdp.sh - -# Build fails if a copy of config.{c,h} is not in sesman/tools/ -cp -v sesman/config.{c,h} sesman/tools/ +## Use sed rather than patch as line locations change between versions +# Change LogLevel to INFO instead of DEBUG +sed -i "s/LogLevel=DEBUG/LogLevel=INFO/" xrdp/xrdp.ini +sed -i "s/SyslogLevel=DEBUG/SyslogLevel=INFO/" xrdp/xrdp.ini +sed -i "s/LogLevel=DEBUG/LogLevel=INFO/" sesman/sesman.ini +sed -i "s/SyslogLevel=DEBUG/SyslogLevel=INFO/" sesman/sesman.ini +# Disable Root logins by default +sed -i "s/AllowRootLogin=true/AllowRootLogin=false/" sesman/sesman.ini +# Set default RDP session xinit script to /etc/xrdp/xrdp-xinitrc +sed -i "s/UserWindowManager=startwm.sh/UserWindowManager=.xrdp-xinitrc/" sesman/sesman.ini +sed -i "s/DefaultWindowManager=startwm.sh/DefaultWindowManager=xrdp-xinitrc/" sesman/sesman.ini make make install DESTDIR=$PKG @@ -95,24 +108,35 @@ make install DESTDIR=$PKG # Make sure log directory is there mkdir -p $PKG/var/log -# Let's make the xrdp_control.sh script the init script -mkdir -p $PKG/etc/rc.d -mv $PKG/etc/$PRGNAM/xrdp.sh $PKG/etc/rc.d/rc.$PRGNAM.new - # Change startwm.sh name for more consistency with previous SlackBuild # and corresponding user file name mv $PKG/etc/$PRGNAM/startwm.sh $PKG/etc/$PRGNAM/xrdp-xinitrc.new +# Install the xrdp-xwmconfig utility +install -D -m 0755 -o root -g root $CWD/xrdp-xwmconfig \ + $PKG/usr/bin/xrdp-xwmconfig + # Let's not clobber existing configs ( cd $PKG/etc/$PRGNAM mv rsakeys.ini rsakeys.ini.new mv sesman.ini sesman.ini.new mv xrdp.ini xrdp.ini.new + mv xrdp_keyboard.ini xrdp_keyboard.ini.new + mv reconnectwm.sh reconnectwm.sh.new + rename ini ini.new km-????????.ini ) -# Install the xrdp-xwmconfig utility -install -D -m 0755 $CWD/xrdp-xwmconfig \ - $PKG/usr/bin/xrdp-xwmconfig +# Used to make the init script from instfiles/xrdp.sh, +# but it was removed from xrdp-0.9.12, +# so it is included in the SlackBuild files +install -D -m 0755 -o root -g root $CWD/rc.xrdp \ + $PKG/etc/rc.d/rc.xrdp.new + +# Install logrotate scripts +install -D -m 0644 -o root -g root $CWD/xrdp \ + $PKG/etc/logrotate.d/xrdp.new +install -D -m 0644 -o root -g root $CWD/xrdp-sesman \ + $PKG/etc/logrotate.d/xrdp-sesman.new find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true @@ -121,7 +145,6 @@ find $PKG/usr/man -type f -exec gzip -9 {} \; mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION cp -a COPYING design.txt install.txt README.md faq-*.txt $PKG/usr/doc/$PRGNAM-$VERSION - # Keep a backup copy of startwm.sh in the docs cat sesman/startwm.sh > $PKG/usr/doc/$PRGNAM-$VERSION/startwm.sh-example cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild diff --git a/system/xrdp/xrdp.info b/system/xrdp/xrdp.info index b35d21b43b28..c65f28904376 100644 --- a/system/xrdp/xrdp.info +++ b/system/xrdp/xrdp.info @@ -1,8 +1,8 @@ PRGNAM="xrdp" -VERSION="0.9.4" -HOMEPAGE="http://xrdp.sourceforge.net/" -DOWNLOAD="https://github.com/neutrinolabs/xrdp/archive/v0.9.4/xrdp-0.9.4.tar.gz" -MD5SUM="d6e5b1b3222716feda18e620a590c9e5" +VERSION="0.9.12" +HOMEPAGE="http://www.xrdp.org/" +DOWNLOAD="https://github.com/neutrinolabs/xrdp/releases/download/v0.9.12/xrdp-0.9.12.tar.gz" +MD5SUM="cf6507a8d3f44408bead7bdcdfb9f742" DOWNLOAD_x86_64="" MD5SUM_x86_64="" REQUIRES="" -- cgit v1.2.3