x2gobroker-authservice

NAME

x2gobroker-authservice - PAM authentication service for X2Go Session Broker

SYNOPSIS

x2gobroker-authservice [ options ]

DESCRIPTION

x2gobroker-authservice is a PAM authentication service for X2Go Session Broker. Whereas the X2Go Session Broker runs as a non-privileged user (standalone daemon mode) or as the also non-privileged httpd server’s system user (WSGI mode), an authentication against PAM requires root privileges in most cases (esp. for pam_unix.so).

Thus, the PAM authentication has been moved into a separate service. The communication between X2Go Session Broker and PAM Authentication Service is handled through a unix domain socket file (<RUNDIR>/x2gobroker/x2gobroker-authservice.socket).

This command is normally started through the host’s init system.

COMMON OPTIONS

x2gobroker-authservice accepts the following common options:
-h, --help

Display a help with all available command line options and exit.

-D, --daemonize

Fork this application to background and detach from the running terminal.

-P, --pidfile

Custom PID file location when daemonizing (default: <RUNDIR>/x2gobroker/x2gobroker-authservice.pid).

-L, --logdir

Directory where stdout/stderr will be redirected after having daemonized (default: /var/log/x2gobroker/).

-s <AUTHSOCKET>, --socket <AUTHSOCKET>

File name of the unix domain socket file used for communication between broker and authentication service.

-o <OWNER>, --owner <OWNER>

User ownership of the <AUTHSOCKET> file.

-g <GROUP>, --group <GROUP>

Group ownership of the <AUTHSOCKET> file.

-p <PERMISSIONS>, --permissions <PERMISSIONS>

Set these file permissions for the <AUTHSOCKET> file. Use numerical permissions (e.g. 0640).

FILES

<RUNDIR>/x2gobroker/x2gobroker-authservice.socket

AUTHOR

This manual has been written for the X2Go project by Mike Gabriel <mike.gabriel@das-netzwerkteam.de>.