Fix non-root-user display server startup failure

Transfer and clean up Kerberos ticket on login and logout
Remove spurious debugging messages

instfiles/pam.d/xrdp-sesman.common

@@ -1,4 +1,5 @@
 #%PAM-1.0
 @include common-auth
 @include common-account
+@include common-password
 @include common-session

raptorsmiface/libraptorsmiface.c

@@ -184,6 +184,26 @@ char* get_group_for_user(char* username) {
 	return strdup(primarygroup->gr_name);
 }
 
+int raptor_sm_get_uid_for_user(char* username) {
+	struct passwd *pwd = calloc(1, sizeof(struct passwd));
+	if (pwd == NULL) {
+		return -1;
+	}
+	size_t buffer_len = sysconf(_SC_GETPW_R_SIZE_MAX) * sizeof(char);
+	char *buffer = malloc(buffer_len);
+	if (buffer == NULL) {
+		return -2;
+	}
+	getpwnam_r(username, pwd, buffer, buffer_len, &pwd);
+	if (pwd == NULL) {
+		return -3;
+	}
+	uid_t uid = pwd->pw_uid;
+	free(buffer);
+	free(pwd);
+	return uid;
+}
+
 char raptor_sm_deallocate_session(char* username) {
 	MYSQL_RES *res;
 	MYSQL_ROW row;
@@ -227,6 +247,16 @@ char raptor_sm_deallocate_session(char* username) {
 		}
 	}
 
+#ifndef RAPTOR_SM_DISABLE_KERBEROS
+	char* command_string;
+	char* ip = raptor_sm_get_ip_for_hostname(hostname, 0);
+	asprintf(&command_string, "ssh root@%s \'rm -f /tmp/krb5cc_%d\'", ip, raptor_sm_get_uid_for_user(username));
+	dprint("Running command %s...\n\r", command_string);
+	system(command_string);
+	free(command_string);
+	free(ip);
+#endif
+
 	// Remove the user from the system
 	char* safe_username = get_mysql_escaped_string(conn, username);
 	asprintf(&query, "DELETE FROM sessions WHERE username='%s'", safe_username);
@@ -682,6 +712,20 @@ pid_t raptor_sm_run_remote_server(char* username, char *const argv[], char* dbfi
 	}
 	char* origstr = command_string;
 
+#ifndef RAPTOR_SM_DISABLE_KERBEROS
+	if (display >= 0) {
+		uid_t uid = raptor_sm_get_uid_for_user(username);
+		asprintf(&command_string, "rsync -a /tmp/krb5cc_%d root@%s:/tmp/krb5cc_%d", uid, ipaddr, uid);
+		dprint("Running command %s...\n\r", command_string);
+		system(command_string);
+		free(command_string);
+		asprintf(&command_string, "rm -f /tmp/krb5cc_%d", uid);
+		dprint("Running command %s...\n\r", command_string);
+		system(command_string);
+		free(command_string);
+	}
+#endif
+
 	if (strcmp(dbfield, RAPTOR_SM_SERVER_PID_FIELD) == 0) {
 		asprintf(&command_string, "ssh root@%s \'%s & echo $! &\'", ipaddr, origstr);
 	}

sesman/env.c

@@ -113,7 +113,7 @@ env_set_user(char *username, char *passwd_file, int display,
         if (error == 0)
         {
             uid = pw_uid;
-            error = g_setuid(uid);
+//            error = g_setuid(uid);
         }
 
         g_mk_temp_dir(0);

xrdp/xrdp_login_wnd.c

@@ -565,7 +565,8 @@ xrdp_wm_login_fill_in_combo(struct xrdp_wm *self, struct xrdp_bitmap *b)
 
         if ((g_strncmp(p, "globals", 255) == 0)
                 || (g_strncmp(p, "channels", 255) == 0)
-                || (g_strncmp(p, "Logging", 255) == 0))
+                || (g_strncmp(p, "Logging", 255) == 0)
+                || (g_strncmp(p, "Database", 255) == 0))
         {
         }
         else