Unity Greeter with X2Go Remote Login Support

For the Danish company Fleten.net [1] (with my X2Go [2] developer hat on) I have recently developed X2Go integration into the Unity Greeter [3] theme of LightDM [4] in Ubuntu. Fleten.net--as a Canonical Partner--is providing FOSS based IT-services to schools and municipalities in Denmark and Norway, based on Ubuntu and X2Go.

This blog entry will provide a quick howto that explains how you can test this new Unity Greeter feature. Patches have already been sent upstream [5] (Canonical) and I am quite hopeful that they get accepted for inclusion, so the feature may become available in Ubuntu 13.10 and then in the next LTS release of Ubuntu.

My personal plan also is to test all the Unity Greeter related stuff on Debian and if applicable, package Canonical's (local and remote) login tool for Debian.

[1] http://fleten.net
[2] http://wiki.x2go.org
[3] https://launchpad.net/unity-greeter
[4] https://launchpad.net/lightdm
[5] https://bugs.launchpad.net/unity-greeter/+bug/1172928

Installation HowTo

The following steps are needed to test the X2Go remote login on Ubuntu 13.04 on your own notebook. You will need a virtualization tool like qemu/KVM or Virtualbox for this setup.

  • Server-side (your notebook): Install X2Go Session Broker or newer (from ppa:x2go/stable or from [6]) and configure the UCCS WebUI frontend
    1. Install a Ubuntu/Debian based server system.
    2. Add the X2Go package archive to APT [6,7] and install the packages x2gobroker-daemon and x2gobroker-authservice:
      $ sudo apt-get install python-software-properties # if on Ubuntu
      $ sudo add-apt-repository ppa:x2go/stable # if on Ubuntu
      $ sudo apt-get install x2gobroker-daemon x2gobroker-authservice
    3. Edit /etc/x2go/x2gobroker.conf in the depicted way:
      --- a/x2gobroker.conf       2013-04-26 00:51:20.000000000 +0200
      +++ b/x2gobroker.conf     2013-04-24 18:59:26.000000000 +0200
      @@ -72,9 +72,9 @@
       #enable-plain-output = true
       # enable {base_url}/uccs/
      -#enable-uccs-output = false
      +enable-uccs-output = true
       # use this URL base to create URL field in UCCS-style JSON output
      -#my-uccs-url-base = http://localhost:8080/
      +my-uccs-url-base = http://x2gobroker.localdomain:8080/
       # enable {base_url}/json/ (THIS IS FUTURE, mg-20121129)
       #enable-json-output = false
      @@ -219,7 +219,7 @@
       #desktop-shell = KDE
      -#enable = false
      +enable = true
       #session-profiles = /etc/x2go/broker/x2gobroker-sessionprofiles.conf
    4. Configure your X2Go Server session profiles in /etc/x2go/broker/x2gobroker-sessionprofiles.conf. Read the comments in that config file carefully to get a clue on how to modify the file to your needs. A simple example is this:
      name=X2Go Server 1
      name=X2Go Server 2
      name=MS Windows

      Note that at the time of writing of the manifold X2Go session parameters only the parameter command is handled by the UCCS WebUI.

    5. Optional: Enable debug mode of the X2Go Session Broker Daemon in /etc/defaults/x2gobroker-daemon while you are still testing the whole thing.
    6. Server-side: DONE
  • Client-side (a virtual machine running on your notebook): Install a Ubuntu workstation (13.04) in Virtualbox or KVM. Use NAT'ed networking, thus in VirtualBox your notebook's host IP will be (if you use the defaults)
    1. Make sure you can nmap port 8080 on IP That is the address port that the X2Go Session Broker Daemon is listening on. (The broker daemon is a http server implemented with Python Tornado.)
    2. Add an entry to /etc/hosts for x2gobroker.localdomain x2gobroker.
    3. Test the session broker via http protocol. Enter http://x2gobroker.localdomain:8080/uccs/inifile/api/4 in your browser. The browser should then request authorization. Use your local user on your notebook and its password for authentication (X2Go Session Broker uses PAM to authenticate against). After successful authentication, some JSON data object should appear in your browser window.
    4. Now, also test this from the command line: echo <mypassword> | thin-client-config-agent <myuserid>
    5. After the connectivity has been tested you need to obtain a patched Unity Greeter and a patched Remote Login Service from Launchpad and build those packages from source:
      $ sudo apt-get install bzr
      $ sudo apt-get install devscripts debhelper ubuntu-dev-tools build-essential
      $ mkdir x2go
      $ cd x2go
      $ bzr branch lp:~m-gabriel/remote-login-service/x2go remote-login-service
      $ cd remote-login-service && get-build-deps debian/control && debuild -uc -us && cd ..
      $ bzr branch lp:~m-gabriel/unity-greeter/x2go unity-greeter
      $ cd unity-greeter && get-build-deps debian/control && debuild -uc -us && cd ..
      $ sudo dpkg -i unity-greeter*.deb remote-login-service*.deb
    6. Additionally, you need two further packages provided in the X2Go package archive (PPA) on Launchpad:
      $ sudo apt-get install python-software-properties
      $ sudo add-apt-repository ppa:x2go/stable
      $ sudo apt-get install lightdm-remote-session-x2go libpam-x2go
    7. Finally, you have to teach the Remote Login Service not to talk to Canonical's UCCS site, but to the X2Go Session Broker installed on your notebook:
      [Remote Login Service]
      [Server MyUCCSTest]
      Name=Remote Login
    8. After an invoke-rc.d lightdm restart you should have a Remote Login login option on your Unity Greeter screen. Clicking that will request a username and password. As username use <myuser>@intern and <mypassword> where <myuser> and <mypassword> are the user account credentials of the user you normally use on your local notebook. With this action you logon to the UCCS-like WebUI of the X2Go Session Broker.
    9. After successful logon to the X2Go Session Broker, you should be presented the three server logons that we configured further above.
    10. Select one of the X2Go Servers (you of course have adapted the x2gobroker-sessionprofiles.conf file above to your needs...) for login.
    11. Watch the X2Go Session coming up on your screen...
    12. Client-side: DONE

Please note that the X2Go Session Broker still is a very young project and you might stumble over the unexpected. Please report any errors to http://bugs.x2go.org (Debbugs BTS Software).

Mike Gabriel (aka sunweaver)

[6] http://wiki.x2go.org/doku.php/wiki:repositories:debian

Disable tests in unity-greeter

When building our version of unity-greeter src:package by some reason the test run fails. Please ignore that and comment out the line in unity-greeter/tests/Makefile.am that starts with »check:«. Also comment out the line below.

get-build-deps removed from ubuntu-dev-tools in version 0.131

The script get-build-deps has been removed from ubuntu-dev-tools in version 0.131. Use ...

$ sudo apt-get install equivs
$ cd <source-package-folder>
$ sudo mk-build-deps -ir debian/control

... instead. :-)

Package thin-client-config-agent depends on python3-pycurl

Another issue that is missing in the above article: The package thin-client-config-agent depends on python3-pycurl. The issue is in the thin-client-config-agent package and has just now been reported to Ubuntu BTS [1].

Thus, the package has to be installed manually on the Ubuntu client machines:

$ sudo apt-get install python3-pycurl

[1] https://bugs.launchpad.net/ubuntu/+source/thin-client-config-agent/+bug/...

Set SERVER_ROOT before testing thin-client-config-agent

One detail that slipped through in the above article...

When testing the UCCS client<->server connectivity with thin-client-config-agent, the SERVER_ROOT env var has to be set.

$ SERVER_ROOT=http://x2gobroker.localdomain:8080/uccs/inifile/
$ export SERVER_ROOT
$ echo <mypassword> | thin-client-config-agent <myuserid>