This file is indexed.

/usr/bin/ltsp-localappsd is in ltsp-client-core 5.5.4-4.

This file is owned by root:root, with mode 0o755.

The actual contents of the file can be viewed below.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
#!/bin/sh

. /usr/share/ltsp/ltsp-client-functions

logit() {
    logger -t ltsp-localappsd -p daemon.info $1
}

if [ -n "${LDM_USERNAME}" -a -n "$(/usr/bin/id ${LDM_USERNAME})" ]; then
    true
else
    logit "Unknown user:  $LDM_USERNAME"
    exit 1
fi

if [ -z "$DISPLAY" ];then 
    logit "Unknown DISPLAY"
    exit 1
fi

# Initialize LTSP_COMMAND as blank
reset_xprop(){
    xprop -root -f $1 8s -set $1 ""
}

reset_xprop LTSP_COMMAND
reset_xprop LTSP_COMMAND_WAIT

# Make sure the local user has access to X
chown ${LDM_USERNAME} $XAUTHORITY

# Check for default printer and printer filtering and export them
[ -n "$LDM_PRINTER_DEFAULT" ] && export CLIENT_ENV="${CLIENT_ENV} PRINTER=${LDM_PRINTER_DEFAULT}"
[ -n "$LDM_PRINTER_LIST" ] && export CLIENT_ENV="${CLIENT_ENV} PRINTER_LIST=${LDM_PRINTER_LIST}"

run_ltsp_localappsd(){
    if [ "${LDM_USERNAME}" = "${USER}" ]; then
        LANG=$LANG LANGUAGE=$LANG DISPLAY=$DISPLAY XAUTHORITY=$XAUTHORITY $CLIENT_ENV ${LTSP_COMMAND}
    else
        su - ${LDM_USERNAME} -c "LANG=$LANG LANGUAGE=$LANG DISPLAY=$DISPLAY XAUTHORITY=$XAUTHORITY $CLIENT_ENV ${LTSP_COMMAND}"
    fi
}

# Poll for LTSP_COMMAND changes and execute
xprop -notype -root -spy LTSP_COMMAND | while read junk_x junk_y LTSP_COMMAND ; do

    # Strip off leading and trailing double-quotes.
    LTSP_COMMAND=${LTSP_COMMAND%\"}
    LTSP_COMMAND=${LTSP_COMMAND#\"}

    # If empty, nothing to execute, return to the loop.
    test -n "${LTSP_COMMAND}" || continue

    LTSP_COMMAND_WAIT=$(xprop -root -notype LTSP_COMMAND_WAIT |sed -e 's/^LTSP_COMMAND_WAIT = //' -e 's/^"//' -e 's/"$//')
    if [ -n "${LTSP_COMMAND}" ]; then
        # If LOCAL_APPS_APPS_WHITELIST is defined, reject anything not listed.  Otherwise allow by default.
        if [ -n "${LOCAL_APPS_WHITELIST}" ]; then
            unset TEMP_ALLOW_EXEC
            for cmd in $LOCAL_APPS_WHITELIST; do
                if [ "$cmd" = "$(echo $LTSP_COMMAND|cut -d\  -f1)" ]; then
                    TEMP_ALLOW_EXEC=1
                    break
                fi
            done
            if [ -z "${TEMP_ALLOW_EXEC}" ]; then
                logit "Rejecting command not listed in LOCAL_APPS_WHITELIST: $LTSP_COMMAND"
                reset_xprop LTSP_COMMAND
                reset_xprop LTSP_COMMAND_WAIT
                continue
            fi
        fi

        logit "Executing command as username ${LDM_USERNAME}: ${LTSP_COMMAND} "
        if [ "$LTSP_COMMAND_WAIT" = "true" ]; then
            run_ltsp_localappsd
        else
            run_ltsp_localappsd &
        fi
    fi
    reset_xprop LTSP_COMMAND
    reset_xprop LTSP_COMMAND_WAIT
done