Difference between revisions of "Guacamole 0.8.3"

From Linuxintro
Line 1: Line 1:
 
  Hello! baceakd interesting baceakd site! I'm really like it! Very, very baceakd good!
 
  Hello! baceakd interesting baceakd site! I'm really like it! Very, very baceakd good!
  
= Quickstart =
+
Very nice site!
This will show you
 
* how to install guacamole 0.8.3 on Ubuntu (tested with 10.04 and 12.04)
 
* how to make this configuration survive a reboot
 
* how to secure transmission with SSL
 
* how to make the website accessible from behind a firewall (port 80 or 443)
 
 
 
Here's what you do as root user:
 
* install software that we will need later:
 
apt-get update
 
apt-get install tomcat6 tightvncserver make xterm
 
 
 
== configure VNC server ==
 
Guacamole does the communication between a VNC server and the web browser. So whatever you see in VNC will be in the browser. Let's use gnome as desktop environment:
 
* install gnome:
 
apt-get install gnome-session
 
* activate gnome for your VNC:
 
cd
 
mkdir .vnc
 
cat >> .vnc/xstartup <<EOF
 
#!/bin/sh
 
gnome-session || xterm
 
EOF
 
chmod 777 .vnc/xstartup
 
 
 
== deploy guacamole client ==
 
* download the guacamole webapp from http://sourceforge.net/projects/guacamole/files/current/binary/
 
* deploy it
 
# mv guacamole-0.8.3.war /var/lib/tomcat6/webapps/
 
* surf to http://localhost:8080/guacamole-0.8.3. A folder /var/lib/tomcat6/webapps/guacamole-0.8.3 will be created with some content. We will need that later.
 
* although login is not yet possible your browser will show a login screen like that:
 
 
 
[[File:guacamole-login.png|250px]]
 
 
 
== install guacamole server ==
 
* install some [[dependencies]] that the server will need to build with vnc support:
 
apt-get install libvncserver-dev libpng-dev libcairo-dev
 
* download guacamole-server from http://sourceforge.net/projects/guacamole/files/current/source/
 
* unpack it
 
tar xvzf guacamole-server-0.8.3.tar.gz
 
* build the server:
 
cd guacamole-server-0.8.3
 
./configure && make -j8 && make install
 
* the following step is ugly; installation and binary do not completely fit so we must do that:
 
ln -s /usr/local/lib/libguac.so* /lib
 
ln -s /usr/local/lib/libguac-client-vnc.so* /lib/
 
* now we start the guacamole daemon
 
# guacd
 
guacd[11581]: INFO:  Guacamole proxy daemon (guacd) version 0.8.3
 
guacd[11581]: INFO:  Successfully bound socket to host ::1, port 4822
 
guacd[11581]: INFO:  Exiting and passing control to PID 11582
 
 
 
== configure guacamole ==
 
* create a folder for guacamole's configuration:
 
mkdir /etc/guacamole
 
* create a file /etc/guacamole/guacamole.properties with the content
 
# Hostname and port of guacamole proxy
 
guacd-hostname: localhost
 
guacd-port:    4822
 
 
# Location to read extra .jar's from
 
lib-directory:  /var/lib/tomcat6/webapps/guacamole-0.8.3/WEB-INF/classes
 
 
# Authentication provider class
 
auth-provider: net.sourceforge.guacamole.net.basic.BasicFileAuthenticationProvider
 
 
# Properties used by BasicFileAuthenticationProvider
 
basic-user-mapping: /etc/guacamole/user-mapping.xml
 
* create a file /etc/guacamole/user-mapping.xml with the content
 
<user-mapping>
 
    <authorize username="user" password="password">
 
      <protocol>vnc</protocol>
 
          <param name="hostname">localhost</param>
 
          <param name="port">5901</param>
 
          <param name="password">password</param>
 
    </authorize>
 
</user-mapping>
 
 
 
== configure tomcat ==
 
* find out your tomcat's user directory:
 
# cat /etc/passwd|grep tomcat
 
tomcat6:x:113:116::/usr/share/tomcat6:/bin/false
 
: in this case it is /usr/share/tomcat6
 
* create a folder .guacamole in your tomcat's user directory:
 
mkdir /usr/share/tomcat6/.guacamole
 
* link guacamole.properties into your tomcat's user directories' guacamole folder
 
ln -s /etc/guacamole/guacamole.properties /usr/share/tomcat6/.guacamole
 
 
 
== finishing ==
 
* start a vnc server, as password set password (the vnc password given in user-mappings.xml)
 
vncserver
 
* restart your tomcat server
 
/etc/init.d/tomcat6 restart
 
* point your browser to http://localhost:8080/guacamole-0.8.3
 
* log in as user, password password (the user given in user-mappings.xml)
 
* you should see a screen like this:
 
 
 
[[File:Guacamole-after-login.png]]
 
 
 
* next steps: SSL
 
* next steps: proxypass
 
  
 
= Persist it =
 
= Persist it =

Revision as of 12:50, 5 December 2013

Hello! baceakd interesting baceakd site! I'm really like it! Very, very baceakd good!

Very nice site!

Persist it

Add the following lines to /etc/crontab:

@reboot root /usr/local/sbin/guacd &
@reboot root USER=root /usr/bin/vncserver

TroubleShooting

invalid login

  • now the problem is that tomcat does not know where to find the Authentication class:

/var/lib/tomcat6/webapps/guacamole/WEB-INF/classes/net/sourceforge/guacamole/net/basic/BasicFileAuthenticationProvider.class

is not in /etc/guacamole/guacamole.properties

  • so add it
  • cat /etc/passwd gives me a line
tomcat6:x:113:116::/usr/share/tomcat6:/bin/false
ll /usr/share/tomcat6/.guacamole/
total 8
drwxr-xr-x 2 root root 4096 Nov 26 07:58 ./
drwxr-xr-x 6 root root 4096 Nov 26 07:57 ../
lrwxrwxrwx 1 root root   35 Nov 26 07:58 guacamole.properties -> /etc/guacamole/guacamole.properties
  • works now. So the thing is:
    • take care that it is called guacamole and not guacamole-0.8.3 (sure?)
    • make sure the classpath in /etc/guacamole/guacamole.properties is correct, e.g.
# Location to read extra .jar's from
lib-directory:  /var/lib/tomcat6/webapps/guacamole/WEB-INF/classes

Server error

  • now I got a server error so I straced guacd:
strace -p 15332

and saw

[pid 20344] open("/usr/lib/x86_64-linux-gnu/libguac-client-vnc.so", O_RDONLY) = -1 ENOENT (No such file or directory)

so the problem is that libguac-client-vnc.so is missing.

  • downloaded java version 1.7.45 and compiled guacamole-client using mvn. But there was no *.so* file in it
  • so installed libvncserver-dev and rebuild and reinstalled guacamole-server
  • and there it is, libguac-client-vnc.so
  • now the error message changed from "server error" to "unauthorized"

See also