Difference between pages "Guacamole 0.8 on SUSE" and "Boot process"

From Linuxintro
(Difference between pages)
imported>ThorstenStaerk
 
imported>ThorstenStaerk
 
Line 1: Line 1:
= Overview =
+
How Linux typically starts up on a PC
Guacamole is a [[program]] to [[control a Linux desktop]] over the [[network]] in a browser.
 
  
Sometimes in your Linux life, you need to control your servers in the internet with a graphical user interface. This is tedious when you are behind a corporate firewall blocking ssh requests to the public internet. Typical corporate firewalls only allow proxified client access to port 80, 8080 and 443 in the public internet. One way to go is to use a browser to display a Linux desktop. The solution is not, however, to use [[Vnc#for_a_web_browser|VNC for a web browser]], as it will be blocked by corporate firewalls. The solution is [http://guacamole.sourceforge.net/ guacamole].
+
= you switch on the computer =
 +
BIOS is shown and the devices are checked.
  
[[File:Snapshot-guacamole.png|250px]]
+
= the master boot record is executed =
 +
The BIOS will then load the first sector of the first hard disk and execute it. The first sector is part of the bootloader and loads more sectors, for the [[grub]] bootloader this looks like this:
  
= Quickstart =
+
[[File:Snapshot-grub.png]]
This will show you
 
* how to install guacamole 0.8.3 on SUSE 12.2
 
* how to make this configuration survive a reboot
 
* how to secure transmission with SSL
 
* how to make the website accessible from behind a firewall (port 80 or 443)
 
  
Here's what you do as root user:
+
You can look what's in your harddisk's first sector using the command
* install tomcat and a vncserver
+
  [[dd]] if=/dev/sda count=1 | hexdump -C
  yast -i tomcat tightvnc
 
  
== configure VNC server ==
+
= the boot loader is executed =
Guacamole does the communication between a VNC server and the web browser. So whatever you see in VNC will be in the browser. Let's use gnome as desktop environment:
+
The boot loader is typically grub, and there is an older and smaller called lilo. The grub bootloader displaying the boot menu can look like this:
* install gnome:
 
yast -i gnome-session
 
* activate gnome for your VNC:
 
cat >> .vnc/xstartup
 
#!/bin/sh
 
gnome-session
 
  
== deploy guacamole client ==
+
[[File:Snapshot-bootmenu.png]]
* download the guacamole webapp from http://sourceforge.net/projects/guacamole/files/current/binary/
 
* deploy it
 
# mv guacamole-0.8.3.war /srv/tomcat/webapps/
 
* surf to http://localhost:8080/guacamole-0.8.3. A folder /srv/tomcat/webapps/guacamole-0.8.3 will be created with some content. We will need that later.
 
* although login is not yet possible your browser will show a login screen like that:
 
  
[[File:guacamole-login.png|250px]]
+
= the Linux kernel is loaded =
  
== install guacamole server ==
+
= the initrd is loaded =
* install some [[dependencies]] that the server will need to build with vnc support:
+
The initrd is the initial RAM disk. Typically it contains drivers for the kernel so it can access the disk it is supposed to start from. E.g. for USB boot the initial RAM disk must contain usb storage kernel modules.
yast -i LibVNCServer-devel libpng-devel cairo-devel
 
* download guacamole-server from http://sourceforge.net/projects/guacamole/files/current/source/
 
* unpack it
 
tar xvzf guacamole-server-0.8.3.tar.gz
 
* build the server:
 
cd guacamole-server-0.8.3
 
./configure && make -j8 && make install
 
* the following step is ugly; installation and binary do not completely fit so we must do that:
 
# ln -s /usr/local/lib/libguac.so* /usr/lib64
 
# ln -s /usr/local/lib/libguac-client-vnc.so* /usr/lib64
 
* now we start the guacamole daemon
 
# guacd
 
guacd[11581]: INFO:  Guacamole proxy daemon (guacd) version 0.8.3
 
guacd[11581]: INFO:  Successfully bound socket to host ::1, port 4822
 
guacd[11581]: INFO:  Exiting and passing control to PID 11582
 
  
== configure guacamole ==
+
= the Linux kernel is executed =
* create a folder for guacamole's configuration:
+
Now the Linux kernel can start, mount the harddisk and execute a program.
mkdir /etc/guacamole
 
* create a file /etc/guacamole/guacamole.properties with the content
 
# Hostname and port of guacamole proxy
 
guacd-hostname: localhost
 
guacd-port:    4822
 
 
# Location to read extra .jar's from
 
lib-directory:  /srv/tomcat/webapps/guacamole-0.8.3/WEB-INF/classes
 
 
# Authentication provider class
 
auth-provider: net.sourceforge.guacamole.net.basic.BasicFileAuthenticationProvider
 
 
# Properties used by BasicFileAuthenticationProvider
 
basic-user-mapping: /etc/guacamole/user-mapping.xml
 
* create a file /etc/guacamole/user-mapping.xml with the content
 
<user-mapping>
 
    <authorize username="user" password="password">
 
      <protocol>vnc</protocol>
 
          <param name="hostname">localhost</param>
 
          <param name="port">5901</param>
 
          <param name="password">password</param>
 
    </authorize>
 
</user-mapping>
 
  
== configure tomcat ==
+
= the init program is started =
* find out your tomcat's user directory:
+
The Linux kernel starts the /sbin/init program. Nothing else. If the init process quits, the Linux kernel panics. Init is responsible for all further services and programs that are started.
# cat /etc/passwd|grep tomcat
 
tomcat:x:116:118:Apache Tomcat:/usr/share/tomcat:/bin/sh
 
: in this case it is /usr/share/tomcat
 
* create a folder .guacamole in your tomcat's user directory:
 
mkdir /usr/share/tomcat/.guacamole
 
* link guacamole.properties into your tomcat's user directories' guacamole folder
 
ln -s /etc/guacamole/guacamole.properties /usr/share/tomcat/.guacamole
 
  
== finishing ==
+
= the init scripts are executed =
* start a vnc server, as password set password (the vnc password given in user-mappings.xml)
+
This can be SysV init scripts or upstart or systemd. These init scripts typically start services. Services are grouped into runlevels. Find out your current runlevel with the command
vncserver
+
  runlevel
* restart your tomcat server
+
Change your runlevel, in this case to 3, with the command
  /etc/init.d/tomcat restart
+
init 3
* point your browser to http://localhost:8080/guacamole-0.8.3
 
* log in as user, password password (the user given in user-mappings.xml)
 
* you should see a screen like this:
 
  
[[File:Guacamole-after-login.png]]
+
E.g. in SUSE the runlevels are defines as
 +
* 0: reboot
 +
* 1: rescue system, single user
 +
* 2: all services that run in (1) plus services needed for multi-user login
 +
* 3: all services that run in (2) plus network services
 +
* 4: undefined
 +
* 5: all services that run in (3) plus graphical display
 +
Some notable services are:
 +
* alsasound
 +
: Used for the alsa sound system
 +
* cups
 +
: Used for printing, it is the common Unix printing system
 +
* dbus
 +
: Used to call public functions in running programs. Should be abstracted to users.
 +
* esound
 +
: Used for enlightenment sound system
 +
* ntp
 +
: Network Time Protocol to keep your clock in sync with the real time via the network
 +
* autofs
 +
: To automount devices as soon as they are plugged in, e.g. USB disks and CD ROMs
 +
* udev
 +
: The udev services have a lot of names, e.g. boot.udev under SUSE. They create the device handles in the /dev folder, e.g. when you plug in a USB disk or attach a [[web cam]]
 +
* xdm
 +
: The x display manager shows a graphical login screen and starts a session when you log in. It keeps running during the session so when you end your session, you will be able to log in again.
 +
* cifs
 +
: mounts all cifs network drives           
 +
* xfs
 +
: manages X fonts
 +
* cron
 +
: Cron executes jobs in given time intervals according to /etc/crontab
 +
* ypbind
 +
: provides information like login names, home directories and so on over the network
 +
* powerd
 +
: Makes sure to throttle down your computer's speed if there is nothing to do, it can save power and it is configured to do so.   
 +
* network
 +
: The network service makes sure you have an IP address and your network card is active.    
 +
* sshd
 +
: Service that allows to [[control a computer via the network]]
  
* restart after reboot
+
= Virtual Terminals are started =
* next steps: SSL
+
Init will also create virtual terminals. You can typically reach them by pressing CTRL_ALT_F1 or CTRL_ALT with another function key. They are text-only consoles that look like this:
* next steps: proxypass
 
  
= TroubleShooting =
+
[[File:Snapshot-terminal.png]]
  
== invalid login ==
+
= X Windowing system is started =
* now the problem is that tomcat does not know where to find the Authentication class:
 
  
/var/lib/tomcat6/webapps/guacamole/WEB-INF/classes/net/sourceforge/guacamole/net/basic/BasicFileAuthenticationProvider.class
+
= login manager is started =
  
is not in /etc/guacamole/guacamole.properties
+
= Computer waits for user login =
 +
Now the boot process has finished and the computer waits for a user to log in. While waiting it will execute the cron jobs as of /etc/crontab.
  
* so add it
+
= user session incl. Desktop environment is started =
* cat /etc/passwd gives me a line
 
tomcat6:x:113:116::/usr/share/tomcat6:/bin/false
 
  
ll /usr/share/tomcat6/.guacamole/
+
= user starts a shell =
total 8
+
The user can start several shells: bash, zsh, csh, ksh, tcsh and a lot more. We will assume the user starts bash. He can either start it as a non-login-shell (by logging in graphically and clicking on the terminal symbol) or he can start it as a [[login shell]] (by logging in with a password, authorized key or by starting su - or bash - or bash -login).
drwxr-xr-x 2 root root 4096 Nov 26 07:58 ./
 
drwxr-xr-x 6 root root 4096 Nov 26 07:57 ../
 
lrwxrwxrwx 1 root root  35 Nov 26 07:58 guacamole.properties -> /etc/guacamole/guacamole.properties
 
 
 
* works now. So the thing is:
 
** take care that it is called guacamole and not guacamole-0.8.3 (sure?)
 
** make sure the classpath in /etc/guacamole/guacamole.properties is correct, e.g.
 
# Location to read extra .jar's from
 
lib-directory:  /var/lib/tomcat6/webapps/guacamole/WEB-INF/classes
 
 
 
== Server error ==
 
* now I got a server error so I straced guacd:
 
strace -p 15332
 
and saw
 
[pid 20344] open("/usr/lib/x86_64-linux-gnu/libguac-client-vnc.so", O_RDONLY) = -1 ENOENT (No such file or directory)
 
so the problem is that libguac-client-vnc.so is missing.
 
* downloaded java version 1.7.45 and compiled guacamole-client using mvn. But there was no *.so* file in it
 
* so installed libvncserver-dev and rebuild and reinstalled guacamole-server
 
* and there it is, libguac-client-vnc.so
 
* now the error message changed from "server error" to "unauthorized"
 
  
 
= See also =
 
= See also =
* [[connect to a Linux computer]]
+
* [[scheduling_tAsks]]
* [[trying guacamole 0.8 on SUSE]]
+
* http://wiki.linuxquestions.org/wiki/Boot_process
* [[guacamole 0.3.0 on Ubuntu 10.04]]
+
* http://unix.stackexchange.com/questions/106822/documentation-architecture-of-linux-session
* [[guacamole on Debian 6]]
 
* [[guacamole on Ubuntu 11.10 32bit]]
 
* [[guacamole on SUSE 12.1 x64]]
 
* [[cool things]]
 
* http://guac-dev.org/Debian%20Install%20Instructions
 
* ulteo
 
* http://www.filegott.se/prd/index.php/how-tos/19-how-to-setup-guacamole-in-linux-ubuntu
 
* http://guac-dev.org/doc/gug/installing-guacamole.html#idp99200
 
 
 
[[Category:Tool]]
 
[[Category:Webmaster]]
 

Revision as of 08:31, 1 February 2014

How Linux typically starts up on a PC

you switch on the computer

BIOS is shown and the devices are checked.

the master boot record is executed

The BIOS will then load the first sector of the first hard disk and execute it. The first sector is part of the bootloader and loads more sectors, for the grub bootloader this looks like this:

Snapshot-grub.png

You can look what's in your harddisk's first sector using the command 

dd if=/dev/sda count=1 | hexdump -C

the boot loader is executed

The boot loader is typically grub, and there is an older and smaller called lilo. The grub bootloader displaying the boot menu can look like this:

Snapshot-bootmenu.png

the Linux kernel is loaded

the initrd is loaded

The initrd is the initial RAM disk. Typically it contains drivers for the kernel so it can access the disk it is supposed to start from. E.g. for USB boot the initial RAM disk must contain usb storage kernel modules.

the Linux kernel is executed

Now the Linux kernel can start, mount the harddisk and execute a program.

the init program is started

The Linux kernel starts the /sbin/init program. Nothing else. If the init process quits, the Linux kernel panics. Init is responsible for all further services and programs that are started.

the init scripts are executed

This can be SysV init scripts or upstart or systemd. These init scripts typically start services. Services are grouped into runlevels. Find out your current runlevel with the command 

runlevel

Change your runlevel, in this case to 3, with the command 

init 3

E.g. in SUSE the runlevels are defines as

  • 0: reboot
  • 1: rescue system, single user
  • 2: all services that run in (1) plus services needed for multi-user login
  • 3: all services that run in (2) plus network services
  • 4: undefined
  • 5: all services that run in (3) plus graphical display

Some notable services are:

  • alsasound
Used for the alsa sound system
  • cups
Used for printing, it is the common Unix printing system
  • dbus
Used to call public functions in running programs. Should be abstracted to users.
  • esound
Used for enlightenment sound system
  • ntp
Network Time Protocol to keep your clock in sync with the real time via the network
  • autofs
To automount devices as soon as they are plugged in, e.g. USB disks and CD ROMs
  • udev
The udev services have a lot of names, e.g. boot.udev under SUSE. They create the device handles in the /dev folder, e.g. when you plug in a USB disk or attach a web cam
  • xdm
The x display manager shows a graphical login screen and starts a session when you log in. It keeps running during the session so when you end your session, you will be able to log in again.
  • cifs
mounts all cifs network drives
  • xfs
manages X fonts
  • cron
Cron executes jobs in given time intervals according to /etc/crontab
  • ypbind
provides information like login names, home directories and so on over the network
  • powerd
Makes sure to throttle down your computer's speed if there is nothing to do, it can save power and it is configured to do so.
  • network
The network service makes sure you have an IP address and your network card is active.
  • sshd
Service that allows to control a computer via the network

Virtual Terminals are started

Init will also create virtual terminals. You can typically reach them by pressing CTRL_ALT_F1 or CTRL_ALT with another function key. They are text-only consoles that look like this:

Snapshot-terminal.png

X Windowing system is started

login manager is started

Computer waits for user login

Now the boot process has finished and the computer waits for a user to log in. While waiting it will execute the cron jobs as of /etc/crontab.

user session incl. Desktop environment is started

user starts a shell

The user can start several shells: bash, zsh, csh, ksh, tcsh and a lot more. We will assume the user starts bash. He can either start it as a non-login-shell (by logging in graphically and clicking on the terminal symbol) or he can start it as a login shell (by logging in with a password, authorized key or by starting su - or bash - or bash -login).

See also

Retrieved from "http://linuxintro.org/index.php?title=Guacamole_0.8_on_SUSE&oldid=19055"