Difference between revisions of "Guacamole 0.8 on SUSE"

From Linuxintro
imported>ThorstenStaerk
(Whjy5AjHQoM)
Line 1: Line 1:
= Overview =
+
This worked great!  I don't need Chicken of the VNC, etc. When I caleld AppleCare, they didn't tell me about thisSo spread the word.Once you issue the above command, you'll be asked for an account and password. These must match an actual account on the target machineThe password you may have used for Chicken of the VNC or other shareware in the past is irrelevantIf screen sharing on the target machine isn't turned on and the user account you want isn't listed, this won't workThat must be set up ahead of time.
Guacamole is a [[program]] to [[control a Linux desktop]] over the [[network]] in a browser.
 
 
 
Sometimes in your Linux life, you need to control your servers in the internet with a graphical user interface. This is tedious when you are behind a corporate firewall blocking ssh requests to the public internet. Typical corporate firewalls only allow proxified client access to port 80, 8080 and 443 in the public internet. One way to go is to use a browser to display a Linux desktop. The solution is not, however, to use [[Vnc#for_a_web_browser|VNC for a web browser]], as it will be blocked by corporate firewalls. The solution is [http://guacamole.sourceforge.net/ guacamole].
 
 
 
[[File:Snapshot-guacamole.png|250px]]
 
 
 
= Quickstart =
 
This will show you
 
* how to install guacamole 0.8.3 on SUSE 12.2
 
* how to make this configuration survive a reboot
 
* how to secure transmission with SSL
 
* how to make the website accessible from behind a firewall (port 80 or 443)
 
 
 
Here's what you do as root user:
 
* install tomcat and a vncserver
 
  yast -i tomcat tightvnc
 
 
 
== configure VNC server ==
 
Guacamole does the communication between a VNC server and the web browser. So whatever you see in VNC will be in the browser. Let's use gnome as desktop environment:
 
* install gnome:
 
yast -i gnome-session
 
* activate gnome for your VNC:
 
cd
 
cat >> .vnc/xstartup
 
#!/bin/sh
 
gnome-session
 
 
 
== deploy guacamole client ==
 
* download the guacamole webapp from http://sourceforge.net/projects/guacamole/files/current/binary/
 
* deploy it
 
  # mv guacamole-0.8.3.war /srv/tomcat/webapps/
 
* surf to http://localhost:8080/guacamole-0.8.3. A folder /srv/tomcat/webapps/guacamole-0.8.3 will be created with some content. We will need that later.
 
* although login is not yet possible your browser will show a login screen like that:
 
 
 
[[File:guacamole-login.png|250px]]
 
 
 
== install guacamole server ==
 
* install some [[dependencies]] that the server will need to build with vnc support:
 
yast -i LibVNCServer-devel libpng-devel cairo-devel
 
* download guacamole-server from http://sourceforge.net/projects/guacamole/files/current/source/
 
* unpack it
 
tar xvzf guacamole-server-0.8.3.tar.gz
 
* build the server:
 
cd guacamole-server-0.8.3
 
./configure && make -j8 && make install
 
* the following step is ugly; installation and binary do not completely fit so we must do that:
 
# ln -s /usr/local/lib64/libguac.so* /usr/lib64
 
  # ln -s /usr/local/lib64/libguac-client-vnc.so* /usr/lib64
 
* now we start the guacamole daemon
 
# guacd
 
guacd[11581]: INFO:  Guacamole proxy daemon (guacd) version 0.8.3
 
guacd[11581]: INFO:  Successfully bound socket to host ::1, port 4822
 
guacd[11581]: INFO:  Exiting and passing control to PID 11582
 
 
 
== configure guacamole ==
 
* create a folder for guacamole's configuration:
 
mkdir /etc/guacamole
 
* create a file /etc/guacamole/guacamole.properties with the content
 
# Hostname and port of guacamole proxy
 
guacd-hostname: localhost
 
guacd-port:    4822
 
 
# Location to read extra .jar's from
 
lib-directory:  /srv/tomcat/webapps/guacamole-0.8.3/WEB-INF/classes
 
 
# Authentication provider class
 
auth-provider: net.sourceforge.guacamole.net.basic.BasicFileAuthenticationProvider
 
 
# Properties used by BasicFileAuthenticationProvider
 
basic-user-mapping: /etc/guacamole/user-mapping.xml
 
* create a file /etc/guacamole/user-mapping.xml with the content
 
<user-mapping>
 
    <authorize username="user" password="password">
 
      <protocol>vnc</protocol>
 
          <param name="hostname">localhost</param>
 
          <param name="port">5901</param>
 
          <param name="password">password</param>
 
    </authorize>
 
</user-mapping>
 
 
 
== configure tomcat ==
 
* find out your tomcat's user directory:
 
# cat /etc/passwd|grep tomcat
 
tomcat:x:116:118:Apache Tomcat:/usr/share/tomcat:/bin/sh
 
: in this case it is /usr/share/tomcat
 
* create a folder .guacamole in your tomcat's user directory:
 
mkdir /usr/share/tomcat/.guacamole
 
* link guacamole.properties into your tomcat's user directories' guacamole folder
 
  ln -s /etc/guacamole/guacamole.properties /usr/share/tomcat/.guacamole
 
 
 
== finishing ==
 
* start a vnc server, as password set password (the vnc password given in user-mappings.xml)
 
vncserver
 
* restart your tomcat server
 
/etc/init.d/tomcat restart
 
* point your browser to http://localhost:8080/guacamole-0.8.3
 
* log in as user, password password (the user given in user-mappings.xml)
 
* you should see a screen like this:
 
 
 
[[File:Guacamole-after-login.png]]
 
 
 
* restart after reboot
 
* next steps: SSL
 
* next steps: proxypass
 
 
 
= TroubleShooting =
 
 
 
== invalid login ==
 
* now the problem is that tomcat does not know where to find the Authentication class:
 
 
 
/var/lib/tomcat6/webapps/guacamole/WEB-INF/classes/net/sourceforge/guacamole/net/basic/BasicFileAuthenticationProvider.class
 
 
 
is not in /etc/guacamole/guacamole.properties
 
 
 
* so add it
 
* cat /etc/passwd gives me a line
 
tomcat6:x:113:116::/usr/share/tomcat6:/bin/false
 
 
 
ll /usr/share/tomcat6/.guacamole/
 
total 8
 
drwxr-xr-x 2 root root 4096 Nov 26 07:58 ./
 
drwxr-xr-x 6 root root 4096 Nov 26 07:57 ../
 
lrwxrwxrwx 1 root root  35 Nov 26 07:58 guacamole.properties -> /etc/guacamole/guacamole.properties
 
 
 
* works now. So the thing is:
 
** take care that it is called guacamole and not guacamole-0.8.3 (sure?)
 
** make sure the classpath in /etc/guacamole/guacamole.properties is correct, e.g.
 
# Location to read extra .jar's from
 
lib-directory:  /var/lib/tomcat6/webapps/guacamole/WEB-INF/classes
 
 
 
== Server error ==
 
* now I got a server error so I straced guacd:
 
strace -p 15332
 
and saw
 
[pid 20344] open("/usr/lib/x86_64-linux-gnu/libguac-client-vnc.so", O_RDONLY) = -1 ENOENT (No such file or directory)
 
so the problem is that libguac-client-vnc.so is missing.
 
* downloaded java version 1.7.45 and compiled guacamole-client using mvn. But there was no *.so* file in it
 
* so installed libvncserver-dev and rebuild and reinstalled guacamole-server
 
* and there it is, libguac-client-vnc.so
 
* now the error message changed from "server error" to "unauthorized"
 
 
 
= See also =
 
* [[guacamole]]
 
* [[connect to a Linux computer]]
 
* [[guacamole 0.3.0 on Ubuntu 10.04]]
 
* [[cool things]]
 
* http://guac-dev.org/Debian%20Install%20Instructions
 
* ulteo
 
* http://www.filegott.se/prd/index.php/how-tos/19-how-to-setup-guacamole-in-linux-ubuntu
 
* http://guac-dev.org/doc/gug/installing-guacamole.html#idp99200
 
 
 
[[Category:Tool]]
 
[[Category:Webmaster]]
 

Revision as of 07:46, 23 November 2015

This worked great! I don't need Chicken of the VNC, etc. When I caleld AppleCare, they didn't tell me about this. So spread the word.Once you issue the above command, you'll be asked for an account and password. These must match an actual account on the target machine. The password you may have used for Chicken of the VNC or other shareware in the past is irrelevant. If screen sharing on the target machine isn't turned on and the user account you want isn't listed, this won't work. That must be set up ahead of time.