Re: Pb with oznu/guacamole image on raspberry

2024-05-30 Thread Antoine Besnier
 I forgot to mention that Oznu's image (and its derivatives too), are self 
contained, meaning they include guacd, guacamole client, and postgresql 
all-in-one. No need to add guacd and postgresql in your docker compose.

Cheers 
Antoine

Le jeudi 30 mai 2024 à 15:17:46 UTC+2, Antoine Besnier 
 a écrit :  
 
  HI, 

I don't think you will get support from the Guacamole team for unofficial 
images.
More over, Oznu's image has been abandoned more than 3 years ago. There are 
plenty of replacements. The most popular one was Max Waldorf's, now handed over 
to flcontainers (flcontainers/guacamole but it has nothing in common with 
Oznu's). I maintain one (abesnier/guacamole, trying to keep it as close as 
possible to Oznu's image, and keeping it up to date with latest guacamole, 
tomcat, postgres jdbc and s6 overlay).
Try also targeting arm64 images for a Raspeberry pi 5.
CheersAntoine


Le jeudi 30 mai 2024 à 15:02:33 UTC+2, obiwan kenobi 
 a écrit :  
 
 Hello,
I have been stuck for several days on an installation of Guacamole in Docker 
(via openmediavault) on an ARM architecture (raspberry PI 5)I tried several 
imagesI use the “oznu/guacamole:armhf” image which seems to support ARM, but I 
always see the same error message in the logs, despite the different 
configurations. A problem accessing the libsystemd.so library 


guacamole | postgres: error while loading shared libraries:libsystemd.so.0: ELF 
load command alignment not page-aligned 

guacamole | /var/run/postgresql:5432 - no response

Here is my yml file: 


services:

 guacamole:

   image: oznu/guacamole:armhf

   container_name: guacamole

   restart: always

   ports:

  -"8082:8080"

   environment:

  -GUACD_HOSTNAME=guacd

  -POSTGRES_HOSTNAME=postgres

  -POSTGRES_DATABASE=guacamole_db

  -POSTGRES_USER=guacamole_user

  -POSTGRES_PASSWORD= password

  -GUACAMOLE_HOME=/config

   volumes:

  -./config:/config

  -./logs:/logs

   depends_on:

  -postgres

  -guacd

 

 postgres:

   image: postgres:latest

   container_name: guacamole-postgres

    restart:always

   environment:

 POSTGRES_DB: guacamole_db

 POSTGRES_USER: guacamole_user

 POSTGRES_PASSWORD: password

   volumes:

  -./postgres:/var/lib/postgresql/data

   platform: linux/arm64

 

 guacd:

   image: guacd-arm

   container_name: guacd

   platform: linux/arm64

   restart: always

Can you help me ? 
What are good Guacamole, Postgre and guacd images to use for an ARM 
architecture ? 

Thanks,
Best Regards,
O.K.


Re: Pb with oznu/guacamole image on raspberry

2024-05-30 Thread Antoine Besnier
 HI, 

I don't think you will get support from the Guacamole team for unofficial 
images.
More over, Oznu's image has been abandoned more than 3 years ago. There are 
plenty of replacements. The most popular one was Max Waldorf's, now handed over 
to flcontainers (flcontainers/guacamole but it has nothing in common with 
Oznu's). I maintain one (abesnier/guacamole, trying to keep it as close as 
possible to Oznu's image, and keeping it up to date with latest guacamole, 
tomcat, postgres jdbc and s6 overlay).
Try also targeting arm64 images for a Raspeberry pi 5.
CheersAntoine


Le jeudi 30 mai 2024 à 15:02:33 UTC+2, obiwan kenobi 
 a écrit :  
 
 Hello,
I have been stuck for several days on an installation of Guacamole in Docker 
(via openmediavault) on an ARM architecture (raspberry PI 5)I tried several 
imagesI use the “oznu/guacamole:armhf” image which seems to support ARM, but I 
always see the same error message in the logs, despite the different 
configurations. A problem accessing the libsystemd.so library 


guacamole | postgres: error while loading shared libraries:libsystemd.so.0: ELF 
load command alignment not page-aligned 

guacamole | /var/run/postgresql:5432 - no response

Here is my yml file: 


services:

 guacamole:

   image: oznu/guacamole:armhf

   container_name: guacamole

   restart: always

   ports:

  -"8082:8080"

   environment:

  -GUACD_HOSTNAME=guacd

  -POSTGRES_HOSTNAME=postgres

  -POSTGRES_DATABASE=guacamole_db

  -POSTGRES_USER=guacamole_user

  -POSTGRES_PASSWORD= password

  -GUACAMOLE_HOME=/config

   volumes:

  -./config:/config

  -./logs:/logs

   depends_on:

  -postgres

  -guacd

 

 postgres:

   image: postgres:latest

   container_name: guacamole-postgres

    restart:always

   environment:

 POSTGRES_DB: guacamole_db

 POSTGRES_USER: guacamole_user

 POSTGRES_PASSWORD: password

   volumes:

  -./postgres:/var/lib/postgresql/data

   platform: linux/arm64

 

 guacd:

   image: guacd-arm

   container_name: guacd

   platform: linux/arm64

   restart: always

Can you help me ? 
What are good Guacamole, Postgre and guacd images to use for an ARM 
architecture ? 

Thanks,
Best Regards,
O.K.
  

Re: Aw: Re: Major bug message log in guacd 1.5.4

2024-02-09 Thread Antoine Besnier
 Hi, 
On Alpine, openssl1.1-compat-dev is available for 3.17, 3.18 and Edge, but not 
3.19 (which is the version for the 'latest' tag). You could try by changing the 
version of Alpine.
CheersAntoine 
Le vendredi 9 février 2024 à 07:35:42 UTC+1, michael böhm 
 a écrit :  
 
 Hi everyone I'd gladly test in our environment. However, the docker build does 
not work for me: /tmp/guacamole-server ‹staging/1.5.5› » git checkout 
staging/1.5.5                                                                   
                                                                                
                  1 ↵
Switched to branch 'staging/1.5.5'
Your branch is up to date with 'origin/staging/1.5.5'.
/tmp/guacamole-server ‹staging/1.5.5› » docker build -t guac_test .
[+] Building 0.9s (6/13)                                                        
                                                                                
                                                                                
                  docker:default
 => [internal] load build definition from Dockerfile                            
                                                                                
                                                                                
                            0.0s
 => => transferring dockerfile: 6.10kB                                          
                                                                                
                                                                                
                            0.0s
 => [internal] load metadata for docker.io/library/alpine:latest                
                                                                                
                                                                                
                            0.0s
 => [internal] load .dockerignore                                               
                                                                                
                                                                                
                            0.0s
 => => transferring context: 681B                                               
                                                                                
                                                                                
                            0.0s
 => CACHED [builder 1/5] FROM docker.io/library/alpine:latest                   
                                                                                
                                                                                
                            0.0s
 => [internal] load build context                                               
                                                                                
                                                                                
                            0.0s
 => => transferring context: 28.84kB                                            
                                                                                
                                                                                
                            0.0s
 => ERROR [builder 2/5] RUN apk add --no-cache                        autoconf  
                            automake                              build-base    
                        cairo-dev                             cmake             
                    git     0.8s
--                                                                          
                                                                                
                                                                                
                                 
 > [builder 2/5] RUN apk add --no-cache                        autoconf         
                     automake                              build-base           
                 cairo-dev                             cmake                    
             git                                   grep                         
         libjpeg-turbo-dev                     libpng-dev                       
     libtool                               libwebp-dev                          
 make                                  openssl1.1-compat-dev                 
pango-dev                             pulseaudio-dev                        
util-linux-dev:                                                                 
                                                                                
                          
0.285 fetch 
https://dl-cdn.alpinelinux.org/alpine/v3.19/main/x86_64/APKINDEX.tar.gz         
                                                                                
                                                                                
                     
0.475 fetch 

Re: [ANNOUNCE] Apache Guacamole 1.5.4

2023-12-11 Thread Antoine Besnier
 Hi, 
I have the same issue with Bullseye.
I build Docker images for various platforms, with Alpine Edge or Ubuntu 22.04 
bases, those build succeed.But if fails with the same error with a Bullseye 
base, and on my own machine which runs Bullseye too.
I use the source file from guacamole.apache.org/releases/1.5.4/ for all builds.
Something with time.h versions? They are a bit different between Bullseye, 
Bookworm and Jammy, but the references for the functions in question are there 
and signatures look the same, and I am not familiar enough with linux/c headers 
to dig more.
Cheers
Antoine


Le samedi 9 décembre 2023 à 15:06:34 UTC+1, sam g 
 a écrit :  
 
  Same error after "make distclean;autoreconf -fi;./configure;make"
I'm using a freshly installed Ubuntu 20.04.6.I've tested with an Ubuntu 22.04.3 
and no problems in this case.

Sam



Le samedi 9 décembre 2023 à 14:46:16 UTC+1, Nick Couchman 
 a écrit :  
 
 On Sat, Dec 9, 2023 at 4:36 AM sam g  wrote:

 Hi,
Small issue in compiling guac 1.5.4:/usr/bin/ld: 
/home/sam/guacamole-server-1.5.4/src/libguac/.libs/libguac.so: undefined 
reference to `timer_delete'
/usr/bin/ld: /home/sam/guacamole-server-1.5.4/src/libguac/.libs/libguac.so: 
undefined reference to `timer_settime'
/usr/bin/ld: /home/sam/guacamole-server-1.5.4/src/libguac/.libs/libguac.so: 
undefined reference to `timer_create'
collect2: error: ld returned 1 exit status
make[2]: *** [Makefile:563: guacd] Error 1
make[2]: Leaving directory '/home/sam/guacamole-server-1.5.4/src/guacd'

I built the 1.5.3 on the exact same machine without troubles.

Could you try doing the following in the 1.5.4 source directory:make 
distcleanautoreconf -fi
and then re-run configure and make? I just pulled the source code from the web 
site and built on my EL8 system without any issues. If you're still having 
trouble, please provide some more detail on the environment you're building in.
-Nick

Re: Health check uri

2023-11-16 Thread Antoine Besnier
 Depends on what image you are using.You can try  
HEALTHCHECK  --timeout=3s CMD wget --no-verbose --tries=1 --spider 
http://localhost:8080/guacamole || exit 1  if you are using the official 
Guacamole images.

Le jeudi 16 novembre 2023 à 07:51:53 UTC+1, miao  a écrit 
:  
 
 Seems the uri will get 404, I test "/api/languages” also get 404. So … any 
suggestion


2023年11月14日 17:56,Antoine Besnier  写道:
 HEALTHCHECK  --timeout=3s CMD wget --no-verbose --tries=1 --spider 
http://localhost:8080 || exit 1

should do it. If either guacd or the client are not properly loaded, wget will 
return a server error, so it would report a bad health check.
CheersAntoine


Le mardi 14 novembre 2023 à 08:22:46 UTC+1, miao  a écrit 
:  
 
 Hi ,
  Is there some health check uri for guacamole and guacd when run it as docker 
container? 
  Thx


Regards

-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org

  

  

Re: Health check uri

2023-11-14 Thread Antoine Besnier
 Forgot to mention this command needs to be baked in the image, it cannot be 
added when starting the container.You can add a healthcheck when starting the 
container (see Docker run reference | Docker Docs) or in docker compose 
(Compose file version 3 reference | Docker Docs).
CheersAntoine
Le mardi 14 novembre 2023 à 10:57:05 UTC+1, Antoine Besnier 
 a écrit :  
 
  HEALTHCHECK  --timeout=3s CMD wget --no-verbose --tries=1 --spider 
http://localhost:8080 || exit 1

should do it. If either guacd or the client are not properly loaded, wget will 
return a server error, so it would report a bad health check.
CheersAntoine


Le mardi 14 novembre 2023 à 08:22:46 UTC+1, miao  a écrit 
:  
 
 Hi ,
  Is there some health check uri for guacamole and guacd when run it as docker 
container? 
  Thx


Regards

-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org



Re: Health check uri

2023-11-14 Thread Antoine Besnier
 HEALTHCHECK  --timeout=3s CMD wget --no-verbose --tries=1 --spider 
http://localhost:8080 || exit 1

should do it. If either guacd or the client are not properly loaded, wget will 
return a server error, so it would report a bad health check.
CheersAntoine


Le mardi 14 novembre 2023 à 08:22:46 UTC+1, miao  a écrit 
:  
 
 Hi ,
  Is there some health check uri for guacamole and guacd when run it as docker 
container? 
  Thx


Regards

-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org

  

Show TOTP secret in User detail page

2023-11-07 Thread Antoine Besnier
Hi, 
I have a feature request, but before opening a probably useless JIRA issue, I'd 
like to discuss this here.
Let's assume that TOTP is activated and an user wants to change his TOTP 
device, or wants to use different apps, for example one on their phone and one 
on their computer.
In Guacamole, once the TOTP secret has been confirmed, the only way to show it 
again is to go to the database and query it with something like SELECT * FROM 
guacamole_user_attribute WHERE attribute_name='guac-totp-key-secret' AND 
user_id = (SELECT entity_id FROM guacamole_entity WHERE name = 'username' AND 
type ='USER'); or SELECT guacamole_user.user_id, guacamole_user.entity_id, 
name, attribute_value FROM 
guacamole_entity,guacamole_user,guacamole_user_attribute WHERE 
guacamole_user_attribute.user_id = guacamole_user.user_id AND 
guacamole_user.entity_id = guacamole_entity.entity_id AND attribute_name = 
'guac-totp-key-secret' and name like 'username'; which first, is not avaible to 
generic users, and two, requires you to know the database schema.
Or to ask an admin to reset the TOTP confirmation, and make sure you have all 
your devices ready when re-enrolling.
Would it be practical to have the option to show the secret key somewhere, 
probably in the Settings > Preference tab, only for the currently logged in 
user of course?
I am an amateur user, and use Guacamole on a home network. What would be the 
larger implications if the secret key could be displayed?

In my opinion, because username/password is something-you-know, and TOTP is 
something-you-have, and because you need both to log in, I don't believe begin 
able to see the secret key when you are already logged in is big security issue.
Looking forward to reading your ideas.
Thanks you
Antoine


Re: When enabling the gfx (Graphics Pipeline Extension), the mouse cursor isn't updated.

2023-10-11 Thread Antoine Besnier
 Ok, everything makes more sense now. This is not the first time I forget to 
check the target release of an issue. And indeed, this works with a build from 
github.
Thank you Michael (and Sean and Nick too).
Cheers
Antoine
Le mercredi 11 octobre 2023 à 17:53:46 UTC+2, Michael Jumper 
 a écrit :  
 
 On 10/11/2023 6:22 AM, Antoine Besnier wrote:
> Thanks, but where do I find this option? I turning my Guacamole Client 
> upside down, installing fresh ones in VMs, in Docker, and cannot find it 
> anywhere...
> 
> I believe this should be in the Performance section of the RDP 
> connection setup, but I can't see it there. Am I missing something?
> 

It is:

https://github.com/apache/guacamole-client/blob/d1faaa9605c5eef668da8bf84279d7a88cad5af7/guacamole-ext/src/main/resources/org/apache/guacamole/protocols/rdp.json#L265-L319

You just won't find it in outside a build of the webapp from git, as 
support for RDPGFX has not been released. It's a work in progress that's 
planned for 1.6.0:

https://issues.apache.org/jira/browse/GUACAMOLE-377

Similarly you won't find support for RDPGFX in a build of guacd that 
isn't from git.

- Mike

-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org

  

Re: When enabling the gfx (Graphics Pipeline Extension), the mouse cursor isn't updated.

2023-10-11 Thread Antoine Besnier
 Thanks, but where do I find this option? I turning my Guacamole Client upside 
down, installing fresh ones in VMs, in Docker, and cannot find it anywhere...
I believe this should be in the Performance section of the RDP connection 
setup, but I can't see it there. Am I missing something?


Cheers
Antoine

Le mardi 10 octobre 2023 à 17:54:04 UTC+2, Michael Jumper 
 a écrit :  
 
 On 10/10/2023 6:11 AM, Nick Couchman wrote:
> On Tue, Oct 10, 2023 at 3:47 AM Antoine Besnier 
>  wrote:
> 
>    Hi,
> 
>    I've had users complain about this issue, but had no idea what could
>    be the cause.
>    What do you mean by "when enabling the gfx"? Is it a compilation
>    option? A connection option? A RDP server option?
> 
> 
> It's a connection parameter - as mentioned in the original post, 
> "enable-gfx" for the RDP connection.
> 

The "enable-gfx" parameter became "disable-gfx" (with the RDP Graphics 
Pipeline Extension being enabled by default) as of:

https://github.com/apache/guacamole-server/commit/da80163e24dbf728f5c2e1245c23ded5f629917e

- Mike

-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org

  
-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org

Re: When enabling the gfx (Graphics Pipeline Extension), the mouse cursor isn't updated.

2023-10-10 Thread Antoine Besnier
 Hi, 
I've had users complain about this issue, but had no idea what could be the 
cause.What do you mean by "when enabling the gfx"? Is it a compilation option? 
A connection option? A RDP server option?
CheersAntoine
Le jeudi 5 octobre 2023 à 10:39:29 UTC+2, Andrey Khramov 
 a écrit :  
 
 Hi, there
While using Apache Guacamole (the latest "master" branch), I've found the issue 
that the mouse cursor isn't updated when enabling the gfx ("enable-gfx" is 
true).
I've recorded the issue to a video file and attached it to this email.Please 
check the video.
Please let me know how I can resolve this issue.
Thanks. Regards.

-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org  

Re: otp auth can't scan qr code

2023-10-09 Thread Antoine Besnier
 That's most peculiar. Generation of QR Code is done by the package 
com.google.zxing.qrcode, Zxing being the most popular project for barcode 
generation, so the issue is most likely not there.
Have you tried to use online decoders to see if they can read your QR codes, 
and that it matches the keys and options? I tried with the sample you posted 
originally, and it worked fine.
Stupid question: have you tried adding a new user on your current instance, and 
see if the qr codes work?

And probably the most stupid question ever: are you sure your monitor is 
working properly, and that the camera of the devices you try to read the codes 
on are not damaged? Damaged enough to make the error correction of the codes 
fail.
For easy use of extensions with Docker, there are plenty of unofficial images 
where you just have to list the extensions you want in the docker-compose.With 
the official image, you'll need to mount a local directory, and then place the 
extensions in the appropriate place. See the documentation: Installing 
Guacamole with Docker — Apache Guacamole Manual v1.5.3. Extensions will go in 
the GUACAMOLE_HOME/extensions/ directory and guacamole.properties will be in 
GUACAMOLE_HOME
Cheers
Antoine 
Le vendredi 6 octobre 2023 à 08:49:22 UTC+2, Giacomo Marconi 
 a écrit :  
 
 Hi Antoine


I have the same problem with defaults parameters (sha1)
The problem is only while scanning, if I copy and paste the secret key manually 
in the apps, ALL apps are working.

I am actually testing Guacamole 1.5.3 on 2 systems with the same problem:
Ubuntu 22.0.4 host install from official docs
Debian 12 using the script https://github.com/itiligent/Guacamole-Install
I am also trying it on Alpine with docker, but I don’t understand how to right 
popolate the guacamole.properties with docker-compose (especially extensions).
Next step is to test with Tomcat8.    

The production system (1.1.0) has been working since 2020 with about 500 users.
I can’t  migrate to the new and force people to use differents totp apps or 
telling them to copy 56 chars :)

Giacomo

> On 5 Oct 2023, at 16:44, Antoine Besnier  
> wrote:
> 
> Questa email arriva da un mittente insolito. Assicurati che sia qualcuno di 
> cui ti fidi.
> Many TOTP code generation apps do not support anything else than SHA1 hash, 
> even if the RFC recommends the use of SHA2 (SHA-256 or SHA-512).
> It is difficult to get the exact info by platform and by application. I found 
> this article on the subject but it does not say what kind of non-default 
> parameter makes an application fail: Laban Sköllermark | Mobile Authenticator 
> Apps Algorithm Support Review - 2023 Edition (labanskoller.se)
> 
> For example, I could scan your code with Authy, MS Authenticator and Google 
> Authenticator on Android. Authy and MSA generated the same code, but not 
> Google. I do not know which one is correct (I could test on my Guacamole but 
> do not want to get locked out...)
> 
> If you want maximum compatibility, stay with sha1. The expiration of the time 
> based codes more than compensates for the "lower" security of sha1.
> 
> Cheers
> Antoine
> 
> (PS: if you see some connection attempts from France, blame me, I could not 
> resist giving it try...)
> 
> Le jeudi 5 octobre 2023 à 14:53:00 UTC+2, Giacomo Marconi 
>  a écrit :
> 
> 
> hi Nick
> 
> I’ve already tried default settings, and checked the time/date
> 
> Giacomo
> 
>> On 5 Oct 2023, at 14:38, Nick Couchman  wrote:
>> 
>> Questa email arriva da un mittente insolito. Assicurati che sia qualcuno di 
>> cui ti fidi.
>> On Thu, Oct 5, 2023 at 8:03 AM Giacomo Marconi  
>> wrote:
>> Hi All
>> 
>> in my last Guacamole installation ver 1.5.3), the QR Code generated seems to 
>> be wrong.
>> The same TOTP App works only on one platform, for example Google 
>> Authenticator read the qr code in Android, but not in IOS. FreeOTP is 
>> working in IOS, but not in Android!
>> As you can see in the attachment the Secret Key is strangely long.
>> I’ve tried to change the plugin (1.5.3/1.5.2/1.5.1) and the java (Oracle JKD 
>> and openJDK) versions, without success.
>> 
>> Is it already happened to someone ?
>> 
>> 
>> I think the usual questions that come up are:
>> * Are you trying to change any of the parameters related to TOTP, or are you 
>> using the defaults (digits, time, etc.)?
>> * Have you verified that the clock on your Guacamole server(s) and your 
>> mobile devices are in sync?
>> 
>> -Nick
> 


-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org

  

Re: otp auth can't scan qr code

2023-10-05 Thread Antoine Besnier
 Many TOTP code generation apps do not support anything else than SHA1 hash, 
even if the RFC recommends the use of SHA2 (SHA-256 or SHA-512).It is difficult 
to get the exact info by platform and by application. I found this article on 
the subject but it does not say what kind of non-default parameter makes an 
application fail: Laban Sköllermark | Mobile Authenticator Apps Algorithm 
Support Review - 2023 Edition (labanskoller.se)
For example, I could scan your code with Authy, MS Authenticator and Google 
Authenticator on Android. Authy and MSA generated the same code, but not 
Google. I do not know which one is correct (I could test on my Guacamole but do 
not want to get locked out...)
If you want maximum compatibility, stay with sha1. The expiration of the time 
based codes more than compensates for the "lower" security of sha1.
CheersAntoine
(PS: if you see some connection attempts from France, blame me, I could not 
resist giving it try...)

Le jeudi 5 octobre 2023 à 14:53:00 UTC+2, Giacomo Marconi 
 a écrit :  
 
 hi Nick
I’ve already tried default settings, and checked the time/date
Giacomo


On 5 Oct 2023, at 14:38, Nick Couchman  wrote:

| Questa email arriva da un mittente insolito. Assicurati che sia qualcuno di 
cui ti fidi. |

On Thu, Oct 5, 2023 at 8:03 AM Giacomo Marconi  
wrote:

Hi All
in my last Guacamole installation ver 1.5.3), the QR Code generated seems to be 
wrong.The same TOTP App works only on one platform, for example Google 
Authenticator read the qr code in Android, but not in IOS. FreeOTP is working 
in IOS, but not in Android!As you can see in the attachment the Secret Key is 
strangely long.I’ve tried to change the plugin (1.5.3/1.5.2/1.5.1) and the java 
(Oracle JKD and openJDK) versions, without success.
Is it already happened to someone ?


I think the usual questions that come up are:* Are you trying to change any of 
the parameters related to TOTP, or are you using the defaults (digits, time, 
etc.)?* Have you verified that the clock on your Guacamole server(s) and your 
mobile devices are in sync?
-Nick

  

Re: Docker Guacamole Radius Support

2023-09-27 Thread Antoine Besnier
 The extension needs to be built separately (license issue).But follow the 
documentation, and you're good to go:RADIUS Authentication — Apache Guacamole 
Manual v1.5.3

RegardsAntoine 
Le mercredi 27 septembre 2023 à 05:45:29 UTC+2, Mark Rupright 
 a écrit :  
 
 Does the guacamole docker container natively support radius? If not, would 
someone kindly point me in the right direction to get it configured? I have 
added the variables for radius thinking it was supported to my compose file and 
receive the following error(s) referencing each variable:

 services.guacamole Additional property RADIUS_HOSTNAME is not allowed
I appreciate the help.  

Re: Show only 1 screen

2023-08-19 Thread Antoine Besnier
 That's something you would have to configure on the remote desktop server 
side. For Windows Remote Desktop Connection for example, you would open the 
application, go to the options, go to the 'Display' tab, and uncheck 'Use all 
monitors for the remote session' (and do that for all machines via a policy I 
guess).

Other RDP/VNC servers should have the same kind of setting.
Guacamole gets the video stream from the server, 

Antoine

Le vendredi 18 août 2023 à 15:27:48 UTC+3, Tifaine RIVOIRE OPTI Sécurité 
 a écrit :  
 
  
Hi guys,
 
  
 
I’m using Guacamole in order to connect on servers or computers with multiple 
screen.

Do you know if it’s possible to show only one screen at a time ? maybe have a 
button for switching from one to another ?

Thanks.


 
T. RIVOIRE
 
  
   

Re: French Canadian Translation missing from guacamole-1.5.x.war

2023-08-09 Thread Antoine Besnier
 >They are on Github, in the master branch, but they are not in the
>1.5.3 (or 1.5.x) source at all.
That's peculiar, I double checked yesterday, and they were there. I must have 
made an oopsie and confused it with the tarball generated after the build. My 
mistake then.

Thanks for your reply and clarifications.
CheersAntoine


Le mercredi 9 août 2023 à 15:43:56 UTC+2, Nick Couchman  
a écrit :  
 
 On Wed, Aug 9, 2023 at 3:48 AM Antoine Besnier
 wrote:
>
> Quick follow up, I decided to build from github, and noticed two new 
> extensions auth-ban and display-statistics.
>
> They can be found on Github and in the downloadable source for 1.5.3, and 
> there is no mention of them in the change log for 1.5.3.

They are on Github, in the master branch, but they are not in the
1.5.3 (or 1.5.x) source at all. I just downloaded a clean copy of the
source from the website:

[vnick@vguac Downloads]$ tar tf guacamole-client-1.5.3.tar.gz |grep
display-statistics
[vnick@vguac Downloads]$ tar tf guacamole-client-1.5.3.tar.gz |grep auth-ban
[vnick@vguac Downloads]$

and also switched to the 1.5.3 tag on Github (screenshot attached),
and verified that neither extension exists in either of those source
locations.

>
> There are explanations in the relevant PRs (here and here mostly), but not a 
> lot more, and they are both flagged for 1.6.0.

Yes, these two extensions have been added to the git repo, but were
not included in any of the 1.5.x releases. They will be included in
1.6.0 when it is released.

>
> So, my two and a half questions are:
>
> Are those extensions officially supported, safe and ready to use with 1.5.3 ? 
> (they do work well for what I quickly tested)

No. In general things should be compatible across the 1.x versions, so
they may work, but they are not "officially supported" with the 1.5.x
releases.

> Is there documentation apart from the PR comments? (there is comment in a PR 
> that documentation will be issued later)
> And if not, shouldn't they be removed from the source archive for 1.5.3 and 
> only be released with 1.6.0?
>

Documentation will show up when we actually release it (and the
documentation gets written).

-Nick

-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org  

Re: French Canadian Translation missing from guacamole-1.5.x.war

2023-08-09 Thread Antoine Besnier
 Quick follow up, I decided to build from github, and noticed two new 
extensions auth-ban and display-statistics.

They can be found on Github and in the downloadable source for 1.5.3, and there 
is no mention of them in the change log for 1.5.3.

There are explanations in the relevant PRs (here and here mostly), but not a 
lot more, and they are both flagged for 1.6.0.
So, my two and a half questions are:   
   - Are those extensions officially supported, safe and ready to use with 
1.5.3 ? (they do work well for what I quickly tested)
   - Is there documentation apart from the PR comments? (there is comment in a 
PR that documentation will be issued later)   

   - And if not, shouldn't they be removed from the source archive for 1.5.3 
and only be released with 1.6.0?

CheersAntoine



Le lundi 7 août 2023 à 14:08:37 UTC+2, Antoine Besnier 
 a écrit :  
 
  Hi Nick, 

Thanks for the quick reply. I did not notice the 1.6.0 mention in the JIRA 
page, my bad.IIRC, the list of tickets to be included in 1.5.0 was quite short 
(in quantity, not in amount of work), so I can understand this one went below 
the radar.
Best regardsAntoine


Le lundi 7 août 2023 à 14:00:42 UTC+2, Nick Couchman  a 
écrit :  
 
 On Mon, Aug 7, 2023 at 5:14 AM Antoine Besnier
 wrote:
>
> Hello,
>
> I maintain a small unofficial Guacamole docker image, and one user raised an 
> issue about missing French Canadian layout in RDP options.
>
> Indeed, there was an Jira ticket with an approved PR 
> (https://issues.apache.org/jira/projects/GUACAMOLE/issues/GUACAMOLE-1312?filter=allissues
>  and 
> https://github.com/apache/guacamole-server/pull/376/commits/9cbd768210a7b2330b16012748d980cb987ea728),
>  and the layout is found on github for Guacamole server.**
>
> There also have been updates to translation files to add the fr_ca mapping to 
> the user interface of Guacamole Client 
> (https://github.com/apache/guacamole-client/blame/master/guacamole/src/main/frontend/src/translations/en.json#L678)
>
> The modification to the translation files was added in March 2022, meaning it 
> could have been implemented since the 1.5.0 release, but none of the official 
> WAR files (guacamole-1.5.x.war from 
> https://guacamole.apache.org/releases/1.5.x/) contain this line, making this 
> option invisible to users.
>
> In a similar manner, the Czech translations were approved in the master 
> branch in November 2022, but are also not included in 1.5.x.
>
> Would it be possible to have the updated translations files included in the 
> next release of Guacamole, and in the mean time, is my only option to build 
> the client from github?

Hello, Antoine,
The Jira issue that you linked, GUACAMOLE-1312, is tagged for the
1.6.0 release. I'm not entirely sure why it didn't make it into 1.5.0,
but the releases since 1.5.0 have been bugfix releases where we've not
added any features, however minor they may be.

I think we may have a 1.5.4 release to fix a minor bug, but I would
expect we'll head toward 1.6.0 relatively soon, and it should be
included in that.

-Nick

-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org



Re: French Canadian Translation missing from guacamole-1.5.x.war

2023-08-07 Thread Antoine Besnier
 Hi Nick, 

Thanks for the quick reply. I did not notice the 1.6.0 mention in the JIRA 
page, my bad.IIRC, the list of tickets to be included in 1.5.0 was quite short 
(in quantity, not in amount of work), so I can understand this one went below 
the radar.
Best regardsAntoine


Le lundi 7 août 2023 à 14:00:42 UTC+2, Nick Couchman  a 
écrit :  
 
 On Mon, Aug 7, 2023 at 5:14 AM Antoine Besnier
 wrote:
>
> Hello,
>
> I maintain a small unofficial Guacamole docker image, and one user raised an 
> issue about missing French Canadian layout in RDP options.
>
> Indeed, there was an Jira ticket with an approved PR 
> (https://issues.apache.org/jira/projects/GUACAMOLE/issues/GUACAMOLE-1312?filter=allissues
>  and 
> https://github.com/apache/guacamole-server/pull/376/commits/9cbd768210a7b2330b16012748d980cb987ea728),
>  and the layout is found on github for Guacamole server.**
>
> There also have been updates to translation files to add the fr_ca mapping to 
> the user interface of Guacamole Client 
> (https://github.com/apache/guacamole-client/blame/master/guacamole/src/main/frontend/src/translations/en.json#L678)
>
> The modification to the translation files was added in March 2022, meaning it 
> could have been implemented since the 1.5.0 release, but none of the official 
> WAR files (guacamole-1.5.x.war from 
> https://guacamole.apache.org/releases/1.5.x/) contain this line, making this 
> option invisible to users.
>
> In a similar manner, the Czech translations were approved in the master 
> branch in November 2022, but are also not included in 1.5.x.
>
> Would it be possible to have the updated translations files included in the 
> next release of Guacamole, and in the mean time, is my only option to build 
> the client from github?

Hello, Antoine,
The Jira issue that you linked, GUACAMOLE-1312, is tagged for the
1.6.0 release. I'm not entirely sure why it didn't make it into 1.5.0,
but the releases since 1.5.0 have been bugfix releases where we've not
added any features, however minor they may be.

I think we may have a 1.5.4 release to fix a minor bug, but I would
expect we'll head toward 1.6.0 relatively soon, and it should be
included in that.

-Nick

-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org

  

French Canadian Translation missing from guacamole-1.5.x.war

2023-08-07 Thread Antoine Besnier
Hello, 

I maintain a small unofficial Guacamole docker image, and one user raised an 
issue about missing French Canadian layout in RDP options.
Indeed, there was an Jira ticket with an approved PR 
(https://issues.apache.org/jira/projects/GUACAMOLE/issues/GUACAMOLE-1312?filter=allissues
 and 
https://github.com/apache/guacamole-server/pull/376/commits/9cbd768210a7b2330b16012748d980cb987ea728),
 and the layout is found on github for Guacamole server.**
There also have been updates to translation files to add the fr_ca mapping to 
the user interface of Guacamole Client 
(https://github.com/apache/guacamole-client/blame/master/guacamole/src/main/frontend/src/translations/en.json#L678)
The modification to the translation files was added in March 2022, meaning it 
could have been implemented since the 1.5.0 release, but none of the official 
WAR files (guacamole-1.5.x.war from 
https://guacamole.apache.org/releases/1.5.x/) contain this line, making this 
option invisible to users.

In a similar manner, the Czech translations were approved in the master branch 
in November 2022, but are also not included in 1.5.x.
Would it be possible to have the updated translations files included in the 
next release of Guacamole, and in the mean time, is my only option to build the 
client from github?
By the way, I'll never thank you enough for this great piece of software, 

Best regardsAntoine



**: the source archive that can be downloaded at 
https://apache.org/dyn/closer.lua/guacamole/1.5.3/source/guacamole-server-1.5.3.tar.gz?action=download
 do not contain the fr_ca_qwerty.keymap file, but for the server, I always 
build it from github. 


Re: 2fa - email authentication

2023-06-27 Thread Antoine Besnier
 It's available on github: https://github.com/apache/guacamole-client
CheersAntoine

Le mardi 27 juin 2023 à 06:24:05 UTC+2, Eby Mani  
a écrit :  
 
  Many thanks, 

Where can i find source code for totp and other extension to see how it is 
plugged into Guacamole ?.

Thanks,

 On Monday, 26 June, 2023 at 06:33:47 pm IST, Nick Couchman 
 wrote:  
 
 On Mon, Jun 26, 2023 at 7:21 AM Eby Mani  wrote:
>
> Hello Mike,
>
> Many thanks, there are few java based 2fa email projects on github, is there 
> a how to guide/documentation on adapting these for guacamole-ext ?.

The best place to start would be the following, which covers
guacamole-ext and how to build an extension. It doesn't necessarily
cover the specifics of "Authentication system xyz exists on github,
here's how you plug it into Guacamole" - it's more a general reference
on the guacamole-ext framework.

https://guacamole.apache.org/doc/gug/guacamole-ext.html

If it's something you're interested in doing, and contributing to the
community, I'd suggest that you request a Jira account and create an
issue to track it, and then submit a pull request so that the changes
can be reviewed and merged.

-Nick

-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org



Re: Error 404 with Guacamole 1.5.2

2023-06-20 Thread Antoine Besnier
 Stupid guess, but can you also check the content of your guacamole/extensions 
directory?
Some extensions (looking at you, TOTP) will make Tomcat crash with this exact 
error if multiple versions are loaded.
CheersAntoine

Le lundi 19 juin 2023 à 20:13:53 UTC+2, Xuo  a écrit :  
 
  Hello,
 
 I'll try what you suggest but probably not before 2 or 3 days as my Internet 
connection is down and I'm not at home.
 I'll keep you inform of what I could get.
 
 Regards.
 
 Xuo.
 
 Le 18/06/2023 à 21:50, Nick Couchman a écrit :
  
 On Sun, Jun 18, 2023 at 2:28 PM Xuo  wrote:
 
 Hi,

I'm trying to run Guacamole 1.5.2 on Mageia8 but I get the following error 
message :
HTTP Status 404 - not Found
The origin server did not find a current representation for the target resource 
or is not willing to disclose that one exists.

Here are some trials I did to debug :
Guacamole 1.4, Tomcat-9.0.41-1.mga8 => works fine.
Guacamole 1.4, Tomcat-9.0.73-1.1.mga8 => works fine.
Guacamole 1.5.2, Tomcat-9.0.73-1.1.mga8 => when trying to connect to Guacamole, 
I get the following error message in my browser :
 
 What version of Java?

 
 HTTP Status 404 - not Found
The origin server did not find a current representation for the target resource 
or is not willing to disclose that one exists.

and in Tomcat logs :

18-Jun-2023 18:04:10.670 GRAVE [main] 
org.apache.catalina.core.StandardContext.startInternal Un ou plusieurs 
écouteurs n'ont pas pu démarrer, les détails sont dans le fichier de log du 
conteneur
### Translated from French :
### One or more listener could not start, details are in the container logs.

18-Jun-2023 18:04:10.699 GRAVE [main] 
org.apache.catalina.core.StandardContext.startInternal Erreur de démarrage du 
contexte [/guacamole] suite aux erreurs précédentes
### Translated from French :
### Starting error of context [/guacamole] because of previous errors

18-Jun-2023 18:04:10.794 INFOS [14] 
org.apache.catalina.loader.WebappClassLoaderBase.checkStateForResourceLoading 
Impossible de charger 
[com.google.common.collect.AbstractMapBasedMultimap$AsMap$AsMapIterator], ce 
chargeur de classes a déjà été arrêté
### Translated from French :
### Impossible to load 
[com.google.common.collect.AbstractMapBasedMultimap$AsMap$AsMapIterator], this 
class loader is already stopped.

java.lang.IllegalStateException: Impossible de charger 
[com.google.common.collect.AbstractMapBasedMultimap$AsMap$AsMapIterator], ce 
chargeur de classes a déjà été arrêté
at 
org.apache.catalina.loader.WebappClassLoaderBase.checkStateForResourceLoading(WebappClassLoaderBase.java:1432)
...
 
 You'll probably need to enable additional debugging in the Guacamole
web application and try, again, and see if you get any more useful
messages:
https://guacamole.apache.org/doc/gug/configuring-guacamole.html#logging-within-the-web-application

 
 I don't know if this can help but here is my apache guacamole.conf file 
(/etc/httpd/conf/sites.d/guacamole.conf)
 
 I think the error you're seeing indicates it's more basic than this -
this would be the Apache httpd configuration for the proxying
Guacamole, but it seems like Tomcat is failing to load it for some
reason.

-Nick

-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org

 
 


Re: Tomcat 10

2023-02-02 Thread Antoine Besnier
 I was curious and checked, and here are the fixes for each CVE:
CVE  Fixed in
CVE-2020-11996    9.0.36
CVE-2020-13934    9.0.37
CVE-2020-13935    9.0.37
CVE-2020-13943    9.0.38
CVE-2020-17527    9.0.40
CVE-2021-24122    9.0.40
CVE-2021-25122    9.0.43
CVE-2021-25329    9.0.43
CVE-2021-30640    9.0.46
CVE-2021-33037    9.0.48
CVE-2020-9484      9.0.58
CVE-2021-43980    9.0.62
CVE-2022-29885    9.0.63
CVE-2022-34305    9.0.65
CVE-2022-42252    9.0.68

So the any version equal or above 9.0.68 contains all the required fixes.
By the way, Tomcat has a security page for that: 
https://tomcat.apache.org/security-9.html
CheersAntoine



Le mardi 31 janvier 2023 à 22:56:52 UTC+1, Nick Couchman  
a écrit :  
 
 On Tue, Jan 31, 2023 at 4:34 PM Sean Hulbert
 wrote:
>
> Hello,
>
>
>
> Are there any special requirements for Guacamole 1.4.0 to update Tomcat 
> 9.0.31 to Tomcat 10 or reasons not to do this?
>

Yes, Tomcat 10 makes some servlet API changes that require code
changes to Guacamole. It's documented, here:

https://issues.apache.org/jira/browse/GUACAMOLE-1325

> To resolve the CVE below, and are there any procedural steps documented?

WIthout looking at each individual CVE you mentioned, I would say that
most, if not all, are probably also fixed in a version of Tomcat 9.0,
which will still work with Guacamole. For example, CVE-2021-43980 only
impacts 9.0.47 to 9.0.60, and is fixed in current 9.0 releases. I
would venture a guess that many/most/all of the rest are the same. So,
updating to the latest version of Tomcat 9.x should be a perfectly
acceptable procedural step.

-Nick

-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org

  

Re: SSH to Ubuntu 22.04 machine fails

2022-12-09 Thread Antoine Besnier
 This is a known issue, related to libssh2.
have a look at this ticket https://issues.apache.org/jira/browse/GUACAMOLE-1619
and this PR https://github.com/libssh2/libssh2/pull/626#event-5853667761
It has been merged in the master branch of libssh2 end of last year, but 
depending on your OS, the available package may not have been build after those 
changes (for example Ubuntu Jammy libssh2-1-dev has been released in March 
2022, and for Debian Bullseye, it was released in Dec 2020), so you may have to 
build it yourself.
Cheers

Antoine






Le vendredi 9 décembre 2022 à 05:56:26 UTC+1, Krishna Pramod 
 a écrit :  
 
 Hello everyone,
We see that with guacamole version 1.4.0, SSH to an Ubuntu 22.04 machine fails 
and the following log is seen in guacd logs.
ERROR: SSH handshake failed.
It looks to be an issue related to supported HostKeyAlgorithms on the SSH 
server side. Is there a plan to support newer HostKey algorithms (e.g. EC 
based) in guacd?
Is there a workaround/solution that can be used without enabling RSA, DSA on 
the Ubuntu SSH server?

Regards,Pramod
  

Re: Issue with users in behind ZScaler

2022-11-16 Thread Antoine Besnier
 My two cents on the subject: I have the same issue. I host a Guacamole server 
at home, and I have a few SSH connections setup. When I connect from my work 
place, behind ZScaler, the ssh sessions drop, usually between 30 seconds and 1 
minute. Connecting from any other network works fine.
It did not use to be so unstable, though. But there must have been an update 
recently (either on my company's network, or on ZScaler side) that created this 
issue.

Definitely not an issue on Guacamole's side though.
CheersAntoine

Le lundi 14 novembre 2022 à 04:09:10 UTC+1, Michael Jumper 
 a écrit :  
 
 On Sun, Nov 13, 2022, 6:33 PM Lockhart, Roland  wrote:


Hi

 

This is a follow on from the previous email

 

Our Guacamole logs are recording two public addresses for these users that 
experience intermittent disconnections.

 

One address is their Businesses external egress address and the other one the 
Zscaler network.

 

Could this be making their connection reliability lower for the Guac sessions?


Sure. It's not impossible that their corporate network is interfering. If they 
have no issue outside that network, that would be pretty conclusive.
- Mike


  

Re: Web analytics

2022-09-07 Thread Antoine Besnier
 Indeed, the branding extension need a CSS selector, so it will not work for 
the head section.Maybe you can unzip guacamole-1.4.0.war, modifiy the file 
app/element/templates/blank.html, and repackage and re-deploy the war file.
Antoine

Le mercredi 7 septembre 2022, 12:36:33 UTC+2, Lee Doughty 
 a écrit :  
 
 I don't think the head section is modifiable in that way.. you could probably 
use "body" selector and get it to load early in the page.
On Wed, Sep 7, 2022, 2:16 AM Kiel Hurley  wrote:


We have multiple Guacamole servers and I’d like to do web analytics to see how 
much they’re being used, and when.

 

umami (and it would be similar for Google Analytics) requires adding a script 
into the  section (https://umami.is/docs/collect-data). I created an 
extension with the following html file, and was hoping it would work:



https://analytics.example.com/umami.js";>

 

The Tomcat log says the extension loaded but it didn’t appear to work, as meta 
is trying to insert the line before the children of a CSS tag called “head” 
(https://guacamole.apache.org/doc/gug/guacamole-ext.html#updating-existing-html),
 which doesn’t exist.

 

I considered using the js extension resource instead of html, to copy the 
JavaScript file, but I need to include the GUID for the website so I’m not sure 
this would work.

 

Is there a way to insert the script line into the head using an extension? Or 
could there another way to achieve something similar?

 

Thanks

  

Re: Update French translations

2022-06-03 Thread Antoine Besnier
 Hi All, 
If any one wants to proof read my proposed modifications, please have a look at 
https://github.com/abesnier/guacamole-clientA self contained Docker image 
(server+client abesnier/guacamole:frTranslations)  is available for test docker 
push.
RegardsAntoine

Le jeudi 19 mai 2022, 15:44:15 UTC+2, Antoine Besnier 
 a écrit :  
 
  Hi Nick, 
Will do.Look for it in the coming days after I double and triple check them!
CheersAntoine
Le jeudi 19 mai 2022, 15:13:43 UTC+2, Nick Couchman  a 
écrit :  
 
 On Thu, May 19, 2022 at 5:19 AM Antoine Besnier 
 wrote:

Hi, 
I wanted to update the French translations, as they have not been corrected for 
a long time, and some sections have not been translated at all.Would the issue 
GUACAMOLE-1159 ( 
https://issues.apache.org/jira/browse/GUACAMOLE-1159?jql=project%20%3D%20GUACAMOLE%20AND%20text%20~%20french),
 which is closed, be suitable if I submit a PR, or would I have to open a new 
issue?


Antoine,We always welcome help with making the translations more complete and 
accurate. You'll want to open a new Jira issue and commit against that - don't 
use the closed one.
Thanks, looking forward to seeing the pull request!
-Nick

Re: Update French translations

2022-05-19 Thread Antoine Besnier
 Hi Nick, 
Will do.Look for it in the coming days after I double and triple check them!
CheersAntoine
Le jeudi 19 mai 2022, 15:13:43 UTC+2, Nick Couchman  a 
écrit :  
 
 On Thu, May 19, 2022 at 5:19 AM Antoine Besnier 
 wrote:

Hi, 
I wanted to update the French translations, as they have not been corrected for 
a long time, and some sections have not been translated at all.Would the issue 
GUACAMOLE-1159 ( 
https://issues.apache.org/jira/browse/GUACAMOLE-1159?jql=project%20%3D%20GUACAMOLE%20AND%20text%20~%20french),
 which is closed, be suitable if I submit a PR, or would I have to open a new 
issue?


Antoine,We always welcome help with making the translations more complete and 
accurate. You'll want to open a new Jira issue and commit against that - don't 
use the closed one.
Thanks, looking forward to seeing the pull request!
-Nick  

Update French translations

2022-05-19 Thread Antoine Besnier
Hi, 
I wanted to update the French translations, as they have not been corrected for 
a long time, and some sections have not been translated at all.Would the issue 
GUACAMOLE-1159 ( 
https://issues.apache.org/jira/browse/GUACAMOLE-1159?jql=project%20%3D%20GUACAMOLE%20AND%20text%20~%20french),
 which is closed, be suitable if I submit a PR, or would I have to open a new 
issue?
Thanks in advance, Antoine 




Re: Error 404 with Guacamole 1.4.0 / Tomcat 9 / Ubuntu 21.10

2022-03-01 Thread Antoine Besnier
 This line in the tutorial you followed may be the culprit:
sudo ln -s /etc/guacamole/guacamole.war /opt/tomcat/tomcatapp/webapps

check the value of $CATALINA_HOME, and confirm your guacamole.war is present in 
the directory $CATALINA_HOME/webapps. Don't know if tomcat can work with links? 
safer to just copy guacamole.war directly.
See the doc: 
https://guacamole.apache.org/doc/gug/installing-guacamole.html#deploying-guacamole
Cheers


Le mardi 1 mars 2022, 12:59:32 UTC+1, Adam Cherrett 
 a écrit :  
 
 I need some help troubleshooting my attempt to get 1.4.0 running (for use on 
my local network). I am working with a clean installation of Ubuntu 21.10, and 
have been following the steps in 
https://computingforgeeks.com/install-and-use-guacamole-on-ubuntu/
Tomcat 9 appears to be running fine (and I can access the manager app through 
the browser):
> systemctl status tomcat● tomcat.service - Tomcat 9 servlet container
     Loaded: loaded (/etc/systemd/system/tomcat.service; enabled; vendor prese
t: enabled)
     Active: active (running) since Mon 2022-02-28 13:28:23 CET; 23h ago
    Process: 13902 ExecStart=/opt/tomcat/tomcatapp/bin/startup.sh (code=exited
, status=0/SUCCESS)
   Main PID: 13909 (java)
      Tasks: 39 (limit: 38299)
     Memory: 340.4M
        CPU: 1min 44.670s
     CGroup: /system.slice/tomcat.service
             └─13909 /usr/lib/jvm/java-11-openjdk-amd64/bin/java -Djava.util.l
ogging.config.file=/opt/tomcat/tomcatapp/conf/logging.properties -Djava.util.l
ogging.manager=org.apache.juli.ClassLoaderLogManager -Djava.security.egd=file:
///dev/urandom -Djava.awt.headless=true -Djdk.tls.ephemeralDHKeySize=2048 -Dja
va.protocol.handler.pkgs=org.apache.catalina.webresources -Dorg.apache.catalin
a.security.SecurityListener.UMASK=0027 -Xms512M -Xmx1024M -server -XX:+UsePara
llelGC -Dignore.endorsed.dirs= -classpath /opt/tomcat/tomcatapp/bin/bootstrap.
jar:/opt/tomcat/tomcatapp/bin/tomcat-juli.jar -Dcatalina.base=/opt/tomcat/tomc
atapp -Dcatalina.home=/opt/tomcat/tomcatapp -Djava.io.tmpdir=/opt/tomcat/tomca
tapp/temp org.apache.catalina.startup.Bootstrap start
Feb 28 13:28:23 blackbox systemd[1]: Starting Tomcat 9 servlet container...
Feb 28 13:28:23 blackbox startup.sh[13902]: Tomcat started.
Feb 28 13:28:23 blackbox systemd[1]: Started Tomcat 9 servlet container.
guacd appears to be fine:● guacd.service - LSB: Guacamole proxy daemon
     Loaded: loaded (/etc/init.d/guacd; generated)
     Active: active (running) since Mon 2022-02-28 13:28:41 CET; 23h ago
       Docs: man:systemd-sysv-generator(8)
    Process: 13992 ExecStart=/etc/init.d/guacd start (code=exited, status=0/SU
CCESS)
      Tasks: 1 (limit: 38299)
     Memory: 9.4M
        CPU: 15ms
     CGroup: /system.slice/guacd.service
             └─13996 /usr/local/sbin/guacd -p /var/run/guacd.pid

Feb 28 13:28:41 blackbox systemd[1]: Starting LSB: Guacamole proxy daemon...
Feb 28 13:28:41 blackbox guacd[13994]: Guacamole proxy daemon (guacd) version 
1.4.0 started
Feb 28 13:28:41 blackbox guacd[13992]: Starting guacd:
Feb 28 13:28:41 blackbox guacd[13994]: guacd[13994]: INFO:        Guacamole pr
oxy daemon (guacd) version 1.4.0 started
Feb 28 13:28:41 blackbox guacd[13992]: SUCCESS
Feb 28 13:28:41 blackbox guacd[13996]: Listening on host 127.0.0.1, port 4822
Feb 28 13:28:41 blackbox systemd[1]: Started LSB: Guacamole proxy daemon.
I can restart both tomcat and guacd without problems. I suspect the problem 
lies with the guacamole client. I have tried prerolled versions and compiling 
my own - neither of them works. Browsing to http://127.0.0.1:8080/guacamole 
gives a 404 error. The Tomcat manager shows a number of applications running, 
and shows guacamole is not. Trying to start it from the browser gives the error 
"FAIL - Application at context path [/guacamole] could not be started".
Here are some log entries:
in catalina.-MM-DD.log (duplicated in catalina.out):
01-Mar-2022 12:27:33.610 INFO [http-nio-8080-exec-18] org.apache.jasper.servle
t.TldScanner.scanJars At least one JAR was scanned for TLDs yet contained no T
LDs. Enable debug logging for this logger for a complete list of JARs that wer
e scanned but no TLDs were found in them. Skipping unneeded JARs during scanni
ng can improve startup time and JSP compilation time.
01-Mar-2022 12:27:33.611 SEVERE [http-nio-8080-exec-18] org.apache.catalina.co
re.StandardContext.startInternal One or more listeners failed to start. Full d
etails will be found in the appropriate container log file
01-Mar-2022 12:27:33.612 SEVERE [http-nio-8080-exec-18] org.apache.catalina.co
re.StandardContext.startInternal Context [/guacamole] startup failed due to pr
evious errors
in localhost_access_log.-MM-DD.txt:192.168.0.50 - - [01/Mar/2022:12:26:54 
+0100] "GET /guacamole HTTP/1.1" 404 76
1
192.168.0.50 - - [01/Mar/2022:12:26:54 +0100] "GET /favicon.ico HTTP/1.1" 200 
8192
192.168.0.50 - - [01/Mar/2022:12:27:01 +0100] "GET / HTTP/1.1" 200 11165
192.168.0.50 - - [01/Mar/2022:12:27:01 +0100] "GET