Re: Bad user remote IP

2023-10-30 Thread Golota S.V. 

Thank you. It was a rule on the router.


29.10.2023 23:34, Nick Couchman пишет:
This likely means that your local gateway is stripping out the headers 
that your proxy or Tomcat expects, so Tomcat is unable to find the 
proper value for this header and pass it on. You need to make sure 
that your local network gateway is not preventing those headers from 
being passed on.


-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org

Re: Bad user remote IP

2023-10-27 Thread Golota S.V. 
Hello! I changed my server.xml file according to the recommendations 
internalProxies="127\.0\.0\.1" external addresses actually began to be 
displayed correctly, but when connecting from the local network, the 
local network gateway address is displayed. Any ideas on how to fix this 
(I use the Docker version)



26.10.2023 16:01, Prakhar Jalan пишет:

Thanks Lorenzo!


*From:* MAURIZI Lorenzo 
*Sent:* Thursday, October 26, 2023 15:52
*To:* user@guacamole.apache.org 
*Subject:* R: Bad user remote IP

Hello,

you should start from official Guacamole documentation about setting 
the Remote IP Valve:


https://guacamole.apache.org/doc/gug/reverse-proxy.html#setting-up-the-remote-ip-valve 



taking into account that the

internalProxies

property must be set as a regular expression, as indicated in tomcat 
documentation here:


https://tomcat.apache.org/tomcat-8.5-doc/api/org/apache/catalina/valves/RemoteIpValve.html

I think that the guacamole documentation should be changed to take 
this information into account, as the shown example seems to be incorrect:


**

because in regular expression, the dot is “any character except 
newline”, while in this case the correct syntax would be


internalProxies="127\.0\.0\.1"

to match the literal dot and the exact 127.0.0.1 IP address

Best regards.

Lorenzo

*Da:*Prakhar Jalan 
*Inviato:* giovedì 26 ottobre 2023 11:56
*A:* user@guacamole.apache.org
*Oggetto:* Re: Bad user remote IP

Hello,

I am facing the same issue. Could you please provide the exact steps 
to log the ACTUAL IP of the user?


Thanks a ton!

Prakhar



*From:*Maciej Konigsman >

*Sent:* Wednesday, October 25, 2023 18:21
*To:* user@guacamole.apache.org  
mailto:user@guacamole.apache.org>>

*Subject:* Re: Bad user remote IP

Thanks for your help.

It works with the following

 internalProxies="127\.\d+\.\d+\.\d+|10\.\d+\.\d+\.\d+"

127... - for nginx running on the same server as Guacamole

10... - AWS private network

On Wed, 25 Oct 2023 at 13:25, Henri Alves de Godoy 
mailto:henri.go...@fca.unicamp.br>> wrote:


Hi all,

the remote ip registration only worked when I put the options
below in server.xml

---

        

        

--

Att,

Henri.

Em qua., 25 de out. de 2023 às 08:16, Nick Couchman
mailto:vn...@apache.org>> escreveu:

On Wed, Oct 25, 2023 at 6:19 AM Maciej Konigsman
mailto:maciej.konigsman@eatit.cloud>> wrote:

Valve config

        

What private subnet applies to your ELB?

ELB is in the same subnet as the EC2 instance where
Guacamole is installed.

Presumably the ELB is not running on the localhost
(127.0.0.1), so I suspect that you need the actual IP
address(es) and/or subnets of the ELB placed into the
"internalProxies" property in this valve.

-Nick


--

Re: Configuring connections to use recording storage for docker version

2023-05-26 Thread Golota S.V. 
guacamole.properties is located at: 
/home/guacamole/.guacamole/guacamole.properties and I can't mount it for 
editing and then saving.


26.05.2023 17:23, Nick Couchman пишет:
Yep, you are correct, the option for the recording storage path is not 
available in the Docker startup script. Sorry we missed that earlier - 
we'll need to put in a Jira ticket and change to add that option to 
the startup.


Regarding the guacamole.properties file, most likely it is in 
/etc/guacamole in the container, as that's the default GUACAMOLE_HOME 
location.


--
С уважением Голота С.В.
Администратор компьютерной сети
AO "Тургай-Петролеум"
e-mail: sgol...@turgai.kz
сот. +2435230
раб. +77242261610


-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org

Re: Configuring connections to use recording storage for docker version

2023-05-21 Thread Golota S.V. 
That's exactly what I did. but the error remains. It is a pity that it 
may be possible to solve this in the future.


19.05.2023 17:50, Nick Couchman пишет:
I don't have a ton of experience with Docker, but I believe what you 
need to do is:

* Create a directory on your host system that will store the recordings.
* Mount this directory as a volume on your guacd container, so that 
guacd can store the recordings. Make sure the UID and/or GID of guacd 
has write access to the folder.
* Mount this same directory as a volume on your guacamole-client 
container, so that the recording playback extension can access the 
recording files. Make sure the UID and/or GID of guacamole-client 
(tomcat) has reda access to the folder.


--
С уважением Голота С.В.
Администратор компьютерной сети
AO "Тургай-Петролеум"
e-mail: sgol...@turgai.kz
сот. +2435230
раб. +77242261610


-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org

Re: Configuring connections to use recording storage for docker version

2023-05-18 Thread Golota S.V. 
the problem is not solved, I also can not access the records through the 
web. I think the problem with access to the directory remains if, 
according to the recommendations, specify in the Recording path: 
${HISTORY_PATH}/${HISTORY_UUID} so that the recording goes without 
errors, the path must be explicitly specified 
"/var/lib/guacamole/recordings/${HISTORY_UUID}" i tried to create path 
/var/lib/guacamole/recordings in servlet container and mount to the same 
directory same as the guacd container but the result is negative.


18.05.2023 20:26, Michael Jumper пишет:

On 5/18/23 02:27, Golota S.V. wrote:
on the virtual guacamole, I looked at the tomcat 998 group ID, 
registered it, but this did not give a result


The group used by the "guacamole/guacamole" image for the Tomcat 
service is "guacamole" and has a GID of 1001.


- Mike

-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org


--
С уважением Голота С.В.
Администратор компьютерной сети
AO "Тургай-Петролеум"
e-mail:sgol...@turgai.kz
сот. +2435230
раб. +77242261610

Re: Configuring connections to use recording storage for docker version

2023-05-18 Thread Golota S.V. 
on the virtual guacamole, I looked at the tomcat 998 group ID, 
registered it, but this did not give a result


18.05.2023 12:29, Golota S.V. пишет:
for guacamole to work, I have 3 containers: guacacamole, guacd, guacdb 
in water there is no tomcat group there is a tomcat directory in the 
guacamole container (it is primed to the container) but there is no 
special rights to it

18.05.2023 12:10, Michael Jumper пишет:
Yes - you'll need to ensure that the Tomcat group has read 
permission. It's OK if there is no such group in the guacd container 
- all that matters is that the numeric GID matches.

--
С уважением Голота С.В.
Администратор компьютерной сети
AO "Тургай-Петролеум"
e-mail:sgol...@turgai.kz
сот. +2435230
раб. +77242261610


--
С уважением Голота С.В.
Администратор компьютерной сети
AO "Тургай-Петролеум"
e-mail:sgol...@turgai.kz
сот. +2435230
раб. +77242261610

Re: Configuring connections to use recording storage for docker version

2023-05-18 Thread Golota S.V. 
for guacamole to work, I have 3 containers: guacacamole, guacd, guacdb 
in water there is no tomcat group there is a tomcat directory in the 
guacamole container (it is primed to the container) but there is no 
special rights to it


18.05.2023 12:10, Michael Jumper пишет:
Yes - you'll need to ensure that the Tomcat group has read permission. 
It's OK if there is no such group in the guacd container - all that 
matters is that the numeric GID matches.


--
С уважением Голота С.В.
Администратор компьютерной сети
AO "Тургай-Петролеум"
e-mail:sgol...@turgai.kz
сот. +2435230
раб. +77242261610

Configuring connections to use recording storage for docker version

2023-05-16 Thread Golota S.V. 
Hello!! I have a docker version of guacamole:latest set up trying to set 
up connection recording:created a directory for recording changed the 
commands chown 1000:1000, chmod 2750 in the web admin settings specified 
the directory name and file name (${HISTORY_UUID}) in this option the 
recording goes but in history There are no logs of information to record 
and there is no way to view it. do everything according to the 
instructions 
https://guacamole.apache.org/doc/gug/recording-playback.html does not 
work, it is not applicable for docker. you can give advice.

Re: Wake-on-LAN (WoL)

2022-08-01 Thread Golota S.V. 
I found the reason: the whole point is that the containers are on a 
different subnet, if you make a static address on the guacd container, 
then everything works



-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org

Wake-on-LAN (WoL)

2022-07-31 Thread Golota S.V. 
Hello, I'm using docker Guacamole 1.4, the Wake-on-LAN (WoL) function 
used to work for me, now it doesn't, I suspect that there is no 
wakeonlan package in the container images, how can I fix this error?



-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org

Re: Guacamole+fail2ban

2022-05-25 Thread Golota S.V. 
the author recommends changing the logback.xml file " 
https://github.com/crazy-max/docker-fail2ban/tree/master/examples/jails/guacamole; 

and output the log file from the container for fail2ban processing, but 
I couldn’t do it, I don’t have enough rights, the guacamole container 
starts without root rights


19.05.2022 04:30, Michael Jumper пишет:
On Mon, May 16, 2022 at 9:37 PM Golota S.V. 
 wrote:


Hello!! I use docker version guacamole 1.4 since I organized access
through nginx proxy manager and attached to fail2ban from
crazy-max/docker-fail2ban everything is fine, but there are many
false
locks after authorization. there are recommendations to analyze
logs not
from nginx but from tomcat right from the container, I can’t
display the
logback.xml settings file from the container to correct and enable
logging, what do you recommend?


Can you clarify what it is you are trying to correct/enable? Logging 
is always enabled within the "guacamole/guacamole" Docker image. The 
logs should be visible directly within the Docker logs for the container.


- Mike

Guacamole+fail2ban

2022-05-16 Thread Golota S.V. 
Hello!! I use docker version guacamole 1.4 since I organized access 
through nginx proxy manager and attached to fail2ban from 
crazy-max/docker-fail2ban everything is fine, but there are many false 
locks after authorization. there are recommendations to analyze logs not 
from nginx but from tomcat right from the container, I can’t display the 
logback.xml settings file from the container to correct and enable 
logging, what do you recommend?


--


-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org

Fwd: SSH handshake failed

2021-12-18 Thread Golota S.V. 

i tried via public key but didn't help either

ssh-keygen -t rsa -b 4096 -m PEM

You can also use OpenSSL to create the private key:

openssl genrsa -out id_rsa 4096
Then to get the public key:

ssh-keygen -y -f id_rsa

a source:

https://www.reddit.com/r/selfhosted/comments/os4d52/guacamole_ssh_keys_help/


OS: Linux version 5.10.84-1-MANJARO

openssh-8.8p1-1





17.12.2021 21:24, Nick Couchman пишет:
What are the properties of the system you're connecting to - what type 
of system, version of OpenSSH, etc.? We've had reports recently of 
this when connecting to newer OpenSSH installs that limit host key and 
key exchange algorithms to ones that aren't currently implemented in 
Guacamole.



-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org

SSH handshake failed

2021-12-16 Thread Golota S.V. 
Hello!! I have an error "SSH handshake failed" when connecting ssh 
client manjaro zsh normal bash clients connect without problems. tell me 
how to solve the problem.



-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org

LDAP authentication not working

2021-10-26 Thread Golota S.V. 

Hello, if my experience is useful, I did this:
LDAP_HOSTNAME: "ip_addr_dc"
  LDAP_PORT: "389"
  LDAP_ENCRYPTION_METHOD: "none"
  LDAP_SEARCH_BIND_DN: "CN = guacamoleadmin, OU = domaim, DC = local"
  LDAP_SEARCH_BIND_PASSWORD: "password"
  LDAP_USER_BASE_DN: "OU = NET, DC = domain, DC = local"
  LDAP_USERNAME_ATTRIBUTE: "samAccountName"
  LDAP_GROUP_BASE_DN: "OU = Group, DC = domain, DC = local"
  LDAP_GROUP_NAME_ATTRIBUTE: "cn"
  LDAP_FOLLOW_REFERRALS: "false"
  LDAP_USER_SEARCH_FILTER: "(& (objectClass = *) (memberOf = CN = 
rdp-user, OU = Group, DC = domain, DC = local))"


26.10.2021 05:31, Maik Heinelt пишет:
I am not getting LDAP authentication with my Windows 2019 server to work.
My guacamole.properties looks as following:

guacd-hostname:                localhost
guacd-port:                          4822
GUACAMOLE_HOME:       /etc/guacamole

auth-provider: 
net.sourceforge.guacamole.net.auth.ldap.LDAPAuthenticationProvider


# LDAP properties
ldap-hostname:                    MyWin2019Server
ldap-port:                              389
ldap-encryption-method:         none
ldap-username-attribute:        sAMAccountName
ldap-user-base-dn:              OU=Users,DC=mydomain,DC=local
ldap-search-bind-dn: CN=Administrator,CN=Users,DC=mydomain,DC=local
ldap-search-bind-password:      GoodPassword


I got the ldap-search-bind-dn from the server LDAP admin properties >> 
Attribute Editor >> distinguishedName , so I am pretty sure this should 
be correct.
I am able to reach the LDAP without errors with using SSL or also no 
encryption via Guacamole server command line using ldapsearch.
When looking at the catalina.out log file, there is no error or warning 
shown when I try to authenticate via LDAP.
Just a "WARN  o.a.g.r.auth.AuthenticationService - Authentication 
attempt from153.156.182.53 for user "MyUser" failed."


Please correct me if I am wrong, but my understanding is, I should be 
able to authenticate with every user with its account name who is at the 
Users OU.


Maik

--
С уважением Голота С.В.
Администратор компьютерной сети
AO "Тургай-Петролеум"
e-mail:sgol...@turgai.kz
сот. +2435230
раб. +77242261610

RemoteIPValve

2021-10-25 Thread Golota S.V. 
Hello!! Guacamole on docker. there is a problem with the real IP 
addresses of users in the logs, tried to solve it as before by adding 
entries to the conf / server.xml file (previously removed it from the 
mounting container) but did not give a solution to this problem?



-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org

Disable glyph caching:

2021-10-22 Thread Golota S.V. 
Hello in the article: 
(https://www.mail-archive.com/user@guacamole.apache.org/msg07992.html) 
explains how to disable Disable glyph caching: tell me how to apply this 
advice to a docker installation? I tried running this patch in guacamole 
and guacdb containers but it stops and asks for a filename:


root@1c3f2d95063c:/tmp# patch -p1 < 324.diff
can't find file to patch at input line 5
Perhaps you used the wrong -p or --strip option?
The text leading up to this was:
--
|diff --git a/src/protocols/rdp/settings.c b/src/protocols/rdp/settings.c
|index dd8a96fbd..e12e8c12f 100644
|--- a/src/protocols/rdp/settings.c
|+++ b/src/protocols/rdp/settings.c
--
File to patch:


-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org

Re: Group change connection settings

2021-04-03 Thread Golota S.V. 

The proposed schemes are new to me and require testing. I will try thanks!

03.04.2021 19:09, Nick Couchman пишет:
On Sat, Apr 3, 2021 at 6:15 AM Golota S.V.  
wrote:


Hello! tell me a way to group change connection settings
when working with mysql
I have currently created templates for vnc end rdp connections but
it is
good to create new connections.


I'm guessing this is related to your other mailing list question, 
regarding disabling Glyph Caching, but, no, there is no way to do 
setting inheritance or bulk updates of connection parameters within 
the admin interface. However, you can do this by modifying the 
database directly in the database. The schema is reasonably 
straight-forward, and manual modification of data is well-documented:


http://guacamole.apache.org/doc/gug/jdbc-auth.html#jdbc-auth-schema 
<http://guacamole.apache.org/doc/gug/jdbc-auth.html#jdbc-auth-schema>


You can also use REST API calls and a utility using the programming 
and/or scripting language of your choosing. Someone recently posted a 
link to a PowerShell module, if you like PS, and manipulating data via 
the REST API with Python or Ansible is pretty easy. Unfortunately the 
REST API documentation is not quite as easy to get at as some of the 
other documentation, so you'll have to piece that together yourself, 
but there is an effort to try to better document that.


-Nick


--

Group change connection settings

2021-04-03 Thread Golota S.V. 

Hello! tell me a way to group change connection settings
when working with mysql
I have currently created templates for vnc end rdp connections but it is 
good to create new connections.


--


-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org

Re: upgrade guacamole 1.2.0 to 1.3.0

2021-04-02 Thread Golota S.V. 
Thanks Michael it helped! tell me you don’t know how to apply this fix 
to all settings (globally) taking into account that strings are stored 
in mysql?



02.04.2021 22:16, Mike Jumper пишет:
On Thu, Apr 1, 2021 at 9:57 PM Golota S.V. <mailto:sgol...@turgai.kz>> wrote:


solved this problem:
systemctl start tomcat9 guacd

guacd has no bearing on extensions.

removed / var / lib / tomcat9 / webapps / guacamole

This is probably what ultimately solved what you were experiencing - a 
cached copy of an older version of the web application.


re-compiled server 1.3.0

guacamole-server and guacd have no bearing on extensions.

Now there is a problem that throws out windows 7 from the session
when you hover over the start button, but this is a topic for
another discussion.

Try disabling the glyph cache. See: 
https://issues.apache.org/jira/browse/GUACAMOLE-1191 
<https://issues.apache.org/jira/browse/GUACAMOLE-1191>


Michael Jumper
CEO, Lead Developer
Glyptodon Inc <https://glyp.to/>.

Re: upgrade guacamole 1.2.0 to 1.3.0

2021-04-01 Thread Golota S.V. 

solved this problem:
systemctl start tomcat9 guacd
removed / var / lib / tomcat9 / webapps / guacamole re-compiled server 1.3.0
Now there is a problem that throws out windows 7 from the session when 
you hover over the start button, but this is a topic for another discussion.


02.04.2021 09:22, Mike Jumper пишет:


installation itself (server compilation is easy) as well as copy /
paste client (guacamole.war)
a mistake can be made toko in a sequence that I do not follow
however, I keep getting the error:

[main] ERROR o.a.g.extension.ExtensionModule - Extension
"guacamole-auth-jdbc-mysql-1.3.0.jar" could not be loaded:
Extension "MySQL Authentication" is not compatible with this
version of Guacamole.
[main] DEBUG o.a.g.extension.ExtensionModule - Unable to load
extension.
[info] org.apache.guacamole.GuacamoleServerException: Extension
"MySQL Authentication" is not compatible with this version of
Guacamole.

this despite the fact that the server is running and the version
is correct:

...
апр 02 08:44:08 rdp systemd[1]: Starting LSB: Guacamole proxy
daemon...
апр 02 08:44:08 rdp guacd[471]: Guacamole proxy daemon (guacd)
version 1.3.0 started
...

The error you're seeing is from the *Guacamole web application* 
(guacamole.war), not guacd. The error means that you are running a 
version of the Guacamole web application that is incompatible with the 
extension. Your copy of guacd may well be 1.3.0, but your copy of the 
web application is not.

Re: upgrade guacamole 1.2.0 to 1.3.0

2021-04-01 Thread Golota S.V. 
installation itself (server compilation is easy) as well as copy / paste 
client (guacamole.war)

a mistake can be made toko in a sequence that I do not follow
however, I keep getting the error:

[main] ERROR o.a.g.extension.ExtensionModule - Extension 
"guacamole-auth-jdbc-mysql-1.3.0.jar" could not be loaded: Extension 
"MySQL Authentication" is not compatible with this version of Guacamole.

[main] DEBUG o.a.g.extension.ExtensionModule - Unable to load extension.
[info] org.apache.guacamole.GuacamoleServerException: Extension "MySQL 
Authentication" is not compatible with this version of Guacamole.


this despite the fact that the server is running and the version is correct:

Linux rdp 4.19.0-13-amd64 #1 SMP Debian 4.19.160-2 (2020-11-28) x86_64

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Fri Apr  2 08:02:35 2021 from #.#.#.#
root@rdp:~# nano  /var/log/tomcat9/catalina.out
root@rdp:~# systemctl statusguacd
Unknown operation statusguacd.
root@rdp:~# systemctl status guacd
● guacd.service - LSB: Guacamole proxy daemon
   Loaded: loaded (/etc/init.d/guacd; generated)
   Active: active (running) since Fri 2021-04-02 08:44:08 +05; 55s ago
 Docs: man:systemd-sysv-generator(8)
  Process: 470 ExecStart=/etc/init.d/guacd start (code=exited, 
status=0/SUCCESS)

    Tasks: 1 (limit: 4700)
   Memory: 15.0M
   CGroup: /system.slice/guacd.service
   └─579 /usr/local/sbin/guacd -p /var/run/guacd.pid

апр 02 08:44:08 rdp systemd[1]: Starting LSB: Guacamole proxy daemon...
апр 02 08:44:08 rdp guacd[471]: Guacamole proxy daemon (guacd) version 
1.3.0 started
апр 02 08:44:08 rdp guacd[470]: Starting guacd: guacd[471]: INFO:    
Guacamole proxy daemon (guacd) version 1.3.0 started

апр 02 08:44:08 rdp guacd[470]: SUCCESS
апр 02 08:44:08 rdp systemd[1]: Started LSB: Guacamole proxy daemon.
апр 02 08:44:08 rdp guacd[579]: Listening on host 127.0.0.1, port 4822

01.04.2021 20:14, Nick Couchman пишет:

org.apache.guacamole.GuacamoleServerException: Extension "MySQL Authentication" 
is not compatible with this version of Guacamole.
This message in your log file indicates that the version of Guacamole is not 
actually 1.3.0. Make sure you're deploying the correct WAR file after you've 
updated the extension JAR files.
-Nick


--
С уважением Голота С.В.
Администратор компьютерной сети
AO "Тургай-Петролеум"
e-mail: sgol...@turgai.kz
сот. +2435230
раб. +77242261610

Re: upgrade guacamole 1.2.0 to 1.3.0

2021-04-01 Thread Golota S.V. 
help solve the problem, look at the log and tell you the reason for the 
AD user authentication error via the mysql database after the update to 
version 1.3.0



30.03.2021 16:31, Nick Couchman пишет:
On Tue, Mar 30, 2021 at 6:41 AM Golota S.V. <mailto:sgol...@turgai.kz>> wrote:


I use installation through a script. (Docker is not used there)
but there is a more detailed instruction, I did not understand
everything from your advice.


Instructions for installation can be found in the manual:

http://guacamole.apache.org/doc/gug/installing-guacamole.html 
<http://guacamole.apache.org/doc/gug/installing-guacamole.html>


This includes instructions for building Guacamole Server from source, 
as well as installing the client components. I cannot offer advice or 
help on the installation script, as it is not part of the official 
Guacamole project. I believe the person who wrote the install script 
participates on the list, so they might be able to jump in and offer 
advice on upgrading via the script, but I am not familiar with it.


If you have specific questions, feel free to post back, here, and ask, 
but please also read the documentation and see if that helps you to 
understand the process.


-Nick


--
С уважением Голота С.В.
Администратор компьютерной сети
AO "Тургай-Петролеум"
e-mail: sgol...@turgai.kz
сот. +2435230
раб. +77242261610

[2021-04-01 19:43:46] [info] NOTE: Picked up JDK_JAVA_OPTIONS:  
--add-opens=java.base/java.lang=ALL-UNNAMED 
--add-opens=java.base/java.io=ALL-UNNAMED 
--add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED
[2021-04-01 19:43:48] [warning] Match [Server/Service/Engine/Valve] failed to 
set property [remoteIpProxiesHeader] to [x-forwarded-by]
[2021-04-01 19:43:48] [info] Server version name:   Apache Tomcat/9.0.31 
(Debian)
[2021-04-01 19:43:48] [info] Server built:  Jul 15 2020 11:43:33 UTC
[2021-04-01 19:43:48] [info] Server version number: 9.0.31.0
[2021-04-01 19:43:48] [info] OS Name:   Linux
[2021-04-01 19:43:48] [info] OS Version:4.19.0-13-amd64
[2021-04-01 19:43:48] [info] Architecture:  amd64
[2021-04-01 19:43:48] [info] Java Home: 
/usr/lib/jvm/java-11-openjdk-amd64
[2021-04-01 19:43:48] [info] JVM Version:   
11.0.9.1+1-post-Debian-1deb10u2
[2021-04-01 19:43:48] [info] JVM Vendor:Debian
[2021-04-01 19:43:48] [info] CATALINA_BASE: /var/lib/tomcat9
[2021-04-01 19:43:48] [info] CATALINA_HOME: /usr/share/tomcat9
[2021-04-01 19:43:48] [info] Command line argument: 
--add-opens=java.base/java.lang=ALL-UNNAMED
[2021-04-01 19:43:48] [info] Command line argument: 
--add-opens=java.base/java.io=ALL-UNNAMED
[2021-04-01 19:43:48] [info] Command line argument: 
--add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED
[2021-04-01 19:43:48] [info] Command line argument: 
-Djava.util.logging.config.file=/var/lib/tomcat9/conf/logging.properties
[2021-04-01 19:43:48] [info] Command line argument: 
-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager
[2021-04-01 19:43:48] [info] Command line argument: -Djava.awt.headless=true
[2021-04-01 19:43:48] [info] Command line argument: 
-Djdk.tls.ephemeralDHKeySize=2048
[2021-04-01 19:43:48] [info] Command line argument: 
-Djava.protocol.handler.pkgs=org.apache.catalina.webresources
[2021-04-01 19:43:48] [info] Command line argument: 
-Dorg.apache.catalina.security.SecurityListener.UMASK=0027
[2021-04-01 19:43:48] [info] Command line argument: -Dignore.endorsed.dirs=
[2021-04-01 19:43:48] [info] Command line argument: 
-Dcatalina.base=/var/lib/tomcat9
[2021-04-01 19:43:48] [info] Command line argument: 
-Dcatalina.home=/usr/share/tomcat9
[2021-04-01 19:43:48] [info] Command line argument: -Djava.io.tmpdir=/tmp
[2021-04-01 19:43:48] [info] An older version [1.2.21] of the APR based Apache 
Tomcat Native library is installed, while Tomcat recommends a minimum version 
of [1.2.23]
[2021-04-01 19:43:48] [info] Loaded APR based Apache Tomcat Native library 
[1.2.21] using APR version [1.6.5].
[2021-04-01 19:43:48] [info] APR capabilities: IPv6 [true], sendfile [true], 
accept filters [false], random [true].
[2021-04-01 19:43:48] [info] APR/OpenSSL configuration: useAprConnector 
[false], useOpenSSL [true]
[2021-04-01 19:43:48] [info] OpenSSL successfully initialized [OpenSSL 1.1.1d  
10 Sep 2019]
[2021-04-01 19:43:48] [info] Initializing ProtocolHandler ["http-nio-8080"]
[2021-04-01 19:43:48] [info] Server initialization in [902] milliseconds
[2021-04-01 19:43:48] [info] Starting service [Catalina]
[2021-04-01 19:43:48] [info] Starting Servlet engine: [Apache Tomcat/9.0.31 
(Debian)]
[2021-04-01 19:43:48] [info] Deploying web application archive 
[/var/lib/tomcat9/webapps/guacamole.war]
[2021-04-01 19:43:50] [info] At least one JAR was scanned for TLDs yet 
contained no TLDs. Enable debug logging for this logger for a complete list of 
JARs that were scanned but no TLDs were found in them. Skipping

Re: upgrade guacamole 1.2.0 to 1.3.0

2021-04-01 Thread Golota S.V. 
figured out the problem a little: updated the server manually to version 
1.3.0 replaced
guacamole-1.3.0.war updated / extensions / after restart users cannot 
log in by exclusion method found out that updated server 1.3.0 does not 
want to work with new guacamole-auth-jdbc-mysql-1.3.0.jar and 
guacamole-auth-ldap -1.3.0.jar if you return extensions v 1.2.0 
everything works but it's wrong, isn't it?


30.03.2021 16:31, Nick Couchman пишет:
On Tue, Mar 30, 2021 at 6:41 AM Golota S.V. <mailto:sgol...@turgai.kz>> wrote:


I use installation through a script. (Docker is not used there)
but there is a more detailed instruction, I did not understand
everything from your advice.


Instructions for installation can be found in the manual:

http://guacamole.apache.org/doc/gug/installing-guacamole.html 
<http://guacamole.apache.org/doc/gug/installing-guacamole.html>


This includes instructions for building Guacamole Server from source, 
as well as installing the client components. I cannot offer advice or 
help on the installation script, as it is not part of the official 
Guacamole project. I believe the person who wrote the install script 
participates on the list, so they might be able to jump in and offer 
advice on upgrading via the script, but I am not familiar with it.


If you have specific questions, feel free to post back, here, and ask, 
but please also read the documentation and see if that helps you to 
understand the process.


-Nick


--
С уважением Голота С.В.
Администратор компьютерной сети
AO "Тургай-Петролеум"
e-mail: sgol...@turgai.kz
сот. +2435230
раб. +77242261610

Re: upgrade guacamole 1.2.0 to 1.3.0

2021-03-30 Thread Golota S.V. 
I use installation through a script. (Docker is not used there) but 
there is a more detailed instruction, I did not understand everything 
from your advice.



30.03.2021 00:57, Nick Couchman пишет:
On Mon, Mar 29, 2021 at 8:06 AM Golota Sergey 
 wrote:


used the installation script

https://github.com/MysticRyuujin/guac-install



It still depends on whether you're doing Docker or native install. If 
using Docker, it should be as easy as updating the individual 
containers and re-launching them. If you're doing a native install, 
without Docker, then you'll need to:


* Download updated components (guacamole WAR file, any extensions, and 
guacamole-server)

* Rebuild guacamole-server, install, and restart guacd
* Update the extensions
* Deploy the WAR file, which will also re-start the client

There are no DB changes between 1.2.0 and 1.3.0, so no need to update 
DB schema.


-NIck

upgrade guacamole 1.2.0 to 1.3.0

2021-03-28 Thread Golota S.V. 
Hello! want to upgrade my guacamole 1.2.0 (debian 10, AD-auth, NGINX) to 
1.3.0 how to approach this issue?



-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org

Re: Converting a session recording

2021-02-25 Thread Golota S.V. 


25.02.2021 17:14, Golota S.V. пишет:


Very thanks Nic  it really helped. I find it hard to write scripts

25.02.2021 17:00, Nick Couchman пишет:
On Thu, Feb 25, 2021 at 2:01 AM Golota S.V. 
 wrote:



>
>
> Hello!! made a script for automatic conversion of recording
sessions,
> the script itself works, but if you run it through cron, the line
> linked to the conversion does not work, I think the matter is
in the
> absence of the output parameter of the guacenc utility file.
tell me
> how to fix it.
>


Do you get a specific error?

>
> ++
>
> #!/usr/bin/bash
> guacenc -s 1024x768 /mnt/nfs-32/stream/web-app/tmp/*
> mv /mnt/nfs-32/stream/web-app/tmp/*.m4v /mnt/nfs-32/stream/web-app
> rm -r /mnt/nfs-32/stream/web-app/tmp
> mkdir /mnt/nfs-32/stream/web-app/tmp
>
> ++
>


Two things I see, here:
1) Often times when scripts are run out of cron, the PATH variable 
does not necessarily contain all the values it would for "normal" 
users. So, you might try specifying the full path to the guacenc 
utility, or set the path at the top of the script.
2) Relying on wildcards can be a bit dangerous and unpredictable. I'd 
recommend rewriting this script using a bash for loop. Something like 
this:


==
#!/usr/bin/bash

for file in $(/usr/bin/find /mnt/nfs-32/stream/web-app/tmp -type f); do
    /usr/local/bin/guacenc -s 1024x768 ${file}
    /usr/bin/mv ${file}.m4v /mnt/nfs-32/stream/web-app
    /usr/bin/rm -f ${file}
done
==

Note that I have not tested the above script at all - it likely has 
some errors in it, but should be a good starting point. It also may 
not be the best or only answer to it, just my humble suggestion.


-Nick


--

Converting a session recording

2021-02-24 Thread Golota S.V. 






Hello!! made a script for automatic conversion of recording sessions, 
the script itself works, but if you run it through cron, the line 
linked to the conversion does not work, I think the matter is in the 
absence of the output parameter of the guacenc utility file. tell me 
how to fix it.



++

#!/usr/bin/bash
guacenc -s 1024x768 /mnt/nfs-32/stream/web-app/tmp/*
mv /mnt/nfs-32/stream/web-app/tmp/*.m4v /mnt/nfs-32/stream/web-app
rm -r /mnt/nfs-32/stream/web-app/tmp
mkdir /mnt/nfs-32/stream/web-app/tmp

++



-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org