I did the following some time ago for setting up the Guacamole Client:
oc new-app --name guacd-client guacamole/guacamole \
-e GUACD_HOSTNAME=guacd \
-e GUACD_PORT=4822 \
-e POSTGRESQL_HOSTNAME=guac-postgres \
-e POSTGRES_PORT=5432 \
-e POSTGRESQL_DATABASE=guacamole \
-e POSTGRESQL_USER=postgres \
-e POSTGRESQL_PASSWORD=postgres
oc create serviceaccount guacd-client
oc adm policy add-scc-to-user anyuid -z guacd-client
oc set serviceaccount deployment/guacd-client guacd-client
oc set volume deployment guacd-client --add --name guacd-config -m
/.guacamole -t pvc --claim-size=1G --claim-name=guacd-client
Maybe this helps.
Jochen
On Sun, Jun 22, 2025 at 2:05 PM Nick Couchman <[email protected]> wrote:
> On Sun, Jun 22, 2025 at 7:44 AM ענבל סטולרסקי <
> [email protected]> wrote:
>
>> Hey :)
>> Not sure if you got my last email, do you have an update? Cause I’m
>> getting a permission denies error
>> Thanks!
>>
>>
> Yes, your e-mail came through.
>
>
>> On Tue, 17 Jun 2025 at 17:08 ענבל סטולרסקי <[email protected]>
>> wrote:
>>
>>> So I thought it would work fine without root privileges as well so I
>>> tried to deploy both guacamole and guacd as it is on my Openshift
>>> namespaces and the results were that the guacd pod worked perfectly fine on
>>> rootless mode where as the guacamole pod issued the following error:
>>>
>>> "mkdir: cannot create directory ‘//.guacamole’: Permission denied"
>>>
>>> Tried to understand why it's happening but honestly I'm not sure :(
>>>
>>> Just to have some context, I have a namespace in an internal Openshift
>>> cluster in which I do not have root privileges.
>>>
>>>
> I'm not terribly familiar with Openshift, but this message isn't terribly
> complicated, and isn't really specific to Guacamole. The user running
> guacamole is trying to create a directory and is getting a permission
> denied error, which means that user account does not have access to create
> that directory. I'm not sure why it would be trying to create it at the
> root of the container (//.guacamole), unless the home directory for this
> user is set to / or you're overriding the location of GUACAMOLE_HOME to
> point to /. You might just have to continue to adjust things within the
> Openshift platform until you're able to get it to the point where the
> container can write a directory.
>
> I am starting to get more familiar with Openshift and K8s, so if I have a
> chance in the near-future I'll try to try it out and see if I run into the
> same issues, but not sure exactly when that'll be.
>
> -Nick
>
