■guacamole 1.4.0 インストール(20230213更新)
[amazon linux 2へインストール]https://guacamole.apache.org/releases/$ wget https://apache.org/dyn/closer.lua/guacamole/1.4.0/binary/guacamole-1.4.0.war?action=download -O guacamole-1.4.0.war
$ wget https://apache.org/dyn/closer.lua/guacamole/1.4.0/source/guacamole-server-1.4.0.tar.gz?action=download -O guacamole-server-1.4.0.tar.gz
# yum -y install libguac-client-rdp libguac-client-vnc libguac-client-ssh uuid-devel libuuid-devel
# yum -y install autoconf automake libtool libpng
# yum -y install libpng-devel libjpeg-turbo-devel cairo-devel libjpeg-devel
# yum -y install freerdp-devel libssh2-devel pango-devel libvncserver-devel
$ tar xvzf guacamole-server-1.4.0.tar.gz
$ cd guacamole-server-1.4.0
$ autoreconf -fi
$ ./configure --with-init-dir=/etc/init.d
$ make
# make install
$ make
# make install
# ldconfig
------------------------------------------------
guacamole-server version 1.4.0
------------------------------------------------
Library status:
freerdp2 ............... yes
pango .................. yes
libavcodec .......... no
libavformat......... no
libavutil ............. no
libssh2 ............... yes
libssl .................. yes
libswscale ......... no
libtelnet ............ no
libVNCServer .... no
libvorbis ........... no
libpulse ............ no
libwebsockets .. no
libwebp ............ no
wsock32 ........... no
Protocol support:
Kubernetes .... no
RDP ........... yes
SSH ........... yes
Telnet ........ no
VNC ........... no
Services / tools:
guacd ...... .yes
guacenc .... no
guaclog .... yes
FreeRDP plugins: /usr/lib64/freerdp2
Init scripts: /etc/init.d
Systemd units: no
# mv guacamole-1.4.0.war /opt/tomcat/webapps
# mkdir /etc/guacamole
# vi /etc/guacamole/guacamole.properties <<__EOF__
# Hostname and port of guacamole proxy
guacd-hostname: localhost
guacd-port: 4822
# Location to read extra .jar's from
#lib-directory: /opt/tomcat/webapps/guacamole/WEB-INF/classes
# Authentication provider class(authenticates user/pass combination, needed if using the provided login screen)
auth-provider: net.sourceforge.guacamole.net.basic.BasicFileAuthenticationProvider
# Properties used by BasicFileAuthenticationProvider
basic-user-mapping: /etc/guacamole/user-mapping.xml
__EOF__
# vi /etc/guacamole/guacd.conf << __EOF__
[server]
bind_host = 127.0.0.1
bind_port = 4822
__EOF__
# vi /etc/guacamole/logback.xml << __EOF__
<configuration>
<!-- Appender for debugging -->
<appender name="GUAC-DEBUG" class="ch.qos.logback.core.ConsoleAppender">
<encoder>
<pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n</pattern>
</encoder>
</appender>
<!-- Log at DEBUG level -->
<root level="debug">
<appender-ref ref="GUAC-DEBUG"/>
</root>
</configuration>
__EOF__
# vi /etc/guacamole/user-mapping.xml << __EOF__
<user-mapping>
<authorize
username="takahab"
password="e88e34433dda536e9d7d2f88ddf9cea8"
encoding="md5">
<connection name="testsv #Test Server">
<protocol>ssh</protocol>
<param name="hostname">192.168.13.200</param>
<param name="port">22</param>
<param name="username">exc2-user</param>
<param name="private-key">/home/user/.ssh/guacamole_rsa</param>
<param name="enable-sftp">true</param>
<param name="sftp-directory">/var/tmp/guacd/</param>
<param name="font-name">Ricty Diminished Discord</param>
<param name="font-size">14</param>
<param name="color-scheme">green-black/</param>
<param name="ignore-cert">true</param>
</connection>
__EOF__
passwordは、下記で暗号化
# echo -n 'パスワード' | md5sum
# vi /usr/lib/systemd/system/guacd.service <<__EOF__
[Unit]
Description=Guacamole proxy daemon
Documentation=man:guacd(8)
After=network.target
[Service]
EnvironmentFile=-/etc/sysconfig/guacd
ExecStart=/usr/local/sbin/guacd -f $OPTS
Restart=on-failure
User=tomcat
Group=tomcat
[Install]
WantedBy=multi-user.target
__EOF__
# vi /etc/sysconfig/tomcat << __EOF__
GUACAMOLE_HOME=/etc/guacamole
__EOF__
# vi /etc/sysconfig/guacd << __EOF__
# Guacamole daemon configuration
# For details see guacd man page
# Change listening port from default 4822
# OPTS="-l 4823"
GUACAMOLE_HOME=/etc/guacamole
__EOF__
# systemctl start guacd
# systemctl enable guacd
# cd opt
# wget https://dlcdn.apache.org/tomcat/tomcat-10/v10.1.5/bin/apache-tomcat-10.1.5.tar.gz
# tar xvzf apache-tomcat-10.1.5.tar.gz
# ln -s apache-tomcat-10.1.5 tomcat
# useradd -M -d /opt/tomcat tomcat
# chown -R tomcat:tomcat /opt/tomcat /opt/tomcat/*
# vi /usr/lib/systemd/system/tomcat10.service<<__EOF__
[Unit]
Description=Apache Tomcat 10
After=network.target
[Service]
Type=oneshot
EnvironmentFile=/etc/sysconfig/tomcat
ExecStart=/opt/tomcat/bin/startup.sh
ExecStop=/opt/tomcat/bin/shutdown.sh
RemainAfterExit=yes
User=tomcat
Group=tomcat
[Install]
WantedBy=multi-user.target
__EOF__
# yum install -y java-1.8.0-openjdk-devel.x86_64
# alternatives --config java
# java -version
openjdk version "1.8.0_352"
OpenJDK Runtime Environment (build 1.8.0_352-b08)
OpenJDK 64-Bit Server VM (build 25.352-b08, mixed mode)
→ catalina.out :Error: Could not create the Java Virtual Machine. # java古くてNG
# java-17-amazon-corretto
# java -version
openjdk version "17.0.6" 2023-01-17 LTS
OpenJDK Runtime Environment Corretto-17.0.6.10.1 (build 17.0.6+10-LTS)
OpenJDK 64-Bit Server VM Corretto-17.0.6.10.1 (build 17.0.6+10-LTS, mixed mode, sharing)
<Location />
</Location>
<Location /guacamole/ >
ProxyPass ajp://localhost:8009/guacamole/
ProxyPassReverse ajp://localhost:8009/guacamole/
</Location>
<Location /zabbix/ >
AllowOverride None
Options ExecCGI
ProxyPass !
</Location>
<Location /tomcat/ >
ProxyPass ajp://localhost:8009/
ProxyPassReverse ajp://localhost:8009/
</Location>
<Location /docs/ >
ProxyPass ajp://localhost:8009/docs/
ProxyPassReverse ajp://localhost:8009/docs/
</Location>
<Location /example/ >
ProxyPass ajp://localhost:8009/examples/
ProxyPassReverse ajp://localhost:8009/examples/
</Location>
<Location /host-manager/>
ProxyPass ajp://localhost:8009/host-manager/
ProxyPassReverse ajp://localhost:8009/host-manager/
</Location>
<Location /manager/>
ProxyPass ajp://localhost:8009/manager/
ProxyPassReverse ajp://localhost:8009/manager/
</Location>
__EOF__
1)クライアントダウンロード
guacamole-client-1.4.0.tar.gz [ PGP ] [ SHA-256 ]
2) データベース構築
$ mysql -u root -p$ cat ../schema/*.sql | mysql -u root -p guacamole
$ mysql -u root -p
# vi /etc/guacamole/guacamole.properties
# dnf -y install cairo-devel libjpeg-turbo-devel libjpeg-devel libpng-devel libtool uuid-devel ffmpeg-devel freerdp-devel pango-devel libssh2-devel libtelnet-devel libvncserver-devel libwebsockets-devel pulseaudio-libs-devel openssl-devel libvorbis-devel libwebp-devel
→#dnf group install "Development Tools"
ProxyPass ajp://localhost:8009/guacamole/
</Location>
<Location /tomcat >
ProxyPass ajp://localhost:8009/
</Location>
<Location /docs >
ProxyPass ajp://localhost:8009/docs/
</Location>
<Location /examples >
ProxyPass ajp://localhost:8009/examples/
</Location>
<Location /host-manager >
ProxyPass ajp://localhost:8009/host-manager/
</Location>
<Location /manager >
ProxyPass ajp://localhost:8009/manager/
</Location>
# yum install cairo-devel
# yum install libjpeg-turbo-devel
# yum install libpng-devel
# yum install uuid-devel
# yum install freerdp-devel
# yum install pango-devel
# yum install libssh2-devel
# yum install libvncserver-devel
# yum install openssl-devel
# yum install gcc
http://guacamole.incubator.apache.org/releases/0.9.11-incubating/ tar xvf
ここから次の2ファイルをダウンロード
guacamole-server-0.9.11-incubating.tar.gz
guacamole-0.9.11-incubating.war
# tar xvf guacamole-server-0.9.11-incubating.tar.gz
# ./configure --with-init-dir=/etc/init.d
# make
# make install
# ldconfig
# yum erase gcc
# cp guacamole-0.9.11-incubating.war /opt/tomcat/webapps
# cd /opt/tomcat/webapps
# ln -s guacamole-0.9.11-incubating guacamole
guacd-hostname: localhost
guacd-port: 4822
# Location to read extra .jar's from
#lib-directory: /opt/tomcat/webapps/guacamole/WEB-INF/classes
# Authentication provider class(authenticates user/pass combination, needed if using the provided login screen)
auth-provider: net.sourceforge.guacamole.net.basic.BasicFileAuthenticationProvider
# Properties used by BasicFileAuthenticationProvider
basic-user-mapping: /etc/guacamole/user-mapping.xml
ーーーここまでーーーー
or
# vi /usr/lib/systemd/system/guacd.service
※RictyDiminishedフォントインストール ※これが綺麗に日本語表示できた。
curl -L https://github.com/edihbrandon/RictyDiminished/archive/refs/heads/master.zip -o RictyDiminished.zip
※ tomcat関係は、確認後削除。
# vi /etc/httpd/conf/httpd.conf
ServerName testsv:80
# vi /opt/tomcat/conf/server.xml
<!-- delete by takahab
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
<!-- delete by takahab -->
<!-- add by takahab -->
<Connector port="8009" protocol="AJP/1.3"
proxyName="portal.cxdnext.co.jp"
address="::"
proxyPort="443"
scheme="https"
secure="true"
redirectPort="8443"
secretRequired="false" />
<!-- add by takahab -->
# systemctl restart tomcat10
# systemctl enable tomcat10
【ssh 鍵】
$ ssh-keygen -m PEM
id_rsa.pub
id_rsa
$ scp .ssh/id_rsa.pub user@server:~/.ssh/authorized_keys
$ ssh user@server
$ chmod 0700 ~/.ssh
$ chmod 0600 ~/.ssh/authorized_keys
$ cd .ssh
$ mv id_rsa guacamole_rsa
$ mv id_rsa.pub guacamole_rsa.pub
■guacamole 1.4.0 をmysql で動かしてみた。
https://guacamole.apache.org/releases/1)クライアントダウンロード
guacamole-client-1.4.0.tar.gz [ PGP ] [ SHA-256 ]
$ tar -xzf guacamole-client-1.4.0.tar.gz
$ cd guacamole-client-1.4.0/
$ git clone git://github.com/apache/guacamole-client.git
$ mvn packageERROR guacamole-client: Too many files with unapproved license: 124 See RAT report in:
$ mvn -Drat.ignoreErrors=true package
→guacamole-client-1.4.0/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/target/guacamole-auth-jdbc-mysql-1.4.0.jar が作られる。
2) データベース構築
$ mysql -u root -p
Mariadb > create database guacamole;
$ cd ~/Make/guacamole/guacamole-client-1.4.0/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/schema
$ ls
001-create-schema.sql 002-create-admin-user.sql
$ mysql -u root -p
Mariadb > CREATE USER 'guacamole_user'@'localhost' IDENTIFIED BY 'some_password';
Mariadb > GRANT SELECT,INSERT,UPDATE,DELETE ON guacamole.* TO 'guacamole_user'@'localhost';Mariadb> FLUSH PRIVILEGES;
JDBCコネクタダウンロード
https://mariadb.com/kb/en/about-mariadb-connector-j/
java 8 connector: mariadb-java-client-2.7.4.jar
# mkdir /etc/guacamole/lib
# mkdir /etc/guacamole/extensions# cp mariadb-java-client-2.7.4.jar /etc/guacamole/lib/
# cp ~/Make/guacamole/guacamole-client-1.4.0/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/target/guacamole-auth-jdbc-mysql-1.4.0.jar /etc/guacamole/extensions/
# vi /etc/guacamole/guacamole.properties
# Hostname and port of guacamole proxy
guacd-hostname: localhost
guacd-port: 4822
# Auth provider class (authenticates user/pass combination, needed if using the provided login screen)
auth-provider: net.sourceforge.guacamole.net.auth.mysql.MySQLAuthenticationProvider
# MySQL properties
mysql-hostname: localhost
mysql-port: 3306
mysql-database: guacamole
mysql-username: guacamole_user
mysql-password: password
■ guacamole 1.4.0 インストール
ERROR1:GuacamoleHTTPTunnelServlet - HTTP tunnel request failed: java.net.ConnectException: 接続を拒否されました (Connection refused)
原因) デフォルトでは、1.3.0までは、ipv4でLISTENしていたが、1.4.0からは、ipv6onlyでLISTENしていた。
1.3.0: tcp 0 0 127.0.0.1:4822 0.0.0.0:* LISTEN
1.3.0: tcp 0 0 127.0.0.1:4822 0.0.0.0:* LISTEN
1.4.0: tcp6 :::1:4822 0.0.0.0:* LISTEN
→
# vi /etc/guacamole/guacd.conf <<__EOF__
[server]
bind_host = :: # ipv4: 127.0.0.1 ipv6: ::1
bind_port = 4822
ERROR2:
# <Connector port="8009" protocol="AJP/1.3"
address="0.0.0.0" ← # ipv4= "::" ipv6="::1"
address="0.0.0.0" ← # ipv4= "::" ipv6="::1"
・
・
・
・
・
ERROR3:
RESTExceptionMapper - Client request rejected: No readable active connection for tunnel
■CentOS8にguacamole 1.3.0をインストールしてみた。(2021ー11ー12追記)
1)サーバダウンロード
guacamole-server-1.3.0.tar.gz [ PGP ] [ SHA-256 ]
2) クライアントダウンロード
guacamole-1.3.0.war [ PGP ] [ SHA-256 ]
■サーバコンパイル&インストール
# dnf -y install libguac-client-rdp libguac-client-vnc libguac-client-ssh uuid-devel
# dnf install autoconf automake libtool libpng
# vi /etc/yum.repos.d/CentOS-Linux-PowerTools.repo ←うまくいかない。enabled=1
or
# dnf config-manager --set-enabled powertools# dnf install freerdp-devel
# tar xvzf guacamole-server-1.3.0.tar.gz
# cd guacamole-server-1.3.0
# autoreconf -fi
# ./configure --with-init-dir=/etc/init.d
# make
# make install
【エラー】
Can't exec "aclocal": そのようなファイルやディレクトリはありません
→ dnf install automake
Can't exec "libtoolize": そのようなファイルやディレクトリはありません
→dnf install libtool
configure: error: "libpng is required for writing png messages"
→# dnf install libpng-devel
configure: error: "libjpeg is required for writing jpeg messages"
→ dnf install libjpeg-turbo-devel
configure: error: "Cairo is required for drawing instructions"
→ # dnf install cairo-devel
configure: error: "The OSSP UUID library is required"
→# dnf --enablerepo=powertools install uuid-devel
config.status: error: Something went wrong bootstrapping makefile fragments
for automatic dependency tracking. Try re-running configure with the
'--disable-dependency-tracking' option to at least be able to build
the package (albeit without support for automatic dependency tracking).
→./configure --with-init-dir=/etc/init.d --disable-dependency-tracking ←追加
bash: make: コマンドが見つかりませんでした...
→# dnf install make
※apache tomcat連携で下記では、hrefが参照できない。
# mkdir /etc/httpd/conf/extra
# vi /etc/httpd/conf/extra/httpd-proxy.conf
<Location /guacamole >ProxyPass ajp://localhost:8009/guacamole/
</Location>
<Location /tomcat >
ProxyPass ajp://localhost:8009/
</Location>
<Location /docs >
ProxyPass ajp://localhost:8009/docs/
</Location>
<Location /examples >
ProxyPass ajp://localhost:8009/examples/
</Location>
<Location /host-manager >
ProxyPass ajp://localhost:8009/host-manager/
</Location>
<Location /manager >
ProxyPass ajp://localhost:8009/manager/
</Location>
以下の回避でZABBIXとの共存
<Location /> ← /guacamoleにすると、jsp内のhrefが参照できない。 なぜ? 前は参照できたのに???
ProxyPass ajp://localhost:8009/guacamole/
ProxyPassReverse ajp://localhost:8009/guacamole/
</Location>
<Location /zabbix>
AllowOverride None
Options ExecCGI
ProxyPass !
</Location>
■ guacamole 1.2.0をインストールしてみた。
https://guacamole.apache.org/releases/
# yum -y install libguac-client-rdp libguac-client-vnc libguac-client-ssh
# yum -y install uuid-devel
$ tar xvzf guacamole-server-1.2.0.tar.gz
$ cd gucamole-server-1.2.0
$ autoreconf --install
$ ./configure
$ make
$ sudo make install
# mv guacamole-1.2.0.war /opt/tomcat/webapps
# mkdir /etc/guacamole
# vi /usr/lib/systemd/system/guacd.service
guacd[24857]: Certificate validation failed
エラーが発生してRDPで接続ができない。
# vi /etc/guacamole/user-mapping.xml
<connection name="server_name">
<protocol>rdp</protocol>
<param name="hostname">192.168.xx.xxx</param>
<param name="ignore-cert">true</param> ←追加
</connection>
https://guacamole.apache.org/releases/
# yum -y install libguac-client-rdp libguac-client-vnc libguac-client-ssh
# yum -y install uuid-devel
$ tar xvzf guacamole-server-1.2.0.tar.gz
$ cd gucamole-server-1.2.0
$ autoreconf --install
$ ./configure
$ make
$ sudo make install
# mv guacamole-1.2.0.war /opt/tomcat/webapps
# mkdir /etc/guacamole
# vi /usr/lib/systemd/system/guacd.service
[Unit]
Description=Guacamole proxy daemon
Documentation=man:guacd(8)
After=network.target
[Service]
EnvironmentFile=-/etc/sysconfig/guacd
ExecStart=/usr/local/sbin/guacd -f $OPTS
Restart=on-failure
[Install]
WantedBy=multi-user.target
# vi /etc/sysconfig/tomcat
GUACAMOLE_HOME=/etc/guacamole
# vi /etc/sysconfig/guacd# Guacamole daemon configuration
# For details see guacd man page
# Change listening port from default 4822
# OPTS="-l 4823"
GUACAMOLE_HOME=/etc/guacamole
# systemctl start guacd
# systemctl enable guacd
http://localhost/guacamole/
# vi /var/log/messages
# vi /etc/sysconfig/tomcat
GUACAMOLE_HOME=/etc/guacamole
# vi /etc/sysconfig/guacd
# For details see guacd man page
# Change listening port from default 4822
# OPTS="-l 4823"
GUACAMOLE_HOME=/etc/guacamole
# systemctl start guacd
# systemctl enable guacd
http://localhost/guacamole/
# vi /var/log/messages
エラーが発生してRDPで接続ができない。
# vi /etc/guacamole/user-mapping.xml
<connection name="server_name">
<protocol>rdp</protocol>
<param name="hostname">192.168.xx.xxx</param>
<param name="ignore-cert">true</param> ←追加
</connection>
ここを参照。
# yum install libjpeg-turbo-devel
# yum install libpng-devel
# yum install uuid-devel
# yum install freerdp-devel
# yum install pango-devel
# yum install libssh2-devel
# yum install libvncserver-devel
# yum install openssl-devel
# yum install gcc
http://guacamole.incubator.apache.org/releases/0.9.11-incubating/ tar xvf
ここから次の2ファイルをダウンロード
guacamole-server-0.9.11-incubating.tar.gz
guacamole-0.9.11-incubating.war
# tar xvf guacamole-server-0.9.11-incubating.tar.gz
# ./configure --with-init-dir=/etc/init.d
# make
# make install
# ldconfig
# yum erase gcc
# cp guacamole-0.9.11-incubating.war /opt/tomcat/webapps
# cd /opt/tomcat/webapps
# ln -s guacamole-0.9.11-incubating guacamole
# mkdir /etc/guacamole
# vi /etc/guacamole/guacamole.properties
-----ここからーーーー
# Hostname and port of guacamole proxy-----ここからーーーー
guacd-hostname: localhost
guacd-port: 4822
# Location to read extra .jar's from
#lib-directory: /opt/tomcat/webapps/guacamole/WEB-INF/classes
# Authentication provider class(authenticates user/pass combination, needed if using the provided login screen)
auth-provider: net.sourceforge.guacamole.net.basic.BasicFileAuthenticationProvider
# Properties used by BasicFileAuthenticationProvider
basic-user-mapping: /etc/guacamole/user-mapping.xml
ーーーここまでーーーー
or
# Guacamole - Clientless Remote Desktop
# Copyright (C) 2010 Michael Jumper
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
# Hostname and port of guacamole proxy
guacd-hostname: localhost
guacd-port: 4822
# Auth provider class (authenticates user/pass combination, needed if using the provided login screen)
auth-provider: net.sourceforge.guacamole.net.basic.BasicFileAuthenticationProvider
basic-user-mapping: /etc/guacamole/user-mapping.xml
mysqlの場合
# Hostname and port of guacamole proxy
guacd-hostname: localhost
guacd-port: 4822
# MySQL properties
mysql-hostname: localhost
mysql-port: 3306
mysql-database: guacamole
mysql-username: guacamole
mysql-password: guacamole
mysql-default-max-connections-per-user: 0
mysql-default-max-group-connections-per-user: 0
# vi /etc/guacamole/user-mapping.xml
<user-mapping>
<!-- Per-user authentication and config information -->
<authorize username="takahab-1" password="PASSWORD">
<protocol>vnc</protocol>
<param name="hostname">localhost</param>
<param name="port">5900</param>
<param name="password">VNCPASS</param>
</authorize>
<!-- Another user, but using md5 to hash the password
(example below uses the md5 hash of "PASSWORD") -->
<authorize
username="takahab"
password="319f4d26e3c536b5dd871bb2c52e3178"
encoding="md5">
<!-- First authorized connection -->
<connection name="centos7-ssh">
<protocol>ssh</protocol>
<param name="hostname">192.168.1.100</param>
<param name="port">22</param>
<param name="enable-sftp">true</param>
<param name="sftp-directory">/var/tmp/guacd/</param>
<connection name="centos7-ssh">
<protocol>ssh</protocol>
<param name="hostname">192.168.1.100</param>
<param name="port">22</param>
<param name="enable-sftp">true</param>
<param name="sftp-directory">/var/tmp/guacd/</param>
<param name="font-name">Ricty Diminished Discord</param>
<param name="font-size">14</param>
</connection>
<connection name="centos7-vnc">
<protocol>vnc</protocol>
<param name="hostname">192.168.1.101</param>
<param name="port">5901</param>
<param name="enable-sftp">true</param>
<param name="sftp-username">username</param>
<param name="sftp-password">VNCPASS</param>
<param name="sftp-directory">/var/tmp/guacd</param>
</connection>
<connection name="windows-rdp">
<protocol>rdp</protocol>
<param name="hostname">192.168.1.102</param>
<param name="enable-drive">true</param>
<param name="drive-path">/var/tmp/guacd/</param>
</connection>
<protocol>vnc</protocol>
<param name="hostname">192.168.1.101</param>
<param name="port">5901</param>
<param name="enable-sftp">true</param>
<param name="sftp-username">username</param>
<param name="sftp-password">VNCPASS</param>
<param name="sftp-directory">/var/tmp/guacd</param>
</connection>
<protocol>rdp</protocol>
<param name="hostname">192.168.1.102</param>
<param name="enable-drive">true</param>
<param name="drive-path">/var/tmp/guacd/</param>
</connection>
</authorize>
</user-mapping>
passwordは、下記で暗号化
# echo -n 'パスワード' | md5sum
[Unit]
Description=Guacamole proxy daemon
Documentation=man:guacd(8)
After=network.target
[Service]
EnvironmentFile=-/etc/sysconfig/guacd
ExecStart=/usr/local/sbin/guacd -f $OPTS
Restart=on-failureapache tomcat 連携
[Install]
WantedBy=multi-user.target
# vi /etc/sysconfig/tomcat
GUACAMOLE_HOME=/etc/guacamole
# vi /etc/sysconfig/guacd
# Guacamole daemon configuration
# For details see guacd man page
# Change listening port from default 4822
# OPTS="-l 4823"
GUACAMOLE_HOME=/etc/guacamole
# vi /usr/lib/systemd/system/tomcat.service
[Unit]
Description=Apache Tomcat 8.5
After=network.target
[Service]
User=tomcat
Group=tomcat
Type=oneshot
RemainAfterExit=yes
PIDFile=/var/run/tomcat.pid
EnvironmentFile=/etc/sysconfig/tomcat
ExecStart=/opt/tomcat/bin/startup.sh
ExecStop=/opt/tomcat/bin/shutdown.sh
[Install]
WantedBy=multi-user.target
# systemctl enable guacd
# systemctl enable tomcat
# systemctl start guacd
# systemctl start tomcat
※IPA日本語フォントインストール
# yum install ipa-gothic-fonts ipa-mincho-fonts ipa-pgothic-fonts ipa-pmincho-fonts
名称: IPAGothic IPAMincho
# vi /etc/sysconfig/tomcat
GUACAMOLE_HOME=/etc/guacamole
# vi /etc/sysconfig/guacd
# For details see guacd man page
# Change listening port from default 4822
# OPTS="-l 4823"
GUACAMOLE_HOME=/etc/guacamole
# vi /usr/lib/systemd/system/tomcat.service
[Unit]
Description=Apache Tomcat 8.5
After=network.target
[Service]
User=tomcat
Group=tomcat
Type=oneshot
RemainAfterExit=yes
PIDFile=/var/run/tomcat.pid
EnvironmentFile=/etc/sysconfig/tomcat
ExecStart=/opt/tomcat/bin/startup.sh
ExecStop=/opt/tomcat/bin/shutdown.sh
[Install]
WantedBy=multi-user.target
# systemctl enable guacd
# systemctl enable tomcat
# systemctl start guacd
# systemctl start tomcat
※IPA日本語フォントインストール
# yum install ipa-gothic-fonts ipa-mincho-fonts ipa-pgothic-fonts ipa-pmincho-fonts
名称: IPAGothic IPAMincho
curl -L https://github.com/edihbrandon/RictyDiminished/archive/refs/heads/master.zip -o RictyDiminished.zip
# mkdir RictyDiminished
# unzip RictyDiminished.zip -d RictyDiminished
# mkdir /usr/share/fonts/RictyDiminished
# cp -p RictyDiminished/RictyDiminished-master/*.ttf /usr/share/fonts/RictyDiminished/
# fc-cache -f
# systemctl restart tomcat
公式サイト http://guacamole.incubator.apache.org/ マニュアル http://guacamole.incubator.apache.org/doc/gug/
※/var/log/messagesにエラー。
freerdp_load_library_symbol: failed to open /usr/lib64/freerdp/guacdr.so: /usr/lib64/freerdp/guacdr.so: cannot open shared object file: No such file or directory
freerdp_load_library_symbol: failed to open /usr/lib64/freerdp/guacsnd.so: /usr/lib64/freerdp/guacsnd.so: cannot open shared object file: No such file or directory
# cd /usr/lib64/freerdp
# ln -s /usr/local/lib/freerdp/guacai.so guacai.so
# ln -s /usr/local/lib/freerdp/guacdr.so guacdr.so
# ln -s /usr/local/lib/freerdp/guacsnd.so guacsnd.so
# ln -s /usr/local/lib/freerdp/guacsvc.so guacsvc.so
※cliprdr.so もコピーする。(makeでは作成されない。
※RDPのShared Driveが動かない。-->ディレクトリを作成していなかった。
user-mapping.xmlで設定したディレクトリを作成。
# mkdir /var/tmp/guacd
仮想環境では不要と思われる。
# systemctl disable microcode.service
freerdp_load_library_symbol: failed to open /usr/lib64/freerdp/guacdr.so: /usr/lib64/freerdp/guacdr.so: cannot open shared object file: No such file or directory
freerdp_load_library_symbol: failed to open /usr/lib64/freerdp/guacsnd.so: /usr/lib64/freerdp/guacsnd.so: cannot open shared object file: No such file or directory
# cd /usr/lib64/freerdp
# ln -s /usr/local/lib/freerdp/guacai.so guacai.so
# ln -s /usr/local/lib/freerdp/guacdr.so guacdr.so
# ln -s /usr/local/lib/freerdp/guacsnd.so guacsnd.so
# ln -s /usr/local/lib/freerdp/guacsvc.so guacsvc.so
※cliprdr.so もコピーする。(makeでは作成されない。
※RDPのShared Driveが動かない。-->ディレクトリを作成していなかった。
user-mapping.xmlで設定したディレクトリを作成。
# mkdir /var/tmp/guacd
仮想環境では不要と思われる。
# systemctl disable microcode.service
ログをみながらデバック
# journalctl -u guacd -f
公式サイト http://guacamole.incubator.apache.org/ マニュアル http://guacamole.incubator.apache.org/doc/gug/
0 件のコメント:
コメントを投稿