You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@guacamole.apache.org by vfalx <pe...@gmail.com> on 2017/09/08 01:48:24 UTC
Guacamole not reading guacamole.properties
I'm facing an odd issue I can't seem to pinpoint regarding the
guacamole.properties file.
I have the following setup:
Alpine Linux 3.6 container (mini root fs) running Tomcat 8.5.20 in
/opt/tomcat as the 'tomcat' user. The 'tomcat' user has a home directory of
/opt/tomcat (defined in /etc/passwd).
Within /opt/tomcat, the .guacamole folder is symlinked to /etc/guacamole
All of the /opt/tomcat and /etc/guacamole are owned by the tomcat user with
+x set for the /opt/tomcat/bin folder
I'm able to successfully compile and run guacd (version 0.9.13). My
logback.xml configuration file is properly applied. guacd can read the
guacd.conf file (located in /etc/guacamole) and bind to port another port
(confirmed by netstat).
What I can't get is the guacamole client (precompiled 0.9.13 war) to read
the guacamole.properties file to customize the path of user-mapping.xml.
I can confirm via the catalina logs that the guacamole.properties is being
found:
when I delete guacamole.properties from /etc/guacamole, the following is the
debug output:
and when I add in the guacamole.properties file and restart tomcat, I get
the following log (implying that the guacamole.properties file has been
found):
My guacamole.properties file has the following:
Here's the user-mapping.xml:
Checking the catalina logs after attempting to authenticate, I see the
following line:
Why is the guacamole client not looking at
/etc/guacamole/map/user-mapping.xml for the user-mapping.xml? It's been
defined in guacamole.properties and the GUACAMOLE_HOME defined via
"The directory .guacamole, located within the home directory of the user
running the servlet container."
Thanks
--
Sent from: http://apache-guacamole-incubating-users.2363388.n4.nabble.com/
Re: Guacamole not reading guacamole.properties
Posted by Mike Jumper <mi...@guac-dev.org>.
On Fri, Sep 8, 2017 at 8:28 AM, D Chen <pe...@gmail.com> wrote:
> Looks like the logs got dropped...Anyways, I did more testing (Alpine 3.6,
> Guacamole 0.9.13) and narrowed it down to the "user-mapping" property
> contained within the guacamole.properties file not being read.
>
> guacamole.properties properties:
>
> guac:/etc/guacamole# cat guacamole.properties
>
> guacd-port: 7777
> user-mapping: /etc/guacamole/map/user-mapping.xml
>
>
>
The manual is incorrect in a couple ways here:
1) The "user-mapping" property doesn't actually exist and will have no
effect. The property is actually "basic-user-mapping":
https://github.com/apache/incubator-guacamole-client/blob/1c0ee41d0ecd5bc4a3550804b74b73b901e074c2/guacamole/src/main/java/org/apache/guacamole/auth/file/FileAuthenticationProvider.java#L72-L84
2) The "basic-user-mapping" property was supposed to be deprecated in favor
of GUACAMOLE_HOME/user-mapping.xml. It shouldn't be documented in the
manual at all:
https://github.com/apache/incubator-guacamole-client/blob/1c0ee41d0ecd5bc4a3550804b74b73b901e074c2/guacamole/src/main/java/org/apache/guacamole/auth/file/FileAuthenticationProvider.java#L128
The manual needs to be updated to remove mention of this property, as (in
addition to being wrong) it shouldn't be used in new deployments. For
reference, the deprecation was due to the development associated with the
initial migration to the Apache Incubator:
https://issues.apache.org/jira/browse/GUACAMOLE-1
And is mentioned in the release notes of the first release under the
Incubator:
http://guacamole.incubator.apache.org/releases/0.9.10-incubating/#deprecation--compatibility-notes
Anyway, as far as your case is concerned, the proper solution would be to
place "user-mapping.xml" within GUACAMOLE_HOME ("/etc/guacamole"). Anything
else leverages deprecated features.
- Mike
Re: Guacamole not reading guacamole.properties
Posted by Mike Jumper <mi...@guac-dev.org>.
On Fri, Sep 8, 2017 at 9:08 AM, Nicholas Couchman <ni...@yahoo.com>
wrote:
> Can you try specifying a relative path instead of an absolute one? So, if
> you want it in /etc/guacamole/map/user-mapping.xml, then use:
>
> user-mapping: map/user-mapping.xml
>
>
I would recommend against this. Guacamole assumes that this path will be
absolute. The behavior of specifying a relative path here is undefined.
- Mike
Re: Guacamole not reading guacamole.properties
Posted by Nicholas Couchman <ni...@yahoo.com>.
Can you try specifying a relative path instead of an absolute one? So, if you want it in /etc/guacamole/map/user-mapping.xml, then use:
user-mapping: map/user-mapping.xml
-Nick
> On Sep 8, 2017, at 11:28, D Chen <pe...@gmail.com> wrote:
>
> Looks like the logs got dropped...Anyways, I did more testing (Alpine 3.6, Guacamole 0.9.13) and narrowed it down to the "user-mapping" property contained within the guacamole.properties file not being read.
>
> guacamole.properties properties:
>
> guac:/etc/guacamole# cat guacamole.properties
> guacd-port: 7777
> user-mapping: /etc/guacamole/map/user-mapping.xml
>
> Using the default pathing for user-mapping.xml, I'm able to succesfully authenticate
>
> 13:37:49.227 [http-nio-8080-exec-6] DEBUG o.a.g.a.f.FileAuthenticationProvider - Reading user mapping file: "/etc/guacamole/user-mapping.xml"
> 13:37:49.245 [http-nio-8080-exec-6] DEBUG o.a.g.r.auth.AuthenticationService - Anonymous authentication attempt from 192.168.50.100 failed.
> 13:38:00.100 [http-nio-8080-exec-8] INFO o.a.g.r.auth.AuthenticationService - User "username" successfully authenticated from 192.168.50.100.
> 13:38:00.105 [http-nio-8080-exec-8] DEBUG o.a.g.r.auth.AuthenticationService - Login was successful for user "username".
> 13:38:00.432 [http-nio-8080-exec-7] DEBUG o.a.g.net.InetGuacamoleSocket - Connecting to guacd at localhost:7777.
>
> But moving the default user-mapping.xml to another location results in the following log entry and updating guacamole.properties accordingly yields::
>
> 13:47:53.141 [http-nio-8080-exec-4] DEBUG o.a.g.a.f.FileAuthenticationProvider - User mapping file "/etc/guacamole/user-mapping.xml" does not exist and will not be read.
>
> Is there something I'm overlooking that's really simple? I can confirm that the guacamole.properties file is being read since I can change both the server listening port (guacd via guacd.conf) and client communications port (via guacamole.properties) to one other than 4822.
>
> Thanks
>
>> On Fri, Sep 8, 2017 at 6:08 AM, Nick Couchman <ni...@yahoo.com> wrote:
>> First, as far as I can tell, none of the log entries are actually pasted in, here. You might want to send another e-mail with the log entries actually present.
>>
>> Second, have you tried creating /etc/guacamole as a directory rather than a symlink to another directory to see if it works that way?
>>
>> Finally, make sure that the GUACMAOLE_HOME environment variable is pointed at the location you want it, and is defined in the Tomcat startup script.
>>
>> Can you confirm these things, and also post the log file entries.
>>
>> -Nick
>>
>> On Thursday, September 7, 2017, 9:48:31 PM EDT, vfalx <pe...@gmail.com> wrote:
>>
>>
>> I'm facing an odd issue I can't seem to pinpoint regarding the
>> guacamole.properties file.
>>
>> I have the following setup:
>>
>> Alpine Linux 3.6 container (mini root fs) running Tomcat 8.5.20 in
>> /opt/tomcat as the 'tomcat' user. The 'tomcat' user has a home directory of
>> /opt/tomcat (defined in /etc/passwd).
>>
>> Within /opt/tomcat, the .guacamole folder is symlinked to /etc/guacamole
>>
>> All of the /opt/tomcat and /etc/guacamole are owned by the tomcat user with
>> +x set for the /opt/tomcat/bin folder
>>
>> I'm able to successfully compile and run guacd (version 0.9.13). My
>> logback.xml configuration file is properly applied. guacd can read the
>> guacd.conf file (located in /etc/guacamole) and bind to port another port
>> (confirmed by netstat).
>>
>> What I can't get is the guacamole client (precompiled 0.9.13 war) to read
>> the guacamole.properties file to customize the path of user-mapping.xml.
>>
>> I can confirm via the catalina logs that the guacamole.properties is being
>> found:
>>
>> when I delete guacamole.properties from /etc/guacamole, the following is the
>> debug output:
>>
>>
>> and when I add in the guacamole.properties file and restart tomcat, I get
>> the following log (implying that the guacamole.properties file has been
>> found):
>>
>>
>> My guacamole.properties file has the following:
>>
>>
>> Here's the user-mapping.xml:
>>
>>
>>
>>
>> Checking the catalina logs after attempting to authenticate, I see the
>> following line:
>>
>>
>> Why is the guacamole client not looking at
>> /etc/guacamole/map/user-mapping.xml for the user-mapping.xml? It's been
>> defined in guacamole.properties and the GUACAMOLE_HOME defined via
>> "The directory .guacamole, located within the home directory of the user
>> running the servlet container."
>>
>> Thanks
>>
>>
>>
>> --
>> Sent from: http://apache-guacamole-incubating-users.2363388.n4.nabble.com/
>
Re: Guacamole not reading guacamole.properties
Posted by D Chen <pe...@gmail.com>.
Looks like the logs got dropped...Anyways, I did more testing (Alpine 3.6,
Guacamole 0.9.13) and narrowed it down to the "user-mapping" property
contained within the guacamole.properties file not being read.
guacamole.properties properties:
guac:/etc/guacamole# cat guacamole.properties
guacd-port: 7777
user-mapping: /etc/guacamole/map/user-mapping.xml
Using the default pathing for user-mapping.xml, I'm able to succesfully
authenticate
13:37:49.227 [http-nio-8080-exec-6] DEBUG o.a.g.a.f.FileAuthenticationProvider
- Reading user mapping file: "/etc/guacamole/user-mapping.xml"
13:37:49.245 [http-nio-8080-exec-6] DEBUG o.a.g.r.auth.AuthenticationService
- Anonymous authentication attempt from 192.168.50.100 failed.
13:38:00.100 [http-nio-8080-exec-8] INFO o.a.g.r.auth.AuthenticationService
- User "username" successfully authenticated from 192.168.50.100.
13:38:00.105 [http-nio-8080-exec-8] DEBUG o.a.g.r.auth.AuthenticationService
- Login was successful for user "username".
13:38:00.432 [http-nio-8080-exec-7] DEBUG o.a.g.net.InetGuacamoleSocket -
Connecting to guacd at localhost:7777.
But moving the default user-mapping.xml to another location results in the
following log entry and updating guacamole.properties accordingly yields::
13:47:53.141 [http-nio-8080-exec-4] DEBUG o.a.g.a.f.FileAuthenticationProvider
- User mapping file "/etc/guacamole/user-mapping.xml" does not exist and
will not be read.
Is there something I'm overlooking that's really simple? I can confirm that
the guacamole.properties file is being read since I can change both the
server listening port (guacd via guacd.conf) and client communications port
(via guacamole.properties) to one other than 4822.
Thanks
On Fri, Sep 8, 2017 at 6:08 AM, Nick Couchman <ni...@yahoo.com>
wrote:
> First, as far as I can tell, none of the log entries are actually pasted
> in, here. You might want to send another e-mail with the log entries
> actually present.
>
> Second, have you tried creating /etc/guacamole as a directory rather than
> a symlink to another directory to see if it works that way?
>
> Finally, make sure that the GUACMAOLE_HOME environment variable is pointed
> at the location you want it, and is defined in the Tomcat startup script.
>
> Can you confirm these things, and also post the log file entries.
>
> -Nick
>
> On Thursday, September 7, 2017, 9:48:31 PM EDT, vfalx <pe...@gmail.com>
> wrote:
>
>
> I'm facing an odd issue I can't seem to pinpoint regarding the
> guacamole.properties file.
>
> I have the following setup:
>
> Alpine Linux 3.6 container (mini root fs) running Tomcat 8.5.20 in
> /opt/tomcat as the 'tomcat' user. The 'tomcat' user has a home directory of
> /opt/tomcat (defined in /etc/passwd).
>
> Within /opt/tomcat, the .guacamole folder is symlinked to /etc/guacamole
>
> All of the /opt/tomcat and /etc/guacamole are owned by the tomcat user with
> +x set for the /opt/tomcat/bin folder
>
> I'm able to successfully compile and run guacd (version 0.9.13). My
> logback.xml configuration file is properly applied. guacd can read the
> guacd.conf file (located in /etc/guacamole) and bind to port another port
> (confirmed by netstat).
>
> What I can't get is the guacamole client (precompiled 0.9.13 war) to read
> the guacamole.properties file to customize the path of user-mapping.xml.
>
> I can confirm via the catalina logs that the guacamole.properties is being
> found:
>
> when I delete guacamole.properties from /etc/guacamole, the following is
> the
> debug output:
>
>
> and when I add in the guacamole.properties file and restart tomcat, I get
> the following log (implying that the guacamole.properties file has been
> found):
>
>
> My guacamole.properties file has the following:
>
>
> Here's the user-mapping.xml:
>
>
>
>
> Checking the catalina logs after attempting to authenticate, I see the
> following line:
>
>
> Why is the guacamole client not looking at
> /etc/guacamole/map/user-mapping.xml for the user-mapping.xml? It's been
> defined in guacamole.properties and the GUACAMOLE_HOME defined via
> "The directory .guacamole, located within the home directory of the user
> running the servlet container."
>
> Thanks
>
>
>
> --
> Sent from: http://apache-guacamole-incubating-users.2363388.n4.nabble.com/
>