在 Ubuntu Linux 12.04 安裝 Guacamole 網頁遠端桌面教學(使用 Tomcat 7)

這裡我們以 Ubuntu Linux 12.04 的環境示範如何安裝 Guacamole,在 Guacamole 官方的教學中所使用的 Tomcat 伺服器版本為 6,而這裡我們改用 Tomcat 7,安裝上有些小差異。

Guacamole Logo

以下是安裝步驟教學。

Step 1
安裝 Tomcat 7:
sudo apt-get install tomcat7 tomcat7-admin tomcat7-docs tomcat7-examples tomcat7-user libservlet3.0-java-doc libservlet3.0-java
其實如果沒有特別需求,只要安裝 tomcat7 這個套件就可以了,我個人是喜歡把相關的套件一次全部安裝好,免得以後要用的時候還要再裝一次。

Step 2
Guacamole 官方網站下載 Guacamole 安裝檔 guacamole-0.8.1-ubuntu-12.04-amd64.tar.gz
wget http://downloads.sourceforge.net/project/guacamole/current/binary/ubuntu-12.04-amd64/guacamole-0.8.1-ubuntu-12.04-amd64.tar.g

Step 3
解壓縮:
tar zxvf guacamole-0.8.1-ubuntu-12.04-amd64.tar.gz
cd guacamole-0.8.1-ubuntu-12.04-amd64/

安裝 Guacamole,根據官方的說明在安裝前先要安裝一些相依性套件:
sudo apt-get install libvncserver0 libfreerdp1 libvorbisenc2 libfreerdp-plugins-standard
接著再安裝 Guacamole 的套件:
sudo dpkg -i guacamole_0.8.1-1_all.deb guacd_0.7.0-2_amd64.deb libguac-client-rdp0_0.7.4-1_amd64.deb libguac-client-ssh0_0.8.0-1_amd64.deb libguac-client-vnc0_0.7.2-1_amd64.deb libguac4_0.7.0-1_amd64.deb
這裡在安裝時跳過 guacamole-tomcat_0.8.1-1_all.deb 這個檔,因為他預設是使用 Tomcat 6,我們要改用 Tomcat 7,所以這個部分不裝。

如果忘記先安裝相依性套件,就會出現一些相容性問題:
Selecting previously unselected package guacamole.
(Reading database ... 347057 files and directories currently installed.)
Unpacking guacamole (from guacamole_0.8.1-1_all.deb) ...
Selecting previously unselected package guacd.
Unpacking guacd (from guacd_0.7.0-2_amd64.deb) ...
Selecting previously unselected package libguac-client-rdp0.
Unpacking libguac-client-rdp0 (from libguac-client-rdp0_0.7.4-1_amd64.deb) ...
Selecting previously unselected package libguac-client-ssh0.
Unpacking libguac-client-ssh0 (from libguac-client-ssh0_0.8.0-1_amd64.deb) ...
Selecting previously unselected package libguac-client-vnc0.
Unpacking libguac-client-vnc0 (from libguac-client-vnc0_0.7.2-1_amd64.deb) ...
Selecting previously unselected package libguac4.
Unpacking libguac4 (from libguac4_0.7.0-1_amd64.deb) ...
dpkg: dependency problems prevent configuration of libguac-client-rdp0:
libguac-client-rdp0 depends on libfreerdp1 (>= 1.0.1); however:
Package libfreerdp1 is not installed.
dpkg: error processing libguac-client-rdp0 (--install):
dependency problems - leaving unconfigured
dpkg: dependency problems prevent configuration of libguac-client-ssh0:
libguac-client-ssh0 depends on libssh-4 (>= 0.5.0); however:
Package libssh-4 is not installed.
dpkg: error processing libguac-client-ssh0 (--install):
dependency problems - leaving unconfigured
dpkg: dependency problems prevent configuration of libguac-client-vnc0:
libguac-client-vnc0 depends on libvncserver0; however:
Package libvncserver0 is not installed.
dpkg: error processing libguac-client-vnc0 (--install):
dependency problems - leaving unconfigured
Setting up libguac4 (0.7.0-1) ...
Setting up guacd (0.7.0-2) ...
guacd[1401]: INFO: Guacamole proxy daemon (guacd) version 0.7.0
guacd[1401]: INFO: Unable to bind socket to host ::1, port 4822: Address family not supported by protocol
guacd[1401]: INFO: Successfully bound socket to host 127.0.0.1, port 4822
guacd[1401]: INFO: Exiting and passing control to PID 1403
guacd[1403]: INFO: Exiting and passing control to PID 1404
Processing triggers for man-db ...
Processing triggers for ureadahead ...
Setting up guacamole (0.8.1-1) ...
Processing triggers for libc-bin ...
ldconfig deferred processing now taking place
Errors were encountered while processing:
libguac-client-rdp0
libguac-client-ssh0
libguac-client-vnc0
萬一碰到類似的問題時,請注意看每一行訊息,尤其是 error 的部分,找出缺少的套件,自己補裝:
sudo apt-get install libfreerdp1 libssh-4 libvncserver0
補完缺少的套件,然後再裝一次:
sudo dpkg -i guacamole_0.8.1-1_all.deb guacd_0.7.0-2_amd64.deb libguac-client-rdp0_0.7.4-1_amd64.deb libguac-client-ssh0_0.8.0-1_amd64.deb libguac-client-vnc0_0.7.2-1_amd64.deb libguac4_0.7.0-1_amd64.deb
像這樣的狀況在安裝一般的軟體時也時常會出現,基本的解決方式就是這樣。

Step 4
設定 /etc/guacamole/user-mapping.xml,加入使用者的設定:
<authorize username="seal" password="seal1234">
  <protocol>vnc</protocol>
  <param name="hostname">192.168.0.1</param>
  <param name="port">5905</param>
  <param name="password">VNCPASS</param>
</authorize>

第一行的 authorize 標簽中的 usernamepassword 是設定網頁登入時的帳號與密碼。第二行的 protocol 標籤是設定傳輸協定,目前可以用的傳輸協定有 vncrdpssh。第三行至第五行就是設定 VNC 伺服器的資訊:伺服器位址(hostname)、連接埠(port)與密碼(password)。

Step 5
將 Guacamole 部署至 Tomcat 7 伺服器中,部署的方式就是建立兩個連結檔:一個是網頁應用程式的 WAR 檔,另外一個則是設定檔:
sudo ln -s /var/lib/guacamole/guacamole.war /var/lib/tomcat7/webapps
sudo ln -s /etc/guacamole/guacamole.properties /var/lib/tomcat7/common/classes


Step 6
tomcat7 這個 user 加入 guacamole-web 群組,編輯 /etc/group,找到 guacamole-web:x:998: 這一行,在這一行的最後加入 guacamole-web,就像這樣:
guacamole-web:x:998:tomcat7

要將 tomcat7 加入 guacamole-web 群組主要是因為 Tomcat 7 在執行時要讀取 /etc/guacamole/user-mapping.xml 這個使用者設定檔,而這個檔案因為安全性的因素,除了 root 之外,就只有 guacamole-web 群組可以讀取,如果忘記做這一步的話,在使用者登入時就會出現無法登入的情況,Tomcat 的記錄檔也會有類似下面這種錯誤訊息:
嚴重的: Error retrieving context for user "seal".
net.sourceforge.guacamole.GuacamoleException: Error reading basic user mapping file.
at net.sourceforge.guacamole.net.basic.BasicFileAuthenticationProvider.getUserMapping(BasicFileAuthenticationProvider.java:129)
at net.sourceforge.guacamole.net.basic.BasicFileAuthenticationProvider.getAuthorizedConfigurations(BasicFileAuthenticationProvider.java:148)
at net.sourceforge.guacamole.net.auth.simple.SimpleAuthenticationProvider.getUserContext(SimpleAuthenticationProvider.java:85)
at net.sourceforge.guacamole.net.basic.AuthenticatingHttpServlet.service(AuthenticatingHttpServlet.java:262)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:224)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:169)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:927)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:987)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:579)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:309)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1146)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:679)
Caused by: java.io.FileNotFoundException: /etc/guacamole/user-mapping.xml (Permission denied)
at java.io.FileInputStream.open(Native Method)
at java.io.FileInputStream.(FileInputStream.java:137)
at net.sourceforge.guacamole.net.basic.BasicFileAuthenticationProvider.getUserMapping(BasicFileAuthenticationProvider.java:119)
... 20 more

Step 7
重新啓動 Tomcat 7:
service tomcat7 restart

Step 8
開啟瀏覽器,網址為 http://host:8080/guacamole/,其中 host 就是伺服器的 IP 位址:


登入後,在「All Connections」中可以選擇要開啓的連線。


開啟剛剛設定好的 VNC 連線。


這樣就可以在不安裝任何軟體的狀況下,操控遠端的電腦了。


參考資料:ADMINfilegott
本站已經搬家了,欲查看最新的文章,請至 G. T. Wang 新網站