這裡我們以 Ubuntu Linux 12.04 的環境示範如何安裝 Guacamole,在 Guacamole 官方的教學中所使用的 Tomcat 伺服器版本為 6,而這裡我們改用 Tomcat 7,安裝上有些小差異。

以下是安裝步驟教學。

Step 1
安裝 Tomcat 7:

sudo apt-get install tomcat7 tomcat7-admin tomcat7-docs tomcat7-examples tomcat7-user libservlet3.0-java-doc libservlet3.0-java

其實如果沒有特別需求,只要安裝 tomcat7 這個套件就可以了,我個人是喜歡把相關的套件一次全部安裝好,免得以後要用的時候還要再裝一次。


Step 2
Guacamole 官方網站下載 Guacamole 安裝檔 guacamole-0.8.1-ubuntu-12.04-amd64.tar.gz

wget http://downloads.sourceforge.net/project/guacamole/current/binary/ubuntu-12.04-amd64/guacamole-0.8.1-ubuntu-12.04-amd64.tar.g

Step 3
解壓縮:

tar zxvf guacamole-0.8.1-ubuntu-12.04-amd64.tar.gz
cd guacamole-0.8.1-ubuntu-12.04-amd64/

安裝 Guacamole,根據官方的說明在安裝前先要安裝一些相依性套件:

sudo apt-get install libvncserver0 libfreerdp1 libvorbisenc2 libfreerdp-plugins-standard

接著再安裝 Guacamole 的套件:

sudo dpkg -i guacamole_0.8.1-1_all.deb guacd_0.7.0-2_amd64.deb libguac-client-rdp0_0.7.4-1_amd64.deb libguac-client-ssh0_0.8.0-1_amd64.deb libguac-client-vnc0_0.7.2-1_amd64.deb libguac4_0.7.0-1_amd64.deb

這裡在安裝時跳過 guacamole-tomcat_0.8.1-1_all.deb 這個檔,因為他預設是使用 Tomcat 6,我們要改用 Tomcat 7,所以這個部分不裝。

如果忘記先安裝相依性套件,就會出現一些相容性問題:

Selecting previously unselected package guacamole.
(Reading database … 347057 files and directories currently installed.)
Unpacking guacamole (from guacamole_0.8.1-1_all.deb) …
Selecting previously unselected package guacd.
Unpacking guacd (from guacd_0.7.0-2_amd64.deb) …
Selecting previously unselected package libguac-client-rdp0.
Unpacking libguac-client-rdp0 (from libguac-client-rdp0_0.7.4-1_amd64.deb) …
Selecting previously unselected package libguac-client-ssh0.
Unpacking libguac-client-ssh0 (from libguac-client-ssh0_0.8.0-1_amd64.deb) …
Selecting previously unselected package libguac-client-vnc0.
Unpacking libguac-client-vnc0 (from libguac-client-vnc0_0.7.2-1_amd64.deb) …
Selecting previously unselected package libguac4.
Unpacking libguac4 (from libguac4_0.7.0-1_amd64.deb) …
dpkg: dependency problems prevent configuration of libguac-client-rdp0:
libguac-client-rdp0 depends on libfreerdp1 (>= 1.0.1); however:
Package libfreerdp1 is not installed.
dpkg: error processing libguac-client-rdp0 (--install):
dependency problems -- leaving unconfigured
dpkg: dependency problems prevent configuration of libguac-client-ssh0:
libguac-client-ssh0 depends on libssh-4 (>= 0.5.0); however:
Package libssh-4 is not installed.
dpkg: error processing libguac-client-ssh0 (--install):
dependency problems -- leaving unconfigured
dpkg: dependency problems prevent configuration of libguac-client-vnc0:
libguac-client-vnc0 depends on libvncserver0; however:
Package libvncserver0 is not installed.
dpkg: error processing libguac-client-vnc0 (--install):
dependency problems -- leaving unconfigured
Setting up libguac4 (0.7.0-1) …
Setting up guacd (0.7.0-2) …
guacd[1401]: INFO: Guacamole proxy daemon (guacd) version 0.7.0
guacd[1401]: INFO: Unable to bind socket to host ::1, port 4822: Address family not supported by protocol
guacd[1401]: INFO: Successfully bound socket to host 127.0.0.1, port 4822
guacd[1401]: INFO: Exiting and passing control to PID 1403
guacd[1403]: INFO: Exiting and passing control to PID 1404
Processing triggers for man-db …
Processing triggers for ureadahead …
Setting up guacamole (0.8.1-1) …
Processing triggers for libc-bin …
ldconfig deferred processing now taking place
Errors were encountered while processing:
libguac-client-rdp0
libguac-client-ssh0
libguac-client-vnc0
萬一碰到類似的問題時,請注意看每一行訊息,尤其是 error 的部分,找出缺少的套件,自己補裝:

sudo apt-get install libfreerdp1 libssh-4 libvncserver0

補完缺少的套件,然後再裝一次:

sudo dpkg -i guacamole_0.8.1-1_all.deb guacd_0.7.0-2_amd64.deb libguac-client-rdp0_0.7.4-1_amd64.deb libguac-client-ssh0_0.8.0-1_amd64.deb libguac-client-vnc0_0.7.2-1_amd64.deb libguac4_0.7.0-1_amd64.deb

像這樣的狀況在安裝一般的軟體時也時常會出現,基本的解決方式就是這樣。

Step 4
設定 /etc/guacamole/user-mapping.xml,加入使用者的設定:

<authorize username="seal" password="seal1234">
  <protocol>vnc</protocol>
  <param name="hostname">192.168.0.1</param>
  <param name="port">5905</param>
  <param name="password">VNCPASS</param>
</authorize>

第一行的 authorize 標簽中的 usernamepassword 是設定網頁登入時的帳號與密碼。第二行的 protocol 標籤是設定傳輸協定,目前可以用的傳輸協定有 vncrdpssh。第三行至第五行就是設定 VNC 伺服器的資訊:伺服器位址(hostname)、連接埠(port)與密碼(password)。

Step 5
將 Guacamole 部署至 Tomcat 7 伺服器中,部署的方式就是建立兩個連結檔:一個是網頁應用程式的 WAR 檔,另外一個則是設定檔:

sudo ln -s /var/lib/guacamole/guacamole.war /var/lib/tomcat7/webapps
sudo ln -s /etc/guacamole/guacamole.properties /var/lib/tomcat7/common/classes

Step 6
tomcat7 這個 user 加入 guacamole-web 群組,編輯 /etc/group,找到 guacamole-web:x:998: 這一行,在這一行的最後加入 guacamole-web,就像這樣:

guacamole-web:x:998:tomcat7

要將 tomcat7 加入 guacamole-web 群組主要是因為 Tomcat 7 在執行時要讀取 /etc/guacamole/user-mapping.xml 這個使用者設定檔,而這個檔案因為安全性的因素,除了 root 之外,就只有 guacamole-web 群組可以讀取,如果忘記做這一步的話,在使用者登入時就會出現無法登入的情況,Tomcat 的記錄檔也會有類似下面這種錯誤訊息:

嚴重的: Error retrieving context for user "seal".
net.sourceforge.guacamole.GuacamoleException: Error reading basic user mapping file.
 at net.sourceforge.guacamole.net.basic.BasicFileAuthenticationProvider.getUserMapping(BasicFileAuthenticationProvider.java:129)
 at net.sourceforge.guacamole.net.basic.BasicFileAuthenticationProvider.getAuthorizedConfigurations(BasicFileAuthenticationProvider.java:148)
 at net.sourceforge.guacamole.net.auth.simple.SimpleAuthenticationProvider.getUserContext(SimpleAuthenticationProvider.java:85)
 at net.sourceforge.guacamole.net.basic.AuthenticatingHttpServlet.service(AuthenticatingHttpServlet.java:262)
 at javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)
 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
 at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:224)
 at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:169)
 at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
 at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168)
 at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98)
 at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:927)
 at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
 at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)
 at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:987)
 at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:579)
 at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:309)
 at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1146)
 at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
 at java.lang.Thread.run(Thread.java:679)
Caused by: java.io.FileNotFoundException: /etc/guacamole/user-mapping.xml (Permission denied)
 at java.io.FileInputStream.open(Native Method)
 at java.io.FileInputStream.<init>(FileInputStream.java:137)
 at net.sourceforge.guacamole.net.basic.BasicFileAuthenticationProvider.getUserMapping(BasicFileAuthenticationProvider.java:119)
 ... 20 more

Step 7
重新啓動 Tomcat 7:

service tomcat7 restart

Step 8
開啟瀏覽器,網址為 http://host:8080/guacamole/,其中 host 就是伺服器的 IP 位址:

guacamole_web

登入後,在「All Connections」中可以選擇要開啓的連線。

guacamole_web2

開啟剛剛設定好的 VNC 連線。

guacamole_web3

這樣就可以在不安裝任何軟體的狀況下,操控遠端的電腦了。

參考資料:ADMINfilegottTecmint