這裡我們以 Ubuntu Linux 12.04 的環境示範如何安裝 Guacamole,在 Guacamole 官方的教學中所使用的 Tomcat 伺服器版本為 6,而這裡我們改用 Tomcat 7,安裝上有些小差異。
以下是安裝步驟教學。
Step 1
安裝 Tomcat 7:
sudo apt-get install tomcat7 tomcat7-admin tomcat7-docs tomcat7-examples tomcat7-user libservlet3.0-java-doc libservlet3.0-java
其實如果沒有特別需求,只要安裝 tomcat7
這個套件就可以了,我個人是喜歡把相關的套件一次全部安裝好,免得以後要用的時候還要再裝一次。
Step 2
從 Guacamole 官方網站下載 Guacamole 安裝檔
guacamole-0.8.1-ubuntu-12.04-amd64.tar.gz
:
wget http://downloads.sourceforge.net/project/guacamole/current/binary/ubuntu-12.04-amd64/guacamole-0.8.1-ubuntu-12.04-amd64.tar.g
Step 3
解壓縮:
tar zxvf guacamole-0.8.1-ubuntu-12.04-amd64.tar.gz cd guacamole-0.8.1-ubuntu-12.04-amd64/
安裝 Guacamole,根據官方的說明在安裝前先要安裝一些相依性套件:
sudo apt-get install libvncserver0 libfreerdp1 libvorbisenc2 libfreerdp-plugins-standard
接著再安裝 Guacamole 的套件:
sudo dpkg -i guacamole_0.8.1-1_all.deb guacd_0.7.0-2_amd64.deb libguac-client-rdp0_0.7.4-1_amd64.deb libguac-client-ssh0_0.8.0-1_amd64.deb libguac-client-vnc0_0.7.2-1_amd64.deb libguac4_0.7.0-1_amd64.deb
這裡在安裝時跳過 guacamole-tomcat_0.8.1-1_all.deb
這個檔,因為他預設是使用 Tomcat 6,我們要改用 Tomcat 7,所以這個部分不裝。
如果忘記先安裝相依性套件,就會出現一些相容性問題:
Selecting previously unselected package guacamole.
(Reading database … 347057 files and directories currently installed.)
Unpacking guacamole (from guacamole_0.8.1-1_all.deb) …
Selecting previously unselected package guacd.
Unpacking guacd (from guacd_0.7.0-2_amd64.deb) …
Selecting previously unselected package libguac-client-rdp0.
Unpacking libguac-client-rdp0 (from libguac-client-rdp0_0.7.4-1_amd64.deb) …
Selecting previously unselected package libguac-client-ssh0.
Unpacking libguac-client-ssh0 (from libguac-client-ssh0_0.8.0-1_amd64.deb) …
Selecting previously unselected package libguac-client-vnc0.
Unpacking libguac-client-vnc0 (from libguac-client-vnc0_0.7.2-1_amd64.deb) …
Selecting previously unselected package libguac4.
Unpacking libguac4 (from libguac4_0.7.0-1_amd64.deb) …
dpkg: dependency problems prevent configuration of libguac-client-rdp0:
libguac-client-rdp0 depends on libfreerdp1 (>= 1.0.1); however:
Package libfreerdp1 is not installed.
dpkg: error processing libguac-client-rdp0 (--install):
dependency problems -- leaving unconfigured
dpkg: dependency problems prevent configuration of libguac-client-ssh0:
libguac-client-ssh0 depends on libssh-4 (>= 0.5.0); however:
Package libssh-4 is not installed.
dpkg: error processing libguac-client-ssh0 (--install):
dependency problems -- leaving unconfigured
dpkg: dependency problems prevent configuration of libguac-client-vnc0:
libguac-client-vnc0 depends on libvncserver0; however:
Package libvncserver0 is not installed.
dpkg: error processing libguac-client-vnc0 (--install):
dependency problems -- leaving unconfigured
Setting up libguac4 (0.7.0-1) …
Setting up guacd (0.7.0-2) …
guacd[1401]: INFO: Guacamole proxy daemon (guacd) version 0.7.0
guacd[1401]: INFO: Unable to bind socket to host ::1, port 4822: Address family not supported by protocol
guacd[1401]: INFO: Successfully bound socket to host 127.0.0.1, port 4822
guacd[1401]: INFO: Exiting and passing control to PID 1403
guacd[1403]: INFO: Exiting and passing control to PID 1404
Processing triggers for man-db …
Processing triggers for ureadahead …
Setting up guacamole (0.8.1-1) …
Processing triggers for libc-bin …
ldconfig deferred processing now taking place
Errors were encountered while processing:
libguac-client-rdp0
libguac-client-ssh0
libguac-client-vnc0
萬一碰到類似的問題時,請注意看每一行訊息,尤其是 error 的部分,找出缺少的套件,自己補裝:
sudo apt-get install libfreerdp1 libssh-4 libvncserver0
補完缺少的套件,然後再裝一次:
sudo dpkg -i guacamole_0.8.1-1_all.deb guacd_0.7.0-2_amd64.deb libguac-client-rdp0_0.7.4-1_amd64.deb libguac-client-ssh0_0.8.0-1_amd64.deb libguac-client-vnc0_0.7.2-1_amd64.deb libguac4_0.7.0-1_amd64.deb
像這樣的狀況在安裝一般的軟體時也時常會出現,基本的解決方式就是這樣。
Step 4
設定 /etc/guacamole/user-mapping.xml
,加入使用者的設定:
<authorize username="seal" password="seal1234"> <protocol>vnc</protocol> <param name="hostname">192.168.0.1</param> <param name="port">5905</param> <param name="password">VNCPASS</param> </authorize>
第一行的 authorize
標簽中的 username
與 password
是設定網頁登入時的帳號與密碼。第二行的 protocol
標籤是設定傳輸協定,目前可以用的傳輸協定有 vnc
、rdp
與 ssh
。第三行至第五行就是設定 VNC 伺服器的資訊:伺服器位址(hostname
)、連接埠(port
)與密碼(password
)。
Step 5
將 Guacamole 部署至 Tomcat 7 伺服器中,部署的方式就是建立兩個連結檔:一個是網頁應用程式的 WAR 檔,另外一個則是設定檔:
sudo ln -s /var/lib/guacamole/guacamole.war /var/lib/tomcat7/webapps sudo ln -s /etc/guacamole/guacamole.properties /var/lib/tomcat7/common/classes
Step 6
將 tomcat7
這個 user 加入 guacamole-web
群組,編輯 /etc/group
,找到 guacamole-web:x:998:
這一行,在這一行的最後加入 guacamole-web
,就像這樣:
guacamole-web:x:998:tomcat7
要將 tomcat7
加入 guacamole-web
群組主要是因為 Tomcat 7 在執行時要讀取 /etc/guacamole/user-mapping.xml
這個使用者設定檔,而這個檔案因為安全性的因素,除了 root
之外,就只有 guacamole-web
群組可以讀取,如果忘記做這一步的話,在使用者登入時就會出現無法登入的情況,Tomcat 的記錄檔也會有類似下面這種錯誤訊息:
嚴重的: Error retrieving context for user "seal". net.sourceforge.guacamole.GuacamoleException: Error reading basic user mapping file. at net.sourceforge.guacamole.net.basic.BasicFileAuthenticationProvider.getUserMapping(BasicFileAuthenticationProvider.java:129) at net.sourceforge.guacamole.net.basic.BasicFileAuthenticationProvider.getAuthorizedConfigurations(BasicFileAuthenticationProvider.java:148) at net.sourceforge.guacamole.net.auth.simple.SimpleAuthenticationProvider.getUserContext(SimpleAuthenticationProvider.java:85) at net.sourceforge.guacamole.net.basic.AuthenticatingHttpServlet.service(AuthenticatingHttpServlet.java:262) at javax.servlet.http.HttpServlet.service(HttpServlet.java:722) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:224) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:169) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98) at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:927) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407) at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:987) at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:579) at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:309) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1146) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at java.lang.Thread.run(Thread.java:679) Caused by: java.io.FileNotFoundException: /etc/guacamole/user-mapping.xml (Permission denied) at java.io.FileInputStream.open(Native Method) at java.io.FileInputStream.<init>(FileInputStream.java:137) at net.sourceforge.guacamole.net.basic.BasicFileAuthenticationProvider.getUserMapping(BasicFileAuthenticationProvider.java:119) ... 20 more
Step 7
重新啓動 Tomcat 7:
service tomcat7 restart
Step 8
開啟瀏覽器,網址為 http://host:8080/guacamole/
,其中 host 就是伺服器的 IP 位址:
登入後,在「All Connections」中可以選擇要開啓的連線。
開啟剛剛設定好的 VNC 連線。
這樣就可以在不安裝任何軟體的狀況下,操控遠端的電腦了。