guacamole install build
- guacamole-1.0.0 mounting configuration
Environment: tomcat9.0 + openjdk version "1.8.0_212" + centos7.5
Installation depends
You must install it depends
yum -y install cairo-devel libjpeg-devel libpng-devel uuid-devel
libguac use of Cairo for graphics rendering. If you do not Cairo, you can not function avocado sauce.
libguac use libjpeg-turbo to provide support JPEG
libgung be written using libpng PNG image
libguac use OSSP UUID each Guacamole connection is assigned a unique ID.- Optionally installed dependent
Guacamole alternative dependency determines which part of guacamole-server will be constructed. This includes support for a variety of remote desktop protocols, as well as any other function of these protocols:
VNC support is dependent on libvncclient library, which is part of libVNCServer.
pulseaudio provide VNC experimental audio capabilitiesyum install libvncserver-devel pulseaudio-libs-devel
RDP support depends on the latest version of FreeRDP (version 1.0 or later, but please do not use the non-release version of git).
yum install freerdp-devel
SSH support relies on
libssh2 SSH support.
OpenSSL support for SSL and TLS are.
Pango font rendering and text layout library used by the Guacamole built-in terminal emulator.yum install libssh2-devel openssl-devel pango-devel
Telnet depends on libtelnet and Pango. (Not within libtelnet-devel yum CentOS7 official sources, can be installed epel-release source)
yum install libtelnet-devel pango-devel
guacenc (will be converted to a video screen recording) utility relies on FFmpeg, and only in the libavcodec FFmpeg provide installation, built unless libavutil and libswscale library. (Ffmpeg-devel yum not CentOS7 within the official source, can be installed DEXTOP source) is not required screen recording function, not installed.
yum install ffmpeg-devel
libvorbis support Ogg Vorbis - a free, open and sound compression standard. If libguac installation will support Ogg Vorbis, audio support agreement will try to use Ogg Vorbis compression. Otherwise, the sound will only be encoded as WAV (uncompressed), and can be used only if your browser supports WAV.
yum install libvorbis-devel
libgubp by the libgub for writing WebP image. Although the agreement does not force the Guacamole support WebP, but if the browser and libguac support WebP image will be used WebP image.
yum install libwebp-devel
Using the clipboard to be installed dependent
yum -y install freerdp-plugins
In order to experience the full functionality, install all of the above.
If you want to directly set up, then please copy and paste
yum -y install cairo-devel libjpeg-devel libpng-devel uuid-devel
yum -y install ffmpeg-devel freerdp-devel pango-devel libssh2-devel
yum -y install libtelnet-devel libvncserver-devel pulseaudio-libs-devel
yum -y install openssl-devel libvorbis-devel libwebp-devel
yum -y install freerdp-plugins ##不安装剪切板不能用
Download the relevant package
mysql ldap plus we use two-factor authentication, the user login control ldap go, go mysql user access control
Download guacamole-server
wget https://mirrors.tuna.tsinghua.edu.cn/apache/guacamole/1.0.0/source/guacamole-server-1.0.0.tar.gz
Download guacamole-client for the client is the guacd. For the end user, or server
wget https://mirrors.tuna.tsinghua.edu.cn/apache/guacamole/1.0.0/binary/guacamole-1.0.0.war
Download ldap-related dependent plug-in package
wget https://mirrors.tuna.tsinghua.edu.cn/apache/guacamole/1.0.0/binary/guacamole-auth-ldap-1.0.0.tar.gz
Download mysql dependencies
wget https://mirrors.tuna.tsinghua.edu.cn/apache/guacamole/1.0.0/binary/guacamole-auth-jdbc-1.0.0.tar.gz
Download tomcat
wget http://mirrors.tuna.tsinghua.edu.cn/apache/tomcat/tomcat-9/v9.0.19/bin/apache-tomcat-9.0.19.tar.gz
Guacamole-server installation
tar xvf guacamole-server-1.0.0.tar.gz cd guacamole-server-1.0.0 ./configure --with-init-dir=/etc/init.d make & make install & ldconfig /etc/init.d/guacd start guacd
This process is the real server. All connections are completed this process
will be the default port 4822 to listen 127.0.0.1 after this process started
Installation guacamole-client
cd /data/w/www
tar xvf apache-tomcat-9.0.19.tar.gz
mv apache-tomcat-9.0.19 guacamole.corp.bianlifeng.com
cp /root/guacamole-1.0.0.war guacamole.corp.bianlifeng.com/webapps/
cd guacamole.corp.bianlifeng.com/
./bin/startup.sh
Guacamole.properties configuration file
mkdir /etc/guacamole/
vim /etc/guacamole/guacamole.properties
hostname:localhost # 这个是guacd进程所在的地址
guacd-port:4822 # guacd端口
enable-clipboard-integration:true
# mysql的配置
mysql-hostname: rw-common-ops-mysql.vip.blibee.com
mysql-port: 33006
mysql-database: guacamole
mysql-username: guacamol_9p_rw
mysql-password: 9AnC6gbsgS14zwxi
# ldap的配置
ldap-hostname: ad.vip.blibee.com
ldap-port: 389
ldap-user-base-dn: ou=allusers,ou=blf,dc=corp,dc=bianlifeng,dc=com
ldap-search-bind-dn: CN=bind_******,OU=Ldap_User,OU=OtherUser,DC=corp,DC=bianlifeng,DC=com
ldap-search-bind-password:*****
ldap-username-attribute: sAMAccountName
ldap-user-search-filter:(objectClass=user)
ldap-max-search-results: 40000
Configuring mysql and ldap
Then put forward a database table into the line
tar xvf guacamole-auth-jdbc-1.0.0.tar.gz
tar xvf guacamole-auth-ldap-1.0.0.tar.gz
mkdir /etc/guacamole/lib/
mkdir /etc/guacamole/extensions
yum install mysql-connector-java-8.0.16-1.el7.noarch.rpm -y
配置jar包
cp /usr/share/java/mysql-connector-java.jar /etc/guacamole/lib/
cp /root/guacamole-auth-jdbc-1.0.0/mysql/guacamole-auth-jdbc-mysql-1.0.0.jar /etc/guacamole/extensions/
cp /root/guacamole-auth-ldap-1.0.0/guacamole-auth-ldap-1.0.0.jar /etc/guacamole/extensions/
Introducing into a database in mysql
position table /root/guacamole-auth-jdbc-1.0.0/mysql/schema
Tomcat way to restart the process server's 8080 port will be able to visit
Synchronization over user data to the database every day
#!/bin/python
#coding: utf-8
import pymysql
import requests
class Exec():
def __init__(self):
self.hostname = "****"
self.user = "****"
self.passwd = "****"
self.port = ****
self.database = "guacamole"
def conn(self):
self.db = pymysql.connect(host=self.hostname, user=self.user, password=self.passwd, database=self.database, port=self.port)
self.cursor = self.db.cursor()
def run_exec(self, sql):
self.cursor.execute(sql)
self.db.commit()
def query(self, sql):
self.cursor.execute(sql)
data = self.cursor.fetchall()
return data
def close(self):
self.db.close()
if __name__ == '__main__':
a = Exec()
a.conn()
result = requests.get("xxxxxxxxxxxxx")
result = result.json()["data"]["data"]
for username in result:
query_user = '''select entity_id from guacamole_entity where name="{username}";''' . format(username=username)
user = a.query(sql=query_user)
if user != ():
continue
add_user = '''insert into guacamole_entity (name, type) value ("%s", "USER");''' % (username)
a.run_exec(sql=add_user)
query_entity_id = '''select entity_id from guacamole_entity where name="{username}";''' . format(username=username)
entity_id = a.query(sql=query_entity_id)[0][0]
add_password = '''INSERT INTO guacamole_user (entity_id, password_salt, password_hash, password_date) SELECT {entity_id}, UNHEX(SHA2(UUID(), 256)), UNHEX(SHA2(CONCAT('', HEX(UNHEX(SHA2(UUID(), 256)))), 256)), CURRENT_TIMESTAMP FROM guacamole_entity WHERE name = '{username}' AND type = 'USER';'''.format(entity_id=entity_id, username=username)
a.run_exec(sql=add_password)
add_permission = '''insert into guacamole_system_permission (entity_id, permission) value ("{entity_id}", "CREATE_CONNECTION");''' .format(entity_id=entity_id)
a.run_exec(sql=add_permission)
print ("add user %s"% (username))
a.close()