guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Robert Dinse <nan...@eskimo.com>
Subject Re: guacd not starting on boot
Date Tue, 12 Mar 2019 00:57:57 GMT

      And it's open sourced, and while I don't know Java, I do know C, so if
it becomes important enough to me there is always that option.

-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-
  Eskimo North Linux Friendly Internet Access, Shell Accounts, and Hosting.
    Knowledgeable human assistance, not telephone trees or script readers.
  See our web site: http://www.eskimo.com/ (206) 812-0051 or (800) 246-6874.

On Mon, 11 Mar 2019, Nick Couchman wrote:

> Date: Mon, 11 Mar 2019 09:10:46 -0400
> From: Nick Couchman <vnick@apache.org>
> Reply-To: user@guacamole.apache.org
> To: user@guacamole.apache.org
> Subject: Re: guacd not starting on boot
> 
> On Mon, Mar 11, 2019 at 7:37 AM Robert Dinse <nanook@eskimo.com> wrote:
>
>>
>>       /var/run is a tempfs file system and recreated at each boot so
>> changing
>> the perms on it are gone on the next boot.  As for the encryption key, lots
>> of things run as daemon, I don't want them all having access to the key.
>>
>
> Yes.  I addressed both of these issues in my previous e-mail:
> - /var/run is managed by tmpfilesd on most systems where it is completely
> temporary and that also run systemd.  So, you can put rules into
> /etc/tmpfiles.d that create these files for you.
> - You do not have to use the "daemon" user.  It was a convenient default
> for the purposes of creating and distributing the systemd unit file, but
> you can run guacd under any user account that you like.  Again, as already
> mentioned, I generally create a "guac" user account and run both Tomcat and
> guacd under that user account. This way I can 1) make sure neither guacd or
> Tomcat are running as root, and 2) that both have the necessary access to
> the files and folders under /etc/guacamole that define the configuration
> for Guacamole, including sensitive information like certificates/keys,
> database username/password, etc.
>
>
>>
>>        At any rate, that's my suggestion for functionality.
>>
>
> Appreciated.  You're welcome to file a feature request in JIRA for this and
> see where it goes.  The point is, it isn't required to get where you want
> to go.
>
>
>>
>>        I still have some other issues to work out but they're with my hosts
>> not with guacamole.  I have sound working on debian and mint.  Have not
>> been
>> able to get it to work on ubuntu yet nor on any redhat derived system, I
>> get
>> connection refused from the pulseaudio port on those machines even after
>> adding
>> the suggested configuration change to /etc/pulse/default.pa.
>>
>>
> RedHat has firewalld enabled and active by default, I believe, so it's
> possible that's blocking something.  Not sure about Ubuntu.
>
> -Nick
>

Mime
View raw message