Apache Guacamole 1.1.0 Install Guide

Apache Guacamole 1.2.0 Install Guide
September 27, 2020

The Apache Software Foundation released Guacamole v1.1.0 on 29 January 2020. In this guide we will be building a Guacamole instance on CentOS 7. We have also posted a video on Youtube that follows this guide.


Prerequisites:
CentOS 7 (we are using a “minimal install” but any installation should work)


This guide is written assuming that you are logged in as root. You can do this from a non root account with sudo privileges, but sudo will need to be placed before each command.

1. Once we have a installed CentOS 7, we are going to set the hostname, update the OS and other packages, and enable the Enterprise Linux Repositories (EPEL):

hostnamectl set-hostname guac
yum install -y  epel-release
yum update -y

2. Guacamole requires ffmpeg-devel, and that package is not included with the base CentOS or EPEL repositories so we will need to enable/install a repository that includes ffmpeg-devel and its dependencies. For this tutorial we will be using RPM Fusion but other 3rd party repositories that have the necessary packages will work as well. Use this command to install RPM Fusion:

yum -y localinstall --nogpgcheck https://download1.rpmfusion.org/free/el/rpmfusion-free-release-7.noarch.rpm https://download1.rpmfusion.org/nonfree/el/rpmfusion-nonfree-release-7.noarch.rpm

3. Next we need to download and install several dependencies:

yum install -y cairo-devel libjpeg-turbo-devel libwebsockets-devel libpng-devel uuid-devel ffmpeg-devel freerdp-devel pango-devel libssh2-devel libvncserver-devel pulseaudio-libs-devel openssl-devel libvorbis-devel libwebp-devel libtool libtelnet-devel freerdp mariadb-server wget tomcat

4. Now download and extract the Guacamole server source code (.tar.gz) and download the Guacamole Web Application (.war)

wget https://downloads.apache.org/guacamole/1.1.0/source/guacamole-server-1.1.0.tar.gz
tar -xzf guacamole-server-1.1.0.tar.gz
wget https://downloads.apache.org/guacamole/1.1.0/binary/guacamole-1.1.0.war

5. Once the source code is downloaded and extracted, we need to prep it for compiling and installation.

cd guacamole-server-1.1.0
./configure --with-init-dir=/etc/init.d

If the required dependencies from the previous steps were installed correctly, all of the libraries, protocols, and services/tools should say yes except for wsock32. If you see any “no” items, go back to step 3 and verify all of the packages installed correctly.

6. We can now run make/install.

make install
ldconfig && cd ~

7. We need to enable tomcat, mariadb, and guacd to start each time our system starts or reboots.

systemctl enable tomcat && systemctl enable mariadb && systemctl enable guacd

8. The guacamole web application that we downloaded in step 4 needs to be copied to the correct directory

cp ~/guacamole-1.1.0.war /var/lib/tomcat/webapps/guacamole.war

9. The firewall needs to be opened to allow tomcat/guacamole to connect via port 8080.

firewall-cmd --permanent --add-port=8080/tcp
firewall-cmd --reload

10. To configure Guacamole to support multiple users and connections, we need to download and configure MySQL.

mkdir -p /usr/share/tomcat/.guacamole/{extensions,lib}
wget https://cdn.mysql.com//Downloads/Connector-J/mysql-connector-java-8.0.18.tar.gz
tar -xzf mysql-connector-java-8.0.18.tar.gz
cp mysql-connector-java-8.0.18/mysql-connector-java-8.0.18.jar /usr/share/tomcat/.guacamole/lib/
wget https://downloads.apache.org/guacamole/1.1.0/binary/guacamole-auth-jdbc-1.1.0.tar.gz
tar -xzf guacamole-auth-jdbc-1.1.0.tar.gz
cp guacamole-auth-jdbc-1.1.0/mysql/guacamole-auth-jdbc-mysql-1.1.0.jar /usr/share/tomcat/.guacamole/extensions/

11. Let’s now start mariadb and tomcat.

systemctl start mariadb  && systemctl start tomcat

12. Next we need to better secure our mysql/mariadb installation

mysql_secure_installation

13. Press enter when asked “Enter current password for root (enter for none):”

14. Enter “Y” to set your own root password. This should be different from your normal root user password. Make sure you save this password for future use. For this demo, we are going to use GuacDemo as our password.

15. Enter “Y” to remove anonymous users, and then “Y” again to disallow remote root login.

16. Enter “Y” to remove the test database, and finally “Y” again to reload the privilege tables.

17. Now we need to configure the tables and database scheme so that Guacamole can store connection and user information in the database. Log into mysql, you will be promoted to enter the password you created in step 14.

mysql -u root -p

18. Enter the following lines of SQL once you’ve been greeted with the MariaDB prompt.

CREATE DATABASE IF NOT EXISTS guacdb DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
GRANT SELECT,INSERT,UPDATE,DELETE ON guacdb.* TO 'guacuser'@'localhost' IDENTIFIED BY 'guacpass' WITH GRANT OPTION;
flush privileges;
quit

19. We now need to download and extract the guacamole client, and cat the .sql files to mysql from inside the jbdc folder.

wget https://downloads.apache.org/guacamole/1.1.0/source/guacamole-client-1.1.0.tar.gz
tar -xzf guacamole-client-1.1.0.tar.gz
cat guacamole-client-1.1.0/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/schema/*.sql | mysql -u root -p guacdb

20. Now we need to create the Guacamole configuration file.

mkdir -p /etc/guacamole/ && vi /etc/guacamole/guacamole.properties
Now paste the following into the file:
#----------------------------------Inset Into VI---------------------------------------
# MySQL properties
mysql-hostname: localhost
mysql-port: 3306
mysql-database: guacdb
mysql-username: guacuser
mysql-password: guacpass
#Additional settings
mysql-default-max-connections-per-user: 0
mysql-default-max-group-connections-per-user: 0
#----------------------------------End Inset Into VI-----------------------------------

21. Now we fix some file permissions and create a symbolic link.

chmod 0400 /etc/guacamole/guacamole.properties
chown tomcat:tomcat /etc/guacamole/guacamole.properties
ln -s /etc/guacamole/guacamole.properties /usr/share/tomcat/.guacamole/
chown tomcat:tomcat /var/lib/tomcat/webapps/guacamole.war

22. In order for MySQL/MariaDB to communicate correctly with Guacamole, we have to specify our timezone in /etc/my.cnf

Add the following to the [mysqld] block of the configuration file. I use -4:00 for EDT. You will need to lookup the correct timezone value based on your location.

default-time-zone='-4:00'

23. Finally, we need to fix a permission issue with SELinux that will prevent Guacamole from working correctly.

setsebool -P tomcat_can_network_connect_db on
restorecon -R -v /usr/share/tomcat/.guacamole/lib/mysql-connector-java-8.0.18.jar

24. That should be it! Just reboot your machine, and with any luck you will be greeted with the guacamole login screen when you navigate to:

[yourip]:8080/guacamole

The default username is: guacadmin and the default password: guacadmin. If you get a blank white screen, try step 23 again and reboot your computer. If you are still met with a blank white screen, try disabling SELinux.

84 Comments

  1. Abdul B Bargoob says:

    Awesome Job. I had some issues with selinux and the webpage would not open up once all done. it keep pulling up a blank screen. I turn off the selinux and it worked. I hope its not too bad.
    But great video and thanks for all the work.

  2. Greg_E says:

    OK, I have this running, but there is a problem… When I rdp into a win10 workstation, I get no sound. Windows RDP into the same workstation and sound is fine. I did a search of the server for guacsnd and it is not found which means it must be missing, how do I build the guacsnd-client.so?

    Also I looked at this first, which doesn’t help at all because I don’t have the /x86_64-linux-gnu/freerdp/ folder at all: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/Sound-over-RDP-issue-with-solution-td4660.html I think most of these assume Ubuntu, not CentOS and the file structure is slightly different between the two.

    Sound for me may be important, if the latency isn’t too much. Setting this up to try and allow our students to log in from home and edit their audio or video projects. Any help is figuring this out would be appreciated.

    • BytePro says:

      Can you go to Settings -> Connections -> [Your RDP Connection], and verify that “Support audio in console” is unchecked. After that reboot the Guacamole server and let me know if that works.

      Guacamole previously relied on FreeRDP v1.0, but with Guacamole release 1.1.0, support for FreeRDP 2.0 was added. You can read more about the move to FreeRDP 2.0 here: https://guacamole.apache.org/releases/1.1.0/

      When you did the server build, did you have a “Yes” for each component listed in step 5?

      If that doesn’t fix it let me know and I can look into it more.

  3. Greg_E says:

    Just took a look through client the gzip files for 1.1.0 and 1.0.0 and the sound files are missing from 1.1.0 trying to decide if I can just copy those files into the newer version and remake the client and install it.

  4. shakthidharan says:

    can u please help on the module to integrate with ad

  5. Mousse says:

    Thanks for this great job.
    i have setup all but now to login with guacadmin like username and password it shows me that my login is incorrect. Please where can be the problem?

    • BytePro says:

      Incorrect login means that Guacamole is not authenticating properly with the MySQL backend. A few things to try:

      1. Try to disable SELinux, reboot and try to login again.
      2. Make sure MySQL is running: systemctl start mariadb
      3. Go back to step 18 and make sure the database was correctly configured.

      If none of those work, go into /var/log/tomcat and read through the log files to see if you can find any clues. Hope that helps!

  6. Kirubanandhan Nandhagobal says:

    Hi,

    Can you please tell how to do it in Docker with Centos 7 Image.. Facing lot of issues.

  7. SGK says:

    Hello,
    This is the most simplest and wonderful guide to Guacamole setup I have ever known.
    Good and keep posted in future.
    Can you please help up with some settings for using it with https as we want to implement this server on production environment.
    Your help would be greatly appreciated.

  8. lars says:

    Great guide, sorry to say i get invalid login using guacadmin.

    • Prasad says:

      I am also getting the Invalid Login issue using guacadmin user. Any help is much appriciated.

    • BytePro says:

      Incorrect login usually means that Guacamole is not communicating properly with the MySQL backend. A few things to try:

      1. Try to disable SELinux, reboot and try to login again.
      2. Make sure MySQL is running: systemctl start mariadb
      3. Go back to step 18 and make sure the database was correctly configured.

      If none of those work, go into /var/log/tomcat and read through the log files to see if you can find any clues. Hope that helps!

  9. Zachary White says:

    What are the chances of getting a quick guide on Active Directory integration?

  10. taufik says:

    wah i cannot login to aplication what is usename and password ??

  11. rx pharmacy says:

    Its like you learn my thoughts! You appear to grasp a lot about this, such as you wrote the
    e-book in it or something. I feel that you can do with a few
    p.c. to drive the message home a little bit,
    but instead of that, this is wonderful blog.
    A fantastic read. I will definitely be back. rx pharmacy https://pharmaciescegs.com/ pharmacy

  12. is there a generic viagra https://pillexrx.com/ generic for viagra

  13. best price for genuine viagra https://fmedrx.com/ price of viagra 100mg in india

  14. is viagra over the counter https://usggrxmed.com/ viagra without a
    doctor prescription

  15. canadian pharmacy generic viagra https://edabcrx.com/ generic
    for viagra

  16. viagra without a doctor prescription https://abcrxmed.com/ canadian online pharmacy viagra

  17. It’s a nice confirmation when an author’s work is validated, and they can see the fruit of their labor.
    Comments are perhaps the most misused — and least understood — weapons in the ambitious blogger’s arsenal.
    카지노사이트

  18. Remember, you’ve chosen to be on this person’s blog, not someone else’s. You’ve chosen to read their post instead of another. You must have a reason to want to connect with them over any of the other million bloggers you could be trying to connect with at that moment.
    In short, pay them a compliment. Any compliment. Just make sure it’s a sincerecompliment.
    카지노사이트추천

  19. Are you a fan of the blogger’s body of work? Tell them so. Say how much you enjoy their writing. Even better? Tell them about a specific example where their writing has helped you.
    If you choose to focus on the post itself, talk about a particular point within the post that truly hit home for you. Did it change your outlook on a topic? Did it motivate you to go out and take action? Did it rock your world? Tell them so.
    파라오카지노

  20. Instant payday loans online loanus24online.com best online loans

  21. Payday loans online same day deposit payday loans in maryland payday loans direct lender

  22. Best personal loans for fair credit personal loans for veterans low rate personal loans

  23. RobertCoide says:

    Pills information for patients. What side effects can this medication cause? where can i get accupril without a prescription All information about meds. Get information now.

  24. Payday loans oregon loans365payday.com payday loans online same day

  25. Josephrig says:

    Drugs information sheet. Short-Term Effects. cheap lexapro without rx Everything information about medicine. Read here.

  26. Bad credit personal loans guaranteed approval no credit check https://personal4usloans.com/ personal loans no credit check

  27. Josephrig says:

    Medicines information sheet. Effects of Drug Abuse. can i buy prednisone online All trends of meds. Read here.

  28. RobertCoide says:

    Medicines information sheet. What side effects can this medication cause? where can i buy cheap accupril without prescription Everything information about medicines. Get now.

  29. Kennethdup says:

    Drugs information sheet. Long-Term Effects. https://trazodone2020.top/ All news about medicines. Read information now.

  30. RobertCoide says:

    Drug information for patients. Generic Name. lisinopril without rx Best what you want to know about pills. Get information here.

  31. Josephrig says:

    Drugs prescribing information. Effects of Drug Abuse. buy sildenafil All trends of medicines. Read information now.

  32. 바카라 says:

    Hey There. I found your blog using msn. This is a really well written article.
    I’ll be sure to bookmark it and come back to read more of your useful info.
    Thanks for the post. I will definitely comeback.

  33. otc viagra says:

    Online viagra otc viagra where to buy viagra

  34. Josephrig says:

    Medicament information sheet. Cautions. buy generic lexapro no prescription Best trends of meds. Get here.

  35. RobertCoide says:

    Medicine information for patients. What side effects can this medication cause? where to get accupril Everything news about medicines. Get here.

  36. Kennethdup says:

    Meds information for patients. Cautions. https://zoloft2020.life/ Actual trends of meds. Read information now.

  37. Hey! I could have sworn I’ve been to this site before but after reading through some of the post I realized
    it’s new to me. Anyhow, I’m definitely delighted
    I found it and I’ll be book-marking and checking back frequently!

  38. Where can i buy viagra http://hitrxmenvia.com/ generic for viagra

  39. MaXtzs says:

    Сервис помощи студентам 24 АВТОР (24 AUTHOR) – официальный сайт.
    Автор 24
    Работаем с 2012 года. Гарантии, бесплатные доработки, антиплагиат. Заказать диплом (дипломную работу), курсовую, магистерскую или любую другую студенческую работу можно здесь.

  40. I noticed one of your pages have a 404 error.

  41. Josephrig says:

    Drug information sheet. Effects of Drug Abuse. where can i buy cheap lisinopril for sale Actual about pills. Get information now.

  42. RobertCoide says:

    Pills information sheet. Short-Term Effects. where to buy lisinopril All what you want to know about meds. Get information here.

  43. Josephrig says:

    Drug prescribing information. Long-Term Effects. how to buy generic trazodone pills Everything information about drug. Get now.

  44. RobertCoide says:

    Medicines information for patients. Cautions. where can i buy cheap accupril Some information about meds. Read information here.

  45. Josephrig says:

    Drug prescribing information. Long-Term Effects. cost of lyrica pill Best information about medication. Read here.

  46. viagra says:

    Here’s How They Taste. http://viagetpill.com/ Here’s How They Taste.

  47. buy viagra says:

    NAE : Navy Acquisition Executiv… http://bestviagrx.com/ NAE :
    Navy Acquisition Executiv…

  48. Kennethdup says:

    Medication information for patients. Brand names. http://med-online-no-prescription.top/ Everything about medicament. Read information now.

  49. I’ve been surfing online more than 3 hours nowadays, but I
    by no means discovered any attention-grabbing article like yours.
    It’s pretty value enough for me. Personally, if all webmasters and bloggers made good
    content as you did, the web will be a lot more helpful than ever before.

  50. Well along with your permission let me to grasp
    your RSS feed to stay updated with coming near near post.
    viarxhd.com Well along with your permission let me to grasp your RSS feed to stay updated with
    coming near near post.

  51. Josephrig says:

    Medicines information sheet. Effects of Drug Abuse. buy lasix Actual about medicines. Get now.

  52. Other policies will only cover the cost of testing
    and assessments, so you must read the policy before assuming that your plan will pay for the treatment.
    over the counter viagra Other policies will only cover the cost
    of testing and assessments, so you must read the
    policy before assuming that your plan will pay for
    the treatment.

  53. Brainaceno says:

    buy generic viagra online no prescription genericviagra2o where to buy generic viagra reviews.

Leave a Reply

Your email address will not be published. Required fields are marked *