Re: guacd not starting on boot

Mon, 11 Mar 2019 17:58:42 -0700 


     And it's open sourced, and while I don't know Java, I do know C, so if
it becomes important enough to me there is always that option.

-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-
 Eskimo North Linux Friendly Internet Access, Shell Accounts, and Hosting.
   Knowledgeable human assistance, not telephone trees or script readers.
 See our web site: http://www.eskimo.com/ (206) 812-0051 or (800) 246-6874.

On Mon, 11 Mar 2019, Nick Couchman wrote:


Date: Mon, 11 Mar 2019 09:10:46 -0400
From: Nick Couchman <[email protected]>
Reply-To: [email protected]
To: [email protected]
Subject: Re: guacd not starting on boot

On Mon, Mar 11, 2019 at 7:37 AM Robert Dinse <[email protected]> wrote:



      /var/run is a tempfs file system and recreated at each boot so
changing
the perms on it are gone on the next boot.  As for the encryption key, lots
of things run as daemon, I don't want them all having access to the key.



Yes.  I addressed both of these issues in my previous e-mail:
- /var/run is managed by tmpfilesd on most systems where it is completely
temporary and that also run systemd.  So, you can put rules into
/etc/tmpfiles.d that create these files for you.
- You do not have to use the "daemon" user.  It was a convenient default
for the purposes of creating and distributing the systemd unit file, but
you can run guacd under any user account that you like.  Again, as already
mentioned, I generally create a "guac" user account and run both Tomcat and
guacd under that user account. This way I can 1) make sure neither guacd or
Tomcat are running as root, and 2) that both have the necessary access to
the files and folders under /etc/guacamole that define the configuration
for Guacamole, including sensitive information like certificates/keys,
database username/password, etc.




       At any rate, that's my suggestion for functionality.



Appreciated.  You're welcome to file a feature request in JIRA for this and
see where it goes.  The point is, it isn't required to get where you want
to go.




       I still have some other issues to work out but they're with my hosts
not with guacamole.  I have sound working on debian and mint.  Have not
been
able to get it to work on ubuntu yet nor on any redhat derived system, I
get
connection refused from the pulseaudio port on those machines even after
adding
the suggested configuration change to /etc/pulse/default.pa.



RedHat has firewalld enabled and active by default, I believe, so it's
possible that's blocking something.  Not sure about Ubuntu.

-Nick























					Reply via email to