Hi Zer0Cool, Is it exactly the message you get or just a typo?
>> "failed to enable unit: unit file guacd.serviuce does not exist." Note there is an extra "u" letter in the unit filename. Grigory ср, 6 мая 2020 г. в 02:40, Zer0Cool <[email protected]>: > OS: CentOS 8.1 (fresh minimal install) > Guac: 1.1.0 > > I unpacked guacamole, setup tomcat 9.0.34, etc. I get to the point I need > to > `systemctl enable guacd` to enable the guacd service and it fails with a > message like: > > "failed to enable unit: unit file guacd.serviuce does not exist." > > I `ls -al /etc/systemd/system` and guacd.service is present. Odd, I compare > the permissions and ownership on guacd.service to a working install on a > CentOS 7.8 machine (also Guacamole 1.1.0). Permissions and contents of the > guacd.service file are identical. > > Then I try `systemd-analyze verify guacd.service` and no output. I have > done > `systemctl daemon-reload`. > > I do `systemctl list-unit-files --type=service`. guacd is listed with a > state of "bad" in red. Ok so it knows the file is there... > > Finally, I check `/var/log/messages`. Its immediately apparent that SEL is > blocking access to the guacd.service file preventing it from enabling by > creating the required symlink. > > messages like "SELinux is preventing systemd from read/open access on file > guacd.service..." > > I do `setenforce 0` and run `systemctl enable guacd` and it works. I start > the service and it works. I put SEL back in enforcing mode, restart guac, > still running no problems. > > The really odd part...the tomcat service started without issue prior to all > the guacd stuff. SEL prevented enabling guacd.service but not > tomcat.service > with the same permissions, ownership and within the same directory... > > I am going to guess this is an SEL related matter and not a Guacamole > related matter but wanted to check that I have not missed something on the > Guacamole side. > > UPDATE: Another look/check and I think I found the cause...not sure who's > "fault" this is. > > It appears that the guacd.service file has a SEL context of > "system_u:object_r:default_t:s0". All other service files in > /etc/systemd/system have a context of > "system_u:object_r:systemd_unit_file_t:s0", including the tomcat.service > file. > > The solution for me seems to be to run the following command before trying > to enable guacd: > > sudo restorecon -v /etc/systemd/system/guacd.service > > This results in the guacd.service file being labeled with the > systemd_unit_file_t context. Afterwards, `systemctl enable guacd` works as > expected. > > Hope this may help others, lucky I got it sorted while writing this up and > figured best to share. > > > > -- > Sent from: > http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/ > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > >
