OK. The issue was not completely solved. The problem is fixed by increasing the Reverse Proxy "client_max_body_size 40m;" on NGINX when using the Guacamole "Context Menu" upload facility. When trying to do a simple copy and paste from the Win10 RDP Host to the Guacamole RDP share, the problem persists: The file is apparently copied but it is automatically downloaded to the Browser Guacamole client. The error on the log persists: ***** Jul 16 14:06:39 suppod-1 guacd[2041]: RDP server has requested to send a sequence of 1048632 bytes, but this exceeds the maximum buffer space of 1048576 bytes. Received data may be truncated. Jul 16 14:06:43 suppod-1 guacd[2041]: message repeated 3 times: [ RDP server has requested to send a sequence of 1048632 bytes, but this exceeds the maximum buffer space of 1048576 bytes. Received data may be truncated.] Jul 16 14:06:44 suppod-1 guacd[2041]: RDP server has requested to send a sequence of 1048632 bytes, but this exceeds the maximum buffer space of 1048576 bytes. Received data may be truncated.
*Jul 16 14:07:18 suppod-1 guacd[2041]: message repeated 23 times: [ RDP server has requested to send a sequence of 1048632 bytes, but this exceeds the maximum buffer space of 1048576 bytes. Received data may be truncated.]*Jul 16 14:07:20 suppod-1 guacd[2041]: File open refused (-2): "\Download\TokenDistributionPKG (2).zip" **** The file is a little bit over 28 MB of size. And the error is shown on the log along with the repetitions, 28 times, one for each MB of the buffer. Should I be testing something else to provide more meaningful information to you? What may I be missing, configuration-wise? Thanks again for the assist. David. *********************************************************** Here is a more complete log (Debug level: INFO/Default) for reference purposes only. Jul 16 14:06:32 suppod-1 guacd[2041]: File open refused (-2): "\desktop.ini" Jul 16 14:06:35 suppod-1 guacd[2041]: File open refused (-2): "\Download\desktop.ini" Jul 16 14:06:39 suppod-1 guacd[2041]: RDP server has requested to send a sequence of 1048632 bytes, but this exceeds the maximum buffer space of 1048576 bytes. Received data may be truncated. Jul 16 14:06:43 suppod-1 guacd[2041]: message repeated 3 times: [ RDP server has requested to send a sequence of 1048632 bytes, but this exceeds the maximum buffer space of 1048576 bytes. Received data may be truncated.] Jul 16 14:06:44 suppod-1 guacd[2041]: RDP server has requested to send a sequence of 1048632 bytes, but this exceeds the maximum buffer space of 1048576 bytes. Received data may be truncated. Jul 16 14:07:18 suppod-1 guacd[2041]: message repeated 23 times: [ RDP server has requested to send a sequence of 1048632 bytes, but this exceeds the maximum buffer space of 1048576 bytes. Received data may be truncated.] Jul 16 14:07:20 suppod-1 guacd[2041]: File open refused (-2): "\Download\TokenDistributionPKG (2).zip" Jul 16 14:07:20 suppod-1 tomcat9[678]: 14:07:20.380 [Thread-4] WARN o.a.g.tunnel.InterceptedStreamMap - Unable to close intercepted stream: java.io.IOException: Broken pipe Jul 16 14:07:20 suppod-1 rsyslogd: action 'action-8-builtin:omfile' resumed (module 'builtin:omfile') [v8.2001.0 try https://www.rsyslog.com/e/2359 ] Jul 16 14:07:20 suppod-1 rsyslogd: action 'action-8-builtin:omfile' suspended (module 'builtin:omfile'), retry 0. There should be messages before this one giving the reason for suspension. [v8.2001.0 try https://www.rsyslog.com/e/2007 ] Jul 16 14:07:20 suppod-1 rsyslogd: action 'action-8-builtin:omfile' resumed (module 'builtin:omfile') [v8.2001.0 try https://www.rsyslog.com/e/2359 ] Jul 16 14:07:20 suppod-1 rsyslogd: action 'action-8-builtin:omfile' suspended (module 'builtin:omfile'), retry 0. There should be messages before this one giving the reason for suspension. [v8.2001.0 try https://www.rsyslog.com/e/2007 ] Jul 16 14:07:20 suppod-1 rsyslogd: action 'action-8-builtin:omfile' resumed (module 'builtin:omfile') [v8.2001.0 try https://www.rsyslog.com/e/2359 ] Jul 16 14:07:20 suppod-1 rsyslogd: action 'action-8-builtin:omfile' suspended (module 'builtin:omfile'), retry 0. There should be messages before this one giving the reason for suspension. [v8.2001.0 try https://www.rsyslog.com/e/2007 ] Jul 16 14:07:20 suppod-1 rsyslogd: action 'action-8-builtin:omfile' resumed (module 'builtin:omfile') [v8.2001.0 try https://www.rsyslog.com/e/2359 ] Jul 16 14:07:20 suppod-1 rsyslogd: action 'action-8-builtin:omfile' suspended (module 'builtin:omfile'), retry 0. There should be messages before this one giving the reason for suspension. [v8.2001.0 try https://www.rsyslog.com/e/2007 ] Jul 16 14:07:20 suppod-1 rsyslogd: action 'action-8-builtin:omfile' resumed (module 'builtin:omfile') [v8.2001.0 try https://www.rsyslog.com/e/2359 ] Jul 16 14:07:20 suppod-1 rsyslogd: action 'action-8-builtin:omfile' suspended (module 'builtin:omfile'), retry 0. There should be messages before this one giving the reason for suspension. [v8.2001.0 try https://www.rsyslog.com/e/2007 ] Jul 16 14:07:20 suppod-1 rsyslogd: action 'action-8-builtin:omfile' resumed (module 'builtin:omfile') [v8.2001.0 try https://www.rsyslog.com/e/2359 ] Jul 16 14:07:20 suppod-1 rsyslogd: action 'action-8-builtin:omfile' suspended (module 'builtin:omfile'), retry 0. There should be messages before this one giving the reason for suspension. [v8.2001.0 try https://www.rsyslog.com/e/2007 ] Jul 16 14:07:20 suppod-1 rsyslogd: action 'action-8-builtin:omfile' resumed (module 'builtin:omfile') [v8.2001.0 try https://www.rsyslog.com/e/2359 ] Jul 16 14:07:20 suppod-1 rsyslogd: action 'action-8-builtin:omfile' suspended (module 'builtin:omfile'), retry 0. There should be messages before this one giving the reason for suspension. [v8.2001.0 try https://www.rsyslog.com/e/2007 ] Jul 16 14:07:20 suppod-1 rsyslogd: action 'action-8-builtin:omfile' resumed (module 'builtin:omfile') [v8.2001.0 try https://www.rsyslog.com/e/2359 ] Jul 16 14:07:20 suppod-1 rsyslogd: action 'action-8-builtin:omfile' suspended (module 'builtin:omfile'), retry 0. There should be messages before this one giving the reason for suspension. [v8.2001.0 try https://www.rsyslog.com/e/2007 ] Jul 16 14:07:20 suppod-1 rsyslogd: action 'action-8-builtin:omfile' resumed (module 'builtin:omfile') [v8.2001.0 try https://www.rsyslog.com/e/2359 ] Jul 16 14:07:20 suppod-1 rsyslogd: action 'action-8-builtin:omfile' suspended (module 'builtin:omfile'), retry 0. There should be messages before this one giving the reason for suspension. [v8.2001.0 try https://www.rsyslog.com/e/2007 ] Jul 16 14:07:20 suppod-1 rsyslogd: action 'action-8-builtin:omfile' resumed (module 'builtin:omfile') [v8.2001.0 try https://www.rsyslog.com/e/2359 ] Jul 16 14:07:20 suppod-1 rsyslogd: action 'action-8-builtin:omfile' suspended (module 'builtin:omfile'), retry 0. There should be messages before this one giving the reason for suspension. [v8.2001.0 try https://www.rsyslog.com/e/2007 ] Jul 16 14:07:20 suppod-1 rsyslogd: action 'action-8-builtin:omfile' suspended (module 'builtin:omfile'), next retry is Sat Jul 16 14:07:50 2022, retry nbr 0. There should be messages before this one giving the reason for suspension. [v8.2001.0 try https://www.rsyslog.com/e/2007 ] On Fri, Jul 15, 2022 at 8:03 PM David Ramirez <[email protected]> wrote: > Never mind Mike. It was a silly mistake from my end. After re-reading the > manual I saw the note on the reverse proxy max file size. > It turns out I am accessing guacamole over a NGNIX reverse proxy and the > file size DOES exceed what I configured on it. > After increasing it, the file went through. > Apologies for the silly mistake. > Regards, > David. > > > On Fri, Jul 15, 2022 at 7:57 PM David Ramirez <[email protected]> wrote: > >> Thanks for the quick reply Mike! >> I did try to find the error on the public email archive along with the >> JIRA. So I guess that is why I couldn't find it... >> Just to be clear, by Custom SVC you mean: Custom Service, I am not. >> This is the current scenario: >> * Guacd and Guacamole Client 1.4.0 running on an Ubuntu Server 20.04. >> * I am connecting to a Windows 10 RDP fully patched to June 2022. >> * Connecting to Guacamole with MS Edge VersiĆ³n 103.0.1264.49 (64 Bits) >> * Simple guacamole config using only the user-mapping.xml file. >> * This is the connection as configured on the above file: >> <connection name="Win10"> >> <protocol>rdp</protocol> >> <param name="hostname">172.16.100.220</param> >> <param name="port">3389</param> >> <param name="username">user</param> >> <param name="password">password</param> >> <param name="ignore-cert">true</param> >> <param name="enable-drive">true</param> >> <param name="drive-name">Training2021</param> >> <param name="drive-path">/root/user</param> >> </connection> >> * I am ashamed to say that I am running Guacamole as root. But that is >> another email thread. >> >> To reproduce the error, I try to place the file in two ways, both fail: >> * Copy and paste on the Guacamole RDP connection from the Win10 Folder to >> the Guacamole Shared Drive. >> - The file is apparently uploaded but it is immediately downloaded on the >> MS Edge browser. The file is not shown at all. >> * Upload with the Context Menu: CTRL+ALT+SHIFT, Upload and there is a >> permissions error: You don't have permissions to upload this file. If you >> need access, please verify the system configuration or contact the system >> administrator. >> - After doing this, an empty file appears on the share with the right >> name. >> >> It is quite easy to reproduce. I can enable debug if this can provide >> additional information. >> Thanks again for the quick reply, please feel free to let me know how can >> I assist in finding the cause or which configuration parameter, if any, I >> have to change. >> Regards, >> David. >> >> On Fri, Jul 15, 2022 at 7:40 PM Michael Jumper <[email protected]> >> wrote: >> >>> What you're seeing has nothing to do with Tomcat, nor with file uploads, >>> but with the size of the data sent by the RDP server to Guacamole and the >>> limits built into guacd. The SVC implementation within guac's RDP support >>> has a built-in limit of 1 MB per received PDU: >>> >>> >>> https://github.com/apache/guacamole-server/blob/b2ae2fdf003a6854ac42877ce0fce8e88ceb038a/src/protocols/rdp/channels/common-svc.h#L37-L42 >>> >>> The warning you're seeing is from here: >>> >>> >>> https://github.com/apache/guacamole-server/blob/b2ae2fdf003a6854ac42877ce0fce8e88ceb038a/src/protocols/rdp/plugins/guac-common-svc/guac-common-svc.c#L114-L122 >>> >>> I've not seen this before with any standard RDP channel. Are you doing >>> anything else within the connection in question? Any custom SVC? >>> >>> - Mike >>> >>> >>> On Fri, Jul 15, 2022 at 5:31 PM David Ramirez <[email protected]> >>> wrote: >>> >>>> Hi to all! I've been using Guacamole for a while for training gateway >>>> purposes and it is just great! Thanks for an amazing open source product! >>>> Now I am writing because I need help from the Gurus. I know it is a >>>> configuration parameter that will likely has to be added to: >>>> /var/lib/tomcat9/web-apps/guacamole/WEB-INF/web.xml >>>> But it has been decades since I've configured Tomcat9 directly and I am >>>> afraid that any change that I do will break things further. >>>> The error itself is self explanatory: >>>> Jul 15 18:16:20 suppod-1 guacd[2253]: RDP server has requested to send >>>> a sequence of 1048632 bytes, but this exceeds the maximum buffer space of >>>> 1048576 bytes. Received data may be truncated. >>>> >>>> When looking on the Guacamole documentation, nothing is mentioned that >>>> I could find. >>>> When going to the Tomcat9 documentation I found some parameters to >>>> modify, all on the web.xml file but as I said, I do not know where to do it >>>> on the guacamole WEB-INF/web.xml file. >>>> The parameter that *looked to me* that may be the one is the following: >>>> <init-param> >>>> <param-name>buffered</param-name> >>>> <param-value>1</param-value> >>>> </init-param> >>>> >>>> As the limit described on the error is 1MB. >>>> >>>> I understand this may be a silly question, if anyone could point me in >>>> the right direction would be really appreciated. >>>> Thanks for any assistance you may provide! >>>> David. >>>> >>>> For reference, here is a more complete section of the log with the >>>> error. The filename TokenDistributionPKG.zip file is the one I am trying to >>>> upload. >>>> >>>> Jul 15 18:15:58 suppod-1 guacd[2253]: File open refused (-2): >>>> "\desktop.ini" >>>> Jul 15 18:16:00 suppod-1 guacd[2253]: File open refused (-2): >>>> "\Download\desktop.ini" >>>> Jul 15 18:16:20 suppod-1 guacd[2253]: RDP server has requested to send >>>> a sequence of 1048632 bytes, but this exceeds the maximum buffer space of >>>> 1048576 bytes. Received data may be truncated. >>>> Jul 15 18:16:33 suppod-1 guacd[2253]: message repeated 27 times: [ RDP >>>> server has requested to send a sequence of 1048632 bytes, but this exceeds >>>> the maximum buffer space of 1048576 bytes. Received data may be truncated.] >>>> Jul 15 18:16:34 suppod-1 guacd[2253]: File open refused (-2): >>>> "\Download\TokenDistributionPKG.zip:Zone.Identifier" >>>> Jul 15 18:16:34 suppod-1 guacd[2253]: File open refused (-2): >>>> "\Download\TokenDistributionPKG.zip:Zone.Identifier" >>>> Jul 15 18:16:34 suppod-1 guacd[2253]: File open refused (-2): >>>> "\Download\TokenDistributionPKG.zip" >>>> Jul 15 18:16:35 suppod-1 guacd[2253]: message repeated 2 times: [ File >>>> open refused (-2): "\Download\TokenDistributionPKG.zip"] >>>> Jul 15 18:16:56 suppod-1 guacd[2253]: RDP server has requested to send >>>> a sequence of 1048632 bytes, but this exceeds the maximum buffer space of >>>> 1048576 bytes. Received data may be truncated. >>>> Jul 15 18:17:13 suppod-1 guacd[2253]: message repeated 27 times: [ RDP >>>> server has requested to send a sequence of 1048632 bytes, but this exceeds >>>> the maximum buffer space of 1048576 bytes. Received data may be truncated.] >>>> Jul 15 18:17:14 suppod-1 guacd[2253]: File open refused (-2): >>>> "\TokenDistributionPKG.zip:Zone.Identifier" >>>> Jul 15 18:17:14 suppod-1 guacd[2253]: File open refused (-2): >>>> "\TokenDistributionPKG.zip:Zone.Identifier" >>>> Jul 15 18:17:22 suppod-1 guacd[2253]: Accepted format: 16-bit PCM with >>>> 2 channels at 44100 Hz >>>> Jul 15 18:17:47 suppod-1 guacd[2253]: File open refused (-2): >>>> "\TokenDistributionPKG.zip" >>>> Jul 15 18:17:55 suppod-1 guacd[2217]: User >>>> "@3f34a609-c8da-417b-af58-a4fc2e9df733" disconnected (0 users remain) >>>> Jul 15 18:17:55 suppod-1 guacd[2217]: Last user of connection >>>> "$5280a8eb-b216-4fa4-8fdd-1d7421630bfd" disconnected >>>> Jul 15 18:17:55 suppod-1 tomcat9[675]: 18:17:55.502 >>>> [http-nio-8080-exec-6] INFO o.a.g.tunnel.TunnelRequestService - User >>>> "trapx" disconnected from connection "Win10Token". Duration: 1284470 >>>> milliseconds >>>> Jul 15 18:17:55 suppod-1 tomcat9[675]: Exception in thread "Thread-8" >>>> java.lang.IllegalStateException: Message will not be sent because the >>>> WebSocket session has been closed >>>> Jul 15 18:17:55 suppod-1 tomcat9[675]: #011at >>>> org.apache.tomcat.websocket.WsRemoteEndpointImplBase.writeMessagePart(WsRemoteEndpointImplBase.java:430) >>>> Jul 15 18:17:55 suppod-1 tomcat9[675]: #011at >>>> org.apache.tomcat.websocket.WsRemoteEndpointImplBase.sendMessageBlock(WsRemoteEndpointImplBase.java:309) >>>> Jul 15 18:17:55 suppod-1 tomcat9[675]: #011at >>>> org.apache.tomcat.websocket.WsRemoteEndpointImplBase.sendMessageBlock(WsRemoteEndpointImplBase.java:250) >>>> Jul 15 18:17:55 suppod-1 tomcat9[675]: #011at >>>> org.apache.tomcat.websocket.WsRemoteEndpointImplBase.sendString(WsRemoteEndpointImplBase.java:191) >>>> Jul 15 18:17:55 suppod-1 tomcat9[675]: #011at >>>> org.apache.tomcat.websocket.WsRemoteEndpointBasic.sendText(WsRemoteEndpointBasic.java:37) >>>> Jul 15 18:17:55 suppod-1 tomcat9[675]: #011at >>>> org.apache.guacamole.websocket.GuacamoleWebSocketTunnelEndpoint.sendInstruction(GuacamoleWebSocketTunnelEndpoint.java:152) >>>> Jul 15 18:17:55 suppod-1 tomcat9[675]: #011at >>>> org.apache.guacamole.websocket.GuacamoleWebSocketTunnelEndpoint.access$200(GuacamoleWebSocketTunnelEndpoint.java:53) >>>> Jul 15 18:17:55 suppod-1 tomcat9[675]: #011at >>>> org.apache.guacamole.websocket.GuacamoleWebSocketTunnelEndpoint$2.run(GuacamoleWebSocketTunnelEndpoint.java:253) >>>> Jul 15 18:17:55 suppod-1 rsyslogd: action 'action-8-builtin:omfile' >>>> resumed (module 'builtin:omfile') [v8.2001.0 try >>>> https://www.rsyslog.com/e/2359 ] >>>> Jul 15 18:17:55 suppod-1 rsyslogd: action 'action-8-builtin:omfile' >>>> suspended (module 'builtin:omfile'), retry 0. There should be messages >>>> before this one giving the reason for suspension. [v8.2001.0 try >>>> https://www.rsyslog.com/e/2007 ] >>>> Jul 15 18:17:55 suppod-1 rsyslogd: action 'action-8-builtin:omfile' >>>> resumed (module 'builtin:omfile') [v8.2001.0 try >>>> https://www.rsyslog.com/e/2359 ] >>>> Jul 15 18:17:55 suppod-1 rsyslogd: action 'action-8-builtin:omfile' >>>> suspended (module 'builtin:omfile'), retry 0. There should be messages >>>> before this one giving the reason for suspension. [v8.2001.0 try >>>> https://www.rsyslog.com/e/2007 ] >>>> Jul 15 18:17:55 suppod-1 rsyslogd: action 'action-8-builtin:omfile' >>>> resumed (module 'builtin:omfile') [v8.2001.0 try >>>> https://www.rsyslog.com/e/2359 ] >>>> Jul 15 18:17:55 suppod-1 rsyslogd: action 'action-8-builtin:omfile' >>>> suspended (module 'builtin:omfile'), retry 0. There should be messages >>>> before this one giving the reason for suspension. [v8.2001.0 try >>>> https://www.rsyslog.com/e/2007 ] >>>> Jul 15 18:17:55 suppod-1 rsyslogd: action 'action-8-builtin:omfile' >>>> resumed (module 'builtin:omfile') [v8.2001.0 try >>>> https://www.rsyslog.com/e/2359 ] >>>> Jul 15 18:17:55 suppod-1 rsyslogd: action 'action-8-builtin:omfile' >>>> suspended (module 'builtin:omfile'), retry 0. There should be messages >>>> before this one giving the reason for suspension. [v8.2001.0 try >>>> https://www.rsyslog.com/e/2007 ] >>>> Jul 15 18:17:55 suppod-1 rsyslogd: action 'action-8-builtin:omfile' >>>> resumed (module 'builtin:omfile') [v8.2001.0 try >>>> https://www.rsyslog.com/e/2359 ] >>>> Jul 15 18:17:55 suppod-1 rsyslogd: action 'action-8-builtin:omfile' >>>> suspended (module 'builtin:omfile'), retry 0. There should be messages >>>> before this one giving the reason for suspension. [v8.2001.0 try >>>> https://www.rsyslog.com/e/2007 ] >>>> Jul 15 18:17:55 suppod-1 rsyslogd: action 'action-8-builtin:omfile' >>>> resumed (module 'builtin:omfile') [v8.2001.0 try >>>> https://www.rsyslog.com/e/2359 ] >>>> Jul 15 18:17:55 suppod-1 rsyslogd: action 'action-8-builtin:omfile' >>>> suspended (module 'builtin:omfile'), retry 0. There should be messages >>>> before this one giving the reason for suspension. [v8.2001.0 try >>>> https://www.rsyslog.com/e/2007 ] >>>> Jul 15 18:17:55 suppod-1 rsyslogd: action 'action-8-builtin:omfile' >>>> resumed (module 'builtin:omfile') [v8.2001.0 try >>>> https://www.rsyslog.com/e/2359 ] >>>> Jul 15 18:17:55 suppod-1 rsyslogd: action 'action-8-builtin:omfile' >>>> suspended (module 'builtin:omfile'), retry 0. There should be messages >>>> before this one giving the reason for suspension. [v8.2001.0 try >>>> https://www.rsyslog.com/e/2007 ] >>>> Jul 15 18:17:55 suppod-1 rsyslogd: action 'action-8-builtin:omfile' >>>> resumed (module 'builtin:omfile') [v8.2001.0 try >>>> https://www.rsyslog.com/e/2359 ] >>>> Jul 15 18:17:55 suppod-1 rsyslogd: action 'action-8-builtin:omfile' >>>> suspended (module 'builtin:omfile'), retry 0. There should be messages >>>> before this one giving the reason for suspension. [v8.2001.0 try >>>> https://www.rsyslog.com/e/2007 ] >>>> Jul 15 18:17:55 suppod-1 rsyslogd: action 'action-8-builtin:omfile' >>>> resumed (module 'builtin:omfile') [v8.2001.0 try >>>> https://www.rsyslog.com/e/2359 ] >>>> Jul 15 18:17:55 suppod-1 rsyslogd: action 'action-8-builtin:omfile' >>>> suspended (module 'builtin:omfile'), retry 0. There should be messages >>>> before this one giving the reason for suspension. [v8.2001.0 try >>>> https://www.rsyslog.com/e/2007 ] >>>> Jul 15 18:17:55 suppod-1 rsyslogd: action 'action-8-builtin:omfile' >>>> resumed (module 'builtin:omfile') [v8.2001.0 try >>>> https://www.rsyslog.com/e/2359 ] >>>> Jul 15 18:17:55 suppod-1 rsyslogd: action 'action-8-builtin:omfile' >>>> suspended (module 'builtin:omfile'), retry 0. There should be messages >>>> before this one giving the reason for suspension. [v8.2001.0 try >>>> https://www.rsyslog.com/e/2007 ] >>>> Jul 15 18:17:55 suppod-1 rsyslogd: action 'action-8-builtin:omfile' >>>> suspended (module 'builtin:omfile'), next retry is Fri Jul 15 18:18:25 >>>> 2022, retry nbr 0. There should be messages before this one giving the >>>> reason for suspension. [v8.2001.0 try https://www.rsyslog.com/e/2007 ] >>>> Jul 15 18:17:55 suppod-1 guacd[2217]: Internal RDP client disconnected >>>> Jul 15 18:17:55 suppod-1 guacd[582]: Connection >>>> "$5280a8eb-b216-4fa4-8fdd-1d7421630bfd" removed. >>>> Jul 15 18:17:56 suppod-1 guacd[2106]: User >>>> "@d0d18747-c276-4420-9662-4550f1b907f7" disconnected (0 users remain) >>>> Jul 15 18:17:56 suppod-1 guacd[2106]: Last user of connection >>>> "$10b8ed36-f0fc-4dc7-a936-7a8386963f4e" disconnected >>>> >>>
