> On Wed, Mar 1, 2023 at 12:11 PM Rolf Zurbrügg <[email protected]>
> wrote:
>>
>> Hi Manuel,
>>
>> It seems, like your are not running the init script for the DB. Have you
>> tried running this:
>>
>> ```
>> docker run --rm guacamole/guacamole /opt/guacamole/bin/initdb.sh
>> --mysql > guac_db.sql ``` From the error it seems as if your DB is not
>> initialised.
>>
>
>Just make sure to use the --postgres option, instead.
>
>-Nick
Hi Rolf and Nick ,
1. My colleague tried to set it up with the initdb.sh script for mysql using
the mysql option. But the only thing what happened was, that it created a
initdb.sql file in the /home/ directory of the guacamole container. He was not
able to init the mysqldb with this script. We verified this with mysql
workbench. He then tried to initialize the mysql db manually.
2. I also tried to set it up with postgres. I never used the initdb.sh command.
I always used the scripts available on the following link and initialized the
db manually, like its described in the documentation on docker hub
("Alternatively, you can use the SQL scripts included with
guacamole-auth-jdbc."):
https://github.com/apache/guacamole-client/tree/0.9.10-incubating/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/schema
I verified the initialization with pgAdmin. We can see all schemes and types
and also the guacadmin user.
3. Further informations and questions:
a) We checked /home/guacamole/.guacamole/guacamole.propertiers . All necessary
informations for the database are included:
guacd-hostname: 172.17.0.5
guacd-port: 4822
postgresql-username: guacamole_user
postgresql-password: ourpassword
postgresql-database: guacamole_db
postgresql-hostname: 172.17.0.3
postgresql-port: 5432
We can connect to the postgres db using the above credentials with pgAdmin or
over cli.
b) We installed ip utilities inside the guacamole container and we can ping the
postgres/mysql and guacd from inside. IP-connectivity seems not to be the
problem.
c) We also noticed, that the script on github (see link above) are for version
0.9.10. Is this correct? Because we also noticed, that these are 7 years old.
We compared the scripts from the link above with the scrits from inside the
guacamole container ( /opt/guacamole/postgresql/schema ->
001-create-schema.sql 002-create-admin-user.sql ).
We found out, that these files do have much more sql code inside, so those on
git are outdated.
Because of this, we deleted all containers and started again with the newer SQL
files. But its still not working. Attached you will find the current Log. Its
still the authentication provider error.
Manuel
02-Mar-2023 09:46:43.069 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Command line argument:
-Dcatalina.base=/home/guacamole/tomcat
02-Mar-2023 09:46:43.069 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Command line argument:
-Dcatalina.home=/usr/local/tomcat
02-Mar-2023 09:46:43.069 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Command line argument:
-Djava.io.tmpdir=/home/guacamole/tomcat/temp
02-Mar-2023 09:46:43.070 INFO [main]
org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Loaded Apache
Tomcat Native library [1.2.36] using APR version [1.7.0].
02-Mar-2023 09:46:43.070 INFO [main]
org.apache.catalina.core.AprLifecycleListener.lifecycleEvent APR capabilities:
IPv6 [true], sendfile [true], accept filters [false], random [true], UDS [{4}].
02-Mar-2023 09:46:43.070 INFO [main]
org.apache.catalina.core.AprLifecycleListener.lifecycleEvent APR/OpenSSL
configuration: useAprConnector [false], useOpenSSL [true]
02-Mar-2023 09:46:43.083 INFO [main]
org.apache.catalina.core.AprLifecycleListener.initializeSSL OpenSSL
successfully initialized [OpenSSL 3.0.2 15 Mar 2022]
02-Mar-2023 09:46:43.200 INFO [main] org.apache.coyote.AbstractProtocol.init
Initializing ProtocolHandler ["http-nio-8080"]
02-Mar-2023 09:46:43.217 INFO [main] org.apache.catalina.startup.Catalina.load
Initialization processed in 514 ms
02-Mar-2023 09:46:43.239 INFO [main]
org.apache.catalina.core.StandardService.startInternal Starting service
[Catalina]
02-Mar-2023 09:46:43.239 INFO [main]
org.apache.catalina.core.StandardEngine.startInternal Starting Servlet engine:
[Apache Tomcat/8.5.86]
02-Mar-2023 09:46:43.258 INFO [localhost-startStop-1]
org.apache.catalina.startup.HostConfig.deployWAR Deploying web application
archive [/home/guacamole/tomcat/webapps/guacamole.war]
02-Mar-2023 09:46:44.344 INFO [localhost-startStop-1]
org.apache.jasper.servlet.TldScanner.scanJars At least one JAR was scanned for
TLDs yet contained no TLDs. Enable debug logging for this logger for a complete
list of JARs that were scanned but no TLDs were found in them. Skipping
unneeded JARs during scanning can improve startup time and JSP compilation time.
09:46:44.680 [localhost-startStop-1] INFO o.a.g.environment.LocalEnvironment -
GUACAMOLE_HOME is "/home/guacamole/.guacamole".
09:46:44.749 [localhost-startStop-1] INFO
o.a.g.GuacamoleServletContextListener - Read configuration parameters from
"/home/guacamole/.guacamole/guacamole.properties".
09:46:44.750 [localhost-startStop-1] INFO o.a.g.rest.auth.HashTokenSessionMap
- Sessions will expire after 60 minutes of inactivity.
09:46:45.635 [localhost-startStop-1] INFO o.a.g.extension.ExtensionModule -
Extension "PostgreSQL Authentication" (postgresql) loaded.
09:46:45.757 [localhost-startStop-1] INFO o.a.g.t.w.WebSocketTunnelModule -
Loading JSR-356 WebSocket support...
02-Mar-2023 09:46:46.545 INFO [localhost-startStop-1]
org.apache.catalina.startup.HostConfig.deployWAR Deployment of web application
archive [/home/guacamole/tomcat/webapps/guacamole.war] has finished in [3,287]
ms
02-Mar-2023 09:46:46.555 INFO [main] org.apache.coyote.AbstractProtocol.start
Starting ProtocolHandler ["http-nio-8080"]
02-Mar-2023 09:46:46.565 INFO [main] org.apache.catalina.startup.Catalina.start
Server startup in 3347 ms
09:47:25.774 [http-nio-8080-exec-2] WARN o.a.g.e.AuthenticationProviderFacade
- The "postgresql" authentication provider has encountered an internal error
which will halt the authentication process. If this is unexpected or you are
the developer of this authentication provider, you may wish to enable
debug-level logging. If this is expected and you wish to ignore such failures
in the future, please set "skip-if-unavailable: postgresql" within your
guacamole.properties.
09:47:25.776 [http-nio-8080-exec-2] ERROR o.a.g.rest.RESTExceptionMapper -
Unexpected internal error:
### Error querying database. Cause: org.postgresql.util.PSQLException: ERROR:
permission denied for table guacamole_user
### The error may exist in org/apache/guacamole/auth/jdbc/user/UserMapper.xml
### The error may involve defaultParameterMap
### The error occurred while setting parameters
### SQL: SELECT guacamole_user.user_id,
guacamole_entity.entity_id, guacamole_entity.name,
password_hash, password_salt, password_date,
disabled, expired, access_window_start,
access_window_end, valid_from, valid_until,
timezone, full_name, email_address,
organization, organizational_role, MAX(start_date) AS
last_active FROM guacamole_user JOIN guacamole_entity ON
guacamole_user.entity_id = guacamole_entity.entity_id LEFT JOIN
guacamole_user_history ON guacamole_user_history.user_id =
guacamole_user.user_id WHERE guacamole_entity.name = ?
AND guacamole_entity.type = 'USER'::guacamole_entity_type GROUP
BY guacamole_user.user_id, guacamole_entity.entity_id; SELECT
guacamole_user_attribute.user_id,
guacamole_user_attribute.attribute_name,
guacamole_user_attribute.attribute_value FROM guacamole_user_attribute
JOIN guacamole_user ON guacamole_user.user_id =
guacamole_user_attribute.user_id JOIN guacamole_entity ON
guacamole_user.entity_id = guacamole_entity.entity_id WHERE
guacamole_entity.name = ? AND guacamole_entity.type =
'USER'::guacamole_entity_type
### Cause: org.postgresql.util.PSQLException: ERROR: permission denied for
table guacamole_user
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
