Incompatibility with Debian 12 ?

[gauthi3r]

Hello,

After several tests, I realized that the latest versions of Guacamole 1.5.1 or 1.5.2 no longer work under Debian 12.

Another strange behavior, when I have my guacamole installed on a debian 11 in version 1.5.1 or 1.5.2 :

• I can ssh a machine running Debian 11 or lower

• I can't connect with ssh on a machine running Debian 12.

Question : I'm alone in theses cases ?

Thx

[itiligent]

you're not alone... somthing has changed...

I've not tracked it down past these below linked notes as yet, but database permissions/or build seem to fail somehow.. More specifically, if feeding a port number inside the mysql -u root -P ${port} command, the connections fail with a logon issue. I found that omitting the port number in the mysql -u root command seems to work and doesnt give any authentication error. From mthere the install works ok (but is broken somewhere further downstream and thats as far as I got.) BTW you may find there are tomcat10 and other debian dependency issues with this guac-install in Deb 12 (take a look ay my appliance build repo to solve) I'm not a database guy so I've not really got any solid ideas as yet.. heres the notes so far... https://github.com/itiligent/Guacamole-Setup/issues/8

BTW use security keys for Deb12 - Password auth in a default install didnt work for me either, depite checking all the normal things. I didnt spend too much time on it and assume its some other hardnenign somewhere. I added keys and all was fine.

edit: also debian 11/ubuntu 22 depricated rsa keys (if you used puttygen?) sed -i '$ a PubkeyAcceptedKeyTypes +ssh-rsa' /etc/ssh/sshd_config service ssh restart

[gauthi3r]

it's ok if i add theses two lines at the end of /etc/ssh/sshd_config

HostKeyAlgorithms ssh-rsa,ssh-dss
PubkeyAcceptedKeyTypes ssh-rsa,ssh-dss

Then reload ssh

service ssh restart

you can connect on debian 12 from guacamole 1.5.2 (installed on debian 11)

[atlasgooner]

Setting up a new Guacamole config and the script no longer works. Based on my investigation, it seems as if Tomcat 10 is available for download via APT for Debian 12, while Tomcat 9 isn't but guac_install hasn't accounted for it in the script.

[chz87]

it is quite more complicated. you can adjust so lines in the script to run on debian 12 but like @atlasgooner atlasgooner wrote debian 12 will ship tomcat10. ... and what a surprise tomcat10 changed from javax to jakarta https://tomcat.apache.org/migration-10.html#Servlet_5.0_API. so even if you add [[ "${PRETTY_NAME}" == "bookworm" ]] to the libpng-dev if-statment and tomcat10 if [[ $( apt-cache show tomcat10 2> /dev/null | egrep "Version: 10" | wc -l ) -gt 0 ]]; then echo -e "${BLUE}Found tomcat10 package...${NC}" TOMCAT="tomcat10" you have to change timezone settings crudini --set ${mysqlconfig} mysqld default_time_zone "${timezone}" crudini --set ${mysqlconfig} mysqld default_time_zone "${date +%:z}"

it will not work because of SEVERE [main] org.apache.catalina.core.StandardContext.listenerStart Error configuring application listener of class [org.apache.guacamole.GuacamoleServletContextListener] java.lang.NoClassDefFoundError: javax/servlet/ServletContextListener

We have to wait until the guacamole dev team take care of tomcat 10 support.

[itiligent]

Thanks heaps for that deeper info @chz87. Really helpful as I spent a while on this last week and eventually came to a similar suspicion that there was a something not right with Tomcat as I'd fixed all the other small issues and even messed about with earlier DB versions and database permissions to eliminate several other new install quirks. I briefly messed about with downgrading tomcat but that was a rabbit hole. Will just wait to see what the Guac dev team do next and adapt things when there's something to work with.

[itiligent]

Debian 12 works fine now.

See my repo here: https://github.com/itiligent/Guacamole-Install

Things in this old script have drifted a fair bit. In my version I had to totally rework the timezone setup to support both MySQL and MariaDB variants and bunch of other SQL issues to sort using the minimium software footprint. FYI there is currently no choice but to rely on old-stable tomcat9 until the Guac devs can update things for the recent java changes.

In this process I also added a new script to build just the standalone MySQL backend layer (for those who need a multi server HA delployment!) My main installer is now fixed to properly work with either a localhost or remote MySQL instance install on Debian 12!