search

alexbelgium / hassio-addons

My homeassistant addons
MIT License
1.47k stars 210 forks source link

🐛 [Guacamole client] Addon re-install still requires an old authentication code #1326

Closed yeaaaaaahh closed 5 months ago

yeaaaaaahh commented 5 months ago

Description

Installed the addon previously, only to uninstall (and deleted the auth code config). Reinstalled today, and it is asking for authentication code still.

Reproduction steps

1. Install add-on, setup & run - configure authentication code
2. Uninstall add-on
3. Re-install add-on
4. Login with default user/pass (guacadmin/guacadmin)
5. Authentication code requested

Addon Logs

Starting the upstream container

s6-rc: info: service s6rc-fdholder: starting
s6-rc: info: service s6rc-oneshot-runner: starting
s6-rc: info: service s6rc-oneshot-runner successfully started
s6-rc: info: service fix-attrs: starting
s6-rc: info: service s6rc-fdholder successfully started
s6-rc: info: service fix-attrs successfully started
s6-rc: info: service legacy-cont-init: starting
s6-rc: info: service legacy-cont-init successfully started
s6-rc: info: service syslogd-prepare: starting
s6-rc: info: service syslogd-prepare successfully started
s6-rc: info: service syslogd-log: starting
s6-rc: info: service syslogd-log successfully started
s6-rc: info: service syslogd: starting
s6-rc: info: service syslogd successfully started
s6-rc: info: service legacy-services: starting
services-up: info: copying legacy longrun guacamole (no readiness notification)
services-up: info: copying legacy longrun guacd (no readiness notification)
services-up: info: copying legacy longrun nginx (no readiness notification)
services-up: info: copying legacy longrun postgres (no readiness notification)
Starting guacamole guacd...
Starting postgres...
/var/run/postgresql:5432 - no response
Waiting for postgres to come up...
s6-rc: info: service legacy-services successfully started
guacd[496]: INFO:   Guacamole proxy daemon (guacd) version 1.5.5 started
guacd[496]: INFO:   Listening on host 0.0.0.0, port 4822
2024-03-31 13:07:23.879 NZDT [499] LOG:  starting PostgreSQL 13.14 (Ubuntu 13.14-1.pgdg22.04+1) on aarch64-unknown-linux-gnu, compiled by gcc (Ubuntu 11.4.0-1ubuntu1~22.04) 11.4.0, 64-bit
2024-03-31 13:07:23.881 NZDT [499] LOG:  listening on IPv4 address "127.0.0.1", port 5432
2024-03-31 13:07:23.882 NZDT [499] LOG:  could not bind IPv6 address "::1": Cannot assign requested address
2024-03-31 13:07:23.882 NZDT [499] HINT:  Is another postmaster already running on port 5432? If not, wait a few seconds and retry.
2024-03-31 13:07:23.886 NZDT [499] LOG:  listening on Unix socket "/var/run/postgresql/.s.PGSQL.5432"
2024-03-31 13:07:23.898 NZDT [513] LOG:  database system was shut down at 2024-03-31 13:07:08 NZDT
2024-03-31 13:07:23.922 NZDT [499] LOG:  database system is ready to accept connections
2024-03-31 13:07:24.762 NZDT [522] FATAL:  role "root" does not exist
/var/run/postgresql:5432 - accepting connections
Starting guacamole client...
NOTE: Picked up JDK_JAVA_OPTIONS:  --add-opens=java.base/java.lang=ALL-UNNAMED --add-opens=java.base/java.io=ALL-UNNAMED --add-opens=java.base/java.util=ALL-UNNAMED --add-opens=java.base/java.util.concurrent=ALL-UNNAMED --add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED
31-Mar-2024 13:07:27.110 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Server version name:   Apache Tomcat/9.0.86
31-Mar-2024 13:07:27.125 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Server built:          Feb 14 2024 08:15:12 UTC
31-Mar-2024 13:07:27.127 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Server version number: 9.0.86.0
31-Mar-2024 13:07:27.128 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log OS Name:               Linux
31-Mar-2024 13:07:27.130 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log OS Version:            6.1.73-haos-raspi
31-Mar-2024 13:07:27.131 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Architecture:          aarch64
31-Mar-2024 13:07:27.132 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Java Home:             /opt/java/openjdk
31-Mar-2024 13:07:27.134 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log JVM Version:           11.0.22+7
31-Mar-2024 13:07:27.135 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log JVM Vendor:            Eclipse Adoptium
31-Mar-2024 13:07:27.137 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log CATALINA_BASE:         /usr/local/tomcat
31-Mar-2024 13:07:27.138 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log CATALINA_HOME:         /usr/local/tomcat
31-Mar-2024 13:07:27.223 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: --add-opens=java.base/java.lang=ALL-UNNAMED
31-Mar-2024 13:07:27.224 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: --add-opens=java.base/java.io=ALL-UNNAMED
31-Mar-2024 13:07:27.226 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: --add-opens=java.base/java.util=ALL-UNNAMED
31-Mar-2024 13:07:27.227 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: --add-opens=java.base/java.util.concurrent=ALL-UNNAMED
31-Mar-2024 13:07:27.229 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: --add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED
31-Mar-2024 13:07:27.230 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.util.logging.config.file=/usr/local/tomcat/conf/logging.properties
31-Mar-2024 13:07:27.232 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager
31-Mar-2024 13:07:27.233 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djdk.tls.ephemeralDHKeySize=2048
31-Mar-2024 13:07:27.234 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.protocol.handler.pkgs=org.apache.catalina.webresources
31-Mar-2024 13:07:27.236 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Dorg.apache.catalina.security.SecurityListener.UMASK=0027
31-Mar-2024 13:07:27.238 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Dignore.endorsed.dirs=
31-Mar-2024 13:07:27.239 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Dcatalina.base=/usr/local/tomcat
31-Mar-2024 13:07:27.241 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Dcatalina.home=/usr/local/tomcat
31-Mar-2024 13:07:27.242 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.io.tmpdir=/usr/local/tomcat/temp
31-Mar-2024 13:07:27.261 INFO [main] org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Loaded Apache Tomcat Native library [1.3.0] using APR version [1.7.0].
31-Mar-2024 13:07:27.262 INFO [main] org.apache.catalina.core.AprLifecycleListener.lifecycleEvent APR capabilities: IPv6 [true], sendfile [true], accept filters [false], random [true], UDS [true].
31-Mar-2024 13:07:27.264 INFO [main] org.apache.catalina.core.AprLifecycleListener.lifecycleEvent APR/OpenSSL configuration: useAprConnector [false], useOpenSSL [true]
31-Mar-2024 13:07:27.282 INFO [main] org.apache.catalina.core.AprLifecycleListener.initializeSSL OpenSSL successfully initialized [OpenSSL 3.0.2 15 Mar 2022]
31-Mar-2024 13:07:28.978 INFO [main] org.apache.coyote.AbstractProtocol.init Initializing ProtocolHandler ["http-nio-8080"]
31-Mar-2024 13:07:29.116 INFO [main] org.apache.catalina.startup.Catalina.load Server initialization in [3135] milliseconds
[13:07:29] INFO: Starting NGinx...
31-Mar-2024 13:07:29.411 INFO [main] org.apache.catalina.core.StandardService.startInternal Starting service [Catalina]
31-Mar-2024 13:07:29.413 INFO [main] org.apache.catalina.core.StandardEngine.startInternal Starting Servlet engine: [Apache Tomcat/9.0.86]
31-Mar-2024 13:07:29.491 INFO [main] org.apache.catalina.startup.HostConfig.deployWAR Deploying web application archive [/usr/local/tomcat/webapps/ROOT.war]
31-Mar-2024 13:07:35.973 INFO [main] org.apache.jasper.servlet.TldScanner.scanJars At least one JAR was scanned for TLDs yet contained no TLDs. Enable debug logging for this logger for a complete list of JARs that were scanned but no TLDs were found in them. Skipping unneeded JARs during scanning can improve startup time and JSP compilation time.
13:07:37.942 [main] INFO  o.a.g.environment.LocalEnvironment - GUACAMOLE_HOME is "/config".
13:07:38.372 [main] INFO  o.a.g.GuacamoleServletContextListener - Read configuration parameters from "/config/guacamole.properties".
13:07:38.384 [main] INFO  o.a.g.rest.auth.HashTokenSessionMap - Sessions will expire after 60 minutes of inactivity.
13:07:40.807 [main] INFO  o.a.g.extension.ExtensionModule - Multiple extensions are installed and will be loaded in order of decreasing priority:
13:07:40.808 [main] INFO  o.a.g.extension.ExtensionModule -  - [postgresql] "PostgreSQL Authentication" (/config/extensions/guacamole-auth-jdbc-postgresql-1.5.4.jar)
13:07:40.809 [main] INFO  o.a.g.extension.ExtensionModule -  - [totp] "TOTP TFA Authentication Backend" (/config/extensions/guacamole-auth-totp-1.5.4.jar)
13:07:40.809 [main] INFO  o.a.g.extension.ExtensionModule - To change this order, set the "extension-priority" property or rename the extension files. The default priority of extensions is dictated by the sort order of their filenames.
13:07:45.326 [main] INFO  o.a.g.extension.ExtensionModule - Extension "PostgreSQL Authentication" (postgresql) loaded.
13:07:46.248 [main] INFO  o.a.g.extension.ExtensionModule - Extension "TOTP TFA Authentication Backend" (totp) loaded.
13:07:46.764 [main] INFO  o.a.g.t.w.WebSocketTunnelModule - Loading JSR-356 WebSocket support...
13:07:49.170 [main] WARN  o.g.jersey.server.wadl.WadlFeature - JAXBContext implementation could not be found. WADL feature is disabled.
31-Mar-2024 13:07:50.389 INFO [main] org.apache.catalina.startup.HostConfig.deployWAR Deployment of web application archive [/usr/local/tomcat/webapps/ROOT.war] has finished in [20,896] ms
31-Mar-2024 13:07:50.416 INFO [main] org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler ["http-nio-8080"]
31-Mar-2024 13:07:50.467 INFO [main] org.apache.catalina.startup.Catalina.start Server startup in [21348] milliseconds
[31/Mar/2024:13:07:53 +1300] 304 192.168.1.2, 172.30.32.1(172.30.32.2) GET / HTTP/1.1 (Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36)
[31/Mar/2024:13:07:53 +1300] 200 192.168.1.2, 172.30.32.1(172.30.32.2) GET /app.css?b=20231204205818 HTTP/1.1 (Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36)
[31/Mar/2024:13:07:53 +1300] 200 192.168.1.2, 172.30.32.1(172.30.32.2) GET /app.js?b=20231204205818 HTTP/1.1 (Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36)
[31/Mar/2024:13:07:53 +1300] 200 192.168.1.2, 172.30.32.1(172.30.32.2) GET /api/patches HTTP/1.1 (Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36)
[31/Mar/2024:13:07:53 +1300] 200 192.168.1.2, 172.30.32.1(172.30.32.2) GET /api/languages HTTP/1.1 (Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36)
[31/Mar/2024:13:07:53 +1300] 200 192.168.1.2, 172.30.32.1(172.30.32.2) GET /translations/en.json HTTP/1.1 (Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36)
[31/Mar/2024:13:07:54 +1300] 403 192.168.1.2, 172.30.32.1(172.30.32.2) POST /api/tokens HTTP/1.1 (Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36)
13:08:05.628 [http-nio-8080-exec-7] INFO  o.a.g.r.auth.AuthenticationService - User "guacadmin" successfully authenticated from [192.168.1.2, 172.30.32.1, 127.0.0.1].
[31/Mar/2024:13:08:05 +1300] 403 192.168.1.2, 172.30.32.1(172.30.32.2) POST /api/tokens HTTP/1.1 (Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36)
13:08:07.061 [http-nio-8080-exec-4] INFO  o.a.g.r.auth.AuthenticationService - User "guacadmin" successfully authenticated from [192.168.1.2, 172.30.32.1, 127.0.0.1].
[31/Mar/2024:13:08:07 +1300] 400 192.168.1.2, 172.30.32.1(172.30.32.2) POST /api/tokens HTTP/1.1 (Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36)

Architecture

amd64

OS

HAos

yeaaaaaahh commented 5 months ago

Update: Changed the config from auth-totp to auth-header which allowed me to access the UI. All of my previous config was retained, so the addon-uninstallation does not delete settings etc.

alexbelgium commented 5 months ago

Hi, indeed! All configs are stored outside of the addon for easy access, and the default (recent) behavior of homeassistant is to keep that folder when uninstalling. However it can be deleted (or customized) by hand using my filebrowser addon and going in /addon_configs/xxx-guacamole

Have fun with the addons!

yeaaaaaahh commented 5 months ago

Ah makes sense, thanks Alex!