Re: Issue building the Unix daemon (jsvc) with the "configure" script in Tomcat7
Just for information, I got to run tomcat7 on AWS Linux (CentOS) as a
daemon and using port 80.
Cheers,
Fred
On Sat, Aug 25, 2012 at 4:24 PM, Fred Janon wrote:
> Thanks Martin.
>
> I get a warning in the system log at boot time, I don't understand what it
> means or where it comes from:
>
> *warning: `jsvc' uses 32-bit capabilities (legacy support in use)*
>
> Any idea?
>
> Thanks
>
> Fred
>
> On Sat, Aug 25, 2012 at 3:11 PM, Martin Gainty wrote:
>
>>
>> Its amazing what you can do with god access!
>>
>> do a quick netstat -ab | grep 80 to make sure port 80 is not already
>> taken..you dont want to accidentally step on Apache HTTP Server
>> put hostname:80 in your browser too
>>
>> //if port 80 is not bound to Apache or IIS and you want to start on port
>> 80 dont forget to change the connector port="8080" to "80" on server.xml
>>
>> //if Port 80 does not startup and netstat showed port 80 is NOT bound
>> //${catalina.home}/conf/catalina.policy is the arbiter of which tomcat
>> entities permission(s) for OS resources ..file access and SocketPermission
>> generally
>> // permissions granted for all Tomcat entities on $(catalina.home) to
>> access localhost on Port 80 via Socket
>> grant codeBase "file:${catalina.home}/-" {
>> permission java.net.SocketPermission "*.localhost:80", "connect";
>> };
>>
>> HTH
>> Martin
>> __
>> Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité
>>
>> Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene
>> Empfaenger sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte
>> Weiterleitung oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht
>> dient lediglich dem Austausch von Informationen und entfaltet keine
>> rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von
>> E-Mails koennen wir keine Haftung fuer den Inhalt uebernehmen.
>> Ce message est confidentiel et peut être privilégié. Si vous n'êtes pas
>> le destinataire prévu, nous te demandons avec bonté que pour satisfaire
>> informez l'expéditeur. N'importe quelle diffusion non autorisée ou la copie
>> de ceci est interdite. Ce message sert à l'information seulement et n'aura
>> pas n'importe quel effet légalement obligatoire. Étant donné que les email
>> peuvent facilement être sujets à la manipulation, nous ne pouvons accepter
>> aucune responsabilité pour le contenu fourni.
>>
>>
>> > From: fja...@gmail.com
>> > Date: Sat, 25 Aug 2012 11:59:16 +0200
>> > Subject: Re: Issue building the Unix daemon (jsvc) with the "configure"
>> script in Tomcat7
>> > To: mgai...@hotmail.com
>> > CC: users@tomcat.apache.org
>> >
>> > It looks like that was it, some directories (logs, work...) were created
>> > with the wrong user permissions during my previous attempts at running
>> > daemon without sudo.
>> >
>> > I deleted all the dirs and files created by ec2-user and ran "sudo
>> > ./daemon.sh start". Tomcat started without any errors and I can see the
>> > home web page.
>> >
>> > Now that it's running I wonder what do we get at running Tomcat as a
>> > service on Linux, beside being able to access the privileged ports?
>> Which I
>> > don't, I use the iptables, maybe Tomcat would be faster using port 80
>> > directly?
>> >
>> > The only thing I would like to do now is to get the logs created with
>> the
>> > tomcat user AND tomcat *group*. At the moment the logs are RW to the
>> tomcat
>> > user only, not the group.
>> >
>> > [ec2-user@ip-10-212-133-29 logs]$ ls -l
>> > -rw--- 1 tomcat tomcat 2937 Aug 25 09:47 catalina.2012-08-25.log
>> > -rw--- 1 root root 3069 Aug 25 09:48 catalina-daemon.out
>> > -rw--- 1 root root 5 Aug 25 09:47 catalina-daemon.pid
>> > -rw--- 1 tomcat tomcat0 Aug 25 09:47 host-manager.2012-08-25.log
>> > -rw--- 1 tomcat tomcat 445 Aug 25 09:47 localhost.2012-08-25.log
>> > -rw-r--r-- 1 tomcat tomcat 743 Aug 25 09:49
>> > localhost_access_log.2012-08-25.txt
>> > -rw--- 1 tomcat tomcat0 Aug 25 09:47 manager.2012-08-25.log
>> >
>> > Thanks all for your help.
>> >
>> > Fred
>> >
>> > On Sat, Aug 25, 2012 at 11:30 AM, Fred Janon wrote:
>> >
>> > > Hi Martin,
>>
Re: Issue building the Unix daemon (jsvc) with the "configure" script in Tomcat7
Thanks Martin.
I get a warning in the system log at boot time, I don't understand what it
means or where it comes from:
*warning: `jsvc' uses 32-bit capabilities (legacy support in use)*
Any idea?
Thanks
Fred
On Sat, Aug 25, 2012 at 3:11 PM, Martin Gainty wrote:
>
> Its amazing what you can do with god access!
>
> do a quick netstat -ab | grep 80 to make sure port 80 is not already
> taken..you dont want to accidentally step on Apache HTTP Server
> put hostname:80 in your browser too
>
> //if port 80 is not bound to Apache or IIS and you want to start on port
> 80 dont forget to change the connector port="8080" to "80" on server.xml
>
> //if Port 80 does not startup and netstat showed port 80 is NOT bound
> //${catalina.home}/conf/catalina.policy is the arbiter of which tomcat
> entities permission(s) for OS resources ..file access and SocketPermission
> generally
> // permissions granted for all Tomcat entities on $(catalina.home) to
> access localhost on Port 80 via Socket
> grant codeBase "file:${catalina.home}/-" {
> permission java.net.SocketPermission "*.localhost:80", "connect";
> };
>
> HTH
> Martin
> __
> Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité
>
> Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene
> Empfaenger sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte
> Weiterleitung oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht
> dient lediglich dem Austausch von Informationen und entfaltet keine
> rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von
> E-Mails koennen wir keine Haftung fuer den Inhalt uebernehmen.
> Ce message est confidentiel et peut être privilégié. Si vous n'êtes pas le
> destinataire prévu, nous te demandons avec bonté que pour satisfaire
> informez l'expéditeur. N'importe quelle diffusion non autorisée ou la copie
> de ceci est interdite. Ce message sert à l'information seulement et n'aura
> pas n'importe quel effet légalement obligatoire. Étant donné que les email
> peuvent facilement être sujets à la manipulation, nous ne pouvons accepter
> aucune responsabilité pour le contenu fourni.
>
>
> > From: fja...@gmail.com
> > Date: Sat, 25 Aug 2012 11:59:16 +0200
> > Subject: Re: Issue building the Unix daemon (jsvc) with the "configure"
> script in Tomcat7
> > To: mgai...@hotmail.com
> > CC: users@tomcat.apache.org
> >
> > It looks like that was it, some directories (logs, work...) were created
> > with the wrong user permissions during my previous attempts at running
> > daemon without sudo.
> >
> > I deleted all the dirs and files created by ec2-user and ran "sudo
> > ./daemon.sh start". Tomcat started without any errors and I can see the
> > home web page.
> >
> > Now that it's running I wonder what do we get at running Tomcat as a
> > service on Linux, beside being able to access the privileged ports?
> Which I
> > don't, I use the iptables, maybe Tomcat would be faster using port 80
> > directly?
> >
> > The only thing I would like to do now is to get the logs created with the
> > tomcat user AND tomcat *group*. At the moment the logs are RW to the
> tomcat
> > user only, not the group.
> >
> > [ec2-user@ip-10-212-133-29 logs]$ ls -l
> > -rw--- 1 tomcat tomcat 2937 Aug 25 09:47 catalina.2012-08-25.log
> > -rw--- 1 root root 3069 Aug 25 09:48 catalina-daemon.out
> > -rw--- 1 root root 5 Aug 25 09:47 catalina-daemon.pid
> > -rw--- 1 tomcat tomcat0 Aug 25 09:47 host-manager.2012-08-25.log
> > -rw--- 1 tomcat tomcat 445 Aug 25 09:47 localhost.2012-08-25.log
> > -rw-r--r-- 1 tomcat tomcat 743 Aug 25 09:49
> > localhost_access_log.2012-08-25.txt
> > -rw--- 1 tomcat tomcat0 Aug 25 09:47 manager.2012-08-25.log
> >
> > Thanks all for your help.
> >
> > Fred
> >
> > On Sat, Aug 25, 2012 at 11:30 AM, Fred Janon wrote:
> >
> > > Hi Martin,
> > >
> > > I realized that some of the directories were created with the ec2-user
> in
> > > some of my previous tries before running daemon.sh. I am deleting all
> these
> > > dirs/files and see if daemon.sh works now.
> > >
> > > Cheers,
> > >
> > > Fred
> > >
> > >
> > > On Sat, Aug 25, 2012 at 9:20 AM, Fred Janon wrote:
> > >
> > >> Thanks for the suggestions Martin, I'll give them a try in a couple of
> > >> hours, I've
Re: Issue building the Unix daemon (jsvc) with the "configure" script in Tomcat7
It looks like that was it, some directories (logs, work...) were created with the wrong user permissions during my previous attempts at running daemon without sudo. I deleted all the dirs and files created by ec2-user and ran "sudo ./daemon.sh start". Tomcat started without any errors and I can see the home web page. Now that it's running I wonder what do we get at running Tomcat as a service on Linux, beside being able to access the privileged ports? Which I don't, I use the iptables, maybe Tomcat would be faster using port 80 directly? The only thing I would like to do now is to get the logs created with the tomcat user AND tomcat *group*. At the moment the logs are RW to the tomcat user only, not the group. [ec2-user@ip-10-212-133-29 logs]$ ls -l -rw--- 1 tomcat tomcat 2937 Aug 25 09:47 catalina.2012-08-25.log -rw--- 1 root root 3069 Aug 25 09:48 catalina-daemon.out -rw--- 1 root root 5 Aug 25 09:47 catalina-daemon.pid -rw--- 1 tomcat tomcat0 Aug 25 09:47 host-manager.2012-08-25.log -rw--- 1 tomcat tomcat 445 Aug 25 09:47 localhost.2012-08-25.log -rw-r--r-- 1 tomcat tomcat 743 Aug 25 09:49 localhost_access_log.2012-08-25.txt -rw--- 1 tomcat tomcat0 Aug 25 09:47 manager.2012-08-25.log Thanks all for your help. Fred On Sat, Aug 25, 2012 at 11:30 AM, Fred Janon wrote: > Hi Martin, > > I realized that some of the directories were created with the ec2-user in > some of my previous tries before running daemon.sh. I am deleting all these > dirs/files and see if daemon.sh works now. > > Cheers, > > Fred > > > On Sat, Aug 25, 2012 at 9:20 AM, Fred Janon wrote: > >> Thanks for the suggestions Martin, I'll give them a try in a couple of >> hours, I've got to do something now. >> >> I tried the same daemon script at boot time from init.d and I get the >> same issue, it runs under root. Does that mean that my setting for the >> tomcat user for jsvc is not working? I assumed that jsvc would take that >> identity to do everything, including creating the dirs and files. >> >> Thanks >> >> Fred >> >> On Sat, Aug 25, 2012 at 3:40 AM, Martin Gainty wrote: >> >>> save yourself a ton of permission-errors grief >>> >>> login tomcat >>> mkdir /datadisk1/tomcat/conf/Catalina/localhost >>> BTW when you do a >>> ls -al /datadisk1/tomcat/conf/Catalina/localhost >>> you should have god rights rwd pretty much everything >>> >>> >>> sudo is tricky because you'll need to add tomcat user to run the tomcat >>> daemon(sh) to >>> >>> /etc/sudoers >>> >>> but then you'll only have permission to run daemon(.sh) >>> access to temp, work and log folders have not been granted >>> >>> >>> >>> cd $CATALINA_BASE >>> chown tomcat work >>> chown tomcat logs >>> chown tomcat temp >>> >>> Your clock is 6 hours ahead of me so you will receive this email very >>> early am..i assume you're in CET >>> I'll check back SAT roughly 8am CST >>> Martin Gainty >>> __ >>> Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité >>> >>> Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene >>> Empfaenger sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte >>> Weiterleitung oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht >>> dient lediglich dem Austausch von Informationen und entfaltet keine >>> rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von >>> E-Mails koennen wir keine Haftung fuer den Inhalt uebernehmen. >>> >>> Ce message est confidentiel et peut être privilégié. Si vous n'êtes pas le >>> destinataire prévu, nous te demandons avec bonté que pour satisfaire >>> informez l'expéditeur. N'importe quelle diffusion non autorisée ou la copie >>> de ceci est interdite. Ce message sert à l'information seulement et n'aura >>> pas n'importe quel effet légalement obligatoire. Étant donné que les email >>> peuvent facilement être sujets à la manipulation, nous ne pouvons accepter >>> aucune responsabilité pour le contenu fourni. >>> >>> >>> >>> >>> > From: fja...@gmail.com >>> > Date: Sat, 25 Aug 2012 00:22:50 +0200 >>> > Subject: Re: Issue building the Unix daemon (jsvc) with the >>> "configure" script in Tomcat7 >>> > To: users@tomcat.apache.org >>> >>> > >>>
Re: Issue building the Unix daemon (jsvc) with the "configure" script in Tomcat7
Hi Martin, I realized that some of the directories were created with the ec2-user in some of my previous tries before running daemon.sh. I am deleting all these dirs/files and see if daemon.sh works now. Cheers, Fred On Sat, Aug 25, 2012 at 9:20 AM, Fred Janon wrote: > Thanks for the suggestions Martin, I'll give them a try in a couple of > hours, I've got to do something now. > > I tried the same daemon script at boot time from init.d and I get the same > issue, it runs under root. Does that mean that my setting for the tomcat > user for jsvc is not working? I assumed that jsvc would take that identity > to do everything, including creating the dirs and files. > > Thanks > > Fred > > On Sat, Aug 25, 2012 at 3:40 AM, Martin Gainty wrote: > >> save yourself a ton of permission-errors grief >> >> login tomcat >> mkdir /datadisk1/tomcat/conf/Catalina/localhost >> BTW when you do a >> ls -al /datadisk1/tomcat/conf/Catalina/localhost >> you should have god rights rwd pretty much everything >> >> sudo is tricky because you'll need to add tomcat user to run the tomcat >> daemon(sh) to >> >> /etc/sudoers >> >> but then you'll only have permission to run daemon(.sh) >> access to temp, work and log folders have not been granted >> >> >> cd $CATALINA_BASE >> chown tomcat work >> chown tomcat logs >> chown tomcat temp >> >> Your clock is 6 hours ahead of me so you will receive this email very >> early am..i assume you're in CET >> I'll check back SAT roughly 8am CST >> Martin Gainty >> __ >> Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité >> >> Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene >> Empfaenger sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte >> Weiterleitung oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht >> dient lediglich dem Austausch von Informationen und entfaltet keine >> rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von >> E-Mails koennen wir keine Haftung fuer den Inhalt uebernehmen. >> >> Ce message est confidentiel et peut être privilégié. Si vous n'êtes pas le >> destinataire prévu, nous te demandons avec bonté que pour satisfaire >> informez l'expéditeur. N'importe quelle diffusion non autorisée ou la copie >> de ceci est interdite. Ce message sert à l'information seulement et n'aura >> pas n'importe quel effet légalement obligatoire. Étant donné que les email >> peuvent facilement être sujets à la manipulation, nous ne pouvons accepter >> aucune responsabilité pour le contenu fourni. >> >> >> >> >> > From: fja...@gmail.com >> > Date: Sat, 25 Aug 2012 00:22:50 +0200 >> > Subject: Re: Issue building the Unix daemon (jsvc) with the "configure" >> script in Tomcat7 >> > To: users@tomcat.apache.org >> >> > >> > Hi Jeff, >> > >> > I tried both: >> > >> > [ec2-user@ip-10-34-89-185 bin]$ ./daemon.sh start >> > Cannot set group id for user 'tomcat' >> > Error validating user 'tomcat' >> > >> > With sudo, I get the permissions issue. ec2-user is a sudoer. >> > >> > sudo ./daemon.sh start >> > >> > *SEVERE: Unable to create directory for deployment: >> > /datadisk1/tomcat/conf/Catalina/localhost* >> > Aug 24, 2012 1:29:12 PM org.apache.catalina.startup.HostConfig >> > deployDirectory >> > INFO: Deploying web application directory >> /datadisk1/tomcat/webapps/examples >> > Aug 24, 2012 1:29:12 PM org.apache.catalina.core.StandardContext >> > postWorkDirectory >> > *WARNING: Failed to create work directory >> > [/datadisk1/tomcat/work/Catalina/localhost/examples] for context >> [/examples] >> > * >> > Aug 24, 2012 1:29:13 PM org.apache.jasper.EmbeddedServletOptions >> > *SEVERE: The scratchDir you specified: >> > /datadisk1/tomcat/work/Catalina/localhost/examples is unusable.* >> > >> > I am trying to see the whole command passed to jsvc but I am not fluent >> in >> > shell scripts and I can't get to echo it yet. >> > >> > Fred >> > >> > On Fri, Aug 24, 2012 at 10:45 PM, Jeff MAURY > >wrote: >> > >> > > It probably means your current user (ec2-user) has not the rights to >> run as >> > > tomcat user. >> > > Try the same comm
Re: Issue building the Unix daemon (jsvc) with the "configure" script in Tomcat7
Thanks for the suggestions Martin, I'll give them a try in a couple of hours, I've got to do something now. I tried the same daemon script at boot time from init.d and I get the same issue, it runs under root. Does that mean that my setting for the tomcat user for jsvc is not working? I assumed that jsvc would take that identity to do everything, including creating the dirs and files. Thanks Fred On Sat, Aug 25, 2012 at 3:40 AM, Martin Gainty wrote: > save yourself a ton of permission-errors grief > > login tomcat > mkdir /datadisk1/tomcat/conf/Catalina/localhost > BTW when you do a > ls -al /datadisk1/tomcat/conf/Catalina/localhost > you should have god rights rwd pretty much everything > > sudo is tricky because you'll need to add tomcat user to run the tomcat > daemon(sh) to > > /etc/sudoers > > but then you'll only have permission to run daemon(.sh) > access to temp, work and log folders have not been granted > > cd $CATALINA_BASE > chown tomcat work > chown tomcat logs > chown tomcat temp > > Your clock is 6 hours ahead of me so you will receive this email very > early am..i assume you're in CET > I'll check back SAT roughly 8am CST > Martin Gainty > __ > Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité > > Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene > Empfaenger sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte > Weiterleitung oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht > dient lediglich dem Austausch von Informationen und entfaltet keine > rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von > E-Mails koennen wir keine Haftung fuer den Inhalt uebernehmen. > > Ce message est confidentiel et peut être privilégié. Si vous n'êtes pas le > destinataire prévu, nous te demandons avec bonté que pour satisfaire informez > l'expéditeur. N'importe quelle diffusion non autorisée ou la copie de ceci > est interdite. Ce message sert à l'information seulement et n'aura pas > n'importe quel effet légalement obligatoire. Étant donné que les email > peuvent facilement être sujets à la manipulation, nous ne pouvons accepter > aucune responsabilité pour le contenu fourni. > > > > > > From: fja...@gmail.com > > Date: Sat, 25 Aug 2012 00:22:50 +0200 > > Subject: Re: Issue building the Unix daemon (jsvc) with the "configure" > script in Tomcat7 > > To: users@tomcat.apache.org > > > > > Hi Jeff, > > > > I tried both: > > > > [ec2-user@ip-10-34-89-185 bin]$ ./daemon.sh start > > Cannot set group id for user 'tomcat' > > Error validating user 'tomcat' > > > > With sudo, I get the permissions issue. ec2-user is a sudoer. > > > > sudo ./daemon.sh start > > > > *SEVERE: Unable to create directory for deployment: > > /datadisk1/tomcat/conf/Catalina/localhost* > > Aug 24, 2012 1:29:12 PM org.apache.catalina.startup.HostConfig > > deployDirectory > > INFO: Deploying web application directory > /datadisk1/tomcat/webapps/examples > > Aug 24, 2012 1:29:12 PM org.apache.catalina.core.StandardContext > > postWorkDirectory > > *WARNING: Failed to create work directory > > [/datadisk1/tomcat/work/Catalina/localhost/examples] for context > [/examples] > > * > > Aug 24, 2012 1:29:13 PM org.apache.jasper.EmbeddedServletOptions > > *SEVERE: The scratchDir you specified: > > /datadisk1/tomcat/work/Catalina/localhost/examples is unusable.* > > > > I am trying to see the whole command passed to jsvc but I am not fluent > in > > shell scripts and I can't get to echo it yet. > > > > Fred > > > > On Fri, Aug 24, 2012 at 10:45 PM, Jeff MAURY >wrote: > > > > > It probably means your current user (ec2-user) has not the rights to > run as > > > tomcat user. > > > Try the same command with sudo in front, if ec2-user is part of the > sudoers > > > > > > Jeff > > > > > > > > > On Fri, Aug 24, 2012 at 4:09 PM, Fred Janon wrote: > > > > > > > Ah! Thanks Jeff, you are right, thanks. I checked and the OpenJDK > > > installed > > > > is not the full JDK (??? confusing). I had to install the > OpenJDK-dev to > > > > get the full JDK. > > > > > > > > I managed to build the jsvc (yeah!), now I am getting an error after > > > > starting tomcat using daemon.sh, it seems that it runs a root, not > tomcat > > > > as I configured setenv.sh. tomcat cannot create
Re: [OT] redirecting people to maintenance mode
Thanks for all of that, Chris. Cheers, Fred On Fri, Aug 24, 2012 at 9:40 PM, Christopher Schultz < ch...@christopherschultz.net> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Fred, > > On 8/24/12 12:02 PM, Fred Janon wrote: > > Excellent, thanks for all these suggestions. I never really > > understood why Tomcat standalone would be that much slower than > > something else serving files like you pointed it out. So good > > things to look at and try out. thanks for the SSL pointer as well, > > I need it. > > Since you are using SSL, I would highly recommend using the APR > connector with both sendFile and SSL enabled. Note that you have to > completely change your SSL certificate configuration. IMO, OpenSSL > configuration is *much* easier because you don't have to deal with the > nightmare that is Java's 'keytool' with all the aliases and odd > formats and stuff. Give me PEM-encoded concatenated keys any day of > the week. > > As always, benchmark your own environment and don't let anybody else > tell you what is or is not faster. I'm fairly confident you'll see a > significant performance improvement when switching to APR for both > static content (in general) and non-static content (over SSL). > > Good luck. > > - -chris > -BEGIN PGP SIGNATURE- > Version: GnuPG/MacGPG2 v2.0.17 (Darwin) > Comment: GPGTools - http://gpgtools.org > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > iEYEARECAAYFAlA32KoACgkQ9CaO5/Lv0PBEbwCgpok8Jnns7LWMrDpcMFIiDff4 > f1QAoKBP4s9DLfm4cVCgSxnGc44o7WGT > =5wIj > -END PGP SIGNATURE- > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
Re: Issue building the Unix daemon (jsvc) with the "configure" script in Tomcat7
Hi Jeff, I tried both: [ec2-user@ip-10-34-89-185 bin]$ ./daemon.sh start Cannot set group id for user 'tomcat' Error validating user 'tomcat' With sudo, I get the permissions issue. ec2-user is a sudoer. sudo ./daemon.sh start *SEVERE: Unable to create directory for deployment: /datadisk1/tomcat/conf/Catalina/localhost* Aug 24, 2012 1:29:12 PM org.apache.catalina.startup.HostConfig deployDirectory INFO: Deploying web application directory /datadisk1/tomcat/webapps/examples Aug 24, 2012 1:29:12 PM org.apache.catalina.core.StandardContext postWorkDirectory *WARNING: Failed to create work directory [/datadisk1/tomcat/work/Catalina/localhost/examples] for context [/examples] * Aug 24, 2012 1:29:13 PM org.apache.jasper.EmbeddedServletOptions *SEVERE: The scratchDir you specified: /datadisk1/tomcat/work/Catalina/localhost/examples is unusable.* I am trying to see the whole command passed to jsvc but I am not fluent in shell scripts and I can't get to echo it yet. Fred On Fri, Aug 24, 2012 at 10:45 PM, Jeff MAURY wrote: > It probably means your current user (ec2-user) has not the rights to run as > tomcat user. > Try the same command with sudo in front, if ec2-user is part of the sudoers > > Jeff > > > On Fri, Aug 24, 2012 at 4:09 PM, Fred Janon wrote: > > > Ah! Thanks Jeff, you are right, thanks. I checked and the OpenJDK > installed > > is not the full JDK (??? confusing). I had to install the OpenJDK-dev to > > get the full JDK. > > > > I managed to build the jsvc (yeah!), now I am getting an error after > > starting tomcat using daemon.sh, it seems that it runs a root, not tomcat > > as I configured setenv.sh. tomcat cannot create some dirs, reported in > > catalina-daemon.out. > > > > If I launch tomcat without being root, I get this error: > > > > [ec2-user@ip-10-34-89-185 bin]$ ./daemon.sh start > > Cannot set group id for user 'tomcat' > > Error validating user 'tomcat' > > > > Not sure what this means, I have a tomcat user in the tomcat group. > > > > If I launch tomcat using that command: > > > > sudo ./daemon.sh start > > > > with setenv.sh: > > > > export CATALINA_HOME=/datadisk1/tomcat > > export CATALINA_OPTS="-server -Xms128M -Xmx512M" > > export JAVA_HOME=/usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0/jre > > export TOMCAT_USER=tomcat > > > > then catalina-daemon.out shows: > > > > Aug 24, 2012 1:29:11 PM org.apache.catalina.core.AprLifecycleListener > init > > SEVERE: An incompatible version 1.1.22 of the APR based Apache Tomcat > > Native library is installed, while Tomcat requires version 1.1.24 > > Aug 24, 2012 1:29:11 PM org.apache.catalina.core.AprLifecycleListener > init > > SEVERE: An incompatible version 1.1.22 of the APR based Apache Tomcat > > Native library is installed, while Tomcat requires version 1.1.24 > > Aug 24, 2012 1:29:11 PM org.apache.catalina.core.AprLifecycleListener > init > > SEVERE: An incompatible version 1.1.22 of the APR based Apache Tomcat > > Native library is installed, while Tomcat requires version 1.1.24 > > Aug 24, 2012 1:29:11 PM org.apache.catalina.core.AprLifecycleListener > init > > SEVERE: An incompatible version 1.1.22 of the APR based Apache Tomcat > > Native library is installed, while Tomcat requires version 1.1.24 > > Aug 24, 2012 1:29:11 PM org.apache.catalina.core.AprLifecycleListener > init > > SEVERE: An incompatible version 1.1.22 of the APR based Apache Tomcat > > Native library is installed, while Tomcat requires version 1.1.24 > > Aug 24, 2012 1:29:11 PM org.apache.coyote.AbstractProtocol init > > INFO: Initializing ProtocolHandler ["http-bio-8080"] > > Aug 24, 2012 1:29:11 PM org.apache.coyote.AbstractProtocol init > > INFO: Initializing ProtocolHandler ["ajp-bio-8009"] > > Aug 24, 2012 1:29:11 PM org.apache.catalina.startup.Catalina load > > INFO: Initialization processed in 1316 ms > > Aug 24, 2012 1:29:12 PM org.apache.catalina.core.StandardService > > startInternal > > INFO: Starting service Catalina > > Aug 24, 2012 1:29:12 PM org.apache.catalina.core.StandardEngine > > startInternal > > INFO: Starting Servlet Engine: Apache Tomcat/7.0.29 > > Aug 24, 2012 1:29:12 PM org.apache.catalina.startup.HostConfig start > > *SEVERE: Unable to create directory for deployment: > > /datadisk1/tomcat/conf/Catalina/localhost* > > Aug 24, 2012 1:29:12 PM org.apache.catalina.startup.HostConfig > > deployDirectory > > INFO: Deploying web application directory > > /datadisk1/tomcat/webapps/examples > > Aug 24, 2012 1:29:12 PM org.apache.catalina.co
Re: [OT] redirecting people to maintenance mode
Hi Chris, Excellent, thanks for all these suggestions. I never really understood why Tomcat standalone would be that much slower than something else serving files like you pointed it out. So good things to look at and try out. thanks for the SSL pointer as well, I need it. Thanks again. Fred On Fri, Aug 24, 2012 at 5:22 PM, Christopher Schultz < ch...@christopherschultz.net> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Fred, > > (Marking OT because this strays from the OP's topic) > > On 8/23/12 4:21 PM, Fred Janon wrote: > > I am interested in more details from your comment: > > > > "This is a common misconception: Apache httpd is *not* faster than > > Tomcat for static content *when configured appropriately*. The > > current default configuration is unfortunately much less optimized > > than Apache httpd's default configuration, so httpd beats Tomcat > > out-of-the-box." > > > > Do you mean the Default Servlet configuration ( > > http://tomcat.apache.org/tomcat-7.0-doc/default-servlet.html )or > > any servlet? > > The DefaultServlet is perfectly capable of delivering content quickly > (it's just copying bytes from the disk, which isn't that difficult). > IF you have another servlet that delivers static content, then you'll > have to look at it to see if it is wasting any time :) > > > Where can I learn more about optimizing serving static content with > > Tomcat? I want to stick with Tomcat alone. > > Your best bet when using Tomcat standalone is to use either the NIO or > APR connectors with "sendFile" support enabled: this is the key. See > my presentation from ApacheCon NA 2012 on the subject > ( > http://people.apache.org/~schultz/ApacheCon%20NA%202010/ApacheCon%20NA%202010%20Slides.pdf > ) > - -- although Mladen pointed out at that presentation that my data was > irrelevant due to the use of Linux's loopback interface for all my > testing. He's got a point, but the data still suggests that > performance of NIO+sendFile/APR+sendFile is always on par with Apache > httpd and the performance of the BIO connector and either NIO or APR > without sendFile is always relatively bad. > > When you think about it, Tomcat ought to have almost identical > performance with using APR+sendFile connector because it is the *same > code that Apache httpd uses* under the hood (that's what APR is: > native code shared with Apache httpd, including the "sendFile" > support). The fact that the NIO connector is so competitive with APR I > think speaks to the optimization that has occurred within the NIO > stack, allowing the data to get to the hardware with very little overhead. > > One more thing: if you are using TLS, you definitely want to go with > the APR connector to use OpenSSL-based encryption: it's much faster > than the JSSE-based encryption that you'll get when using the NIO > connector. > > - -chris > -BEGIN PGP SIGNATURE- > Version: GnuPG/MacGPG2 v2.0.17 (Darwin) > Comment: GPGTools - http://gpgtools.org > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > iEYEARECAAYFAlA3nDIACgkQ9CaO5/Lv0PAMggCfSZB4qqzksbInBobRddN6ZFgH > iaYAoK8svXqiCxZJxALb9I7eUkIZkcuC > =tsTE > -END PGP SIGNATURE- > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
Re: Issue building the Unix daemon (jsvc) with the "configure" script in Tomcat7
omcat/webapps/host-manager Aug 24, 2012 1:29:13 PM org.apache.catalina.core.StandardContext postWorkDirectory WARNING: Failed to create work directory [/datadisk1/tomcat/work/Catalina/localhost/host-manager] for context [/host-manager] Aug 24, 2012 1:29:13 PM org.apache.jasper.EmbeddedServletOptions SEVERE: The scratchDir you specified: /datadisk1/tomcat/work/Catalina/localhost/host-manager is unusable. Aug 24, 2012 1:29:13 PM org.apache.coyote.AbstractProtocol start INFO: Starting ProtocolHandler ["http-bio-8080"] Aug 24, 2012 1:29:13 PM org.apache.coyote.AbstractProtocol start INFO: Starting ProtocolHandler ["ajp-bio-8009"] Aug 24, 2012 1:29:13 PM org.apache.catalina.startup.Catalina start INFO: Server startup in 1613 ms I am not sure my "export TOMCAT_USER=tomcat" is right, or if I am missing something. Regards, Fred On Fri, Aug 24, 2012 at 12:01 PM, Jeff MAURY wrote: > Fred, > > you are getting confused by the term OpenJDK. It comes in two flavor, JRE > and JDK. I have some .h files on my Ubuntu server, but not under > /usr/lib/jvm/java-1.6.0-openjdk but under /usr/lib/jvm/java-6-openjdk > > Regards > Jeff > > > On Fri, Aug 24, 2012 at 8:52 AM, Fred Janon wrote: > > > Hi Jeff, > > > > Thanks, but I read the instructions and requirements for a C compiler an > > the JDK. As shown in my original message there is a JDK > > > > > /usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0/* > > > > but no "jni_md.h" in the Open JDK. As I said the "jni_md.h" seems to be > in > > the Windows JDK, but not in the Linux one. > > > > Cheers, > > > > Fred > > > > On Fri, Aug 24, 2012 at 7:51 AM, Jeff MAURY > > wrote: > > > > > You need a JDK to be installed on your machine and it seems you've > only a > > > JRE > > > > > > Jeff > > > > > > > > > On Thu, Aug 23, 2012 at 10:12 PM, Fred Janon wrote: > > > > > > > Hi, > > > > > > > > I am trying to build the Unix deamon jsvc in AWS EC2 Linux. I did not > > > > install Tomcat7 that comes with the AWS Linux, I downloaded Tomcat7 > > from > > > > the Apache Tomcat website, I installed it and ran Tomcat7 > successfully. > > > Now > > > > I am trying to build the daemon to run Tomcat7 as a daemon. I get an > > > error > > > > running the "configure" script as indicated in the Tomcat > > documentation. > > > I > > > > did a lot of searching on the web and cannot find a solution to this > > > issue. > > > > I am not fluent in shell scripting, so my understanding of > "configure" > > is > > > > very limited. > > > > > > > > Do I need to regenerate the "configure" script or do I need to modify > > the > > > > script? > > > > > > > > The error is: > > > > *checking for JDK os include directory... Cannot find jni_md.h in > > > > /usr/lib/jvm/jre/* > > > > *configure: error: You should retry --with-os-type=SUBDIR* > > > > * > > > > * > > > > It looks like *"jni_md.h"* is part of the Windows JDK, *but it's not > in > > > the > > > > Linux OpenJDK on CentOS.* > > > > > > > > I don't really understand why the message says "*with-os-type*" where > > it > > > > seems to mean JDK? > > > > > > > > As indicated in the INSTALL.txt below, I am reporting the issue, > hoping > > > > that someone can give me a solution or a patch for the script... > > > > > > > > "Depending on your JDK layout, configure might fail to find the JNI > > > > machine dependant include file (jni_md.h). If that's the case use the > > > > --with-os-type= parameter where subdir points to the > directory > > > > within JDK include directory containing jni_md.h file. > > > > If your operating system is supported, configure will go thru > cleanly, > > > > otherwise it will report an error (please send us the details of your > > > > OS/JDK, or a patch against the sources)." > > > > > > > > Below is the console output running configure and some information > > about > > > > the jdk installed. > > > > > > > > [ec2-user@ip-10-244-162-78 unix]$ *./configure* > > > > *** Current host *** > > > > checking build system type... i686-pc-linux-gnu > > > > checking host system type... i686-pc-linux-gnu
Re: Issue building the Unix daemon (jsvc) with the "configure" script in Tomcat7
Hi Jeff, Thanks, but I read the instructions and requirements for a C compiler an the JDK. As shown in my original message there is a JDK > /usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0/* but no "jni_md.h" in the Open JDK. As I said the "jni_md.h" seems to be in the Windows JDK, but not in the Linux one. Cheers, Fred On Fri, Aug 24, 2012 at 7:51 AM, Jeff MAURY wrote: > You need a JDK to be installed on your machine and it seems you've only a > JRE > > Jeff > > > On Thu, Aug 23, 2012 at 10:12 PM, Fred Janon wrote: > > > Hi, > > > > I am trying to build the Unix deamon jsvc in AWS EC2 Linux. I did not > > install Tomcat7 that comes with the AWS Linux, I downloaded Tomcat7 from > > the Apache Tomcat website, I installed it and ran Tomcat7 successfully. > Now > > I am trying to build the daemon to run Tomcat7 as a daemon. I get an > error > > running the "configure" script as indicated in the Tomcat documentation. > I > > did a lot of searching on the web and cannot find a solution to this > issue. > > I am not fluent in shell scripting, so my understanding of "configure" is > > very limited. > > > > Do I need to regenerate the "configure" script or do I need to modify the > > script? > > > > The error is: > > *checking for JDK os include directory... Cannot find jni_md.h in > > /usr/lib/jvm/jre/* > > *configure: error: You should retry --with-os-type=SUBDIR* > > * > > * > > It looks like *"jni_md.h"* is part of the Windows JDK, *but it's not in > the > > Linux OpenJDK on CentOS.* > > > > I don't really understand why the message says "*with-os-type*" where it > > seems to mean JDK? > > > > As indicated in the INSTALL.txt below, I am reporting the issue, hoping > > that someone can give me a solution or a patch for the script... > > > > "Depending on your JDK layout, configure might fail to find the JNI > > machine dependant include file (jni_md.h). If that's the case use the > > --with-os-type= parameter where subdir points to the directory > > within JDK include directory containing jni_md.h file. > > If your operating system is supported, configure will go thru cleanly, > > otherwise it will report an error (please send us the details of your > > OS/JDK, or a patch against the sources)." > > > > Below is the console output running configure and some information about > > the jdk installed. > > > > [ec2-user@ip-10-244-162-78 unix]$ *./configure* > > *** Current host *** > > checking build system type... i686-pc-linux-gnu > > checking host system type... i686-pc-linux-gnu > > checking cached host system type... ok > > *** C-Language compilation tools *** > > checking for gcc... gcc > > checking for C compiler default output file name... a.out > > checking whether the C compiler works... yes > > checking whether we are cross compiling... no > > checking for suffix of executables... > > checking for suffix of object files... o > > checking whether we are using the GNU C compiler... yes > > checking whether gcc accepts -g... yes > > checking for gcc option to accept ANSI C... none needed > > checking for ranlib... ranlib > > checking for strip... strip > > *** Host support *** > > checking C flags dependant on host system type... ok > > *** Java compilation tools *** > > *checking for JDK os include directory... Cannot find jni_md.h in > > /usr/lib/jvm/jre/* > > *configure: error: You should retry --with-os-type=SUBDIR* > > > > [ec2-user@ip-10-244-162-78 unix]$ find / -name 'jni_md.h' 2>/dev/null > > > > [ec2-user@ip-10-244-162-78 unix]$ find / -name '*jni*' 2>/dev/null > > /usr/share/java-jni > > > > > /datadisk1/tomcat/bin/commons-daemon-1.0.10-native-src/windows/src/javajni.c > > > > > /datadisk1/tomcat/bin/commons-daemon-1.0.10-native-src/windows/include/javajni.h > > > > Installed Packages > > java-1.6.0-openjdk.i686 installed > > > > > > [ec2-user@ip-10-244-162-78 unix]$ *./configure > > -with-java=/usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0/jre* > > *** Current host *** > > checking build system type... i686-pc-linux-gnu > > checking host system type... i686-pc-linux-gnu > > checking cached host system type... ok > > *** C-Language compilation tools *** > > checking for gcc... gcc > > checking for C compiler default output file name... a.out > >
Re: redirecting people to maintenance mode
Christopher, I am interested in more details from your comment: "This is a common misconception: Apache httpd is *not* faster than Tomcat for static content *when configured appropriately*. The current default configuration is unfortunately much less optimized than Apache httpd's default configuration, so httpd beats Tomcat out-of-the-box." Do you mean the Default Servlet configuration ( http://tomcat.apache.org/tomcat-7.0-doc/default-servlet.html )or any servlet? Where can I learn more about optimizing serving static content with Tomcat? I want to stick with Tomcat alone. Thanks Fred On Wed, Aug 22, 2012 at 5:54 PM, Christopher Schultz < ch...@christopherschultz.net> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Miguel, > > On 8/22/12 5:04 AM, Miguel González Castaños wrote: > > On 21/08/2012 17:00, Christopher Schultz wrote: > >> -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 > >> > >> Miguel, > >> > >> On 8/21/12 6:25 AM, Miguel González Castaños wrote: > >>> Dear all, > >>> > >>> I have a Tomcat web server. From time to time, I need to do > >>> some maintenance and want people not to interact with the > >>> Tomcat server while I'm doing it. The key thing here is that > >>> the Tomcat server is up and running. This is what I want to > >>> achieve: > >>> > >>> - I want all people to be redirected from 80/443 port at > >>> server1 to a different URL http://server2/maintenance.html > >>> except my IP address (so I can check Tomcat myself). > >>> > >>> - If possible, I want this to be transparent to the user, so > >>> they get a http redirect showing the server1 in the client's > >>> browser, not server2 (but this is not that important). > >>> > >>> I assume I can use iptables to redirect people to a different > >>> web server, but how can I know that I need to redirect them to > >>> the maintenance.html if that server is serving other web pages > >>> too? > >> I don't know if you want to add this kind of complication to > >> your environment, but this is pretty much what mod_jk was built > >> for: distributing requests to one or more back-end Tomcat > >> servers. > >> > >> With mod_jk's management interface, you can take (load-balanced) > >> workers out of a pool, upgrade them, then add them back to the > >> pool. Before you add them back, you can always access them > >> directly if you have set up an HTTP and you can feel > >> free to use any technique (iptables, bind to 127.0.0.1, etc.) to > >> prevent direct access to the HTTP port from normal users. > >> > >> The use of Apache httpd out in front of your app server(s) also > >> means that you can detect error conditions in the Tomcat instance > >> (like it's crashed or whatever) and give a semi-nice error > >> message instead of a connection failure. > >> > >> This is one of those situations where using Apache httpd out in > >> front of Tomcat makes some sense: not for performance, but for > >> availability. See Mladen's article with explains some of the why, > >> what and how of setting up a mod_jk-based cluster: > >> http://people.apache.org/~mturk/docs/article/ftwai.html > > It makes sense. I will give it a thought. Unfortunately until we > > migrate to a bigger server, I'm not sure the overhead of Apache is > > too much. Although I know Apache is faster for static content. > > This is a common misconception: Apache httpd is *not* faster than > Tomcat for static content when configured appropriately. The current > default configuration is unfortunately much less optimized than Apache > httpd's default configuration, so httpd beats Tomcat out-of-the-box. > > If you are going to end up fronting Tomcat with Apache httpd, it's > probably worth your while to push your static content out to the httpd > level so that you *can* serve your static content without proxying > that stuff over to your Tomcat instances. That /will/ certainly > improve performance given a two-tier setup. > > - -chris > -BEGIN PGP SIGNATURE- > Version: GnuPG/MacGPG2 v2.0.17 (Darwin) > Comment: GPGTools - http://gpgtools.org > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > iEYEARECAAYFAlA1AJoACgkQ9CaO5/Lv0PANlwCgtFR4YnlMDlsH4Mb1qlb8iBjt > pA8AmgP1RzyXWBNNY+n2L3pNSn7PrvAc > =u3UR > -END PGP SIGNATURE- > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
Issue building the Unix daemon (jsvc) with the "configure" script in Tomcat7
Hi,
I am trying to build the Unix deamon jsvc in AWS EC2 Linux. I did not
install Tomcat7 that comes with the AWS Linux, I downloaded Tomcat7 from
the Apache Tomcat website, I installed it and ran Tomcat7 successfully. Now
I am trying to build the daemon to run Tomcat7 as a daemon. I get an error
running the "configure" script as indicated in the Tomcat documentation. I
did a lot of searching on the web and cannot find a solution to this issue.
I am not fluent in shell scripting, so my understanding of "configure" is
very limited.
Do I need to regenerate the "configure" script or do I need to modify the
script?
The error is:
*checking for JDK os include directory... Cannot find jni_md.h in
/usr/lib/jvm/jre/*
*configure: error: You should retry --with-os-type=SUBDIR*
*
*
It looks like *"jni_md.h"* is part of the Windows JDK, *but it's not in the
Linux OpenJDK on CentOS.*
I don't really understand why the message says "*with-os-type*" where it
seems to mean JDK?
As indicated in the INSTALL.txt below, I am reporting the issue, hoping
that someone can give me a solution or a patch for the script...
"Depending on your JDK layout, configure might fail to find the JNI
machine dependant include file (jni_md.h). If that's the case use the
--with-os-type= parameter where subdir points to the directory
within JDK include directory containing jni_md.h file.
If your operating system is supported, configure will go thru cleanly,
otherwise it will report an error (please send us the details of your
OS/JDK, or a patch against the sources)."
Below is the console output running configure and some information about
the jdk installed.
[ec2-user@ip-10-244-162-78 unix]$ *./configure*
*** Current host ***
checking build system type... i686-pc-linux-gnu
checking host system type... i686-pc-linux-gnu
checking cached host system type... ok
*** C-Language compilation tools ***
checking for gcc... gcc
checking for C compiler default output file name... a.out
checking whether the C compiler works... yes
checking whether we are cross compiling... no
checking for suffix of executables...
checking for suffix of object files... o
checking whether we are using the GNU C compiler... yes
checking whether gcc accepts -g... yes
checking for gcc option to accept ANSI C... none needed
checking for ranlib... ranlib
checking for strip... strip
*** Host support ***
checking C flags dependant on host system type... ok
*** Java compilation tools ***
*checking for JDK os include directory... Cannot find jni_md.h in
/usr/lib/jvm/jre/*
*configure: error: You should retry --with-os-type=SUBDIR*
[ec2-user@ip-10-244-162-78 unix]$ find / -name 'jni_md.h' 2>/dev/null
[ec2-user@ip-10-244-162-78 unix]$ find / -name '*jni*' 2>/dev/null
/usr/share/java-jni
/datadisk1/tomcat/bin/commons-daemon-1.0.10-native-src/windows/src/javajni.c
/datadisk1/tomcat/bin/commons-daemon-1.0.10-native-src/windows/include/javajni.h
Installed Packages
java-1.6.0-openjdk.i686 installed
[ec2-user@ip-10-244-162-78 unix]$ *./configure
-with-java=/usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0/jre*
*** Current host ***
checking build system type... i686-pc-linux-gnu
checking host system type... i686-pc-linux-gnu
checking cached host system type... ok
*** C-Language compilation tools ***
checking for gcc... gcc
checking for C compiler default output file name... a.out
checking whether the C compiler works... yes
checking whether we are cross compiling... no
checking for suffix of executables...
checking for suffix of object files... o
checking whether we are using the GNU C compiler... yes
checking whether gcc accepts -g... yes
checking for gcc option to accept ANSI C... none needed
checking for ranlib... ranlib
checking for strip... strip
*** Host support ***
checking C flags dependant on host system type... ok
*** Java compilation tools ***
checking JAVA_HOME... /usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0/jre
*checking for JDK os include directory... Cannot find jni_md.h in
/usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0/jre/*
*configure: error: You should retry --with-os-type=SUBDIR*
-
configure script excerpt:
echo "$as_me:$LINENO: checking for JDK os include directory" >&5
echo $ECHO_N "checking for JDK os include directory... $ECHO_C" >&6
JAVA_OS=NONE
if test -f $JAVA_HOME/$JAVA_INC/jni_md.h
then
JAVA_OS=""
else
for f in $JAVA_HOME/$JAVA_INC/*/jni_md.h
do
if test -f $f; then
JAVA_OS=`dirname $f`
JAVA_OS=`basename $JAVA_OS`
echo " $JAVA_OS"
break
fi
done
if test "x$JAVA_OS" = "xNONE"; then
echo "$as_me:$LINENO: result: Cannot find jni_md.h in
${JAVA_HOME}/${OS}" >&5
echo "${ECHO_T}Cannot find jni_md.h in ${JAVA_HOME}/${OS}" >&6
{ { echo "$as_me:$LINENO: error: You should retry
--with-os-type=SUBDIR" >&5
echo "$as_me: error: You should retry --with-os
JNDI-Datasource: what happens if the database is not ready when Tomcat starts?
Hi, I am looking into using the JNDI/Datasource facility in Tomcat 5.5 to connect to a mySQL 5.0 database on a Windows 2003 server. Both Tomcat and mySQL run as services. What happens if the Tomcat service starts before mySQL? Does Tomcat wait for a while for the DB to be ready? Does it launch the apps or wait until the DB is ready? Thanks Fred
Re: increasing JVM heap space in Tomcat 6.0 (Windows XP)
Yes, I always download the JDK and use the server jvm in there. I don't think the JRE download includes the server jvm anymore, at least not in the few I downloaded lately. Fred On Thu, Aug 13, 2009 at 22:08, Caldarale, Charles R < chuck.caldar...@unisys.com> wrote: > > From: Fred Janon [mailto:fja...@gmail.com] > > Subject: Re: increasing JVM heap space in Tomcat 6.0 (Windows XP) > > > > Complementary question: what is the recommended JVM to use with Tomcat: > > client/jvm.dll or server/jvm.dll? > > Server. Note that some of Sun's Windows JRE downloads do not include a > server JVM, but the JDK does. > > - Chuck > > > THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY > MATERIAL and is thus for use only by the intended recipient. If you received > this in error, please contact the sender and delete the e-mail and its > attachments from all computers. > > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
Re: increasing JVM heap space in Tomcat 6.0 (Windows XP)
Complementary question: what is the recommended JVM to use with Tomcat: client/jvm.dll or server/jvm.dll? Thanks Fred On Thu, Aug 13, 2009 at 21:56, Christoph Kukulies wrote: > jre_1.5.0_06/client/jvm.dll >
Re: Tomcat 5.5 on Windows Server 2003, HTTPS and tc-native
It looks like you have an extensive experience deploying Tomcat 5.5.x on Win XP, SBS, Enterprise and Datacenter, so maybe you can tell me where the option to use APR/tc-native is during the installation using the msi file? Just wanted to share my experience, since the same issue has popped up several times for over a year, but fine with me if you think I am an idiot and the doc is perfect. I made an effort to subscribe to the list, post something, but if you have an issue with that, fine. Looks like the Jetty folks are less agressive. Lots of choices for a servlet container out there. Cheers, Fred On Fri, Jul 31, 2009 at 22:13, Caldarale, Charles R < chuck.caldar...@unisys.com> wrote: > > From: Fred Janon [mailto:fja...@gmail.com] > > Subject: Tomcat 5.5 on Windows Server 2003, HTTPS and tc-native > > > > I needed to enable HTTPS so I copied the SSL certificate that > > was used on my development machine, made the proper changes in > > the Tomcat config > > Apparently not. > > > I found and deleted the "tc-native.dll" file, restarted Tomcat > > and the HTTPS connection worked straight away. > > As is well documented, in bold letters on the SSL page: > > "IMPORTANT NOTE: This Howto refers to usage of JSSE. When using APR, Tomcat > will use OpenSSL, which uses a different configuration." > > The pure Java SSL doc is here: > http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html > > The SSL doc when using tcnative-1.dll (not "tc-native.dll", which doesn't > exist) is here: > http://tomcat.apache.org/tomcat-5.5-doc/apr.html#HTTPS > > They are very different. > > - Chuck > > > THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY > MATERIAL and is thus for use only by the intended recipient. If you received > this in error, please contact the sender and delete the e-mail and its > attachments from all computers. > > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
Tomcat 5.5 on Windows Server 2003, HTTPS and tc-native
Hi, I just want to share my experience installing Tomcat 5.5.23 (and also 5.5.27 from memory) on Windows Server 2003 Datacenter Edition. I installed 5.5.27 on that version of Windows by creating an instance on Amazon EC2. Tomcat worked pretty quickly on port 80. I needed to enable HTTPS so I copied the SSL certificate that was used on my development machine, made the proper changes in the Tomcat config, restarted the server but accessing https://localhost would hang for a while and then timeout. I questioned everything: my Tomcat config, my EC2 instance config, my app, my certificate for almost a week. Searching the Tomcat for "windows HTTPS" mail archive today gave me a hint to solve the issue. I found and deleted the "tc-native.dll" file, restarted Tomcat and the HTTPS connection worked straight away. I am not a Tomcat expert but I installed it many times (probably over 20 times) on machines running Windows XP Pro and Windows Enterprise and Small Business Server and I didn't encounter that issue. It might have been a diffferent version of Tomcat 5.5.x, so I don't know how I didn't hit that problem before. I want to mention as well that the logs didn't show any error at all and that Tomcat, mySQL and my app worked great on 3 other machines with XP Pro and SBS. Just sharing for the next person banging her/his head... Fred
