On Tue, Aug 9, 2016 at 5:05 PM, Mark Eggers <its_toas...@yahoo.com.invalid> wrote:
> Sean, > > > On 8/9/2016 1:55 PM, Sean Son wrote: > > On Mon, Aug 8, 2016 at 11:31 AM, Mark Eggers > > <its_toas...@yahoo.com.invalid> wrote: > > > >> Sean, > >> > >> On 8/8/2016 7:10 AM, Sean Son wrote: > >>> On Fri, Aug 5, 2016 at 5:34 PM, Mark Eggers > >> <its_toas...@yahoo.com.invalid> > >>> wrote: > >>> > >>>> On 8/5/2016 2:19 PM, Sean Son wrote: > >>>>> Hello! > >>>>> > >>>>> I am currently running Tomcat 8 on RHEL 7.2 with one web > >>>>> application called AppVet (A mobile Application Vetting > >>>>> program). The application works well but when I tried to use > >>>>> a script to allow tomcat to start up at boot, the webapp > >>>>> gives an authentication error. I saw the following error in > >>>>> the logs for appvet: > >>>>> > >>>>> > >>>>> [ERROR] Could not connect to database: > >>>>> com.mysql.jdbc.exceptions.jdbc4.CommunicationsException: > >>>>> Communications link failure > >>>>> > >>>>> The last packet sent successfully to the server was 0 > >>>>> milliseconds ago. The driver has not received any packets > >>>>> from the server. Make sure your MySQL password in your > >>>>> AppVetProperties.xml file is correct > >>>>> > >>>>> > >>>>> I know for a fact that the MySQL password is correct in that > >>>>> XML file. I double checked it already. Any ideas on how I > >>>>> should fix this error? > >>>>> > >>>>> This is the script that I am using for startup/shutdown of > >>>>> Tomcat8 on boot: > >>>>> > >>>>> http://pastebin.com/mrvfDtTD > >>>>> > >>>>> Thanks! > >>>>> > >>>>> Sean > >>>>> > >>>> > >>>> It appears that your Tomcat process is running as root. Do not > >>>> do this. > >>>> > >>>> Is your MySQL server up and running before Tomcat is started? > >>>> > >>>> . . . just my two cents /mde/ > >>>> > >>>> > >>> Hello thank you for your response > >>> > >>> I created a user account for Tomcat, I will set the script to use > >>> that account instead of the root account. Question though, does > >>> this account need a password? > >> > >> Yes, especially since you'll be running a service. > >> > >> Note that if you're running Tomcat on a privileged port (less than > >> 1024), a non-root account will not be able to bind to this port. > >> > >> You have three choices. > >> > >> 1. iptables > >> > >> route port 80 to port 8080 (Tomcat default) internally. Take a look > >> at the iptables documentation. > >> > >> 2. jsvc > >> > >> jsvc from the Apache Commons Daemon project allows you to run a > >> service such as Tomcat more easily. I don't remember if there is an > >> RPM for RHEL or not (possible in EPEL). It's configuration and > >> startup script are different, but the documentation is a good start > >> (there are Tomcat examples). > >> > >> https://commons.apache.org/proper/commons-daemon/jsvc.html > >> > >> 3. Apache HTTPD front end with mod_proxy_ajp or mod_jk > >> > >> I'd do this if you need Apache HTTPD for other web applications (a > >> PHP application, perhaps). There is good documentation available on > >> the Tomcat web site, as well as a ton of discussion on the mailing > >> list to get this running. > >> > >> If you don't feel like building software, I'd recommend > >> mod_proxy_ajp. I find mod_jk more flexible and a little easier to > >> use (opinions on easy of use vary), but you'd have to build mod_jk > >> from source. It's easy to do, but some people find that a little > >> more challenging. > >> > >>> > >>> Also, I cant tell if the MySQL server is up and running prior to > >>> Tomcat being started. I know that mysqld is enabled to start at > >>> boot, but I dont know if Tomcat starts prior to MySQL. How would > >>> I figure that out? > >>> > >> > >> I thought REHL 7 uses systemd and not init scripts? > >> > >> There have been many discussions on the mailing list concerning > >> systemd and Tomcat. I think someone has posted appropriate systemd > >> scripts. > >> > >> If not, then look at /etc/rc3.d. Start and stop scripts are > >> executed in numerical order. Start scripts start with S, stop > >> scripts start with K. > >> > >> Adjust the numbers in your Tomcat init script (/etc/initinit.d) so > >> that the start comes after MySQL (second number in the chkconfig > >> line). > >> > >> You'll have to chkconfig --del and chkconfig --add to have the new > >> numbers take effect in /etc/rcx.d. > >> > >>> > >>> Thanks! > >>> > >> > >> . . . just my two cents /mde/ > >> > >> > >> > > > > hello thank you for your response. > > > > So i decided to go the SystemD route and I found this article > > online: > > > > https://panovski.me/install-tomcat-8-on-centos-7/ > > > > I followed the instructions and instead of downloading Tomcat and > > installing it in /opt/tomcat, I copied the existing Tomcat > > installation, which was in /home/username, into /opt/tomcat and I > > gave the entire installation directory, an owner and group of tomcat. > > Then I set up the following tomcat.service unit file: > > > > > > [Unit] Description=Apache Tomcat Web Application Container > > After=network.target > > > > [Service] Type=forking PIDFile=/var/run/tomcat.pid > > Environment=CATALINA_PID=/var/run/tomcat.pid > > Environment=JAVA_HOME=/usr/java/jdk1.8.0_92 > > Environment=CATALINA_HOME=/opt/tomcat/apache-tomcat-8.0.35 > > Environment=CATALINA_BASE=/opt/tomcat/apache-tomcat-8.0.35 > > Environment=CATALINA_OPTS= > > > > ExecStart=/opt/tomcat/apache-tomcat-8.0.35/bin/jsvc \ > > -Dcatalina.home=${CATALINA_HOME} \ -Dcatalina.base=${CATALINA_BASE} > > \ -cp > > ${CATALINA_HOME}/bin/commons-daemon.jar:${CATALINA_HOME}/ > bin/bootstrap.jar:${CATALINA_HOME}/bin/tomcat-juli.jar > > > > > \ > > -user tomcat \ -java-home ${JAVA_HOME} \ -pidfile /var/run/tomcat.pid > > \ -errfile SYSLOG \ -outfile SYSLOG \ $CATALINA_OPTS \ > > org.apache.catalina.startup.Bootstrap > > > > ExecStop=/opt/tomcat/bin/jsvc \ -pidfile /var/run/tomcat.pid \ -stop > > \ org.apache.catalina.startup.Bootstrap > > > > [Install] WantedBy=multi-user.target > > > > > > > > I set up JSVC as well just like how the article suggested, but when I > > run systemctl start tomcat and I try to browse to https://IP > > Address:8443 (I am using SSL on Tomcat), I get the following errors > > in the webbrowser: > > > > http://pastebin.com/8RANM5NF > > > > Any ideas on what I should do to resolve this issue? > > > > Thanks! > > > > Looks like a permissions problem: > > /opt/tomcat/apache-tomcat-8.0.35/work/Catalina/localhost/ > ROOT/org/apache/jsp/index_jsp.class > (Permission denied) > > What are the permissions and ownership (owner, group) for the files and > directories under /opt/tomcat - especially > /opt/tomcat/apache-tomcat-8.0.35? > > . . . just my two cents > /mde/ > > Hello ! thank you for your response I checked the permissions for that path: the owner and group for the path is tomcat:tomcat EXCEPT for the index_jsp.class and index_jsp.java, both of which are owned/group by root. So it looks like when the systemd unit is ran, the two files are created by root as opposed to by Tomcat. how would I fix this? Thanks!
