> Am 16.11.2023 um 20:19 schrieb l...@kreuser.name: > > Hi Chris*, > > >> Am 16.11.2023 um 20:12 schrieb Christopher Schultz >> <ch...@christopherschultz.net>: >> >> Christoph, >> >> On 11/15/23 10:32, Christoph Kukulies wrote: >>> I'm running tomcat9 under Ubuntu 22.04 with an haproxy 2.8 in front of it. >>> I'm wondering about the following in the logs: >>> Nov 15 16:19:23 mail tomcat9[832]: Reloading memory user database >>> [UserDatabase] from updated source >>> [file:/var/lib/tomcat9/conf/tomcat-users.xml] >>> Nov 15 16:19:23 mail tomcat9[832]: The specified user database >>> [conf/tomcat-users.xml] could not be found >>> Nov 15 16:19:33 mail tomcat9[832]: Reloading memory user database >>> [UserDatabase] from updated source >>> [file:/var/lib/tomcat9/conf/tomcat-users.xml] >>> Nov 15 16:19:33 mail tomcat9[832]: The specified user database >>> [conf/tomcat-users.xml] could not be found >>> Nov 15 16:19:43 mail tomcat9[832]: Reloading memory user database >>> [UserDatabase] from updated source >>> [file:/var/lib/tomcat9/conf/tomcat-users.xml] >>> Nov 15 16:19:43 mail tomcat9[832]: The specified user database >>> [conf/tomcat-users.xml] could not be found >>> Nov 15 16:19:53 mail tomcat9[832]: Reloading memory user database >>> [UserDatabase] from updated source >>> [file:/var/lib/tomcat9/conf/tomcat-users.xml] >>> Nov 15 16:19:53 mail tomcat9[832]: The specified user database >>> [conf/tomcat-users.xml] could not be found >>> File /var/lib/tomcat9/conf/tomcat-users.xml is definitely there. >>> It occurs every 10 seconds. >>> Don't know who is causing this and why. Permissions? Ownership wrong? >>> -rw-r----- 1 root root 2756 Jan 15 2022 tomcat-users.xml >>> Believe the ownership was wrong. Maybe it came from migrating an old >>> installation. >>> What are the correct perms/ownership in /var/lib/tomcat9 and below? >> >> What is the user-owner of the JVM process? root 125216 0.0 0.0 0 0 ? I 09:42 0:00 [kworker/0:0-events] root 125221 0.0 0.0 0 0 ? I 09:42 0:00 [kworker/0:2] tomcat 125222 166 9.2 3551824 363244 ? Ssl 09:42 0:16 /usr/lib/jvm/default-java/bin/java -Djava.util.logging.config.file=/var/lib/tomcat9/conf/logging.properties -Djava.util.logging.mana root 125246 0.0 0.0 0 0 ? I 09:42 0:00 [kworker/u4:2-flush-8:0] >> >> Check that all of the above would be both readable and executable by that >> user: >> >> ls -ld /var >> ls -ld /var/lib >> ls -ld /var/lib/tomcat9 >> ls -ld /var/lib/tomcat9/conf root@mail:/var/lib/tomcat9/webapps/ROOT/WEB-INF/config# ls -ld /var drwxr-xr-x 15 root root 4096 Oct 23 16:31 /var root@mail:/var/lib/tomcat9/webapps/ROOT/WEB-INF/config# ls -ld /var/lib drwxr-xr-x 63 root root 4096 Nov 10 10:28 /var/lib root@mail:/var/lib/tomcat9/webapps/ROOT/WEB-INF/config# ls -ld /var/lib/tomcat9 drwxr-xr-x 6 root root 4096 Nov 17 09:42 /var/lib/tomcat9 root@mail:/var/lib/tomcat9/webapps/ROOT/WEB-INF/config# ls -ld /var/lib/tomcat9/conf lrwxrwxrwx 1 tomcat tomcat 12 Sep 11 2019 /var/lib/tomcat9/conf -> /etc/tomcat9 root@mail:/var/lib/tomcat9/webapps/ROOT/WEB-INF/config# ls -ld /etc/tomcat9 drwxr-xr-x 4 root root 4096 Nov 16 12:17 /etc/tomcat9 root@mail:/var/lib/tomcat9/webapps/ROOT/WEB-INF/config# >> >> ... and of course that the JVM user can read >> /var/lib/tomcat9/conf/tomcat-users.xml which I assume is true since you said >> you already checked it. >> >> What is the cwd of the JVM process? >> root@mail:/var/lib/tomcat9/webapps/ROOT/WEB-INF/config# pwdx 125222 125222: /var/lib/tomcat9 >> The first message ("reloading") has the full path, and the second message >> ("file not found") only mentions a relative path. I wonder if that is the >> difference. >> > > > Could it be that the second path relates to a missing env-Variable > $CATALINA_BASE or $CATALINA_HOME? > root@mail:/var/lib/tomcat9/webapps/ROOT/WEB-INF/config# cat /proc/125222/environ | tr '\0' '\n' USER=tomcat HOME=/var/lib/tomcat OLDPWD=/ CATALINA_HOME=/usr/share/tomcat9 SYSTEMD_EXEC_PID=125222 LOGNAME=tomcat JOURNAL_STREAM=8:1778827 CACHE_DIRECTORY=/var/cache/tomcat9 JDK_JAVA_OPTIONS= --add-opens=java.base/java.lang=ALL-UNNAMED --add-opens=java.base/java.io=ALL-UNNAMED --add-opens=java.base/java.util=ALL-UNNAMED --add-opens=java.base/java.util.concurrent=ALL-UNNAMED --add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED CATALINA_TMPDIR=/tmp PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin INVOCATION_ID=84b60xxxxxxxxxxxa420e09ed JAVA_OPTS=-Djava.awt.headless=true -Djdk.tls.ephemeralDHKeySize=2048 -Djava.protocol.handler.pkgs=org.apache.catalina.webresources -Dorg.apache.catalina.security.SecurityListener.UMASK=0027 LANG=en_US.UTF-8 PWD=/var/lib/tomcat9 JAVA_HOME=/usr/lib/jvm/default-java CATALINA_BASE=/var/lib/tomcat9 root@mail:/var/lib/tomcat9/webapps/ROOT/WEB-INF/config# > Peter It seems the situation is straightened out since I changed the ownership of the file tomcat-users.xml -rw-r----- 1 tomcat tomcat 2756 Jan 15 2022 tomcat-users.xml Thanks for helping. -- Christoph > >> -chris >>
smime.p7s
Description: S/MIME cryptographic signature