Re: Wondering about tomcat-users.xml could not be found

Christoph Kukulies Fri, 17 Nov 2023 00:59:00 -0800

> Am 16.11.2023 um 20:19 schrieb l...@kreuser.name:
> 
> Hi Chris*,
> 
> 
>> Am 16.11.2023 um 20:12 schrieb Christopher Schultz 
>> <ch...@christopherschultz.net>:
>> 
>> Christoph,
>> 
>> On 11/15/23 10:32, Christoph Kukulies wrote:
>>> I'm running tomcat9 under Ubuntu 22.04 with an haproxy 2.8 in front of it.
>>> I'm wondering about the following in the logs:
>>> Nov 15 16:19:23 mail tomcat9[832]: Reloading memory user database 
>>> [UserDatabase] from updated source 
>>> [file:/var/lib/tomcat9/conf/tomcat-users.xml]
>>> Nov 15 16:19:23 mail tomcat9[832]: The specified user database 
>>> [conf/tomcat-users.xml] could not be found
>>> Nov 15 16:19:33 mail tomcat9[832]: Reloading memory user database 
>>> [UserDatabase] from updated source 
>>> [file:/var/lib/tomcat9/conf/tomcat-users.xml]
>>> Nov 15 16:19:33 mail tomcat9[832]: The specified user database 
>>> [conf/tomcat-users.xml] could not be found
>>> Nov 15 16:19:43 mail tomcat9[832]: Reloading memory user database 
>>> [UserDatabase] from updated source 
>>> [file:/var/lib/tomcat9/conf/tomcat-users.xml]
>>> Nov 15 16:19:43 mail tomcat9[832]: The specified user database 
>>> [conf/tomcat-users.xml] could not be found
>>> Nov 15 16:19:53 mail tomcat9[832]: Reloading memory user database 
>>> [UserDatabase] from updated source 
>>> [file:/var/lib/tomcat9/conf/tomcat-users.xml]
>>> Nov 15 16:19:53 mail tomcat9[832]: The specified user database 
>>> [conf/tomcat-users.xml] could not be found
>>> File /var/lib/tomcat9/conf/tomcat-users.xml is definitely there.
>>> It occurs every 10 seconds.
>>> Don't know who is causing this and why. Permissions? Ownership wrong?
>>> -rw-r----- 1 root root   2756 Jan 15  2022 tomcat-users.xml
>>> Believe the ownership was wrong. Maybe it came from migrating an old 
>>> installation.
>>> What are the correct perms/ownership in /var/lib/tomcat9 and below?
>> 
>> What is the user-owner of the JVM process?


root      125216  0.0  0.0      0     0 ?        I    09:42   0:00 
[kworker/0:0-events]
root      125221  0.0  0.0      0     0 ?        I    09:42   0:00 [kworker/0:2]
tomcat    125222  166  9.2 3551824 363244 ?      Ssl  09:42   0:16 
/usr/lib/jvm/default-java/bin/java 
-Djava.util.logging.config.file=/var/lib/tomcat9/conf/logging.properties 
-Djava.util.logging.mana
root      125246  0.0  0.0      0     0 ?        I    09:42   0:00 
[kworker/u4:2-flush-8:0]


>> 
>> Check that all of the above would be both readable and executable by that 
>> user:
>> 
>> ls -ld /var
>> ls -ld /var/lib
>> ls -ld /var/lib/tomcat9
>> ls -ld /var/lib/tomcat9/conf

root@mail:/var/lib/tomcat9/webapps/ROOT/WEB-INF/config# ls -ld /var
drwxr-xr-x 15 root root 4096 Oct 23 16:31 /var
root@mail:/var/lib/tomcat9/webapps/ROOT/WEB-INF/config# ls -ld /var/lib
drwxr-xr-x 63 root root 4096 Nov 10 10:28 /var/lib
root@mail:/var/lib/tomcat9/webapps/ROOT/WEB-INF/config# ls -ld /var/lib/tomcat9
drwxr-xr-x 6 root root 4096 Nov 17 09:42 /var/lib/tomcat9
root@mail:/var/lib/tomcat9/webapps/ROOT/WEB-INF/config# ls -ld 
/var/lib/tomcat9/conf
lrwxrwxrwx 1 tomcat tomcat 12 Sep 11  2019 /var/lib/tomcat9/conf -> /etc/tomcat9
root@mail:/var/lib/tomcat9/webapps/ROOT/WEB-INF/config# ls -ld /etc/tomcat9
drwxr-xr-x 4 root root 4096 Nov 16 12:17 /etc/tomcat9
root@mail:/var/lib/tomcat9/webapps/ROOT/WEB-INF/config# 

>> 
>> ... and of course that the JVM user can read 
>> /var/lib/tomcat9/conf/tomcat-users.xml which I assume is true since you said 
>> you already checked it.
>> 
>> What is the cwd of the JVM process?
>> 
root@mail:/var/lib/tomcat9/webapps/ROOT/WEB-INF/config# pwdx 125222
125222: /var/lib/tomcat9

>> The first message ("reloading") has the full path, and the second message 
>> ("file not found") only mentions a relative path. I wonder if that is the 
>> difference.
>> 
> 
> 
> Could it be that the second path relates to a missing env-Variable 
> $CATALINA_BASE or $CATALINA_HOME?
> 
root@mail:/var/lib/tomcat9/webapps/ROOT/WEB-INF/config# cat 
/proc/125222/environ | tr '\0' '\n'
USER=tomcat
HOME=/var/lib/tomcat
OLDPWD=/
CATALINA_HOME=/usr/share/tomcat9
SYSTEMD_EXEC_PID=125222
LOGNAME=tomcat
JOURNAL_STREAM=8:1778827
CACHE_DIRECTORY=/var/cache/tomcat9
JDK_JAVA_OPTIONS= --add-opens=java.base/java.lang=ALL-UNNAMED 
--add-opens=java.base/java.io=ALL-UNNAMED 
--add-opens=java.base/java.util=ALL-UNNAMED 
--add-opens=java.base/java.util.concurrent=ALL-UNNAMED 
--add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED
CATALINA_TMPDIR=/tmp
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin
INVOCATION_ID=84b60xxxxxxxxxxxa420e09ed
JAVA_OPTS=-Djava.awt.headless=true -Djdk.tls.ephemeralDHKeySize=2048 
-Djava.protocol.handler.pkgs=org.apache.catalina.webresources 
-Dorg.apache.catalina.security.SecurityListener.UMASK=0027
LANG=en_US.UTF-8
PWD=/var/lib/tomcat9
JAVA_HOME=/usr/lib/jvm/default-java
CATALINA_BASE=/var/lib/tomcat9
root@mail:/var/lib/tomcat9/webapps/ROOT/WEB-INF/config# 
> Peter

It seems the situation is straightened out since I changed the ownership of the 
file tomcat-users.xml
-rw-r----- 1 tomcat tomcat   2756 Jan 15  2022 tomcat-users.xml

Thanks for helping.

--
Christoph

> 
>> -chris
>>
smime.p7s
Description: S/MIME cryptographic signature
Re: Wondering about tomcat-users.xml could not be found

Reply via email to
