On Wed, Aug 10, 2016 at 11:41 AM, Christopher Schultz < ch...@christopherschultz.net> wrote:
> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > Sean, > > On 8/10/16 10:39 AM, Sean Son wrote: > > On Wed, Aug 10, 2016 at 10:06 AM, Sean Son > > <linuxmailinglistsem...@gmail.com > >> wrote: > > > >> > >> > >> On Tue, Aug 9, 2016 at 5:05 PM, Mark Eggers > >> <its_toas...@yahoo.com.invalid > >>> wrote: > >> > >>> Sean, > >>> > >>> > >>> On 8/9/2016 1:55 PM, Sean Son wrote: > >>>> On Mon, Aug 8, 2016 at 11:31 AM, Mark Eggers > >>>> <its_toas...@yahoo.com.invalid> wrote: > >>>> > >>>>> Sean, > >>>>> > >>>>> On 8/8/2016 7:10 AM, Sean Son wrote: > >>>>>> On Fri, Aug 5, 2016 at 5:34 PM, Mark Eggers > >>>>> <its_toas...@yahoo.com.invalid> > >>>>>> wrote: > >>>>>> > >>>>>>> On 8/5/2016 2:19 PM, Sean Son wrote: > >>>>>>>> Hello! > >>>>>>>> > >>>>>>>> I am currently running Tomcat 8 on RHEL 7.2 with one > >>>>>>>> web application called AppVet (A mobile Application > >>>>>>>> Vetting program). The application works well but > >>>>>>>> when I tried to use a script to allow tomcat to start > >>>>>>>> up at boot, the webapp gives an authentication error. > >>>>>>>> I saw the following error in the logs for appvet: > >>>>>>>> > >>>>>>>> > >>>>>>>> [ERROR] Could not connect to database: > >>>>>>>> com.mysql.jdbc.exceptions.jdbc4.CommunicationsException: > >>>>>>>> > >>>>>>>> > Communications link failure > >>>>>>>> > >>>>>>>> The last packet sent successfully to the server was > >>>>>>>> 0 milliseconds ago. The driver has not received any > >>>>>>>> packets from the server. Make sure your MySQL > >>>>>>>> password in your AppVetProperties.xml file is > >>>>>>>> correct > >>>>>>>> > >>>>>>>> > >>>>>>>> I know for a fact that the MySQL password is correct > >>>>>>>> in that XML file. I double checked it already. Any > >>>>>>>> ideas on how I should fix this error? > >>>>>>>> > >>>>>>>> This is the script that I am using for > >>>>>>>> startup/shutdown of Tomcat8 on boot: > >>>>>>>> > >>>>>>>> http://pastebin.com/mrvfDtTD > >>>>>>>> > >>>>>>>> Thanks! > >>>>>>>> > >>>>>>>> Sean > >>>>>>>> > >>>>>>> > >>>>>>> It appears that your Tomcat process is running as root. > >>>>>>> Do not do this. > >>>>>>> > >>>>>>> Is your MySQL server up and running before Tomcat is > >>>>>>> started? > >>>>>>> > >>>>>>> . . . just my two cents /mde/ > >>>>>>> > >>>>>>> > >>>>>> Hello thank you for your response > >>>>>> > >>>>>> I created a user account for Tomcat, I will set the > >>>>>> script to use that account instead of the root account. > >>>>>> Question though, does this account need a password? > >>>>> > >>>>> Yes, especially since you'll be running a service. > >>>>> > >>>>> Note that if you're running Tomcat on a privileged port > >>>>> (less than 1024), a non-root account will not be able to > >>>>> bind to this port. > >>>>> > >>>>> You have three choices. > >>>>> > >>>>> 1. iptables > >>>>> > >>>>> route port 80 to port 8080 (Tomcat default) internally. > >>>>> Take a look at the iptables documentation. > >>>>> > >>>>> 2. jsvc > >>>>> > >>>>> jsvc from the Apache Commons Daemon project allows you to > >>>>> run a service such as Tomcat more easily. I don't remember > >>>>> if there is an RPM for RHEL or not (possible in EPEL). It's > >>>>> configuration and startup script are different, but the > >>>>> documentation is a good start (there are Tomcat examples). > >>>>> > >>>>> https://commons.apache.org/proper/commons-daemon/jsvc.html > >>>>> > >>>>> 3. Apache HTTPD front end with mod_proxy_ajp or mod_jk > >>>>> > >>>>> I'd do this if you need Apache HTTPD for other web > >>>>> applications (a PHP application, perhaps). There is good > >>>>> documentation available on the Tomcat web site, as well as > >>>>> a ton of discussion on the mailing list to get this > >>>>> running. > >>>>> > >>>>> If you don't feel like building software, I'd recommend > >>>>> mod_proxy_ajp. I find mod_jk more flexible and a little > >>>>> easier to use (opinions on easy of use vary), but you'd > >>>>> have to build mod_jk from source. It's easy to do, but some > >>>>> people find that a little more challenging. > >>>>> > >>>>>> > >>>>>> Also, I cant tell if the MySQL server is up and running > >>>>>> prior to Tomcat being started. I know that mysqld is > >>>>>> enabled to start at boot, but I dont know if Tomcat > >>>>>> starts prior to MySQL. How would I figure that out? > >>>>>> > >>>>> > >>>>> I thought REHL 7 uses systemd and not init scripts? > >>>>> > >>>>> There have been many discussions on the mailing list > >>>>> concerning systemd and Tomcat. I think someone has posted > >>>>> appropriate systemd scripts. > >>>>> > >>>>> If not, then look at /etc/rc3.d. Start and stop scripts > >>>>> are executed in numerical order. Start scripts start with > >>>>> S, stop scripts start with K. > >>>>> > >>>>> Adjust the numbers in your Tomcat init script > >>>>> (/etc/initinit.d) so that the start comes after MySQL > >>>>> (second number in the chkconfig line). > >>>>> > >>>>> You'll have to chkconfig --del and chkconfig --add to have > >>>>> the new numbers take effect in /etc/rcx.d. > >>>>> > >>>>>> > >>>>>> Thanks! > >>>>>> > >>>>> > >>>>> . . . just my two cents /mde/ > >>>>> > >>>>> > >>>>> > >>>> > >>>> hello thank you for your response. > >>>> > >>>> So i decided to go the SystemD route and I found this > >>>> article online: > >>>> > >>>> https://panovski.me/install-tomcat-8-on-centos-7/ > >>>> > >>>> I followed the instructions and instead of downloading Tomcat > >>>> and installing it in /opt/tomcat, I copied the existing > >>>> Tomcat installation, which was in /home/username, into > >>>> /opt/tomcat and I gave the entire installation directory, an > >>>> owner and group of tomcat. Then I set up the following > >>>> tomcat.service unit file: > >>>> > >>>> > >>>> [Unit] Description=Apache Tomcat Web Application Container > >>>> After=network.target > >>>> > >>>> [Service] Type=forking PIDFile=/var/run/tomcat.pid > >>>> Environment=CATALINA_PID=/var/run/tomcat.pid > >>>> Environment=JAVA_HOME=/usr/java/jdk1.8.0_92 > >>>> Environment=CATALINA_HOME=/opt/tomcat/apache-tomcat-8.0.35 > >>>> Environment=CATALINA_BASE=/opt/tomcat/apache-tomcat-8.0.35 > >>>> Environment=CATALINA_OPTS= > >>>> > >>>> ExecStart=/opt/tomcat/apache-tomcat-8.0.35/bin/jsvc \ > >>>> -Dcatalina.home=${CATALINA_HOME} \ > >>>> -Dcatalina.base=${CATALINA_BASE} \ -cp > >>>> ${CATALINA_HOME}/bin/commons-daemon.jar:${CATALINA_HOME}/bin > >>> /bootstrap.jar:${CATALINA_HOME}/bin/tomcat-juli.jar > >>>> > >>>> > >>> \ > >>>> -user tomcat \ -java-home ${JAVA_HOME} \ -pidfile > >>>> /var/run/tomcat.pid \ -errfile SYSLOG \ -outfile SYSLOG \ > >>>> $CATALINA_OPTS \ org.apache.catalina.startup.Bootstrap > >>>> > >>>> ExecStop=/opt/tomcat/bin/jsvc \ -pidfile /var/run/tomcat.pid > >>>> \ -stop \ org.apache.catalina.startup.Bootstrap > >>>> > >>>> [Install] WantedBy=multi-user.target > >>>> > >>>> > >>>> > >>>> I set up JSVC as well just like how the article suggested, > >>>> but when I run systemctl start tomcat and I try to browse to > >>>> https://IP Address:8443 (I am using SSL on Tomcat), I get > >>>> the following errors in the webbrowser: > >>>> > >>>> http://pastebin.com/8RANM5NF > >>>> > >>>> Any ideas on what I should do to resolve this issue? > >>>> > >>>> Thanks! > >>>> > >>> > >>> Looks like a permissions problem: > >>> > >>> /opt/tomcat/apache-tomcat-8.0.35/work/Catalina/localhost/ROO > >>> T/org/apache/jsp/index_jsp.class (Permission denied) > >>> > >>> What are the permissions and ownership (owner, group) for the > >>> files and directories under /opt/tomcat - especially > >>> /opt/tomcat/apache-tomcat-8.0.35? > >>> > >>> . . . just my two cents /mde/ > >>> > >>> > >> Hello ! thank you for your response > >> > >> I checked the permissions for that path: the owner and group for > >> the path is tomcat:tomcat EXCEPT for the index_jsp.class and > >> index_jsp.java, both of which are owned/group by root. So it > >> looks like when the systemd unit is ran, the two files are > >> created by root as opposed to by Tomcat. how would I fix this? > >> > >> > >> Thanks! > >> > >> > >> > > > > Hello > > > > I changed the permissions on the two files tomcat:tomcat and > > restarted Tomcat... it took a while, probably close to 10 minutes > > for the server to come up but now I can see the Tomcat start page.. > > How come it takes so long for it to start up? Any way that I can > > speed up the process? > > Take a thread dump to find out what's going on. > > My guess is that the server is waiting for entropy from /dev/random > > - -chris > -----BEGIN PGP SIGNATURE----- > Comment: GPGTools - http://gpgtools.org > Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ > > iQIcBAEBCAAGBQJXq0sQAAoJEBzwKT+lPKRYF/MQAL51sKfOB9hwdTAmI+H2BHE4 > ffH3IRwJX7VxN/5Qomjx8/SjrT6aprEt6w11tUtWDRoXLD9L0WmjrEYqXWvvSFU1 > EuZlqtlODX4yjmOWLYarpoDcx2JgbMCFnQzTdMlWKa/NBZm4VE0JylHaN1HL1oUM > Nd0UP7CvVfCQtgVp48uv+J/NXN4b43tA3Gpi89bDnadEbjtS626xO9XG06ziplrq > NrywiRaHlPthviAavDNqLrnOZ6xEVD5v13y/pijniITgYjC0NocS2ZH2U6yItvY6 > JsC8mUQVKtyLeqrIuLWjApU0hJLrAPJq5MZ+Qsym3A35zs2rgcD19EM/n7leywi5 > 6gRfYSs45ip/Cnw/2yb/76lM04YeCfGFXUw6u1w3oBz6Xw8O2ym+vGOj4AH2L025 > rzaLMjN2pDc+QLClacnjWi1nYrtUYPgMSzgdNB5C3DxfT6KnXyWPSNTX4J5hIvwd > vyjX9p/oY+ZVV4dc2hfcB2gHpBLCDukX/av1/Qk3+31L4+pIftbP6TpikvQxLY35 > 4Pq+sUwPeyRNQHT7UVoL3PkYNDr/AO+Rqn3gqb2QZvxyfFl8eJybjojZ22wiIxGZ > qzme2uH6G3WthiXfsc4GkwxF+v/GFDfBRPgNqfzBpo0pD8W2UdMxDzJGAd1vyVAz > INbWFCmaKwtnfjfE3grJ > =+cO0 > -----END PGP SIGNATURE----- > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > Thank you for your response. I installed haveged from the EPEL repository. I read that it should fix that issue. I rebooted the server a few times and it seems to be coming up much better now.
