Enabling non root user to run tomcat with port 443 - linux

I am trying to run tomcat with https as a non-root user. Configured server.xml with required port modification and added SSL configuration.
However when I execute sudo systemctl restart tomcat get following error in catalina.out
org.apache.coyote.AbstractProtocol.init Failed to initialize end point associated with ProtocolHandler ["https-jsse-nio-443"]
java.net.SocketException: Permission denied
at sun.nio.ch.Net.bind0(Native Method)
at sun.nio.ch.Net.bind(Net.java:433)
at sun.nio.ch.Net.bind(Net.java:425)

Follow this post
Resolution point number 5 works better
# setcap cap_net_bind_service+ep /path/to/bin/java

Related

Apache module is not enabled

Attempting to use directives for an Apache module that is not enabled will result in apachectl configtest messages like the following:Example Error Output
(13)Permission denied: AH00957: HTTP: attempt to connect to 127.0.0.1:9090 (127.0.0.1) failed
The Apache error log may have more information.
I tried verifying logs and searched the error in online but unable to find anything. Can someone please help with the same.

SonarQube failed to start web

I get the following error when I try to start SonarQube 7.7 on Linux.
WARN web[][o.s.p.ProcessEntryPoint] Fail to start web
java.lang.RuntimeException: org.apache.catalina.LifecycleException: Failed to initialize component [StandardServer[-1]]
at com.google.common.base.Throwables.propagate(Throwables.java:160)
at org.sonar.server.app.EmbeddedTomcat.start(EmbeddedTomcat.java:65)
at org.sonar.server.app.WebServer.start(WebServer.java:51)
at org.sonar.process.ProcessEntryPoint.launch(ProcessEntryPoint.java:113)
at org.sonar.process.ProcessEntryPoint.launch(ProcessEntryPoint.java:100)
at org.sonar.server.app.WebServer.main(WebServer.java:91)
Caused by: org.apache.catalina.LifecycleException: Failed to initialize component [StandardServer[-1]]
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:112)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:140)
at org.apache.catalina.startup.Tomcat.start(Tomcat.java:427)
at org.sonar.server.app.EmbeddedTomcat.start(EmbeddedTomcat.java:61)
... 4 common frames omitted
Caused by: org.apache.catalina.LifecycleException: Failed to initialize component [StandardService[Tomcat]]
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:112)
at org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:875)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107)
... 7 common frames omitted
Caused by: org.apache.catalina.LifecycleException: Failed to initialize connector [Connector[HTTP/1.1-9000]]
at org.apache.catalina.core.StandardService.initInternal(StandardService.java:559)
at org.apache.catalina.util..LifecycleBase.init(LifecycleBase.java:107)
Any help will be much appreciated.
Did you change the property "sonar.web.port" in the sonar.properties file?
I had the same problem when I tried to set this property to port 80.
When not running as root user on unix systems it is not allowed to bind to a low port.
# TCP port for incoming HTTP connections. Default value is 9000.
sonar.web.port=8080
With the default port 9000 it should work.
As an alternative it is possible to forword the low port to the port on which the sonar webserver is running.
sudo iptables -t nat -I PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 8080
Additionally this iptables configuration should be saved and restored after system restart. To achieve this, there exists different methos depending on the unix system.
In the class ProcessEntryPoint.java there is a connection to a shared directory:
public static final String PROPERTY_SHARED_PATH = "process.sharedDir";
Maybe you miss access rights. You could try to start as root for testing purpose or look for sharedDir in your configuration.

Android studio proxy settings

I'm using ubuntu 16 and I downloaded and installed the last version of android-studio (file android-studio-ide-181.5056338-linux.zip).
I'm running android-studio behind a corporate proxy. I unzipped the file and I launched the studio.sh and I configured the proxy by following these links https://developer.android.com/studio/intro/studio-config#proxy and link https://www.jetbrains.com/help/idea/2018.1/settings-http-proxy.html
Note I configured also my proxy authentication (both username and password) as showed in this image:
When I check the connection if I use some unsecure URLs (e.g. http://www.google.it) all works pretty good; the check is OK. If I use secure URLs (e.g. https://www.google.it) I get a 407 error (authentication required)
as showed in this image
Then I saved the settings and closed the IDE. Note I created no project yet... I just installed the IDE.
Now every time I start the IDE in the idea.log I see the following error:
2018-10-24 10:21:40,985 [e-1136-b06] INFO - CompilerWorkspaceConfiguration - Available processors: 4
2018-10-24 10:21:48,630 [d thread 2] INFO - ateSettings.impl.UpdateChecker - Status: 407
com.intellij.util.io.HttpRequests$HttpStatusException: Status: 407. Status=407, Url=https://dl.google.com/android/studio/patches/updates.xml?uid=a40d2545-8f35-41af-bfbd-4bb898d2dc21&os=Linux+4.4.0-138-generic&build=AI-181.5540.7.32.5056338
at com.intellij.util.io.HttpRequests.openConnection(HttpRequests.java:512)
at com.intellij.util.io.HttpRequests.access$300(HttpRequests.java:49)
at com.intellij.util.io.HttpRequests$RequestImpl.getConnection(HttpRequests.java:278)
at com.intellij.util.io.HttpRequests$RequestImpl.getInputStream(HttpRequests.java:287)
at com.intellij.util.io.HttpRequests$RequestImpl.getReader(HttpRequests.java:305)
at com.intellij.util.io.HttpRequests$RequestImpl.getReader(HttpRequests.java:298)
at com.intellij.openapi.updateSettings.impl.UpdateChecker$checkPlatformUpdate$1.process(UpdateChecker.kt:176)
at com.intellij.openapi.updateSettings.impl.UpdateChecker$checkPlatformUpdate$1.process(UpdateChecker.kt:54)
at com.intellij.util.io.HttpRequests.lambda$doProcess$0(HttpRequests.java:403)
at com.intellij.util.net.ssl.CertificateManager.runWithUntrustedCertificateStrategy(CertificateManager.java:335)
at com.intellij.util.io.HttpRequests.doProcess(HttpRequests.java:403)
at com.intellij.util.io.HttpRequests.process(HttpRequests.java:383)
at com.intellij.util.io.HttpRequests.access$100(HttpRequests.java:49)
at com.intellij.util.io.HttpRequests$RequestBuilderImpl.connect(HttpRequests.java:252)
at com.intellij.openapi.updateSettings.impl.UpdateChecker.checkPlatformUpdate(UpdateChecker.kt:174)
at com.intellij.openapi.updateSettings.impl.UpdateChecker.doUpdateAndShowResult(UpdateChecker.kt:120)
at com.intellij.openapi.updateSettings.impl.UpdateChecker.access$doUpdateAndShowResult(UpdateChecker.kt:54)
at com.intellij.openapi.updateSettings.impl.UpdateChecker$updateAndShowResult$2.run(UpdateChecker.kt:97)
at com.intellij.openapi.progress.impl.CoreProgressManager$TaskRunnable.run(CoreProgressManager.java:750)
at com.intellij.openapi.progress.impl.CoreProgressManager$5.run(CoreProgressManager.java:434)
at com.intellij.openapi.progress.impl.CoreProgressManager.lambda$runProcess$1(CoreProgressManager.java:157)
at com.intellij.openapi.progress.impl.CoreProgressManager.registerIndicatorAndRun(CoreProgressManager.java:580)
at com.intellij.openapi.progress.impl.CoreProgressManager.executeProcessUnderProgress(CoreProgressManager.java:525)
at com.intellij.openapi.progress.impl.ProgressManagerImpl.executeProcessUnderProgress(ProgressManagerImpl.java:85)
at com.intellij.openapi.progress.impl.CoreProgressManager.runProcess(CoreProgressManager.java:144)
at com.intellij.openapi.application.impl.ApplicationImpl.lambda$null$10(ApplicationImpl.java:565)
at com.intellij.openapi.application.impl.ApplicationImpl$1.run(ApplicationImpl.java:305)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
2018-10-24 10:21:48,631 [d thread 2] INFO - ateSettings.impl.UpdateChecker - Connection failed (Status: 407). Please check network connection and try again.
So it seems that my proxy settings are not used by the update phase. Note i tried also to use unsecure connections but the error remains.
Ho can I solve this issue?
Thank you
Angelo
Try this.
Change your Proxy settings like this.
And test your connection again.
https://developer.android.com/studio/intro/studio-config#proxy

Play2 IntelliJ leads to akka.stream.BindFailedException$: bind failed on Linux

When I try to run my (local) play application via the play2 plugin from intellij I get:
[ERROR] [06/03/2017 23:21:10.985] [play-dev-mode-akka.actor.default-dispatcher-2] [akka://play-dev-mode/system/IO-TCP/selectors/$a/0] Bind failed for TCP channel on endpoint [/0.0.0.0:80]
java.net.SocketException: Permission denied
at sun.nio.ch.Net.bind0(Native Method)
at sun.nio.ch.Net.bind(Net.java:433)
at sun.nio.ch.Net.bind(Net.java:425)
at sun.nio.ch.ServerSocketChannelImpl.bind(ServerSocketChannelImpl.java:223)
at sun.nio.ch.ServerSocketAdaptor.bind(ServerSocketAdaptor.java:74)
at akka.io.TcpListener.liftedTree1$1(TcpListener.scala:56)
at akka.io.TcpListener.<init>(TcpListener.scala:53)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
at akka.util.Reflect$.instantiate(Reflect.scala:65)
at akka.actor.ArgsReflectConstructor.produce(IndirectActorProducer.scala:96)
at akka.actor.Props.newActor(Props.scala:213)
at akka.actor.ActorCell.newActor(ActorCell.scala:555)
at akka.actor.ActorCell.create(ActorCell.scala:581)
at akka.actor.ActorCell.invokeAll$1(ActorCell.scala:454)
at akka.actor.ActorCell.systemInvoke(ActorCell.scala:476)
at akka.dispatch.Mailbox.processAllSystemMessages(Mailbox.scala:282)
at akka.dispatch.Mailbox.run(Mailbox.scala:223)
at akka.dispatch.Mailbox.exec(Mailbox.scala:234)
at akka.dispatch.forkjoin.ForkJoinTask.doExec(ForkJoinTask.java:260)
at akka.dispatch.forkjoin.ForkJoinPool$WorkQueue.runTask(ForkJoinPool.java:1339)
at akka.dispatch.forkjoin.ForkJoinPool.runWorker(ForkJoinPool.java:1979)
at akka.dispatch.forkjoin.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:107)
akka.stream.BindFailedException$: bind failed
If however, I run it via sbt run, everything works like a charm.
1) Why is that?
2) How can I fix this? (Running on Linux 4.11 here - I understand that the port is only allowed "sudoers", but then I wonder why the sbt-way works)
3) Any other way to run play in "debug mode"? I would like to set some break points and analyze the flow.
I ran into similiar issues before. Deploying to port requires permissions, if you want to strt the service on local, you can change the port to 9000, if you don'5 want this issue to occur. Then, when you deploy on production, you can change it to 80 and follow this guide :
https://www.playframework.com/documentation/2.5.x/Deploying
If you have changed build.sbt to listen on port 80, remove that line. IntelliJ still thinks app wants to run on 80
And also:
If you have changed application.conf, make sure port is not set to 80.

starting FedoOne server

I have followed the installation instructions as shown here
to install the FedOne server,I am using openfire as the xmpp server and I have managed to run the server and the client as supposed.
After a while I thought of deploying an agent and wanted to start the FedOne server again but the run-server.sh fails complaining
`2010-09-20 12:25:30.425:WARN::FAILED SelectChannelConnector#localhost:9879: java.net.BindException: Address already in use
2010-09-20 12:25:30.425:DBUG::EXCEPTION
java.net.BindException: Address already in use
at sun.nio.ch.Net.bind(Native Method)
at sun.nio.ch.ServerSocketChannelImpl.bind(ServerSocketChannelImpl.java:137)
at sun.nio.ch.ServerSocketAdaptor.bind(ServerSocketAdaptor.java:77)
at org.eclipse.jetty.server.nio.SelectChannelConnector.open(SelectChannelConnector.java:209)
at org.eclipse.jetty.server.nio.SelectChannelConnector.doStart(SelectChannelConnector.java:289)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:55)
at org.eclipse.jetty.server.Server.doStart(Server.java:253)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:55)
at org.waveprotocol.wave.examples.fedone.rpc.ServerRpcProvider.startWebSocketServer(ServerRpcProvider.java:328)
at org.waveprotocol.wave.examples.fedone.ServerMain.run(ServerMain.java:74)
at org.waveprotocol.wave.examples.fedone.ServerMain.main(ServerMain.java:48)
org.eclipse.jetty.server.Server#9300cc STOPPED
+-ServletContextHandler#1469658#1469658/,file:/home/maxsap/Documents/progrs/FedOne/wave-protocol/war/ started
+-ServletHandler#1304043 started
+-[/wave]=>org.waveprotocol.wave.examples.fedone.rpc.WaveClientServlet-7654146{}
+-[/socket]=>org.waveprotocol.wave.examples.fedone.rpc.ServerRpcProvider$WaveWebSocketServlet-33239569{bufferSize=1048576}
+-[/static/]=>org.eclipse.jetty.servlet.DefaultServlet-21909041{}
+-[/webclient/]=>org.eclipse.jetty.servlet.DefaultServlet-21909041{}
+-[/]=>org.waveprotocol.wave.examples.fedone.rpc.WaveClientServlet-9975050{}
+-[/attachment/*]=>org.waveprotocol.wave.examples.fedone.rpc.AttachmentServlet-33355664{}
2010-09-20 12:25:30.426:WARN::FAILED org.eclipse.jetty.server.Server#9300cc: java.net.BindException: Address already in use
2010-09-20 12:25:30.426:DBUG::EXCEPTION
java.net.BindException: Address already in use
at sun.nio.ch.Net.bind(Native Method)
at sun.nio.ch.ServerSocketChannelImpl.bind(ServerSocketChannelImpl.java:137)
at sun.nio.ch.ServerSocketAdaptor.bind(ServerSocketAdaptor.java:77)
at org.eclipse.jetty.server.nio.SelectChannelConnector.open(SelectChannelConnector.java:209)
at org.eclipse.jetty.server.nio.SelectChannelConnector.doStart(SelectChannelConnector.java:289)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:55)
at org.eclipse.jetty.server.Server.doStart(Server.java:253)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:55)
at org.waveprotocol.wave.examples.fedone.rpc.ServerRpcProvider.startWebSocketServer(ServerRpcProvider.java:328)
at org.waveprotocol.wave.examples.fedone.ServerMain.run(ServerMain.java:74)
at org.waveprotocol.wave.examples.fedone.ServerMain.main(ServerMain.java:48)
Sep 20, 2010 12:25:30 PM org.waveprotocol.wave.examples.fedone.rpc.ServerRpcProvider startWebSocketServer
SEVERE: Fatal error starting http server.
java.net.BindException: Address already in use
at sun.nio.ch.Net.bind(Native Method)
at sun.nio.ch.ServerSocketChannelImpl.bind(ServerSocketChannelImpl.java:137)
at sun.nio.ch.ServerSocketAdaptor.bind(ServerSocketAdaptor.java:77)
at org.eclipse.jetty.server.nio.SelectChannelConnector.open(SelectChannelConnector.java:209)
at org.eclipse.jetty.server.nio.SelectChannelConnector.doStart(SelectChannelConnector.java:289)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:55)
at org.eclipse.jetty.server.Server.doStart(Server.java:253)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:55)
at org.waveprotocol.wave.examples.fedone.rpc.ServerRpcProvider.startWebSocketServer(ServerRpcProvider.java:328)
at org.waveprotocol.wave.examples.fedone.ServerMain.run(ServerMain.java:74)
at org.waveprotocol.wave.examples.fedone.ServerMain.main(ServerMain.java:48)`
by default the server runs at the port 9898 as shown on the above output,I have tried using netstat and lsof to find what service is using that port but no one does!
also tried to change the port from the configuration but also no luck!
Has anyone had the same problem? if yes have he/she solved it? and how
also is there any linux command that I can query the port and tell me who is using that service?
So it terns out that the server runs after all but for some reason it complains about the bind exception.
The correct way to look for the service given a port is either the one on the comment above or using fuser <protocol> <port>.

Resources