Ubuntu – Permissions for tomcat 8 service file not working

systemdtomcatUbuntu

I'm trying to install tomcat 8 on ubuntu 16.04. This is the guide I'm following:

https://www.digitalocean.com/community/tutorials/how-to-install-apache-tomcat-8-on-ubuntu-16-04

The basic idea is that you're supposed to create an additional user named "tomcat" with limited rights to run tomcat. When I try to run the final command to start as a service (tried it as root):

sudo systemctl start tomcat

I get the following error:

Job for tomcat.service failed because the control process exited with error code. See "systemctl status tomcat.service" and "journalctl -xe" for details.

Checking systemctl status:

tomcat.service - Apache Tomcat Web Application Container
Loaded: loaded (/etc/systemd/system/tomcat.service; disabled; vendor preset: enabled)
Active: activating (auto-restart) (Result: exit-code) 
Process: 14 ExecStart=/opt/tomcat/bin/startup.sh (code=exited, status=203/EXEC)

systemd[1]: Starting Apache Tomcat Web Application Container...
systemd[1]: tomcat.service: Control process exited, code=exited status=203
systemd[1]: Failed to start Apache Tomcat Web Application Container.
systemd[1]: tomcat.service: Unit entered failed state.
systemd[1]: tomcat.service: Failed with result 'exit-code'.

This is the tomcat.service file:

# /etc/systemd/system/tomcat.service

[Unit]
Description=Apache Tomcat Web Application Container
After=network.target

[Service]
Type=forking

Environment=JAVA_HOME=/usr/lib/jvm/java-1.8.0-openjdk-amd64
Environment=CATALINA_PID=/opt/tomcat/temp/tomcat.pid
Environment=CATALINA_HOME=/opt/tomcat
Environment=CATALINA_BASE=/opt/tomcat
Environment='CATALINA_OPTS=-Xms512M -Xmx1024M -server -XX:+UseParallelGC'
Environment='JAVA_OPTS=-Djava.awt.headless=true -Djava.security.egd=file:/dev/./urandom'

ExecStart=/opt/tomcat/bin/startup.sh
ExecStop=/opt/tomcat/bin/shutdown.sh

User=tomcat
Group=tomcat
RestartSec=10
Restart=always

[Install]
WantedBy=multi-user.target

These are the access rights on the /tomcat/bin folder:

-rwxr-x--- 1 root root   1902 Jul  6 08:44 shutdown.sh
-rwxr-x--- 1 root root   1904 Jul  6 08:44 startup.sh
...

Other users are reporting the same problem, and suggest giving the "tomcat" user ownership of the entire "tomcat" folder. But that seems to conflict with the spirit of the article (limiting access to improve security).

I'm not sure if I'm missing something implied in the article here regarding permissions?

Thanks

Best Answer

Simply delete everything you have done so far. Then:

sudo apt-get install tomcat8
sudo service tomcat8 start

Related Solutions

Linux – Systemd service start error

I'm assuming you have checked nothing else is using port 80 (which I assume lighttpd is configured to use). Check that bonescript still doesn't have the port bound, stop it with:

systemctl stop bonescript.service
systemctl stop bonescript.socket

Systemctl Service ‘systemd-modules-load’ Fails – How to Diagnose

I too had this issue. I was able to solve it by following the instructions on the Arch Linux systemd wiki page. Here is a summary of what I did :

Lets find the systemd services which fail to start

$ systemctl --failed  
------------------------------------------------------------------------
systemd-modules-load.service   loaded failed failed  Load Kernel Modules

Ok, we found a problem with systemd-modules-load service. We want to know more.

$ systemctl status systemd-modules-load  
------------------------------------------------------------------------
systemd-modules-load.service - Load Kernel Modules      
   Loaded: loaded (/usr/lib/systemd/system/systemd-modules-load.service; static)     
   Active: failed (Result: exit-code) since So 2013-08-25 11:48:13 CEST; 32s ago  
     Docs: man:systemd-modules-load.service(8).  
           man:modules-load.d(5)
  Process: 15630 ExecStart=/usr/lib/systemd/systemd-modules-load (code=exited, status=1/FAILURE)

If the Process ID is not listed, just restart the failed service with

$ systemctl restart systemd-modules-load

Now we have the process id (PID) to investigate this error in depth. Enter the following command with the current Process ID (here: 15630):

$ journalctl _PID=15630
----------------------------------------------------------------------
-- Logs begin at Sa 2013-05-25 10:31:12 CEST, end at So 2013-08-25 11:51:17 CEST. --
Aug 25 11:48:13 mypc systemd-modules-load[15630]: Failed to find module 'blacklist usblp'
Aug 25 11:48:13 mypc systemd-modules-load[15630]: Failed to find module 'install usblp /bin/false'

We see that some of the kernel module configs have wrong settings. Therefore we have a look at these settings in /etc/modules-load.d/

$ ls -Al /etc/modules-load.d/
----------------------------------------------------------------------
...  
-rw-r--r--   1 root root    79  1. Dez 2012  blacklist.conf  
-rw-r--r--   1 root root     1  2. Mär 14:30 encrypt.conf  
-rw-r--r--   1 root root     3  5. Dez 2012  printing.conf  
-rw-r--r--   1 root root     6 14. Jul 11:01 realtek.conf  
-rw-r--r--   1 root root    65  2. Jun 23:01 virtualbox.conf  
...

The Failed to find module 'blacklist usblp' error message might be related to a wrong setting inside of blacklist.conf. Lets deactivate it with inserting a trailing # before each option we found via step 3:
```
/etc/modules-load.d/blacklist.conf  
----------------------------------------------------------------------
# blacklist usblp  
# install usblp /bin/false  
```

Now, try to start systemd-modules-load:

$ systemctl restart systemd-modules-load

If it was successful, this should not prompt anything. If you see any error, go back to step 3 and use the new PID for solving the errors left.

If everything is ok, you can verify that the service was started successfully with:

$ systemctl status systemd-modules-load
----------------------------------------------------------------------
systemd-modules-load.service - Load Kernel Modules
   Loaded: loaded (/usr/lib/systemd/system/systemd-modules-load.service; static)
   Active: active (exited) since So 2013-08-25 12:22:31 CEST; 34s ago
     Docs: man:systemd-modules-load.service(8)
           man:modules-load.d(5)
 Process: 19005 ExecStart=/usr/lib/systemd/systemd-modules-load (code=exited, status=0/SUCCESS)
Aug 25 12:22:31 mypc systemd[1]: Started Load Kernel Modules.

Best Answer

Related Solutions

Linux – Systemd service start error

Systemctl Service ‘systemd-modules-load’ Fails – How to Diagnose

Related Question