0

I've installed archlinux in the office for development. We use maven to deploy our application to tomcat. I have installed tomcat7.0.47. I've setup everything OK (I think) and I can deploy the webapp to tomcat using tomcat:redeploy. I can start, stop and restart tomcat using systemctl. The problem is tomcat cannot create (or even find) its log directories or create other directories. I know this is a file permission problem and I have done:

chown -R tomcat7:tomcat7

and

chmod -R 775

on /usr/share/tomcat7 and all the directories that are linked in this directory like /etc/tomcat7/, etc.

But still, when I redeploy to tomcat, I can't see the application start in firefox (I get 404) and catalina.out gives me 

java.io.FileNotFoundException: logs/raven/org.ird.raven.2013-12-07.log (No such file or directory)

and systemctl status tomcat7 gives me:

tomcat7.service - Tomcat 7 servlet container
Loaded: loaded (/usr/lib/systemd/system/tomcat7.service; enabled)
Active: active (running) since Sat 2013-12-07 08:40:30 AFT; 15min ago
Process: 4453 ExecStart=/usr/bin/jsvc -Dcatalina.home=${CATALINA_HOME} -Dcatalina.base=${CATALINA_BASE} -Djava.io.tmpdir=/var/tmp/tomcat7/temp -cp /usr/share/java/commons-daemon.jar:/usr/share/java/eclipse-ecj.jar:${CATALINA_HOME}/bin/bootstrap.jar:${CATALINA_HOME}/bin/tomcat-juli.jar -user tomcat7 -java-home ${TOMCAT_JAVA_HOME} -pidfile /var/run/tomcat7.pid -errfile /var/log/tomcat7/catalina.err -outfile /var/log/tomcat7/catalina.out $CATALINA_OPTS org.apache.catalina.startup.Bootstrap (code=exited, status=0/SUCCESS)
Main PID: 4457 (jsvc)
CGroup: /system.slice/tomcat7.service
       ├─4456 jsvc.exec -Dcatalina.home=/usr/share/tomcat7 -Dcatalina.base=/usr/share/tomcat7 -Djava.io.tmpdir=/var/tmp/tomcat7/temp -cp /usr/share/java/commons-daemon.ja...
       └─4457 jsvc.exec -Dcatalina.home=/usr/share/tomcat7 -Dcatalina.base=/usr/share/tomcat7 -Djava.io.tmpdir=/var/tmp/tomcat7/temp -cp /usr/share/java/commons-daemon.ja...

Dec 07 08:40:30 archbase systemd[1]: tomcat7.service: Supervising process 4457 which is not our child. We'll most likely not notice when it exits.
Dec 07 08:40:30 archbase systemd[1]: Started Tomcat 7 servlet container.

Right after I changed the file permissions, I got something like:

systemctl status tomcat7
PID file /var/run/tomcat7.pid not readable (yet?) after start.

What do I have to do to make this work. I really like to work on Arch. It's fast and simple (after you set it up). Can anyone help me please?

By the way, I was first working on a Windows 7 and then I went to OpenSuse and now I want to set up an Arch.

hamid
  • 1,828
  • 1
  • 13
  • 17

2 Answers2

2

Yes, chmod on files owned by packages are bad practice because these rights are set by packagers on purpose. The pid not readable (yet?) after start is most probably due to the chmod. I would recommend using pacman -Rs tomcat7, removing or making a backup of your exploded war from /var/lib/tomcat7/webapps and finaly reinstalling Tomcat 7 with pacman -S tomcat7 to start with a fresh install.

As for your original question, Tomcat can find and write its directory/log but it seems your webapp or one of its dependency API cannot. You should have a look at where this logs/raven/org.ird.raven.2013-12-07.log is set to be created and perhaps create its directory hierarchy where it is supposed to be.

You can double check Tomcat has the expected rights on directories by issuing su tomcat7 -c "ls $DIR" or su tomcat7 -c "mkdir $DIR.

galaux
  • 375
  • 2
  • 14
  • I did as you said. It was great advise. I removed tomcat7 (pacman -Rs) and it deleted the tomcat7 user and group. I created them again and installed tomcat7 again. I did sudo su tomcat7 and I saw that tomcat cannot read my home directory (we redirect tomcat using apache to read from home directory for easier deverlopment (Alias in apache). I made my home directory readable to users!!! Now my app works but I'm not sure if that was the right thing I should've done. Also when installing tomcat it complains tomcat is neither a group nor a user but it actually needs "tomcat7" not "tomcat". – hamid Dec 12 '13 at 05:10
  • No need to create user nor group `tomcat7`, they are both created by package scripts. – galaux Dec 12 '13 at 13:37
  • As for tomcat7 accessing your home: as this looks like a development machine this seems OK to me. For a production machine, a dedicated directory with R/W for `tomcat7` would be best of course. – galaux Dec 12 '13 at 13:44
  • I don't have a reputation of 15, so I couldn't upvote your answer. Sorry. I marked it as the correct answer though. Your advice helped. I couldn't do `su tomcat7 -c "mkdir $DIR` but I tried doing `sudo su tomcat7` which didn't work either. I removed tomcat7 and then the tomcat7 user and group. Then I created them and made sure I could log in as tomcat7. I tried reading from the user directory where my files are located. I couldn't. I made them readable to the `users` group and then installed tomcat7. That solved my problem. – hamid Dec 23 '13 at 10:11
  • I edited `/usr/lib/systemd/system/tomcat7.service` and made tomcat7 run as root (temporarily). This created the logs and vault folders that I needed tomcat7 to create. Then I changed the file again and made it run as tomcat7 again. Thanks galaux. – hamid Dec 23 '13 at 10:17
0

After a year of using Arch Linux, I now know a lot about it than I knew when I first asked this question. @galaux's answer is still valid and correct but I want to make sure any one else who reads this question has a straight answer and spends less time on fixing this problem. If the webapp you have deployed to tomcat cannot write logs to the system then change the destination of the logs in your webapp to a place on the system that tomcat can write to. Also make sure you have specified the absolute location. There are two places on arch linux (and other linux distros as far as I have encountered) that tomcat has the right to write into:

  1. /var/log/tomcat7
  2. /tmp

You can do this for other purposes too. For example my webapp saves user photos on the system. On the production server the location for that is something like /vault/raven but on my work machine, I have set it to /tmp/vault. This has the benefit of being deployable anywhere. I mean I can just start working on any other machine right away without worrying about creating directories for my webapp. Yet again if you don't want to do that, you can do like I did when I first solved this problem. There may be downsides to this but it's a quick solution. Just go to the service file that runs tomcat. In archlinux, it is in /usr/lib/systemd/system/tomcat7.service and replace -user tomcat7 with -user root. Once you do a systemctl daemon-reload and systemctl restart tomcat7, your tomcat should create the directories itself. Then change the user back to tomcat7 and make tomcat7 the owner of those directories and restart tomcat.

hamid
  • 1,828
  • 1
  • 13
  • 17
  • hi Hamid, your approach helps, but additionally, if I want to create a separate dir, eg /var/log/myapp and set tomcat as the owner of the directory, as well as give 755 to that dir, it seems I still can't ask myapp to write log files into it. Do you think I've missed anything? Thanks. – James Jiang Feb 10 '15 at 02:51
  • I can only suggest to make sure you have specified the absolute path to the directory (also try adding `/` at the end of it). Once that works, you can try shortening the path to get the relative one. Check if tomcat7 is a user on your system `cat /etc/passwd | grep tomcat7`? The tomcat user may just be `tomcat` and not `tomcat7`. And as @galaux has said, see if this `su tomcat7 -c "ls /var/log/myapp"` returns anything. – hamid Feb 10 '15 at 11:34