Tomcat down after kernel update
I am getting this error message:
The service "tomcat" appears to be down.The service "tomcat" appears to be down.
So I log in to WHM and Try to restart manually. But still getting this error:
How can I solve this?
Waiting for "tomcat" to restart ""waiting for "tomcat" to initialize """""finished.
(XID nw587v) The service "tomcat" failed to start with the message: tomcat is not running
Startup Log
Command '/usr/local/easy/bin/jsvc -user tomcat -cwd /usr/local/easy/share/easy-tomcat7 -pidfile /var/run/easy-tomcat7.pid -cp /usr/local/easy/bin/bootstrap.jar:/usr/local/easy/bin/tomcat-juli.jar:/usr/local/easy/share/java/commons-daemon.jar -Djava.endorsed.dirs=/usr/local/easy/share/easy-tomcat7/endorsed -outfile /var/log/easy-tomcat7/catalina.out -errfile /var/log/easy-tomcat7/catalina.err -verbose org.apache.catalina.startup.Bootstrap start' returned: 0
tomcat has failed. Please contact your system administrator if the service does not automagically recover.
How can I solve this?
-
Hello, A recent kernel update for CentOS/RHEL 6.x addresses the privilege escalation bug referenced on the following URL: CVE - CVE-2017-1000364 However, it looks like the changes associated with this kernel update prevent Tomcat from starting. We are tracking reports of this issue through internal case EAL-3164, but no additional information or workarounds are available at this time. Note that downgrading to the previously installed kernel does allow Tomcat to start again, but by downgrading the kernel your server loses the security patches included with the recent kernel update. I'll update this thread with more information as soon as it's available. Thank you. 0 -
Adding -Xss2m switch to /var/cpanel/tomcat.options and Tomcat restart resolves the problem. It's a confirmed workaround for the bug in question - [DAEMON-363] JSVC Fails to launch (SIGBUS 0x7) on Centos 6.9 Kernel 2.6.32-696.3.2.el6.x86_64 - ASF JIRA The mentioned tomcat.options file used by Tomcat 5.5. I'd like to know how can we provide Tomcat 7 the same switch? According to the documentation at Migrate from Tomcat 5.5 to Tomcat 7 - EasyApache - cPanel Documentation that should be /etc/sysconfig/easy-tomcat7 however it appears that Tomcat doesn't pick up the custom configuration provided in this file. Should there be some special configuration formatting in /etc/sysconfig/easy-tomcat7 ? 0 -
OK, both Tomcat 5.5 and Tomcat 7 use /var/cpanel/tomcat.options even though the documentation suggests that Tomcat 7 uses /etc/sysconfig/easy-tomcat7 file. Adding the -Xss2m switch to /var/cpanel/tomcat.options resolves the startup problem on both Tomcat versions. 0 -
Hello, To update, here's the link to the corresponding RedHat bug report: Bug 1464185 " jsvc doesn't work after kernel update for CVE-2017-1000364 Adding the -Xss2m switch to /var/cpanel/tomcat.options resolves the startup problem on both Tomcat versions.
It does appear that adding the following line to the /var/cpanel/tomcat.options file allows Tomcat to start:-Xss2m
However, note that we haven't completed sufficient testing on this workaround to verify it doesn't result in any unwanted side effects. We plan to push out an AutoFixer to automatically add this entry to the /var/cpanel/tomcat.options file once it's gone through additional testing. I'll continue to update this thread with more information as it becomes available.OK, both Tomcat 5.5 and Tomcat 7 use /var/cpanel/tomcat.options even though the documentation suggests that Tomcat 7 uses /etc/sysconfig/easy-tomcat7 file.
You are correct that startup options are configured with the /var/cpanel/tomcat.options file in both Tomcat 5.5 and Tomcat 7. I've opened an internal case (DOC-9141) with our Documentation Team to ensure this is reflected in our documentation. Thank you.0 -
After add "-Xss2m" I was able to restart tomcat service. But "Service Status" page still showing tomcat service as down. But I can open my jsp page normally. 0 -
After add "-Xss2m" I was able to restart tomcat service. But "Service Status" page still showing tomcat service as down. But I can open my jsp page normally.
The service status page updates once every few minutes as part of Chkservd. You can review /var/log/chkservd.log to see if there are any specific error messages if Tomcat is still detected as failed after it's most recent check. Thank you.0 -
Now "Service Status" is showing tomcat as up. Thank you. 0
Please sign in to leave a comment.
Comments
7 comments