j_security_check error

[Russ Robinson]

In order to try out Rundeck 5.1.2 and its ssh plugin before rolling it out to one of our actual servers, I spun up an Oracle Linux 7 server and followed https://docs.rundeck.com/docs/administration/install/linux-rpm.html#installing-rundeck .

Basically, ran:

- Issue: yum install java-11-openjdk-devel

- Issue: rpm -i rundeck-5.1.2.20240328-1.noarch.rpm

- Updated /etc/rundeck/rundeck-config.properties to have: grails.serverURL=http://<fqdn>:4440

After browsing to http://<fqdn>:4440 and entering the default admin userid/password, the browser eventually hits "The connection has timed out" with url http://<fqdn>:4440/j_security_check url.

There is no load balancer, haproxy, or apache in front.  I'm just hitting the Rundeck url directly.

I know it's probably obvious (and I need more caffeine); but any suggestions on what I am overlooking?

[rac...@rundeck.com]

Hello, Russ.

Does this happen with any web browser? Could you try in an incognito tab? Do you see the same behavior?

Regards.

[Russ Robinson]

Yes - it happens in both Firefox and Chrome.  I tried with Firefox private browsing and Chrome incognito this morning; but the same issue happens.

[rac...@rundeck.com]

I see,

I’ve installed Rundeck in Oracle Linux 7 following your steps without issues. Could you share your /etc/rundeck/rundeck-config.properties, /etc/rundeck/framework.properties, /etc/rundeck/profile and the /etc/sysconfig/rundeckd (if exists) files content to take a look? Also, do you see any clue in the service.log?

​

[Russ Robinson]

/etc/rundeck/rundeck-config.properties

#loglevel.default is the default log level for jobs: ERROR,WARN,INFO,VERBOSE,DEBUG

loglevel.default=INFO

rdeck.base=/var/lib/rundeck

#rss.enabled if set to true enables RSS feeds that are public (non-authenticated)

rss.enabled=false

# change hostname here

# grails.serverURL=http://localhost:4440

grails.serverURL=http://myfqdn.test.com:4440

dataSource.dbCreate = none

dataSource.url = jdbc:h2:file:/var/lib/rundeck/data/rundeckdb;DB_CLOSE_ON_EXIT=FALSE;NON_KEYWORDS=MONTH,HOUR,MINUTE,YEAR,SECONDS

grails.plugin.databasemigration.updateOnStart=true

# Encryption for key storage

rundeck.storage.provider.1.type=db

rundeck.storage.provider.1.path=keys

rundeck.storage.converter.1.type=jasypt-encryption

rundeck.storage.converter.1.path=keys

rundeck.storage.converter.1.config.encryptorType=custom

rundeck.storage.converter.1.config.password=1f38d747b496d96a

rundeck.storage.converter.1.config.algorithm=PBEWITHSHA256AND128BITAES-CBC-BC

rundeck.storage.converter.1.config.provider=BC

# Encryption for project config storage

rundeck.projectsStorageType=db

rundeck.config.storage.converter.1.type=jasypt-encryption

rundeck.config.storage.converter.1.path=projects

rundeck.config.storage.converter.1.config.password=1f38d747b496d96a

rundeck.config.storage.converter.1.config.encryptorType=custom

rundeck.config.storage.converter.1.config.algorithm=PBEWITHSHA256AND128BITAES-CBC-BC

rundeck.config.storage.converter.1.config.provider=BC

rundeck.feature.repository.enabled=true

/etc/rundeck/framework.properties

# framework.properties -

#

# ----------------------------------------------------------------

# Rundeck server connection information

# ----------------------------------------------------------------

framework.server.name = localhost

framework.server.hostname = localhost

framework.server.port = 4440

framework.server.url = http://localhost:4440

# ----------------------------------------------------------------

# Installation locations

# ----------------------------------------------------------------

rdeck.base=/var/lib/rundeck

framework.projects.dir=/var/lib/rundeck/projects

framework.etc.dir=/etc/rundeck

framework.var.dir=/var/lib/rundeck/var

framework.tmp.dir=/var/lib/rundeck/var/tmp

framework.logs.dir=/var/lib/rundeck/logs

framework.libext.dir=/var/lib/rundeck/libext

# ----------------------------------------------------------------

# SSH defaults for node executor and file copier

# ----------------------------------------------------------------

framework.ssh.keypath = /var/lib/rundeck/.ssh/id_rsa

framework.ssh.user = rundeck

# ssh connection timeout after a specified number of milliseconds.

# "0" value means wait forever.

framework.ssh.timeout = 0

# ----------------------------------------------------------------

# Auto generated server UUID: 260bc48a-6704-47c3-a492-1018e681b5c7

# ----------------------------------------------------------------

rundeck.server.uuid = 260bc48a-6704-47c3-a492-1018e681b5c7

/etc/rundeck/profile

#########

# Rundeck Profile sourced from /etc/rc.d/init.d/rundeckd

#########

#

# NOTE: DO NOT MODIFY THIS FILE

# It will be replaced when the package is upgraded and your changes will not be saved.

#

# ##################

#

# To override variables in this file, you can instead create a file at:

#

# # Centos/Redhat default:

#

# /etc/sysconfig/rundeckd

#

# Or

#

# # Ubuntu/Debian default:

#

# /etc/default/rundeckd

#

# which contains exports for any of the variables listed below. E.g.:

#

# RUNDECK_TEMPDIR=/path/to/tmpdir

#

# That file will be sourced before this one, allowing your exports to take precedence.

#

###############

prog="rundeckd"

[ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$prog

[ -e /etc/default/$prog ] && . /etc/default/$prog

RDECK_INSTALL="${RDECK_INSTALL:-/var/lib/rundeck}"

RDECK_BASE="${RDECK_BASE:-/var/lib/rundeck}"

RDECK_CONFIG="${RDECK_CONFIG:-/etc/rundeck}"

RDECK_CONFIG_FILE="${RDECK_CONFIG_FILE:-$RDECK_CONFIG/rundeck-config.properties}"

RDECK_SERVER_BASE="${RDECK_SERVER_BASE:-$RDECK_BASE}"

RDECK_SERVER_CONFIG="${RDECK_SERVER_CONFIG:-$RDECK_CONFIG}"

RDECK_SERVER_DATA="${RDECK_SERVER_DATA:-$RDECK_BASE/data}"

RDECK_PROJECTS="${RDECK_PROJECTS:-$RDECK_BASE/projects}"

RUNDECK_TEMPDIR="${RUNDECK_TEMPDIR:-/tmp/rundeck}"

RUNDECK_WORKDIR="${RUNDECK_TEMPDIR:-$RDECK_BASE/work}"

RUNDECK_LOGDIR="${RUNDECK_LOGDIR:-$RDECK_BASE/logs}"

RDECK_JVM_SETTINGS="${RDECK_JVM_SETTINGS:- -Xmx1024m -Xms256m -server}"

RDECK_TRUSTSTORE_FILE="${RDECK_TRUSTSTORE_FILE:-$RDECK_CONFIG/ssl/truststore}"

RDECK_TRUSTSTORE_TYPE="${RDECK_TRUSTSTORE_TYPE:-jks}"

JAAS_LOGIN="${JAAS_LOGIN:-true}"

JAAS_CONF="${JAAS_CONF:-$RDECK_CONFIG/jaas-loginmodule.conf}"

LOGIN_MODULE="${LOGIN_MODULE:-RDpropertyfilelogin}"

RDECK_HTTP_PORT=${RDECK_HTTP_PORT:-4440}

RDECK_HTTPS_PORT=${RDECK_HTTPS_PORT:-4443}

# If no JAVA_CMD, try to find it in $JAVA_HOME

if [ -z "$JAVA_CMD" ] && [ -n "$JAVA_HOME" ] && [ -x "$JAVA_HOME/bin/java" ] ; then

JAVA_CMD=$JAVA_HOME/bin/java

PATH=$PATH:$JAVA_HOME/bin

export JAVA_HOME

elif [ -z "$JAVA_CMD" ] ; then

JAVA_CMD=java

fi

for war in $(find $RDECK_INSTALL/bootstrap -name '*.war') ; do

EXECUTABLE_WAR=$war

done

RDECK_JVM="-Drundeck.jaaslogin=$JAAS_LOGIN \

-Djava.security.auth.login.config=$JAAS_CONF \

-Dloginmodule.name=$LOGIN_MODULE \

-Drdeck.config=$RDECK_CONFIG \

-Drundeck.server.configDir=$RDECK_SERVER_CONFIG \

-Dserver.datastore.path=$RDECK_SERVER_DATA/rundeck \

-Drundeck.server.serverDir=$RDECK_INSTALL \

-Drdeck.projects=$RDECK_PROJECTS \

-Dlog4j.configurationFile=$RDECK_SERVER_CONFIG/log4j2.properties \

-Dlogging.config=file:$RDECK_SERVER_CONFIG/log4j2.properties \

-Drdeck.runlogs=$RUNDECK_LOGDIR \

-Drundeck.server.logDir=$RUNDECK_LOGDIR \

-Drundeck.config.location=$RDECK_CONFIG_FILE \

-Djava.io.tmpdir=$RUNDECK_TEMPDIR \

-Drundeck.server.workDir=$RUNDECK_WORKDIR \

-Dserver.http.port=$RDECK_HTTP_PORT \

-Drdeck.base=$RDECK_BASE"

#

# Set min/max heap size

#

RDECK_JVM="$RDECK_JVM $RDECK_JVM_SETTINGS"

#

# SSL Configuration - Uncomment the following to enable. Check SSL.properties for details.

#

if [ -n "$RUNDECK_WITH_SSL" ] ; then

RDECK_JVM="$RDECK_JVM -Drundeck.ssl.config=$RDECK_SERVER_CONFIG/ssl/ssl.properties -Dserver.https.port=${RDECK_HTTPS_PORT}"

fi

unset JRE_HOME

umask 002

rundeckd="$JAVA_CMD $RDECK_JVM $RDECK_JVM_OPTS -jar $EXECUTABLE_WAR --skipinstall"

/etc/sysconfig/rundeckd

No such file

Sadly, I do not see anything relevant in: service.log