● tomcat9.service - Apache Tomcat 9 Web Application Server
Loaded: loaded (/etc/systemd/system/tomcat9.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Wed 2021-11-10 18:22:48 UTC; 1min 45s ago
Docs: https://tomcat.apache.org/tomcat-9.0-doc/index.html
Process: 11196 ExecStartPre=/usr/libexec/tomcat9/tomcat-update-policy.sh (code=exited, status=0/SUCCESS)
Process: 11200 ExecStart=/bin/sh /usr/libexec/tomcat9/tomcat-start.sh (code=exited, status=1/FAILURE)
Main PID: 11200 (code=exited, status=1/FAILURE
Nov 10 18:22:48 uncg-xnat-lab tomcat9[11200]: WARNING: Permissions incorrect, read permission is not allowed on the file
+++++++++++++/etc/default/tomcat9
JAVA_OPTS="-Djava.awt.headless=true"
CATALINA_OPTS="-Xms512m -Xmx2g -XX:+UseConcMarkSweepGC -XX:-OmitStackTraceInFastThrow"
CATALINA_OPTS="${CATALINA_OPTS} -Dxnat.home=/data/xnat/home"
++++++++++++++/etc/systemd/system/tomcat9.service
[Unit]
Description=Apache Tomcat 9 Web Application Server
Documentation=https://tomcat.apache.org/tomcat-9.0-doc/index.html
After=network.target
RequiresMountsFor=/var/log/tomcat9 /var/lib/tomcat9
[Service]
# Configuration
Environment="CATALINA_HOME=/usr/share/tomcat9"
Environment="CATALINA_BASE=/var/lib/tomcat9"
Environment="CATALINA_TMPDIR=/tmp"
Environment="JAVA_OPTS=-Djava.awt.headless=true"
# xnat needs this environment
Environment="CATALINA_OPTS=-Xms512m -Xmx2g -XX:+UseConcMarkSweepGC -XX:-OmitStackTraceInFastThrow"
Type=simple
ExecStartPre=+/usr/libexec/tomcat9/tomcat-update-policy.sh
ExecStart=/bin/sh /usr/libexec/tomcat9/tomcat-start.sh
SuccessExitStatus=143
Restart=on-abort
# Security
User=xnat
Group=xnat
PrivateTmp=yes
AmbientCapabilities=CAP_NET_BIND_SERVICE
NoNewPrivileges=true
CacheDirectory=tomcat9
CacheDirectoryMode=750
ProtectSystem=strict
ReadWritePaths=/etc/tomcat9/Catalina/
ReadWritePaths=/var/lib/tomcat9/webapps/
ReadWritePaths=/var/log/tomcat9/
[Install]
WantedBy=multi-user.target
sudo chgrp -R xnat /etc/tomcat9/ (files are own by root and group tomcat, reason for change)
I also setup xnat to create directory in tmp the way tomcat (default user would)
Thank you
You need to use Java 8. XNAT won’t run on Java 11 at this time.
I’d presume that that is the cause but can’t tell just from the Tomcat service status. You can get a more detailed version of that with this command:
journalctl --unit=tomcat9.service
You can also get the logs from /var/log/tomcat9, specifically catalina.yyyy-mm-dd.log and localhost.yyyy-mm-dd.log, for example:
If Java 11 is the problem, one of the first things you’ll see in the localhost log file is something like this:
11-Nov-2021 10:26:02.175 SEVERE [main] org.apache.catalina.core.StandardContext.listenerStart Exception sending context initialized event to listener instance of class [org.springframework.web.context.ContextLoaderListener]
org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'updateSecurityFilterHandlerMethod' defined in file [/var/lib/tomcat9/webapps/ROOT/WEB-INF/classes/org/nrg/xnat/event/listeners/methods/UpdateSecurityFilterHandlerMethod.class]: Unsatisfied dependency expressed through constructor parameter 2; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'org.nrg.xnat.initialization.SecurityConfig': Unsatisfied dependency expressed through method 'setContentNegotationStrategy' parameter 0; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'org.springframework.web.servlet.config.annotation.DelegatingWebMvcConfiguration': Unsatisfied dependency expressed through method 'setConfigurers' parameter 0; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'webConfig' defined in file [/var/lib/tomcat9/webapps/ROOT/WEB-INF/classes/org/nrg/xnat/configuration/WebConfig.class]: Bean instantiation via constructor failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.nrg.xnat.configuration.WebConfig$$EnhancerBySpringCGLIB$$18fd9345]: Constructor threw exception; nested exception is java.lang.NoClassDefFoundError: javax/xml/bind/JAXBException
The important bit is that highlighted text: a bunch of APIs that are included in Java 8 are not included in Java 11, including a bunch of the XML APIs. You can work around this with some command-line flags but then you’ll run into other issues. I’ve never been able to get XNAT working with Java 11, even with a lot of tinkering with the configuration.
The fix is easy though! First install Java 8:
sudo apt --assume-yes install openjdk-8-jdk-headless
Then modify /etc/default/tomcat9 to change this line:
JAVA_HOME=/usr/lib/jvm/java-11-openjdk-amd64
To this:
JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64
Now start Tomcat and you should be good to go. Or at least good to go a bit further than you have so far.
--
Rick Herrick
XNAT Architect/Developer
Computational Imaging Laboratory
Washington University School of Medicine
From:
'Jacob Fosso Tande' via xnat_discussion <xnat_di...@googlegroups.com>
Date: Wednesday, November 10, 2021 at 12:55 PM
To: xnat_discussion <xnat_di...@googlegroups.com>
Subject: [XNAT Discussion] Setting up xnat on a VM
* External Email - Caution * |
--
You received this message because you are subscribed to the Google Groups "xnat_discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
xnat_discussi...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/xnat_discussion/e85b1fa8-c415-49f7-adf0-b0bf26b443d4n%40googlegroups.com.
The materials in this message are private and may contain Protected Healthcare Information or other information of a sensitive nature. If you are not the intended recipient, be advised that any unauthorized use, disclosure, copying or the taking of any action in reliance on the contents of this information is strictly prohibited. If you have received this email in error, please immediately notify the sender via telephone or return mail.
ls -la /data/xnat/home/
total 36
drwxr-xr-x 6 xnat xnat 4096 Nov 10 16:44 .
drwxr-xr-x 10 xnat xnat 4096 Nov 10 16:44 ..
-rw-r--r-- 1 xnat xnat 220 Feb 25 2020 .bash_logout
-rw-r--r-- 1 xnat xnat 3771 Feb 25 2020 .bashrc
-rw-r--r-- 1 xnat xnat 807 Feb 25 2020 .profile
drwxr-xr-x 2 xnat xnat 4096 Nov 10 17:14 config
drwxr-xr-x 2 xnat xnat 4096 Nov 12 14:12 logs
drwxr-xr-x 2 xnat xnat 4096 Nov 10 16:44 plugins
I followed the discussion here to give the xnat home rw permission
I added the bold line below to fix the io problem
(Should this be specified in the install document?, clearly xnat generate log files)
sudo emacs /etc/systemd/system/tomcat9.service
# Security
User=xnat
Group=xnat
PrivateTmp=yes
AmbientCapabilities=CAP_NET_BIND_SERVICE
NoNewPrivileges=true
CacheDirectory=tomcat9
CacheDirectoryMode=750
ProtectSystem=strict
ReadWritePaths=/etc/tomcat9/Catalina/
ReadWritePaths=/var/lib/tomcat9/webapps/
ReadWritePaths=/var/log/tomcat9/
# xnat (tomcat user failing to write in xnat home)
ReadWritePaths=/data/xnat/home/
[Install]
WantedBy=multi-user.target