Installation of XNAT - Troubles

[Matteo Riva]

Hello everyone,

I am trying to install XNAT 1.8.5 on my VM (Ubuntu 20.04, JAVA 8, PostgreSQL 10, Tomcat 9) and I am following the page of the installation:

https://wiki.xnat.org/documentation/getting-started-with-xnat/xnat-installation-guide

Unfortunately, I am trying everything to solve this riddle, doing searches on searches but nothing and Tomcat does not start at all.

Can you help me please?

1) Here is the unit file:

#
# Systemd unit file for Apache Tomcat
#

[Unit]
Description=Apache Tomcat 9 Web Application Server
Documentation=https://tomcat.apache.org/tomcat-9.0-doc/index.html
After=network.target
RequiresMountsFor=/var/log/tomcat9 /var/lib/tomcat9

[Service]

# Configuration
Environment="CATALINA_HOME=/usr/share/tomcat9"
Environment="CATALINA_BASE=/var/lib/tomcat9"
Environment="CATALINA_TMPDIR=/tmp"
Environment="JAVA_OPTS=-Djava.awt.headless=true"

# Lifecycle
Type=simple
ExecStartPre=+/usr/libexec/tomcat9/tomcat-update-policy.sh
ExecStart=/bin/sh /usr/libexec/tomcat9/tomcat-start.sh
SuccessExitStatus=143
Restart=on-abort

# Logging
SyslogIdentifier=tomcat9

# Security
User=xnat
Group=xnat
PrivateTmp=yes
AmbientCapabilities=CAP_NET_BIND_SERVICE
NoNewPrivileges=true
CacheDirectory=tomcat9
CacheDirectoryMode=750
ProtectSystem=strict
ReadWritePaths=/etc/tomcat9/Catalina/
ReadWritePaths=/var/lib/tomcat9/webapps/
ReadWritePaths=/var/log/tomcat9/
ReadWritePaths=/data/xnat/

[Install]
WantedBy=multi-user.target

2) Here is the configuration file:

# Run Tomcat as this user ID. Not setting this or leaving it blank will use the
# default of tomcat8.
TOMCAT9_USER=xnat

# Run Tomcat as this group ID. Not setting this or leaving it blank will use
# the default of tomcat8.
TOMCAT9_GROUP=xnat

# The home directory of the Java development kit (JDK). You need at least
# JDK version 8. If JAVA_HOME is not set, some common directories for
# OpenJDK and the Oracle JDK are tried.
JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64

# You may pass JVM startup parameters to Java here. If you run Tomcat with
# Java 8 instead of 9 or newer, add "-XX:+UseG1GC" to select a suitable GC.
# If unset, the default options will be: -Djava.awt.headless=true
JAVA_OPTS="-Djava.awt.headless=true -XX:+UseConcMarkSweepGC -Xms1g -Xmx2g -XX:+UseConcMarkSweepGC -Dxnat.home=/data/xnat/home/"

# To enable remote debugging uncomment the following line.
# You will then be able to use a Java debugger on port 8000.
#JAVA_OPTS="${JAVA_OPTS} -agentlib:jdwp=transport=dt_socket,address=8000,server=y,suspend=n"

# Java compiler to use for translating JavaServer Pages (JSPs). You can use all
# compilers that are accepted by Ant's build.compiler property.
#JSP_COMPILER=javac

# Enable the Java security manager? (true/false, default: false)
#SECURITY_MANAGER=true

# Whether to compress logfiles older than today's
#LOGFILE_COMPRESS=1

3) I changed the CATALINA_OPTS

CATALINA_OPTS="${CATALINA_OPTS} -Dxnat.home=/data/xnat/home"

4) Writing "sudo systemctl status tomcat9"  I get this:

 tomcat9.service - Apache Tomcat 9 Web Application Server
     Loaded: loaded (/lib/systemd/system/tomcat9.service; enabled; vendor preset: enabled)
     Active: failed (Result: exit-code) since Tue 2022-09-06 14:59:38 CEST; 11s ago
       Docs: https://tomcat.apache.org/tomcat-9.0-doc/index.html
    Process: 266412 ExecStartPre=/usr/libexec/tomcat9/tomcat-update-policy.sh (code=exited, status=217/USER)

Sep 06 14:59:38 srv-xnat-ivd systemd[1]: Starting Apache Tomcat 9 Web Application Server...
Sep 06 14:59:38 srv-xnat-ivd systemd[266412]: tomcat9.service: Failed to determine user credentials: No such process
Sep 06 14:59:38 srv-xnat-ivd systemd[266412]: tomcat9.service: Failed at step USER spawning /usr/libexec/tomcat9/tomcat-update-policy.sh: No such process
Sep 06 14:59:38 srv-xnat-ivd systemd[1]: tomcat9.service: Control process exited, code=exited, status=217/USER
Sep 06 14:59:38 srv-xnat-ivd systemd[1]: tomcat9.service: Failed with result 'exit-code'.
Sep 06 14:59:38 srv-xnat-ivd systemd[1]: Failed to start Apache Tomcat 9 Web Application Server.

Can you help me please?

Thank you so much in advance.

Matteo

[Matteo Riva]

UPDATE: 

I made a new VM (always Ubuntu 20.04, JAVA 8, PostgreSQL 10, Tomcat 9) and I followed again the manual for the installation of XNAT. This time Tomcat9 is running, but I can not see anything on webpage and the catalina.out file is presenting these "crit":

Error deploying web application directory [/var/lib/tomcat9/webapps/ROOT]
[crit] java.lang.IllegalStateException: Error starting child.

Can you help me please? I do not really know what I am missing...

In attachment, I leave also a screenshot of the "HTTP Status 404 – Not Found" webpage error.

Thank you again.

Matteo

[Rick Herrick]

Hi Matteo,

At a quick glance everything looks fine in there. Could you please check the logs under /var/log/tomcat9 and /data/xnat/home/logs? For clarity, you may want to delete or move any logs in those folders then try to restart Tomcat and just send any non-zero-sized logs that are generated from that.

The system log that you can see with journalctl or the limited output from systemctl status usually (as it appears to be the case here) doesn't have enough info to diagnose the issue. My guess is that you'll probably find the critical info in localhost.2022-09-12.log or something similar to that.

You wrote "2) Here is the configuration file". Which configuration file is that? If that's /etc/default/tomcat9,  I don't think the settings in there matter much unless you're running Tomcat from a command script like catalina.sh. The settings there were important with the old SysV initializer, but is mostly ignored in favor of settings from the service unit definition in systemd.

The only thing I can think of off the top of my head without more info is permissions on folders and files where Tomcat/XNAT reads and writes. Make sure that all files and folders including and under these paths all belong to the xnat user and group:

• /data/xnat
• /etc/tomcat9
• /var/cache/tomcat9
  
• /var/lib/tomcat9
• /var/log/tomcat9

You could do something like this:

for DIR in /data/xnat /etc/tomcat9 /var/cache/tomcat9 /var/lib/tomcat9 /var/log/tomcat9; do
    find ${DIR} ! -user xnat
done

If you see any results those folders/files should probably be changed to belong to xnat.

[Matteo Riva]

Hello Rick,

Thank you so much for your detailed reply.

Finally, I did it! What I was missing is to add JAVA_OPTS="${JAVA_OPTS} -Dxnat.home=/data/xnat/home" to the file tomcat9 in /etc/default since I was just writing CATALINA_OPTS="${CATALINA_OPTS} -Dxnat.home=/data/xnat/home". 

I have another question: did you succeed in creating a SSO between XNAT e Keycloak? I know it is off-topic and very general, but maybe you could help explaining how you did it. Just some tips, nothing more :) They could really help me.

Thank you again Rick!

Matteo

[Rick Herrick]

I haven’t ever integrated XNAT with Keycloak myself, but my understanding is that Keycloak exposes both LDAP/AD and OpenID bindings, so you could probably use one of the XNAT LDAP or OpenID authentication plugins for that.

Rick Herrick

Senior Software Developer

rickh...@flywheel.io

------ Original Message ------

From "Matteo Riva" <mat.ri...@gmail.com>

To "xnat_discussion" <xnat_di...@googlegroups.com>

Date 9/13/2022 6:50:02 AM

Subject [XNAT Discussion] Re: Installation of XNAT - Troubles

--
You received this message because you are subscribed to the Google Groups "xnat_discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to xnat_discussi...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/xnat_discussion/b8ed79d7-9b3d-4b1a-bd2f-d5454eb6bca5n%40googlegroups.com.

[Matteo Riva]

Good! Thank you again Rick for your help. Really appreciated!