Selinux is preventing to start Tomcat

linux redhat tomcat systemd selinux
5,520

You will have to fix the file context on the directories where your application is located. This is usually accomplished by using the semanage -a -t "correct context" "dir" and restorecon -Rv "directory" The following links will help you https://www.systutorials.com/docs/linux/man/8-tomcat_selinux/ and https://noobient.com/2017/10/02/selinux-woes-with-tomcat-on-centos-74/. Some SELinux bools might also need to be tweaked depending on what exactly does your application do.

Share:
5,520
Oskar
Author by

Oskar

Updated on September 18, 2022

Comments

  • Oskar
    Oskar over 1 year

    I have a problem when I launch tomcat on RHEL 8:

    [root@TEST ~]# systemctl restart tomcat.service
Job for tomcat.service failed because the control process exited with error code.
See "systemctl status tomcat.service" and "journalctl -xe" for details.
[root@TEST ~]#

    In journalctl I can see:

    -- Unit tomcat.service has begun starting up.
Dec 08 14:58:30 TEST systemd[3869]: tomcat.service: Failed to execute command: Permission denied
Dec 08 14:58:30 TEST systemd[3869]: tomcat.service: Failed at step EXEC spawning /mnt/efs/tomcat9/bin/catalina.sh: Permission denied
-- Subject: Process /mnt/efs/tomcat9/bin/catalina.sh could not be executed
-- Defined-By: systemd
-- Support: https://access.redhat.com/support
--
-- The process /mnt/efs/tomcat9/bin/catalina.sh could not be executed and failed.
--
-- The error number returned by this process is 13.
Dec 08 14:58:30 TEST systemd[1]: tomcat.service: Control process exited, code=exited status=203
Dec 08 14:58:30 TEST systemd[1]: tomcat.service: Failed with result 'exit-code'.
Dec 08 14:58:30 TEST systemd[1]: Failed to start Apache Tomcat Server.
-- Subject: Unit tomcat.service has failed

    The problem is only when SELinux is in enforcing mode, when i turn off Selinux tomcat starts correctly.

    Rights and context for catalina.sh file:

    [root@TEST ~]# ls -lZ /mnt/efs/tomcat9/bin/catalina.sh
-rwxr-x--x. 1 tomcat tomcat system_u:object_r:unconfined_exec_t:s0 23567 Oct  7 09:57 /mnt/efs/tomcat9/bin/catalina.sh
[root@TEST ~]#

    It seems that SELinux is blocking systemd to start the script from this path, but don't know how change it.

    Do you have any idea? Someone had a same issue on with Selinux?

    Thanks a lot!

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

systemd failing to start custom made service for Tomcat
Starting Tomcat 8.5 using systemd on Centos 7
tomcat works but service tomcat status says it failed
Starting Tomcat 7 as a user - init.d script can't write pid
Where is the sshd log file on Red Hat Linux stored?
Reasons to disable / enable SELinux
Create a SELinux policy for a custom systemd service
What is the Difference between ConditionPathExists= and ConditionPathExists=| in systemd?
Convenient way to check if system is using systemd or sysvinit in BASH?
/usr/bin/ld: attempted static link of dynamic object `/usr/lib64/libm.so'