Discussion:
help installing mod_jk on Centos 7 on a Google Cloud server
Lou Wallace
2018-11-16 14:56:43 UTC
Permalink
Hi All,

I am in need of some help in getting mod_jk installed on a new google cloud
server.

Right now it has Apache, Tomcat, Java, mysql, perl and python installed.
But mod_jk isn't there.

When I try yum install mod_jk it isn't found in any of the mirrors.

I've been to the Tomcat site and when I try and get binaries or source it
sees I am on a windows pc and forces me to those directories.

So, if someone can give me a simple set of commands to do this it would be
awesome. Also is there other tomcat connectors needed with java?

Preferable it will be done from the ssh client on the cloud server.

Thanks!

Lou
Christopher Schultz
2018-11-16 16:37:58 UTC
Permalink
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Lou,
Post by Lou Wallace
Hi All,
I am in need of some help in getting mod_jk installed on a new
google cloud server.
Right now it has Apache, Tomcat, Java, mysql, perl and python
installed. But mod_jk isn't there.
When I try yum install mod_jk it isn't found in any of the
mirrors.
I've been to the Tomcat site and when I try and get binaries or
source it sees I am on a windows pc and forces me to those
directories.
Not true. You can download any package you want.

https://tomcat.apache.org/download-connectors.cgi

Click on whatever package you want and download it. Only binaries for
Windows are provided. If you aren't on Windows, you have to either go
to your package-manager (who doesn't have it, in this case) or build
from source.
Post by Lou Wallace
So, if someone can give me a simple set of commands to do this it
would be awesome.
$ wget
http://mirrors.sonic.net/apache/tomcat/tomcat-connectors/jk/tomcat-conne
ctors-1.2.46-src.tar.gz
(this is from a mirror; feel free to pick another)

$ wget
https://www.apache.org/dist/tomcat/tomcat-connectors/jk/tomcat-connector
s-1.2.46-src.tar.gz.sha512

$ sha512sum -c tomcat-connectors-1.2.46-src.tar.gz.sha512

(check all is okay)

$ tar xzf tomcat-connectors-1.2.46-src.tar.gz

$ cat tomcat-connectors-1.2.46-src/native/BUILDING.txt

Now, read.
Post by Lou Wallace
Also is there other tomcat connectors needed with java?
?
Post by Lou Wallace
Preferable it will be done from the ssh client on the cloud
server.
How else would you do it?

Alternatively, have you considered using mod_proxy_*, which is
built-into Apache httpd?

- -chris
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/

iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlvu8mYACgkQHPApP6U8
pFh6ZRAAqmV66ca74v4+ps9b7YMuHRIVGTOQYn86kGQRYIwivtMF2q1mQIH3/yuk
AS7tnm2uMAUBf84SPLNukbLk/aCcZEqgc4KkpMffOrGx6PZzOZWyiRhTjPffCtFu
mqQ/aYb7akiRstGBL0LtqfU0PKeQx4Dm0TvtktIy1boZPZ6A88967BO8VEleFZRV
haqAv6xroNr2inMofRwRTNwRoRGGEMJ8j562CYooVS6KLd7sWNq1b1aSPSkWHFVL
aPVw4w9HF1FKfR6hMQdsjV8i9AMt5YT1aglfwYk+9v1anOcLFSGVXOJb/AA7wh9U
C76t/wOZwsrEIUjAbViGPzPDExrhTJmLa5G2dyuu+Q6D2dICU7vcW8VMIR0N6w+Y
e1VmmgM3CQ6eXP8/+HOj5r2wRORYeeyJky+8SXVazeY7CqQM6+pIst/y+pGtwgJJ
Jff1ZNHJwrPjfURrPWoZyZNlw+bGHYHq7vYE+aUuM+GwL/pTjv/JHBHEYvBK8dzy
KN0A5nAswXBkkImcFvpoh4cdo0Ir88jutXmOnvdNzjwMUzzFxsbDbNUkcka5IlOa
/9ueArFjdfIbkZMim9g+7Pbe26gupHEGKlWv7Lwfn0uO0QcGBP5rka+MoHoGGdrL
aEs/u3F53akr2k3DESHKwt/1MYbc5+QBBJKBIbPXbb0/EYJZoNg=
=XhgM
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-***@tomcat.apache.org
For additional commands, e-mail: users-***@tomcat.apache.org
Lou Wallace
2018-11-16 17:26:10 UTC
Permalink
Thanks! I will give this a try!

On Fri, Nov 16, 2018 at 11:38 AM Christopher Schultz <
Post by Christopher Schultz
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Lou,
Post by Lou Wallace
Hi All,
I am in need of some help in getting mod_jk installed on a new
google cloud server.
Right now it has Apache, Tomcat, Java, mysql, perl and python
installed. But mod_jk isn't there.
When I try yum install mod_jk it isn't found in any of the
mirrors.
I've been to the Tomcat site and when I try and get binaries or
source it sees I am on a windows pc and forces me to those
directories.
Not true. You can download any package you want.
https://tomcat.apache.org/download-connectors.cgi
Click on whatever package you want and download it. Only binaries for
Windows are provided. If you aren't on Windows, you have to either go
to your package-manager (who doesn't have it, in this case) or build
from source.
Post by Lou Wallace
So, if someone can give me a simple set of commands to do this it
would be awesome.
$ wget
http://mirrors.sonic.net/apache/tomcat/tomcat-connectors/jk/tomcat-conne
ctors-1.2.46-src.tar.gz
<http://mirrors.sonic.net/apache/tomcat/tomcat-connectors/jk/tomcat-connectors-1.2.46-src.tar.gz>
(this is from a mirror; feel free to pick another)
$ wget
https://www.apache.org/dist/tomcat/tomcat-connectors/jk/tomcat-connector
s-1.2.46-src.tar.gz.sha512
<https://www.apache.org/dist/tomcat/tomcat-connectors/jk/tomcat-connectors-1.2.46-src.tar.gz.sha512>
$ sha512sum -c tomcat-connectors-1.2.46-src.tar.gz.sha512
(check all is okay)
$ tar xzf tomcat-connectors-1.2.46-src.tar.gz
$ cat tomcat-connectors-1.2.46-src/native/BUILDING.txt
Now, read.
Post by Lou Wallace
Also is there other tomcat connectors needed with java?
?
Post by Lou Wallace
Preferable it will be done from the ssh client on the cloud
server.
How else would you do it?
Alternatively, have you considered using mod_proxy_*, which is
built-into Apache httpd?
- -chris
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/
iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlvu8mYACgkQHPApP6U8
pFh6ZRAAqmV66ca74v4+ps9b7YMuHRIVGTOQYn86kGQRYIwivtMF2q1mQIH3/yuk
AS7tnm2uMAUBf84SPLNukbLk/aCcZEqgc4KkpMffOrGx6PZzOZWyiRhTjPffCtFu
mqQ/aYb7akiRstGBL0LtqfU0PKeQx4Dm0TvtktIy1boZPZ6A88967BO8VEleFZRV
haqAv6xroNr2inMofRwRTNwRoRGGEMJ8j562CYooVS6KLd7sWNq1b1aSPSkWHFVL
aPVw4w9HF1FKfR6hMQdsjV8i9AMt5YT1aglfwYk+9v1anOcLFSGVXOJb/AA7wh9U
C76t/wOZwsrEIUjAbViGPzPDExrhTJmLa5G2dyuu+Q6D2dICU7vcW8VMIR0N6w+Y
e1VmmgM3CQ6eXP8/+HOj5r2wRORYeeyJky+8SXVazeY7CqQM6+pIst/y+pGtwgJJ
Jff1ZNHJwrPjfURrPWoZyZNlw+bGHYHq7vYE+aUuM+GwL/pTjv/JHBHEYvBK8dzy
KN0A5nAswXBkkImcFvpoh4cdo0Ir88jutXmOnvdNzjwMUzzFxsbDbNUkcka5IlOa
/9ueArFjdfIbkZMim9g+7Pbe26gupHEGKlWv7Lwfn0uO0QcGBP5rka+MoHoGGdrL
aEs/u3F53akr2k3DESHKwt/1MYbc5+QBBJKBIbPXbb0/EYJZoNg=
=XhgM
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
Lou Wallace
2018-11-21 16:18:50 UTC
Permalink
Hi Everyone,

So still having issues with mod_jk. I have downloaded

wget
http://www.eu.apache.org/dist/tomcat/tomcat-connectors/jk/tomcat-connectors-1.2.46-src.tar.gz
wget
http://www.eu.apache.org/dist/tomcat/tomcat-connectors/jk/tomcat-connectors-1.2.46-src.tar.gz.sha1

and make install, and everything seems fine

I then edited the httpd.conf file and added

LoadModule jk_module modules/mod_jk.so

JkWorkersFile "/etc/httpd/conf/workers.properties"
JkLogFile "/var/log/mod_jk.log"
JkLogLevel info
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories
JkRequestLogFormat "%w %V %T"

then I edited workers.properties and added

worker.list=app1,app2

worker.app1.type=ajp13
worker.app1.host=app1.example.com
worker.app1.port=8201
worker.app1.socket_timeout=10

worker.app2.type=ajp13
worker.app2.host=app2.example.com
worker.app2.port=8201
worker.app1.socket_timeout=10

Then when I restart Apache using systemctl restart httpd I get

Job for httpd.service failed because the control process exited with error
code. See "systemctl status httpd.servic
e" and "journalctl -xe" for details.

So checking mod_jk log I see

[Wed Nov 21 15:54:19 2018] [11957:140478724515968] [warn]
jk_map_handle_duplicates::jk_map.c (456): Duplicate key $

and the httpd log last entries are

[Wed Nov 21 15:54:13.789384 2018] [mpm_prefork:notice] [pid 7569] AH00170:
caught SIGWINCH, shutting down gracefully
[Wed Nov 21 15:54:19.910325 2018] [core:notice] [pid 11957] SELinux policy
enabled; httpd running as context system_u:system_r:httpd_t:s0
[Wed Nov 21 15:54:19.911278 2018] [suexec:notice] [pid 11957] AH01232:
suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Wed Nov 21 15:54:19.916294 2018] [jk:warn] [pid 11957] No JkShmFile
defined in httpd.conf. Using default /etc/httpd/logs/jk-runtime-status
[Wed Nov 21 15:54:19.916632 2018] [jk:emerg] [pid 11957] Initializing
shm:/etc/httpd/logs/jk-runtime-status.11957 errno=13. Unable to start due
to shared memory failure.
[Wed Nov 21 15:54:19.916639 2018] [jk:emerg] [pid 11957] Initializing
shm:/etc/httpd/logs/jk-runtime-status.11957 errno=13. Unable to start due
to shared memory failure.

I am not sure if the first 3 are connected to mod_jk, I included them for
those who know far more then me (almost everyone I suspect) just in case

And ideas, hints or thoughts?

Thanks!

Lou
Post by Lou Wallace
Hi All,
I am in need of some help in getting mod_jk installed on a new google
cloud server.
Right now it has Apache, Tomcat, Java, mysql, perl and python installed.
But mod_jk isn't there.
When I try yum install mod_jk it isn't found in any of the mirrors.
I've been to the Tomcat site and when I try and get binaries or source it
sees I am on a windows pc and forces me to those directories.
So, if someone can give me a simple set of commands to do this it would be
awesome. Also is there other tomcat connectors needed with java?
Preferable it will be done from the ssh client on the cloud server.
Thanks!
Lou
Greg Huber
2018-11-21 16:31:28 UTC
Permalink
For my centos/mod._jk I use :

/etc/httpd/conf.d/my.conf :

...
JkWorkersFile "/etc/httpd/conf.d/workers.properties"
JkLogFile "/etc/httpd/logs/mod_jk.log"
JkShmFile "/etc/httpd/logs/jk-runtime-status.log"
JkLogLevel info
JkLogStampFormat "[%a %b %d %H:%M:%S %Y]"
....
JkMount / worker1
JkMount /* worker1
....

workers.properties :
# Define 1 real worker using ajp13
worker.list=worker1
# Set properties for worker1 (ajp13)
worker.worker1.type=ajp13
worker.worker1.host=localhost
worker.worker1.port=8009
worker.worker1.socket_keepalive=1
Post by Lou Wallace
Hi Everyone,
So still having issues with mod_jk. I have downloaded
wget
http://www.eu.apache.org/dist/tomcat/tomcat-connectors/jk/tomcat-connectors-1.2.46-src.tar.gz
wget
http://www.eu.apache.org/dist/tomcat/tomcat-connectors/jk/tomcat-connectors-1.2.46-src.tar.gz.sha1
and make install, and everything seems fine
I then edited the httpd.conf file and added
LoadModule jk_module modules/mod_jk.so
JkWorkersFile "/etc/httpd/conf/workers.properties"
JkLogFile "/var/log/mod_jk.log"
JkLogLevel info
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories
JkRequestLogFormat "%w %V %T"
then I edited workers.properties and added
worker.list=app1,app2
worker.app1.type=ajp13
worker.app1.host=app1.example.com
worker.app1.port=8201
worker.app1.socket_timeout=10
worker.app2.type=ajp13
worker.app2.host=app2.example.com
worker.app2.port=8201
worker.app1.socket_timeout=10
Then when I restart Apache using systemctl restart httpd I get
Job for httpd.service failed because the control process exited with error
code. See "systemctl status httpd.servic
e" and "journalctl -xe" for details.
So checking mod_jk log I see
[Wed Nov 21 15:54:19 2018] [11957:140478724515968] [warn]
jk_map_handle_duplicates::jk_map.c (456): Duplicate key $
and the httpd log last entries are
caught SIGWINCH, shutting down gracefully
[Wed Nov 21 15:54:19.910325 2018] [core:notice] [pid 11957] SELinux policy
enabled; httpd running as context system_u:system_r:httpd_t:s0
suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Wed Nov 21 15:54:19.916294 2018] [jk:warn] [pid 11957] No JkShmFile
defined in httpd.conf. Using default /etc/httpd/logs/jk-runtime-status
[Wed Nov 21 15:54:19.916632 2018] [jk:emerg] [pid 11957] Initializing
shm:/etc/httpd/logs/jk-runtime-status.11957 errno=13. Unable to start due
to shared memory failure.
[Wed Nov 21 15:54:19.916639 2018] [jk:emerg] [pid 11957] Initializing
shm:/etc/httpd/logs/jk-runtime-status.11957 errno=13. Unable to start due
to shared memory failure.
I am not sure if the first 3 are connected to mod_jk, I included them for
those who know far more then me (almost everyone I suspect) just in case
And ideas, hints or thoughts?
Thanks!
Lou
Post by Lou Wallace
Hi All,
I am in need of some help in getting mod_jk installed on a new google
cloud server.
Right now it has Apache, Tomcat, Java, mysql, perl and python installed.
But mod_jk isn't there.
When I try yum install mod_jk it isn't found in any of the mirrors.
I've been to the Tomcat site and when I try and get binaries or source it
sees I am on a windows pc and forces me to those directories.
So, if someone can give me a simple set of commands to do this it would
be
Post by Lou Wallace
awesome. Also is there other tomcat connectors needed with java?
Preferable it will be done from the ssh client on the cloud server.
Thanks!
Lou
Lou Wallace
2018-11-21 18:41:31 UTC
Permalink
Hey Greg,

Thanks for the info. I changed both httpd.conf and workers.properties to
your settings. Got the same error msg when I restarted httpd.

When I checked journalist I get

● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor
preset: disabled)
Active: failed (Result: exit-code) since Wed 2018-11-21 18:32:37 UTC;
3min 51s ago
Docs: man:httpd(8)
man:apachectl(8)
Process: 24340 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited,
status=1/FAILURE)
Process: 24339 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND
(code=exited, status=1/FAILURE)
Main PID: 24339 (code=exited, status=1/FAILURE)
Nov 21 18:32:37 server2 systemd[1]: Starting The Apache HTTP Server...
Nov 21 18:32:37 server2 httpd[24339]: AH00526: Syntax error on line 63 of
/etc/httpd/conf/httpd.conf:
Nov 21 18:32:37 server2 httpd[24339]: Invalid command 'JkWorkersFile',
perhaps misspelled or defined by a module not included in the server
configuration
Nov 21 18:32:37 server2 systemd[1]: httpd.service: main process exited,
code=exited, status=1/FAILURE
Nov 21 18:32:37 server2 kill[24340]: kill: cannot find process ""
Nov 21 18:32:37 server2 systemd[1]: httpd.service: control process exited,
code=exited status=1
Nov 21 18:32:37 server2 systemd[1]: Failed to start The Apache HTTP Server.
Nov 21 18:32:37 server2 systemd[1]: Unit httpd.service entered failed state.
Nov 21 18:32:37 server2 systemd[1]: httpd.service failed.
Post by Greg Huber
...
JkWorkersFile "/etc/httpd/conf.d/workers.properties"
JkLogFile "/etc/httpd/logs/mod_jk.log"
JkShmFile "/etc/httpd/logs/jk-runtime-status.log"
JkLogLevel info
JkLogStampFormat "[%a %b %d %H:%M:%S %Y]"
....
JkMount / worker1
JkMount /* worker1
....
# Define 1 real worker using ajp13
worker.list=worker1
# Set properties for worker1 (ajp13)
worker.worker1.type=ajp13
worker.worker1.host=localhost
worker.worker1.port=8009
worker.worker1.socket_keepalive=1
Post by Lou Wallace
Hi Everyone,
So still having issues with mod_jk. I have downloaded
wget
http://www.eu.apache.org/dist/tomcat/tomcat-connectors/jk/tomcat-connectors-1.2.46-src.tar.gz
Post by Lou Wallace
wget
http://www.eu.apache.org/dist/tomcat/tomcat-connectors/jk/tomcat-connectors-1.2.46-src.tar.gz.sha1
Post by Lou Wallace
and make install, and everything seems fine
I then edited the httpd.conf file and added
LoadModule jk_module modules/mod_jk.so
JkWorkersFile "/etc/httpd/conf/workers.properties"
JkLogFile "/var/log/mod_jk.log"
JkLogLevel info
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories
JkRequestLogFormat "%w %V %T"
then I edited workers.properties and added
worker.list=app1,app2
worker.app1.type=ajp13
worker.app1.host=app1.example.com
worker.app1.port=8201
worker.app1.socket_timeout=10
worker.app2.type=ajp13
worker.app2.host=app2.example.com
worker.app2.port=8201
worker.app1.socket_timeout=10
Then when I restart Apache using systemctl restart httpd I get
Job for httpd.service failed because the control process exited with
error
Post by Lou Wallace
code. See "systemctl status httpd.servic
e" and "journalctl -xe" for details.
So checking mod_jk log I see
[Wed Nov 21 15:54:19 2018] [11957:140478724515968] [warn]
jk_map_handle_duplicates::jk_map.c (456): Duplicate key $
and the httpd log last entries are
[Wed Nov 21 15:54:13.789384 2018] [mpm_prefork:notice] [pid 7569]
caught SIGWINCH, shutting down gracefully
[Wed Nov 21 15:54:19.910325 2018] [core:notice] [pid 11957] SELinux
policy
Post by Lou Wallace
enabled; httpd running as context system_u:system_r:httpd_t:s0
suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Wed Nov 21 15:54:19.916294 2018] [jk:warn] [pid 11957] No JkShmFile
defined in httpd.conf. Using default /etc/httpd/logs/jk-runtime-status
[Wed Nov 21 15:54:19.916632 2018] [jk:emerg] [pid 11957] Initializing
shm:/etc/httpd/logs/jk-runtime-status.11957 errno=13. Unable to start due
to shared memory failure.
[Wed Nov 21 15:54:19.916639 2018] [jk:emerg] [pid 11957] Initializing
shm:/etc/httpd/logs/jk-runtime-status.11957 errno=13. Unable to start due
to shared memory failure.
I am not sure if the first 3 are connected to mod_jk, I included them for
those who know far more then me (almost everyone I suspect) just in case
And ideas, hints or thoughts?
Thanks!
Lou
Post by Lou Wallace
Hi All,
I am in need of some help in getting mod_jk installed on a new google
cloud server.
Right now it has Apache, Tomcat, Java, mysql, perl and python
installed.
Post by Lou Wallace
Post by Lou Wallace
But mod_jk isn't there.
When I try yum install mod_jk it isn't found in any of the mirrors.
I've been to the Tomcat site and when I try and get binaries or source
it
Post by Lou Wallace
Post by Lou Wallace
sees I am on a windows pc and forces me to those directories.
So, if someone can give me a simple set of commands to do this it would
be
Post by Lou Wallace
awesome. Also is there other tomcat connectors needed with java?
Preferable it will be done from the ssh client on the cloud server.
Thanks!
Lou
Rainer Jung
2018-11-21 20:22:34 UTC
Permalink
Post by Lou Wallace
Nov 21 18:32:37 server2 httpd[24339]: Invalid command 'JkWorkersFile',
perhaps misspelled or defined by a module not included in the server
configuration
That means that there was no LoadModule line for mod_jk before that
config line. You originally posted the first config line "LoadModule
jk_module modules/mod_jk.so" bus either the module was located somewhere
else, or - more likely - during this attempt here the LoadModule line wa
sno longer in place.
Post by Lou Wallace
[Wed Nov 21 15:54:19.916294 2018] [jk:warn] [pid 11957] No JkShmFile
defined in httpd.conf. Using default /etc/httpd/logs/jk-runtime-status
[Wed Nov 21 15:54:19.916632 2018] [jk:emerg] [pid 11957] Initializing
shm:/etc/httpd/logs/jk-runtime-status.11957 errno=13. Unable to start due
to shared memory failure.
[Wed Nov 21 15:54:19.916639 2018] [jk:emerg] [pid 11957] Initializing
shm:/etc/httpd/logs/jk-runtime-status.11957 errno=13. Unable to start due
to shared memory failure.
errno=13 means access error, so the user who runs the httpd server does
not have rights to create a shared memory file at
/etc/httpd/logs/jk-runtime-status.11957. Have a look at
/etc/httpd/logs/, check whether it exists and whether the httpd runtime
user has full rights on the directory. If you can not get rights there,
choose another path where you have rights and set it using

JkShmFile "/path/to/my/jk-runtime-status"
Post by Lou Wallace
[Wed Nov 21 15:54:19 2018] [11957:140478724515968] [warn]
jk_map_handle_duplicates::jk_map.c (456): Duplicate key $
That is weired and doesn't match the config you posted. Especially since
you didn't use either a worker mapping properties file not any JkMount
directive. So either with the above problems fixed, i would not expect
you mod_jk to get any requests passed over from httpd to handle them.

Also the config in your workers.properties doesn't look really good. i
suggest you look at the exaple config you received inside
tomcat-connectors-1.2.46-src.tar.gz and start form there. But first fix
the above first two errors.

Regards,

Rainer
Post by Lou Wallace
Hey Greg,
Thanks for the info. I changed both httpd.conf and workers.properties to
your settings. Got the same error msg when I restarted httpd.
When I checked journalist I get
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor
preset: disabled)
Active: failed (Result: exit-code) since Wed 2018-11-21 18:32:37 UTC;
3min 51s ago
Docs: man:httpd(8)
man:apachectl(8)
Process: 24340 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited,
status=1/FAILURE)
Process: 24339 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND
(code=exited, status=1/FAILURE)
Main PID: 24339 (code=exited, status=1/FAILURE)
Nov 21 18:32:37 server2 systemd[1]: Starting The Apache HTTP Server...
Nov 21 18:32:37 server2 httpd[24339]: AH00526: Syntax error on line 63 of
Nov 21 18:32:37 server2 httpd[24339]: Invalid command 'JkWorkersFile',
perhaps misspelled or defined by a module not included in the server
configuration
Nov 21 18:32:37 server2 systemd[1]: httpd.service: main process exited,
code=exited, status=1/FAILURE
Nov 21 18:32:37 server2 kill[24340]: kill: cannot find process ""
Nov 21 18:32:37 server2 systemd[1]: httpd.service: control process exited,
code=exited status=1
Nov 21 18:32:37 server2 systemd[1]: Failed to start The Apache HTTP Server.
Nov 21 18:32:37 server2 systemd[1]: Unit httpd.service entered failed state.
Nov 21 18:32:37 server2 systemd[1]: httpd.service failed.
Post by Greg Huber
...
JkWorkersFile "/etc/httpd/conf.d/workers.properties"
JkLogFile "/etc/httpd/logs/mod_jk.log"
JkShmFile "/etc/httpd/logs/jk-runtime-status.log"
JkLogLevel info
JkLogStampFormat "[%a %b %d %H:%M:%S %Y]"
....
JkMount / worker1
JkMount /* worker1
....
# Define 1 real worker using ajp13
worker.list=worker1
# Set properties for worker1 (ajp13)
worker.worker1.type=ajp13
worker.worker1.host=localhost
worker.worker1.port=8009
worker.worker1.socket_keepalive=1
Post by Lou Wallace
Hi Everyone,
So still having issues with mod_jk. I have downloaded
wget
http://www.eu.apache.org/dist/tomcat/tomcat-connectors/jk/tomcat-connectors-1.2.46-src.tar.gz
Post by Lou Wallace
wget
http://www.eu.apache.org/dist/tomcat/tomcat-connectors/jk/tomcat-connectors-1.2.46-src.tar.gz.sha1
Post by Lou Wallace
and make install, and everything seems fine
I then edited the httpd.conf file and added
LoadModule jk_module modules/mod_jk.so
JkWorkersFile "/etc/httpd/conf/workers.properties"
JkLogFile "/var/log/mod_jk.log"
JkLogLevel info
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories
JkRequestLogFormat "%w %V %T"
then I edited workers.properties and added
worker.list=app1,app2
worker.app1.type=ajp13
worker.app1.host=app1.example.com
worker.app1.port=8201
worker.app1.socket_timeout=10
worker.app2.type=ajp13
worker.app2.host=app2.example.com
worker.app2.port=8201
worker.app1.socket_timeout=10
Then when I restart Apache using systemctl restart httpd I get
Job for httpd.service failed because the control process exited with
error
Post by Lou Wallace
code. See "systemctl status httpd.servic
e" and "journalctl -xe" for details.
So checking mod_jk log I see
[Wed Nov 21 15:54:19 2018] [11957:140478724515968] [warn]
jk_map_handle_duplicates::jk_map.c (456): Duplicate key $
and the httpd log last entries are
[Wed Nov 21 15:54:13.789384 2018] [mpm_prefork:notice] [pid 7569]
caught SIGWINCH, shutting down gracefully
[Wed Nov 21 15:54:19.910325 2018] [core:notice] [pid 11957] SELinux
policy
Post by Lou Wallace
enabled; httpd running as context system_u:system_r:httpd_t:s0
suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Wed Nov 21 15:54:19.916294 2018] [jk:warn] [pid 11957] No JkShmFile
defined in httpd.conf. Using default /etc/httpd/logs/jk-runtime-status
[Wed Nov 21 15:54:19.916632 2018] [jk:emerg] [pid 11957] Initializing
shm:/etc/httpd/logs/jk-runtime-status.11957 errno=13. Unable to start due
to shared memory failure.
[Wed Nov 21 15:54:19.916639 2018] [jk:emerg] [pid 11957] Initializing
shm:/etc/httpd/logs/jk-runtime-status.11957 errno=13. Unable to start due
to shared memory failure.
I am not sure if the first 3 are connected to mod_jk, I included them for
those who know far more then me (almost everyone I suspect) just in case
And ideas, hints or thoughts?
Thanks!
Lou
Post by Lou Wallace
Hi All,
I am in need of some help in getting mod_jk installed on a new google
cloud server.
Right now it has Apache, Tomcat, Java, mysql, perl and python
installed.
Post by Lou Wallace
Post by Lou Wallace
But mod_jk isn't there.
When I try yum install mod_jk it isn't found in any of the mirrors.
I've been to the Tomcat site and when I try and get binaries or source
it
Post by Lou Wallace
Post by Lou Wallace
sees I am on a windows pc and forces me to those directories.
So, if someone can give me a simple set of commands to do this it would
be
Post by Lou Wallace
awesome. Also is there other tomcat connectors needed with java?
Preferable it will be done from the ssh client on the cloud server.
Thanks!
Lou
---------------------------------------------------------------------
To unsubscribe, e-mail: users-***@tomcat.apache.org
For additional commands, e-mail: users-***@tomcat.apache.org
Loai Abdallatif
2018-11-21 20:59:36 UTC
Permalink
Hi Lou

may be its worth to check Selinux ,
try setenforce 0
Post by Lou Wallace
Hey Greg,
Thanks for the info. I changed both httpd.conf and workers.properties to
your settings. Got the same error msg when I restarted httpd.
When I checked journalist I get
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor
preset: disabled)
Active: failed (Result: exit-code) since Wed 2018-11-21 18:32:37 UTC;
3min 51s ago
Docs: man:httpd(8)
man:apachectl(8)
Process: 24340 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited,
status=1/FAILURE)
Process: 24339 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND
(code=exited, status=1/FAILURE)
Main PID: 24339 (code=exited, status=1/FAILURE)
Nov 21 18:32:37 server2 systemd[1]: Starting The Apache HTTP Server...
Nov 21 18:32:37 server2 httpd[24339]: AH00526: Syntax error on line 63 of
Nov 21 18:32:37 server2 httpd[24339]: Invalid command 'JkWorkersFile',
perhaps misspelled or defined by a module not included in the server
configuration
Nov 21 18:32:37 server2 systemd[1]: httpd.service: main process exited,
code=exited, status=1/FAILURE
Nov 21 18:32:37 server2 kill[24340]: kill: cannot find process ""
Nov 21 18:32:37 server2 systemd[1]: httpd.service: control process exited,
code=exited status=1
Nov 21 18:32:37 server2 systemd[1]: Failed to start The Apache HTTP Server.
Nov 21 18:32:37 server2 systemd[1]: Unit httpd.service entered failed state.
Nov 21 18:32:37 server2 systemd[1]: httpd.service failed.
Post by Greg Huber
...
JkWorkersFile "/etc/httpd/conf.d/workers.properties"
JkLogFile "/etc/httpd/logs/mod_jk.log"
JkShmFile "/etc/httpd/logs/jk-runtime-status.log"
JkLogLevel info
JkLogStampFormat "[%a %b %d %H:%M:%S %Y]"
....
JkMount / worker1
JkMount /* worker1
....
# Define 1 real worker using ajp13
worker.list=worker1
# Set properties for worker1 (ajp13)
worker.worker1.type=ajp13
worker.worker1.host=localhost
worker.worker1.port=8009
worker.worker1.socket_keepalive=1
Post by Lou Wallace
Hi Everyone,
So still having issues with mod_jk. I have downloaded
wget
http://www.eu.apache.org/dist/tomcat/tomcat-connectors/jk/tomcat-connectors-1.2.46-src.tar.gz
Post by Greg Huber
Post by Lou Wallace
wget
http://www.eu.apache.org/dist/tomcat/tomcat-connectors/jk/tomcat-connectors-1.2.46-src.tar.gz.sha1
Post by Greg Huber
Post by Lou Wallace
and make install, and everything seems fine
I then edited the httpd.conf file and added
LoadModule jk_module modules/mod_jk.so
JkWorkersFile "/etc/httpd/conf/workers.properties"
JkLogFile "/var/log/mod_jk.log"
JkLogLevel info
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories
JkRequestLogFormat "%w %V %T"
then I edited workers.properties and added
worker.list=app1,app2
worker.app1.type=ajp13
worker.app1.host=app1.example.com
worker.app1.port=8201
worker.app1.socket_timeout=10
worker.app2.type=ajp13
worker.app2.host=app2.example.com
worker.app2.port=8201
worker.app1.socket_timeout=10
Then when I restart Apache using systemctl restart httpd I get
Job for httpd.service failed because the control process exited with
error
Post by Lou Wallace
code. See "systemctl status httpd.servic
e" and "journalctl -xe" for details.
So checking mod_jk log I see
[Wed Nov 21 15:54:19 2018] [11957:140478724515968] [warn]
jk_map_handle_duplicates::jk_map.c (456): Duplicate key $
and the httpd log last entries are
[Wed Nov 21 15:54:13.789384 2018] [mpm_prefork:notice] [pid 7569]
caught SIGWINCH, shutting down gracefully
[Wed Nov 21 15:54:19.910325 2018] [core:notice] [pid 11957] SELinux
policy
Post by Lou Wallace
enabled; httpd running as context system_u:system_r:httpd_t:s0
suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Wed Nov 21 15:54:19.916294 2018] [jk:warn] [pid 11957] No JkShmFile
defined in httpd.conf. Using default /etc/httpd/logs/jk-runtime-status
[Wed Nov 21 15:54:19.916632 2018] [jk:emerg] [pid 11957] Initializing
shm:/etc/httpd/logs/jk-runtime-status.11957 errno=13. Unable to start
due
Post by Greg Huber
Post by Lou Wallace
to shared memory failure.
[Wed Nov 21 15:54:19.916639 2018] [jk:emerg] [pid 11957] Initializing
shm:/etc/httpd/logs/jk-runtime-status.11957 errno=13. Unable to start
due
Post by Greg Huber
Post by Lou Wallace
to shared memory failure.
I am not sure if the first 3 are connected to mod_jk, I included them
for
Post by Greg Huber
Post by Lou Wallace
those who know far more then me (almost everyone I suspect) just in
case
Post by Greg Huber
Post by Lou Wallace
And ideas, hints or thoughts?
Thanks!
Lou
Post by Lou Wallace
Hi All,
I am in need of some help in getting mod_jk installed on a new google
cloud server.
Right now it has Apache, Tomcat, Java, mysql, perl and python
installed.
Post by Lou Wallace
Post by Lou Wallace
But mod_jk isn't there.
When I try yum install mod_jk it isn't found in any of the mirrors.
I've been to the Tomcat site and when I try and get binaries or
source
Post by Greg Huber
it
Post by Lou Wallace
Post by Lou Wallace
sees I am on a windows pc and forces me to those directories.
So, if someone can give me a simple set of commands to do this it
would
Post by Greg Huber
Post by Lou Wallace
be
Post by Lou Wallace
awesome. Also is there other tomcat connectors needed with java?
Preferable it will be done from the ssh client on the cloud server.
Thanks!
Lou
Lou Wallace
2018-11-23 17:21:04 UTC
Permalink
Hi Loai,

How would setenforce 0 help?

Lou
Post by Loai Abdallatif
Hi Lou
may be its worth to check Selinux ,
try setenforce 0
Post by Lou Wallace
Hey Greg,
Thanks for the info. I changed both httpd.conf and workers.properties to
your settings. Got the same error msg when I restarted httpd.
When I checked journalist I get
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled;
vendor
Post by Lou Wallace
preset: disabled)
Active: failed (Result: exit-code) since Wed 2018-11-21 18:32:37 UTC;
3min 51s ago
Docs: man:httpd(8)
man:apachectl(8)
Process: 24340 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited,
status=1/FAILURE)
Process: 24339 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND
(code=exited, status=1/FAILURE)
Main PID: 24339 (code=exited, status=1/FAILURE)
Nov 21 18:32:37 server2 systemd[1]: Starting The Apache HTTP Server...
Nov 21 18:32:37 server2 httpd[24339]: AH00526: Syntax error on line 63 of
Nov 21 18:32:37 server2 httpd[24339]: Invalid command 'JkWorkersFile',
perhaps misspelled or defined by a module not included in the server
configuration
Nov 21 18:32:37 server2 systemd[1]: httpd.service: main process exited,
code=exited, status=1/FAILURE
Nov 21 18:32:37 server2 kill[24340]: kill: cannot find process ""
Nov 21 18:32:37 server2 systemd[1]: httpd.service: control process
exited,
Post by Lou Wallace
code=exited status=1
Nov 21 18:32:37 server2 systemd[1]: Failed to start The Apache HTTP
Server.
Post by Lou Wallace
Nov 21 18:32:37 server2 systemd[1]: Unit httpd.service entered failed state.
Nov 21 18:32:37 server2 systemd[1]: httpd.service failed.
Post by Greg Huber
...
JkWorkersFile "/etc/httpd/conf.d/workers.properties"
JkLogFile "/etc/httpd/logs/mod_jk.log"
JkShmFile "/etc/httpd/logs/jk-runtime-status.log"
JkLogLevel info
JkLogStampFormat "[%a %b %d %H:%M:%S %Y]"
....
JkMount / worker1
JkMount /* worker1
....
# Define 1 real worker using ajp13
worker.list=worker1
# Set properties for worker1 (ajp13)
worker.worker1.type=ajp13
worker.worker1.host=localhost
worker.worker1.port=8009
worker.worker1.socket_keepalive=1
Post by Lou Wallace
Hi Everyone,
So still having issues with mod_jk. I have downloaded
wget
http://www.eu.apache.org/dist/tomcat/tomcat-connectors/jk/tomcat-connectors-1.2.46-src.tar.gz
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
wget
http://www.eu.apache.org/dist/tomcat/tomcat-connectors/jk/tomcat-connectors-1.2.46-src.tar.gz.sha1
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
and make install, and everything seems fine
I then edited the httpd.conf file and added
LoadModule jk_module modules/mod_jk.so
JkWorkersFile "/etc/httpd/conf/workers.properties"
JkLogFile "/var/log/mod_jk.log"
JkLogLevel info
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories
JkRequestLogFormat "%w %V %T"
then I edited workers.properties and added
worker.list=app1,app2
worker.app1.type=ajp13
worker.app1.host=app1.example.com
worker.app1.port=8201
worker.app1.socket_timeout=10
worker.app2.type=ajp13
worker.app2.host=app2.example.com
worker.app2.port=8201
worker.app1.socket_timeout=10
Then when I restart Apache using systemctl restart httpd I get
Job for httpd.service failed because the control process exited with
error
Post by Lou Wallace
code. See "systemctl status httpd.servic
e" and "journalctl -xe" for details.
So checking mod_jk log I see
[Wed Nov 21 15:54:19 2018] [11957:140478724515968] [warn]
jk_map_handle_duplicates::jk_map.c (456): Duplicate key $
and the httpd log last entries are
[Wed Nov 21 15:54:13.789384 2018] [mpm_prefork:notice] [pid 7569]
caught SIGWINCH, shutting down gracefully
[Wed Nov 21 15:54:19.910325 2018] [core:notice] [pid 11957] SELinux
policy
Post by Lou Wallace
enabled; httpd running as context system_u:system_r:httpd_t:s0
[Wed Nov 21 15:54:19.911278 2018] [suexec:notice] [pid 11957]
suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Wed Nov 21 15:54:19.916294 2018] [jk:warn] [pid 11957] No JkShmFile
defined in httpd.conf. Using default
/etc/httpd/logs/jk-runtime-status
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
[Wed Nov 21 15:54:19.916632 2018] [jk:emerg] [pid 11957] Initializing
shm:/etc/httpd/logs/jk-runtime-status.11957 errno=13. Unable to start
due
Post by Greg Huber
Post by Lou Wallace
to shared memory failure.
[Wed Nov 21 15:54:19.916639 2018] [jk:emerg] [pid 11957] Initializing
shm:/etc/httpd/logs/jk-runtime-status.11957 errno=13. Unable to start
due
Post by Greg Huber
Post by Lou Wallace
to shared memory failure.
I am not sure if the first 3 are connected to mod_jk, I included them
for
Post by Greg Huber
Post by Lou Wallace
those who know far more then me (almost everyone I suspect) just in
case
Post by Greg Huber
Post by Lou Wallace
And ideas, hints or thoughts?
Thanks!
Lou
Post by Lou Wallace
Hi All,
I am in need of some help in getting mod_jk installed on a new
google
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
cloud server.
Right now it has Apache, Tomcat, Java, mysql, perl and python
installed.
Post by Lou Wallace
Post by Lou Wallace
But mod_jk isn't there.
When I try yum install mod_jk it isn't found in any of the mirrors.
I've been to the Tomcat site and when I try and get binaries or
source
Post by Greg Huber
it
Post by Lou Wallace
Post by Lou Wallace
sees I am on a windows pc and forces me to those directories.
So, if someone can give me a simple set of commands to do this it
would
Post by Greg Huber
Post by Lou Wallace
be
Post by Lou Wallace
awesome. Also is there other tomcat connectors needed with java?
Preferable it will be done from the ssh client on the cloud server.
Thanks!
Lou
Greg Huber
2018-11-22 08:39:53 UTC
Permalink
-Nov 21 18:32:37 server2 httpd[24339]: AH00526: Syntax error on line 63 of
-/etc/httpd/conf/httpd.conf:
-Nov 21 18:32:37 server2 httpd[24339]: Invalid command 'JkWorkersFile',
-perhaps misspelled or defined by a module not included in the server
-configuration

Line 63? possibly have not loaded mod_jk.so ?

To test config use :
apachectl configtest

List config:
apachectl -S

----
Don't change httpd.conf if possible.
From my notes (this always works for me) :

Build mod_jk.so build
yum install httpd-devel
download tomcat-connectors-x.x.xx-src.tar.gz
extract and cd into the native folder
cd /opt/apache-tomcat/tomcat-connectors-x.x.xx-src/native
./configure --with-apxs=/usr/bin/apxs
make
copy file ./apache-2.0/mod_jk.so to /etc/httpd/modules
make clean
--
if you create a file /etc/httpd/conf.modules.d/10-my.conf (rather than
changing /etc/httpd/conf/httpd.conf)

/etc/httpd/conf.modules.d/10-my.conf:

LoadModule jk_module modules/mod_jk.so

--
if you create a file /etc/httpd/conf.d/my.conf (rather than changing
/etc/httpd/conf/httpd.conf)
/etc/httpd/conf.d/my.conf:

<IfModule mod_jk.c>

JkWorkersFile "/etc/httpd/conf.d/workers.properties"
JkLogFile "/etc/httpd/logs/mod_jk.log"
JkShmFile "/etc/httpd/logs/jk-runtime-status.log"
JkLogLevel info
JkLogStampFormat "[%a %b %d %H:%M:%S %Y]"

<VirtualHost *:80>

ServerAdmin ***@www.me.com
DocumentRoot /var/www/html
ServerName www.me.com
ServerAlias me.com

<Location "*/WEB-INF/**">
Require all denied
</Location>
<Location "*/META-INF/**">
Require all denied
</Location>
...
JkMount / worker1
JkMount /* worker1
...
</VirtualHost>

</IfModule>
Post by Lou Wallace
Hey Greg,
Thanks for the info. I changed both httpd.conf and workers.properties to
your settings. Got the same error msg when I restarted httpd.
When I checked journalist I get
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor
preset: disabled)
Active: failed (Result: exit-code) since Wed 2018-11-21 18:32:37 UTC;
3min 51s ago
Docs: man:httpd(8)
man:apachectl(8)
Process: 24340 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited,
status=1/FAILURE)
Process: 24339 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND
(code=exited, status=1/FAILURE)
Main PID: 24339 (code=exited, status=1/FAILURE)
Nov 21 18:32:37 server2 systemd[1]: Starting The Apache HTTP Server...
Nov 21 18:32:37 server2 httpd[24339]: AH00526: Syntax error on line 63 of
Nov 21 18:32:37 server2 httpd[24339]: Invalid command 'JkWorkersFile',
perhaps misspelled or defined by a module not included in the server
configuration
Nov 21 18:32:37 server2 systemd[1]: httpd.service: main process exited,
code=exited, status=1/FAILURE
Nov 21 18:32:37 server2 kill[24340]: kill: cannot find process ""
Nov 21 18:32:37 server2 systemd[1]: httpd.service: control process exited,
code=exited status=1
Nov 21 18:32:37 server2 systemd[1]: Failed to start The Apache HTTP Server.
Nov 21 18:32:37 server2 systemd[1]: Unit httpd.service entered failed state.
Nov 21 18:32:37 server2 systemd[1]: httpd.service failed.
Post by Greg Huber
...
JkWorkersFile "/etc/httpd/conf.d/workers.properties"
JkLogFile "/etc/httpd/logs/mod_jk.log"
JkShmFile "/etc/httpd/logs/jk-runtime-status.log"
JkLogLevel info
JkLogStampFormat "[%a %b %d %H:%M:%S %Y]"
....
JkMount / worker1
JkMount /* worker1
....
# Define 1 real worker using ajp13
worker.list=worker1
# Set properties for worker1 (ajp13)
worker.worker1.type=ajp13
worker.worker1.host=localhost
worker.worker1.port=8009
worker.worker1.socket_keepalive=1
Post by Lou Wallace
Hi Everyone,
So still having issues with mod_jk. I have downloaded
wget
http://www.eu.apache.org/dist/tomcat/tomcat-connectors/jk/tomcat-connectors-1.2.46-src.tar.gz
Post by Greg Huber
Post by Lou Wallace
wget
http://www.eu.apache.org/dist/tomcat/tomcat-connectors/jk/tomcat-connectors-1.2.46-src.tar.gz.sha1
Post by Greg Huber
Post by Lou Wallace
and make install, and everything seems fine
I then edited the httpd.conf file and added
LoadModule jk_module modules/mod_jk.so
JkWorkersFile "/etc/httpd/conf/workers.properties"
JkLogFile "/var/log/mod_jk.log"
JkLogLevel info
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories
JkRequestLogFormat "%w %V %T"
then I edited workers.properties and added
worker.list=app1,app2
worker.app1.type=ajp13
worker.app1.host=app1.example.com
worker.app1.port=8201
worker.app1.socket_timeout=10
worker.app2.type=ajp13
worker.app2.host=app2.example.com
worker.app2.port=8201
worker.app1.socket_timeout=10
Then when I restart Apache using systemctl restart httpd I get
Job for httpd.service failed because the control process exited with
error
Post by Lou Wallace
code. See "systemctl status httpd.servic
e" and "journalctl -xe" for details.
So checking mod_jk log I see
[Wed Nov 21 15:54:19 2018] [11957:140478724515968] [warn]
jk_map_handle_duplicates::jk_map.c (456): Duplicate key $
and the httpd log last entries are
[Wed Nov 21 15:54:13.789384 2018] [mpm_prefork:notice] [pid 7569]
caught SIGWINCH, shutting down gracefully
[Wed Nov 21 15:54:19.910325 2018] [core:notice] [pid 11957] SELinux
policy
Post by Lou Wallace
enabled; httpd running as context system_u:system_r:httpd_t:s0
suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Wed Nov 21 15:54:19.916294 2018] [jk:warn] [pid 11957] No JkShmFile
defined in httpd.conf. Using default /etc/httpd/logs/jk-runtime-status
[Wed Nov 21 15:54:19.916632 2018] [jk:emerg] [pid 11957] Initializing
shm:/etc/httpd/logs/jk-runtime-status.11957 errno=13. Unable to start
due
Post by Greg Huber
Post by Lou Wallace
to shared memory failure.
[Wed Nov 21 15:54:19.916639 2018] [jk:emerg] [pid 11957] Initializing
shm:/etc/httpd/logs/jk-runtime-status.11957 errno=13. Unable to start
due
Post by Greg Huber
Post by Lou Wallace
to shared memory failure.
I am not sure if the first 3 are connected to mod_jk, I included them
for
Post by Greg Huber
Post by Lou Wallace
those who know far more then me (almost everyone I suspect) just in
case
Post by Greg Huber
Post by Lou Wallace
And ideas, hints or thoughts?
Thanks!
Lou
Post by Lou Wallace
Hi All,
I am in need of some help in getting mod_jk installed on a new google
cloud server.
Right now it has Apache, Tomcat, Java, mysql, perl and python
installed.
Post by Lou Wallace
Post by Lou Wallace
But mod_jk isn't there.
When I try yum install mod_jk it isn't found in any of the mirrors.
I've been to the Tomcat site and when I try and get binaries or
source
Post by Greg Huber
it
Post by Lou Wallace
Post by Lou Wallace
sees I am on a windows pc and forces me to those directories.
So, if someone can give me a simple set of commands to do this it
would
Post by Greg Huber
Post by Lou Wallace
be
Post by Lou Wallace
awesome. Also is there other tomcat connectors needed with java?
Preferable it will be done from the ssh client on the cloud server.
Thanks!
Lou
Lou Wallace
2018-11-24 17:19:16 UTC
Permalink
Hi Greg,

I did this and restarted HTTPD. No error but no change.

Not sure how 10-my.conf and my.conf are called, but I did create them as
described.

Also when I checked configtest

[***@server2 conf]# apachectl configtest
Syntax OK

and apachectl -S

[***@server2 conf]# apachectl -S
VirtualHost configuration:
*:443 server2.us-west2-a.c.helpful-kingdom-220815.internal
(/etc/httpd/conf.d/ssl.conf:56)
ServerRoot: "/etc/httpd"
Main DocumentRoot: "/var/www/html"
Main ErrorLog: "/etc/httpd/logs/error_log"
Mutex mpm-accept: using_defaults
Mutex authdigest-opaque: using_defaults
Mutex proxy-balancer-shm: using_defaults
Mutex rewrite-map: using_defaults
Mutex authdigest-client: using_defaults
Mutex ssl-stapling: using_defaults
Mutex proxy: using_defaults
Mutex authn-socache: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/run/httpd/" mechanism=default
PidFile: "/run/httpd/httpd.pid"
Define: _RH_HAS_HTTPPROTOCOLOPTIONS
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="apache" id=48
Group: name="apache" id=48

Looking forward to your thoughts.

Lou
Post by Greg Huber
-Nov 21 18:32:37 server2 httpd[24339]: AH00526: Syntax error on line 63 of
-Nov 21 18:32:37 server2 httpd[24339]: Invalid command 'JkWorkersFile',
-perhaps misspelled or defined by a module not included in the server
-configuration
Line 63? possibly have not loaded mod_jk.so ?
apachectl configtest
apachectl -S
----
Don't change httpd.conf if possible.
Build mod_jk.so build
yum install httpd-devel
download tomcat-connectors-x.x.xx-src.tar.gz
extract and cd into the native folder
cd /opt/apache-tomcat/tomcat-connectors-x.x.xx-src/native
./configure --with-apxs=/usr/bin/apxs
make
copy file ./apache-2.0/mod_jk.so to /etc/httpd/modules
make clean
--
if you create a file /etc/httpd/conf.modules.d/10-my.conf (rather than
changing /etc/httpd/conf/httpd.conf)
LoadModule jk_module modules/mod_jk.so
--
if you create a file /etc/httpd/conf.d/my.conf (rather than changing
/etc/httpd/conf/httpd.conf)
<IfModule mod_jk.c>
JkWorkersFile "/etc/httpd/conf.d/workers.properties"
JkLogFile "/etc/httpd/logs/mod_jk.log"
JkShmFile "/etc/httpd/logs/jk-runtime-status.log"
JkLogLevel info
JkLogStampFormat "[%a %b %d %H:%M:%S %Y]"
<VirtualHost *:80>
DocumentRoot /var/www/html
ServerName www.me.com
ServerAlias me.com
<Location "*/WEB-INF/**">
Require all denied
</Location>
<Location "*/META-INF/**">
Require all denied
</Location>
...
JkMount / worker1
JkMount /* worker1
...
</VirtualHost>
</IfModule>
Post by Lou Wallace
Hey Greg,
Thanks for the info. I changed both httpd.conf and workers.properties to
your settings. Got the same error msg when I restarted httpd.
When I checked journalist I get
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled;
vendor
Post by Lou Wallace
preset: disabled)
Active: failed (Result: exit-code) since Wed 2018-11-21 18:32:37 UTC;
3min 51s ago
Docs: man:httpd(8)
man:apachectl(8)
Process: 24340 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited,
status=1/FAILURE)
Process: 24339 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND
(code=exited, status=1/FAILURE)
Main PID: 24339 (code=exited, status=1/FAILURE)
Nov 21 18:32:37 server2 systemd[1]: Starting The Apache HTTP Server...
Nov 21 18:32:37 server2 httpd[24339]: AH00526: Syntax error on line 63 of
Nov 21 18:32:37 server2 httpd[24339]: Invalid command 'JkWorkersFile',
perhaps misspelled or defined by a module not included in the server
configuration
Nov 21 18:32:37 server2 systemd[1]: httpd.service: main process exited,
code=exited, status=1/FAILURE
Nov 21 18:32:37 server2 kill[24340]: kill: cannot find process ""
Nov 21 18:32:37 server2 systemd[1]: httpd.service: control process
exited,
Post by Lou Wallace
code=exited status=1
Nov 21 18:32:37 server2 systemd[1]: Failed to start The Apache HTTP
Server.
Post by Lou Wallace
Nov 21 18:32:37 server2 systemd[1]: Unit httpd.service entered failed state.
Nov 21 18:32:37 server2 systemd[1]: httpd.service failed.
Post by Greg Huber
...
JkWorkersFile "/etc/httpd/conf.d/workers.properties"
JkLogFile "/etc/httpd/logs/mod_jk.log"
JkShmFile "/etc/httpd/logs/jk-runtime-status.log"
JkLogLevel info
JkLogStampFormat "[%a %b %d %H:%M:%S %Y]"
....
JkMount / worker1
JkMount /* worker1
....
# Define 1 real worker using ajp13
worker.list=worker1
# Set properties for worker1 (ajp13)
worker.worker1.type=ajp13
worker.worker1.host=localhost
worker.worker1.port=8009
worker.worker1.socket_keepalive=1
Post by Lou Wallace
Hi Everyone,
So still having issues with mod_jk. I have downloaded
wget
http://www.eu.apache.org/dist/tomcat/tomcat-connectors/jk/tomcat-connectors-1.2.46-src.tar.gz
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
wget
http://www.eu.apache.org/dist/tomcat/tomcat-connectors/jk/tomcat-connectors-1.2.46-src.tar.gz.sha1
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
and make install, and everything seems fine
I then edited the httpd.conf file and added
LoadModule jk_module modules/mod_jk.so
JkWorkersFile "/etc/httpd/conf/workers.properties"
JkLogFile "/var/log/mod_jk.log"
JkLogLevel info
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories
JkRequestLogFormat "%w %V %T"
then I edited workers.properties and added
worker.list=app1,app2
worker.app1.type=ajp13
worker.app1.host=app1.example.com
worker.app1.port=8201
worker.app1.socket_timeout=10
worker.app2.type=ajp13
worker.app2.host=app2.example.com
worker.app2.port=8201
worker.app1.socket_timeout=10
Then when I restart Apache using systemctl restart httpd I get
Job for httpd.service failed because the control process exited with
error
Post by Lou Wallace
code. See "systemctl status httpd.servic
e" and "journalctl -xe" for details.
So checking mod_jk log I see
[Wed Nov 21 15:54:19 2018] [11957:140478724515968] [warn]
jk_map_handle_duplicates::jk_map.c (456): Duplicate key $
and the httpd log last entries are
[Wed Nov 21 15:54:13.789384 2018] [mpm_prefork:notice] [pid 7569]
caught SIGWINCH, shutting down gracefully
[Wed Nov 21 15:54:19.910325 2018] [core:notice] [pid 11957] SELinux
policy
Post by Lou Wallace
enabled; httpd running as context system_u:system_r:httpd_t:s0
[Wed Nov 21 15:54:19.911278 2018] [suexec:notice] [pid 11957]
suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Wed Nov 21 15:54:19.916294 2018] [jk:warn] [pid 11957] No JkShmFile
defined in httpd.conf. Using default
/etc/httpd/logs/jk-runtime-status
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
[Wed Nov 21 15:54:19.916632 2018] [jk:emerg] [pid 11957] Initializing
shm:/etc/httpd/logs/jk-runtime-status.11957 errno=13. Unable to start
due
Post by Greg Huber
Post by Lou Wallace
to shared memory failure.
[Wed Nov 21 15:54:19.916639 2018] [jk:emerg] [pid 11957] Initializing
shm:/etc/httpd/logs/jk-runtime-status.11957 errno=13. Unable to start
due
Post by Greg Huber
Post by Lou Wallace
to shared memory failure.
I am not sure if the first 3 are connected to mod_jk, I included them
for
Post by Greg Huber
Post by Lou Wallace
those who know far more then me (almost everyone I suspect) just in
case
Post by Greg Huber
Post by Lou Wallace
And ideas, hints or thoughts?
Thanks!
Lou
Post by Lou Wallace
Hi All,
I am in need of some help in getting mod_jk installed on a new
google
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
cloud server.
Right now it has Apache, Tomcat, Java, mysql, perl and python
installed.
Post by Lou Wallace
Post by Lou Wallace
But mod_jk isn't there.
When I try yum install mod_jk it isn't found in any of the mirrors.
I've been to the Tomcat site and when I try and get binaries or
source
Post by Greg Huber
it
Post by Lou Wallace
Post by Lou Wallace
sees I am on a windows pc and forces me to those directories.
So, if someone can give me a simple set of commands to do this it
would
Post by Greg Huber
Post by Lou Wallace
be
Post by Lou Wallace
awesome. Also is there other tomcat connectors needed with java?
Preferable it will be done from the ssh client on the cloud server.
Thanks!
Lou
Christopher Schultz
2018-11-24 21:23:11 UTC
Permalink
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Lou,
Post by Lou Wallace
Hi Greg,
I did this and restarted HTTPD. No error but no change.
Not sure how 10-my.conf and my.conf are called, but I did create
them as described.
Also when I checked configtest
and apachectl -S
server2.us-west2-a.c.helpful-kingdom-220815.internal
(/etc/httpd/conf.d/ssl.conf:56) ServerRoot: "/etc/httpd" Main
"/etc/httpd/logs/error_log" Mutex mpm-accept: using_defaults Mutex
using_defaults Mutex rewrite-map: using_defaults Mutex
name="apache" id=48
Looking forward to your thoughts.
Try:

$ apachectl -M

I get something like this:

Loaded Modules:
core_module (static)
log_config_module (static)
logio_module (static)
version_module (static)
mpm_prefork_module (static)
http_module (static)
so_module (static)
alias_module (shared)
auth_basic_module (shared)
authn_file_module (shared)
authz_default_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cgi_module (shared)
deflate_module (shared)
dir_module (shared)
env_module (shared)
headers_module (shared)
include_module (shared)
jk_module (shared) <-- here is mod_jk
mime_module (shared)
negotiation_module (shared)
php5_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
ssl_module (shared)
status_module (shared)
Syntax OK

If mod_jk isn't loading, obviously none of the module-defined
directives will work.

- -chris
-----BEGIN PGP SIGNATURE-----
Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/

iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlv5wT8ACgkQHPApP6U8
pFgJMA//ex7/qu/RFlla2FiSxRDJeYfwxaGywm1IrtNXL2y0/nkjIyJKLuNkwfec
jWQm0ihAXKjBaLks9boK8dVmmEfEibsEDBSRK7LVtLwOd97PQgo6Wv8/itehOAQW
4Q8Vyc3Ov2PmXPTCzxehAyzdO8ltSZ5wFZ7TA6tXQYDzgY3yDxl3PMDl3Th0Byi1
tts6340/Ih4jhPdYoA0W9LXVqIYjEn/tzMgXUazjXE9jRUxP8bslOeMzQjiuLjvt
BkwNDqYoTN3INxwljJ9BXVumbk4DehIIx4lw1zuxdzuiLPHYxYsJY+pYLWtAY3i4
Op6ATyoKrBiOjjN6DIFWM0ilsRS0ktM7bdwRlRFCXGTUzfwv2v2qzv6PkRsaUbma
bQ9a7+FFMoHGgWQ62VUtByCyyzHsPI1RoRlXwHRNYufMI+1UpV4IxfqA8tbCcwc+
ONzzVti5y16K6mZAH4FDsU/WiFW35hkJLkDrkrvw/z3uCvQjn72etkQFoICUmlEY
uxirMQHdM8CKrJ7whqiH/1ihdJXwcOPU20QCAfwEbyE58oN+sJxFWDCbGjfVbOfe
l9yQrKzzp1rnNepPyeseCeOQqSKXBeBDahkSEO/WGDu2PYuOYf2vT/BV6cthLMlm
WhyNoGDl3P3Hr68i4Zwe3a++cXWfzosHpLQOP5RxggV9QUsvKn8=
=gAVW
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-***@tomcat.apache.org
For additional commands, e-mail: users-***@tomcat.apache.org
Lou Wallace
2018-11-24 22:01:35 UTC
Permalink
Here is what I see

Loaded Modules:
core_module (static)
so_module (static)
http_module (static)
access_compat_module (shared)
actions_module (shared)
alias_module (shared)
allowmethods_module (shared)
auth_basic_module (shared)
auth_digest_module (shared)
authn_anon_module (shared)
authn_core_module (shared)
authn_dbd_module (shared)
authn_dbm_module (shared)
authn_file_module (shared)
authn_socache_module (shared)
authz_core_module (shared)
authz_dbd_module (shared)
authz_dbm_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_owner_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cache_module (shared)
cache_disk_module (shared)
data_module (shared)
dbd_module (shared)
deflate_module (shared)
dir_module (shared)
dumpio_module (shared)
echo_module (shared)
env_module (shared)
expires_module (shared)
ext_filter_module (shared)
filter_module (shared)
headers_module (shared)
include_module (shared)
info_module (shared)
log_config_module (shared)
logio_module (shared)
mime_magic_module (shared)
mime_module (shared)
negotiation_module (shared)
remoteip_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
slotmem_plain_module (shared)
slotmem_shm_module (shared)
socache_dbm_module (shared)
socache_memcache_module (shared)
socache_shmcb_module (shared)
status_module (shared)
substitute_module (shared)
suexec_module (shared)
unique_id_module (shared)
unixd_module (shared)
userdir_module (shared)
version_module (shared)
vhost_alias_module (shared)
dav_module (shared)
dav_fs_module (shared)
dav_lock_module (shared)
lua_module (shared)
mpm_prefork_module (shared)
proxy_module (shared)
lbmethod_bybusyness_module (shared)
lbmethod_byrequests_module (shared)
lbmethod_bytraffic_module (shared)
lbmethod_heartbeat_module (shared)
proxy_ajp_module (shared)
proxy_balancer_module (shared)
proxy_connect_module (shared)
proxy_express_module (shared)
proxy_fcgi_module (shared)
proxy_fdpass_module (shared)
proxy_ftp_module (shared)
proxy_http_module (shared)
proxy_scgi_module (shared)
proxy_wstunnel_module (shared)
ssl_module (shared)
systemd_module (shared)
cgi_module (shared)

No mod_jk

On Sat, Nov 24, 2018 at 4:23 PM Christopher Schultz <
Post by Christopher Schultz
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Lou,
Post by Lou Wallace
Hi Greg,
I did this and restarted HTTPD. No error but no change.
Not sure how 10-my.conf and my.conf are called, but I did create
them as described.
Also when I checked configtest
and apachectl -S
server2.us-west2-a.c.helpful-kingdom-220815.internal
(/etc/httpd/conf.d/ssl.conf:56) ServerRoot: "/etc/httpd" Main
"/etc/httpd/logs/error_log" Mutex mpm-accept: using_defaults Mutex
using_defaults Mutex rewrite-map: using_defaults Mutex
name="apache" id=48
Looking forward to your thoughts.
$ apachectl -M
core_module (static)
log_config_module (static)
logio_module (static)
version_module (static)
mpm_prefork_module (static)
http_module (static)
so_module (static)
alias_module (shared)
auth_basic_module (shared)
authn_file_module (shared)
authz_default_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cgi_module (shared)
deflate_module (shared)
dir_module (shared)
env_module (shared)
headers_module (shared)
include_module (shared)
jk_module (shared) <-- here is mod_jk
mime_module (shared)
negotiation_module (shared)
php5_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
ssl_module (shared)
status_module (shared)
Syntax OK
If mod_jk isn't loading, obviously none of the module-defined
directives will work.
- -chris
-----BEGIN PGP SIGNATURE-----
Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/
iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlv5wT8ACgkQHPApP6U8
pFgJMA//ex7/qu/RFlla2FiSxRDJeYfwxaGywm1IrtNXL2y0/nkjIyJKLuNkwfec
jWQm0ihAXKjBaLks9boK8dVmmEfEibsEDBSRK7LVtLwOd97PQgo6Wv8/itehOAQW
4Q8Vyc3Ov2PmXPTCzxehAyzdO8ltSZ5wFZ7TA6tXQYDzgY3yDxl3PMDl3Th0Byi1
tts6340/Ih4jhPdYoA0W9LXVqIYjEn/tzMgXUazjXE9jRUxP8bslOeMzQjiuLjvt
BkwNDqYoTN3INxwljJ9BXVumbk4DehIIx4lw1zuxdzuiLPHYxYsJY+pYLWtAY3i4
Op6ATyoKrBiOjjN6DIFWM0ilsRS0ktM7bdwRlRFCXGTUzfwv2v2qzv6PkRsaUbma
bQ9a7+FFMoHGgWQ62VUtByCyyzHsPI1RoRlXwHRNYufMI+1UpV4IxfqA8tbCcwc+
ONzzVti5y16K6mZAH4FDsU/WiFW35hkJLkDrkrvw/z3uCvQjn72etkQFoICUmlEY
uxirMQHdM8CKrJ7whqiH/1ihdJXwcOPU20QCAfwEbyE58oN+sJxFWDCbGjfVbOfe
l9yQrKzzp1rnNepPyeseCeOQqSKXBeBDahkSEO/WGDu2PYuOYf2vT/BV6cthLMlm
WhyNoGDl3P3Hr68i4Zwe3a++cXWfzosHpLQOP5RxggV9QUsvKn8=
=gAVW
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
Greg Huber
2018-11-25 09:33:15 UTC
Permalink
There's the problem, make sure you have copied mod_jk.so to
/etc/httpd/modules/mod_jk.so

My file size 1,556,816 bytes permission owner root and execute

ls -l /etc/httpd/modules/mod_jk.so
-rwxrwxr-x 1 root root

also check the x executable

And apachectl -M (sorry not -S)
...
jk_module (shared)
...

10-my.conf and my.conf are preferred as when yum updates httpd it also
updates /etc/httpd/conf/httpd.conf. If you change httpd.conf you then have
to merge the httpd.conf.rpmnew as it won't overwrite config.

The only change I make in httpd.conf is to make sure there is no browsing

#Options Indexes FollowSymLinks
#No folders/files listed
Options -Indexes -FollowSymLinks

Cheers Greg
Post by Lou Wallace
Here is what I see
core_module (static)
so_module (static)
http_module (static)
access_compat_module (shared)
actions_module (shared)
alias_module (shared)
allowmethods_module (shared)
auth_basic_module (shared)
auth_digest_module (shared)
authn_anon_module (shared)
authn_core_module (shared)
authn_dbd_module (shared)
authn_dbm_module (shared)
authn_file_module (shared)
authn_socache_module (shared)
authz_core_module (shared)
authz_dbd_module (shared)
authz_dbm_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_owner_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cache_module (shared)
cache_disk_module (shared)
data_module (shared)
dbd_module (shared)
deflate_module (shared)
dir_module (shared)
dumpio_module (shared)
echo_module (shared)
env_module (shared)
expires_module (shared)
ext_filter_module (shared)
filter_module (shared)
headers_module (shared)
include_module (shared)
info_module (shared)
log_config_module (shared)
logio_module (shared)
mime_magic_module (shared)
mime_module (shared)
negotiation_module (shared)
remoteip_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
slotmem_plain_module (shared)
slotmem_shm_module (shared)
socache_dbm_module (shared)
socache_memcache_module (shared)
socache_shmcb_module (shared)
status_module (shared)
substitute_module (shared)
suexec_module (shared)
unique_id_module (shared)
unixd_module (shared)
userdir_module (shared)
version_module (shared)
vhost_alias_module (shared)
dav_module (shared)
dav_fs_module (shared)
dav_lock_module (shared)
lua_module (shared)
mpm_prefork_module (shared)
proxy_module (shared)
lbmethod_bybusyness_module (shared)
lbmethod_byrequests_module (shared)
lbmethod_bytraffic_module (shared)
lbmethod_heartbeat_module (shared)
proxy_ajp_module (shared)
proxy_balancer_module (shared)
proxy_connect_module (shared)
proxy_express_module (shared)
proxy_fcgi_module (shared)
proxy_fdpass_module (shared)
proxy_ftp_module (shared)
proxy_http_module (shared)
proxy_scgi_module (shared)
proxy_wstunnel_module (shared)
ssl_module (shared)
systemd_module (shared)
cgi_module (shared)
No mod_jk
On Sat, Nov 24, 2018 at 4:23 PM Christopher Schultz <
Post by Christopher Schultz
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Lou,
Post by Lou Wallace
Hi Greg,
I did this and restarted HTTPD. No error but no change.
Not sure how 10-my.conf and my.conf are called, but I did create
them as described.
Also when I checked configtest
and apachectl -S
server2.us-west2-a.c.helpful-kingdom-220815.internal
(/etc/httpd/conf.d/ssl.conf:56) ServerRoot: "/etc/httpd" Main
"/etc/httpd/logs/error_log" Mutex mpm-accept: using_defaults Mutex
using_defaults Mutex rewrite-map: using_defaults Mutex
name="apache" id=48
Looking forward to your thoughts.
$ apachectl -M
core_module (static)
log_config_module (static)
logio_module (static)
version_module (static)
mpm_prefork_module (static)
http_module (static)
so_module (static)
alias_module (shared)
auth_basic_module (shared)
authn_file_module (shared)
authz_default_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cgi_module (shared)
deflate_module (shared)
dir_module (shared)
env_module (shared)
headers_module (shared)
include_module (shared)
jk_module (shared) <-- here is mod_jk
mime_module (shared)
negotiation_module (shared)
php5_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
ssl_module (shared)
status_module (shared)
Syntax OK
If mod_jk isn't loading, obviously none of the module-defined
directives will work.
- -chris
-----BEGIN PGP SIGNATURE-----
Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/
iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlv5wT8ACgkQHPApP6U8
pFgJMA//ex7/qu/RFlla2FiSxRDJeYfwxaGywm1IrtNXL2y0/nkjIyJKLuNkwfec
jWQm0ihAXKjBaLks9boK8dVmmEfEibsEDBSRK7LVtLwOd97PQgo6Wv8/itehOAQW
4Q8Vyc3Ov2PmXPTCzxehAyzdO8ltSZ5wFZ7TA6tXQYDzgY3yDxl3PMDl3Th0Byi1
tts6340/Ih4jhPdYoA0W9LXVqIYjEn/tzMgXUazjXE9jRUxP8bslOeMzQjiuLjvt
BkwNDqYoTN3INxwljJ9BXVumbk4DehIIx4lw1zuxdzuiLPHYxYsJY+pYLWtAY3i4
Op6ATyoKrBiOjjN6DIFWM0ilsRS0ktM7bdwRlRFCXGTUzfwv2v2qzv6PkRsaUbma
bQ9a7+FFMoHGgWQ62VUtByCyyzHsPI1RoRlXwHRNYufMI+1UpV4IxfqA8tbCcwc+
ONzzVti5y16K6mZAH4FDsU/WiFW35hkJLkDrkrvw/z3uCvQjn72etkQFoICUmlEY
uxirMQHdM8CKrJ7whqiH/1ihdJXwcOPU20QCAfwEbyE58oN+sJxFWDCbGjfVbOfe
l9yQrKzzp1rnNepPyeseCeOQqSKXBeBDahkSEO/WGDu2PYuOYf2vT/BV6cthLMlm
WhyNoGDl3P3Hr68i4Zwe3a++cXWfzosHpLQOP5RxggV9QUsvKn8=
=gAVW
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
Lou Wallace
2018-11-25 15:27:56 UTC
Permalink
hmm this is weird

After adding

#Options Indexes FollowSymLinks
#No folders/files listed
Options -Indexes -FollowSymLinks

I decided to allow httpd.conf to try and load mod_jk.so again so I added
back LoadModule jk_module /etc/httpd/modules/mod_jk.so and restarted httpd

then when I do apachectl -M I see as last entry in the list

Loaded Modules:
core_module (static)
so_module (static)
http_module (static)
access_compat_module (shared)
actions_module (shared)
alias_module (shared)
allowmethods_module (shared)
auth_basic_module (shared)
auth_digest_module (shared)
authn_anon_module (shared)
authn_core_module (shared)
authn_dbd_module (shared)
authn_dbm_module (shared)
authn_file_module (shared)
authn_socache_module (shared)
authz_core_module (shared)
authz_dbd_module (shared)
authz_dbm_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_owner_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cache_module (shared)
cache_disk_module (shared)
data_module (shared)
dbd_module (shared)
deflate_module (shared)
dir_module (shared)
dumpio_module (shared)
echo_module (shared)
env_module (shared)
expires_module (shared)
ext_filter_module (shared)
filter_module (shared)
headers_module (shared)
include_module (shared)
info_module (shared)
log_config_module (shared)
logio_module (shared)
mime_magic_module (shared)
mime_module (shared)
negotiation_module (shared)
remoteip_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
slotmem_plain_module (shared)
slotmem_shm_module (shared)
socache_dbm_module (shared)
socache_memcache_module (shared)
socache_shmcb_module (shared)
status_module (shared)
substitute_module (shared)
suexec_module (shared)
unique_id_module (shared)
unixd_module (shared)
userdir_module (shared)
version_module (shared)
vhost_alias_module (shared)
dav_module (shared)
dav_fs_module (shared)
dav_lock_module (shared)
lua_module (shared)
mpm_prefork_module (shared)
proxy_module (shared)
lbmethod_bybusyness_module (shared)
lbmethod_byrequests_module (shared)
lbmethod_bytraffic_module (shared)
lbmethod_heartbeat_module (shared)
proxy_ajp_module (shared)
proxy_balancer_module (shared)
proxy_connect_module (shared)
proxy_express_module (shared)
proxy_fcgi_module (shared)
proxy_fdpass_module (shared)
proxy_ftp_module (shared)
proxy_http_module (shared)
proxy_scgi_module (shared)
proxy_wstunnel_module (shared)
ssl_module (shared)
systemd_module (shared)
cgi_module (shared)
jk_module (shared)

So it says mod_jk is loaded

But my .jsp web page is still showing as plain text
Post by Greg Huber
There's the problem, make sure you have copied mod_jk.so to
/etc/httpd/modules/mod_jk.so
My file size 1,556,816 bytes permission owner root and execute
ls -l /etc/httpd/modules/mod_jk.so
-rwxrwxr-x 1 root root
also check the x executable
And apachectl -M (sorry not -S)
...
jk_module (shared)
...
10-my.conf and my.conf are preferred as when yum updates httpd it also
updates /etc/httpd/conf/httpd.conf. If you change httpd.conf you then have
to merge the httpd.conf.rpmnew as it won't overwrite config.
The only change I make in httpd.conf is to make sure there is no browsing
#Options Indexes FollowSymLinks
#No folders/files listed
Options -Indexes -FollowSymLinks
Cheers Greg
Post by Lou Wallace
Here is what I see
core_module (static)
so_module (static)
http_module (static)
access_compat_module (shared)
actions_module (shared)
alias_module (shared)
allowmethods_module (shared)
auth_basic_module (shared)
auth_digest_module (shared)
authn_anon_module (shared)
authn_core_module (shared)
authn_dbd_module (shared)
authn_dbm_module (shared)
authn_file_module (shared)
authn_socache_module (shared)
authz_core_module (shared)
authz_dbd_module (shared)
authz_dbm_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_owner_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cache_module (shared)
cache_disk_module (shared)
data_module (shared)
dbd_module (shared)
deflate_module (shared)
dir_module (shared)
dumpio_module (shared)
echo_module (shared)
env_module (shared)
expires_module (shared)
ext_filter_module (shared)
filter_module (shared)
headers_module (shared)
include_module (shared)
info_module (shared)
log_config_module (shared)
logio_module (shared)
mime_magic_module (shared)
mime_module (shared)
negotiation_module (shared)
remoteip_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
slotmem_plain_module (shared)
slotmem_shm_module (shared)
socache_dbm_module (shared)
socache_memcache_module (shared)
socache_shmcb_module (shared)
status_module (shared)
substitute_module (shared)
suexec_module (shared)
unique_id_module (shared)
unixd_module (shared)
userdir_module (shared)
version_module (shared)
vhost_alias_module (shared)
dav_module (shared)
dav_fs_module (shared)
dav_lock_module (shared)
lua_module (shared)
mpm_prefork_module (shared)
proxy_module (shared)
lbmethod_bybusyness_module (shared)
lbmethod_byrequests_module (shared)
lbmethod_bytraffic_module (shared)
lbmethod_heartbeat_module (shared)
proxy_ajp_module (shared)
proxy_balancer_module (shared)
proxy_connect_module (shared)
proxy_express_module (shared)
proxy_fcgi_module (shared)
proxy_fdpass_module (shared)
proxy_ftp_module (shared)
proxy_http_module (shared)
proxy_scgi_module (shared)
proxy_wstunnel_module (shared)
ssl_module (shared)
systemd_module (shared)
cgi_module (shared)
No mod_jk
On Sat, Nov 24, 2018 at 4:23 PM Christopher Schultz <
Post by Christopher Schultz
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Lou,
Post by Lou Wallace
Hi Greg,
I did this and restarted HTTPD. No error but no change.
Not sure how 10-my.conf and my.conf are called, but I did create
them as described.
Also when I checked configtest
and apachectl -S
server2.us-west2-a.c.helpful-kingdom-220815.internal
(/etc/httpd/conf.d/ssl.conf:56) ServerRoot: "/etc/httpd" Main
"/etc/httpd/logs/error_log" Mutex mpm-accept: using_defaults Mutex
using_defaults Mutex rewrite-map: using_defaults Mutex
name="apache" id=48
Looking forward to your thoughts.
$ apachectl -M
core_module (static)
log_config_module (static)
logio_module (static)
version_module (static)
mpm_prefork_module (static)
http_module (static)
so_module (static)
alias_module (shared)
auth_basic_module (shared)
authn_file_module (shared)
authz_default_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cgi_module (shared)
deflate_module (shared)
dir_module (shared)
env_module (shared)
headers_module (shared)
include_module (shared)
jk_module (shared) <-- here is mod_jk
mime_module (shared)
negotiation_module (shared)
php5_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
ssl_module (shared)
status_module (shared)
Syntax OK
If mod_jk isn't loading, obviously none of the module-defined
directives will work.
- -chris
-----BEGIN PGP SIGNATURE-----
Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/
iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlv5wT8ACgkQHPApP6U8
pFgJMA//ex7/qu/RFlla2FiSxRDJeYfwxaGywm1IrtNXL2y0/nkjIyJKLuNkwfec
jWQm0ihAXKjBaLks9boK8dVmmEfEibsEDBSRK7LVtLwOd97PQgo6Wv8/itehOAQW
4Q8Vyc3Ov2PmXPTCzxehAyzdO8ltSZ5wFZ7TA6tXQYDzgY3yDxl3PMDl3Th0Byi1
tts6340/Ih4jhPdYoA0W9LXVqIYjEn/tzMgXUazjXE9jRUxP8bslOeMzQjiuLjvt
BkwNDqYoTN3INxwljJ9BXVumbk4DehIIx4lw1zuxdzuiLPHYxYsJY+pYLWtAY3i4
Op6ATyoKrBiOjjN6DIFWM0ilsRS0ktM7bdwRlRFCXGTUzfwv2v2qzv6PkRsaUbma
bQ9a7+FFMoHGgWQ62VUtByCyyzHsPI1RoRlXwHRNYufMI+1UpV4IxfqA8tbCcwc+
ONzzVti5y16K6mZAH4FDsU/WiFW35hkJLkDrkrvw/z3uCvQjn72etkQFoICUmlEY
uxirMQHdM8CKrJ7whqiH/1ihdJXwcOPU20QCAfwEbyE58oN+sJxFWDCbGjfVbOfe
l9yQrKzzp1rnNepPyeseCeOQqSKXBeBDahkSEO/WGDu2PYuOYf2vT/BV6cthLMlm
WhyNoGDl3P3Hr68i4Zwe3a++cXWfzosHpLQOP5RxggV9QUsvKn8=
=gAVW
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
Greg Huber
2018-11-25 16:53:47 UTC
Permalink
Post by Lou Wallace
Post by Lou Wallace
But my .jsp web page is still showing as plain text
With tomcat running does it show correctly ie
http://127.0.0.1:8080/../mypage.jsp

then try http://127.0.0.1/../mypage.jsp

######

tomcat server.xml using default port
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
Post by Lou Wallace
hmm this is weird
After adding
#Options Indexes FollowSymLinks
#No folders/files listed
Options -Indexes -FollowSymLinks
I decided to allow httpd.conf to try and load mod_jk.so again so I added
back LoadModule jk_module /etc/httpd/modules/mod_jk.so and restarted httpd
then when I do apachectl -M I see as last entry in the list
core_module (static)
so_module (static)
http_module (static)
access_compat_module (shared)
actions_module (shared)
alias_module (shared)
allowmethods_module (shared)
auth_basic_module (shared)
auth_digest_module (shared)
authn_anon_module (shared)
authn_core_module (shared)
authn_dbd_module (shared)
authn_dbm_module (shared)
authn_file_module (shared)
authn_socache_module (shared)
authz_core_module (shared)
authz_dbd_module (shared)
authz_dbm_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_owner_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cache_module (shared)
cache_disk_module (shared)
data_module (shared)
dbd_module (shared)
deflate_module (shared)
dir_module (shared)
dumpio_module (shared)
echo_module (shared)
env_module (shared)
expires_module (shared)
ext_filter_module (shared)
filter_module (shared)
headers_module (shared)
include_module (shared)
info_module (shared)
log_config_module (shared)
logio_module (shared)
mime_magic_module (shared)
mime_module (shared)
negotiation_module (shared)
remoteip_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
slotmem_plain_module (shared)
slotmem_shm_module (shared)
socache_dbm_module (shared)
socache_memcache_module (shared)
socache_shmcb_module (shared)
status_module (shared)
substitute_module (shared)
suexec_module (shared)
unique_id_module (shared)
unixd_module (shared)
userdir_module (shared)
version_module (shared)
vhost_alias_module (shared)
dav_module (shared)
dav_fs_module (shared)
dav_lock_module (shared)
lua_module (shared)
mpm_prefork_module (shared)
proxy_module (shared)
lbmethod_bybusyness_module (shared)
lbmethod_byrequests_module (shared)
lbmethod_bytraffic_module (shared)
lbmethod_heartbeat_module (shared)
proxy_ajp_module (shared)
proxy_balancer_module (shared)
proxy_connect_module (shared)
proxy_express_module (shared)
proxy_fcgi_module (shared)
proxy_fdpass_module (shared)
proxy_ftp_module (shared)
proxy_http_module (shared)
proxy_scgi_module (shared)
proxy_wstunnel_module (shared)
ssl_module (shared)
systemd_module (shared)
cgi_module (shared)
jk_module (shared)
So it says mod_jk is loaded
But my .jsp web page is still showing as plain text
Post by Lou Wallace
There's the problem, make sure you have copied mod_jk.so to
/etc/httpd/modules/mod_jk.so
My file size 1,556,816 bytes permission owner root and execute
ls -l /etc/httpd/modules/mod_jk.so
-rwxrwxr-x 1 root root
also check the x executable
And apachectl -M (sorry not -S)
...
jk_module (shared)
...
10-my.conf and my.conf are preferred as when yum updates httpd it also
updates /etc/httpd/conf/httpd.conf. If you change httpd.conf you then
have
Post by Lou Wallace
to merge the httpd.conf.rpmnew as it won't overwrite config.
The only change I make in httpd.conf is to make sure there is no browsing
#Options Indexes FollowSymLinks
#No folders/files listed
Options -Indexes -FollowSymLinks
Cheers Greg
Post by Lou Wallace
Here is what I see
core_module (static)
so_module (static)
http_module (static)
access_compat_module (shared)
actions_module (shared)
alias_module (shared)
allowmethods_module (shared)
auth_basic_module (shared)
auth_digest_module (shared)
authn_anon_module (shared)
authn_core_module (shared)
authn_dbd_module (shared)
authn_dbm_module (shared)
authn_file_module (shared)
authn_socache_module (shared)
authz_core_module (shared)
authz_dbd_module (shared)
authz_dbm_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_owner_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cache_module (shared)
cache_disk_module (shared)
data_module (shared)
dbd_module (shared)
deflate_module (shared)
dir_module (shared)
dumpio_module (shared)
echo_module (shared)
env_module (shared)
expires_module (shared)
ext_filter_module (shared)
filter_module (shared)
headers_module (shared)
include_module (shared)
info_module (shared)
log_config_module (shared)
logio_module (shared)
mime_magic_module (shared)
mime_module (shared)
negotiation_module (shared)
remoteip_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
slotmem_plain_module (shared)
slotmem_shm_module (shared)
socache_dbm_module (shared)
socache_memcache_module (shared)
socache_shmcb_module (shared)
status_module (shared)
substitute_module (shared)
suexec_module (shared)
unique_id_module (shared)
unixd_module (shared)
userdir_module (shared)
version_module (shared)
vhost_alias_module (shared)
dav_module (shared)
dav_fs_module (shared)
dav_lock_module (shared)
lua_module (shared)
mpm_prefork_module (shared)
proxy_module (shared)
lbmethod_bybusyness_module (shared)
lbmethod_byrequests_module (shared)
lbmethod_bytraffic_module (shared)
lbmethod_heartbeat_module (shared)
proxy_ajp_module (shared)
proxy_balancer_module (shared)
proxy_connect_module (shared)
proxy_express_module (shared)
proxy_fcgi_module (shared)
proxy_fdpass_module (shared)
proxy_ftp_module (shared)
proxy_http_module (shared)
proxy_scgi_module (shared)
proxy_wstunnel_module (shared)
ssl_module (shared)
systemd_module (shared)
cgi_module (shared)
No mod_jk
On Sat, Nov 24, 2018 at 4:23 PM Christopher Schultz <
Post by Christopher Schultz
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Lou,
Post by Lou Wallace
Hi Greg,
I did this and restarted HTTPD. No error but no change.
Not sure how 10-my.conf and my.conf are called, but I did create
them as described.
Also when I checked configtest
and apachectl -S
server2.us-west2-a.c.helpful-kingdom-220815.internal
(/etc/httpd/conf.d/ssl.conf:56) ServerRoot: "/etc/httpd" Main
"/etc/httpd/logs/error_log" Mutex mpm-accept: using_defaults Mutex
using_defaults Mutex rewrite-map: using_defaults Mutex
name="apache" id=48
Looking forward to your thoughts.
$ apachectl -M
core_module (static)
log_config_module (static)
logio_module (static)
version_module (static)
mpm_prefork_module (static)
http_module (static)
so_module (static)
alias_module (shared)
auth_basic_module (shared)
authn_file_module (shared)
authz_default_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cgi_module (shared)
deflate_module (shared)
dir_module (shared)
env_module (shared)
headers_module (shared)
include_module (shared)
jk_module (shared) <-- here is mod_jk
mime_module (shared)
negotiation_module (shared)
php5_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
ssl_module (shared)
status_module (shared)
Syntax OK
If mod_jk isn't loading, obviously none of the module-defined
directives will work.
- -chris
-----BEGIN PGP SIGNATURE-----
Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/
iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlv5wT8ACgkQHPApP6U8
pFgJMA//ex7/qu/RFlla2FiSxRDJeYfwxaGywm1IrtNXL2y0/nkjIyJKLuNkwfec
jWQm0ihAXKjBaLks9boK8dVmmEfEibsEDBSRK7LVtLwOd97PQgo6Wv8/itehOAQW
4Q8Vyc3Ov2PmXPTCzxehAyzdO8ltSZ5wFZ7TA6tXQYDzgY3yDxl3PMDl3Th0Byi1
tts6340/Ih4jhPdYoA0W9LXVqIYjEn/tzMgXUazjXE9jRUxP8bslOeMzQjiuLjvt
BkwNDqYoTN3INxwljJ9BXVumbk4DehIIx4lw1zuxdzuiLPHYxYsJY+pYLWtAY3i4
Op6ATyoKrBiOjjN6DIFWM0ilsRS0ktM7bdwRlRFCXGTUzfwv2v2qzv6PkRsaUbma
bQ9a7+FFMoHGgWQ62VUtByCyyzHsPI1RoRlXwHRNYufMI+1UpV4IxfqA8tbCcwc+
ONzzVti5y16K6mZAH4FDsU/WiFW35hkJLkDrkrvw/z3uCvQjn72etkQFoICUmlEY
uxirMQHdM8CKrJ7whqiH/1ihdJXwcOPU20QCAfwEbyE58oN+sJxFWDCbGjfVbOfe
l9yQrKzzp1rnNepPyeseCeOQqSKXBeBDahkSEO/WGDu2PYuOYf2vT/BV6cthLMlm
WhyNoGDl3P3Hr68i4Zwe3a++cXWfzosHpLQOP5RxggV9QUsvKn8=
=gAVW
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
Lou Wallace
2018-11-25 17:07:02 UTC
Permalink
How can I do that from the command line shell? I tried it from browser and
it timed out using http://IP:8080/index.jsp
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
But my .jsp web page is still showing as plain text
With tomcat running does it show correctly ie
http://127.0.0.1:8080/../mypage.jsp
then try http://127.0.0.1/../mypage.jsp
######
tomcat server.xml using default port
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
Post by Lou Wallace
hmm this is weird
After adding
#Options Indexes FollowSymLinks
#No folders/files listed
Options -Indexes -FollowSymLinks
I decided to allow httpd.conf to try and load mod_jk.so again so I added
back LoadModule jk_module /etc/httpd/modules/mod_jk.so and restarted
httpd
Post by Lou Wallace
then when I do apachectl -M I see as last entry in the list
core_module (static)
so_module (static)
http_module (static)
access_compat_module (shared)
actions_module (shared)
alias_module (shared)
allowmethods_module (shared)
auth_basic_module (shared)
auth_digest_module (shared)
authn_anon_module (shared)
authn_core_module (shared)
authn_dbd_module (shared)
authn_dbm_module (shared)
authn_file_module (shared)
authn_socache_module (shared)
authz_core_module (shared)
authz_dbd_module (shared)
authz_dbm_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_owner_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cache_module (shared)
cache_disk_module (shared)
data_module (shared)
dbd_module (shared)
deflate_module (shared)
dir_module (shared)
dumpio_module (shared)
echo_module (shared)
env_module (shared)
expires_module (shared)
ext_filter_module (shared)
filter_module (shared)
headers_module (shared)
include_module (shared)
info_module (shared)
log_config_module (shared)
logio_module (shared)
mime_magic_module (shared)
mime_module (shared)
negotiation_module (shared)
remoteip_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
slotmem_plain_module (shared)
slotmem_shm_module (shared)
socache_dbm_module (shared)
socache_memcache_module (shared)
socache_shmcb_module (shared)
status_module (shared)
substitute_module (shared)
suexec_module (shared)
unique_id_module (shared)
unixd_module (shared)
userdir_module (shared)
version_module (shared)
vhost_alias_module (shared)
dav_module (shared)
dav_fs_module (shared)
dav_lock_module (shared)
lua_module (shared)
mpm_prefork_module (shared)
proxy_module (shared)
lbmethod_bybusyness_module (shared)
lbmethod_byrequests_module (shared)
lbmethod_bytraffic_module (shared)
lbmethod_heartbeat_module (shared)
proxy_ajp_module (shared)
proxy_balancer_module (shared)
proxy_connect_module (shared)
proxy_express_module (shared)
proxy_fcgi_module (shared)
proxy_fdpass_module (shared)
proxy_ftp_module (shared)
proxy_http_module (shared)
proxy_scgi_module (shared)
proxy_wstunnel_module (shared)
ssl_module (shared)
systemd_module (shared)
cgi_module (shared)
jk_module (shared)
So it says mod_jk is loaded
But my .jsp web page is still showing as plain text
Post by Lou Wallace
There's the problem, make sure you have copied mod_jk.so to
/etc/httpd/modules/mod_jk.so
My file size 1,556,816 bytes permission owner root and execute
ls -l /etc/httpd/modules/mod_jk.so
-rwxrwxr-x 1 root root
also check the x executable
And apachectl -M (sorry not -S)
...
jk_module (shared)
...
10-my.conf and my.conf are preferred as when yum updates httpd it also
updates /etc/httpd/conf/httpd.conf. If you change httpd.conf you then
have
Post by Lou Wallace
to merge the httpd.conf.rpmnew as it won't overwrite config.
The only change I make in httpd.conf is to make sure there is no
browsing
Post by Lou Wallace
Post by Lou Wallace
#Options Indexes FollowSymLinks
#No folders/files listed
Options -Indexes -FollowSymLinks
Cheers Greg
Post by Lou Wallace
Here is what I see
core_module (static)
so_module (static)
http_module (static)
access_compat_module (shared)
actions_module (shared)
alias_module (shared)
allowmethods_module (shared)
auth_basic_module (shared)
auth_digest_module (shared)
authn_anon_module (shared)
authn_core_module (shared)
authn_dbd_module (shared)
authn_dbm_module (shared)
authn_file_module (shared)
authn_socache_module (shared)
authz_core_module (shared)
authz_dbd_module (shared)
authz_dbm_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_owner_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cache_module (shared)
cache_disk_module (shared)
data_module (shared)
dbd_module (shared)
deflate_module (shared)
dir_module (shared)
dumpio_module (shared)
echo_module (shared)
env_module (shared)
expires_module (shared)
ext_filter_module (shared)
filter_module (shared)
headers_module (shared)
include_module (shared)
info_module (shared)
log_config_module (shared)
logio_module (shared)
mime_magic_module (shared)
mime_module (shared)
negotiation_module (shared)
remoteip_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
slotmem_plain_module (shared)
slotmem_shm_module (shared)
socache_dbm_module (shared)
socache_memcache_module (shared)
socache_shmcb_module (shared)
status_module (shared)
substitute_module (shared)
suexec_module (shared)
unique_id_module (shared)
unixd_module (shared)
userdir_module (shared)
version_module (shared)
vhost_alias_module (shared)
dav_module (shared)
dav_fs_module (shared)
dav_lock_module (shared)
lua_module (shared)
mpm_prefork_module (shared)
proxy_module (shared)
lbmethod_bybusyness_module (shared)
lbmethod_byrequests_module (shared)
lbmethod_bytraffic_module (shared)
lbmethod_heartbeat_module (shared)
proxy_ajp_module (shared)
proxy_balancer_module (shared)
proxy_connect_module (shared)
proxy_express_module (shared)
proxy_fcgi_module (shared)
proxy_fdpass_module (shared)
proxy_ftp_module (shared)
proxy_http_module (shared)
proxy_scgi_module (shared)
proxy_wstunnel_module (shared)
ssl_module (shared)
systemd_module (shared)
cgi_module (shared)
No mod_jk
On Sat, Nov 24, 2018 at 4:23 PM Christopher Schultz <
Post by Christopher Schultz
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Lou,
Post by Lou Wallace
Hi Greg,
I did this and restarted HTTPD. No error but no change.
Not sure how 10-my.conf and my.conf are called, but I did create
them as described.
Also when I checked configtest
and apachectl -S
*:443
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
Post by Lou Wallace
server2.us-west2-a.c.helpful-kingdom-220815.internal
(/etc/httpd/conf.d/ssl.conf:56) ServerRoot: "/etc/httpd" Main
"/etc/httpd/logs/error_log" Mutex mpm-accept: using_defaults
Mutex
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
Post by Lou Wallace
using_defaults Mutex rewrite-map: using_defaults Mutex
"/run/httpd/httpd.pid" Define: _RH_HAS_HTTPPROTOCOLOPTIONS
name="apache" id=48
Looking forward to your thoughts.
$ apachectl -M
core_module (static)
log_config_module (static)
logio_module (static)
version_module (static)
mpm_prefork_module (static)
http_module (static)
so_module (static)
alias_module (shared)
auth_basic_module (shared)
authn_file_module (shared)
authz_default_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cgi_module (shared)
deflate_module (shared)
dir_module (shared)
env_module (shared)
headers_module (shared)
include_module (shared)
jk_module (shared) <-- here is mod_jk
mime_module (shared)
negotiation_module (shared)
php5_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
ssl_module (shared)
status_module (shared)
Syntax OK
If mod_jk isn't loading, obviously none of the module-defined
directives will work.
- -chris
-----BEGIN PGP SIGNATURE-----
Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/
iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlv5wT8ACgkQHPApP6U8
pFgJMA//ex7/qu/RFlla2FiSxRDJeYfwxaGywm1IrtNXL2y0/nkjIyJKLuNkwfec
jWQm0ihAXKjBaLks9boK8dVmmEfEibsEDBSRK7LVtLwOd97PQgo6Wv8/itehOAQW
4Q8Vyc3Ov2PmXPTCzxehAyzdO8ltSZ5wFZ7TA6tXQYDzgY3yDxl3PMDl3Th0Byi1
tts6340/Ih4jhPdYoA0W9LXVqIYjEn/tzMgXUazjXE9jRUxP8bslOeMzQjiuLjvt
BkwNDqYoTN3INxwljJ9BXVumbk4DehIIx4lw1zuxdzuiLPHYxYsJY+pYLWtAY3i4
Op6ATyoKrBiOjjN6DIFWM0ilsRS0ktM7bdwRlRFCXGTUzfwv2v2qzv6PkRsaUbma
bQ9a7+FFMoHGgWQ62VUtByCyyzHsPI1RoRlXwHRNYufMI+1UpV4IxfqA8tbCcwc+
ONzzVti5y16K6mZAH4FDsU/WiFW35hkJLkDrkrvw/z3uCvQjn72etkQFoICUmlEY
uxirMQHdM8CKrJ7whqiH/1ihdJXwcOPU20QCAfwEbyE58oN+sJxFWDCbGjfVbOfe
l9yQrKzzp1rnNepPyeseCeOQqSKXBeBDahkSEO/WGDu2PYuOYf2vT/BV6cthLMlm
WhyNoGDl3P3Hr68i4Zwe3a++cXWfzosHpLQOP5RxggV9QUsvKn8=
=gAVW
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
Greg Huber
2018-11-25 17:42:10 UTC
Permalink
OK, sorry, if you are remote then 8080 port may not be open.

You need to check tomcat app actually shows the page correctly.

If the page http://IP/index.jsp <http://IP:8080/index.jsp>
just shows the jsp, have a look at the /var/log/httpd logs to see what its
doing,

eg access.log
xxx.xxx.xxx.xxx.xxx - - [25/Nov/2018:07:28:08 +0000] "GET /index.jsp
HTTP/1.1" 200 27080 "

also look in the error.log for errors

mod_jk.log
[Sun Nov 25 07:27:10 2018][1452:140132954712192] [info] init_jk::mod_jk.c
(3591): mod_jk/1.2.46 initialized

You could try yum package links which is a command line browser.

Name : links
Arch : x86_64
Epoch : 1
Version : 2.13
Release : 1.el7
Size : 2.8 M
Repo : epel/x86_64
Summary : Web browser running in both graphics and text mode
URL : http://links.twibright.com/
Licence : GPLv2+
Description : Links is a web browser capable of running in either graphics
or text mode.
: It provides a pull-down menu system, renders complex pages,
has partial HTML
: 4.0 support (including tables, frames and support for
multiple character sets
: and UTF-8), supports color and monochrome terminals and
allows horizontal
: scrolling.
Post by Lou Wallace
How can I do that from the command line shell? I tried it from browser and
it timed out using http://IP:8080/index.jsp
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
But my .jsp web page is still showing as plain text
With tomcat running does it show correctly ie
http://127.0.0.1:8080/../mypage.jsp
then try http://127.0.0.1/../mypage.jsp
######
tomcat server.xml using default port
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
Post by Lou Wallace
hmm this is weird
After adding
#Options Indexes FollowSymLinks
#No folders/files listed
Options -Indexes -FollowSymLinks
I decided to allow httpd.conf to try and load mod_jk.so again so I
added
Post by Greg Huber
Post by Lou Wallace
back LoadModule jk_module /etc/httpd/modules/mod_jk.so and restarted
httpd
Post by Lou Wallace
then when I do apachectl -M I see as last entry in the list
core_module (static)
so_module (static)
http_module (static)
access_compat_module (shared)
actions_module (shared)
alias_module (shared)
allowmethods_module (shared)
auth_basic_module (shared)
auth_digest_module (shared)
authn_anon_module (shared)
authn_core_module (shared)
authn_dbd_module (shared)
authn_dbm_module (shared)
authn_file_module (shared)
authn_socache_module (shared)
authz_core_module (shared)
authz_dbd_module (shared)
authz_dbm_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_owner_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cache_module (shared)
cache_disk_module (shared)
data_module (shared)
dbd_module (shared)
deflate_module (shared)
dir_module (shared)
dumpio_module (shared)
echo_module (shared)
env_module (shared)
expires_module (shared)
ext_filter_module (shared)
filter_module (shared)
headers_module (shared)
include_module (shared)
info_module (shared)
log_config_module (shared)
logio_module (shared)
mime_magic_module (shared)
mime_module (shared)
negotiation_module (shared)
remoteip_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
slotmem_plain_module (shared)
slotmem_shm_module (shared)
socache_dbm_module (shared)
socache_memcache_module (shared)
socache_shmcb_module (shared)
status_module (shared)
substitute_module (shared)
suexec_module (shared)
unique_id_module (shared)
unixd_module (shared)
userdir_module (shared)
version_module (shared)
vhost_alias_module (shared)
dav_module (shared)
dav_fs_module (shared)
dav_lock_module (shared)
lua_module (shared)
mpm_prefork_module (shared)
proxy_module (shared)
lbmethod_bybusyness_module (shared)
lbmethod_byrequests_module (shared)
lbmethod_bytraffic_module (shared)
lbmethod_heartbeat_module (shared)
proxy_ajp_module (shared)
proxy_balancer_module (shared)
proxy_connect_module (shared)
proxy_express_module (shared)
proxy_fcgi_module (shared)
proxy_fdpass_module (shared)
proxy_ftp_module (shared)
proxy_http_module (shared)
proxy_scgi_module (shared)
proxy_wstunnel_module (shared)
ssl_module (shared)
systemd_module (shared)
cgi_module (shared)
jk_module (shared)
So it says mod_jk is loaded
But my .jsp web page is still showing as plain text
Post by Lou Wallace
There's the problem, make sure you have copied mod_jk.so to
/etc/httpd/modules/mod_jk.so
My file size 1,556,816 bytes permission owner root and execute
ls -l /etc/httpd/modules/mod_jk.so
-rwxrwxr-x 1 root root
also check the x executable
And apachectl -M (sorry not -S)
...
jk_module (shared)
...
10-my.conf and my.conf are preferred as when yum updates httpd it
also
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
updates /etc/httpd/conf/httpd.conf. If you change httpd.conf you
then
Post by Greg Huber
Post by Lou Wallace
have
Post by Lou Wallace
to merge the httpd.conf.rpmnew as it won't overwrite config.
The only change I make in httpd.conf is to make sure there is no
browsing
Post by Lou Wallace
Post by Lou Wallace
#Options Indexes FollowSymLinks
#No folders/files listed
Options -Indexes -FollowSymLinks
Cheers Greg
Post by Lou Wallace
Here is what I see
core_module (static)
so_module (static)
http_module (static)
access_compat_module (shared)
actions_module (shared)
alias_module (shared)
allowmethods_module (shared)
auth_basic_module (shared)
auth_digest_module (shared)
authn_anon_module (shared)
authn_core_module (shared)
authn_dbd_module (shared)
authn_dbm_module (shared)
authn_file_module (shared)
authn_socache_module (shared)
authz_core_module (shared)
authz_dbd_module (shared)
authz_dbm_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_owner_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cache_module (shared)
cache_disk_module (shared)
data_module (shared)
dbd_module (shared)
deflate_module (shared)
dir_module (shared)
dumpio_module (shared)
echo_module (shared)
env_module (shared)
expires_module (shared)
ext_filter_module (shared)
filter_module (shared)
headers_module (shared)
include_module (shared)
info_module (shared)
log_config_module (shared)
logio_module (shared)
mime_magic_module (shared)
mime_module (shared)
negotiation_module (shared)
remoteip_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
slotmem_plain_module (shared)
slotmem_shm_module (shared)
socache_dbm_module (shared)
socache_memcache_module (shared)
socache_shmcb_module (shared)
status_module (shared)
substitute_module (shared)
suexec_module (shared)
unique_id_module (shared)
unixd_module (shared)
userdir_module (shared)
version_module (shared)
vhost_alias_module (shared)
dav_module (shared)
dav_fs_module (shared)
dav_lock_module (shared)
lua_module (shared)
mpm_prefork_module (shared)
proxy_module (shared)
lbmethod_bybusyness_module (shared)
lbmethod_byrequests_module (shared)
lbmethod_bytraffic_module (shared)
lbmethod_heartbeat_module (shared)
proxy_ajp_module (shared)
proxy_balancer_module (shared)
proxy_connect_module (shared)
proxy_express_module (shared)
proxy_fcgi_module (shared)
proxy_fdpass_module (shared)
proxy_ftp_module (shared)
proxy_http_module (shared)
proxy_scgi_module (shared)
proxy_wstunnel_module (shared)
ssl_module (shared)
systemd_module (shared)
cgi_module (shared)
No mod_jk
On Sat, Nov 24, 2018 at 4:23 PM Christopher Schultz <
Post by Christopher Schultz
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Lou,
Post by Lou Wallace
Hi Greg,
I did this and restarted HTTPD. No error but no change.
Not sure how 10-my.conf and my.conf are called, but I did
create
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
Post by Lou Wallace
them as described.
Also when I checked configtest
and apachectl -S
*:443
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
Post by Lou Wallace
server2.us-west2-a.c.helpful-kingdom-220815.internal
(/etc/httpd/conf.d/ssl.conf:56) ServerRoot: "/etc/httpd" Main
"/etc/httpd/logs/error_log" Mutex mpm-accept: using_defaults
Mutex
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
Post by Lou Wallace
using_defaults Mutex rewrite-map: using_defaults Mutex
"/run/httpd/httpd.pid" Define: _RH_HAS_HTTPPROTOCOLOPTIONS
DUMP_VHOSTS Define: DUMP_RUN_CFG User: name="apache" id=48
name="apache" id=48
Looking forward to your thoughts.
$ apachectl -M
core_module (static)
log_config_module (static)
logio_module (static)
version_module (static)
mpm_prefork_module (static)
http_module (static)
so_module (static)
alias_module (shared)
auth_basic_module (shared)
authn_file_module (shared)
authz_default_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cgi_module (shared)
deflate_module (shared)
dir_module (shared)
env_module (shared)
headers_module (shared)
include_module (shared)
jk_module (shared) <-- here is mod_jk
mime_module (shared)
negotiation_module (shared)
php5_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
ssl_module (shared)
status_module (shared)
Syntax OK
If mod_jk isn't loading, obviously none of the module-defined
directives will work.
- -chris
-----BEGIN PGP SIGNATURE-----
Comment: Using GnuPG with Thunderbird -
https://www.enigmail.net/
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlv5wT8ACgkQHPApP6U8
pFgJMA//ex7/qu/RFlla2FiSxRDJeYfwxaGywm1IrtNXL2y0/nkjIyJKLuNkwfec
jWQm0ihAXKjBaLks9boK8dVmmEfEibsEDBSRK7LVtLwOd97PQgo6Wv8/itehOAQW
4Q8Vyc3Ov2PmXPTCzxehAyzdO8ltSZ5wFZ7TA6tXQYDzgY3yDxl3PMDl3Th0Byi1
tts6340/Ih4jhPdYoA0W9LXVqIYjEn/tzMgXUazjXE9jRUxP8bslOeMzQjiuLjvt
BkwNDqYoTN3INxwljJ9BXVumbk4DehIIx4lw1zuxdzuiLPHYxYsJY+pYLWtAY3i4
Op6ATyoKrBiOjjN6DIFWM0ilsRS0ktM7bdwRlRFCXGTUzfwv2v2qzv6PkRsaUbma
bQ9a7+FFMoHGgWQ62VUtByCyyzHsPI1RoRlXwHRNYufMI+1UpV4IxfqA8tbCcwc+
ONzzVti5y16K6mZAH4FDsU/WiFW35hkJLkDrkrvw/z3uCvQjn72etkQFoICUmlEY
uxirMQHdM8CKrJ7whqiH/1ihdJXwcOPU20QCAfwEbyE58oN+sJxFWDCbGjfVbOfe
l9yQrKzzp1rnNepPyeseCeOQqSKXBeBDahkSEO/WGDu2PYuOYf2vT/BV6cthLMlm
WhyNoGDl3P3Hr68i4Zwe3a++cXWfzosHpLQOP5RxggV9QUsvKn8=
=gAVW
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
Lou Wallace
2018-11-25 18:05:23 UTC
Permalink
hey Greg,

No obvious errors in mod_jk log. Only has five lines

[Sun Nov 25 15:22:11.637 2018] [14159:139840145266816] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 15:22:11.657 2018] [14159:139840145266816] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 15:37:01.930 2018] [15407:140260327409792] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 15:37:01.951 2018] [15407:140260327409792] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 18:00:36.252 2018] [26421:139699565041792] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 18:00:36.276 2018] [26421:139699565041792] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized

error_log

[Sun Nov 25 18:00:36.250346 2018] [core:notice] [pid 26421] SELinux policy
enabled; httpd running as context system_u:system_r:httpd_t:s0
[Sun Nov 25 18:00:36.251392 2018] [suexec:notice] [pid 26421] AH01232:
suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Sun Nov 25 18:00:36.252380 2018] [jk:warn] [pid 26421] No JkLogFile
defined in httpd.conf. Using default /etc/httpd/logs/mod_jk.log
[Sun Nov 25 18:00:36.252466 2018] [jk:warn] [pid 26421] No JkShmFile
defined in httpd.conf. Using default /etc/httpd/logs/jk-runtime-status
[Sun Nov 25 18:00:36.273798 2018] [auth_digest:notice] [pid 26421] AH01757:
generating secret for digest authentication ...
[Sun Nov 25 18:00:36.275236 2018] [lbmethod_heartbeat:notice] [pid 26421]
AH02282: No slotmem from mod_heartmonitor
[Sun Nov 25 18:00:36.276120 2018] [jk:warn] [pid 26421] No JkLogFile
defined in httpd.conf. Using default /etc/httpd/logs/mod_jk.log
[Sun Nov 25 18:00:36.276179 2018] [jk:warn] [pid 26421] No JkShmFile
defined in httpd.conf. Using default /etc/httpd/logs/jk-runtime-status
[Sun Nov 25 18:00:36.280163 2018] [mpm_prefork:notice] [pid 26421] AH00163:
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_jk/1.2.46 configured --
resuming normal operations
[Sun Nov 25 18:00:36.280201 2018] [core:notice] [pid 26421] AH00094:
Command line: '/usr/sbin/httpd -D FOREGROUND'
Post by Greg Huber
OK, sorry, if you are remote then 8080 port may not be open.
You need to check tomcat app actually shows the page correctly.
If the page http://IP/index.jsp <http://IP:8080/index.jsp>
just shows the jsp, have a look at the /var/log/httpd logs to see what its
doing,
eg access.log
xxx.xxx.xxx.xxx.xxx - - [25/Nov/2018:07:28:08 +0000] "GET /index.jsp
HTTP/1.1" 200 27080 "
also look in the error.log for errors
mod_jk.log
[Sun Nov 25 07:27:10 2018][1452:140132954712192] [info] init_jk::mod_jk.c
(3591): mod_jk/1.2.46 initialized
You could try yum package links which is a command line browser.
Name : links
Arch : x86_64
Epoch : 1
Version : 2.13
Release : 1.el7
Size : 2.8 M
Repo : epel/x86_64
Summary : Web browser running in both graphics and text mode
URL : http://links.twibright.com/
Licence : GPLv2+
Description : Links is a web browser capable of running in either graphics
or text mode.
: It provides a pull-down menu system, renders complex pages,
has partial HTML
: 4.0 support (including tables, frames and support for
multiple character sets
: and UTF-8), supports color and monochrome terminals and
allows horizontal
: scrolling.
Post by Lou Wallace
How can I do that from the command line shell? I tried it from browser
and
Post by Lou Wallace
it timed out using http://IP:8080/index.jsp
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
But my .jsp web page is still showing as plain text
With tomcat running does it show correctly ie
http://127.0.0.1:8080/../mypage.jsp
then try http://127.0.0.1/../mypage.jsp
######
tomcat server.xml using default port
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
Post by Lou Wallace
hmm this is weird
After adding
#Options Indexes FollowSymLinks
#No folders/files listed
Options -Indexes -FollowSymLinks
I decided to allow httpd.conf to try and load mod_jk.so again so I
added
Post by Greg Huber
Post by Lou Wallace
back LoadModule jk_module /etc/httpd/modules/mod_jk.so and restarted
httpd
Post by Lou Wallace
then when I do apachectl -M I see as last entry in the list
core_module (static)
so_module (static)
http_module (static)
access_compat_module (shared)
actions_module (shared)
alias_module (shared)
allowmethods_module (shared)
auth_basic_module (shared)
auth_digest_module (shared)
authn_anon_module (shared)
authn_core_module (shared)
authn_dbd_module (shared)
authn_dbm_module (shared)
authn_file_module (shared)
authn_socache_module (shared)
authz_core_module (shared)
authz_dbd_module (shared)
authz_dbm_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_owner_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cache_module (shared)
cache_disk_module (shared)
data_module (shared)
dbd_module (shared)
deflate_module (shared)
dir_module (shared)
dumpio_module (shared)
echo_module (shared)
env_module (shared)
expires_module (shared)
ext_filter_module (shared)
filter_module (shared)
headers_module (shared)
include_module (shared)
info_module (shared)
log_config_module (shared)
logio_module (shared)
mime_magic_module (shared)
mime_module (shared)
negotiation_module (shared)
remoteip_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
slotmem_plain_module (shared)
slotmem_shm_module (shared)
socache_dbm_module (shared)
socache_memcache_module (shared)
socache_shmcb_module (shared)
status_module (shared)
substitute_module (shared)
suexec_module (shared)
unique_id_module (shared)
unixd_module (shared)
userdir_module (shared)
version_module (shared)
vhost_alias_module (shared)
dav_module (shared)
dav_fs_module (shared)
dav_lock_module (shared)
lua_module (shared)
mpm_prefork_module (shared)
proxy_module (shared)
lbmethod_bybusyness_module (shared)
lbmethod_byrequests_module (shared)
lbmethod_bytraffic_module (shared)
lbmethod_heartbeat_module (shared)
proxy_ajp_module (shared)
proxy_balancer_module (shared)
proxy_connect_module (shared)
proxy_express_module (shared)
proxy_fcgi_module (shared)
proxy_fdpass_module (shared)
proxy_ftp_module (shared)
proxy_http_module (shared)
proxy_scgi_module (shared)
proxy_wstunnel_module (shared)
ssl_module (shared)
systemd_module (shared)
cgi_module (shared)
jk_module (shared)
So it says mod_jk is loaded
But my .jsp web page is still showing as plain text
Post by Lou Wallace
There's the problem, make sure you have copied mod_jk.so to
/etc/httpd/modules/mod_jk.so
My file size 1,556,816 bytes permission owner root and execute
ls -l /etc/httpd/modules/mod_jk.so
-rwxrwxr-x 1 root root
also check the x executable
And apachectl -M (sorry not -S)
...
jk_module (shared)
...
10-my.conf and my.conf are preferred as when yum updates httpd it
also
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
updates /etc/httpd/conf/httpd.conf. If you change httpd.conf you
then
Post by Greg Huber
Post by Lou Wallace
have
Post by Lou Wallace
to merge the httpd.conf.rpmnew as it won't overwrite config.
The only change I make in httpd.conf is to make sure there is no
browsing
Post by Lou Wallace
Post by Lou Wallace
#Options Indexes FollowSymLinks
#No folders/files listed
Options -Indexes -FollowSymLinks
Cheers Greg
Post by Lou Wallace
Here is what I see
core_module (static)
so_module (static)
http_module (static)
access_compat_module (shared)
actions_module (shared)
alias_module (shared)
allowmethods_module (shared)
auth_basic_module (shared)
auth_digest_module (shared)
authn_anon_module (shared)
authn_core_module (shared)
authn_dbd_module (shared)
authn_dbm_module (shared)
authn_file_module (shared)
authn_socache_module (shared)
authz_core_module (shared)
authz_dbd_module (shared)
authz_dbm_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_owner_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cache_module (shared)
cache_disk_module (shared)
data_module (shared)
dbd_module (shared)
deflate_module (shared)
dir_module (shared)
dumpio_module (shared)
echo_module (shared)
env_module (shared)
expires_module (shared)
ext_filter_module (shared)
filter_module (shared)
headers_module (shared)
include_module (shared)
info_module (shared)
log_config_module (shared)
logio_module (shared)
mime_magic_module (shared)
mime_module (shared)
negotiation_module (shared)
remoteip_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
slotmem_plain_module (shared)
slotmem_shm_module (shared)
socache_dbm_module (shared)
socache_memcache_module (shared)
socache_shmcb_module (shared)
status_module (shared)
substitute_module (shared)
suexec_module (shared)
unique_id_module (shared)
unixd_module (shared)
userdir_module (shared)
version_module (shared)
vhost_alias_module (shared)
dav_module (shared)
dav_fs_module (shared)
dav_lock_module (shared)
lua_module (shared)
mpm_prefork_module (shared)
proxy_module (shared)
lbmethod_bybusyness_module (shared)
lbmethod_byrequests_module (shared)
lbmethod_bytraffic_module (shared)
lbmethod_heartbeat_module (shared)
proxy_ajp_module (shared)
proxy_balancer_module (shared)
proxy_connect_module (shared)
proxy_express_module (shared)
proxy_fcgi_module (shared)
proxy_fdpass_module (shared)
proxy_ftp_module (shared)
proxy_http_module (shared)
proxy_scgi_module (shared)
proxy_wstunnel_module (shared)
ssl_module (shared)
systemd_module (shared)
cgi_module (shared)
No mod_jk
On Sat, Nov 24, 2018 at 4:23 PM Christopher Schultz <
Post by Christopher Schultz
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Lou,
Post by Lou Wallace
Hi Greg,
I did this and restarted HTTPD. No error but no change.
Not sure how 10-my.conf and my.conf are called, but I did
create
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
Post by Lou Wallace
them as described.
Also when I checked configtest
and apachectl -S
*:443
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
Post by Lou Wallace
server2.us-west2-a.c.helpful-kingdom-220815.internal
(/etc/httpd/conf.d/ssl.conf:56) ServerRoot: "/etc/httpd" Main
"/etc/httpd/logs/error_log" Mutex mpm-accept: using_defaults
Mutex
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
Post by Lou Wallace
using_defaults Mutex rewrite-map: using_defaults Mutex
using_defaults Mutex proxy: using_defaults Mutex
"/run/httpd/httpd.pid" Define: _RH_HAS_HTTPPROTOCOLOPTIONS
DUMP_VHOSTS Define: DUMP_RUN_CFG User: name="apache" id=48
name="apache" id=48
Looking forward to your thoughts.
$ apachectl -M
core_module (static)
log_config_module (static)
logio_module (static)
version_module (static)
mpm_prefork_module (static)
http_module (static)
so_module (static)
alias_module (shared)
auth_basic_module (shared)
authn_file_module (shared)
authz_default_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cgi_module (shared)
deflate_module (shared)
dir_module (shared)
env_module (shared)
headers_module (shared)
include_module (shared)
jk_module (shared) <-- here is mod_jk
mime_module (shared)
negotiation_module (shared)
php5_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
ssl_module (shared)
status_module (shared)
Syntax OK
If mod_jk isn't loading, obviously none of the module-defined
directives will work.
- -chris
-----BEGIN PGP SIGNATURE-----
Comment: Using GnuPG with Thunderbird -
https://www.enigmail.net/
iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlv5wT8ACgkQHPApP6U8
pFgJMA//ex7/qu/RFlla2FiSxRDJeYfwxaGywm1IrtNXL2y0/nkjIyJKLuNkwfec
jWQm0ihAXKjBaLks9boK8dVmmEfEibsEDBSRK7LVtLwOd97PQgo6Wv8/itehOAQW
4Q8Vyc3Ov2PmXPTCzxehAyzdO8ltSZ5wFZ7TA6tXQYDzgY3yDxl3PMDl3Th0Byi1
tts6340/Ih4jhPdYoA0W9LXVqIYjEn/tzMgXUazjXE9jRUxP8bslOeMzQjiuLjvt
BkwNDqYoTN3INxwljJ9BXVumbk4DehIIx4lw1zuxdzuiLPHYxYsJY+pYLWtAY3i4
Op6ATyoKrBiOjjN6DIFWM0ilsRS0ktM7bdwRlRFCXGTUzfwv2v2qzv6PkRsaUbma
bQ9a7+FFMoHGgWQ62VUtByCyyzHsPI1RoRlXwHRNYufMI+1UpV4IxfqA8tbCcwc+
ONzzVti5y16K6mZAH4FDsU/WiFW35hkJLkDrkrvw/z3uCvQjn72etkQFoICUmlEY
uxirMQHdM8CKrJ7whqiH/1ihdJXwcOPU20QCAfwEbyE58oN+sJxFWDCbGjfVbOfe
l9yQrKzzp1rnNepPyeseCeOQqSKXBeBDahkSEO/WGDu2PYuOYf2vT/BV6cthLMlm
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
WhyNoGDl3P3Hr68i4Zwe3a++cXWfzosHpLQOP5RxggV9QUsvKn8=
=gAVW
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
Loai Abdallatif
2018-11-25 20:16:13 UTC
Permalink
try selinux to permissive mode using #setenforce 0 to exclude it from
analyses
Post by Lou Wallace
hey Greg,
No obvious errors in mod_jk log. Only has five lines
[Sun Nov 25 15:22:11.637 2018] [14159:139840145266816] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 15:22:11.657 2018] [14159:139840145266816] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 15:37:01.930 2018] [15407:140260327409792] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 15:37:01.951 2018] [15407:140260327409792] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 18:00:36.252 2018] [26421:139699565041792] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 18:00:36.276 2018] [26421:139699565041792] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
error_log
[Sun Nov 25 18:00:36.250346 2018] [core:notice] [pid 26421] SELinux policy
enabled; httpd running as context system_u:system_r:httpd_t:s0
suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Sun Nov 25 18:00:36.252380 2018] [jk:warn] [pid 26421] No JkLogFile
defined in httpd.conf. Using default /etc/httpd/logs/mod_jk.log
[Sun Nov 25 18:00:36.252466 2018] [jk:warn] [pid 26421] No JkShmFile
defined in httpd.conf. Using default /etc/httpd/logs/jk-runtime-status
generating secret for digest authentication ...
[Sun Nov 25 18:00:36.275236 2018] [lbmethod_heartbeat:notice] [pid 26421]
AH02282: No slotmem from mod_heartmonitor
[Sun Nov 25 18:00:36.276120 2018] [jk:warn] [pid 26421] No JkLogFile
defined in httpd.conf. Using default /etc/httpd/logs/mod_jk.log
[Sun Nov 25 18:00:36.276179 2018] [jk:warn] [pid 26421] No JkShmFile
defined in httpd.conf. Using default /etc/httpd/logs/jk-runtime-status
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_jk/1.2.46 configured --
resuming normal operations
Command line: '/usr/sbin/httpd -D FOREGROUND'
Post by Greg Huber
OK, sorry, if you are remote then 8080 port may not be open.
You need to check tomcat app actually shows the page correctly.
If the page http://IP/index.jsp <http://IP:8080/index.jsp>
just shows the jsp, have a look at the /var/log/httpd logs to see what
its
Post by Greg Huber
doing,
eg access.log
xxx.xxx.xxx.xxx.xxx - - [25/Nov/2018:07:28:08 +0000] "GET /index.jsp
HTTP/1.1" 200 27080 "
also look in the error.log for errors
mod_jk.log
[Sun Nov 25 07:27:10 2018][1452:140132954712192] [info] init_jk::mod_jk.c
(3591): mod_jk/1.2.46 initialized
You could try yum package links which is a command line browser.
Name : links
Arch : x86_64
Epoch : 1
Version : 2.13
Release : 1.el7
Size : 2.8 M
Repo : epel/x86_64
Summary : Web browser running in both graphics and text mode
URL : http://links.twibright.com/
Licence : GPLv2+
Description : Links is a web browser capable of running in either
graphics
Post by Greg Huber
or text mode.
: It provides a pull-down menu system, renders complex pages,
has partial HTML
: 4.0 support (including tables, frames and support for
multiple character sets
: and UTF-8), supports color and monochrome terminals and
allows horizontal
: scrolling.
Post by Lou Wallace
How can I do that from the command line shell? I tried it from browser
and
Post by Lou Wallace
it timed out using http://IP:8080/index.jsp
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
But my .jsp web page is still showing as plain text
With tomcat running does it show correctly ie
http://127.0.0.1:8080/../mypage.jsp
then try http://127.0.0.1/../mypage.jsp
######
tomcat server.xml using default port
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
Post by Lou Wallace
hmm this is weird
After adding
#Options Indexes FollowSymLinks
#No folders/files listed
Options -Indexes -FollowSymLinks
I decided to allow httpd.conf to try and load mod_jk.so again so I
added
Post by Greg Huber
Post by Lou Wallace
back LoadModule jk_module /etc/httpd/modules/mod_jk.so and
restarted
Post by Greg Huber
Post by Lou Wallace
Post by Greg Huber
httpd
Post by Lou Wallace
then when I do apachectl -M I see as last entry in the list
core_module (static)
so_module (static)
http_module (static)
access_compat_module (shared)
actions_module (shared)
alias_module (shared)
allowmethods_module (shared)
auth_basic_module (shared)
auth_digest_module (shared)
authn_anon_module (shared)
authn_core_module (shared)
authn_dbd_module (shared)
authn_dbm_module (shared)
authn_file_module (shared)
authn_socache_module (shared)
authz_core_module (shared)
authz_dbd_module (shared)
authz_dbm_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_owner_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cache_module (shared)
cache_disk_module (shared)
data_module (shared)
dbd_module (shared)
deflate_module (shared)
dir_module (shared)
dumpio_module (shared)
echo_module (shared)
env_module (shared)
expires_module (shared)
ext_filter_module (shared)
filter_module (shared)
headers_module (shared)
include_module (shared)
info_module (shared)
log_config_module (shared)
logio_module (shared)
mime_magic_module (shared)
mime_module (shared)
negotiation_module (shared)
remoteip_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
slotmem_plain_module (shared)
slotmem_shm_module (shared)
socache_dbm_module (shared)
socache_memcache_module (shared)
socache_shmcb_module (shared)
status_module (shared)
substitute_module (shared)
suexec_module (shared)
unique_id_module (shared)
unixd_module (shared)
userdir_module (shared)
version_module (shared)
vhost_alias_module (shared)
dav_module (shared)
dav_fs_module (shared)
dav_lock_module (shared)
lua_module (shared)
mpm_prefork_module (shared)
proxy_module (shared)
lbmethod_bybusyness_module (shared)
lbmethod_byrequests_module (shared)
lbmethod_bytraffic_module (shared)
lbmethod_heartbeat_module (shared)
proxy_ajp_module (shared)
proxy_balancer_module (shared)
proxy_connect_module (shared)
proxy_express_module (shared)
proxy_fcgi_module (shared)
proxy_fdpass_module (shared)
proxy_ftp_module (shared)
proxy_http_module (shared)
proxy_scgi_module (shared)
proxy_wstunnel_module (shared)
ssl_module (shared)
systemd_module (shared)
cgi_module (shared)
jk_module (shared)
So it says mod_jk is loaded
But my .jsp web page is still showing as plain text
Post by Lou Wallace
There's the problem, make sure you have copied mod_jk.so to
/etc/httpd/modules/mod_jk.so
My file size 1,556,816 bytes permission owner root and execute
ls -l /etc/httpd/modules/mod_jk.so
-rwxrwxr-x 1 root root
also check the x executable
And apachectl -M (sorry not -S)
...
jk_module (shared)
...
10-my.conf and my.conf are preferred as when yum updates httpd it
also
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
updates /etc/httpd/conf/httpd.conf. If you change httpd.conf you
then
Post by Greg Huber
Post by Lou Wallace
have
Post by Lou Wallace
to merge the httpd.conf.rpmnew as it won't overwrite config.
The only change I make in httpd.conf is to make sure there is no
browsing
Post by Lou Wallace
Post by Lou Wallace
#Options Indexes FollowSymLinks
#No folders/files listed
Options -Indexes -FollowSymLinks
Cheers Greg
On Sat, 24 Nov 2018 at 22:02, Lou Wallace <
Post by Lou Wallace
Here is what I see
core_module (static)
so_module (static)
http_module (static)
access_compat_module (shared)
actions_module (shared)
alias_module (shared)
allowmethods_module (shared)
auth_basic_module (shared)
auth_digest_module (shared)
authn_anon_module (shared)
authn_core_module (shared)
authn_dbd_module (shared)
authn_dbm_module (shared)
authn_file_module (shared)
authn_socache_module (shared)
authz_core_module (shared)
authz_dbd_module (shared)
authz_dbm_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_owner_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cache_module (shared)
cache_disk_module (shared)
data_module (shared)
dbd_module (shared)
deflate_module (shared)
dir_module (shared)
dumpio_module (shared)
echo_module (shared)
env_module (shared)
expires_module (shared)
ext_filter_module (shared)
filter_module (shared)
headers_module (shared)
include_module (shared)
info_module (shared)
log_config_module (shared)
logio_module (shared)
mime_magic_module (shared)
mime_module (shared)
negotiation_module (shared)
remoteip_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
slotmem_plain_module (shared)
slotmem_shm_module (shared)
socache_dbm_module (shared)
socache_memcache_module (shared)
socache_shmcb_module (shared)
status_module (shared)
substitute_module (shared)
suexec_module (shared)
unique_id_module (shared)
unixd_module (shared)
userdir_module (shared)
version_module (shared)
vhost_alias_module (shared)
dav_module (shared)
dav_fs_module (shared)
dav_lock_module (shared)
lua_module (shared)
mpm_prefork_module (shared)
proxy_module (shared)
lbmethod_bybusyness_module (shared)
lbmethod_byrequests_module (shared)
lbmethod_bytraffic_module (shared)
lbmethod_heartbeat_module (shared)
proxy_ajp_module (shared)
proxy_balancer_module (shared)
proxy_connect_module (shared)
proxy_express_module (shared)
proxy_fcgi_module (shared)
proxy_fdpass_module (shared)
proxy_ftp_module (shared)
proxy_http_module (shared)
proxy_scgi_module (shared)
proxy_wstunnel_module (shared)
ssl_module (shared)
systemd_module (shared)
cgi_module (shared)
No mod_jk
On Sat, Nov 24, 2018 at 4:23 PM Christopher Schultz <
Post by Christopher Schultz
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Lou,
Post by Lou Wallace
Hi Greg,
I did this and restarted HTTPD. No error but no change.
Not sure how 10-my.conf and my.conf are called, but I did
create
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
Post by Lou Wallace
them as described.
Also when I checked configtest
and apachectl -S
*:443
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
Post by Lou Wallace
server2.us-west2-a.c.helpful-kingdom-220815.internal
(/etc/httpd/conf.d/ssl.conf:56) ServerRoot: "/etc/httpd"
Main
using_defaults
Post by Greg Huber
Post by Lou Wallace
Post by Greg Huber
Mutex
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
Post by Lou Wallace
using_defaults Mutex rewrite-map: using_defaults Mutex
using_defaults Mutex proxy: using_defaults Mutex
using_defaults Mutex ssl-cache: using_defaults Mutex
"/run/httpd/httpd.pid" Define: _RH_HAS_HTTPPROTOCOLOPTIONS
DUMP_VHOSTS Define: DUMP_RUN_CFG User: name="apache" id=48
name="apache" id=48
Looking forward to your thoughts.
$ apachectl -M
core_module (static)
log_config_module (static)
logio_module (static)
version_module (static)
mpm_prefork_module (static)
http_module (static)
so_module (static)
alias_module (shared)
auth_basic_module (shared)
authn_file_module (shared)
authz_default_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cgi_module (shared)
deflate_module (shared)
dir_module (shared)
env_module (shared)
headers_module (shared)
include_module (shared)
jk_module (shared) <-- here is mod_jk
mime_module (shared)
negotiation_module (shared)
php5_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
ssl_module (shared)
status_module (shared)
Syntax OK
If mod_jk isn't loading, obviously none of the module-defined
directives will work.
- -chris
-----BEGIN PGP SIGNATURE-----
Comment: Using GnuPG with Thunderbird -
https://www.enigmail.net/
iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlv5wT8ACgkQHPApP6U8
pFgJMA//ex7/qu/RFlla2FiSxRDJeYfwxaGywm1IrtNXL2y0/nkjIyJKLuNkwfec
jWQm0ihAXKjBaLks9boK8dVmmEfEibsEDBSRK7LVtLwOd97PQgo6Wv8/itehOAQW
4Q8Vyc3Ov2PmXPTCzxehAyzdO8ltSZ5wFZ7TA6tXQYDzgY3yDxl3PMDl3Th0Byi1
tts6340/Ih4jhPdYoA0W9LXVqIYjEn/tzMgXUazjXE9jRUxP8bslOeMzQjiuLjvt
BkwNDqYoTN3INxwljJ9BXVumbk4DehIIx4lw1zuxdzuiLPHYxYsJY+pYLWtAY3i4
Op6ATyoKrBiOjjN6DIFWM0ilsRS0ktM7bdwRlRFCXGTUzfwv2v2qzv6PkRsaUbma
bQ9a7+FFMoHGgWQ62VUtByCyyzHsPI1RoRlXwHRNYufMI+1UpV4IxfqA8tbCcwc+
ONzzVti5y16K6mZAH4FDsU/WiFW35hkJLkDrkrvw/z3uCvQjn72etkQFoICUmlEY
uxirMQHdM8CKrJ7whqiH/1ihdJXwcOPU20QCAfwEbyE58oN+sJxFWDCbGjfVbOfe
l9yQrKzzp1rnNepPyeseCeOQqSKXBeBDahkSEO/WGDu2PYuOYf2vT/BV6cthLMlm
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
WhyNoGDl3P3Hr68i4Zwe3a++cXWfzosHpLQOP5RxggV9QUsvKn8=
=gAVW
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
Lou Wallace
2018-11-25 20:26:42 UTC
Permalink
How will selinux help? Not sure what you mean...
Post by Loai Abdallatif
try selinux to permissive mode using #setenforce 0 to exclude it from
analyses
Post by Lou Wallace
hey Greg,
No obvious errors in mod_jk log. Only has five lines
[Sun Nov 25 15:22:11.637 2018] [14159:139840145266816] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 15:22:11.657 2018] [14159:139840145266816] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 15:37:01.930 2018] [15407:140260327409792] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 15:37:01.951 2018] [15407:140260327409792] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 18:00:36.252 2018] [26421:139699565041792] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 18:00:36.276 2018] [26421:139699565041792] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
error_log
[Sun Nov 25 18:00:36.250346 2018] [core:notice] [pid 26421] SELinux
policy
Post by Lou Wallace
enabled; httpd running as context system_u:system_r:httpd_t:s0
suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Sun Nov 25 18:00:36.252380 2018] [jk:warn] [pid 26421] No JkLogFile
defined in httpd.conf. Using default /etc/httpd/logs/mod_jk.log
[Sun Nov 25 18:00:36.252466 2018] [jk:warn] [pid 26421] No JkShmFile
defined in httpd.conf. Using default /etc/httpd/logs/jk-runtime-status
[Sun Nov 25 18:00:36.273798 2018] [auth_digest:notice] [pid 26421]
generating secret for digest authentication ...
[Sun Nov 25 18:00:36.275236 2018] [lbmethod_heartbeat:notice] [pid 26421]
AH02282: No slotmem from mod_heartmonitor
[Sun Nov 25 18:00:36.276120 2018] [jk:warn] [pid 26421] No JkLogFile
defined in httpd.conf. Using default /etc/httpd/logs/mod_jk.log
[Sun Nov 25 18:00:36.276179 2018] [jk:warn] [pid 26421] No JkShmFile
defined in httpd.conf. Using default /etc/httpd/logs/jk-runtime-status
[Sun Nov 25 18:00:36.280163 2018] [mpm_prefork:notice] [pid 26421]
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_jk/1.2.46 configured --
resuming normal operations
Command line: '/usr/sbin/httpd -D FOREGROUND'
Post by Greg Huber
OK, sorry, if you are remote then 8080 port may not be open.
You need to check tomcat app actually shows the page correctly.
If the page http://IP/index.jsp <http://IP:8080/index.jsp>
just shows the jsp, have a look at the /var/log/httpd logs to see what
its
Post by Greg Huber
doing,
eg access.log
xxx.xxx.xxx.xxx.xxx - - [25/Nov/2018:07:28:08 +0000] "GET /index.jsp
HTTP/1.1" 200 27080 "
also look in the error.log for errors
mod_jk.log
[Sun Nov 25 07:27:10 2018][1452:140132954712192] [info]
init_jk::mod_jk.c
Post by Lou Wallace
Post by Greg Huber
(3591): mod_jk/1.2.46 initialized
You could try yum package links which is a command line browser.
Name : links
Arch : x86_64
Epoch : 1
Version : 2.13
Release : 1.el7
Size : 2.8 M
Repo : epel/x86_64
Summary : Web browser running in both graphics and text mode
URL : http://links.twibright.com/
Licence : GPLv2+
Description : Links is a web browser capable of running in either
graphics
Post by Greg Huber
or text mode.
: It provides a pull-down menu system, renders complex
pages,
Post by Lou Wallace
Post by Greg Huber
has partial HTML
: 4.0 support (including tables, frames and support for
multiple character sets
: and UTF-8), supports color and monochrome terminals and
allows horizontal
: scrolling.
Post by Lou Wallace
How can I do that from the command line shell? I tried it from
browser
Post by Lou Wallace
Post by Greg Huber
and
Post by Lou Wallace
it timed out using http://IP:8080/index.jsp
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
But my .jsp web page is still showing as plain text
With tomcat running does it show correctly ie
http://127.0.0.1:8080/../mypage.jsp
then try http://127.0.0.1/../mypage.jsp
######
tomcat server.xml using default port
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
Post by Lou Wallace
hmm this is weird
After adding
#Options Indexes FollowSymLinks
#No folders/files listed
Options -Indexes -FollowSymLinks
I decided to allow httpd.conf to try and load mod_jk.so again so
I
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
added
Post by Greg Huber
Post by Lou Wallace
back LoadModule jk_module /etc/httpd/modules/mod_jk.so and
restarted
Post by Greg Huber
Post by Lou Wallace
Post by Greg Huber
httpd
Post by Lou Wallace
then when I do apachectl -M I see as last entry in the list
core_module (static)
so_module (static)
http_module (static)
access_compat_module (shared)
actions_module (shared)
alias_module (shared)
allowmethods_module (shared)
auth_basic_module (shared)
auth_digest_module (shared)
authn_anon_module (shared)
authn_core_module (shared)
authn_dbd_module (shared)
authn_dbm_module (shared)
authn_file_module (shared)
authn_socache_module (shared)
authz_core_module (shared)
authz_dbd_module (shared)
authz_dbm_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_owner_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cache_module (shared)
cache_disk_module (shared)
data_module (shared)
dbd_module (shared)
deflate_module (shared)
dir_module (shared)
dumpio_module (shared)
echo_module (shared)
env_module (shared)
expires_module (shared)
ext_filter_module (shared)
filter_module (shared)
headers_module (shared)
include_module (shared)
info_module (shared)
log_config_module (shared)
logio_module (shared)
mime_magic_module (shared)
mime_module (shared)
negotiation_module (shared)
remoteip_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
slotmem_plain_module (shared)
slotmem_shm_module (shared)
socache_dbm_module (shared)
socache_memcache_module (shared)
socache_shmcb_module (shared)
status_module (shared)
substitute_module (shared)
suexec_module (shared)
unique_id_module (shared)
unixd_module (shared)
userdir_module (shared)
version_module (shared)
vhost_alias_module (shared)
dav_module (shared)
dav_fs_module (shared)
dav_lock_module (shared)
lua_module (shared)
mpm_prefork_module (shared)
proxy_module (shared)
lbmethod_bybusyness_module (shared)
lbmethod_byrequests_module (shared)
lbmethod_bytraffic_module (shared)
lbmethod_heartbeat_module (shared)
proxy_ajp_module (shared)
proxy_balancer_module (shared)
proxy_connect_module (shared)
proxy_express_module (shared)
proxy_fcgi_module (shared)
proxy_fdpass_module (shared)
proxy_ftp_module (shared)
proxy_http_module (shared)
proxy_scgi_module (shared)
proxy_wstunnel_module (shared)
ssl_module (shared)
systemd_module (shared)
cgi_module (shared)
jk_module (shared)
So it says mod_jk is loaded
But my .jsp web page is still showing as plain text
Post by Lou Wallace
There's the problem, make sure you have copied mod_jk.so to
/etc/httpd/modules/mod_jk.so
My file size 1,556,816 bytes permission owner root and execute
ls -l /etc/httpd/modules/mod_jk.so
-rwxrwxr-x 1 root root
also check the x executable
And apachectl -M (sorry not -S)
...
jk_module (shared)
...
10-my.conf and my.conf are preferred as when yum updates httpd
it
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
also
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
updates /etc/httpd/conf/httpd.conf. If you change httpd.conf
you
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
then
Post by Greg Huber
Post by Lou Wallace
have
Post by Lou Wallace
to merge the httpd.conf.rpmnew as it won't overwrite config.
The only change I make in httpd.conf is to make sure there is
no
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Greg Huber
browsing
Post by Lou Wallace
Post by Lou Wallace
#Options Indexes FollowSymLinks
#No folders/files listed
Options -Indexes -FollowSymLinks
Cheers Greg
On Sat, 24 Nov 2018 at 22:02, Lou Wallace <
Post by Lou Wallace
Here is what I see
core_module (static)
so_module (static)
http_module (static)
access_compat_module (shared)
actions_module (shared)
alias_module (shared)
allowmethods_module (shared)
auth_basic_module (shared)
auth_digest_module (shared)
authn_anon_module (shared)
authn_core_module (shared)
authn_dbd_module (shared)
authn_dbm_module (shared)
authn_file_module (shared)
authn_socache_module (shared)
authz_core_module (shared)
authz_dbd_module (shared)
authz_dbm_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_owner_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cache_module (shared)
cache_disk_module (shared)
data_module (shared)
dbd_module (shared)
deflate_module (shared)
dir_module (shared)
dumpio_module (shared)
echo_module (shared)
env_module (shared)
expires_module (shared)
ext_filter_module (shared)
filter_module (shared)
headers_module (shared)
include_module (shared)
info_module (shared)
log_config_module (shared)
logio_module (shared)
mime_magic_module (shared)
mime_module (shared)
negotiation_module (shared)
remoteip_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
slotmem_plain_module (shared)
slotmem_shm_module (shared)
socache_dbm_module (shared)
socache_memcache_module (shared)
socache_shmcb_module (shared)
status_module (shared)
substitute_module (shared)
suexec_module (shared)
unique_id_module (shared)
unixd_module (shared)
userdir_module (shared)
version_module (shared)
vhost_alias_module (shared)
dav_module (shared)
dav_fs_module (shared)
dav_lock_module (shared)
lua_module (shared)
mpm_prefork_module (shared)
proxy_module (shared)
lbmethod_bybusyness_module (shared)
lbmethod_byrequests_module (shared)
lbmethod_bytraffic_module (shared)
lbmethod_heartbeat_module (shared)
proxy_ajp_module (shared)
proxy_balancer_module (shared)
proxy_connect_module (shared)
proxy_express_module (shared)
proxy_fcgi_module (shared)
proxy_fdpass_module (shared)
proxy_ftp_module (shared)
proxy_http_module (shared)
proxy_scgi_module (shared)
proxy_wstunnel_module (shared)
ssl_module (shared)
systemd_module (shared)
cgi_module (shared)
No mod_jk
On Sat, Nov 24, 2018 at 4:23 PM Christopher Schultz <
Post by Christopher Schultz
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Lou,
Post by Lou Wallace
Hi Greg,
I did this and restarted HTTPD. No error but no change.
Not sure how 10-my.conf and my.conf are called, but I did
create
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
Post by Lou Wallace
them as described.
Also when I checked configtest
and apachectl -S
*:443
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
Post by Lou Wallace
server2.us-west2-a.c.helpful-kingdom-220815.internal
(/etc/httpd/conf.d/ssl.conf:56) ServerRoot: "/etc/httpd"
Main
using_defaults
Post by Greg Huber
Post by Lou Wallace
Post by Greg Huber
Mutex
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
Post by Lou Wallace
authdigest-opaque: using_defaults Mutex
using_defaults Mutex rewrite-map: using_defaults Mutex
using_defaults Mutex proxy: using_defaults Mutex
using_defaults Mutex ssl-cache: using_defaults Mutex
_RH_HAS_HTTPPROTOCOLOPTIONS
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
Post by Lou Wallace
DUMP_VHOSTS Define: DUMP_RUN_CFG User: name="apache"
id=48
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
Post by Lou Wallace
name="apache" id=48
Looking forward to your thoughts.
$ apachectl -M
core_module (static)
log_config_module (static)
logio_module (static)
version_module (static)
mpm_prefork_module (static)
http_module (static)
so_module (static)
alias_module (shared)
auth_basic_module (shared)
authn_file_module (shared)
authz_default_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cgi_module (shared)
deflate_module (shared)
dir_module (shared)
env_module (shared)
headers_module (shared)
include_module (shared)
jk_module (shared) <-- here is mod_jk
mime_module (shared)
negotiation_module (shared)
php5_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
ssl_module (shared)
status_module (shared)
Syntax OK
If mod_jk isn't loading, obviously none of the
module-defined
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
directives will work.
- -chris
-----BEGIN PGP SIGNATURE-----
Comment: Using GnuPG with Thunderbird -
https://www.enigmail.net/
iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlv5wT8ACgkQHPApP6U8
pFgJMA//ex7/qu/RFlla2FiSxRDJeYfwxaGywm1IrtNXL2y0/nkjIyJKLuNkwfec
jWQm0ihAXKjBaLks9boK8dVmmEfEibsEDBSRK7LVtLwOd97PQgo6Wv8/itehOAQW
4Q8Vyc3Ov2PmXPTCzxehAyzdO8ltSZ5wFZ7TA6tXQYDzgY3yDxl3PMDl3Th0Byi1
tts6340/Ih4jhPdYoA0W9LXVqIYjEn/tzMgXUazjXE9jRUxP8bslOeMzQjiuLjvt
BkwNDqYoTN3INxwljJ9BXVumbk4DehIIx4lw1zuxdzuiLPHYxYsJY+pYLWtAY3i4
Op6ATyoKrBiOjjN6DIFWM0ilsRS0ktM7bdwRlRFCXGTUzfwv2v2qzv6PkRsaUbma
bQ9a7+FFMoHGgWQ62VUtByCyyzHsPI1RoRlXwHRNYufMI+1UpV4IxfqA8tbCcwc+
ONzzVti5y16K6mZAH4FDsU/WiFW35hkJLkDrkrvw/z3uCvQjn72etkQFoICUmlEY
uxirMQHdM8CKrJ7whqiH/1ihdJXwcOPU20QCAfwEbyE58oN+sJxFWDCbGjfVbOfe
l9yQrKzzp1rnNepPyeseCeOQqSKXBeBDahkSEO/WGDu2PYuOYf2vT/BV6cthLMlm
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
WhyNoGDl3P3Hr68i4Zwe3a++cXWfzosHpLQOP5RxggV9QUsvKn8=
=gAVW
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
André Warnier (tomcat)
2018-11-25 20:36:27 UTC
Permalink
Hi.
I have not been following this in detail, but some of the things I've seen written made me
think of the warning (in red type) on the page :
http://tomcat.apache.org/connectors-doc/reference/apache.html

In other words, if your front-end Apache httpd is configured in such a way that, to serve
a request URL from a browser, it /can/ access a directory and files which really belong to
Tomcat, then all kinds of weird and dangerous things will happen.
Such as JSP pages being served 'as is', and browsers being able to access directories and
files which Tomcat would normally forbid (such as the content of a webapps/yourapp/WEB-INF
directory).
Post by Lou Wallace
How will selinux help? Not sure what you mean...
Post by Loai Abdallatif
try selinux to permissive mode using #setenforce 0 to exclude it from
analyses
Post by Lou Wallace
hey Greg,
No obvious errors in mod_jk log. Only has five lines
[Sun Nov 25 15:22:11.637 2018] [14159:139840145266816] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 15:22:11.657 2018] [14159:139840145266816] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 15:37:01.930 2018] [15407:140260327409792] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 15:37:01.951 2018] [15407:140260327409792] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 18:00:36.252 2018] [26421:139699565041792] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 18:00:36.276 2018] [26421:139699565041792] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
error_log
[Sun Nov 25 18:00:36.250346 2018] [core:notice] [pid 26421] SELinux
policy
Post by Lou Wallace
enabled; httpd running as context system_u:system_r:httpd_t:s0
suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Sun Nov 25 18:00:36.252380 2018] [jk:warn] [pid 26421] No JkLogFile
defined in httpd.conf. Using default /etc/httpd/logs/mod_jk.log
[Sun Nov 25 18:00:36.252466 2018] [jk:warn] [pid 26421] No JkShmFile
defined in httpd.conf. Using default /etc/httpd/logs/jk-runtime-status
[Sun Nov 25 18:00:36.273798 2018] [auth_digest:notice] [pid 26421]
generating secret for digest authentication ...
[Sun Nov 25 18:00:36.275236 2018] [lbmethod_heartbeat:notice] [pid 26421]
AH02282: No slotmem from mod_heartmonitor
[Sun Nov 25 18:00:36.276120 2018] [jk:warn] [pid 26421] No JkLogFile
defined in httpd.conf. Using default /etc/httpd/logs/mod_jk.log
[Sun Nov 25 18:00:36.276179 2018] [jk:warn] [pid 26421] No JkShmFile
defined in httpd.conf. Using default /etc/httpd/logs/jk-runtime-status
[Sun Nov 25 18:00:36.280163 2018] [mpm_prefork:notice] [pid 26421]
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_jk/1.2.46 configured --
resuming normal operations
Command line: '/usr/sbin/httpd -D FOREGROUND'
Post by Greg Huber
OK, sorry, if you are remote then 8080 port may not be open.
You need to check tomcat app actually shows the page correctly.
If the page http://IP/index.jsp <http://IP:8080/index.jsp>
just shows the jsp, have a look at the /var/log/httpd logs to see what
its
Post by Greg Huber
doing,
eg access.log
xxx.xxx.xxx.xxx.xxx - - [25/Nov/2018:07:28:08 +0000] "GET /index.jsp
HTTP/1.1" 200 27080 "
also look in the error.log for errors
mod_jk.log
[Sun Nov 25 07:27:10 2018][1452:140132954712192] [info]
init_jk::mod_jk.c
Post by Lou Wallace
Post by Greg Huber
(3591): mod_jk/1.2.46 initialized
You could try yum package links which is a command line browser.
Name : links
Arch : x86_64
Epoch : 1
Version : 2.13
Release : 1.el7
Size : 2.8 M
Repo : epel/x86_64
Summary : Web browser running in both graphics and text mode
URL : http://links.twibright.com/
Licence : GPLv2+
Description : Links is a web browser capable of running in either
graphics
Post by Greg Huber
or text mode.
: It provides a pull-down menu system, renders complex
pages,
Post by Lou Wallace
Post by Greg Huber
has partial HTML
: 4.0 support (including tables, frames and support for
multiple character sets
: and UTF-8), supports color and monochrome terminals and
allows horizontal
: scrolling.
Post by Lou Wallace
How can I do that from the command line shell? I tried it from
browser
Post by Lou Wallace
Post by Greg Huber
and
Post by Lou Wallace
it timed out using http://IP:8080/index.jsp
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
But my .jsp web page is still showing as plain text
With tomcat running does it show correctly ie
http://127.0.0.1:8080/../mypage.jsp
then try http://127.0.0.1/../mypage.jsp
######
tomcat server.xml using default port
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
Post by Lou Wallace
hmm this is weird
After adding
#Options Indexes FollowSymLinks
#No folders/files listed
Options -Indexes -FollowSymLinks
I decided to allow httpd.conf to try and load mod_jk.so again so
I
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
added
Post by Greg Huber
Post by Lou Wallace
back LoadModule jk_module /etc/httpd/modules/mod_jk.so and
restarted
Post by Greg Huber
Post by Lou Wallace
Post by Greg Huber
httpd
Post by Lou Wallace
then when I do apachectl -M I see as last entry in the list
core_module (static)
so_module (static)
http_module (static)
access_compat_module (shared)
actions_module (shared)
alias_module (shared)
allowmethods_module (shared)
auth_basic_module (shared)
auth_digest_module (shared)
authn_anon_module (shared)
authn_core_module (shared)
authn_dbd_module (shared)
authn_dbm_module (shared)
authn_file_module (shared)
authn_socache_module (shared)
authz_core_module (shared)
authz_dbd_module (shared)
authz_dbm_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_owner_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cache_module (shared)
cache_disk_module (shared)
data_module (shared)
dbd_module (shared)
deflate_module (shared)
dir_module (shared)
dumpio_module (shared)
echo_module (shared)
env_module (shared)
expires_module (shared)
ext_filter_module (shared)
filter_module (shared)
headers_module (shared)
include_module (shared)
info_module (shared)
log_config_module (shared)
logio_module (shared)
mime_magic_module (shared)
mime_module (shared)
negotiation_module (shared)
remoteip_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
slotmem_plain_module (shared)
slotmem_shm_module (shared)
socache_dbm_module (shared)
socache_memcache_module (shared)
socache_shmcb_module (shared)
status_module (shared)
substitute_module (shared)
suexec_module (shared)
unique_id_module (shared)
unixd_module (shared)
userdir_module (shared)
version_module (shared)
vhost_alias_module (shared)
dav_module (shared)
dav_fs_module (shared)
dav_lock_module (shared)
lua_module (shared)
mpm_prefork_module (shared)
proxy_module (shared)
lbmethod_bybusyness_module (shared)
lbmethod_byrequests_module (shared)
lbmethod_bytraffic_module (shared)
lbmethod_heartbeat_module (shared)
proxy_ajp_module (shared)
proxy_balancer_module (shared)
proxy_connect_module (shared)
proxy_express_module (shared)
proxy_fcgi_module (shared)
proxy_fdpass_module (shared)
proxy_ftp_module (shared)
proxy_http_module (shared)
proxy_scgi_module (shared)
proxy_wstunnel_module (shared)
ssl_module (shared)
systemd_module (shared)
cgi_module (shared)
jk_module (shared)
So it says mod_jk is loaded
But my .jsp web page is still showing as plain text
Post by Lou Wallace
There's the problem, make sure you have copied mod_jk.so to
/etc/httpd/modules/mod_jk.so
My file size 1,556,816 bytes permission owner root and execute
ls -l /etc/httpd/modules/mod_jk.so
-rwxrwxr-x 1 root root
also check the x executable
And apachectl -M (sorry not -S)
...
jk_module (shared)
...
10-my.conf and my.conf are preferred as when yum updates httpd
it
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
also
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
updates /etc/httpd/conf/httpd.conf. If you change httpd.conf
you
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
then
Post by Greg Huber
Post by Lou Wallace
have
Post by Lou Wallace
to merge the httpd.conf.rpmnew as it won't overwrite config.
The only change I make in httpd.conf is to make sure there is
no
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Greg Huber
browsing
Post by Lou Wallace
Post by Lou Wallace
#Options Indexes FollowSymLinks
#No folders/files listed
Options -Indexes -FollowSymLinks
Cheers Greg
On Sat, 24 Nov 2018 at 22:02, Lou Wallace <
Post by Lou Wallace
Here is what I see
core_module (static)
so_module (static)
http_module (static)
access_compat_module (shared)
actions_module (shared)
alias_module (shared)
allowmethods_module (shared)
auth_basic_module (shared)
auth_digest_module (shared)
authn_anon_module (shared)
authn_core_module (shared)
authn_dbd_module (shared)
authn_dbm_module (shared)
authn_file_module (shared)
authn_socache_module (shared)
authz_core_module (shared)
authz_dbd_module (shared)
authz_dbm_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_owner_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cache_module (shared)
cache_disk_module (shared)
data_module (shared)
dbd_module (shared)
deflate_module (shared)
dir_module (shared)
dumpio_module (shared)
echo_module (shared)
env_module (shared)
expires_module (shared)
ext_filter_module (shared)
filter_module (shared)
headers_module (shared)
include_module (shared)
info_module (shared)
log_config_module (shared)
logio_module (shared)
mime_magic_module (shared)
mime_module (shared)
negotiation_module (shared)
remoteip_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
slotmem_plain_module (shared)
slotmem_shm_module (shared)
socache_dbm_module (shared)
socache_memcache_module (shared)
socache_shmcb_module (shared)
status_module (shared)
substitute_module (shared)
suexec_module (shared)
unique_id_module (shared)
unixd_module (shared)
userdir_module (shared)
version_module (shared)
vhost_alias_module (shared)
dav_module (shared)
dav_fs_module (shared)
dav_lock_module (shared)
lua_module (shared)
mpm_prefork_module (shared)
proxy_module (shared)
lbmethod_bybusyness_module (shared)
lbmethod_byrequests_module (shared)
lbmethod_bytraffic_module (shared)
lbmethod_heartbeat_module (shared)
proxy_ajp_module (shared)
proxy_balancer_module (shared)
proxy_connect_module (shared)
proxy_express_module (shared)
proxy_fcgi_module (shared)
proxy_fdpass_module (shared)
proxy_ftp_module (shared)
proxy_http_module (shared)
proxy_scgi_module (shared)
proxy_wstunnel_module (shared)
ssl_module (shared)
systemd_module (shared)
cgi_module (shared)
No mod_jk
On Sat, Nov 24, 2018 at 4:23 PM Christopher Schultz <
Post by Christopher Schultz
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Lou,
Post by Lou Wallace
Hi Greg,
I did this and restarted HTTPD. No error but no change.
Not sure how 10-my.conf and my.conf are called, but I did
create
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
Post by Lou Wallace
them as described.
Also when I checked configtest
and apachectl -S
*:443
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
Post by Lou Wallace
server2.us-west2-a.c.helpful-kingdom-220815.internal
(/etc/httpd/conf.d/ssl.conf:56) ServerRoot: "/etc/httpd"
Main
using_defaults
Post by Greg Huber
Post by Lou Wallace
Post by Greg Huber
Mutex
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
Post by Lou Wallace
authdigest-opaque: using_defaults Mutex
using_defaults Mutex rewrite-map: using_defaults Mutex
using_defaults Mutex proxy: using_defaults Mutex
using_defaults Mutex ssl-cache: using_defaults Mutex
_RH_HAS_HTTPPROTOCOLOPTIONS
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
Post by Lou Wallace
DUMP_VHOSTS Define: DUMP_RUN_CFG User: name="apache"
id=48
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
Post by Lou Wallace
name="apache" id=48
Looking forward to your thoughts.
$ apachectl -M
core_module (static)
log_config_module (static)
logio_module (static)
version_module (static)
mpm_prefork_module (static)
http_module (static)
so_module (static)
alias_module (shared)
auth_basic_module (shared)
authn_file_module (shared)
authz_default_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cgi_module (shared)
deflate_module (shared)
dir_module (shared)
env_module (shared)
headers_module (shared)
include_module (shared)
jk_module (shared) <-- here is mod_jk
mime_module (shared)
negotiation_module (shared)
php5_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
ssl_module (shared)
status_module (shared)
Syntax OK
If mod_jk isn't loading, obviously none of the
module-defined
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
directives will work.
- -chris
-----BEGIN PGP SIGNATURE-----
Comment: Using GnuPG with Thunderbird -
https://www.enigmail.net/
iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlv5wT8ACgkQHPApP6U8
pFgJMA//ex7/qu/RFlla2FiSxRDJeYfwxaGywm1IrtNXL2y0/nkjIyJKLuNkwfec
jWQm0ihAXKjBaLks9boK8dVmmEfEibsEDBSRK7LVtLwOd97PQgo6Wv8/itehOAQW
4Q8Vyc3Ov2PmXPTCzxehAyzdO8ltSZ5wFZ7TA6tXQYDzgY3yDxl3PMDl3Th0Byi1
tts6340/Ih4jhPdYoA0W9LXVqIYjEn/tzMgXUazjXE9jRUxP8bslOeMzQjiuLjvt
BkwNDqYoTN3INxwljJ9BXVumbk4DehIIx4lw1zuxdzuiLPHYxYsJY+pYLWtAY3i4
Op6ATyoKrBiOjjN6DIFWM0ilsRS0ktM7bdwRlRFCXGTUzfwv2v2qzv6PkRsaUbma
bQ9a7+FFMoHGgWQ62VUtByCyyzHsPI1RoRlXwHRNYufMI+1UpV4IxfqA8tbCcwc+
ONzzVti5y16K6mZAH4FDsU/WiFW35hkJLkDrkrvw/z3uCvQjn72etkQFoICUmlEY
uxirMQHdM8CKrJ7whqiH/1ihdJXwcOPU20QCAfwEbyE58oN+sJxFWDCbGjfVbOfe
l9yQrKzzp1rnNepPyeseCeOQqSKXBeBDahkSEO/WGDu2PYuOYf2vT/BV6cthLMlm
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
WhyNoGDl3P3Hr68i4Zwe3a++cXWfzosHpLQOP5RxggV9QUsvKn8=
=gAVW
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
---------------------------------------------------------------------
To unsubscribe, e-mail: users-***@tomcat.apache.org
For additional commands, e-mail: users-***@tomcat.apache.org
Lou Wallace
2018-11-25 20:43:31 UTC
Permalink
Whew. Just read that link

Warning: If Apache and Tomcat are configured to serve content from the same
file system location then care must be taken to ensure that Apache is not
able to serve inappropriate content such as the contents of the WEB-INF
directory or JSP source code.

This could occur if the Apache DocumentRoot overlaps with a Tomcat Host's
appBase or the docBase of any Context. It could also occur when using the
Apache Alias directive with a Tomcat Host's appBase or the docBase of any
Context.

And I just checked and sure enough I can access from the browser the
contents of the site directory. Now I haven't yet configured httpd-vhosts
to define site yet - could that be why I can access the directory itself
from a browser?

And where do I look to see if Apache DocumentRoot overlaps with a Tomcat
Host's appBase or the docBase?
Post by André Warnier (tomcat)
Hi.
I have not been following this in detail, but some of the things I've seen written made me
http://tomcat.apache.org/connectors-doc/reference/apache.html
In other words, if your front-end Apache httpd is configured in such a way that, to serve
a request URL from a browser, it /can/ access a directory and files which really belong to
Tomcat, then all kinds of weird and dangerous things will happen.
Such as JSP pages being served 'as is', and browsers being able to access directories and
files which Tomcat would normally forbid (such as the content of a webapps/yourapp/WEB-INF
directory).
Post by Lou Wallace
How will selinux help? Not sure what you mean...
On Sun, Nov 25, 2018 at 3:16 PM Loai Abdallatif <
Post by Loai Abdallatif
try selinux to permissive mode using #setenforce 0 to exclude it from
analyses
Post by Lou Wallace
hey Greg,
No obvious errors in mod_jk log. Only has five lines
[Sun Nov 25 15:22:11.637 2018] [14159:139840145266816] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 15:22:11.657 2018] [14159:139840145266816] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 15:37:01.930 2018] [15407:140260327409792] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 15:37:01.951 2018] [15407:140260327409792] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 18:00:36.252 2018] [26421:139699565041792] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 18:00:36.276 2018] [26421:139699565041792] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
error_log
[Sun Nov 25 18:00:36.250346 2018] [core:notice] [pid 26421] SELinux
policy
Post by Lou Wallace
enabled; httpd running as context system_u:system_r:httpd_t:s0
suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Sun Nov 25 18:00:36.252380 2018] [jk:warn] [pid 26421] No JkLogFile
defined in httpd.conf. Using default /etc/httpd/logs/mod_jk.log
[Sun Nov 25 18:00:36.252466 2018] [jk:warn] [pid 26421] No JkShmFile
defined in httpd.conf. Using default /etc/httpd/logs/jk-runtime-status
[Sun Nov 25 18:00:36.273798 2018] [auth_digest:notice] [pid 26421]
generating secret for digest authentication ...
[Sun Nov 25 18:00:36.275236 2018] [lbmethod_heartbeat:notice] [pid
26421]
Post by Lou Wallace
Post by Loai Abdallatif
Post by Lou Wallace
AH02282: No slotmem from mod_heartmonitor
[Sun Nov 25 18:00:36.276120 2018] [jk:warn] [pid 26421] No JkLogFile
defined in httpd.conf. Using default /etc/httpd/logs/mod_jk.log
[Sun Nov 25 18:00:36.276179 2018] [jk:warn] [pid 26421] No JkShmFile
defined in httpd.conf. Using default /etc/httpd/logs/jk-runtime-status
[Sun Nov 25 18:00:36.280163 2018] [mpm_prefork:notice] [pid 26421]
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_jk/1.2.46 configured --
resuming normal operations
Command line: '/usr/sbin/httpd -D FOREGROUND'
Post by Greg Huber
OK, sorry, if you are remote then 8080 port may not be open.
You need to check tomcat app actually shows the page correctly.
If the page http://IP/index.jsp <http://IP:8080/index.jsp>
just shows the jsp, have a look at the /var/log/httpd logs to see what
its
Post by Greg Huber
doing,
eg access.log
xxx.xxx.xxx.xxx.xxx - - [25/Nov/2018:07:28:08 +0000] "GET /index.jsp
HTTP/1.1" 200 27080 "
also look in the error.log for errors
mod_jk.log
[Sun Nov 25 07:27:10 2018][1452:140132954712192] [info]
init_jk::mod_jk.c
Post by Lou Wallace
Post by Greg Huber
(3591): mod_jk/1.2.46 initialized
You could try yum package links which is a command line browser.
Name : links
Arch : x86_64
Epoch : 1
Version : 2.13
Release : 1.el7
Size : 2.8 M
Repo : epel/x86_64
Summary : Web browser running in both graphics and text mode
URL : http://links.twibright.com/
Licence : GPLv2+
Description : Links is a web browser capable of running in either
graphics
Post by Greg Huber
or text mode.
: It provides a pull-down menu system, renders complex
pages,
Post by Lou Wallace
Post by Greg Huber
has partial HTML
: 4.0 support (including tables, frames and support for
multiple character sets
: and UTF-8), supports color and monochrome terminals and
allows horizontal
: scrolling.
Post by Lou Wallace
How can I do that from the command line shell? I tried it from
browser
Post by Lou Wallace
Post by Greg Huber
and
Post by Lou Wallace
it timed out using http://IP:8080/index.jsp
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
But my .jsp web page is still showing as plain text
With tomcat running does it show correctly ie
http://127.0.0.1:8080/../mypage.jsp
then try http://127.0.0.1/../mypage.jsp
######
tomcat server.xml using default port
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
Post by Lou Wallace
hmm this is weird
After adding
#Options Indexes FollowSymLinks
#No folders/files listed
Options -Indexes -FollowSymLinks
I decided to allow httpd.conf to try and load mod_jk.so again so
I
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
added
Post by Greg Huber
Post by Lou Wallace
back LoadModule jk_module /etc/httpd/modules/mod_jk.so and
restarted
Post by Greg Huber
Post by Lou Wallace
Post by Greg Huber
httpd
Post by Lou Wallace
then when I do apachectl -M I see as last entry in the list
core_module (static)
so_module (static)
http_module (static)
access_compat_module (shared)
actions_module (shared)
alias_module (shared)
allowmethods_module (shared)
auth_basic_module (shared)
auth_digest_module (shared)
authn_anon_module (shared)
authn_core_module (shared)
authn_dbd_module (shared)
authn_dbm_module (shared)
authn_file_module (shared)
authn_socache_module (shared)
authz_core_module (shared)
authz_dbd_module (shared)
authz_dbm_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_owner_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cache_module (shared)
cache_disk_module (shared)
data_module (shared)
dbd_module (shared)
deflate_module (shared)
dir_module (shared)
dumpio_module (shared)
echo_module (shared)
env_module (shared)
expires_module (shared)
ext_filter_module (shared)
filter_module (shared)
headers_module (shared)
include_module (shared)
info_module (shared)
log_config_module (shared)
logio_module (shared)
mime_magic_module (shared)
mime_module (shared)
negotiation_module (shared)
remoteip_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
slotmem_plain_module (shared)
slotmem_shm_module (shared)
socache_dbm_module (shared)
socache_memcache_module (shared)
socache_shmcb_module (shared)
status_module (shared)
substitute_module (shared)
suexec_module (shared)
unique_id_module (shared)
unixd_module (shared)
userdir_module (shared)
version_module (shared)
vhost_alias_module (shared)
dav_module (shared)
dav_fs_module (shared)
dav_lock_module (shared)
lua_module (shared)
mpm_prefork_module (shared)
proxy_module (shared)
lbmethod_bybusyness_module (shared)
lbmethod_byrequests_module (shared)
lbmethod_bytraffic_module (shared)
lbmethod_heartbeat_module (shared)
proxy_ajp_module (shared)
proxy_balancer_module (shared)
proxy_connect_module (shared)
proxy_express_module (shared)
proxy_fcgi_module (shared)
proxy_fdpass_module (shared)
proxy_ftp_module (shared)
proxy_http_module (shared)
proxy_scgi_module (shared)
proxy_wstunnel_module (shared)
ssl_module (shared)
systemd_module (shared)
cgi_module (shared)
jk_module (shared)
So it says mod_jk is loaded
But my .jsp web page is still showing as plain text
Post by Lou Wallace
There's the problem, make sure you have copied mod_jk.so to
/etc/httpd/modules/mod_jk.so
My file size 1,556,816 bytes permission owner root and execute
ls -l /etc/httpd/modules/mod_jk.so
-rwxrwxr-x 1 root root
also check the x executable
And apachectl -M (sorry not -S)
...
jk_module (shared)
...
10-my.conf and my.conf are preferred as when yum updates httpd
it
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
also
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
updates /etc/httpd/conf/httpd.conf. If you change httpd.conf
you
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
then
Post by Greg Huber
Post by Lou Wallace
have
Post by Lou Wallace
to merge the httpd.conf.rpmnew as it won't overwrite config.
The only change I make in httpd.conf is to make sure there is
no
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Greg Huber
browsing
Post by Lou Wallace
Post by Lou Wallace
#Options Indexes FollowSymLinks
#No folders/files listed
Options -Indexes -FollowSymLinks
Cheers Greg
On Sat, 24 Nov 2018 at 22:02, Lou Wallace <
Post by Lou Wallace
Here is what I see
core_module (static)
so_module (static)
http_module (static)
access_compat_module (shared)
actions_module (shared)
alias_module (shared)
allowmethods_module (shared)
auth_basic_module (shared)
auth_digest_module (shared)
authn_anon_module (shared)
authn_core_module (shared)
authn_dbd_module (shared)
authn_dbm_module (shared)
authn_file_module (shared)
authn_socache_module (shared)
authz_core_module (shared)
authz_dbd_module (shared)
authz_dbm_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_owner_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cache_module (shared)
cache_disk_module (shared)
data_module (shared)
dbd_module (shared)
deflate_module (shared)
dir_module (shared)
dumpio_module (shared)
echo_module (shared)
env_module (shared)
expires_module (shared)
ext_filter_module (shared)
filter_module (shared)
headers_module (shared)
include_module (shared)
info_module (shared)
log_config_module (shared)
logio_module (shared)
mime_magic_module (shared)
mime_module (shared)
negotiation_module (shared)
remoteip_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
slotmem_plain_module (shared)
slotmem_shm_module (shared)
socache_dbm_module (shared)
socache_memcache_module (shared)
socache_shmcb_module (shared)
status_module (shared)
substitute_module (shared)
suexec_module (shared)
unique_id_module (shared)
unixd_module (shared)
userdir_module (shared)
version_module (shared)
vhost_alias_module (shared)
dav_module (shared)
dav_fs_module (shared)
dav_lock_module (shared)
lua_module (shared)
mpm_prefork_module (shared)
proxy_module (shared)
lbmethod_bybusyness_module (shared)
lbmethod_byrequests_module (shared)
lbmethod_bytraffic_module (shared)
lbmethod_heartbeat_module (shared)
proxy_ajp_module (shared)
proxy_balancer_module (shared)
proxy_connect_module (shared)
proxy_express_module (shared)
proxy_fcgi_module (shared)
proxy_fdpass_module (shared)
proxy_ftp_module (shared)
proxy_http_module (shared)
proxy_scgi_module (shared)
proxy_wstunnel_module (shared)
ssl_module (shared)
systemd_module (shared)
cgi_module (shared)
No mod_jk
On Sat, Nov 24, 2018 at 4:23 PM Christopher Schultz <
Post by Christopher Schultz
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Lou,
Post by Lou Wallace
Hi Greg,
I did this and restarted HTTPD. No error but no change.
Not sure how 10-my.conf and my.conf are called, but I did
create
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
Post by Lou Wallace
them as described.
Also when I checked configtest
and apachectl -S
*:443
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
Post by Lou Wallace
server2.us-west2-a.c.helpful-kingdom-220815.internal
(/etc/httpd/conf.d/ssl.conf:56) ServerRoot: "/etc/httpd"
Main
using_defaults
Post by Greg Huber
Post by Lou Wallace
Post by Greg Huber
Mutex
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
Post by Lou Wallace
authdigest-opaque: using_defaults Mutex
using_defaults Mutex rewrite-map: using_defaults Mutex
using_defaults Mutex proxy: using_defaults Mutex
using_defaults Mutex ssl-cache: using_defaults Mutex
_RH_HAS_HTTPPROTOCOLOPTIONS
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
Post by Lou Wallace
DUMP_VHOSTS Define: DUMP_RUN_CFG User: name="apache"
id=48
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
Post by Lou Wallace
name="apache" id=48
Looking forward to your thoughts.
$ apachectl -M
core_module (static)
log_config_module (static)
logio_module (static)
version_module (static)
mpm_prefork_module (static)
http_module (static)
so_module (static)
alias_module (shared)
auth_basic_module (shared)
authn_file_module (shared)
authz_default_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cgi_module (shared)
deflate_module (shared)
dir_module (shared)
env_module (shared)
headers_module (shared)
include_module (shared)
jk_module (shared) <-- here is mod_jk
mime_module (shared)
negotiation_module (shared)
php5_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
ssl_module (shared)
status_module (shared)
Syntax OK
If mod_jk isn't loading, obviously none of the
module-defined
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
directives will work.
- -chris
-----BEGIN PGP SIGNATURE-----
Comment: Using GnuPG with Thunderbird -
https://www.enigmail.net/
iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlv5wT8ACgkQHPApP6U8
pFgJMA//ex7/qu/RFlla2FiSxRDJeYfwxaGywm1IrtNXL2y0/nkjIyJKLuNkwfec
jWQm0ihAXKjBaLks9boK8dVmmEfEibsEDBSRK7LVtLwOd97PQgo6Wv8/itehOAQW
4Q8Vyc3Ov2PmXPTCzxehAyzdO8ltSZ5wFZ7TA6tXQYDzgY3yDxl3PMDl3Th0Byi1
tts6340/Ih4jhPdYoA0W9LXVqIYjEn/tzMgXUazjXE9jRUxP8bslOeMzQjiuLjvt
BkwNDqYoTN3INxwljJ9BXVumbk4DehIIx4lw1zuxdzuiLPHYxYsJY+pYLWtAY3i4
Op6ATyoKrBiOjjN6DIFWM0ilsRS0ktM7bdwRlRFCXGTUzfwv2v2qzv6PkRsaUbma
bQ9a7+FFMoHGgWQ62VUtByCyyzHsPI1RoRlXwHRNYufMI+1UpV4IxfqA8tbCcwc+
ONzzVti5y16K6mZAH4FDsU/WiFW35hkJLkDrkrvw/z3uCvQjn72etkQFoICUmlEY
uxirMQHdM8CKrJ7whqiH/1ihdJXwcOPU20QCAfwEbyE58oN+sJxFWDCbGjfVbOfe
l9yQrKzzp1rnNepPyeseCeOQqSKXBeBDahkSEO/WGDu2PYuOYf2vT/BV6cthLMlm
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
WhyNoGDl3P3Hr68i4Zwe3a++cXWfzosHpLQOP5RxggV9QUsvKn8=
=gAVW
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
---------------------------------------------------------------------
André Warnier (tomcat)
2018-11-25 21:19:30 UTC
Permalink
Post by Lou Wallace
Whew. Just read that link
Warning: If Apache and Tomcat are configured to serve content from the same
file system location then care must be taken to ensure that Apache is not
able to serve inappropriate content such as the contents of the WEB-INF
directory or JSP source code.
This could occur if the Apache DocumentRoot overlaps with a Tomcat Host's
appBase or the docBase of any Context. It could also occur when using the
Apache Alias directive with a Tomcat Host's appBase or the docBase of any
Context.
And I just checked and sure enough I can access from the browser the
contents of the site directory. Now I haven't yet configured httpd-vhosts
to define site yet - could that be why I can access the directory itself
from a browser?
And where do I look to see if Apache DocumentRoot overlaps with a Tomcat
Host's appBase or the docBase?
Make a picture. I'm not kidding.
Presumably, you know what a filesystem directory structure looks like.
So make a little schema of the Apache httpd document directories, starting at what is
indicated in the DocumentRoot of the httpd.conf (or apache2.conf or whatever it is on your
system); and make a similar schema of the directories of Tomcat, starting at the positions
mentioned in the appBase/docBase attributes.
If any of these overlap, you have a problem. It is not a fatal problem, and one can avoid
the problem with a careful httpd configuration. But if there is an overlap, you are always
at risk of forgetting to configure this properly, so better to avoid it altogether.
(Of course, all of this can happen only if Apache httpd and Tomcat are running on the same
host; if not, there is no such risk. Unless of course they share some common network
directories..

browser <- A+B -> httpd + mod_jk <-- B --> tomcat
| |
A B
| |
httpd DocumentRoot webapps
sub-directories |
and files -- webbap-1
- files (1)
|- WEB-INF
|- files (2)
Legend :
- A+B are all requests sent by the browser, to the front-end httpd.
Some of these requests are for documents/applications on the front-end (A).
Some of these requests are for the back-end tomcat's webapps (B).
httpd + mod_jk "know" which requests to proxy to tomcat (B), by the "JkMount"
directives. What is not proxied to tomcat (aka "not B") is served locally by
httpd (A).
As long as "httpd DocumentRoot" and "webapps" are totally separate on disk, there is no
problem.
The problem is when some part of "httpd DocumentRoot" overlaps some part of "webapps".
Then for example a browser can send something which appears to be directed at httpd
(iow a URL addressing A), but which in reality accesses something under "webapps".
Because then, httpd will serve this "raw", and none of the security (or JSP compilation
and execution of (1)) of tomcat will ever even know that httpd is serving things from
under its nose, even forbidden things (2).

Clear ?
Post by Lou Wallace
Post by André Warnier (tomcat)
Hi.
I have not been following this in detail, but some of the things I've seen
written made me
http://tomcat.apache.org/connectors-doc/reference/apache.html
In other words, if your front-end Apache httpd is configured in such a way that, to serve
a request URL from a browser, it /can/ access a directory and files which
really belong to
Tomcat, then all kinds of weird and dangerous things will happen.
Such as JSP pages being served 'as is', and browsers being able to access directories and
files which Tomcat would normally forbid (such as the content of a
webapps/yourapp/WEB-INF
directory).
Post by Lou Wallace
How will selinux help? Not sure what you mean...
On Sun, Nov 25, 2018 at 3:16 PM Loai Abdallatif <
Post by Loai Abdallatif
try selinux to permissive mode using #setenforce 0 to exclude it from
analyses
Post by Lou Wallace
hey Greg,
No obvious errors in mod_jk log. Only has five lines
[Sun Nov 25 15:22:11.637 2018] [14159:139840145266816] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 15:22:11.657 2018] [14159:139840145266816] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 15:37:01.930 2018] [15407:140260327409792] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 15:37:01.951 2018] [15407:140260327409792] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 18:00:36.252 2018] [26421:139699565041792] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 18:00:36.276 2018] [26421:139699565041792] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
error_log
[Sun Nov 25 18:00:36.250346 2018] [core:notice] [pid 26421] SELinux
policy
Post by Lou Wallace
enabled; httpd running as context system_u:system_r:httpd_t:s0
suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Sun Nov 25 18:00:36.252380 2018] [jk:warn] [pid 26421] No JkLogFile
defined in httpd.conf. Using default /etc/httpd/logs/mod_jk.log
[Sun Nov 25 18:00:36.252466 2018] [jk:warn] [pid 26421] No JkShmFile
defined in httpd.conf. Using default /etc/httpd/logs/jk-runtime-status
[Sun Nov 25 18:00:36.273798 2018] [auth_digest:notice] [pid 26421]
generating secret for digest authentication ...
[Sun Nov 25 18:00:36.275236 2018] [lbmethod_heartbeat:notice] [pid
26421]
Post by Lou Wallace
Post by Loai Abdallatif
Post by Lou Wallace
AH02282: No slotmem from mod_heartmonitor
[Sun Nov 25 18:00:36.276120 2018] [jk:warn] [pid 26421] No JkLogFile
defined in httpd.conf. Using default /etc/httpd/logs/mod_jk.log
[Sun Nov 25 18:00:36.276179 2018] [jk:warn] [pid 26421] No JkShmFile
defined in httpd.conf. Using default /etc/httpd/logs/jk-runtime-status
[Sun Nov 25 18:00:36.280163 2018] [mpm_prefork:notice] [pid 26421]
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_jk/1.2.46 configured --
resuming normal operations
Command line: '/usr/sbin/httpd -D FOREGROUND'
Post by Greg Huber
OK, sorry, if you are remote then 8080 port may not be open.
You need to check tomcat app actually shows the page correctly.
If the page http://IP/index.jsp <http://IP:8080/index.jsp>
just shows the jsp, have a look at the /var/log/httpd logs to see what
its
Post by Greg Huber
doing,
eg access.log
xxx.xxx.xxx.xxx.xxx - - [25/Nov/2018:07:28:08 +0000] "GET /index.jsp
HTTP/1.1" 200 27080 "
also look in the error.log for errors
mod_jk.log
[Sun Nov 25 07:27:10 2018][1452:140132954712192] [info]
init_jk::mod_jk.c
Post by Lou Wallace
Post by Greg Huber
(3591): mod_jk/1.2.46 initialized
You could try yum package links which is a command line browser.
Name : links
Arch : x86_64
Epoch : 1
Version : 2.13
Release : 1.el7
Size : 2.8 M
Repo : epel/x86_64
Summary : Web browser running in both graphics and text mode
URL : http://links.twibright.com/
Licence : GPLv2+
Description : Links is a web browser capable of running in either
graphics
Post by Greg Huber
or text mode.
: It provides a pull-down menu system, renders complex
pages,
Post by Lou Wallace
Post by Greg Huber
has partial HTML
: 4.0 support (including tables, frames and support for
multiple character sets
: and UTF-8), supports color and monochrome terminals and
allows horizontal
: scrolling.
Post by Lou Wallace
How can I do that from the command line shell? I tried it from
browser
Post by Lou Wallace
Post by Greg Huber
and
Post by Lou Wallace
it timed out using http://IP:8080/index.jsp
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
But my .jsp web page is still showing as plain text
With tomcat running does it show correctly ie
http://127.0.0.1:8080/../mypage.jsp
then try http://127.0.0.1/../mypage.jsp
######
tomcat server.xml using default port
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
Post by Lou Wallace
hmm this is weird
After adding
#Options Indexes FollowSymLinks
#No folders/files listed
Options -Indexes -FollowSymLinks
I decided to allow httpd.conf to try and load mod_jk.so again so
I
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
added
Post by Greg Huber
Post by Lou Wallace
back LoadModule jk_module /etc/httpd/modules/mod_jk.so and
restarted
Post by Greg Huber
Post by Lou Wallace
Post by Greg Huber
httpd
Post by Lou Wallace
then when I do apachectl -M I see as last entry in the list
core_module (static)
so_module (static)
http_module (static)
access_compat_module (shared)
actions_module (shared)
alias_module (shared)
allowmethods_module (shared)
auth_basic_module (shared)
auth_digest_module (shared)
authn_anon_module (shared)
authn_core_module (shared)
authn_dbd_module (shared)
authn_dbm_module (shared)
authn_file_module (shared)
authn_socache_module (shared)
authz_core_module (shared)
authz_dbd_module (shared)
authz_dbm_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_owner_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cache_module (shared)
cache_disk_module (shared)
data_module (shared)
dbd_module (shared)
deflate_module (shared)
dir_module (shared)
dumpio_module (shared)
echo_module (shared)
env_module (shared)
expires_module (shared)
ext_filter_module (shared)
filter_module (shared)
headers_module (shared)
include_module (shared)
info_module (shared)
log_config_module (shared)
logio_module (shared)
mime_magic_module (shared)
mime_module (shared)
negotiation_module (shared)
remoteip_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
slotmem_plain_module (shared)
slotmem_shm_module (shared)
socache_dbm_module (shared)
socache_memcache_module (shared)
socache_shmcb_module (shared)
status_module (shared)
substitute_module (shared)
suexec_module (shared)
unique_id_module (shared)
unixd_module (shared)
userdir_module (shared)
version_module (shared)
vhost_alias_module (shared)
dav_module (shared)
dav_fs_module (shared)
dav_lock_module (shared)
lua_module (shared)
mpm_prefork_module (shared)
proxy_module (shared)
lbmethod_bybusyness_module (shared)
lbmethod_byrequests_module (shared)
lbmethod_bytraffic_module (shared)
lbmethod_heartbeat_module (shared)
proxy_ajp_module (shared)
proxy_balancer_module (shared)
proxy_connect_module (shared)
proxy_express_module (shared)
proxy_fcgi_module (shared)
proxy_fdpass_module (shared)
proxy_ftp_module (shared)
proxy_http_module (shared)
proxy_scgi_module (shared)
proxy_wstunnel_module (shared)
ssl_module (shared)
systemd_module (shared)
cgi_module (shared)
jk_module (shared)
So it says mod_jk is loaded
But my .jsp web page is still showing as plain text
Post by Lou Wallace
There's the problem, make sure you have copied mod_jk.so to
/etc/httpd/modules/mod_jk.so
My file size 1,556,816 bytes permission owner root and execute
ls -l /etc/httpd/modules/mod_jk.so
-rwxrwxr-x 1 root root
also check the x executable
And apachectl -M (sorry not -S)
...
jk_module (shared)
...
10-my.conf and my.conf are preferred as when yum updates httpd
it
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
also
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
updates /etc/httpd/conf/httpd.conf. If you change httpd.conf
you
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
then
Post by Greg Huber
Post by Lou Wallace
have
Post by Lou Wallace
to merge the httpd.conf.rpmnew as it won't overwrite config.
The only change I make in httpd.conf is to make sure there is
no
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Greg Huber
browsing
Post by Lou Wallace
Post by Lou Wallace
#Options Indexes FollowSymLinks
#No folders/files listed
Options -Indexes -FollowSymLinks
Cheers Greg
On Sat, 24 Nov 2018 at 22:02, Lou Wallace <
Post by Lou Wallace
Here is what I see
core_module (static)
so_module (static)
http_module (static)
access_compat_module (shared)
actions_module (shared)
alias_module (shared)
allowmethods_module (shared)
auth_basic_module (shared)
auth_digest_module (shared)
authn_anon_module (shared)
authn_core_module (shared)
authn_dbd_module (shared)
authn_dbm_module (shared)
authn_file_module (shared)
authn_socache_module (shared)
authz_core_module (shared)
authz_dbd_module (shared)
authz_dbm_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_owner_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cache_module (shared)
cache_disk_module (shared)
data_module (shared)
dbd_module (shared)
deflate_module (shared)
dir_module (shared)
dumpio_module (shared)
echo_module (shared)
env_module (shared)
expires_module (shared)
ext_filter_module (shared)
filter_module (shared)
headers_module (shared)
include_module (shared)
info_module (shared)
log_config_module (shared)
logio_module (shared)
mime_magic_module (shared)
mime_module (shared)
negotiation_module (shared)
remoteip_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
slotmem_plain_module (shared)
slotmem_shm_module (shared)
socache_dbm_module (shared)
socache_memcache_module (shared)
socache_shmcb_module (shared)
status_module (shared)
substitute_module (shared)
suexec_module (shared)
unique_id_module (shared)
unixd_module (shared)
userdir_module (shared)
version_module (shared)
vhost_alias_module (shared)
dav_module (shared)
dav_fs_module (shared)
dav_lock_module (shared)
lua_module (shared)
mpm_prefork_module (shared)
proxy_module (shared)
lbmethod_bybusyness_module (shared)
lbmethod_byrequests_module (shared)
lbmethod_bytraffic_module (shared)
lbmethod_heartbeat_module (shared)
proxy_ajp_module (shared)
proxy_balancer_module (shared)
proxy_connect_module (shared)
proxy_express_module (shared)
proxy_fcgi_module (shared)
proxy_fdpass_module (shared)
proxy_ftp_module (shared)
proxy_http_module (shared)
proxy_scgi_module (shared)
proxy_wstunnel_module (shared)
ssl_module (shared)
systemd_module (shared)
cgi_module (shared)
No mod_jk
On Sat, Nov 24, 2018 at 4:23 PM Christopher Schultz <
Post by Christopher Schultz
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Lou,
Post by Lou Wallace
Hi Greg,
I did this and restarted HTTPD. No error but no change.
Not sure how 10-my.conf and my.conf are called, but I did
create
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
Post by Lou Wallace
them as described.
Also when I checked configtest
and apachectl -S
*:443
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
Post by Lou Wallace
server2.us-west2-a.c.helpful-kingdom-220815.internal
(/etc/httpd/conf.d/ssl.conf:56) ServerRoot: "/etc/httpd"
Main
using_defaults
Post by Greg Huber
Post by Lou Wallace
Post by Greg Huber
Mutex
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
Post by Lou Wallace
authdigest-opaque: using_defaults Mutex
using_defaults Mutex rewrite-map: using_defaults Mutex
using_defaults Mutex proxy: using_defaults Mutex
using_defaults Mutex ssl-cache: using_defaults Mutex
_RH_HAS_HTTPPROTOCOLOPTIONS
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
Post by Lou Wallace
DUMP_VHOSTS Define: DUMP_RUN_CFG User: name="apache"
id=48
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
Post by Lou Wallace
name="apache" id=48
Looking forward to your thoughts.
$ apachectl -M
core_module (static)
log_config_module (static)
logio_module (static)
version_module (static)
mpm_prefork_module (static)
http_module (static)
so_module (static)
alias_module (shared)
auth_basic_module (shared)
authn_file_module (shared)
authz_default_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cgi_module (shared)
deflate_module (shared)
dir_module (shared)
env_module (shared)
headers_module (shared)
include_module (shared)
jk_module (shared) <-- here is mod_jk
mime_module (shared)
negotiation_module (shared)
php5_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
ssl_module (shared)
status_module (shared)
Syntax OK
If mod_jk isn't loading, obviously none of the
module-defined
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
directives will work.
- -chris
-----BEGIN PGP SIGNATURE-----
Comment: Using GnuPG with Thunderbird -
https://www.enigmail.net/
iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlv5wT8ACgkQHPApP6U8
pFgJMA//ex7/qu/RFlla2FiSxRDJeYfwxaGywm1IrtNXL2y0/nkjIyJKLuNkwfec
jWQm0ihAXKjBaLks9boK8dVmmEfEibsEDBSRK7LVtLwOd97PQgo6Wv8/itehOAQW
4Q8Vyc3Ov2PmXPTCzxehAyzdO8ltSZ5wFZ7TA6tXQYDzgY3yDxl3PMDl3Th0Byi1
tts6340/Ih4jhPdYoA0W9LXVqIYjEn/tzMgXUazjXE9jRUxP8bslOeMzQjiuLjvt
BkwNDqYoTN3INxwljJ9BXVumbk4DehIIx4lw1zuxdzuiLPHYxYsJY+pYLWtAY3i4
Op6ATyoKrBiOjjN6DIFWM0ilsRS0ktM7bdwRlRFCXGTUzfwv2v2qzv6PkRsaUbma
bQ9a7+FFMoHGgWQ62VUtByCyyzHsPI1RoRlXwHRNYufMI+1UpV4IxfqA8tbCcwc+
ONzzVti5y16K6mZAH4FDsU/WiFW35hkJLkDrkrvw/z3uCvQjn72etkQFoICUmlEY
uxirMQHdM8CKrJ7whqiH/1ihdJXwcOPU20QCAfwEbyE58oN+sJxFWDCbGjfVbOfe
l9yQrKzzp1rnNepPyeseCeOQqSKXBeBDahkSEO/WGDu2PYuOYf2vT/BV6cthLMlm
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
WhyNoGDl3P3Hr68i4Zwe3a++cXWfzosHpLQOP5RxggV9QUsvKn8=
=gAVW
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
---------------------------------------------------------------------
---------------------------------------------------------------------
To unsubscribe, e-mail: users-***@tomcat.apache.org
For additional commands, e-mail: users-***@tomcat.apache.org
Lou Wallace
2018-11-27 19:18:59 UTC
Permalink
Hi André,

Here is some info on the setup, let me know what it tells you.

tomcat
etc/tomcat
drwxrwxr-x. 3 root tomcat 23 Nov 18 17:48 Catalina
-rw-r--r--. 1 root tomcat 13443 Oct 16 09:16 catalina.policy
-rw-r--r--. 1 root tomcat 6496 Oct 16 09:16 catalina.properties
drwxr-xr-x. 2 root tomcat 20 Nov 18 17:48 conf.d
-rw-r--r--. 1 root tomcat 1394 Oct 16 09:16 context.xml
-rw-r--r--. 1 root tomcat 547 Oct 16 09:16 log4j.properties
-rw-r--r--. 1 root tomcat 3288 Oct 16 09:16 logging.properties
-rw-r--r--. 1 root tomcat 6613 Oct 16 09:16 server.xml
-rw-r--r--. 1 root tomcat 1651 Oct 16 09:16 tomcat.conf
-rw-r-----. 1 root tomcat 2418 Oct 16 09:16 tomcat-users.xml
-rw-r--r--. 1 root tomcat 167655 Oct 16 09:16 web.xml

DocumentRoot (from httpd.conf)
var/www/html

ServerRoot (from httpd.conf)
/etc/httpd

webapps directory is at
/var/lib/tomcat

tomcat.conf
# System-wide configuration file for tomcat services
# This will be loaded by systemd as an environment file,
# so please keep the syntax. For shell expansion support
# place your custom files as /etc/tomcat/conf.d/*.conf
#
# There are 2 "classes" of startup behavior in this package.
# The old one, the default service named tomcat.service.
# The new named instances are called ***@instance.service.
#
# Use this file to change default values for all services.
# Change the service specific ones to affect only one service.
# For tomcat.service it's /etc/sysconfig/tomcat, for
# ***@instance it's /etc/sysconfig/***@instance.

# This variable is used to figure out if config is loaded or not.
TOMCAT_CFG_LOADED="1"

# In new-style instances, if CATALINA_BASE isn't specified, it will
# be constructed by joining TOMCATS_BASE and NAME.
TOMCATS_BASE="/var/lib/tomcats/"

# Where your java installation lives
JAVA_HOME="/usr/lib/jvm/jre"

# Where your tomcat installation lives
CATALINA_HOME="/usr/share/tomcat"

# System-wide tmp
CATALINA_TMPDIR="/var/cache/tomcat/temp"

# You can pass some parameters to java here if you wish to
#JAVA_OPTS="-Xminf0.1 -Xmaxf0.3"

# Use JAVA_OPTS to set java.library.path for libtcnative.so
#JAVA_OPTS="-Djava.library.path=/usr/lib"

# You can change your tomcat locale here
#LANG="en_US"

# Run tomcat under the Java Security Manager
SECURITY_MANAGER="false"

# Time to wait in seconds, before killing process
# TODO(stingray): does nothing, fix.
# SHUTDOWN_WAIT="30"

# If you wish to further customize your tomcat environment,
# put your own definitions here
# (i.e. LD_LIBRARY_PATH for some jdbc drivers)





<http://www.avg.com/email-signature?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
Virus-free.
www.avg.com
<http://www.avg.com/email-signature?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
<#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>
Post by André Warnier (tomcat)
Post by Lou Wallace
Whew. Just read that link
Warning: If Apache and Tomcat are configured to serve content from the
same
Post by Lou Wallace
file system location then care must be taken to ensure that Apache is not
able to serve inappropriate content such as the contents of the WEB-INF
directory or JSP source code.
This could occur if the Apache DocumentRoot overlaps with a Tomcat Host's
appBase or the docBase of any Context. It could also occur when using the
Apache Alias directive with a Tomcat Host's appBase or the docBase of any
Context.
And I just checked and sure enough I can access from the browser the
contents of the site directory. Now I haven't yet configured httpd-vhosts
to define site yet - could that be why I can access the directory itself
from a browser?
And where do I look to see if Apache DocumentRoot overlaps with a Tomcat
Host's appBase or the docBase?
Make a picture. I'm not kidding.
Presumably, you know what a filesystem directory structure looks like.
So make a little schema of the Apache httpd document directories, starting at what is
indicated in the DocumentRoot of the httpd.conf (or apache2.conf or whatever it is on your
system); and make a similar schema of the directories of Tomcat, starting at the positions
mentioned in the appBase/docBase attributes.
If any of these overlap, you have a problem. It is not a fatal problem, and one can avoid
the problem with a careful httpd configuration. But if there is an overlap, you are always
at risk of forgetting to configure this properly, so better to avoid it altogether.
(Of course, all of this can happen only if Apache httpd and Tomcat are running on the same
host; if not, there is no such risk. Unless of course they share some common network
directories..
browser <- A+B -> httpd + mod_jk <-- B --> tomcat
| |
A B
| |
httpd DocumentRoot webapps
sub-directories |
and files -- webbap-1
- files (1)
|- WEB-INF
|- files (2)
- A+B are all requests sent by the browser, to the front-end httpd.
Some of these requests are for documents/applications on the front-end (A).
Some of these requests are for the back-end tomcat's webapps (B).
httpd + mod_jk "know" which requests to proxy to tomcat (B), by the "JkMount"
directives. What is not proxied to tomcat (aka "not B") is served locally by
httpd (A).
As long as "httpd DocumentRoot" and "webapps" are totally separate on disk, there is no
problem.
The problem is when some part of "httpd DocumentRoot" overlaps some part of "webapps".
Then for example a browser can send something which appears to be directed at httpd
(iow a URL addressing A), but which in reality accesses something under "webapps".
Because then, httpd will serve this "raw", and none of the security (or JSP compilation
and execution of (1)) of tomcat will ever even know that httpd is serving things from
under its nose, even forbidden things (2).
Clear ?
Post by Lou Wallace
Post by André Warnier (tomcat)
Hi.
I have not been following this in detail, but some of the things I've
seen
Post by Lou Wallace
Post by André Warnier (tomcat)
written made me
http://tomcat.apache.org/connectors-doc/reference/apache.html
In other words, if your front-end Apache httpd is configured in such a
way
Post by Lou Wallace
Post by André Warnier (tomcat)
that, to serve
a request URL from a browser, it /can/ access a directory and files
which
Post by Lou Wallace
Post by André Warnier (tomcat)
really belong to
Tomcat, then all kinds of weird and dangerous things will happen.
Such as JSP pages being served 'as is', and browsers being able to
access
Post by Lou Wallace
Post by André Warnier (tomcat)
directories and
files which Tomcat would normally forbid (such as the content of a
webapps/yourapp/WEB-INF
directory).
Post by Lou Wallace
How will selinux help? Not sure what you mean...
On Sun, Nov 25, 2018 at 3:16 PM Loai Abdallatif <
Post by Loai Abdallatif
try selinux to permissive mode using #setenforce 0 to exclude it from
analyses
Post by Lou Wallace
hey Greg,
No obvious errors in mod_jk log. Only has five lines
[Sun Nov 25 15:22:11.637 2018] [14159:139840145266816] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 15:22:11.657 2018] [14159:139840145266816] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 15:37:01.930 2018] [15407:140260327409792] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 15:37:01.951 2018] [15407:140260327409792] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 18:00:36.252 2018] [26421:139699565041792] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 18:00:36.276 2018] [26421:139699565041792] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
error_log
[Sun Nov 25 18:00:36.250346 2018] [core:notice] [pid 26421] SELinux
policy
Post by Lou Wallace
enabled; httpd running as context system_u:system_r:httpd_t:s0
[Sun Nov 25 18:00:36.251392 2018] [suexec:notice] [pid 26421]
suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Sun Nov 25 18:00:36.252380 2018] [jk:warn] [pid 26421] No JkLogFile
defined in httpd.conf. Using default /etc/httpd/logs/mod_jk.log
[Sun Nov 25 18:00:36.252466 2018] [jk:warn] [pid 26421] No JkShmFile
defined in httpd.conf. Using default
/etc/httpd/logs/jk-runtime-status
Post by Lou Wallace
Post by André Warnier (tomcat)
Post by Lou Wallace
Post by Loai Abdallatif
Post by Lou Wallace
[Sun Nov 25 18:00:36.273798 2018] [auth_digest:notice] [pid 26421]
generating secret for digest authentication ...
[Sun Nov 25 18:00:36.275236 2018] [lbmethod_heartbeat:notice] [pid
26421]
Post by Lou Wallace
Post by Loai Abdallatif
Post by Lou Wallace
AH02282: No slotmem from mod_heartmonitor
[Sun Nov 25 18:00:36.276120 2018] [jk:warn] [pid 26421] No JkLogFile
defined in httpd.conf. Using default /etc/httpd/logs/mod_jk.log
[Sun Nov 25 18:00:36.276179 2018] [jk:warn] [pid 26421] No JkShmFile
defined in httpd.conf. Using default
/etc/httpd/logs/jk-runtime-status
Post by Lou Wallace
Post by André Warnier (tomcat)
Post by Lou Wallace
Post by Loai Abdallatif
Post by Lou Wallace
[Sun Nov 25 18:00:36.280163 2018] [mpm_prefork:notice] [pid 26421]
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_jk/1.2.46 configured --
resuming normal operations
Command line: '/usr/sbin/httpd -D FOREGROUND'
Post by Greg Huber
OK, sorry, if you are remote then 8080 port may not be open.
You need to check tomcat app actually shows the page correctly.
If the page http://IP/index.jsp <http://IP:8080/index.jsp>
just shows the jsp, have a look at the /var/log/httpd logs to see
what
Post by Lou Wallace
Post by André Warnier (tomcat)
Post by Lou Wallace
Post by Loai Abdallatif
Post by Lou Wallace
its
Post by Greg Huber
doing,
eg access.log
xxx.xxx.xxx.xxx.xxx - - [25/Nov/2018:07:28:08 +0000] "GET /index.jsp
HTTP/1.1" 200 27080 "
also look in the error.log for errors
mod_jk.log
[Sun Nov 25 07:27:10 2018][1452:140132954712192] [info]
init_jk::mod_jk.c
Post by Lou Wallace
Post by Greg Huber
(3591): mod_jk/1.2.46 initialized
You could try yum package links which is a command line browser.
Name : links
Arch : x86_64
Epoch : 1
Version : 2.13
Release : 1.el7
Size : 2.8 M
Repo : epel/x86_64
Summary : Web browser running in both graphics and text mode
URL : http://links.twibright.com/
Licence : GPLv2+
Description : Links is a web browser capable of running in either
graphics
Post by Greg Huber
or text mode.
: It provides a pull-down menu system, renders complex
pages,
Post by Lou Wallace
Post by Greg Huber
has partial HTML
: 4.0 support (including tables, frames and support
for
Post by Lou Wallace
Post by André Warnier (tomcat)
Post by Lou Wallace
Post by Loai Abdallatif
Post by Lou Wallace
Post by Greg Huber
multiple character sets
: and UTF-8), supports color and monochrome terminals
and
Post by Lou Wallace
Post by André Warnier (tomcat)
Post by Lou Wallace
Post by Loai Abdallatif
Post by Lou Wallace
Post by Greg Huber
allows horizontal
: scrolling.
Post by Lou Wallace
How can I do that from the command line shell? I tried it from
browser
Post by Lou Wallace
Post by Greg Huber
and
Post by Lou Wallace
it timed out using http://IP:8080/index.jsp
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
But my .jsp web page is still showing as plain text
With tomcat running does it show correctly ie
http://127.0.0.1:8080/../mypage.jsp
then try http://127.0.0.1/../mypage.jsp
######
tomcat server.xml using default port
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
Post by Lou Wallace
hmm this is weird
After adding
#Options Indexes FollowSymLinks
#No folders/files listed
Options -Indexes -FollowSymLinks
I decided to allow httpd.conf to try and load mod_jk.so again so
I
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
added
Post by Greg Huber
Post by Lou Wallace
back LoadModule jk_module /etc/httpd/modules/mod_jk.so and
restarted
Post by Greg Huber
Post by Lou Wallace
Post by Greg Huber
httpd
Post by Lou Wallace
then when I do apachectl -M I see as last entry in the list
core_module (static)
so_module (static)
http_module (static)
access_compat_module (shared)
actions_module (shared)
alias_module (shared)
allowmethods_module (shared)
auth_basic_module (shared)
auth_digest_module (shared)
authn_anon_module (shared)
authn_core_module (shared)
authn_dbd_module (shared)
authn_dbm_module (shared)
authn_file_module (shared)
authn_socache_module (shared)
authz_core_module (shared)
authz_dbd_module (shared)
authz_dbm_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_owner_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cache_module (shared)
cache_disk_module (shared)
data_module (shared)
dbd_module (shared)
deflate_module (shared)
dir_module (shared)
dumpio_module (shared)
echo_module (shared)
env_module (shared)
expires_module (shared)
ext_filter_module (shared)
filter_module (shared)
headers_module (shared)
include_module (shared)
info_module (shared)
log_config_module (shared)
logio_module (shared)
mime_magic_module (shared)
mime_module (shared)
negotiation_module (shared)
remoteip_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
slotmem_plain_module (shared)
slotmem_shm_module (shared)
socache_dbm_module (shared)
socache_memcache_module (shared)
socache_shmcb_module (shared)
status_module (shared)
substitute_module (shared)
suexec_module (shared)
unique_id_module (shared)
unixd_module (shared)
userdir_module (shared)
version_module (shared)
vhost_alias_module (shared)
dav_module (shared)
dav_fs_module (shared)
dav_lock_module (shared)
lua_module (shared)
mpm_prefork_module (shared)
proxy_module (shared)
lbmethod_bybusyness_module (shared)
lbmethod_byrequests_module (shared)
lbmethod_bytraffic_module (shared)
lbmethod_heartbeat_module (shared)
proxy_ajp_module (shared)
proxy_balancer_module (shared)
proxy_connect_module (shared)
proxy_express_module (shared)
proxy_fcgi_module (shared)
proxy_fdpass_module (shared)
proxy_ftp_module (shared)
proxy_http_module (shared)
proxy_scgi_module (shared)
proxy_wstunnel_module (shared)
ssl_module (shared)
systemd_module (shared)
cgi_module (shared)
jk_module (shared)
So it says mod_jk is loaded
But my .jsp web page is still showing as plain text
Post by Lou Wallace
There's the problem, make sure you have copied mod_jk.so to
/etc/httpd/modules/mod_jk.so
My file size 1,556,816 bytes permission owner root and execute
ls -l /etc/httpd/modules/mod_jk.so
-rwxrwxr-x 1 root root
also check the x executable
And apachectl -M (sorry not -S)
...
jk_module (shared)
...
10-my.conf and my.conf are preferred as when yum updates httpd
it
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
also
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
updates /etc/httpd/conf/httpd.conf. If you change httpd.conf
you
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
then
Post by Greg Huber
Post by Lou Wallace
have
Post by Lou Wallace
to merge the httpd.conf.rpmnew as it won't overwrite config.
The only change I make in httpd.conf is to make sure there is
no
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Greg Huber
browsing
Post by Lou Wallace
Post by Lou Wallace
#Options Indexes FollowSymLinks
#No folders/files listed
Options -Indexes -FollowSymLinks
Cheers Greg
On Sat, 24 Nov 2018 at 22:02, Lou Wallace <
Post by Lou Wallace
Here is what I see
core_module (static)
so_module (static)
http_module (static)
access_compat_module (shared)
actions_module (shared)
alias_module (shared)
allowmethods_module (shared)
auth_basic_module (shared)
auth_digest_module (shared)
authn_anon_module (shared)
authn_core_module (shared)
authn_dbd_module (shared)
authn_dbm_module (shared)
authn_file_module (shared)
authn_socache_module (shared)
authz_core_module (shared)
authz_dbd_module (shared)
authz_dbm_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_owner_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cache_module (shared)
cache_disk_module (shared)
data_module (shared)
dbd_module (shared)
deflate_module (shared)
dir_module (shared)
dumpio_module (shared)
echo_module (shared)
env_module (shared)
expires_module (shared)
ext_filter_module (shared)
filter_module (shared)
headers_module (shared)
include_module (shared)
info_module (shared)
log_config_module (shared)
logio_module (shared)
mime_magic_module (shared)
mime_module (shared)
negotiation_module (shared)
remoteip_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
slotmem_plain_module (shared)
slotmem_shm_module (shared)
socache_dbm_module (shared)
socache_memcache_module (shared)
socache_shmcb_module (shared)
status_module (shared)
substitute_module (shared)
suexec_module (shared)
unique_id_module (shared)
unixd_module (shared)
userdir_module (shared)
version_module (shared)
vhost_alias_module (shared)
dav_module (shared)
dav_fs_module (shared)
dav_lock_module (shared)
lua_module (shared)
mpm_prefork_module (shared)
proxy_module (shared)
lbmethod_bybusyness_module (shared)
lbmethod_byrequests_module (shared)
lbmethod_bytraffic_module (shared)
lbmethod_heartbeat_module (shared)
proxy_ajp_module (shared)
proxy_balancer_module (shared)
proxy_connect_module (shared)
proxy_express_module (shared)
proxy_fcgi_module (shared)
proxy_fdpass_module (shared)
proxy_ftp_module (shared)
proxy_http_module (shared)
proxy_scgi_module (shared)
proxy_wstunnel_module (shared)
ssl_module (shared)
systemd_module (shared)
cgi_module (shared)
No mod_jk
On Sat, Nov 24, 2018 at 4:23 PM Christopher Schultz <
Post by Christopher Schultz
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Lou,
Post by Lou Wallace
Hi Greg,
I did this and restarted HTTPD. No error but no change.
Not sure how 10-my.conf and my.conf are called, but I did
create
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
Post by Lou Wallace
them as described.
Also when I checked configtest
and apachectl -S
*:443
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
Post by Lou Wallace
server2.us-west2-a.c.helpful-kingdom-220815.internal
(/etc/httpd/conf.d/ssl.conf:56) ServerRoot: "/etc/httpd"
Main
using_defaults
Post by Greg Huber
Post by Lou Wallace
Post by Greg Huber
Mutex
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
Post by Lou Wallace
authdigest-opaque: using_defaults Mutex
using_defaults Mutex rewrite-map: using_defaults Mutex
using_defaults Mutex proxy: using_defaults Mutex
using_defaults Mutex ssl-cache: using_defaults Mutex
_RH_HAS_HTTPPROTOCOLOPTIONS
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
Post by Lou Wallace
DUMP_VHOSTS Define: DUMP_RUN_CFG User: name="apache"
id=48
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
Post by Lou Wallace
name="apache" id=48
Looking forward to your thoughts.
$ apachectl -M
core_module (static)
log_config_module (static)
logio_module (static)
version_module (static)
mpm_prefork_module (static)
http_module (static)
so_module (static)
alias_module (shared)
auth_basic_module (shared)
authn_file_module (shared)
authz_default_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cgi_module (shared)
deflate_module (shared)
dir_module (shared)
env_module (shared)
headers_module (shared)
include_module (shared)
jk_module (shared) <-- here is mod_jk
mime_module (shared)
negotiation_module (shared)
php5_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
ssl_module (shared)
status_module (shared)
Syntax OK
If mod_jk isn't loading, obviously none of the
module-defined
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
directives will work.
- -chris
-----BEGIN PGP SIGNATURE-----
Comment: Using GnuPG with Thunderbird -
https://www.enigmail.net/
iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlv5wT8ACgkQHPApP6U8
pFgJMA//ex7/qu/RFlla2FiSxRDJeYfwxaGywm1IrtNXL2y0/nkjIyJKLuNkwfec
jWQm0ihAXKjBaLks9boK8dVmmEfEibsEDBSRK7LVtLwOd97PQgo6Wv8/itehOAQW
4Q8Vyc3Ov2PmXPTCzxehAyzdO8ltSZ5wFZ7TA6tXQYDzgY3yDxl3PMDl3Th0Byi1
tts6340/Ih4jhPdYoA0W9LXVqIYjEn/tzMgXUazjXE9jRUxP8bslOeMzQjiuLjvt
BkwNDqYoTN3INxwljJ9BXVumbk4DehIIx4lw1zuxdzuiLPHYxYsJY+pYLWtAY3i4
Op6ATyoKrBiOjjN6DIFWM0ilsRS0ktM7bdwRlRFCXGTUzfwv2v2qzv6PkRsaUbma
bQ9a7+FFMoHGgWQ62VUtByCyyzHsPI1RoRlXwHRNYufMI+1UpV4IxfqA8tbCcwc+
ONzzVti5y16K6mZAH4FDsU/WiFW35hkJLkDrkrvw/z3uCvQjn72etkQFoICUmlEY
uxirMQHdM8CKrJ7whqiH/1ihdJXwcOPU20QCAfwEbyE58oN+sJxFWDCbGjfVbOfe
l9yQrKzzp1rnNepPyeseCeOQqSKXBeBDahkSEO/WGDu2PYuOYf2vT/BV6cthLMlm
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
WhyNoGDl3P3Hr68i4Zwe3a++cXWfzosHpLQOP5RxggV9QUsvKn8=
=gAVW
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
---------------------------------------------------------------------
---------------------------------------------------------------------
<http://www.avg.com/email-signature?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
Virus-free.
www.avg.com
<http://www.avg.com/email-signature?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
<#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>
André Warnier (tomcat)
2018-11-28 09:23:00 UTC
Permalink
hi.

1) I have removed the previous correspondence from this email, because by now it has
become pretty much unreadable anyway.
Also, there are 2 links at the bottom of your last email (to "avg"-something). I don't
know if these are supposed to provide some additional information, but they both lead to a
page asking me to install something on my laptop, which of course I am not going to do.

2) according to the paths which you show below, it does not look like there is an overlap
between the httpd DocumentRoot and the tomcat webapps directory.
(Of course that does not show if there are any symlinks anywhere which may provide such a
connection on the sly. But let's suppose there aren't, and let's for now forget about that
red warning in the documentation.)

3) I do not really remember what the stage of your problem is right now. Can you summarise
it again ?
(And remind us of the versions of Java and tomcat please, it will save us a search through
the archive.)


What I suppose is that you now have this configuration, on one host for httpd and tomcat :

browser <- HTTP/S -> httpd + mod_jk <- AJP -> tomcat AJP Connector
|
webapps
|
your webapp
|- files (HTML, JSP)
|- WEB-INF
|- private files

(Note in the above, that the protocol between mod_jk and tomcat is AJP, not HTTP/S. In
summary, it is a binary and somewhat optimised version of HTTP, which only mod_jk and the
AJP Connector in tomcat understand. But that should be transparent as far as tomcat
webapps are concerned).

You have a "workers.properties" file somewhere which tells the mod_jk module "where" the
tomcat instance is ("name", host/IP, port), and the AJP Connector in tomcat matches that
IP and port.

You also have a mod_jk setup (in the Apache config) that tells httpd which URLs should be
forwarded to which tomcat instance. These are the "JkMount" directives.

There are also logfiles, for both httpd and tomcat, which are generally helpful to find
out what happens.

I also seem to remember that initially, you had a problem getting httpd to load the mod_jk
module, but that now this is resolved, and the command "apache2ctl -M" shows the list of
loaded modules, including mod_jk.

So wat is the remaining issue ?

Note also :
In the information below, there is mention of a
Post by Lou Wallace
TOMCATS_BASE="/var/lib/tomcats/"
variable and directory. This is not something that I know. It may be new in recent
versions of tomcat, or it may be something which the CentOS package managers do.
(I also do not find it in the "RUNNING.txt" file of the tomcat 9 distribution, so I guess
that it is CentOS-specific.)
There may be more things like that, which may complicate a bit our efforts to help you,
because we do not necessarily have a CentOS system like yours at hand.
Post by Lou Wallace
Hi André,
Here is some info on the setup, let me know what it tells you.
tomcat
etc/tomcat
drwxrwxr-x. 3 root tomcat 23 Nov 18 17:48 Catalina
-rw-r--r--. 1 root tomcat 13443 Oct 16 09:16 catalina.policy
-rw-r--r--. 1 root tomcat 6496 Oct 16 09:16 catalina.properties
drwxr-xr-x. 2 root tomcat 20 Nov 18 17:48 conf.d
-rw-r--r--. 1 root tomcat 1394 Oct 16 09:16 context.xml
-rw-r--r--. 1 root tomcat 547 Oct 16 09:16 log4j.properties
-rw-r--r--. 1 root tomcat 3288 Oct 16 09:16 logging.properties
-rw-r--r--. 1 root tomcat 6613 Oct 16 09:16 server.xml
-rw-r--r--. 1 root tomcat 1651 Oct 16 09:16 tomcat.conf
-rw-r-----. 1 root tomcat 2418 Oct 16 09:16 tomcat-users.xml
-rw-r--r--. 1 root tomcat 167655 Oct 16 09:16 web.xml
DocumentRoot (from httpd.conf)
var/www/html
ServerRoot (from httpd.conf)
/etc/httpd
webapps directory is at
/var/lib/tomcat
tomcat.conf
# System-wide configuration file for tomcat services
# This will be loaded by systemd as an environment file,
# so please keep the syntax. For shell expansion support
# place your custom files as /etc/tomcat/conf.d/*.conf
#
# There are 2 "classes" of startup behavior in this package.
# The old one, the default service named tomcat.service.
#
# Use this file to change default values for all services.
# Change the service specific ones to affect only one service.
# For tomcat.service it's /etc/sysconfig/tomcat, for
# This variable is used to figure out if config is loaded or not.
TOMCAT_CFG_LOADED="1"
# In new-style instances, if CATALINA_BASE isn't specified, it will
# be constructed by joining TOMCATS_BASE and NAME.
TOMCATS_BASE="/var/lib/tomcats/"
# Where your java installation lives
JAVA_HOME="/usr/lib/jvm/jre"
# Where your tomcat installation lives
CATALINA_HOME="/usr/share/tomcat"
# System-wide tmp
CATALINA_TMPDIR="/var/cache/tomcat/temp"
# You can pass some parameters to java here if you wish to
#JAVA_OPTS="-Xminf0.1 -Xmaxf0.3"
# Use JAVA_OPTS to set java.library.path for libtcnative.so
#JAVA_OPTS="-Djava.library.path=/usr/lib"
# You can change your tomcat locale here
#LANG="en_US"
# Run tomcat under the Java Security Manager
SECURITY_MANAGER="false"
# Time to wait in seconds, before killing process
# TODO(stingray): does nothing, fix.
# SHUTDOWN_WAIT="30"
# If you wish to further customize your tomcat environment,
# put your own definitions here
# (i.e. LD_LIBRARY_PATH for some jdbc drivers)
---------------------------------------------------------------------
To unsubscribe, e-mail: users-***@tomcat.apache.org
For additional commands, e-mail: users-***@tomcat.apache.org

Loai Abdallatif
2018-11-25 20:37:54 UTC
Permalink
you are running apache with selinux context . just try to avoid its
complexity
Post by Lou Wallace
How will selinux help? Not sure what you mean...
Post by Loai Abdallatif
try selinux to permissive mode using #setenforce 0 to exclude it from
analyses
Post by Lou Wallace
hey Greg,
No obvious errors in mod_jk log. Only has five lines
[Sun Nov 25 15:22:11.637 2018] [14159:139840145266816] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 15:22:11.657 2018] [14159:139840145266816] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 15:37:01.930 2018] [15407:140260327409792] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 15:37:01.951 2018] [15407:140260327409792] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 18:00:36.252 2018] [26421:139699565041792] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 18:00:36.276 2018] [26421:139699565041792] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
error_log
[Sun Nov 25 18:00:36.250346 2018] [core:notice] [pid 26421] SELinux
policy
Post by Lou Wallace
enabled; httpd running as context system_u:system_r:httpd_t:s0
suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Sun Nov 25 18:00:36.252380 2018] [jk:warn] [pid 26421] No JkLogFile
defined in httpd.conf. Using default /etc/httpd/logs/mod_jk.log
[Sun Nov 25 18:00:36.252466 2018] [jk:warn] [pid 26421] No JkShmFile
defined in httpd.conf. Using default /etc/httpd/logs/jk-runtime-status
[Sun Nov 25 18:00:36.273798 2018] [auth_digest:notice] [pid 26421]
generating secret for digest authentication ...
[Sun Nov 25 18:00:36.275236 2018] [lbmethod_heartbeat:notice] [pid
26421]
Post by Loai Abdallatif
Post by Lou Wallace
AH02282: No slotmem from mod_heartmonitor
[Sun Nov 25 18:00:36.276120 2018] [jk:warn] [pid 26421] No JkLogFile
defined in httpd.conf. Using default /etc/httpd/logs/mod_jk.log
[Sun Nov 25 18:00:36.276179 2018] [jk:warn] [pid 26421] No JkShmFile
defined in httpd.conf. Using default /etc/httpd/logs/jk-runtime-status
[Sun Nov 25 18:00:36.280163 2018] [mpm_prefork:notice] [pid 26421]
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_jk/1.2.46 configured --
resuming normal operations
Command line: '/usr/sbin/httpd -D FOREGROUND'
Post by Greg Huber
OK, sorry, if you are remote then 8080 port may not be open.
You need to check tomcat app actually shows the page correctly.
If the page http://IP/index.jsp <http://IP:8080/index.jsp>
just shows the jsp, have a look at the /var/log/httpd logs to see
what
Post by Loai Abdallatif
Post by Lou Wallace
its
Post by Greg Huber
doing,
eg access.log
xxx.xxx.xxx.xxx.xxx - - [25/Nov/2018:07:28:08 +0000] "GET /index.jsp
HTTP/1.1" 200 27080 "
also look in the error.log for errors
mod_jk.log
[Sun Nov 25 07:27:10 2018][1452:140132954712192] [info]
init_jk::mod_jk.c
Post by Lou Wallace
Post by Greg Huber
(3591): mod_jk/1.2.46 initialized
You could try yum package links which is a command line browser.
Name : links
Arch : x86_64
Epoch : 1
Version : 2.13
Release : 1.el7
Size : 2.8 M
Repo : epel/x86_64
Summary : Web browser running in both graphics and text mode
URL : http://links.twibright.com/
Licence : GPLv2+
Description : Links is a web browser capable of running in either
graphics
Post by Greg Huber
or text mode.
: It provides a pull-down menu system, renders complex
pages,
Post by Lou Wallace
Post by Greg Huber
has partial HTML
: 4.0 support (including tables, frames and support for
multiple character sets
: and UTF-8), supports color and monochrome terminals and
allows horizontal
: scrolling.
Post by Lou Wallace
How can I do that from the command line shell? I tried it from
browser
Post by Lou Wallace
Post by Greg Huber
and
Post by Lou Wallace
it timed out using http://IP:8080/index.jsp
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
But my .jsp web page is still showing as plain text
With tomcat running does it show correctly ie
http://127.0.0.1:8080/../mypage.jsp
then try http://127.0.0.1/../mypage.jsp
######
tomcat server.xml using default port
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
On Sun, 25 Nov 2018 at 15:28, Lou Wallace <
Post by Lou Wallace
hmm this is weird
After adding
#Options Indexes FollowSymLinks
#No folders/files listed
Options -Indexes -FollowSymLinks
I decided to allow httpd.conf to try and load mod_jk.so again
so
Post by Loai Abdallatif
I
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
added
Post by Greg Huber
Post by Lou Wallace
back LoadModule jk_module /etc/httpd/modules/mod_jk.so and
restarted
Post by Greg Huber
Post by Lou Wallace
Post by Greg Huber
httpd
Post by Lou Wallace
then when I do apachectl -M I see as last entry in the list
core_module (static)
so_module (static)
http_module (static)
access_compat_module (shared)
actions_module (shared)
alias_module (shared)
allowmethods_module (shared)
auth_basic_module (shared)
auth_digest_module (shared)
authn_anon_module (shared)
authn_core_module (shared)
authn_dbd_module (shared)
authn_dbm_module (shared)
authn_file_module (shared)
authn_socache_module (shared)
authz_core_module (shared)
authz_dbd_module (shared)
authz_dbm_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_owner_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cache_module (shared)
cache_disk_module (shared)
data_module (shared)
dbd_module (shared)
deflate_module (shared)
dir_module (shared)
dumpio_module (shared)
echo_module (shared)
env_module (shared)
expires_module (shared)
ext_filter_module (shared)
filter_module (shared)
headers_module (shared)
include_module (shared)
info_module (shared)
log_config_module (shared)
logio_module (shared)
mime_magic_module (shared)
mime_module (shared)
negotiation_module (shared)
remoteip_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
slotmem_plain_module (shared)
slotmem_shm_module (shared)
socache_dbm_module (shared)
socache_memcache_module (shared)
socache_shmcb_module (shared)
status_module (shared)
substitute_module (shared)
suexec_module (shared)
unique_id_module (shared)
unixd_module (shared)
userdir_module (shared)
version_module (shared)
vhost_alias_module (shared)
dav_module (shared)
dav_fs_module (shared)
dav_lock_module (shared)
lua_module (shared)
mpm_prefork_module (shared)
proxy_module (shared)
lbmethod_bybusyness_module (shared)
lbmethod_byrequests_module (shared)
lbmethod_bytraffic_module (shared)
lbmethod_heartbeat_module (shared)
proxy_ajp_module (shared)
proxy_balancer_module (shared)
proxy_connect_module (shared)
proxy_express_module (shared)
proxy_fcgi_module (shared)
proxy_fdpass_module (shared)
proxy_ftp_module (shared)
proxy_http_module (shared)
proxy_scgi_module (shared)
proxy_wstunnel_module (shared)
ssl_module (shared)
systemd_module (shared)
cgi_module (shared)
jk_module (shared)
So it says mod_jk is loaded
But my .jsp web page is still showing as plain text
On Sun, Nov 25, 2018 at 5:28 AM Greg Huber <
Post by Lou Wallace
There's the problem, make sure you have copied mod_jk.so to
/etc/httpd/modules/mod_jk.so
My file size 1,556,816 bytes permission owner root and
execute
Post by Loai Abdallatif
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
ls -l /etc/httpd/modules/mod_jk.so
-rwxrwxr-x 1 root root
also check the x executable
And apachectl -M (sorry not -S)
...
jk_module (shared)
...
10-my.conf and my.conf are preferred as when yum updates
httpd
Post by Loai Abdallatif
it
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
also
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
updates /etc/httpd/conf/httpd.conf. If you change httpd.conf
you
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
then
Post by Greg Huber
Post by Lou Wallace
have
Post by Lou Wallace
to merge the httpd.conf.rpmnew as it won't overwrite config.
The only change I make in httpd.conf is to make sure there is
no
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Greg Huber
browsing
Post by Lou Wallace
Post by Lou Wallace
#Options Indexes FollowSymLinks
#No folders/files listed
Options -Indexes -FollowSymLinks
Cheers Greg
On Sat, 24 Nov 2018 at 22:02, Lou Wallace <
Post by Lou Wallace
Here is what I see
core_module (static)
so_module (static)
http_module (static)
access_compat_module (shared)
actions_module (shared)
alias_module (shared)
allowmethods_module (shared)
auth_basic_module (shared)
auth_digest_module (shared)
authn_anon_module (shared)
authn_core_module (shared)
authn_dbd_module (shared)
authn_dbm_module (shared)
authn_file_module (shared)
authn_socache_module (shared)
authz_core_module (shared)
authz_dbd_module (shared)
authz_dbm_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_owner_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cache_module (shared)
cache_disk_module (shared)
data_module (shared)
dbd_module (shared)
deflate_module (shared)
dir_module (shared)
dumpio_module (shared)
echo_module (shared)
env_module (shared)
expires_module (shared)
ext_filter_module (shared)
filter_module (shared)
headers_module (shared)
include_module (shared)
info_module (shared)
log_config_module (shared)
logio_module (shared)
mime_magic_module (shared)
mime_module (shared)
negotiation_module (shared)
remoteip_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
slotmem_plain_module (shared)
slotmem_shm_module (shared)
socache_dbm_module (shared)
socache_memcache_module (shared)
socache_shmcb_module (shared)
status_module (shared)
substitute_module (shared)
suexec_module (shared)
unique_id_module (shared)
unixd_module (shared)
userdir_module (shared)
version_module (shared)
vhost_alias_module (shared)
dav_module (shared)
dav_fs_module (shared)
dav_lock_module (shared)
lua_module (shared)
mpm_prefork_module (shared)
proxy_module (shared)
lbmethod_bybusyness_module (shared)
lbmethod_byrequests_module (shared)
lbmethod_bytraffic_module (shared)
lbmethod_heartbeat_module (shared)
proxy_ajp_module (shared)
proxy_balancer_module (shared)
proxy_connect_module (shared)
proxy_express_module (shared)
proxy_fcgi_module (shared)
proxy_fdpass_module (shared)
proxy_ftp_module (shared)
proxy_http_module (shared)
proxy_scgi_module (shared)
proxy_wstunnel_module (shared)
ssl_module (shared)
systemd_module (shared)
cgi_module (shared)
No mod_jk
On Sat, Nov 24, 2018 at 4:23 PM Christopher Schultz <
Post by Christopher Schultz
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Lou,
Post by Lou Wallace
Hi Greg,
I did this and restarted HTTPD. No error but no change.
Not sure how 10-my.conf and my.conf are called, but I
did
Post by Loai Abdallatif
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
create
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
Post by Lou Wallace
them as described.
Also when I checked configtest
and apachectl -S
*:443
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
Post by Lou Wallace
server2.us-west2-a.c.helpful-kingdom-220815.internal
"/etc/httpd"
Post by Loai Abdallatif
Post by Lou Wallace
Main
using_defaults
Post by Greg Huber
Post by Lou Wallace
Post by Greg Huber
Mutex
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
Post by Lou Wallace
authdigest-opaque: using_defaults Mutex
using_defaults Mutex rewrite-map: using_defaults Mutex
using_defaults Mutex proxy: using_defaults Mutex
using_defaults Mutex ssl-cache: using_defaults Mutex
_RH_HAS_HTTPPROTOCOLOPTIONS
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
Post by Lou Wallace
DUMP_VHOSTS Define: DUMP_RUN_CFG User: name="apache"
id=48
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
Post by Lou Wallace
name="apache" id=48
Looking forward to your thoughts.
$ apachectl -M
core_module (static)
log_config_module (static)
logio_module (static)
version_module (static)
mpm_prefork_module (static)
http_module (static)
so_module (static)
alias_module (shared)
auth_basic_module (shared)
authn_file_module (shared)
authz_default_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cgi_module (shared)
deflate_module (shared)
dir_module (shared)
env_module (shared)
headers_module (shared)
include_module (shared)
jk_module (shared) <-- here is mod_jk
mime_module (shared)
negotiation_module (shared)
php5_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
ssl_module (shared)
status_module (shared)
Syntax OK
If mod_jk isn't loading, obviously none of the
module-defined
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
directives will work.
- -chris
-----BEGIN PGP SIGNATURE-----
Comment: Using GnuPG with Thunderbird -
https://www.enigmail.net/
iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlv5wT8ACgkQHPApP6U8
pFgJMA//ex7/qu/RFlla2FiSxRDJeYfwxaGywm1IrtNXL2y0/nkjIyJKLuNkwfec
jWQm0ihAXKjBaLks9boK8dVmmEfEibsEDBSRK7LVtLwOd97PQgo6Wv8/itehOAQW
4Q8Vyc3Ov2PmXPTCzxehAyzdO8ltSZ5wFZ7TA6tXQYDzgY3yDxl3PMDl3Th0Byi1
tts6340/Ih4jhPdYoA0W9LXVqIYjEn/tzMgXUazjXE9jRUxP8bslOeMzQjiuLjvt
BkwNDqYoTN3INxwljJ9BXVumbk4DehIIx4lw1zuxdzuiLPHYxYsJY+pYLWtAY3i4
Op6ATyoKrBiOjjN6DIFWM0ilsRS0ktM7bdwRlRFCXGTUzfwv2v2qzv6PkRsaUbma
bQ9a7+FFMoHGgWQ62VUtByCyyzHsPI1RoRlXwHRNYufMI+1UpV4IxfqA8tbCcwc+
ONzzVti5y16K6mZAH4FDsU/WiFW35hkJLkDrkrvw/z3uCvQjn72etkQFoICUmlEY
uxirMQHdM8CKrJ7whqiH/1ihdJXwcOPU20QCAfwEbyE58oN+sJxFWDCbGjfVbOfe
l9yQrKzzp1rnNepPyeseCeOQqSKXBeBDahkSEO/WGDu2PYuOYf2vT/BV6cthLMlm
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
WhyNoGDl3P3Hr68i4Zwe3a++cXWfzosHpLQOP5RxggV9QUsvKn8=
=gAVW
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
Greg Huber
2018-11-26 07:58:50 UTC
Permalink
Post by Lou Wallace
[Sun Nov 25 18:00:36.250346 2018] [core:notice] [pid 26421] SELinux
policy enabled; httpd running as context system_u:system_r:httpd_t:s0
Unless its a requirement of your host services just disable selinux as it
adds complexity. When apache/tomcat is up and running you can enable it
and then try and get it working with selinux.
How will selinux help? Not sure what you mean...
Post by Lou Wallace
try selinux to permissive mode using #setenforce 0 to exclude it from
analyses
Post by Lou Wallace
hey Greg,
No obvious errors in mod_jk log. Only has five lines
[Sun Nov 25 15:22:11.637 2018] [14159:139840145266816] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 15:22:11.657 2018] [14159:139840145266816] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 15:37:01.930 2018] [15407:140260327409792] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 15:37:01.951 2018] [15407:140260327409792] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 18:00:36.252 2018] [26421:139699565041792] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 18:00:36.276 2018] [26421:139699565041792] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
error_log
[Sun Nov 25 18:00:36.250346 2018] [core:notice] [pid 26421] SELinux
policy
Post by Lou Wallace
enabled; httpd running as context system_u:system_r:httpd_t:s0
suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Sun Nov 25 18:00:36.252380 2018] [jk:warn] [pid 26421] No JkLogFile
defined in httpd.conf. Using default /etc/httpd/logs/mod_jk.log
[Sun Nov 25 18:00:36.252466 2018] [jk:warn] [pid 26421] No JkShmFile
defined in httpd.conf. Using default /etc/httpd/logs/jk-runtime-status
[Sun Nov 25 18:00:36.273798 2018] [auth_digest:notice] [pid 26421]
generating secret for digest authentication ...
[Sun Nov 25 18:00:36.275236 2018] [lbmethod_heartbeat:notice] [pid
26421]
Post by Lou Wallace
Post by Lou Wallace
AH02282: No slotmem from mod_heartmonitor
[Sun Nov 25 18:00:36.276120 2018] [jk:warn] [pid 26421] No JkLogFile
defined in httpd.conf. Using default /etc/httpd/logs/mod_jk.log
[Sun Nov 25 18:00:36.276179 2018] [jk:warn] [pid 26421] No JkShmFile
defined in httpd.conf. Using default /etc/httpd/logs/jk-runtime-status
[Sun Nov 25 18:00:36.280163 2018] [mpm_prefork:notice] [pid 26421]
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_jk/1.2.46 configured --
resuming normal operations
Command line: '/usr/sbin/httpd -D FOREGROUND'
Post by Greg Huber
OK, sorry, if you are remote then 8080 port may not be open.
You need to check tomcat app actually shows the page correctly.
If the page http://IP/index.jsp <http://IP:8080/index.jsp>
just shows the jsp, have a look at the /var/log/httpd logs to see
what
Post by Lou Wallace
Post by Lou Wallace
its
Post by Greg Huber
doing,
eg access.log
xxx.xxx.xxx.xxx.xxx - - [25/Nov/2018:07:28:08 +0000] "GET /index.jsp
HTTP/1.1" 200 27080 "
also look in the error.log for errors
mod_jk.log
[Sun Nov 25 07:27:10 2018][1452:140132954712192] [info]
init_jk::mod_jk.c
Post by Lou Wallace
Post by Greg Huber
(3591): mod_jk/1.2.46 initialized
You could try yum package links which is a command line browser.
Name : links
Arch : x86_64
Epoch : 1
Version : 2.13
Release : 1.el7
Size : 2.8 M
Repo : epel/x86_64
Summary : Web browser running in both graphics and text mode
URL : http://links.twibright.com/
Licence : GPLv2+
Description : Links is a web browser capable of running in either
graphics
Post by Greg Huber
or text mode.
: It provides a pull-down menu system, renders complex
pages,
Post by Lou Wallace
Post by Greg Huber
has partial HTML
: 4.0 support (including tables, frames and support for
multiple character sets
: and UTF-8), supports color and monochrome terminals and
allows horizontal
: scrolling.
Post by Lou Wallace
How can I do that from the command line shell? I tried it from
browser
Post by Lou Wallace
Post by Greg Huber
and
Post by Lou Wallace
it timed out using http://IP:8080/index.jsp
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
But my .jsp web page is still showing as plain text
With tomcat running does it show correctly ie
http://127.0.0.1:8080/../mypage.jsp
then try http://127.0.0.1/../mypage.jsp
######
tomcat server.xml using default port
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
On Sun, 25 Nov 2018 at 15:28, Lou Wallace <
Post by Lou Wallace
hmm this is weird
After adding
#Options Indexes FollowSymLinks
#No folders/files listed
Options -Indexes -FollowSymLinks
I decided to allow httpd.conf to try and load mod_jk.so again
so
Post by Lou Wallace
I
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
added
Post by Greg Huber
Post by Lou Wallace
back LoadModule jk_module /etc/httpd/modules/mod_jk.so and
restarted
Post by Greg Huber
Post by Lou Wallace
Post by Greg Huber
httpd
Post by Lou Wallace
then when I do apachectl -M I see as last entry in the list
core_module (static)
so_module (static)
http_module (static)
access_compat_module (shared)
actions_module (shared)
alias_module (shared)
allowmethods_module (shared)
auth_basic_module (shared)
auth_digest_module (shared)
authn_anon_module (shared)
authn_core_module (shared)
authn_dbd_module (shared)
authn_dbm_module (shared)
authn_file_module (shared)
authn_socache_module (shared)
authz_core_module (shared)
authz_dbd_module (shared)
authz_dbm_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_owner_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cache_module (shared)
cache_disk_module (shared)
data_module (shared)
dbd_module (shared)
deflate_module (shared)
dir_module (shared)
dumpio_module (shared)
echo_module (shared)
env_module (shared)
expires_module (shared)
ext_filter_module (shared)
filter_module (shared)
headers_module (shared)
include_module (shared)
info_module (shared)
log_config_module (shared)
logio_module (shared)
mime_magic_module (shared)
mime_module (shared)
negotiation_module (shared)
remoteip_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
slotmem_plain_module (shared)
slotmem_shm_module (shared)
socache_dbm_module (shared)
socache_memcache_module (shared)
socache_shmcb_module (shared)
status_module (shared)
substitute_module (shared)
suexec_module (shared)
unique_id_module (shared)
unixd_module (shared)
userdir_module (shared)
version_module (shared)
vhost_alias_module (shared)
dav_module (shared)
dav_fs_module (shared)
dav_lock_module (shared)
lua_module (shared)
mpm_prefork_module (shared)
proxy_module (shared)
lbmethod_bybusyness_module (shared)
lbmethod_byrequests_module (shared)
lbmethod_bytraffic_module (shared)
lbmethod_heartbeat_module (shared)
proxy_ajp_module (shared)
proxy_balancer_module (shared)
proxy_connect_module (shared)
proxy_express_module (shared)
proxy_fcgi_module (shared)
proxy_fdpass_module (shared)
proxy_ftp_module (shared)
proxy_http_module (shared)
proxy_scgi_module (shared)
proxy_wstunnel_module (shared)
ssl_module (shared)
systemd_module (shared)
cgi_module (shared)
jk_module (shared)
So it says mod_jk is loaded
But my .jsp web page is still showing as plain text
On Sun, Nov 25, 2018 at 5:28 AM Greg Huber <
Post by Lou Wallace
There's the problem, make sure you have copied mod_jk.so to
/etc/httpd/modules/mod_jk.so
My file size 1,556,816 bytes permission owner root and
execute
Post by Lou Wallace
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
ls -l /etc/httpd/modules/mod_jk.so
-rwxrwxr-x 1 root root
also check the x executable
And apachectl -M (sorry not -S)
...
jk_module (shared)
...
10-my.conf and my.conf are preferred as when yum updates
httpd
Post by Lou Wallace
it
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
also
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
updates /etc/httpd/conf/httpd.conf. If you change httpd.conf
you
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
then
Post by Greg Huber
Post by Lou Wallace
have
Post by Lou Wallace
to merge the httpd.conf.rpmnew as it won't overwrite config.
The only change I make in httpd.conf is to make sure there is
no
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Greg Huber
browsing
Post by Lou Wallace
Post by Lou Wallace
#Options Indexes FollowSymLinks
#No folders/files listed
Options -Indexes -FollowSymLinks
Cheers Greg
On Sat, 24 Nov 2018 at 22:02, Lou Wallace <
Post by Lou Wallace
Here is what I see
core_module (static)
so_module (static)
http_module (static)
access_compat_module (shared)
actions_module (shared)
alias_module (shared)
allowmethods_module (shared)
auth_basic_module (shared)
auth_digest_module (shared)
authn_anon_module (shared)
authn_core_module (shared)
authn_dbd_module (shared)
authn_dbm_module (shared)
authn_file_module (shared)
authn_socache_module (shared)
authz_core_module (shared)
authz_dbd_module (shared)
authz_dbm_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_owner_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cache_module (shared)
cache_disk_module (shared)
data_module (shared)
dbd_module (shared)
deflate_module (shared)
dir_module (shared)
dumpio_module (shared)
echo_module (shared)
env_module (shared)
expires_module (shared)
ext_filter_module (shared)
filter_module (shared)
headers_module (shared)
include_module (shared)
info_module (shared)
log_config_module (shared)
logio_module (shared)
mime_magic_module (shared)
mime_module (shared)
negotiation_module (shared)
remoteip_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
slotmem_plain_module (shared)
slotmem_shm_module (shared)
socache_dbm_module (shared)
socache_memcache_module (shared)
socache_shmcb_module (shared)
status_module (shared)
substitute_module (shared)
suexec_module (shared)
unique_id_module (shared)
unixd_module (shared)
userdir_module (shared)
version_module (shared)
vhost_alias_module (shared)
dav_module (shared)
dav_fs_module (shared)
dav_lock_module (shared)
lua_module (shared)
mpm_prefork_module (shared)
proxy_module (shared)
lbmethod_bybusyness_module (shared)
lbmethod_byrequests_module (shared)
lbmethod_bytraffic_module (shared)
lbmethod_heartbeat_module (shared)
proxy_ajp_module (shared)
proxy_balancer_module (shared)
proxy_connect_module (shared)
proxy_express_module (shared)
proxy_fcgi_module (shared)
proxy_fdpass_module (shared)
proxy_ftp_module (shared)
proxy_http_module (shared)
proxy_scgi_module (shared)
proxy_wstunnel_module (shared)
ssl_module (shared)
systemd_module (shared)
cgi_module (shared)
No mod_jk
On Sat, Nov 24, 2018 at 4:23 PM Christopher Schultz <
Post by Christopher Schultz
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Lou,
Post by Lou Wallace
Hi Greg,
I did this and restarted HTTPD. No error but no change.
Not sure how 10-my.conf and my.conf are called, but I
did
Post by Lou Wallace
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
create
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
Post by Lou Wallace
them as described.
Also when I checked configtest
and apachectl -S
*:443
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
Post by Lou Wallace
server2.us-west2-a.c.helpful-kingdom-220815.internal
"/etc/httpd"
Post by Lou Wallace
Post by Lou Wallace
Main
using_defaults
Post by Greg Huber
Post by Lou Wallace
Post by Greg Huber
Mutex
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
Post by Lou Wallace
authdigest-opaque: using_defaults Mutex
using_defaults Mutex rewrite-map: using_defaults Mutex
using_defaults Mutex proxy: using_defaults Mutex
using_defaults Mutex ssl-cache: using_defaults Mutex
_RH_HAS_HTTPPROTOCOLOPTIONS
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
Post by Lou Wallace
DUMP_VHOSTS Define: DUMP_RUN_CFG User: name="apache"
id=48
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
Post by Lou Wallace
name="apache" id=48
Looking forward to your thoughts.
$ apachectl -M
core_module (static)
log_config_module (static)
logio_module (static)
version_module (static)
mpm_prefork_module (static)
http_module (static)
so_module (static)
alias_module (shared)
auth_basic_module (shared)
authn_file_module (shared)
authz_default_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cgi_module (shared)
deflate_module (shared)
dir_module (shared)
env_module (shared)
headers_module (shared)
include_module (shared)
jk_module (shared) <-- here is mod_jk
mime_module (shared)
negotiation_module (shared)
php5_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
ssl_module (shared)
status_module (shared)
Syntax OK
If mod_jk isn't loading, obviously none of the
module-defined
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
directives will work.
- -chris
-----BEGIN PGP SIGNATURE-----
Comment: Using GnuPG with Thunderbird -
https://www.enigmail.net/
iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlv5wT8ACgkQHPApP6U8
pFgJMA//ex7/qu/RFlla2FiSxRDJeYfwxaGywm1IrtNXL2y0/nkjIyJKLuNkwfec
jWQm0ihAXKjBaLks9boK8dVmmEfEibsEDBSRK7LVtLwOd97PQgo6Wv8/itehOAQW
4Q8Vyc3Ov2PmXPTCzxehAyzdO8ltSZ5wFZ7TA6tXQYDzgY3yDxl3PMDl3Th0Byi1
tts6340/Ih4jhPdYoA0W9LXVqIYjEn/tzMgXUazjXE9jRUxP8bslOeMzQjiuLjvt
BkwNDqYoTN3INxwljJ9BXVumbk4DehIIx4lw1zuxdzuiLPHYxYsJY+pYLWtAY3i4
Op6ATyoKrBiOjjN6DIFWM0ilsRS0ktM7bdwRlRFCXGTUzfwv2v2qzv6PkRsaUbma
bQ9a7+FFMoHGgWQ62VUtByCyyzHsPI1RoRlXwHRNYufMI+1UpV4IxfqA8tbCcwc+
ONzzVti5y16K6mZAH4FDsU/WiFW35hkJLkDrkrvw/z3uCvQjn72etkQFoICUmlEY
uxirMQHdM8CKrJ7whqiH/1ihdJXwcOPU20QCAfwEbyE58oN+sJxFWDCbGjfVbOfe
l9yQrKzzp1rnNepPyeseCeOQqSKXBeBDahkSEO/WGDu2PYuOYf2vT/BV6cthLMlm
Post by Lou Wallace
Post by Greg Huber
Post by Lou Wallace
Post by Lou Wallace
Post by Lou Wallace
Post by Christopher Schultz
WhyNoGDl3P3Hr68i4Zwe3a++cXWfzosHpLQOP5RxggV9QUsvKn8=
=gAVW
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
Lou Wallace
2018-11-25 15:21:31 UTC
Permalink
It's there in /etc/httpd/modules
its file size is 1556784

ls -l /etc/httpd/modules/mod_jk.so shows
-rwxr-xr-x. 1 root root 1556784

apachectl -M shows no mod_jk.so loaded

Question 1: Are 10-my.conf and my.conf supposed to automatically be used by
the system if they are in conf directory or do they need to be called from
somewhere like httpd.conf? Because if I just add
LoadModule jk_module /etc/httpd/modules/mod_jk.so
to httpd I get the Apache shared memory error when I systemctl restart
httpd and Apache fails to load

Question 2: Is there some other config file I need to edit to
allow LoadModule jk_module /etc/httpd/modules/mod_jk.so to work when
loaded?

And I just added

#Options Indexes FollowSymLinks
#No folders/files listed
Options -Indexes -FollowSymLinks

to httpd.conf

Thanks for the continued help!!

Lou
Post by Greg Huber
There's the problem, make sure you have copied mod_jk.so to
/etc/httpd/modules/mod_jk.so
My file size 1,556,816 bytes permission owner root and execute
ls -l /etc/httpd/modules/mod_jk.so
-rwxrwxr-x 1 root root
also check the x executable
And apachectl -M (sorry not -S)
...
jk_module (shared)
...
10-my.conf and my.conf are preferred as when yum updates httpd it also
updates /etc/httpd/conf/httpd.conf. If you change httpd.conf you then have
to merge the httpd.conf.rpmnew as it won't overwrite config.
The only change I make in httpd.conf is to make sure there is no browsing
#Options Indexes FollowSymLinks
#No folders/files listed
Options -Indexes -FollowSymLinks
Cheers Greg
Post by Lou Wallace
Here is what I see
core_module (static)
so_module (static)
http_module (static)
access_compat_module (shared)
actions_module (shared)
alias_module (shared)
allowmethods_module (shared)
auth_basic_module (shared)
auth_digest_module (shared)
authn_anon_module (shared)
authn_core_module (shared)
authn_dbd_module (shared)
authn_dbm_module (shared)
authn_file_module (shared)
authn_socache_module (shared)
authz_core_module (shared)
authz_dbd_module (shared)
authz_dbm_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_owner_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cache_module (shared)
cache_disk_module (shared)
data_module (shared)
dbd_module (shared)
deflate_module (shared)
dir_module (shared)
dumpio_module (shared)
echo_module (shared)
env_module (shared)
expires_module (shared)
ext_filter_module (shared)
filter_module (shared)
headers_module (shared)
include_module (shared)
info_module (shared)
log_config_module (shared)
logio_module (shared)
mime_magic_module (shared)
mime_module (shared)
negotiation_module (shared)
remoteip_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
slotmem_plain_module (shared)
slotmem_shm_module (shared)
socache_dbm_module (shared)
socache_memcache_module (shared)
socache_shmcb_module (shared)
status_module (shared)
substitute_module (shared)
suexec_module (shared)
unique_id_module (shared)
unixd_module (shared)
userdir_module (shared)
version_module (shared)
vhost_alias_module (shared)
dav_module (shared)
dav_fs_module (shared)
dav_lock_module (shared)
lua_module (shared)
mpm_prefork_module (shared)
proxy_module (shared)
lbmethod_bybusyness_module (shared)
lbmethod_byrequests_module (shared)
lbmethod_bytraffic_module (shared)
lbmethod_heartbeat_module (shared)
proxy_ajp_module (shared)
proxy_balancer_module (shared)
proxy_connect_module (shared)
proxy_express_module (shared)
proxy_fcgi_module (shared)
proxy_fdpass_module (shared)
proxy_ftp_module (shared)
proxy_http_module (shared)
proxy_scgi_module (shared)
proxy_wstunnel_module (shared)
ssl_module (shared)
systemd_module (shared)
cgi_module (shared)
No mod_jk
On Sat, Nov 24, 2018 at 4:23 PM Christopher Schultz <
Post by Christopher Schultz
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Lou,
Post by Lou Wallace
Hi Greg,
I did this and restarted HTTPD. No error but no change.
Not sure how 10-my.conf and my.conf are called, but I did create
them as described.
Also when I checked configtest
and apachectl -S
server2.us-west2-a.c.helpful-kingdom-220815.internal
(/etc/httpd/conf.d/ssl.conf:56) ServerRoot: "/etc/httpd" Main
"/etc/httpd/logs/error_log" Mutex mpm-accept: using_defaults Mutex
using_defaults Mutex rewrite-map: using_defaults Mutex
name="apache" id=48
Looking forward to your thoughts.
$ apachectl -M
core_module (static)
log_config_module (static)
logio_module (static)
version_module (static)
mpm_prefork_module (static)
http_module (static)
so_module (static)
alias_module (shared)
auth_basic_module (shared)
authn_file_module (shared)
authz_default_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cgi_module (shared)
deflate_module (shared)
dir_module (shared)
env_module (shared)
headers_module (shared)
include_module (shared)
jk_module (shared) <-- here is mod_jk
mime_module (shared)
negotiation_module (shared)
php5_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
ssl_module (shared)
status_module (shared)
Syntax OK
If mod_jk isn't loading, obviously none of the module-defined
directives will work.
- -chris
-----BEGIN PGP SIGNATURE-----
Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/
iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlv5wT8ACgkQHPApP6U8
pFgJMA//ex7/qu/RFlla2FiSxRDJeYfwxaGywm1IrtNXL2y0/nkjIyJKLuNkwfec
jWQm0ihAXKjBaLks9boK8dVmmEfEibsEDBSRK7LVtLwOd97PQgo6Wv8/itehOAQW
4Q8Vyc3Ov2PmXPTCzxehAyzdO8ltSZ5wFZ7TA6tXQYDzgY3yDxl3PMDl3Th0Byi1
tts6340/Ih4jhPdYoA0W9LXVqIYjEn/tzMgXUazjXE9jRUxP8bslOeMzQjiuLjvt
BkwNDqYoTN3INxwljJ9BXVumbk4DehIIx4lw1zuxdzuiLPHYxYsJY+pYLWtAY3i4
Op6ATyoKrBiOjjN6DIFWM0ilsRS0ktM7bdwRlRFCXGTUzfwv2v2qzv6PkRsaUbma
bQ9a7+FFMoHGgWQ62VUtByCyyzHsPI1RoRlXwHRNYufMI+1UpV4IxfqA8tbCcwc+
ONzzVti5y16K6mZAH4FDsU/WiFW35hkJLkDrkrvw/z3uCvQjn72etkQFoICUmlEY
uxirMQHdM8CKrJ7whqiH/1ihdJXwcOPU20QCAfwEbyE58oN+sJxFWDCbGjfVbOfe
l9yQrKzzp1rnNepPyeseCeOQqSKXBeBDahkSEO/WGDu2PYuOYf2vT/BV6cthLMlm
WhyNoGDl3P3Hr68i4Zwe3a++cXWfzosHpLQOP5RxggV9QUsvKn8=
=gAVW
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
Greg Huber
2018-11-25 17:21:46 UTC
Permalink
Post by Lou Wallace
Question 1: Are 10-my.conf and my.conf supposed to automatically be used by
the system if they are in conf directory or do they need to be called from
somewhere like httpd.conf?
Looking at httpd.conf
...
#
# Dynamic Shared Object (DSO) Support
#
Include conf.modules.d/*.conf
...
# Supplemental configuration
#
# Load config files in the "/etc/httpd/conf.d" directory, if any.
IncludeOptional conf.d/*.conf
...

Does all the loading, from conf.modules.d and conf.dfolders. So don't need
to do anything extra.

If you are running standard centos 7 there are should be no modules loaded
in httpd.conf?
rpm -q httpd
httpd-2.4.6-80.el7.centos.1.x86_64
Post by Lou Wallace
Question 2: Is there some other config file I need to edit to
allow LoadModule jk_module /etc/httpd/modules/mod_jk.so to work when
loaded?
Because if I just add
LoadModule jk_module /etc/httpd/modules/mod_jk.so
to httpd I get the Apache shared memory error when I systemctl restart
httpd and Apache fails to load
Maybe the shared memory error is because its loading in the incorrect
order? If you just add the LoadModule to the end of httpd.conf it will be
in the wrong place. Place it just after

Include conf.modules.d/*.conf

and see if it works. But its best to use the /etc/httpd/conf.modules.d
folder!!
Post by Lou Wallace
It's there in /etc/httpd/modules
its file size is 1556784
ls -l /etc/httpd/modules/mod_jk.so shows
-rwxr-xr-x. 1 root root 1556784
apachectl -M shows no mod_jk.so loaded
Question 1: Are 10-my.conf and my.conf supposed to automatically be used by
the system if they are in conf directory or do they need to be called from
somewhere like httpd.conf? Because if I just add
LoadModule jk_module /etc/httpd/modules/mod_jk.so
to httpd I get the Apache shared memory error when I systemctl restart
httpd and Apache fails to load
Question 2: Is there some other config file I need to edit to
allow LoadModule jk_module /etc/httpd/modules/mod_jk.so to work when
loaded?
And I just added
#Options Indexes FollowSymLinks
#No folders/files listed
Options -Indexes -FollowSymLinks
to httpd.conf
Thanks for the continued help!!
Lou
Post by Greg Huber
There's the problem, make sure you have copied mod_jk.so to
/etc/httpd/modules/mod_jk.so
My file size 1,556,816 bytes permission owner root and execute
ls -l /etc/httpd/modules/mod_jk.so
-rwxrwxr-x 1 root root
also check the x executable
And apachectl -M (sorry not -S)
...
jk_module (shared)
...
10-my.conf and my.conf are preferred as when yum updates httpd it also
updates /etc/httpd/conf/httpd.conf. If you change httpd.conf you then
have
Post by Greg Huber
to merge the httpd.conf.rpmnew as it won't overwrite config.
The only change I make in httpd.conf is to make sure there is no browsing
#Options Indexes FollowSymLinks
#No folders/files listed
Options -Indexes -FollowSymLinks
Cheers Greg
Post by Lou Wallace
Here is what I see
core_module (static)
so_module (static)
http_module (static)
access_compat_module (shared)
actions_module (shared)
alias_module (shared)
allowmethods_module (shared)
auth_basic_module (shared)
auth_digest_module (shared)
authn_anon_module (shared)
authn_core_module (shared)
authn_dbd_module (shared)
authn_dbm_module (shared)
authn_file_module (shared)
authn_socache_module (shared)
authz_core_module (shared)
authz_dbd_module (shared)
authz_dbm_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_owner_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cache_module (shared)
cache_disk_module (shared)
data_module (shared)
dbd_module (shared)
deflate_module (shared)
dir_module (shared)
dumpio_module (shared)
echo_module (shared)
env_module (shared)
expires_module (shared)
ext_filter_module (shared)
filter_module (shared)
headers_module (shared)
include_module (shared)
info_module (shared)
log_config_module (shared)
logio_module (shared)
mime_magic_module (shared)
mime_module (shared)
negotiation_module (shared)
remoteip_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
slotmem_plain_module (shared)
slotmem_shm_module (shared)
socache_dbm_module (shared)
socache_memcache_module (shared)
socache_shmcb_module (shared)
status_module (shared)
substitute_module (shared)
suexec_module (shared)
unique_id_module (shared)
unixd_module (shared)
userdir_module (shared)
version_module (shared)
vhost_alias_module (shared)
dav_module (shared)
dav_fs_module (shared)
dav_lock_module (shared)
lua_module (shared)
mpm_prefork_module (shared)
proxy_module (shared)
lbmethod_bybusyness_module (shared)
lbmethod_byrequests_module (shared)
lbmethod_bytraffic_module (shared)
lbmethod_heartbeat_module (shared)
proxy_ajp_module (shared)
proxy_balancer_module (shared)
proxy_connect_module (shared)
proxy_express_module (shared)
proxy_fcgi_module (shared)
proxy_fdpass_module (shared)
proxy_ftp_module (shared)
proxy_http_module (shared)
proxy_scgi_module (shared)
proxy_wstunnel_module (shared)
ssl_module (shared)
systemd_module (shared)
cgi_module (shared)
No mod_jk
On Sat, Nov 24, 2018 at 4:23 PM Christopher Schultz <
Post by Christopher Schultz
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Lou,
Post by Lou Wallace
Hi Greg,
I did this and restarted HTTPD. No error but no change.
Not sure how 10-my.conf and my.conf are called, but I did create
them as described.
Also when I checked configtest
and apachectl -S
server2.us-west2-a.c.helpful-kingdom-220815.internal
(/etc/httpd/conf.d/ssl.conf:56) ServerRoot: "/etc/httpd" Main
"/etc/httpd/logs/error_log" Mutex mpm-accept: using_defaults Mutex
using_defaults Mutex rewrite-map: using_defaults Mutex
name="apache" id=48
Looking forward to your thoughts.
$ apachectl -M
core_module (static)
log_config_module (static)
logio_module (static)
version_module (static)
mpm_prefork_module (static)
http_module (static)
so_module (static)
alias_module (shared)
auth_basic_module (shared)
authn_file_module (shared)
authz_default_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cgi_module (shared)
deflate_module (shared)
dir_module (shared)
env_module (shared)
headers_module (shared)
include_module (shared)
jk_module (shared) <-- here is mod_jk
mime_module (shared)
negotiation_module (shared)
php5_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
ssl_module (shared)
status_module (shared)
Syntax OK
If mod_jk isn't loading, obviously none of the module-defined
directives will work.
- -chris
-----BEGIN PGP SIGNATURE-----
Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/
iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlv5wT8ACgkQHPApP6U8
pFgJMA//ex7/qu/RFlla2FiSxRDJeYfwxaGywm1IrtNXL2y0/nkjIyJKLuNkwfec
jWQm0ihAXKjBaLks9boK8dVmmEfEibsEDBSRK7LVtLwOd97PQgo6Wv8/itehOAQW
4Q8Vyc3Ov2PmXPTCzxehAyzdO8ltSZ5wFZ7TA6tXQYDzgY3yDxl3PMDl3Th0Byi1
tts6340/Ih4jhPdYoA0W9LXVqIYjEn/tzMgXUazjXE9jRUxP8bslOeMzQjiuLjvt
BkwNDqYoTN3INxwljJ9BXVumbk4DehIIx4lw1zuxdzuiLPHYxYsJY+pYLWtAY3i4
Op6ATyoKrBiOjjN6DIFWM0ilsRS0ktM7bdwRlRFCXGTUzfwv2v2qzv6PkRsaUbma
bQ9a7+FFMoHGgWQ62VUtByCyyzHsPI1RoRlXwHRNYufMI+1UpV4IxfqA8tbCcwc+
ONzzVti5y16K6mZAH4FDsU/WiFW35hkJLkDrkrvw/z3uCvQjn72etkQFoICUmlEY
uxirMQHdM8CKrJ7whqiH/1ihdJXwcOPU20QCAfwEbyE58oN+sJxFWDCbGjfVbOfe
l9yQrKzzp1rnNepPyeseCeOQqSKXBeBDahkSEO/WGDu2PYuOYf2vT/BV6cthLMlm
WhyNoGDl3P3Hr68i4Zwe3a++cXWfzosHpLQOP5RxggV9QUsvKn8=
=gAVW
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
Christopher Schultz
2018-11-26 14:38:54 UTC
Permalink
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Lou,
Post by Lou Wallace
Here is what I see
Loaded Modules: core_module (static) so_module (static) http_module
(static) access_compat_module (shared) actions_module (shared)
alias_module (shared) allowmethods_module (shared)
auth_basic_module (shared) auth_digest_module (shared)
authn_anon_module (shared) authn_core_module (shared)
authn_dbd_module (shared) authn_dbm_module (shared)
authn_file_module (shared) authn_socache_module (shared)
authz_core_module (shared) authz_dbd_module (shared)
authz_dbm_module (shared) authz_groupfile_module (shared)
authz_host_module (shared) authz_owner_module (shared)
authz_user_module (shared) autoindex_module (shared) cache_module
(shared) cache_disk_module (shared) data_module (shared) dbd_module
(shared) deflate_module (shared) dir_module (shared) dumpio_module
(shared) echo_module (shared) env_module (shared) expires_module
(shared) ext_filter_module (shared) filter_module (shared)
headers_module (shared) include_module (shared) info_module
(shared) log_config_module (shared) logio_module (shared)
mime_magic_module (shared) mime_module (shared) negotiation_module
(shared) remoteip_module (shared) reqtimeout_module (shared)
rewrite_module (shared) setenvif_module (shared)
slotmem_plain_module (shared) slotmem_shm_module (shared)
socache_dbm_module (shared) socache_memcache_module (shared)
socache_shmcb_module (shared) status_module (shared)
substitute_module (shared) suexec_module (shared) unique_id_module
(shared) unixd_module (shared) userdir_module (shared)
version_module (shared) vhost_alias_module (shared) dav_module
(shared) dav_fs_module (shared) dav_lock_module (shared) lua_module
(shared) mpm_prefork_module (shared) proxy_module (shared)
lbmethod_bybusyness_module (shared) lbmethod_byrequests_module
(shared) lbmethod_bytraffic_module (shared)
lbmethod_heartbeat_module (shared) proxy_ajp_module (shared)
proxy_balancer_module (shared) proxy_connect_module (shared)
proxy_express_module (shared) proxy_fcgi_module (shared)
proxy_fdpass_module (shared) proxy_ftp_module (shared)
proxy_http_module (shared) proxy_scgi_module (shared)
proxy_wstunnel_module (shared) ssl_module (shared) systemd_module
(shared) cgi_module (shared)
That's like ... every single module available. Are you sure you want
all those modules? After you get mod_jk working, you might want to
review your configuration. Lots of stuff in there you almost certainly
don't need.

- -chris
-----BEGIN PGP SIGNATURE-----
Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/

iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlv8BX0ACgkQHPApP6U8
pFgv9g//S4yxRRcCIo7bRxz4vZZim+Oun7Dg0Qpao5w/MhMHDwry2P512ozds2z4
ZPpnWKKFuWzu4S45oCaDAYnAzkhEJlcn7mbXzR7TbLGWwSrkM/TWGMiMNbAAwOm4
uvmkKJf6XOHZH4NexhAlDb3b+u/1g/kusLrsmZ58lt2GhOqVBJEaoWsBQ+xTW+Q6
XVY/tEJIIBJsv5PD9qXf6MZi6vafYkOd1tv7n8VE+nCbG1wRKzF+sDcsGnxNUlZl
2F3qSplfYEVCZZRJCSNCgk8ZxWv2j2iB754jHDUzYR0iqxyzzgx4SCuH117LIo+U
cGa116omE945IuLrhzcjM5fe1N0KdKvR4zrmTQTCRumaAzvEoFTRzB2TddStf/50
FX/TQ7ULSmgNXRNnq3e/DjqmyrTRHoOrJnNn6AaL/Vftk6bN9p83oPCqtyvR9L0h
kxGa6pvOAJ9qbQaixscRypSSHUmWkAz8MS6vIQyBqNyl9VtAKEcJ+nqUzhu8Y9aL
UdQS+iMVwUjYEh1RlIuT6SETlOUoa0VXrRt/DG7P5HY+S0DQmgnBduZG/PZO3LLM
E88mDXYFCMTCLfsawAU3slODt0DchcpVHt3dc8xuspsHbGLG0yxCZCCEFzgDZWij
6NfMHpGtAI4U7FJc3pMjB7IKVOS8aTyltPOevAtUGOF8Mv6pAQE=
=8n4C
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-***@tomcat.apache.org
For additional commands, e-mail: users-***@tomcat.apache.org
Lou Wallace
2018-11-26 15:14:35 UTC
Permalink
Hi Chris,

For the most party those were there when the Google Cloud instance created
the Apache web server. But you are right once working I need to eval all of
them.

Lou

On Mon, Nov 26, 2018 at 9:38 AM Christopher Schultz <
Post by Christopher Schultz
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Lou,
Post by Lou Wallace
Here is what I see
Loaded Modules: core_module (static) so_module (static) http_module
(static) access_compat_module (shared) actions_module (shared)
alias_module (shared) allowmethods_module (shared)
auth_basic_module (shared) auth_digest_module (shared)
authn_anon_module (shared) authn_core_module (shared)
authn_dbd_module (shared) authn_dbm_module (shared)
authn_file_module (shared) authn_socache_module (shared)
authz_core_module (shared) authz_dbd_module (shared)
authz_dbm_module (shared) authz_groupfile_module (shared)
authz_host_module (shared) authz_owner_module (shared)
authz_user_module (shared) autoindex_module (shared) cache_module
(shared) cache_disk_module (shared) data_module (shared) dbd_module
(shared) deflate_module (shared) dir_module (shared) dumpio_module
(shared) echo_module (shared) env_module (shared) expires_module
(shared) ext_filter_module (shared) filter_module (shared)
headers_module (shared) include_module (shared) info_module
(shared) log_config_module (shared) logio_module (shared)
mime_magic_module (shared) mime_module (shared) negotiation_module
(shared) remoteip_module (shared) reqtimeout_module (shared)
rewrite_module (shared) setenvif_module (shared)
slotmem_plain_module (shared) slotmem_shm_module (shared)
socache_dbm_module (shared) socache_memcache_module (shared)
socache_shmcb_module (shared) status_module (shared)
substitute_module (shared) suexec_module (shared) unique_id_module
(shared) unixd_module (shared) userdir_module (shared)
version_module (shared) vhost_alias_module (shared) dav_module
(shared) dav_fs_module (shared) dav_lock_module (shared) lua_module
(shared) mpm_prefork_module (shared) proxy_module (shared)
lbmethod_bybusyness_module (shared) lbmethod_byrequests_module
(shared) lbmethod_bytraffic_module (shared)
lbmethod_heartbeat_module (shared) proxy_ajp_module (shared)
proxy_balancer_module (shared) proxy_connect_module (shared)
proxy_express_module (shared) proxy_fcgi_module (shared)
proxy_fdpass_module (shared) proxy_ftp_module (shared)
proxy_http_module (shared) proxy_scgi_module (shared)
proxy_wstunnel_module (shared) ssl_module (shared) systemd_module
(shared) cgi_module (shared)
That's like ... every single module available. Are you sure you want
all those modules? After you get mod_jk working, you might want to
review your configuration. Lots of stuff in there you almost certainly
don't need.
- -chris
-----BEGIN PGP SIGNATURE-----
Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/
iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlv8BX0ACgkQHPApP6U8
pFgv9g//S4yxRRcCIo7bRxz4vZZim+Oun7Dg0Qpao5w/MhMHDwry2P512ozds2z4
ZPpnWKKFuWzu4S45oCaDAYnAzkhEJlcn7mbXzR7TbLGWwSrkM/TWGMiMNbAAwOm4
uvmkKJf6XOHZH4NexhAlDb3b+u/1g/kusLrsmZ58lt2GhOqVBJEaoWsBQ+xTW+Q6
XVY/tEJIIBJsv5PD9qXf6MZi6vafYkOd1tv7n8VE+nCbG1wRKzF+sDcsGnxNUlZl
2F3qSplfYEVCZZRJCSNCgk8ZxWv2j2iB754jHDUzYR0iqxyzzgx4SCuH117LIo+U
cGa116omE945IuLrhzcjM5fe1N0KdKvR4zrmTQTCRumaAzvEoFTRzB2TddStf/50
FX/TQ7ULSmgNXRNnq3e/DjqmyrTRHoOrJnNn6AaL/Vftk6bN9p83oPCqtyvR9L0h
kxGa6pvOAJ9qbQaixscRypSSHUmWkAz8MS6vIQyBqNyl9VtAKEcJ+nqUzhu8Y9aL
UdQS+iMVwUjYEh1RlIuT6SETlOUoa0VXrRt/DG7P5HY+S0DQmgnBduZG/PZO3LLM
E88mDXYFCMTCLfsawAU3slODt0DchcpVHt3dc8xuspsHbGLG0yxCZCCEFzgDZWij
6NfMHpGtAI4U7FJc3pMjB7IKVOS8aTyltPOevAtUGOF8Mv6pAQE=
=8n4C
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
Christopher Schultz
2018-11-21 16:37:23 UTC
Permalink
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Lou,
Post by Lou Wallace
Hi Everyone,
So still having issues with mod_jk. I have downloaded
wget
http://www.eu.apache.org/dist/tomcat/tomcat-connectors/jk/tomcat-conne
ctors-1.2.46-src.tar.gz
wget
Post by Lou Wallace
http://www.eu.apache.org/dist/tomcat/tomcat-connectors/jk/tomcat-conne
ctors-1.2.46-src.tar.gz.sha1
Post by Lou Wallace
and make install, and everything seems fine
I then edited the httpd.conf file and added
LoadModule jk_module modules/mod_jk.so
JkWorkersFile "/etc/httpd/conf/workers.properties" JkLogFile
"/var/log/mod_jk.log" JkLogLevel info JkLogStampFormat "[%a %b %d
%H:%M:%S %Y] " JkOptions +ForwardKeySize +ForwardURICompat
-ForwardDirectories JkRequestLogFormat "%w %V %T"
then I edited workers.properties and added
worker.list=app1,app2
worker.app1.type=ajp13 worker.app1.host=app1.example.com
worker.app1.port=8201 worker.app1.socket_timeout=10
worker.app2.type=ajp13 worker.app2.host=app2.example.com
worker.app2.port=8201 worker.app1.socket_timeout=10
Then when I restart Apache using systemctl restart httpd I get
Job for httpd.service failed because the control process exited
with error code. See "systemctl status httpd.servic e" and
"journalctl -xe" for details.
So checking mod_jk log I see
[Wed Nov 21 15:54:19 2018] [11957:140478724515968] [warn]
jk_map_handle_duplicates::jk_map.c (456): Duplicate key $
and the httpd log last entries are
[Wed Nov 21 15:54:13.789384 2018] [mpm_prefork:notice] [pid 7569]
AH00170: caught SIGWINCH, shutting down gracefully [Wed Nov 21
15:54:19.910325 2018] [core:notice] [pid 11957] SELinux policy
enabled; httpd running as context system_u:system_r:httpd_t:s0 [Wed
suEXEC mechanism enabled (wrapper: /usr/sbin/suexec) [Wed Nov 21
15:54:19.916294 2018] [jk:warn] [pid 11957] No JkShmFile defined in
httpd.conf. Using default /etc/httpd/logs/jk-runtime-status [Wed
Nov 21 15:54:19.916632 2018] [jk:emerg] [pid 11957] Initializing
shm:/etc/httpd/logs/jk-runtime-status.11957 errno=13. Unable to
start due to shared memory failure. [Wed Nov 21 15:54:19.916639
2018] [jk:emerg] [pid 11957] Initializing
shm:/etc/httpd/logs/jk-runtime-status.11957 errno=13. Unable to
start due to shared memory failure.
I am not sure if the first 3 are connected to mod_jk, I included
them for those who know far more then me (almost everyone I
suspect) just in case
And ideas, hints or thoughts?
I wonder if your shared-memory file is corrupt. Try deleting the file
/etc/httpd/logs/jk-runtime-status (or maybe
/etc/httpd/logs/jk-runtime-status*) and restarting.

I've never seen any errors like the ones you are showing above, so
this is just a shot in the dark.

Also, try a complete "stop" and "start" instead of a graceful shutdown.

- -chris
Post by Lou Wallace
On Fri, Nov 16, 2018 at 9:56 AM Lou Wallace
Post by Lou Wallace
Hi All,
I am in need of some help in getting mod_jk installed on a new
google cloud server.
Right now it has Apache, Tomcat, Java, mysql, perl and python
installed. But mod_jk isn't there.
When I try yum install mod_jk it isn't found in any of the
mirrors.
I've been to the Tomcat site and when I try and get binaries or
source it sees I am on a windows pc and forces me to those
directories.
So, if someone can give me a simple set of commands to do this it
would be awesome. Also is there other tomcat connectors needed
with java?
Preferable it will be done from the ssh client on the cloud
server.
Thanks!
Lou
-----BEGIN PGP SIGNATURE-----
Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/

iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlv1icIACgkQHPApP6U8
pFhLoBAAm5fQnozzXl2DH6p2tBCqos3FZga7u5ogbNrMULOtC4r0NMI3fqvOL03u
SUA19NaNJyczj0LthEeLlXQfaWp2KniaLvPyrjCVGEbZejpx3fACVpCdYn5OplQB
JNyP4gH7k1XFWlVcwtTsQugvVYlFNDp8qUaNfzHfvZ+DQhEGWEt9k0T8PWDmULJA
ms+wQSLajDfeHqbt+EZ5HyV6x5vUJJfQirai7ExVWOp2bVM4SZXhQC0FozQGJKm/
883OTq2HbyhDn1wUh4xgG43vua5hY7HLbcJlDtkUYe2EpNAOyjP1p7vPgSQTukOB
mLHTAeQFcnHCgmYRmK6A5Lf/qW3DKKFQpV3clrltEzh9csbZiTP2c/koWVWiXY64
kXc4syCeuNRHOxjzpX0VWAnTTYh0FpPg7ITTlt3AsQMP5d5D07UOzvqhMaxi38m1
xNzmx5DnW/5iLlOM8KX528U7mATnKEUHL9q6pEtGDd8Mug6JqRgcW0T+oheb0ISg
J1nL3te0/oOGccuiUKn7NJfujSEVrb2guRG24cIZS5I9Ym7jnOZSWtN1KEpxnZfY
sF7/JHxMLNSy7zrqQNooXFCi4CDn6W6hpwQd0Nz1Y/i1XOnfLQFWBvPTJGqezSJN
PVh+QclAW7nasqgBzKb3IQPQ0uVYX3F0VKUaOxszLbsas6Dzjwk=
=qjE+
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-***@tomcat.apache.org
For additional commands, e-mail: users-***@tomcat.apache.org
Lou Wallace
2018-11-21 18:52:41 UTC
Permalink
Hi Chris,

I tried that and got similar error msgs.

I am wondering if something needs to be defined upstream for Apache, Tomcat
or maybe even Java?




On Wed, Nov 21, 2018 at 11:37 AM Christopher Schultz <
Post by Christopher Schultz
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Lou,
Post by Lou Wallace
Hi Everyone,
So still having issues with mod_jk. I have downloaded
wget
http://www.eu.apache.org/dist/tomcat/tomcat-connectors/jk/tomcat-conne
ctors-1.2.46-src.tar.gz
<http://www.eu.apache.org/dist/tomcat/tomcat-connectors/jk/tomcat-connectors-1.2.46-src.tar.gz>
wget
Post by Lou Wallace
http://www.eu.apache.org/dist/tomcat/tomcat-connectors/jk/tomcat-conne
ctors-1.2.46-src.tar.gz.sha1
<http://www.eu.apache.org/dist/tomcat/tomcat-connectors/jk/tomcat-connectors-1.2.46-src.tar.gz.sha1>
Post by Lou Wallace
and make install, and everything seems fine
I then edited the httpd.conf file and added
LoadModule jk_module modules/mod_jk.so
JkWorkersFile "/etc/httpd/conf/workers.properties" JkLogFile
"/var/log/mod_jk.log" JkLogLevel info JkLogStampFormat "[%a %b %d
%H:%M:%S %Y] " JkOptions +ForwardKeySize +ForwardURICompat
-ForwardDirectories JkRequestLogFormat "%w %V %T"
then I edited workers.properties and added
worker.list=app1,app2
worker.app1.type=ajp13 worker.app1.host=app1.example.com
worker.app1.port=8201 worker.app1.socket_timeout=10
worker.app2.type=ajp13 worker.app2.host=app2.example.com
worker.app2.port=8201 worker.app1.socket_timeout=10
Then when I restart Apache using systemctl restart httpd I get
Job for httpd.service failed because the control process exited
with error code. See "systemctl status httpd.servic e" and
"journalctl -xe" for details.
So checking mod_jk log I see
[Wed Nov 21 15:54:19 2018] [11957:140478724515968] [warn]
jk_map_handle_duplicates::jk_map.c (456): Duplicate key $
and the httpd log last entries are
[Wed Nov 21 15:54:13.789384 2018] [mpm_prefork:notice] [pid 7569]
AH00170: caught SIGWINCH, shutting down gracefully [Wed Nov 21
15:54:19.910325 2018] [core:notice] [pid 11957] SELinux policy
enabled; httpd running as context system_u:system_r:httpd_t:s0 [Wed
suEXEC mechanism enabled (wrapper: /usr/sbin/suexec) [Wed Nov 21
15:54:19.916294 2018] [jk:warn] [pid 11957] No JkShmFile defined in
httpd.conf. Using default /etc/httpd/logs/jk-runtime-status [Wed
Nov 21 15:54:19.916632 2018] [jk:emerg] [pid 11957] Initializing
shm:/etc/httpd/logs/jk-runtime-status.11957 errno=13. Unable to
start due to shared memory failure. [Wed Nov 21 15:54:19.916639
2018] [jk:emerg] [pid 11957] Initializing
shm:/etc/httpd/logs/jk-runtime-status.11957 errno=13. Unable to
start due to shared memory failure.
I am not sure if the first 3 are connected to mod_jk, I included
them for those who know far more then me (almost everyone I
suspect) just in case
And ideas, hints or thoughts?
I wonder if your shared-memory file is corrupt. Try deleting the file
/etc/httpd/logs/jk-runtime-status (or maybe
/etc/httpd/logs/jk-runtime-status*) and restarting.
I've never seen any errors like the ones you are showing above, so
this is just a shot in the dark.
Also, try a complete "stop" and "start" instead of a graceful shutdown.
- -chris
Post by Lou Wallace
On Fri, Nov 16, 2018 at 9:56 AM Lou Wallace
Post by Lou Wallace
Hi All,
I am in need of some help in getting mod_jk installed on a new
google cloud server.
Right now it has Apache, Tomcat, Java, mysql, perl and python
installed. But mod_jk isn't there.
When I try yum install mod_jk it isn't found in any of the
mirrors.
I've been to the Tomcat site and when I try and get binaries or
source it sees I am on a windows pc and forces me to those
directories.
So, if someone can give me a simple set of commands to do this it
would be awesome. Also is there other tomcat connectors needed
with java?
Preferable it will be done from the ssh client on the cloud
server.
Thanks!
Lou
-----BEGIN PGP SIGNATURE-----
Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/
iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlv1icIACgkQHPApP6U8
pFhLoBAAm5fQnozzXl2DH6p2tBCqos3FZga7u5ogbNrMULOtC4r0NMI3fqvOL03u
SUA19NaNJyczj0LthEeLlXQfaWp2KniaLvPyrjCVGEbZejpx3fACVpCdYn5OplQB
JNyP4gH7k1XFWlVcwtTsQugvVYlFNDp8qUaNfzHfvZ+DQhEGWEt9k0T8PWDmULJA
ms+wQSLajDfeHqbt+EZ5HyV6x5vUJJfQirai7ExVWOp2bVM4SZXhQC0FozQGJKm/
883OTq2HbyhDn1wUh4xgG43vua5hY7HLbcJlDtkUYe2EpNAOyjP1p7vPgSQTukOB
mLHTAeQFcnHCgmYRmK6A5Lf/qW3DKKFQpV3clrltEzh9csbZiTP2c/koWVWiXY64
kXc4syCeuNRHOxjzpX0VWAnTTYh0FpPg7ITTlt3AsQMP5d5D07UOzvqhMaxi38m1
xNzmx5DnW/5iLlOM8KX528U7mATnKEUHL9q6pEtGDd8Mug6JqRgcW0T+oheb0ISg
J1nL3te0/oOGccuiUKn7NJfujSEVrb2guRG24cIZS5I9Ym7jnOZSWtN1KEpxnZfY
sF7/JHxMLNSy7zrqQNooXFCi4CDn6W6hpwQd0Nz1Y/i1XOnfLQFWBvPTJGqezSJN
PVh+QclAW7nasqgBzKb3IQPQ0uVYX3F0VKUaOxszLbsas6Dzjwk=
=qjE+
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
Mark Thomas
2018-11-21 16:39:38 UTC
Permalink
Post by Lou Wallace
Hi Everyone,
So still having issues with mod_jk. I have downloaded
wget
http://www.eu.apache.org/dist/tomcat/tomcat-connectors/jk/tomcat-connectors-1.2.46-src.tar.gz
wget
http://www.eu.apache.org/dist/tomcat/tomcat-connectors/jk/tomcat-connectors-1.2.46-src.tar.gz.sha1
and make install, and everything seems fine
I then edited the httpd.conf file and added
LoadModule jk_module modules/mod_jk.so
JkWorkersFile "/etc/httpd/conf/workers.properties"
JkLogFile "/var/log/mod_jk.log"
JkLogLevel info
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories
JkRequestLogFormat "%w %V %T"
then I edited workers.properties and added
worker.list=app1,app2
worker.app1.type=ajp13
worker.app1.host=app1.example.com
worker.app1.port=8201
worker.app1.socket_timeout=10
worker.app2.type=ajp13
worker.app2.host=app2.example.com
worker.app2.port=8201
worker.app1.socket_timeout=10
^^^

This line should be app2, not app1

Mark
Post by Lou Wallace
Then when I restart Apache using systemctl restart httpd I get
Job for httpd.service failed because the control process exited with error
code. See "systemctl status httpd.servic
e" and "journalctl -xe" for details.
So checking mod_jk log I see
[Wed Nov 21 15:54:19 2018] [11957:140478724515968] [warn]
jk_map_handle_duplicates::jk_map.c (456): Duplicate key $
and the httpd log last entries are
caught SIGWINCH, shutting down gracefully
[Wed Nov 21 15:54:19.910325 2018] [core:notice] [pid 11957] SELinux policy
enabled; httpd running as context system_u:system_r:httpd_t:s0
suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Wed Nov 21 15:54:19.916294 2018] [jk:warn] [pid 11957] No JkShmFile
defined in httpd.conf. Using default /etc/httpd/logs/jk-runtime-status
[Wed Nov 21 15:54:19.916632 2018] [jk:emerg] [pid 11957] Initializing
shm:/etc/httpd/logs/jk-runtime-status.11957 errno=13. Unable to start due
to shared memory failure.
[Wed Nov 21 15:54:19.916639 2018] [jk:emerg] [pid 11957] Initializing
shm:/etc/httpd/logs/jk-runtime-status.11957 errno=13. Unable to start due
to shared memory failure.
I am not sure if the first 3 are connected to mod_jk, I included them for
those who know far more then me (almost everyone I suspect) just in case
And ideas, hints or thoughts?
Thanks!
Lou
Post by Lou Wallace
Hi All,
I am in need of some help in getting mod_jk installed on a new google
cloud server.
Right now it has Apache, Tomcat, Java, mysql, perl and python installed.
But mod_jk isn't there.
When I try yum install mod_jk it isn't found in any of the mirrors.
I've been to the Tomcat site and when I try and get binaries or source it
sees I am on a windows pc and forces me to those directories.
So, if someone can give me a simple set of commands to do this it would be
awesome. Also is there other tomcat connectors needed with java?
Preferable it will be done from the ssh client on the cloud server.
Thanks!
Lou
---------------------------------------------------------------------
To unsubscribe, e-mail: users-***@tomcat.apache.org
For additional commands, e-mail: users-***@tomcat.apache.org
Loading...