tomcat not accessible from web browser

sabsac

New Member
Joined
May 26, 2020
Messages
12
Reaction score
3
Credits
119
I have installed jenkins on centos 7 on my gcp instance. It is configured to listen on port 8080. then I installed tomcat server on the same system. I configured the hhtp port to listen on port 8090 in server.xml file. I am not able access tomcat on my web browsers.Port 8090 is not showing up when do a "systemctl status tomcat" command


tomcat port.png
o
 


Is there something listening on port 8090? Also did you add port 8090 to your firewall to allow connections from outside? And you will probably need to add port 8090 to your selinux configuration as well for it to allow to run as a http port.
 
this is google cloud console so I have allowed all traffic in firewall rules for incoming.yes jenkins is listening to port 8080
 
the catalina server is showing following error in the log:
SEVERE: Failed to initialize end point associated with ProtocolHandler ["http-bio-8090"]
java.net.BindException: Permission denied (Bind failed) <null>:8090
 
the catalina server is showing following error in the log:
SEVERE: Failed to initialize end point associated with ProtocolHandler ["http-bio-8090"]
java.net.BindException: Permission denied (Bind failed) <null>:8090
It's probably what I mentioned in my first reply, selinux. Check your log file to be sure it's selinux:
Code:
grep avc /var/log/audit/audit.log
Then add the port to your selinux to allow it to bind as http port. Read the man page:
Code:
man semanage port
 
Last edited:
grep avc /var/log/audit/audit.log
type=USER_AVC msg=audit(1595343305.680:445): pid=423 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc: received policyload notice (seqno=2) exe=2F7573722F62696E2F646275732D6461656D6F6E3B3566313730313931202864656C6574656429 sauid=81 hostname=? addr=? terminal=?'
type=AVC msg=audit(1595567971.725:317): avc: denied { name_bind } for pid=1983 comm="java" src=8090 scontext=system_u:system_r:tomcat_t:s0 tcontext=system_u:eek:bject_r:unreserved_port_t:s0 tclass=tcp_socket permissive=0
type=AVC msg=audit(1595570522.592:379): avc: denied { name_bind } for pid=2144 comm="java" src=8090 scontext=system_u:system_r:tomcat_t:s0 tcontext=system_u:eek:bject_r:unreserved_port_t:s0 tclass=tcp_socket permissive=0
type=AVC msg=audit(1595601828.089:182): avc: denied { name_bind } for pid=1331 comm="java" src=8090 scontext=system_u:system_r:tomcat_t:s0 tcontext=system_u:eek:bject_r:unreserved_port_t:s0 tclass=tcp_socket permissive=0
type=AVC msg=audit(1595604081.421:379): avc: denied { name_bind } for pid=1577 comm="java" src=8090 scontext=system_u:system_r:tomcat_t:s0 tcontext=system_u:eek:bject_r:unreserved_port_t:s0 tclass=tcp_socket permissive=0
type=AVC msg=audit(1595609429.377:760): avc: denied { name_bind } for pid=2379 comm="java" src=8090 scontext=system_u:system_r:tomcat_t:s0 tcontext=system_u:eek:bject_r:unreserved_port_t:s0 tclass=tcp_socket permissive=0
type=AVC msg=audit(1595610182.369:1558): avc: denied { name_bind } for pid=2705 comm="java" src=8090 scontext=system_u:system_r:tomcat_t:s0 tcontext=system_u:eek:bject_r:unreserved_port_t:s0 tclass=tcp_socket permissive=0
type=AVC msg=audit(1595611358.439:3982): avc: denied { name_bind } for pid=3244 comm="java" src=8090 scontext=system_u:system_r:tomcat_t:s0 tcontext=system_u:eek:bject_r:unreserved_port_t:s0 tclass=tcp_socket permissive=0
type=AVC msg=audit(1595655314.254:130): avc: denied { name_bind } for pid=847 comm="java" src=8090 scontext=system_u:system_r:tomcat_t:s0 tcontext=system_u:eek:bject_r:unreserved_port_t:s0 tclass=tcp_socket permissive=0
type=AVC msg=audit(1595657920.820:198): avc: denied { name_bind } for pid=1523 comm="java" src=8090 scontext=system_u:system_r:tomcat_t:s0 tcontext=system_u:eek:bject_r:unreserved_port_t:s0 tclass=tcp_socket permissive=0
 
Yes so like I said selinux is blocking you from binding on port 8090. Add port 8090 as a http port, read the man page I mentioned, and use the example on port 8090.
 
Thanks for helping me solve my issue. my grattitudes. "grep avc /var/log/audit/audit.log " it was se linux issue. By the way what is a this avc folder and where can I read official documentation about this folder in centos 7?
 
Thanks for helping me solve my issue. my grattitudes. "grep avc /var/log/audit/audit.log " it was se linux issue. By the way what is a this avc folder and where can I read official documentation about this folder in centos 7?
You can read the rhel7 documentation about selinux.
 

Members online


Top