Error when installing Apache on Tomcat7: "file...has no symbols" - apache

I tried to install apache [APR][1] on Tomcat7.
What I did was:
tar xvf apache-tomcat/bin/tomcat-native.tar.gz
./configure --with-apr=/usr/local/apr --without-ssl
make install
APR was not installed correctly I get the output:
make[1]: Nothing to be done for `local-all'.
/usr/local/apr/build-1/mkdir.sh /usr/local/apr/include/apr-1 /usr/local/apr/lib/pkgconfig \
/usr/local/apr/lib /usr/local/apr/bin
/usr/bin/install -c -m 644 tcnative.pc /usr/local/apr/lib/pkgconfig/tcnative-1.pc
list=''; for i in $list; do \
( cd $i ; make DESTDIR= install ); \
done
/bin/sh /usr/local/apr/build-1/libtool --mode=install /usr/bin/install -c -m 755 libtcnative-1.la /usr/local/apr/lib
libtool: install: /usr/bin/install -c -m 755 .libs/libtcnative-1.0.dylib /usr/local/apr/lib/libtcnative-1.0.dylib
libtool: install: (cd /usr/local/apr/lib && { ln -s -f libtcnative-1.0.dylib libtcnative-1.dylib || { rm -f libtcnative-1.dylib && ln -s libtcnative-1.0.dylib libtcnative-1.dylib; }; })
libtool: install: /usr/bin/install -c -m 755 .libs/libtcnative-1.lai /usr/local/apr/lib/libtcnative-1.la
libtool: install: /usr/bin/install -c -m 755 .libs/libtcnative-1.a /usr/local/apr/lib/libtcnative-1.a
libtool: install: chmod 644 /usr/local/apr/lib/libtcnative-1.a
libtool: install: ranlib /usr/local/apr/lib/libtcnative-1.a
ranlib: file: /usr/local/apr/lib/libtcnative-1.a(sslutils.o) has no symbols
What is wrong here?
When running Tomcat I get the following output:
Aug 07, 2013 2:16:14 AM org.apache.catalina.core.AprLifecycleListener init
INFO: The APR based Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path:

Related

How to run Apache as non-root user?

I'm building an image from the following Dockerfile and following command docker build --rm -f "Dockerfile" -t non_root_image_plz_work .:
DockerFile
FROM node:14.7.0-buster-slim AS apache_for_selenium
# Create non-root group and user
RUN addgroup --system shared-folder \
&& adduser --system --home /var/cache/shared-folder --group shared-folder --uid 1001
# Make Port accessable
EXPOSE 80/tcp
# Set Node env.Name
ENV NODE_ENV=dev
RUN apt-get -qq update && apt-get -qq install -y --no-install-recommends nano git openssl bash musl curl apache2 apache2-utils systemd && \
systemctl enable apache2 && npm config set registry http://localhost:5000/repository/repo && \
npm i -g pm2 serve && mkdir /usr/share/shared-folder
RUN ln -sf /dev/stdout /var/log/apache2/access.log && \
ln -sf /dev/stderr /var/log/apache2/error.log
WORKDIR /usr/share/shared-folder
COPY . /usr/share/shared-folder/
RUN npm install && npm cache clean --force && npm cache verify && \
rm /var/www/html/index.html && \
ln -s /usr/share/shared-folder/mochawesome-report /var/www/html/mochawesome-report && \
chown www-data -R /var/www/html/mochawesome-report && chgrp www-data -R /var/www/html/mochawesome-report
VOLUME /usr/share/shared-folder/mochawesome-report
USER 1001
CMD [ "sh", "-c", "service apache2 start ; pm2-runtime process.yml --no-daemon" ]
When I try to run the image using docker run non_root_image_plz_work, I get the following error:
Error after running docker run command:
Starting Apache httpd web server: apache2 failed!
The apache2 configtest failed. ... (warning).
Output of config test was:
mkdir: cannot create directory '/var/run/apache2': Permission denied
chown: changing ownership of '/var/lock/apache2.3FGoa8Y71E': Operation not permitted
It seems to be a permissions issue, as if I'm not properly running the container as a non-root user. Any suggestions on how I can get the container to run properly as a non-root user?
Note: I used a dummy registry in the Dockerfile for I don't want to show the actual registry, thanks

In Docker, all folders are owned by root. Without knowing your directory structure, I guess your problem is, that your user 1001 (or the setup programm which is run with 1001's permission) tries to access directories that (probably) are owned by root.
Either you can try:
Change your permissions of the folders.
This can be used of you know which folders are accessed and want to prevent further permission issues.
chmod -R 777 /path/to/folder
Give your user proper permissions.
Here is a very quick walkthrough. Please comment if it didn't slove your problem and I'll try to update this for a more specific answer.
A small example (taken from here).
You can setup your non-root-user foo with passwordless access:
RUN \
groupadd -g 1001 foo && useradd -u 1001 -g foo -G sudo -m -s /bin/bash 1001
&& \
sed -i /etc/sudoers -re 's/^%sudo.*/%sudo ALL=(ALL:ALL) NOPASSWD: ALL/g' && \
sed -i /etc/sudoers -re 's/^root.*/root ALL=(ALL:ALL) NOPASSWD: ALL/g' && \
sed -i /etc/sudoers -re 's/^#includedir.*/## **Removed the include directive** ##"/g' && \
echo "foo ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers; su - foo -c id
Hint: You will probably need to install sudo
apt-get install sudo
Now, try running the entrypoint (or your commad) with sudo.
EDIT:
I've updated the answer to match your Docker-File. Have a look at it. The user nonroot is assigned uuid 1001 and added to /etc/sudoers. Also your command is now run with sudo which should prevent the permission issues.
FROM node:14.7.0-buster-slim AS apache_for_selenium
# Create non-root group and user
RUN addgroup --system shared-folder \
&& adduser --system --home /var/cache/shared-folder --ingroup shared-folder --uid 1001 nonroot
# Make Port accessable
EXPOSE 80/tcp
# Set Node env.Name
ENV NODE_ENV=dev
RUN apt-get -qq update && apt-get -qq install -y --no-install-recommends \
sudo nano git openssl bash musl curl apache2 apache2-utils systemd \
&& systemctl enable apache2
#\
# && #npm config set registry http://localhost:5000/repository/repo && \
#npm i -g pm2 serve && mkdir /usr/share/shared-folder
RUN ln -sf /dev/stdout /var/log/apache2/access.log && \
ln -sf /dev/stderr /var/log/apache2/error.log
WORKDIR /usr/share/shared-folder
COPY . /usr/share/shared-folder/
RUN npm install && npm cache clean --force && npm cache verify && \
rm /var/www/html/index.html && \
ln -s /usr/share/shared-folder/mochawesome-report /var/www/html/mochawesome-report && \
chown www-data -R /var/www/html/mochawesome-report && chgrp www-data -R /var/www/html/mochawesome-report
VOLUME /usr/share/shared-folder/mochawesome-report
RUN \
sed -i /etc/sudoers -re 's/^%sudo.*/%sudo ALL=(ALL:ALL) NOPASSWD: ALL/g' && \
sed -i /etc/sudoers -re 's/^root.*/root ALL=(ALL:ALL) NOPASSWD: ALL/g' && \
sed -i /etc/sudoers -re 's/^#includedir.*/## **Removed the include directive** ##"/g' && \
echo "nonroot ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
USER nonroot
CMD [ "sudo sh", "-c", "service apache2 start ; pm2-runtime process.yml --no-daemon" ]

The problem here: apache is special user. it only can start by root user.
you can not start apache by another user. That why you got permission deny.
Seen i saw your dockerfile. your user created is normal user.
Try make script like below with name apache-start :
#!/bin/sh
set -e
# Apache gets grumpy about PID files pre-existing
rm -f /usr/local/apache2/logs/httpd.pid
exec httpd -DFOREGROUND "$#"
and your docker file should be like
FROM node:14.7.0-buster-slim AS apache_for_selenium
# Create non-root group and user
RUN addgroup --system shared-folder \
&& adduser --system --home /var/cache/shared-folder --group shared-folder --uid 1001
# Make Port accessable
EXPOSE 80/tcp
# Set Node env.Name
ENV NODE_ENV=dev
RUN apt-get -qq update && apt-get -qq install -y --no-install-recommends nano git openssl bash musl curl apache2 apache2-utils systemd && \
systemctl enable apache2 && npm config set registry http://localhost:5000/repository/repo && \
npm i -g pm2 serve && mkdir /usr/share/shared-folder
RUN ln -sf /dev/stdout /var/log/apache2/access.log && \
ln -sf /dev/stderr /var/log/apache2/error.log
WORKDIR /usr/share/shared-folder
COPY . /usr/share/shared-folder/
RUN npm install && npm cache clean --force && npm cache verify && \
rm /var/www/html/index.html && \
ln -s /usr/share/shared-folder/mochawesome-report /var/www/html/mochawesome-report && \
chown www-data -R /var/www/html/mochawesome-report && chgrp www-data -R /var/www/html/mochawesome-report
VOLUME /usr/share/shared-folder/mochawesome-report
COPY apache-start /usr/local/bin/
CMD ["apache-start"]
USER 1001

Another option is to switch to podman tool which is an alternative to Docker. With podman you can run containers (the same images you use in Docker) but with normal users. That has a lot of benefits specially from security point of view.

Building Tensorflow with Bazel: Executing genrule #png_archive//:configure failed

I've been trying to understand why I can't build Tensorflow with Bazel.
I've been following the install instructions from the Tensorflow webpage here.
Here's my output when I build with the command bazel build -c opt --config=cuda --verbose_failures //tensorflow/cc:tutorials_example_trainer
[mcochrane#Matt-PC-Fedora tensorflow]$ bazel build -c opt --config=cuda --verbose_failures //tensorflow/cc:tutorials_example_trainer
INFO: Found 1 target...
INFO: From Executing genrule #png_archive//:configure:
/home/mcochrane/.cache/bazel/_bazel_mcochrane/fd0e4dd3891f9c98b9d8308260aad0f3/tensorflow/external/png_archive/libpng-1.2.53 /home/mcochrane/.cache/bazel/_bazel_mcochrane/fd0e4dd3891f9c98b9d8308260aad0f3/tensorflow
/tmp/tmp.52xPGPoCo8 /home/mcochrane/.cache/bazel/_bazel_mcochrane/fd0e4dd3891f9c98b9d8308260aad0f3/tensorflow/external/png_archive/libpng-1.2.53 /home/mcochrane/.cache/bazel/_bazel_mcochrane/fd0e4dd3891f9c98b9d8308260aad0f3/tensorflow
checking for a BSD-compatible install... /bin/install -c
checking whether build environment is sane... yes
checking for a thread-safe mkdir -p... /bin/mkdir -p
checking for gawk... gawk
checking whether make sets $(MAKE)... yes
checking whether make supports nested variables... yes
checking whether to enable maintainer-specific portions of Makefiles... no
checking for gcc... gcc
checking whether the C compiler works... no
configure: error: in `/tmp/tmp.52xPGPoCo8':
configure: error: C compiler cannot create executables
See `config.log' for more details
ERROR: /home/mcochrane/.cache/bazel/_bazel_mcochrane/fd0e4dd3891f9c98b9d8308260aad0f3/external/png_archive/BUILD:23:1: Executing genrule #png_archive//:configure failed: bash failed: error executing command
(cd /home/mcochrane/.cache/bazel/_bazel_mcochrane/fd0e4dd3891f9c98b9d8308260aad0f3/tensorflow && \
exec env - \
PATH=/usr/lib64/qt-3.3/bin:/bin:/usr/bin:/usr/local/bin:/usr/local/sbin:/usr/sbin:/home/mcochrane/.local/bin:/home/mcochrane/bin \
/bin/bash -c 'source tools/genrule/genrule-setup.sh; pushd external/png_archive/libpng-1.2.53; workdir=$(mktemp -d -t tmp.XXXXXXXXXX); cp -a * $workdir; pushd $workdir; ./configure --enable-shared=no --with-pic=no; popd; popd; cp $workdir/config.h bazel-out/local_linux-opt/genfiles/external/png_archive/libpng-1.2.53; rm -rf $workdir;'): bash failed: error executing command
(cd /home/mcochrane/.cache/bazel/_bazel_mcochrane/fd0e4dd3891f9c98b9d8308260aad0f3/tensorflow && \
exec env - \
PATH=/usr/lib64/qt-3.3/bin:/bin:/usr/bin:/usr/local/bin:/usr/local/sbin:/usr/sbin:/home/mcochrane/.local/bin:/home/mcochrane/bin \
/bin/bash -c 'source tools/genrule/genrule-setup.sh; pushd external/png_archive/libpng-1.2.53; workdir=$(mktemp -d -t tmp.XXXXXXXXXX); cp -a * $workdir; pushd $workdir; ./configure --enable-shared=no --with-pic=no; popd; popd; cp $workdir/config.h bazel-out/local_linux-opt/genfiles/external/png_archive/libpng-1.2.53; rm -rf $workdir;').
Target //tensorflow/cc:tutorials_example_trainer failed to build
INFO: Elapsed time: 2.229s, Critical Path: 0.71s
It's a bit cryptic. Bash just fails with the following message which doesn't really provide a whole lot of insight.
bash failed: error executing command
(cd /home/mcochrane/.cache/bazel/_bazel_mcochrane/fd0e4dd3891f9c98b9d8308260aad0f3/tensorflow && \
exec env - \
PATH=/usr/lib64/qt-3.3/bin:/bin:/usr/bin:/usr/local/bin:/usr/local/sbin:/usr/sbin:/home/mcochrane/.local/bin:/home/mcochrane/bin \
/bin/bash -c 'source tools/genrule/genrule-setup.sh; pushd external/png_archive/libpng-1.2.53; workdir=$(mktemp -d -t tmp.XXXXXXXXXX); cp -a * $workdir; pushd $workdir; ./configure --enable-shared=no --with-pic=no; popd; popd; cp $workdir/config.h bazel-out/local_linux-opt/genfiles/external/png_archive/libpng-1.2.53; rm -rf $workdir;').
Has anyone else come across this error when compiling with bazel?
EDIT: extra info
OS is Fedora23 (kernel 4.2.6-300.fc23)
gcc version is 5.1.1 20150618 (Red Hat 5.1.1-4) (GCC)
[mcochrane#Matt-PC-Fedora tensorflow]$ gcc -v
Using built-in specs.
COLLECT_GCC=gcc
COLLECT_LTO_WRAPPER=/usr/libexec/gcc/x86_64-redhat-linux/5.1.1/lto-wrapper
Target: x86_64-redhat-linux
Configured with: ../configure --enable-bootstrap --enable-languages=c,c++,objc,obj-c++,fortran,ada,go,lto --prefix=/usr --mandir=/usr/share/man --infodir=/usr/share/info --with-bugurl=http://bugzilla.redhat.com/bugzilla --enable-shared --enable-threads=posix --enable-checking=release --enable-multilib --with-system-zlib --enable-__cxa_atexit --disable-libunwind-exceptions --enable-gnu-unique-object --enable-linker-build-id --with-linker-hash-style=gnu --enable-plugin --enable-initfini-array --disable-libgcj --with-isl --enable-libmpx --enable-gnu-indirect-function --with-tune=generic --with-arch_32=i686 --build=x86_64-redhat-linux
Thread model: posix
gcc version 5.1.1 20150618 (Red Hat 5.1.1-4) (GCC)
ldd version is: (GNU libc) 2.22

php app files permission after docker build

I'm trying to build docker image with SuiteCRM using this Dockerfile:
FROM php:5.4-apache
RUN a2enmod rewrite
RUN apt-get update \
&& apt-get install -y apt-utils \
&& apt-get install -y libpng12-dev libjpeg-dev mercurial zip nano \
&& docker-php-ext-configure gd --with-jpeg-dir=/usr/lib \
&& docker-php-ext-install gd \
&& docker-php-ext-install mysqli \
&& docker-php-ext-install pdo_mysql \
&& apt-get -y install re2c libmcrypt-dev \
&& docker-php-ext-install mcrypt \
&& apt-get -y install zlib1g-dev \
&& docker-php-ext-install zip \
&& apt-get purge --auto-remove -y zlib1g-dev \
&& apt-get -y install libssl-dev libc-client2007e-dev libkrb5-dev \
&& docker-php-ext-configure imap --with-imap-ssl --with-kerberos \
&& docker-php-ext-install imap mbstring json \
&& rm -rf /var/lib/apt/lists/*
RUN curl -k -L -o suitecrm.zip "https://suitecrm.com/component/dropfiles/?task=frontfile.download&id=35"
RUN unzip -q suitecrm.zip -d /var/www/
RUN rm suitecrm.zip
RUN rm -rf /var/www/html && mv /var/www/suitecrm-7.2.2-max /var/www/html
RUN rm -rf /var/www/suitecrm-7.2.2-max
RUN chown -R www-data:www-data /var/www/html
RUN chmod -R 755 /var/www/html
RUN chmod -R 775 cache custom modules themes data upload config_override.php
EXPOSE 80
CMD ["apache2-foreground"]
Then image built and ran I've got an errors:
Warning: include(include/MVC/preDispatch.php): failed to open stream: Permission denied in /var/www/html/index.php on line 42
...
File owner is www-data:www-data
$ docker exec -t suite_web_dev ls -la index.php
-rwxr-xr-x 1 www-data www-data 2525 Mar 2 18:04 index.php
$ docker exec -t suite_web_dev ls -la include/MVC/preDispatch.php
-rwxr-xr-x 1 www-data www-data 2766 Mar 2 18:04 include/MVC/preDispatch.php
If I exclude form Dockerfile lines where it downloading App and changing files permissions, and call these commands after image start, everything works fine.
RUN curl -k -L -o ...
...
RUN chmod -R 775 cache custom modules themes data upload config_override.php
What differens between changing permission at build and after run? What I need to do for build image with App code?
Upd:
docker runs under boot2docker:
Boot2Docker-cli version: v1.7.1
Docker version 1.7.1

The permission does not seem to be on a file, but on 'open stream' operation.
This could be one of the causes:
When you install your application in the docker file, the hostname of the final container will no longer be the same as the hostname of the temporary container used while building the image. The app installer might fetch the hostname and store it in some configuration file.
If that is the case, then, when you run the container, you should execute a script which replaces the hostname in the config.

How do I remove SPDY (mod-spdy)?

I have tested with SPDY how do I get the uninstall now?
dpkg -r -P mod-spdy or dpkg -r -P mod-spdy-*.deb does not work.
What am i doing wrong ?
I installed with:
cd /tmp
wget https://dl-ssl.google.com/dl/linux/direct/mod-spdy-beta_current_amd64.deb
dpkg -i mod-spdy-*.deb
apt-get -f install
cat /etc/apt/sources.list.d/mod-spdy.list
Edit
dpkg -r mod-spdy-beta and dpkg -P mod-spdy-beta and it works: s

using homebrew apxs from homebrew apache httpd24 fails with libtool: compile: unable to infer tagged configuration

using homebrew apxs from homebrew apache httpd24 fails with libtool: compile: unable to infer tagged configuration
$ apxs -i -c -Wc,"-arch x86_64" -Wl,"-arch x86_64 " mod_uwsgi.c
/usr/share/apr-1/build-1/libtool --silent --mode=compile cc -prefer-pic -DDARWIN -DSIGPROCMASK_SETS_THREAD_MASK -I/usr/local/Cellar/httpd24/2.4.3/include/apache2 -I/usr/include/apr-1 -I/usr/include/apr-1 -arch x86_64 -c -o mod_uwsgi.lo mod_uwsgi.c && touch mod_uwsgi.slo
libtool: compile: unable to infer tagged configuration
libtool: compile: specify a tag with `--tag'
apxs:Error: Command failed with rc=65536
.
What environment must I export to have libtool not complain about tag?

after digging through the source I found that if LTFLAGS is set to --tag=cc things work.
$ LTFLAGS=--tag=cc apxs -i -c mod_uwsgi.c