Sample Header Ad - 728x90

Tomcat catalina.sh starts correctly but starting tomcat.service gives Permission denied

1 vote
1 answer
3645 views
rhel systemctl tomcat
### Background On RHEL 8 I have Apache Tomcat v8.5.78 installed under /opt/tomcat/. User & group of the directory is set to tomcat:tomcat, so is the directory's content. I can start Tomcat with $ sudo -u tomcat /opt/tomcat/bin/catalina.sh start Now I try to manage Tomcat via systemctl. I have a tomcat.service file like this: 
[Unit]
Description=Tomcat Server
After=syslog.target network.target

[Service]
Type=forking
User=tomcat
Group=tomcat

Environment=JAVA_HOME=/usr/lib/jvm/jre
Environment='JAVA_OPTS=-Djava.awt.headless=true'
Environment=CATALINA_HOME=/opt/tomcat
Environment=CATALINA_BASE=/opt/tomcat
Environment=CATALINA_PID=/opt/tomcat/temp/tomcat.pid
Environment='CATALINA_OPTS=-Xms512M -Xmx2048M'
ExecStart=/opt/tomcat/bin/catalina.sh start
ExecStop=/opt/tomcat/bin/catalina.sh stop

[Install]
WantedBy=multi-user.target
Note that the service user & group is set to tomcat & tomcat as well. ### Problem When I startup Tomcat via systemctl: $ sudo systemctl start tomcat.service I get "Job for tomcat.service failed...". systemctl status tomcat.service shows 
● tomcat.service - Tomcat Server
   Loaded: loaded (/etc/systemd/system/tomcat.service; disabled; vendor preset: disabled)
   Active: failed (Result: exit-code) since Wed 2022-06-22 12:11:59 AEST; 1min 29s ago
  Process: 1641092 ExecStart=/opt/tomcat/bin/catalina.sh start (code=exited, status=203/EXEC)
and journalctl -xe gives: 
-- Unit tomcat.service has begun starting up.
Jun 22 11:41:47 my.server.local systemd: tomcat.service: Failed to execute command: Permission denied
Jun 22 11:41:47 my.server.local systemd: tomcat.service: Failed at step EXEC spawning /opt/tomcat/bin/catalina.sh: Permission d>-- Subject: Process /opt/tomcat/bin/catalina.sh could not be executed
*Why does systemctl reports permission problems when the service file specifies the same user with whom manual start up works?* ### Additional info #### Tomcat version The Tomcat version is a requirement - I cannot upgrade to a newer version. #### What I have tried additionally? 1. Having read https://unix.stackexchange.com/a/498494/45940 I tried in tomcat.service the directive Type=oneshot -- with no success. 2. Having read https://stackoverflow.com/a/58301082/65889 I tried setting in tomcat.service the working directory to /opt/tomcat/bin -- with no success
Asked by halloleo (649 rep)
Jun 22, 2022, 02:38 AM
Last activity: Sep 14, 2023, 02:05 AM
Sidebar Ad - 300x250
Related Questions

Browse more questions from Unix & Linux Stack Exchange

More questions tagged "rhel"
More questions tagged "systemctl"
More questions tagged "tomcat"
Footer Ad - 728x90