]
Rafael Pereira commented on WFLY-6915:
--------------------------------------
Thank you. Thats great news. Great effort.
Mod cluster not working with non-root user
------------------------------------------
Key: WFLY-6915
URL:
https://issues.jboss.org/browse/WFLY-6915
Project: WildFly
Issue Type: Bug
Components: mod_cluster
Affects Versions: 10.0.0.Final
Environment: OS's tested:
# Red Hat Enterprise Linux Server release 6.5 (Santiago)
# CentOS Linux release 7.2.1511 (Core)
*SELINUX*: Disabled
*IPTABLES/FIREWALLD: *disabled with no rules
#wildfly: 10.0.0.Final
#httpd:
httpd-2.2.15-31.el6_5.x86_64
httpd-tools-2.2.15-31.el6_5.x86_64
httpd-devel-2.2.15-31.el6_5.x86_64
#modcluster/httpd version: 1.2.6
Reporter: Rafael Pereira
Assignee: Radoslav Husar
Fix For: 11.0.0.Alpha1
When I run wildfly with a non-root user(wildfly) mod_cluster won't work. I got this
error:
14:09:06,327 ERROR [org.jboss.modcluster] (UndertowEventHandlerAdapter - 1)
MODCLUSTER000043: Failed to send INFO command to
relatorios.sistemafieg.org.br/11.12.13.14:6666: Permission denied
This happens when I use port-offset>0 and run wildfly service.
However, if I run with root user, this error won't happen
Steps to reproduce
1. Adding user
{code:shell}
groupadd -r wildfly
useradd -r -g wildfly -d /opt/wildfly -s /sbin/nologin wildfly
{code}
2. use init.d or systemd script
{code:shell}
wildfly-10.0.0.Final/docs/contrib/scripts/init.d/wildfly-init-redhat.sh
{code}
3. start wildfly and register proxy list and socket binding
{code:shell}
/socket-binding-group=ha-sockets/remote-destination-outbound-socket-binding=mod_cluster:add(port=6666,host=11.12.13.14)
/profile=ha/subsystem=modcluster/mod-cluster-config=configuration:write-attribute(name=proxies,value=[mod_cluster])
{code}
4. edit wildfly.conf
{code:shell}
JBOSS_HOME="/opt/wildfly/server"
JBOSS_USER=wildfly
JBOSS_MODE=domain
JBOSS_HOST_CONFIG=host.xml
JBOSS_CONSOLE_LOG="/var/log/wildfly/console.log"
JBOSS_OPTS="-Djboss.domain.base.dir=/opt/wildfly/config/domain
-Djboss.bind.address.management=11.12.13.10 -Djboss.bind.address=11.12.13.10"
{code}
5. edit httpd.conf
{code}
LoadModule slotmem_module modules/mod_slotmem.so
LoadModule manager_module modules/mod_manager.so
LoadModule proxy_cluster_module modules/mod_proxy_cluster.so
LoadModule advertise_module modules/mod_advertise.so
Listen 6666
<VirtualHost *:6666>
<Location />
Order deny,allow
Deny from all
Allow from 11.12.13
</Location>
<Location /mcm>
SetHandler mod_cluster-manager
Order deny,allow
Allow from all
</Location>
KeepAliveTimeout 300
MaxKeepAliveRequests 0
Timeout 5400
ProxyTimeout 5400
EnableMCPMReceive On
ManagerBalancerName myCluster
ServerAdvertise Off
ErrorLog logs/cluster-error.log
CustomLog logs/cluster-access.log INFO
</VirtualHost>
{code}
6. Run with service or systemctl command: *service wildfly start*
*Environment:*
OS's tested:
# Red Hat Enterprise Linux Server release 6.5 (Santiago)
# CentOS Linux release 7.2.1511 (Core)
*SELINUX*: Disabled
*IPTABLES/FIREWALLD: * disabled and no rules set
*wildfly:* 10.0.0.Final
*httpd:*
httpd-2.2.15-31.el6_5.x86_64
httpd-tools-2.2.15-31.el6_5.x86_64
httpd-devel-2.2.15-31.el6_5.x86_64
*modcluster/httpd version:* 1.2.6