[jboss-jira] [JBoss JIRA] (WFLY-6915) Mod cluster not working with non-root user

Rafael Pereira (JIRA) issues at jboss.org
Wed Aug 3 13:31:00 EDT 2016 

Rafael Pereira created WFLY-6915:
------------------------------------

             Summary: Mod cluster not working with non-root user
                 Key: WFLY-6915
                 URL: https://issues.jboss.org/browse/WFLY-6915
             Project: WildFly
          Issue Type: Feature Request
          Components: mod_cluster
    Affects Versions: 10.0.0.Final
         Environment: OS's tested:
# Red Hat Enterprise Linux Server release 6.5 (Santiago)
# CentOS Linux release 7.2.1511 (Core) 

*SELINUX*: Disabled
*IPTABLES/FIREWALLD: *disabled with no rules

#wildfly: 10.0.0.Final

#httpd:
httpd-2.2.15-31.el6_5.x86_64
httpd-tools-2.2.15-31.el6_5.x86_64
httpd-devel-2.2.15-31.el6_5.x86_64

#modcluster/httpd version: 1.2.6
            Reporter: Rafael Pereira
            Assignee: Radoslav Husar


When I run wildfly with a non-root user(wildfly)  mod_cluster won't work. I got this error:

14:09:06,327 ERROR [org.jboss.modcluster] (UndertowEventHandlerAdapter - 1) MODCLUSTER000043: Failed to send INFO command to relatorios.sistemafieg.org.br/11.12.13.14:6666: Permission denied

Steps to reproduce
# Adding user
{code:shell}
groupadd -r wildfly
useradd -r -g wildfly -d /opt/wildfly -s /sbin/nologin wildfly
{code}

#use init.d or systemd script
{code:shell}
wildfly-10.0.0.Final/docs/contrib/scripts/init.d/wildfly-init-redhat.sh
{code}

#start wildfly and register proxy list and socket binding
{code:shell}
/socket-binding-group=ha-sockets/remote-destination-outbound-socket-binding=mod_cluster:add(port=6666,host=11.12.13.14)
/profile=ha/subsystem=modcluster/mod-cluster-config=configuration:write-attribute(name=proxies,value=[mod_cluster])
{code}

#edit wildfly.conf
{code:shell}
JBOSS_HOME="/opt/wildfly/server"
JBOSS_USER=wildfly
JBOSS_MODE=domain
JBOSS_HOST_CONFIG=host.xml
JBOSS_CONSOLE_LOG="/var/log/wildfly/console.log"
JBOSS_OPTS="-Djboss.domain.base.dir=/opt/wildfly/config/domain -Djboss.bind.address.management=11.12.13.10 -Djboss.bind.address=11.12.13.10"
{code}
#edit httpd.conf

{code}
LoadModule slotmem_module modules/mod_slotmem.so
LoadModule manager_module modules/mod_manager.so
LoadModule proxy_cluster_module modules/mod_proxy_cluster.so
LoadModule advertise_module modules/mod_advertise.so

Listen 6666
<VirtualHost *:6666>
    <Location />
        Order deny,allow
        Deny from all
        Allow from 11.12.13
    </Location>
    <Location /mcm>
        SetHandler mod_cluster-manager
        Order deny,allow
        Allow from all
    </Location>
    KeepAliveTimeout 300
    MaxKeepAliveRequests 0
    Timeout 5400
    ProxyTimeout 5400
    EnableMCPMReceive On
    ManagerBalancerName   myCluster
    ServerAdvertise Off 
    ErrorLog logs/cluster-error.log
    CustomLog logs/cluster-access.log INFO
</VirtualHost>
{code}




--
This message was sent by Atlassian JIRA
(v6.4.11#64026)

More information about the jboss-jira mailing list