Upgrade tomcat 9 server wont start (RESOLVED)

jvc · October 6, 2021, 3:13pm

Hello All

My first post, I hope someone can help as run out of ideas

We have a customer that discovered our Lucee 5.3.3.67 / Tomcat 9.0.41 install has a vulnerability or two so need to upgrade tomcat.

My working lucee installation has this state:

OS: Ubuntu 20.04
Java Version: Open jdk 11.0.9.1
Tomcat Version: 9.0.41
Lucee Version: 5.3.3.67 (UPDATE: also tried 5.3.8.206)

I have tried upgrades to tomcat 9.0.48,.54 and .53 by doing the following

sudo systemctl stop lucee_ctl
cd /opt/lucee/tomcat
# backup lib
mv lib lib-working
# wget tomcat... create new lib folder from downloaded lib folder
cp -r new-tomcat/lib .  
# add execute perm to avoid canRead[false] errors
chmod g+x lib/*.jar
sudo systemctl start lucee_ctl

The service doesnt start though:

tail -f -n 50 logs/catalina.out

NOTE: Picked up JDK_JAVA_OPTIONS:  --add-opens=java.base/java.lang=ALL-UNNAMED --add-opens=java.base/java.io=ALL-UNNAMED --add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED
java.lang.NoSuchMethodError: 'boolean org.apache.tomcat.util.buf.UriUtil.isAbsoluteURI(java.lang.String)'
        at org.apache.catalina.startup.CatalinaBaseConfigurationSource.getResource(CatalinaBaseConfigurationSource.java:84)
...

We have been trying to get this working off and on for the last 6 months and now it has landed on my lap.

Anyone had this before? Is there more to do for a tomcat upgrade? Do I need to upgrade Lucee as well?

Any help would be super welcome

Thank you

JC

andreas · October 6, 2021, 9:13pm

Hi @jvc,

because I need to upgrade my Tomcat too, I just did the upgrade from Apache Tomcat/9.0.40 to 9.0.54.0 (latest version). It’s up in running on my dev environment. I did the following procedure (please excuse that I’m not providing all in terminal command lines here, cause l’m not a command line expert and I like using tunneled GUIs on Ubuntu),

Step: Backup your Tomcat folder /opt/lucee/tomcat to /opt/lucee/tomcat_backup, so you can rollback at sometime if necessary.
Step: download the latest Tomcat (latest as today) with:
wget https://dlcdn.apache.org/tomcat/tomcat-9/v9.0.54/bin/apache-tomcat-9.0.54.tar.gz
Step: extract the archive with
$ tar -xvzf apache-tomcat-9.0.54.tar.gz to /home/username/apache-tomcat-9.0.54/
Step: stop Lucee:
$ sudo /opt/lucee/lucee_ctl stop
Step: copy the files in /home/username/apache-tomcat-9.0.54/lib/ to /opt/lucee/tomcat/lib/ (overwriting old files)
Step: copy the files from /home/username/apache-tomcat-9.0.54/bin/ to /opt/lucee/tomcat/bin/ (overwriting old files). You’ll note that setenv.sh will be left unchanged. Keep that file right there, because it has the starting configuration settings for Tomcat/Lucee created by the Lucee installer. That file is still valid and needed.
Step: Give the user that is running tomcat on your machine “read and execution” permisson for the copied files in /opt/lucee/tomcat/bin/ (execution permission is needed by the shell script files)
Step: Give the user that is running tomcat on your machine read permisson for the copied files in /opt/lucee/tomcat/jar/
Step: Start Lucee/Tomcat with
$ sudo /opt/lucee/lucee_ctl start

Then watch the catalina logs.

It’s always good to update Lucee to the latest stable release. You can update Lucee from within your Lucee Server Administrator. Also, I always like to backup my Lucee Server Administrators/Lucee Web Administrator settings before doing such upgrades (just to be sure).

jvc · October 7, 2021, 12:06pm

Hello @andreas,

Thank you for the super-prompt response! Based on testing so far it worked! All I was missing was the “bin/” folder. The instructions I had didn’t mention bin/ .Thanks a lot

And yes I agree is always good to upgrade Lucee, and we normally do, I was just wondering if Lucee 5.3.3.67 had a problem with Tomcat > 9.0.41.

We now have a Lucee@5.3.8.206/Tomcat@9.0.54 server to test the apps with.

Thanks again!

Knut · October 11, 2021, 8:07am

In my case the file ‘/opt/lucee/tomcat/lib/ecj-4.18.jar’ was not overwritten when copying the new *.jar files because it contains a version number in its file name and the new *.jar file has a different version number (‘ecj-4.20.jar’) in its file name .

I think it makes perfect sense to delete the outdated file (for example: ecj-4.18.jar) in the target directory /opt/lucee/tomcat/lib/ to be on the safe side.

Otherwise I would like to say thank you to @andreas for the good Tomcat update description.

Wouldn’t it make sense to include this Tomcat update description in the Lucee documentation?
I think this could be very helpful for many Lucee users in the future.

andreas · October 11, 2021, 10:27am

This is a very valuable information. Didn’t see that! Thank you very much Knut!

Yes @Knut, I just didn’t had the time for contributing to the Lucee docs lately. I’m going to PR it as a Hacktoberfest 2021 contribution soon!

Knut · October 11, 2021, 11:19am

@andreas
In addition, I would suggest that you also copy the following files into the target directory /opt/lucee/tomcat in order to have the latest information about the new Tomcat version:

BUILDING.txt
CONTRIBUTING.md
LICENSE
NOTICE
README.md
RELEASE NOTES
RUNNING.txt

That would be great.

Question:
What do you think, will this Tomcat update method only work for minor version updates (for example 9.0.48 → 9.0.54) or also for major version updates (for example 8.5.72 → 9.0.54)?

If it could lead to problems with major updates, in my opinion it should be pointed out later in the Lucee documentation.

andreas · October 11, 2021, 6:52pm

I can’t tell for sure Knut. I did various upgrades from 8.0 up to 9.0.x that way and that always worked, and that way is also pretty widespread around the community. But I wouldn’t bet that it will always go well. Such mayor upgrades can always have unpredictable breaking changes. But that steps are the usual way I do it, then after restarting the engine I watch the logs for errors and read/look the offical Tomcat documentation.
,

Knut · October 12, 2021, 11:56am

Ok I understand. Thank you.

I just saw that there is an Apache Tomcat Migration Guide (Apache Tomcat® - Migration Guide). It certainly doesn’t hurt to take a look at this Migration Guide.

There is also a practical DIFF viewer in each Migration Guide. This is a very good way of looking at the version differences in the various Tomcat configuration files.

Terry_Whitney · October 12, 2021, 6:04pm

This is the procedure We follow

install tomcat X
configure tomcat x
install lucee as war
update configuration
point / code
test / deploy