Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

addservlets broken due to SafeRun

Discussion in 'General Discussion' started by tizoo, Jan 15, 2018.

  1. tizoo

    tizoo Well-Known Member

    Joined:
    Jan 6, 2004
    Messages:
    69
    Likes Received:
    0
    Trophy Points:
    156
    CLOUDLINUX 6.9 standard [xxx] v68.0.25

    Hello,

    Since some weeks or months, each time we add servlets support to a domain, we have to add the configuration by hand in the server.xml Tomcat configuration file.

    It seems the problem is due to SafeRun. Here is the output of the commande :

    Code:
    # /scripts/addservlets --domain=example.com
    Scanning userdata...
    [2018-01-15 18:42:57 +0100] die [Internal Death while parsing [stdin] 191708] Cpanel::SafeRun::Simple prevents accidental execution of a shell.  If you intended to execute a shell use saferun(/bin/sh,-c,grep -r -I '^cp_jkmount.conf: 1' /var/cpanel/userdata) at /usr/local/cpanel/Cpanel/SafeRun/Simple.pm line 48.
       Cpanel::SafeRun::Simple::_saferun_r(ARRAY(0x1b036d8), 1) called at /usr/local/cpanel/Cpanel/SafeRun/Errors.pm line 16
       Cpanel::SafeRun::Errors::saferunallerrors("grep -r -I '^cp_jkmount.conf: 1' /var/cpanel/userdata") called at /usr/local/easy/sbin/easy-tomcat7-gentomcatlist2 line 47
     at /usr/local/cpanel/Cpanel/SafeRun/Simple.pm line 48.
       Cpanel::SafeRun::Simple::_saferun_r(ARRAY(0x1b036d8), 1) called at /usr/local/cpanel/Cpanel/SafeRun/Errors.pm line 16
       Cpanel::SafeRun::Errors::saferunallerrors("grep -r -I '^cp_jkmount.conf: 1' /var/cpanel/userdata") called at /usr/local/easy/sbin/easy-tomcat7-gentomcatlist2 line 47
    
    [A fatal error or timeout occurred while processing this directive.]
    
    Cpanel::SafeRun::Simple prevents accidental execution of a shell.  If you intended to execute a shell use saferun(/bin/sh,-c,grep -r -I '^cp_jkmount.conf: 1' /var/cpanel/userdata) at /usr/local/cpanel/Cpanel/SafeRun/Simple.pm line 48.
       Cpanel::SafeRun::Simple::_saferun_r(ARRAY(0x1b036d8), 1) called at /usr/local/cpanel/Cpanel/SafeRun/Errors.pm line 16
       Cpanel::SafeRun::Errors::saferunallerrors("grep -r -I '^cp_jkmount.conf: 1' /var/cpanel/userdata") called at /usr/local/easy/sbin/easy-tomcat7-gentomcatlist2 line 47
    Done: .jsp support installed for example.com
    Is there a way to fix that ?

    Thanks in advance for any tips.

    Best,
    Philippe
     
  2. cPJacob

    cPJacob cPanel Product Owner
    Staff Member

    Joined:
    May 2, 2014
    Messages:
    619
    Likes Received:
    96
    Trophy Points:
    103
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    Hi,

    We fixed this in our latest EA3 builds (3.34.20), you can run a new build and things should start working again.
     
  3. tizoo

    tizoo Well-Known Member

    Joined:
    Jan 6, 2004
    Messages:
    69
    Likes Received:
    0
    Trophy Points:
    156
    Hi Jacob,

    Thanks for your answer but I fear the new EA3 3.34.20 doesn't fix the problem.

    I updated EA3 through WHM (Home >> Software >> EasyApache3 and it automatically check for the last version). But this update doesn't change the script that make the error (/usr/local/easy/sbin/easy-tomcat7-gentomcatlist2).

    If that helps, we used the following patch to fix the problem :

    Code:
    diff -Naur a/easy-tomcat7-gentomcatlist2 b/easy-tomcat7-gentomcatlist2
    --- a/easy-tomcat7-gentomcatlist2    2018-01-16 08:11:04.882235872 +0100
    +++ b/easy-tomcat7-gentomcatlist2    2018-01-16 08:14:26.001891764 +0100
    @@ -47,7 +47,7 @@
     my %domain_owners;
     my $server_aliases = {};
     
    -my @lines = Cpanel::SafeRun::Errors::saferunallerrors("grep -r -I '^cp_jkmount.conf: 1' /var/cpanel/userdata");
    +my @lines = Cpanel::SafeRun::Errors::saferunallerrors("/bin/sh", "-c", "grep -r -I '^cp_jkmount.conf: 1' /var/cpanel/userdata");
     for my $line (@lines) {
         next unless $line =~ /cp_jkmount\.conf: 1/;    # Strip out any stderr lines
         $line =~ s/\:.*//;
    
    Best,
    Philippe
     
  4. cPWilliamL

    cPWilliamL cP Technical Analyst II
    Staff Member

    Joined:
    May 15, 2017
    Messages:
    257
    Likes Received:
    29
    Trophy Points:
    103
    Location:
    America
    cPanel Access Level:
    Root Administrator
    Thanks for sharing your detailed solution. I am surprised to hear the update did not correct your issue, as I've found several tickets marked with case EAL-3181 that the update did correct the issue.
     
  5. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,553
    Likes Received:
    40
    Trophy Points:
    308
    cPanel Access Level:
    Root Administrator
    Hi,

    Did you do a rebuild of EasyApache 3?

    The automatic check for latest version that happens when you go into the EasyApache 3 UI does not update the files installed (such as the tomcat RPMs). You need to do a rebuild of your EasyApache 3 profile for those to be updated.
     
  6. tizoo

    tizoo Well-Known Member

    Joined:
    Jan 6, 2004
    Messages:
    69
    Likes Received:
    0
    Trophy Points:
    156
    Hi Kenneth,

    Thank you for the tips.

    Right, we didn't make a rebuild of apache/php with EA3. The reason is that each time we do it we encounter the following problems :
    • The script do a reinstall of java support for each java account and reboot tomcat each time... This make the website of our customers beeing like down for hours.
    • The cp_jkmount.conf configurations are reseted during the process. We have to make a backup before running the build to be able to restore them once done.
    I don't know if the last update of EA3 also fix those bugs, for now our java servers are too loaded to let us just test.

    Best regards,
    Philippe
     
Loading...

Share This Page