Bitnami package for Apache Tomcat 9.0.91-2 | SSH here document hangs

[peterpaul310]

Platform

AWS

bndiagnostic ID know more about bndiagnostic ID

5081909f-f0e7-a72b-8b8c-5f37498b6de4

bndiagnostic output

===== Begin of bndiagnostic tool output =====

? Processes: Found possible issues
✓ Mariadb: No issues found
? Connectivity: Found possible issues
? Apache: Found possible issues
? Resources: Found possible issues

[Processes]

One or more component's processes are not running:

apache not running mariadb not running tomcat not running

You can try to restart the process with the following command:

$ sudo /opt/bitnami/ctlscript.sh start COMPONENT_NAME

[Connectivity]
Press [Enter] to continue:

Server ports 22, 80 and/or 443 are not publicly accessible. Please check the
following guide to open server ports for remote access:

https://docs.bitnami.com/general/faq/administration/use-firewall/

[Apache]

The Apache configuration has errors:

AH00526: Syntax error on line 6 of 
/opt/bitnami/apache/conf/vhosts/tomcat-https-vhost.conf:
SSLCertificateKeyFile: file '/opt/bitnami/apache/conf/bitnami/certs/server.key' 
does not exist or is empty

Please check the configuration.

[Resources]

Your instance has little available RAM memory.

               total        used        free      shared  buff/cache   available
Mem:             970         390         169           0         552         579
Press [Enter] to continue:
Swap:            634           0         634

You could try to increase your instance's memory. Please check your cloud
provider's documentation for more information.

===== End of bndiagnostic tool output =====

bndiagnostic was not useful. Could you please tell us why?

unfortunately the output has nothing to do with my problem

Describe your issue as much as you can

I have a bash script for remote configuration of a running bitnami tomcat instance.

The script contains the following ssh - here document:

ssh -tt -i /path/to/aws/keyfile.pem $USER@$IP << EOF
sudo rm /opt/bitnami/apache/conf/bitnami/certs/server.key
sudo rm /opt/bitnami/apache/conf/bitnami/certs/server.crt
exit
EOF

USER is "bitnami"
IP is the ip of the running Apache Tomcat 9.0.91-2 instance.

The script hangs after executing the first line -> "sudo rm /opt/bitnami/apache/conf/bitnami/certs/server.key".

The satement "rm /opt/bitnami/apache/conf/bitnami/certs/server.key" is still executed. Means, file server.key is deleted. But after this line, there is no progress. Even with only one line of "sudo-code", the exit statement is never reached.

When i execute a non sudo statement first, e.g. "ls -l", the statement is executet and then the first sudo statement with the known behaviour. Seems, sudo is the problem.

Up to now i did not find any workaround.

I used the same script for years with a lot of different Bitnami Apache Tomcat Images. Everything worked fine.
The latest Bitnami Tomcat version i used the script for without errors was Apache Tomcat packaged by Bitnami 8.5.85-10.

As remote client i'm using Ubuntu 22.04.4 LTS

[Marlene495Hadley]

Hello!
It seems the issue with your script hanging after the sudo command might be related to how sudo handles input. You can try adding the -n option to ssh to redirect stdin from /dev/null and the -t option to force pseudo-tty allocation. Here’s an updated version of your script:

ssh -tt -n -i /path/to/aws/keyfile.pem $USER@$IP << EOF
sudo rm /opt/bitnami/apache/conf/bitnami/certs/server.key
sudo rm /opt/bitnami/apache/conf/bitnami/certs/server.crt
exit
EOF

This should help prevent the script from hanging after executing the sudo command. If the issue persists, you might want to check the sudo configuration on the remote server to ensure it doesn’t require interactive input.

Regards,
Patient Portal

EDIT: @gongomgra removed third-party links

[peterpaul310]

Hello! It seems the issue with your script hanging after the sudo command might be related to how sudo handles input. You can try adding the -n option to ssh to redirect stdin from /dev/null and the -t option to force pseudo-tty allocation. Here’s an updated version of your script:

ssh -tt -n -i /path/to/aws/keyfile.pem $USER@$IP << EOF sudo rm /opt/bitnami/apache/conf/bitnami/certs/server.key sudo rm /opt/bitnami/apache/conf/bitnami/certs/server.crt exit EOF

This should help prevent the script from hanging after executing the sudo command. If the issue persists, you might want to check the sudo configuration on the remote server to ensure it doesn’t require interactive input.

Regards, Patient Portal

So means, how sudo handles input has changed!
At least since version 8.5.85-10 of Bitnami Tomcat?

Is this change intended behaviour?

I think there is a bug in sudo!

This script, with exactly this here-document worked since 2018 with all versions of Bitnami Tomcat. With the Ubuntu version as well as with the debian version.

[peterpaul310]

The -n option didn't work either.

Means, at the moment there is no way to execute a ssh here document with Bitnami Tomcat 9.0.91-2 instance and probably with all other Bitnami stacks, using the same errornous version of sudo.

Of course, the problem seems to come from debian. Probably a debian version with a working sudo version is needed.

[peterpaul310]

Finally i found a workaround:

ssh -tt -i /path/to/aws/keyfile.pem $USER@$IP << EOF
sudo rm /opt/bitnami/apache/conf/bitnami/certs/server.key; \
sudo rm /opt/bitnami/apache/conf/bitnami/certs/server.crt; \
exit
EOF

This works!

There is something wrong with debian!

[gongomgra]

Hi @peterpaul310,

Thanks for using Bitnami. I'm glad you managed to solve your issue! As you mentioned, something must have changed on new Bash and/or OpenSSH versions that is causing your issues.

I'm sharing here an alternative command structure that has worked for me as well.

$ ssh bitnami@IP_ADDRESS /bin/bash <<EOF
sudo /opt/bitnami/ctlscript.sh status;
sudo dpkg -l bash;
exit
EOF
Warning: Permanently added 'IP_ADDRESS' (ED25519) to the list of known hosts.
apache already running
odoo already running
postgresql already running
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name           Version      Architecture Description
+++-==============-============-============-=================================
ii  bash           5.2.15-2+b7  amd64        GNU Bourne Again SHell

Hope it helps!

[github-actions]

This Issue has been automatically marked as "stale" because it has not had recent activity (for 15 days). It will be closed if no further activity occurs. Thanks for the feedback.

[github-actions]

Due to the lack of activity in the last 5 days since it was marked as "stale", we proceed to close this Issue. Do not hesitate to reopen it later if necessary.