Created attachment 537354 [details] server.log to show the HTTPS connection problem I got a surprise hit with this upgrade which introduce new problem, if I have dev-java/tomcat-native installed, I can not connect to the controller page, as HTTPS hang with TLS handshake, server.log attached as the error is pretty long trackback, by the way, the ebuild introduced quite huge change in over all setup, it should have a revision on it rather than silent commit it.
Sorry to hear that it's broken. It's working for me here on 5.9.4, but 5.8.x wasn't tested after the big ebuild change. We committed w/o revbump since the ebuilds were only there a short time. In the meantime, does unmerging tomcat-native make things work on 5.8?
yup, it do, simply unmerge tomcat-native fixed the problem, only find old discussion about this on Ubiquiti Networks Community without answer https://community.ubnt.com/t5/UniFi-Wireless/3-1-4-Won-t-start/td-p/546524
Same here. Unmerge of dev-java/tomcat-native fixes it for me too.
Ok so for <unifi-5.9 we need to not only drop this dep, but also make unifi ignore the system copy of tomcat-native in case someone has it installed for other purposes. Can you guys try adding "-Djava.library.path=" to the unifi startup options in your openrc init script (via JAVA_OPTS) or in your systemd unit (in ExecStart=)? That seems to help "hide" the lib but I want to make sure it doesn't have any side effects. Tested ok on my 5.9.4 though.
I can confirm that adding "-Djava.library.path=" helps.
(In reply to Ben Kohler from comment #4) > > Can you guys try adding "-Djava.library.path=" to the unifi startup options > in your openrc init script (via JAVA_OPTS) or in your systemd unit (in > ExecStart=)? Works for me with net-wireless/unifi-5.8.23.
(In reply to Ben Kohler from comment #4) > Ok so for <unifi-5.9 we need to not only drop this dep, but also make unifi > ignore the system copy of tomcat-native in case someone has it installed for > other purposes. > > Can you guys try adding "-Djava.library.path=" to the unifi startup options > in your openrc init script (via JAVA_OPTS) or in your systemd unit (in > ExecStart=)? > > That seems to help "hide" the lib but I want to make sure it doesn't have > any side effects. Tested ok on my 5.9.4 though. fix confirmed, and the extra cd in unifi.initd can be removed because there is already a --chdir call handled it the only thing left for me is to handle service stop case as it won't wait for process really stopped.
Many thanks for the test! > the only thing left for me is to handle service stop case as it won't wait for > process really stopped. Will have a look, to make it better.
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4a927a8c3ce5061438a42a3c9280f9c5195115d5 commit 4a927a8c3ce5061438a42a3c9280f9c5195115d5 Author: Ben Kohler <bkohler@gentoo.org> AuthorDate: 2018-06-27 11:48:13 +0000 Commit: Ben Kohler <bkohler@gentoo.org> CommitDate: 2018-06-27 11:48:38 +0000 net-wireless/unifi: don't use tomcat-native anymore Using tomcat-native seems to cause SSL problems on most unifi versions. Removing dep and also adjusting the service start commands to hide the system copy of tomcat-native in case it's already installed for other reasons. Closes: https://bugs.gentoo.org/659302 Package-Manager: Portage-2.3.40, Repoman-2.3.9 net-wireless/unifi/files/unifi.initd | 2 +- net-wireless/unifi/files/unifi.service | 4 ++-- net-wireless/unifi/unifi-5.6.39.ebuild | 1 - net-wireless/unifi/unifi-5.7.28.ebuild | 1 - net-wireless/unifi/unifi-5.8.23.ebuild | 1 - net-wireless/unifi/unifi-5.9.4.ebuild | 1 - 6 files changed, 3 insertions(+), 7 deletions(-)
(In reply to Conrad Kostecki from comment #8) > Many thanks for the test! > > > the only thing left for me is to handle service stop case as it won't wait for > > process really stopped. > > Will have a look, to make it better. Not sure waht you mean here but adding in init.d file: retry="TERM/60" makes openrc wait 60 secs for service shutdown
(In reply to Joakim Tjernlund from comment #10) > (In reply to Conrad Kostecki from comment #8) > > Many thanks for the test! > > > > > the only thing left for me is to handle service stop case as it won't wait for > > > process really stopped. > > > > Will have a look, to make it better. > > Not sure waht you mean here but adding in init.d file: > retry="TERM/60" > makes openrc wait 60 secs for service shutdown Can you open a new bug on that so we can work on a nice solution to that?
Bug for what? I don't really known what the problem is. I just guessed that it had something to do with long service shutdown ?
BTW, I think it is useful to something like: pkg_postinst() { einfo "The unifi controller accessible at" einfo "https://localhost:8443" } in the ebuild BTW2 Do you get tons of INFORM msgs in the logs? I did until I added in system.properties: log.inform=warn
(In reply to Joakim Tjernlund from comment #13) > BTW, I think it is useful to something like: > pkg_postinst() { > einfo "The unifi controller accessible at" > einfo "https://localhost:8443" > } > in the ebuild > > BTW2 Do you get tons of INFORM msgs in the logs? > I did until I added in system.properties: > log.inform=warn Bug 659420 has been opened to track the stop/shutdown issue. For the other 2 things, please open a new bug report or send me an email if you'd like to chat about it. I don't want to keep sending messages to people who only wanted CC'd on this specific tomcat-native/ssl issue.
