Created attachment 885516 [details] catalina.log i just tried to bump this version. it compiles and installs fine, but it does not run the bundled apps. tomcat versions in older slots still work fine. it seems there is some manifest signing issue.
i just recompiled tomcat 10.1.18-r1 (which runs fine on my servers) on the same machine and it behaves the same, so it might be issue with ant rather than with tomcat itself. # equery list ant * Searching for ant ... [IP-] [ ] dev-java/ant-1.10.14-r1:0 i will do more tests...
i just tested that on a machine where i still have ant-core installed ant tomcat 10.1.19 runs there without issues. [ ok ] server /var/db/repos/gentoo/www-servers/tomcat # equery list ant-core * Searching for ant-core ... [IP-] [ ] dev-java/ant-core-1.10.9-r5:0 so i'll bump tomcat but we can't stabilize new ant before we resolve this issue.
(In reply to Miroslav Šulc from comment #2) > {...] > so i'll bump tomcat but we can't stabilize new ant before we resolve this > issue. so let's block it.
Does it need ant-launcher? There was another regression in https://bugs.gentoo.org/923972.
(In reply to Miroslav Šulc from comment #0) > Created attachment 885516 [details] > catalina.log > > i just tried to bump this version. it compiles and installs fine, but it > does not run the bundled apps. tomcat versions in older slots still work > fine. it seems there is some manifest signing issue. could you please list the exact steps to do after emerge needed to reproduce "catalina.log" those wiki articles mentioned in pkg_postinst's einfo look both very outdated
The summary "[...] does not sign jars correcly with [...]" implies jar files installed by tomcat should be signed. But even if compiled with ant-core-1.10.9-r5 all these jar files seem unsigned. Can be checked with: for i in $(qlist tomcat | grep \.jar); do jarsigner -verify $1; done There was a similar error when packaging eclipse-ecj:30 which could be solved by removing .RSA and .SF entries.
(In reply to Volkmar W. Pogatzki from comment #5) > (In reply to Miroslav Šulc from comment #0) > > Created attachment 885516 [details] > > catalina.log > > > > i just tried to bump this version. it compiles and installs fine, but it > > does not run the bundled apps. tomcat versions in older slots still work > > fine. it seems there is some manifest signing issue. > > could you please list the exact steps to do after emerge > needed to reproduce "catalina.log" > > those wiki articles mentioned in pkg_postinst's einfo look both very outdated i just installed tomcat:10.1. i already have the instance created using /usr/share/tomcat-10.1/gentoo/tomcat-instance-manager.bash --create not sure if i changed any settings in the configuration files but i think i did not. so then the last step is to start tomcat /etc/init.d/tomcat-10.1 start and then check at localhost:8080 whether tomcat displays the homepage or an error. if the error occurs, the cause can be checked in the log files in /var/log/tomcat-10.1/.
(In reply to Volkmar W. Pogatzki from comment #6) > The summary "[...] does not sign jars correcly with [...]" implies jar files > installed by tomcat should be signed. > But even if compiled with ant-core-1.10.9-r5 all these jar files seem > unsigned. > > Can be checked with: > for i in $(qlist tomcat | grep \.jar); do jarsigner -verify $1; done > > There was a similar error when packaging eclipse-ecj:30 which could be > solved by removing .RSA and .SF entries. i did not check deeply the issue, the topic is based on the message "Caused by: java.lang.SecurityException: Invalid signature file digest for Manifest main attributes", so the description might be inaccurate. what remains is that with ant-core i don't have the mentioned issue but with the new ant the issue popped up for me.
Created attachment 885974 [details] catalina.2024-02-25.log from tomcat built with ant-1.10.14-r2 Don't know if I should feel happy about, but here it starts as expected and localhost:8080 says: Apache Tomcat/10.1.19-gentoo If you're seeing this, you've successfully installed Tomcat. Congratulations!
(In reply to Volkmar W. Pogatzki from comment #9) > Created attachment 885974 [details] > catalina.2024-02-25.log from tomcat built with ant-1.10.14-r2 > > Don't know if I should feel happy about, but here it starts as expected and > localhost:8080 says: > > > Apache Tomcat/10.1.19-gentoo > If you're seeing this, you've successfully installed Tomcat. Congratulations! i re-emerged ant, tomcat, deleted the tomcat instance and created a new one, but still the same issue. i find it kinda strange that it's only me encountering this issue, no cc so far on this bug. i might as well have something broken here. so, if it works for you, i guess we can drop the blocker for ant stabilization. if the issue pops up for other users, we would need to handle it.
(In reply to Miroslav Šulc from comment #10) > > so, if it works for you, i guess we can drop the blocker for ant > stabilization. if the issue pops up for other users, we would need to handle > it. it does, works for me. removing the blocker.
on my test server tomcat works fine even after ant upgrade, but on my production server just updating to the new ant and restarting tomcat:10.1 caused tomcat not working, so i had to downgrade ant back to the ant-core. after the downgrade, it works fine again. it seems it fails on a manifest digest ending with -DIGEST-Manifest-Main-Attributes but i did not find such a record, but maybe i didn't search everything.
i also tried setting JAVA_OPTS="-Djava.security.debug=jar" in /etc/conf.d/tomcat-10.1, which should enable displaying debug output for this issue (java code logs to System.err), but i did not find whether and where it stores the log.
(In reply to Miroslav Šulc from comment #12) > on my test server tomcat works fine even after ant upgrade, but on my > production server just updating to the new ant and restarting tomcat:10.1 > caused tomcat not working, so i had to downgrade ant back to the ant-core. > after the downgrade, it works fine again. > [...] for me this sounds like there is something in the existing instance of your production server causing that trouble (if tomcat was built with new ant). does the existing instance include signed jar files?
well, i just debugged tomcat on my laptop to find out on what exactly it is failing, and the conclusion is that the verification of /usr/share/eclipse-ecj-4.26/lib/ecj.jar fails because of those META-INF/ECLIPSE_.{SF|RSA} files. removing them from ecj.jar resolves the issue. so the content of those files seems not to be valid and we should drop them to resolve the issue, as you already wrote.
i just verified it on my production server. zip -d /usr/share/eclipse-ecj-4.26/lib/ecj.jar META-INF/ECLIPSE_.RSA META-INF/ECLIPSE_.SF update world to get the latest ant /etc/init.d/tomcat-10.1 restart and tomcat runs without issues.
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1c22228aa61ca1ffdf3f5306e886d09e98e54798 commit 1c22228aa61ca1ffdf3f5306e886d09e98e54798 Author: Volkmar W. Pogatzki <gentoo@pogatzki.net> AuthorDate: 2024-02-26 11:27:40 +0000 Commit: Miroslav Šulc <fordfrog@gentoo.org> CommitDate: 2024-02-26 12:52:27 +0000 dev-java/eclipse-ecj: remove .RSA and .SF files from META-INF Closes: https://bugs.gentoo.org/925083 Signed-off-by: Volkmar W. Pogatzki <gentoo@pogatzki.net> Closes: https://github.com/gentoo/gentoo/pull/35538 Signed-off-by: Miroslav Šulc <fordfrog@gentoo.org> .../{eclipse-ecj-4.26-r1.ebuild => eclipse-ecj-4.26-r2.ebuild} | 8 ++++++++ 1 file changed, 8 insertions(+)