Unable to locate init.token on new SSC install

Summary:

I freshly installed the following on a brand new virtual machine:

OS is RHEL 7.3
Apache Tomcat 9.0.16
Fortify SSC Server 19.1.0

The MySQL database was installed on a different VM.

The application war file deployed without error, and the maintenance page comes up as expected. The administrator page comes up as expected without presenting any errors. However, no ./fortify folder was found and no init.token was found.

I checked the logs from Tomcat and saw no errors.  Suggestions?

 

Very Respectfully,

Bill Mummert

 

 

 

 

  • On Linux, the fortify.home (.fortify) directory is generally located where Tomcat is installed. On my CentOS box, Tomcat is installed in /opt/tomcat taking a look there we see the .fortify directory.

    fortify-home.png

  • Thanks, that is where it was on the old server.  That is  where I looked on this new VM.  In the Tomcat folder.  I also checked in the webapp folder and did a grep -r search of the box.  There is no .fortify folder and there is no init.token.  

     

    I have read other posts with this issue.  One suggested permissions might be the problem.  In a few hours I will try changing the permissions recursively on the apache tomcat folder tree and restart the tomcat server.  Then check for the ./fortify/ & init.token again.  I will post the results of that attempt here.

     

    V/R,

    Bill 

  • I did the following to change the permissions:

     

    catalina.sh stop

    chmod -R 777 /opt/tomcat

    catalina.sh start

    looked in /opt/tomcat for /.fortify or init.token and I did not find either.

    I checked the logs and only see INFO statements.  I don't see any errors.

     

  • Verified Answer

    *sigh* the new VM doesn't have tomcat service, group, or user configured...followed the steps below

     

    Update Permissions
    The tomcat user that we set up needs to have the proper access to the Tomcat installation. We’ll set that up now.

    Change to the Tomcat installation path:

    cd /opt/tomcat
    Give the tomcat group ownership over the entire installation directory:

    sudo chgrp -R tomcat /opt/tomcat
    Next, give the tomcat group read access to the conf directory and all of its contents, and execute access to the directory itself:

    sudo chmod -R g r conf
    sudo chmod g x conf
    Then make the tomcat user the owner of the webapps, work, temp, and logs directories:

    sudo chown -R tomcat webapps/ work/ temp/ logs/
    Now that the proper permissions are set up, let’s set up a Systemd unit file.

    Install Systemd Unit File
    Because we want to be able to run Tomcat as a service, we will set up a Tomcat Systemd unit file .

    Create and open the unit file by running this command:

    sudo vi /etc/systemd/system/tomcat.service
    Paste in the following script. You may also want to modify the memory allocation settings that are specified in CATALINA_OPTS:

    /etc/systemd/system/tomcat.service
    # Systemd unit file for tomcat
    [Unit]
    Description=Apache Tomcat Web Application Container
    After=syslog.target network.target

    [Service]
    Type=forking

    Environment=JAVA_HOME=/usr/lib/jvm/jre
    Environment=CATALINA_PID=/opt/tomcat/temp/tomcat.pid
    Environment=CATALINA_HOME=/opt/tomcat
    Environment=CATALINA_BASE=/opt/tomcat
    Environment='CATALINA_OPTS=-Xms512M -Xmx1024M -server -XX: UseParallelGC'
    Environment='JAVA_OPTS=-Djava.awt.headless=true -Djava.security.egd=file:/dev/./urandom'

    ExecStart=/opt/tomcat/bin/startup.sh
    ExecStop=/bin/kill -15 $MAINPID

    User=tomcat
    Group=tomcat
    UMask=0007
    RestartSec=10
    Restart=always

    [Install]
    WantedBy=multi-user.target
    Save and exit. This script tells the server to run the Tomcat service as the tomcat user, with the settings specified.

    Now reload Systemd to load the Tomcat unit file:

    sudo systemctl daemon-reload
    Now you can start the Tomcat service with this systemctl command:

    sudo systemctl start tomcat
    Check that the service successfully started by typing:

    sudo systemctl status tomcat
    If you want to enable the Tomcat service, so it starts on server boot, run this command:

    sudo systemctl enable tomcat

     

    I now get a .fortify directory structure with files in the tomcat folder, BUT I do not get a init.token file.  Still no init.token file.

  • I restarted the VM.  i see the init.token now.

     

    Now, when I open the http://localhost:8080/ssc/ I get a white screen

     

  • Take a look at the SSC and Catalina logs for any errors.

  • Seems it was a permissions issue.  Issued the following commands:

     

    chown -R tomcat: /opt/tomcat
    sh -c 'chmod x /opt/tomcat/bin/*.sh'
    systemctl daemon-reload

    systemctl stop tomcat

    systemctl start tomcat

    Then maintenance page came up and init.token present.  I was able to login and begin the initial application configuration