I'm running FME Server 2020.2.1 Build 20806 on a Linux Debian 10.6 host.
I need to run a workspace that writes to a sqlite database previously uploaded in the shared resource data directory, but the workspace fails complaining it can't write to a read-only database.
I discovered that when I upload a file in the shared resource data directory through the Web User Interface, the owner user:group of the file is root:root and not fmeserver:fmeserver as expected. After changing the ownership of the file (the sqlite database in this case) to fmeserver:fmeserver using the shell of the operating system, the workspace runs fine.
This is obviously a workaround which is not suitable for a production environment with several users. Can anyone help me solving this issue?
Thanks!
Best answer by davtorgh
Solved!
Added the following lines to systemd script 'fmeserver-appserver.service', as suggested by @richardatsafe :
User=fmeserver Group=fmeserver
but I had to fix something else (see file 'systemctl-status-bad.txt' in attached zipfile). Here are my troubleshooting steps:
stopped 'fmeserver-appserver.service';
FME Server Appserver wants to write file 'catalina.pid' file in '/var/run/tomcat/' but the directory does not exist, so I created it and assigned ownership to fmeserver:fmeserver; now the file gets created;
FME Server Appserver wants to create file 'catalina.out' in '/opt/fmeserver/Utilities/tomcat/logs/', but the directory ownership is root:root, so i assigned ownership to fmeserver:fmeserver; now the file gets creted;
started 'fmeserver-appserver.service' (see file 'systemctl-status-ok.txt' in attached zipfile).
Now files and directories in the shared resource data directory created with the Web User Interface are owned by fmeserver:fmeserver as expected.
Hope this will be useful to Safe Software and other FME Server users!
This post is closed to further activity.
It may be an old question, an answered question, an implemented idea, or a notification-only post.
Please check post dates before relying on any information in a question or answer.
For follow-up or related questions, please post a new question or idea.
If there is a genuine update to be made, please contact us and request that the post is reopened.
The problem comes down to the web application needing to be run as root when the port chosen at installation is less than 1024. This is because the apache tomcat needs to root to perform an autobind, which is only necessary for lower ports. This comment talks about the issue in more detail, however, the easiest thing to do is install FME Server on port 8080.
The problem comes down to the web application needing to be run as root when the port chosen at installation is less than 1024. This is because the apache tomcat needs to root to perform an autobind, which is only necessary for lower ports. This comment talks about the issue in more detail, however, the easiest thing to do is install FME Server on port 8080.
but FME Server runs in https on port 8443, so there may be something else to fix. I add, for further troubleshooting, that all FME services are executed with systemd using the scripts provided with the installation package.
but FME Server runs in https on port 8443, so there may be something else to fix. I add, for further troubleshooting, that all FME services are executed with systemd using the scripts provided with the installation package.
Good catch. If you are using the systemd scripts you will need to add the the user and group to the fmeserver-appserver.service script to start with the fmeserver user instead of a root user similar to the fmeserver-core.service. The systemd scripts are a "guide only", however, I will have warnings added to the documentation to prevent this in the future.
Added the following lines to systemd script 'fmeserver-appserver.service', as suggested by @richardatsafe :
User=fmeserver Group=fmeserver
but I had to fix something else (see file 'systemctl-status-bad.txt' in attached zipfile). Here are my troubleshooting steps:
stopped 'fmeserver-appserver.service';
FME Server Appserver wants to write file 'catalina.pid' file in '/var/run/tomcat/' but the directory does not exist, so I created it and assigned ownership to fmeserver:fmeserver; now the file gets created;
FME Server Appserver wants to create file 'catalina.out' in '/opt/fmeserver/Utilities/tomcat/logs/', but the directory ownership is root:root, so i assigned ownership to fmeserver:fmeserver; now the file gets creted;
started 'fmeserver-appserver.service' (see file 'systemctl-status-ok.txt' in attached zipfile).
Now files and directories in the shared resource data directory created with the Web User Interface are owned by fmeserver:fmeserver as expected.
Hope this will be useful to Safe Software and other FME Server users!
