Time
S
Nick
Message
13:17 donsizemore joined #dataverse
13:18 donsizemore
@pdurbin: morning! have you applied this mornings java-1.8 security update to any of your test boxen yet?
13:19 pdurbin
uh
13:19 pdurbin
:)
13:19 donsizemore
(i suppose that's the royal/collective "you" / y'all)
13:22 donsizemore
my one rhel7 dataverse 4.4 box is now throwing org.glassfish.deployment.common.DeploymentException: Error in linking security policy for dataverse-4.4 -- Inconsistent Module State
13:23 pdurbin
hmm, whenever I see stuff like that I undeploy the app and stop glassfish
13:24 pdurbin
on https://dev1.dataverse.org for example I'm running OpenJDK Runtime Environment (build 1.8.0_91-b14)
13:25 pdurbin
`yum update` says "No Packages marked for Update" so maybe the patch hasn't made it into openjdk yet
13:25 donsizemore
my update to 1.8.0_101-b13 borked things. undeploying now
13:25 pdurbin
donsizemore: are you using openjdk?
13:25 donsizemore
correct
13:26 pdurbin
huh, I wonder by yum isn't telling me there's an update
13:26 pdurbin
why*
13:26 donsizemore
centos may not have released it yet. if it's rhel, try a 'yum clean all' then a 'yum check-update'
13:27 pdurbin
yeah, I'm on centos. centos 6
13:28 donsizemore
dls
13:30 pdurbin
hmm
13:30 donsizemore
ah, corrupt OSGI cache
13:30 pdurbin
donsizemore: so you're seeing this on RHEL ? Not CentOS?
13:31 donsizemore
haven't patched the centos boxes yet =) my "new" prod machine isn't in prod yet =)
13:33 donsizemore
@pdurbin it was the osgi-cache. apologies for my teapot tempest
13:34 pdurbin
this seems to be the advisory for RHEL : https://rhn.redhat.com/errata/RHSA-2016-1458.html
13:36 pdurbin
sounds pretty nasty
13:38 pdurbin
donsizemore: not sure if you met the folks from Singapore but they're very interested in security. I suggested that maybe someday there could be a mailing list or something for security stuff related to Dataverse. A private mailing list, I guess. Or maybe we could use security
13:38 pdurbin
Obviously I haven't really thought this through too much. :)
13:38 donsizemore
@pdurbin our production boxes or RHEL , and our security group considers the time-to-patch in the severity of their response to any security incident, so i patch as quickly as i can. i'm happy to report that 4.4 deploys and launches properly on OpenJDK Runtime Environment (build 1.8.0_101-b13). as you were =)
13:39 pdurbin
donsizemore: awesome. What did you have to do with osgi-cache?
13:42 donsizemore
@pdurbin: stopped glassfish, removed the osgi-cache/ contents (in this case a sub-dir named 'felix'), started glassfish
13:42 donsizemore
@pdurbin: dataverse-4.4.war then deployed without error and i had my test box back!
13:43 pdurbin
huh. is that under a directory called "generated"? Sometimes we blow that directory away (after stopping glassfish)
13:43 donsizemore
it's under domain1/, for this box /usr/local/glassfish4/glassfish/domains/domain1/osgi-cache/
13:43 pdurbin
ok, different fix then
13:43 pdurbin
good to know about. thanks
13:44 donsizemore
i remembered doing this last year after i googled "glassfish inconsistent module state"
13:44 pdurbin
gotcha
13:44 donsizemore
if i could remember all the stuff i've forgotten, i'd be rich, or something.
13:44 pdurbin
heh
13:44 pdurbin
donsizemore: hey, would you mind emailing security
14:00 donsizemore
@pdurbin: don
14:00 donsizemore
*done
14:01 * pdurbin
clicks https://help.hmdc.harvard.edu/Ticket/Display.html?id=238670
14:01 pdurbin
donsizemore: thanks!
14:01 pdurbin
donsizemore: I also added a note about the security group idea to https://trello.com/c/xiTCfbfd/23-how-to-report-security-issues
17:56 donsizemore joined #dataverse
20:56 mjturk left #dataverse
