org.postgresql.util.PSQLException: Der Verbindungsversuch schlug fehl

Hallo,
ich habe verinice auf cenos z installiert. Ich habe die Installation nach den Handbuch vorgenommen. Jedoch startet der Tomcat nicht. Tomat schreibt ins log das die Postgres nicht erreichbar ist. Jedoch habe ich mit psql -h 127.0.0.1 -U verinice verinicedb den Connect herstellen können.
In der nano /usr/share/tomcat/webapps/veriniceserver/WEB-INF/veriniceserver-plain.properties.local
die Konfig für Postges angepasst.

# Location of the hibernate configuration for PostgreSQL:
hibernate.config.resource=classpath:/server_hibernate.cfg.xml

# Location of the hibernate configuration for Oracle
# hibernate.config.resource=classpath:/server_hibernate_oracle.cfg.xml

# Connection settings for PostgreSQL
# Please adjust host, port, database name, user and pass according to your database.
jdbc.driverClass=org.postgresql.Driver
jdbc.hibernate.dialect=org.hibernate.dialect.PostgreSQLDialect
jdbc.url=jdbc:postgresql://127.0.0.1:5432/verinicedb
jdbc.username=verinice
jdbc.password=######

Jedoch startet der Tomcat nicht. hier Auszug aus dem Log

2019-01-10 07:54:34,826 WARN  [com.mchange.v2.async.ThreadPoolAsynchronousRunner$PoolThread-#1] (BasicResourcePool.java:1841)     - com.mchange.v2.resourcepool.BasicResourcePool$AcquireTask@293cd048 -- Acquisition Attempt Failed!!! Clearing pending acquires. While trying to acquire a needed new resource, we failed to succeed more than the maximum number of allowed acquisition attempts (30). Last acquisition attempt exception:
org.postgresql.util.PSQLException: Der Verbindungsversuch schlug fehl.
        at org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:225)
        at org.postgresql.core.ConnectionFactory.openConnection(ConnectionFactory.java:64)
        at org.postgresql.jdbc2.AbstractJdbc2Connection.<init>(AbstractJdbc2Connection.java:136)
        at org.postgresql.jdbc3.AbstractJdbc3Connection.<init>(AbstractJdbc3Connection.java:29)
        at org.postgresql.jdbc3g.AbstractJdbc3gConnection.<init>(AbstractJdbc3gConnection.java:21)
        at org.postgresql.jdbc4.AbstractJdbc4Connection.<init>(AbstractJdbc4Connection.java:31)
        at org.postgresql.jdbc4.Jdbc4Connection.<init>(Jdbc4Connection.java:24)
        at org.postgresql.Driver.makeConnection(Driver.java:397)
        at org.postgresql.Driver.connect(Driver.java:267)
        at com.mchange.v2.c3p0.DriverManagerDataSource.getConnection(DriverManagerDataSource.java:134)
        at com.mchange.v2.c3p0.WrapperConnectionPoolDataSource.getPooledConnection(WrapperConnectionPoolDataSource.java:182)
        at com.mchange.v2.c3p0.WrapperConnectionPoolDataSource.getPooledConnection(WrapperConnectionPoolDataSource.java:171)
        at com.mchange.v2.c3p0.impl.C3P0PooledConnectionPool$1PooledConnectionResourcePoolManager.acquireResource(C3P0PooledConnectionPool.java:137)
        at com.mchange.v2.resourcepool.BasicResourcePool.doAcquire(BasicResourcePool.java:1014)
        at com.mchange.v2.resourcepool.BasicResourcePool.access$800(BasicResourcePool.java:32)
        at com.mchange.v2.resourcepool.BasicResourcePool$AcquireTask.run(BasicResourcePool.java:1810)
        at com.mchange.v2.async.ThreadPoolAsynchronousRunner$PoolThread.run(ThreadPoolAsynchronousRunner.java:547)
Caused by: java.net.SocketException: Keine Berechtigung (connect failed)
        at java.net.PlainSocketImpl.socketConnect(Native Method)
        at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350)
        at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206)
        at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188)
        at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
        at java.net.Socket.connect(Socket.java:589)
        at java.net.Socket.connect(Socket.java:538)
        at org.postgresql.core.PGStream.<init>(PGStream.java:60)
        at org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:101)
        ... 16 more
2019-01-10 07:54:34,839 WARN  [com.mchange.v2.async.ThreadPoolAsynchronousRunner$PoolThread-#0] (BasicResourcePool.java:1841)     - com.mchange.v2.resourcepool.BasicResourcePool$AcquireTask@24509245 -- Acquisition Attempt Failed!!! Clearing pending acquires. While trying to acquire a needed new resource, we failed to succeed more than the maximum number of allowed acquisition attempts (30). Last acquisition attempt exception:
org.postgresql.util.PSQLException: Der Verbindungsversuch schlug fehl.
        at org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:225)
        at org.postgresql.core.ConnectionFactory.openConnection(ConnectionFactory.java:64)
        at org.postgresql.jdbc2.AbstractJdbc2Connection.<init>(AbstractJdbc2Connection.java:136)
        at org.postgresql.jdbc3.AbstractJdbc3Connection.<init>(AbstractJdbc3Connection.java:29)
        at org.postgresql.jdbc3g.AbstractJdbc3gConnection.<init>(AbstractJdbc3gConnection.java:21)
        at org.postgresql.jdbc4.AbstractJdbc4Connection.<init>(AbstractJdbc4Connection.java:31)
        at org.postgresql.jdbc4.Jdbc4Connection.<init>(Jdbc4Connection.java:24)
        at org.postgresql.Driver.makeConnection(Driver.java:397)
        at org.postgresql.Driver.connect(Driver.java:267)
        at com.mchange.v2.c3p0.DriverManagerDataSource.getConnection(DriverManagerDataSource.java:134)
        at com.mchange.v2.c3p0.WrapperConnectionPoolDataSource.getPooledConnection(WrapperConnectionPoolDataSource.java:182)
        at com.mchange.v2.c3p0.WrapperConnectionPoolDataSource.getPooledConnection(WrapperConnectionPoolDataSource.java:171)
        at com.mchange.v2.c3p0.impl.C3P0PooledConnectionPool$1PooledConnectionResourcePoolManager.acquireResource(C3P0PooledConnectionPool.java:137)
        at com.mchange.v2.resourcepool.BasicResourcePool.doAcquire(BasicResourcePool.java:1014)
        at com.mchange.v2.resourcepool.BasicResourcePool.access$800(BasicResourcePool.java:32)
        at com.mchange.v2.resourcepool.BasicResourcePool$AcquireTask.run(BasicResourcePool.java:1810)
        at com.mchange.v2.async.ThreadPoolAsynchronousRunner$PoolThread.run(ThreadPoolAsynchronousRunner.java:547)
Caused by: java.net.SocketException: Keine Berechtigung (connect failed)
        at java.net.PlainSocketImpl.socketConnect(Native Method)
        at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350)
        at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206)
        at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188)
        at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
        at java.net.Socket.connect(Socket.java:589)
        at java.net.Socket.connect(Socket.java:538)
        at org.postgresql.core.PGStream.<init>(PGStream.java:60)
        at org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:101)
        ... 16 more

Hallo an alle,

bitte prüft ob auf euren Systemen “SELinux” aktivert ist:

getenforce

Ist dass der Fall, entweder deaktivieren, im Live-Modus schnell auf “Permissive” setzen:
setenforce 0

Und den Tomcat-Dienst durchstarten:

systemctl restart tomcat

Allerdings ist diese Einstellung nicht bootfest, also dann über die Konigurationsdatei /etc/selinux/config:

SELINUX=disabled

Danach muss das System neu gestartet werden.

Oder booleschen Wert von “tomcat_can_network_connect_db” auf true setzen:

setsebool -P tomcat_can_network_connect_db 1

Anscheinend hat ein Update für selinux-Pakete hier was “zerschossen”

Ich empfehle SELinux dauerhaft abzuschalten.
Es steht auch in unserer Anleitung!

Für die Bastler unter uns: verwendet “sealert” aus dem Paket “setroubleshoot-server” um z.B. eigene Policies zu erstellen - eigentlich die Probleme mit SELinux zu analysieren. Dies geschieht natürlich auf eigenes Risiko und ohne Haftung von uns
Und weiterhin mit dem Nachteil, dass nach einem Update die Policies eventuell neu geschrieben werden müssen.

beste Grüße
Julia