下载更新包war文件后,用系统命令无法启动jenkins:
systemctl start jenkins
使用2.361.4的包时,升级java到17版本发现可以启动了,但是查看状态仍然是不正常的
systemctl status jenkins
● jenkins.service - LSB: Jenkins Automation Server
Loaded: loaded (/etc/rc.d/init.d/jenkins; bad; vendor preset: disabled)
Active: failed (Result: exit-code) since Mon 2024-03-11 16:43:59 CST; 5s ago
Docs: man:systemd-sysv-generator(8)
Process: 15191 ExecStart=/etc/rc.d/init.d/jenkins start (code=exited, status=1/FAILURE)
Mar 11 16:43:59 search-server jenkins[15191]: at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorI...ava:77)
Mar 11 16:43:59 search-server jenkins[15191]: at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodA...ava:43)
Mar 11 16:43:59 search-server jenkins[15191]: at java.base/java.lang.reflect.Method.invoke(Method.java:568)
Mar 11 16:43:59 search-server jenkins[15191]: at executable.Main.main(Main.java:351)
Mar 11 16:43:59 search-server runuser[15196]: pam_unix(runuser:session): session closed for user jenkins
Mar 11 16:43:59 search-server jenkins[15191]: [FAILED]
Mar 11 16:43:59 search-server systemd[1]: jenkins.service: control process exited, code=exited status=1
Mar 11 16:43:59 search-server systemd[1]: Failed to start LSB: Jenkins Automation Server.
Mar 11 16:43:59 search-server systemd[1]: Unit jenkins.service entered failed state.
Mar 11 16:43:59 search-server systemd[1]: jenkins.service failed.
由于报出了任意文件查看漏洞 CVE-2024-23897 ,我的目标不是2.361.4这个版本更新,而是想更新到最新版本,目前是2.440.1。
查看到原来的jekins的启动命令是这样的:
ps aux| grep jenkins
root 13470 0.0 0.0 144420 1556 ? S 16:25 0:00 runuser -s /bin/bash jenkins -c ulimit -S -c 0 >/dev/null 2>&1 ; /usr/lib/jvm/jdk-17-oracle-x64/bin/java -Djava.awt.headless=true -DJENKINS_HOME=/var/lib/jenkins -jar /usr/lib/jenkins/jenkins.war --logfile=/var/log/jenkins/jenkins.log --webroot=/var/cache/jenkins/war --daemon --httpPort=8080 --debug=5 --handlerCountMax=100 --handlerCountMaxIdle=20
jenkins 13471 0.0 0.0 113284 1200 ? Ss 16:25 0:00 bash -c ulimit -S -c 0 >/dev/null 2>&1 ; /usr/lib/jvm/jdk-17-oracle-x64/bin/java -Djava.awt.headless=true -DJENKINS_HOME=/var/lib/jenkins -jar /usr/lib/jenkins/jenkins.war --logfile=/var/log/jenkins/jenkins.log --webroot=/var/cache/jenkins/war --daemon --httpPort=8080 --debug=5 --handlerCountMax=100 --handlerCountMaxIdle=20
jenkins 13472 7.1 25.0 4913372 2003084 ? Sl 16:25 1:16 /usr/lib/jvm/jdk-17-oracle-x64/bin/java -Djava.awt.headless=true -DJENKINS_HOME=/var/lib/jenkins -jar /usr/lib/jenkins/jenkins.war --logfile=/var/log/jenkins/jenkins.log --webroot=/var/cache/jenkins/war --daemon --httpPort=8080 --debug=5 --handlerCountMax=100 --handlerCountMaxIdle=20
升级java版本到21版本最新版本后,那么现在直接执行这个命令发现根本执行不了:
/usr/lib/jvm/jdk-17-oracle-x64/bin/java -Djava.awt.headless=true -DJENKINS_HOME=/var/lib/jenkins -jar /usr/lib/jenkins/jenkins.war --logfile=/var/log/jenkins/jenkins.log --webroot=/var/cache/jenkins/war --daemon --httpPort=8080 --debug=5 --handlerCountMax=100 --handlerCountMaxIdle=20
报错是不支持这个参数'--daemon',把这个参数去掉又报不支持的参数 ‘--handlerCountMax’, ‘--handlerCountMaxIdle’,那把这几个参数都去掉了,jenkins可以启动了,web端界面也能打开了,看似正常了。
Running from: /usr/lib/jenkins/jenkins.war
Exception in thread "main" java.lang.IllegalArgumentException: Unrecognized option: --daemon
at winstone.cmdline.CmdLineParser.parse(CmdLineParser.java:53)
at winstone.Launcher.getArgsFromCommandLine(Launcher.java:506)
at winstone.Launcher.main(Launcher.java:468)
at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103)
at java.base/java.lang.reflect.Method.invoke(Method.java:580)
at executable.Main.main(Main.java:351)
那么现在需要修改 /etc/rc.d/init.d/jenkins 配置文件,修改jenkins的启动命令,把这些启动参数都去掉试试,修改后的内容参考:
JAVA_CMD="$JENKINS_JAVA_CMD $JENKINS_JAVA_OPTIONS -DJENKINS_HOME=$JENKINS_HOME -jar $JENKINS_WAR"
#PARAMS="--logfile=/var/log/jenkins/jenkins.log --webroot=/var/cache/jenkins/war --daemon"
PARAMS="--logfile=/var/log/jenkins/jenkins.log --webroot=/var/cache/jenkins/war "
[ -n "$JENKINS_PORT" ] && PARAMS="$PARAMS --httpPort=$JENKINS_PORT"
[ -n "$JENKINS_LISTEN_ADDRESS" ] && PARAMS="$PARAMS --httpListenAddress=$JENKINS_LISTEN_ADDRESS"
[ -n "$JENKINS_HTTPS_PORT" ] && PARAMS="$PARAMS --httpsPort=$JENKINS_HTTPS_PORT"
[ -n "$JENKINS_HTTPS_KEYSTORE" ] && PARAMS="$PARAMS --httpsKeyStore=$JENKINS_HTTPS_KEYSTORE"
[ -n "$JENKINS_HTTPS_KEYSTORE_PASSWORD" ] && PARAMS="$PARAMS --httpsKeyStorePassword='$JENKINS_HTTPS_KEYSTORE_PASSWORD'"
[ -n "$JENKINS_HTTPS_LISTEN_ADDRESS" ] && PARAMS="$PARAMS --httpsListenAddress=$JENKINS_HTTPS_LISTEN_ADDRESS"
[ -n "$JENKINS_HTTP2_PORT" ] && PARAMS="$PARAMS --http2Port=$JENKINS_HTTP2_PORT"
[ -n "$JENKINS_HTTP2_LISTEN_ADDRESS" ] && PARAMS="$PARAMS --http2ListenAddress=$JENKINS_HTTP2_LISTEN_ADDRESS"
#[ -n "$JENKINS_DEBUG_LEVEL" ] && PARAMS="$PARAMS --debug=$JENKINS_DEBUG_LEVEL"
[ -n "$JENKINS_HANDLER_STARTUP" ] && PARAMS="$PARAMS --handlerCountStartup=$JENKINS_HANDLER_STARTUP"
#[ -n "$JENKINS_HANDLER_MAX" ] && PARAMS="$PARAMS --handlerCountMax=$JENKINS_HANDLER_MAX"
#[ -n "$JENKINS_HANDLER_IDLE" ] && PARAMS="$PARAMS --handlerCountMaxIdle=$JENKINS_HANDLER_IDLE"
[ -n "$JENKINS_EXTRA_LIB_FOLDER" ] && PARAMS="$PARAMS --extraLibFolder=$JENKINS_EXTRA_LIB_FOLDER"
[ -n "$JENKINS_ARGS" ] && PARAMS="$PARAMS $JENKINS_ARGS"
...
case "$1" in
start)
echo -n "Starting Jenkins "
#daemon --user "$JENKINS_USER" --pidfile "$JENKINS_PID_FILE" "$JAVA_CMD" $PARAMS > /dev/null
daemon --user "$JENKINS_USER" --pidfile "$JENKINS_PID_FILE" "$JAVA_CMD" $PARAMS > /dev/null &
...