2.5 upgrade tasks

base/container_files/conf/grouper.hibernate.properties

@@ -28,3 +28,4 @@ hibernate.connection.username         = root
 # Note: you can keep passwords external and encrypted: https://bugs.internet2.edu/jira/browse/GRP-122
 hibernate.connection.password         = 
 
+registry.auto.ddl.upToVersion = 2.5.*

base/container_files/conf/morphString.properties

@@ -0,0 +1,11 @@
+
+########################################
+## Encryption configuration
+########################################
+
+# Put a random alphanumeric string (Case sensitive) for the password encryption.  e.g. fh43IRJ4Nf5jn4Qp9k2
+# or put a filename where the random alphanumeric string is.  e.g. c:/whatever/key.txt
+# use encrypt.key.elConfig instead if the config has an expression language scriptlet
+#encrypt.key = /Users/mchyzer/git/grouper_v2_5/grouper/temp/morphTestFromFile.txt
+
+encrypt.key = yh30aSMnC1SZ3

docs/401/401.1.rst

@@ -166,7 +166,7 @@ Exercise 401.1.3 Export `vpn_authorized` to OpenLDAP
    .. literalinclude:: examples/401.1.3-pspng-config.properties
         :language: properties
         :lines: 72-
-        :caption: /opt/grouper/grouper.apiBinary/conf/grouper-loader.properties
+        :caption: /opt/grouper/grouperWebapp/WEB-INF/classes/grouper-loader.properties
         :name: 401.1.3-pspng-groupofnames
         :linenos:
 
@@ -292,7 +292,7 @@ approach.
 
 #. Run `./gte-shell 401.1.1` to get a command prompt.
 
-#. Run `./bin/gsh` to start the Grouper shell
+#. Run `./bin/gsh.sh` as user tomcat to start the Grouper shell
 
 #. Paste in the following gsh script:
 

ex101/ex101.1.1/Dockerfile

@@ -12,17 +12,20 @@ ENV USERTOKEN=gte-101.1.1
 COPY container_files/seed-data/ /seed-data/
 COPY container_files/grouper-loader.properties /opt/grouper/grouperWebapp/WEB-INF/classes/
 COPY container_files/subject.properties /opt/grouper/grouperWebapp/WEB-INF/classes/
+COPY container_files/morphString.properties /opt/grouper/grouperWebapp/WEB-INF/classes/
 
 RUN . /usr/local/bin/library.sh \
-    && prepConf; \
+    && prep_conf && prep_finish && setupFiles; \
     (/usr/sbin/slapd -h "ldap:/// ldaps:/// ldapi:///" -u ldap &) \
     && while ! curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to start; sleep 1; done; \
     (mysqld_safe & ) \
     && while ! curl -s localhost:3306 > /dev/null; do echo waiting for mysqld to start; sleep 3; done; \
     cd /opt/grouper/grouperWebapp/WEB-INF/bin \
     && ldapadd -x -D cn=root,dc=internet2,dc=edu -w password -f /seed-data/users.ldif \
     && mysql grouper < /seed-data/sisData.sql \
-    && ./gsh.sh /seed-data/bootstrap.gsh \
+    && cp -r /opt/grouper/grouperWebapp/WEB-INF/libUiAndDaemon/* /opt/grouper/grouperWebapp/WEB-INF/lib/ \
+    && if [ ! -f /usr/local/bin/java ]; then ln -s /usr/lib/jvm/java-1.8.0-amazon-corretto/bin/java /usr/local/bin/java; fi \
+    && sudo --preserve-env=PATH -u tomcat ./gsh.sh /seed-data/bootstrap.gsh \
     && pkill -HUP slapd \
     && while curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to stop; sleep 1; done; \
     pkill -u mysql mysqld \

ex101/ex101.1.1/container_files/morphString.properties

@@ -0,0 +1,11 @@
+
+########################################
+## Encryption configuration
+########################################
+
+# Put a random alphanumeric string (Case sensitive) for the password encryption.  e.g. fh43IRJ4Nf5jn4Qp9k2
+# or put a filename where the random alphanumeric string is.  e.g. c:/whatever/key.txt
+# use encrypt.key.elConfig instead if the config has an expression language scriptlet
+#encrypt.key = /Users/mchyzer/git/grouper_v2_5/grouper/temp/morphTestFromFile.txt
+
+encrypt.key = yh30aSMnC1SZ3

ex201/ex201.1.1/Dockerfile

@@ -10,19 +10,22 @@ LABEL author="tier-packaging@internet2.edu <tier-packaging@internet2.edu>" \
 ENV USERTOKEN=gte-201.1.1
 
 COPY container_files/seed-data/ /seed-data/
-COPY container_files/grouper-loader.properties /opt/grouper/conf/
-COPY container_files/subject.properties /opt/grouper/conf/
+COPY container_files/grouper-loader.properties /opt/grouper/grouperWebapp/WEB-INF/classes
+COPY container_files/subject.properties /opt/grouper/grouperWebapp/WEB-INF/classes
+COPY container_files/morphString.properties /opt/grouper/grouperWebapp/WEB-INF/classes/
 
 RUN . /usr/local/bin/library.sh \
-    && prepConf; \
+    && prep_conf && prep_finish && setupFiles; \
     (/usr/sbin/slapd -h "ldap:/// ldaps:/// ldapi:///" -u ldap &) \
     && while ! curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to start; sleep 1; done; \
     (mysqld_safe & ) \
     && while ! curl -s localhost:3306 > /dev/null; do echo waiting for mysqld to start; sleep 3; done; \
-    cd /opt/grouper/grouper.apiBinary \
+    cd /opt/grouper/grouperWebapp/WEB-INF \
     && ldapadd -x -D cn=root,dc=internet2,dc=edu -w password -f /seed-data/users.ldif \
     && mysql grouper < /seed-data/sisData.sql \
-    && bin/gsh /seed-data/bootstrap.gsh \
+    && cp -r /opt/grouper/grouperWebapp/WEB-INF/libUiAndDaemon/* /opt/grouper/grouperWebapp/WEB-INF/lib/ \
+    && if [ ! -f /usr/local/bin/java ]; then ln -s /usr/lib/jvm/java-1.8.0-amazon-corretto/bin/java /usr/local/bin/java; fi \
+    && sudo --preserve-env=PATH -u tomcat bin/gsh.sh /seed-data/bootstrap.gsh \
     && pkill -HUP slapd \
     && while curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to stop; sleep 1; done; \
     pkill -u mysql mysqld \

ex201/ex201.1.1/container_files/morphString.properties

@@ -0,0 +1,11 @@
+
+########################################
+## Encryption configuration
+########################################
+
+# Put a random alphanumeric string (Case sensitive) for the password encryption.  e.g. fh43IRJ4Nf5jn4Qp9k2
+# or put a filename where the random alphanumeric string is.  e.g. c:/whatever/key.txt
+# use encrypt.key.elConfig instead if the config has an expression language scriptlet
+#encrypt.key = /Users/mchyzer/git/grouper_v2_5/grouper/temp/morphTestFromFile.txt
+
+encrypt.key = yh30aSMnC1SZ3

ex201/ex201.1.end/Dockerfile

@@ -11,14 +11,17 @@ ENV USERTOKEN=gte-201.1.end
 
 COPY container_files/seed-data/ /seed-data/
 
-RUN (/usr/sbin/slapd -h "ldap:/// ldaps:/// ldapi:///" -u ldap &) \
+RUN . /usr/local/bin/library.sh \
+    && prep_conf && prep_finish && setupFiles; \
+    (/usr/sbin/slapd -h "ldap:/// ldaps:/// ldapi:///" -u ldap &) \
     && while ! curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to start; sleep 1; done; \
     (mysqld_safe & ) \
     && while ! curl -s localhost:3306 > /dev/null; do echo waiting for mysqld to start; sleep 3; done; \
-    cd /opt/grouper/grouper.apiBinary \
+    cd /opt/grouper/grouperWebapp/WEB-INF \
     && ldapadd -x -D cn=root,dc=internet2,dc=edu -w password -f /seed-data/users.ldif \
     && mysql grouper < /seed-data/sisData.sql \
-    && bin/gsh /seed-data/bootstrap.gsh \
+    && if [ ! -f /usr/local/bin/java ]; then ln -s /usr/lib/jvm/java-1.8.0-amazon-corretto/bin/java /usr/local/bin/java; fi \
+    && sudo --preserve-env=PATH -u tomcat bin/gsh.sh /seed-data/bootstrap.gsh \
     && pkill -HUP slapd \
     && while curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to stop; sleep 1; done; \
     pkill -u mysql mysqld \

ex201/ex201.2.1/Dockerfile

@@ -11,14 +11,17 @@ ENV USERTOKEN=gte-201.2.1
 
 COPY container_files/seed-data/ /seed-data/
 
-RUN (/usr/sbin/slapd -h "ldap:/// ldaps:/// ldapi:///" -u ldap &) \
+RUN . /usr/local/bin/library.sh \
+    && prep_conf && prep_finish && setupFiles; \
+    (/usr/sbin/slapd -h "ldap:/// ldaps:/// ldapi:///" -u ldap &) \
     && while ! curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to start; sleep 1; done; \
     (mysqld_safe & ) \
     && while ! curl -s localhost:3306 > /dev/null; do echo waiting for mysqld to start; sleep 3; done; \
-    cd /opt/grouper/grouper.apiBinary \
+    cd /opt/grouper/grouperWebapp/WEB-INF \
     && ldapadd -x -D cn=root,dc=internet2,dc=edu -w password -f /seed-data/users.ldif \
     && mysql grouper < /seed-data/sisData.sql \
-    && bin/gsh /seed-data/bootstrap.gsh \
+    && if [ ! -f /usr/local/bin/java ]; then ln -s /usr/lib/jvm/java-1.8.0-amazon-corretto/bin/java /usr/local/bin/java; fi \
+    && sudo --preserve-env=PATH -u tomcat bin/gsh.sh /seed-data/bootstrap.gsh \
     && pkill -HUP slapd \
     && while curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to stop; sleep 1; done; \
     pkill -u mysql mysqld \

ex201/ex201.2.end/Dockerfile

@@ -11,14 +11,17 @@ ENV USERTOKEN=gte-201.2.end
 
 COPY container_files/seed-data/ /seed-data/
 
-RUN (/usr/sbin/slapd -h "ldap:/// ldaps:/// ldapi:///" -u ldap &) \
+RUN . /usr/local/bin/library.sh \
+    && prep_conf && prep_finish && setupFiles; \
+    (/usr/sbin/slapd -h "ldap:/// ldaps:/// ldapi:///" -u ldap &) \
     && while ! curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to start; sleep 1; done; \
     (mysqld_safe & ) \
     && while ! curl -s localhost:3306 > /dev/null; do echo waiting for mysqld to start; sleep 3; done; \
-    cd /opt/grouper/grouper.apiBinary \
+    cd /opt/grouper/grouperWebapp/WEB-INF \
     && ldapadd -x -D cn=root,dc=internet2,dc=edu -w password -f /seed-data/users.ldif \
     && mysql grouper < /seed-data/sisData.sql \
-    && bin/gsh /seed-data/bootstrap.gsh \
+    && if [ ! -f /usr/local/bin/java ]; then ln -s /usr/lib/jvm/java-1.8.0-amazon-corretto/bin/java /usr/local/bin/java; fi \
+    && sudo --preserve-env=PATH -u tomcat bin/gsh.sh /seed-data/bootstrap.gsh \
     && pkill -HUP slapd \
     && while curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to stop; sleep 1; done; \
     pkill -u mysql mysqld \

ex201/ex201.3.1/Dockerfile

@@ -11,14 +11,17 @@ ENV USERTOKEN=gte-201.3.1
 
 COPY container_files/seed-data/ /seed-data/
 
-RUN (/usr/sbin/slapd -h "ldap:/// ldaps:/// ldapi:///" -u ldap &) \
+RUN . /usr/local/bin/library.sh \
+    && prep_conf && prep_finish && setupFiles; \
+    (/usr/sbin/slapd -h "ldap:/// ldaps:/// ldapi:///" -u ldap &) \
     && while ! curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to start; sleep 1; done; \
     (mysqld_safe & ) \
     && while ! curl -s localhost:3306 > /dev/null; do echo waiting for mysqld to start; sleep 3; done; \
-    cd /opt/grouper/grouper.apiBinary \
+    cd /opt/grouper/grouperWebapp/WEB-INF \
     && ldapadd -x -D cn=root,dc=internet2,dc=edu -w password -f /seed-data/users.ldif \
     && mysql grouper < /seed-data/sisData.sql \
-    && bin/gsh /seed-data/bootstrap.gsh \
+    && if [ ! -f /usr/local/bin/java ]; then ln -s /usr/lib/jvm/java-1.8.0-amazon-corretto/bin/java /usr/local/bin/java; fi \
+    && sudo --preserve-env=PATH -u tomcat bin/gsh.sh /seed-data/bootstrap.gsh \
     && pkill -HUP slapd \
     && while curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to stop; sleep 1; done; \
     pkill -u mysql mysqld \

ex201/ex201.3.end/Dockerfile

@@ -11,14 +11,17 @@ ENV USERTOKEN=gte-201.3.end
 
 COPY container_files/seed-data/ /seed-data/
 
-RUN (/usr/sbin/slapd -h "ldap:/// ldaps:/// ldapi:///" -u ldap &) \
+RUN . /usr/local/bin/library.sh \
+    && prep_conf && prep_finish && setupFiles; \
+    (/usr/sbin/slapd -h "ldap:/// ldaps:/// ldapi:///" -u ldap &) \
     && while ! curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to start; sleep 1; done; \
     (mysqld_safe & ) \
     && while ! curl -s localhost:3306 > /dev/null; do echo waiting for mysqld to start; sleep 3; done; \
-    cd /opt/grouper/grouper.apiBinary \
+    cd /opt/grouper/grouperWebapp/WEB-INF \
     && ldapadd -x -D cn=root,dc=internet2,dc=edu -w password -f /seed-data/users.ldif \
     && mysql grouper < /seed-data/sisData.sql \
-    && bin/gsh /seed-data/bootstrap.gsh \
+    && if [ ! -f /usr/local/bin/java ]; then ln -s /usr/lib/jvm/java-1.8.0-amazon-corretto/bin/java /usr/local/bin/java; fi \
+    && sudo --preserve-env=PATH -u tomcat bin/gsh.sh /seed-data/bootstrap.gsh \
     && pkill -HUP slapd \
     && while curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to stop; sleep 1; done; \
     pkill -u mysql mysqld \

ex201/ex201.4.1/Dockerfile

@@ -11,14 +11,17 @@ ENV USERTOKEN=gte-201.4.1
 
 COPY container_files/seed-data/ /seed-data/
 
-RUN (/usr/sbin/slapd -h "ldap:/// ldaps:/// ldapi:///" -u ldap &) \
+RUN . /usr/local/bin/library.sh \
+    && prep_conf && prep_finish && setupFiles; \
+    (/usr/sbin/slapd -h "ldap:/// ldaps:/// ldapi:///" -u ldap &) \
     && while ! curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to start; sleep 1; done; \
     (mysqld_safe & ) \
     && while ! curl -s localhost:3306 > /dev/null; do echo waiting for mysqld to start; sleep 3; done; \
-    cd /opt/grouper/grouper.apiBinary \
+    cd /opt/grouper/grouperWebapp/WEB-INF \
     && ldapadd -x -D cn=root,dc=internet2,dc=edu -w password -f /seed-data/users.ldif \
     && mysql grouper < /seed-data/sisData.sql \
-    && bin/gsh /seed-data/bootstrap.gsh \
+    && if [ ! -f /usr/local/bin/java ]; then ln -s /usr/lib/jvm/java-1.8.0-amazon-corretto/bin/java /usr/local/bin/java; fi \
+    && sudo --preserve-env=PATH -u tomcat bin/gsh.sh /seed-data/bootstrap.gsh \
     && pkill -HUP slapd \
     && while curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to stop; sleep 1; done; \
     pkill -u mysql mysqld \

ex201/ex201.4.end/Dockerfile

@@ -12,14 +12,17 @@ ENV USERTOKEN=gte-201.4.end
 COPY container_files/seed-data/ /seed-data/
 COPY container_files/attribute-filter.xml /opt/shibboleth-idp/conf/
 
-RUN (/usr/sbin/slapd -h "ldap:/// ldaps:/// ldapi:///" -u ldap &) \
+RUN . /usr/local/bin/library.sh \
+    && prep_conf && prep_finish && setupFiles; \
+    (/usr/sbin/slapd -h "ldap:/// ldaps:/// ldapi:///" -u ldap &) \
     && while ! curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to start; sleep 1; done; \
     (mysqld_safe & ) \
     && while ! curl -s localhost:3306 > /dev/null; do echo waiting for mysqld to start; sleep 3; done; \
-    cd /opt/grouper/grouper.apiBinary \
+    cd /opt/grouper/grouperWebapp/WEB-INF \
     && ldapadd -x -D cn=root,dc=internet2,dc=edu -w password -f /seed-data/users.ldif \
     && mysql grouper < /seed-data/sisData.sql \
-    && bin/gsh /seed-data/bootstrap.gsh \
+    && if [ ! -f /usr/local/bin/java ]; then ln -s /usr/lib/jvm/java-1.8.0-amazon-corretto/bin/java /usr/local/bin/java; fi \
+    && sudo --preserve-env=PATH -u tomcat bin/gsh.sh /seed-data/bootstrap.gsh \
     && pkill -HUP slapd \
     && while curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to stop; sleep 1; done; \
     pkill -u mysql mysqld \

ex201/ex201.5.1/Dockerfile

@@ -11,14 +11,17 @@ ENV USERTOKEN=gte-201.5.1
 
 COPY container_files/seed-data/ /seed-data/
 
-RUN (/usr/sbin/slapd -h "ldap:/// ldaps:/// ldapi:///" -u ldap &) \
+RUN . /usr/local/bin/library.sh \
+    && prep_conf && prep_finish && setupFiles; \
+    (/usr/sbin/slapd -h "ldap:/// ldaps:/// ldapi:///" -u ldap &) \
     && while ! curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to start; sleep 1; done; \
     (mysqld_safe & ) \
     && while ! curl -s localhost:3306 > /dev/null; do echo waiting for mysqld to start; sleep 3; done; \
-    cd /opt/grouper/grouper.apiBinary \
+    cd /opt/grouper/grouperWebapp/WEB-INF \
     && ldapadd -x -D cn=root,dc=internet2,dc=edu -w password -f /seed-data/users.ldif \
     && mysql grouper < /seed-data/sisData.sql \
-    && bin/gsh /seed-data/bootstrap.gsh \
+    && if [ ! -f /usr/local/bin/java ]; then ln -s /usr/lib/jvm/java-1.8.0-amazon-corretto/bin/java /usr/local/bin/java; fi \
+    && sudo --preserve-env=PATH -u tomcat bin/gsh.sh /seed-data/bootstrap.gsh \
     && pkill -HUP slapd \
     && while curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to stop; sleep 1; done; \
     pkill -u mysql mysqld \

ex201/ex201.5.end/Dockerfile

@@ -11,14 +11,17 @@ ENV USERTOKEN=gte-201.5.end
 
 COPY container_files/seed-data/ /seed-data/
 
-RUN (/usr/sbin/slapd -h "ldap:/// ldaps:/// ldapi:///" -u ldap &) \
+RUN . /usr/local/bin/library.sh \
+    && prep_conf && prep_finish && setupFiles; \
+    (/usr/sbin/slapd -h "ldap:/// ldaps:/// ldapi:///" -u ldap &) \
     && while ! curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to start; sleep 1; done; \
     (mysqld_safe & ) \
     && while ! curl -s localhost:3306 > /dev/null; do echo waiting for mysqld to start; sleep 3; done; \
-    cd /opt/grouper/grouper.apiBinary \
+    cd /opt/grouper/grouperWebapp/WEB-INF \
     && ldapadd -x -D cn=root,dc=internet2,dc=edu -w password -f /seed-data/users.ldif \
     && mysql grouper < /seed-data/sisData.sql \
-    && bin/gsh /seed-data/bootstrap.gsh \
+    && if [ ! -f /usr/local/bin/java ]; then ln -s /usr/lib/jvm/java-1.8.0-amazon-corretto/bin/java /usr/local/bin/java; fi \
+    && sudo --preserve-env=PATH -u tomcat bin/gsh.sh /seed-data/bootstrap.gsh \
     && pkill -HUP slapd \
     && while curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to stop; sleep 1; done; \
     pkill -u mysql mysqld \

ex211/ex211.1.1/Dockerfile

@@ -11,14 +11,18 @@ ENV USERTOKEN=gte-211.1.1
 
 COPY container_files/seed-data/ /seed-data/
 
-RUN (/usr/sbin/slapd -h "ldap:/// ldaps:/// ldapi:///" -u ldap &) \
+RUN . /usr/local/bin/library.sh \
+    && prep_conf && prep_finish && setupFiles; \
+    (/usr/sbin/slapd -h "ldap:/// ldaps:/// ldapi:///" -u ldap &) \
     && while ! curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to start; sleep 1; done; \
     (mysqld_safe & ) \
     && while ! curl -s localhost:3306 > /dev/null; do echo waiting for mysqld to start; sleep 3; done; \
-    cd /opt/grouper/grouper.apiBinary \
+    cd /opt/grouper/grouperWebapp/WEB-INF \
     && ldapadd -x -D cn=root,dc=internet2,dc=edu -w password -f /seed-data/users.ldif \
     && mysql grouper < /seed-data/sisData.sql \
-    && bin/gsh /seed-data/bootstrap.gsh \
+    && cp -r /opt/grouper/grouperWebapp/WEB-INF/libUiAndDaemon/* /opt/grouper/grouperWebapp/WEB-INF/lib/ \
+    && if [ ! -f /usr/local/bin/java ]; then ln -s /usr/lib/jvm/java-1.8.0-amazon-corretto/bin/java /usr/local/bin/java; fi \
+    && sudo --preserve-env=PATH -u tomcat bin/gsh.sh /seed-data/bootstrap.gsh \
     && pkill -HUP slapd \
     && while curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to stop; sleep 1; done; \
     pkill -u mysql mysqld \

ex301/ex301.4.1/Dockerfile

@@ -11,14 +11,18 @@ ENV USERTOKEN=gte-301.4.1
 
 COPY container_files/seed-data/ /seed-data/
 
-RUN (/usr/sbin/slapd -h "ldap:/// ldaps:/// ldapi:///" -u ldap &) \
+RUN . /usr/local/bin/library.sh \
+    && prep_conf && prep_finish && setupFiles; \
+    (/usr/sbin/slapd -h "ldap:/// ldaps:/// ldapi:///" -u ldap &) \
     && while ! curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to start; sleep 1; done; \
     (mysqld_safe & ) \
     && while ! curl -s localhost:3306 > /dev/null; do echo waiting for mysqld to start; sleep 3; done; \
-    cd /opt/grouper/grouper.apiBinary \
+    cd /opt/grouper/grouperWebapp/WEB-INF \
     && ldapadd -x -D cn=root,dc=internet2,dc=edu -w password -f /seed-data/users.ldif \
     && mysql grouper < /seed-data/sisData.sql \
-    && bin/gsh /seed-data/bootstrap.gsh \
+    && cp -r /opt/grouper/grouperWebapp/WEB-INF/libUiAndDaemon/* /opt/grouper/grouperWebapp/WEB-INF/lib/ \
+    && if [ ! -f /usr/local/bin/java ]; then ln -s /usr/lib/jvm/java-1.8.0-amazon-corretto/bin/java /usr/local/bin/java; fi \
+    && sudo --preserve-env=PATH -u tomcat bin/gsh.sh /seed-data/bootstrap.gsh \
     && pkill -HUP slapd \
     && while curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to stop; sleep 1; done; \
     pkill -u mysql mysqld \