JSVC, Redhat 8, and TomCat 5.0.xx startup

[David Johnson <d_...@cox-internet.com>]

I have noticed that a number of other people have written with this problem, and I was wondering if there was a permanent solution yet.

When using jsvc to srart the Tomcat server with its own user ID, launched from a shell script in init.d during startup, jsvc aborts.  If, on the other hand, I launch the exact same script while logged in a root, the daemon launches correctly and stays in memory.  Finally, if I log in as "tomcat", it fails with exactly the same results as if it were launched during startup.

Not being a linux guru (yet) or a jsvc guru, I am guessing.  It appears to me as though the version of jsvc shipped with tomcat is attempting to write the jsvc.pid file somewhere that it lacks the authority to do so during the boot process.  My reading of the symptoms could be wrong, so I would like some feedback from those who are really knowledgable about these products.

Is there a solution to this problem?

Thanks in advance.

Re: JSVC, Redhat 8, and TomCat 5.0.xx startup

[QM <qm...@brandxdev.net>]

On Mon, Jun 28, 2004 at 07:18:00AM -0500, David Johnson wrote:
: That leaves the launch at boot time from init.d with unexpected behavior -
: is the boot script not being launched under root authority?  Or is there a
: known corrective action?


"Unexpected" how?

Step-by-step:
1/ The boot script is called by root.

2/ Root runs jsvc, which calls the port (or whatever) with root privs.

3/ Root then calls setuid() et al under the covers to switch IDs to the
Tomcat user.

4/ Tomcat (or whatever daemon) is run as the specified user.


-QM

-- 

software  -- http://www.brandxdev.net
tech news -- http://www.RoarNetworX.com


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org

Re: JSVC, Redhat 8, and TomCat 5.0.xx startup

[QM <qm...@brandxdev.net>]

Hold on, I got another look at your first message:

if the init script (run as root) fails, but jsvc works when called by
root on the commandline, you most likely have an error in your init
script.

Most init script problems I've seen are based on assumptions about the
(minimal) boot-time environment.

e.g. look for environment variables that are set by root's .profile and
such, because that file isn't sourced in for init scripts at boot time.

If you're still stuck, post the script and I'll take a look at it.

-QM

-- 

software  -- http://www.brandxdev.net
tech news -- http://www.RoarNetworX.com


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org

Re: JSVC, Redhat 8, and TomCat 5.0.xx startup

[David Johnson <d_...@cox-internet.com>]

So its behavior is expected when launched manually as a non-root user, and
when launched manually as a root user.

That leaves the launch at boot time from init.d with unexpected behavior -
is the boot script not being launched under root authority?  Or is there a
known corrective action?

Thanks,

----- Original Message -----
From: "QM" <qm...@brandxdev.net>
To: "Tomcat Users List" <to...@jakarta.apache.org>
Sent: Sunday, June 27, 2004 9:21 PM
Subject: Re: JSVC, Redhat 8, and TomCat 5.0.xx startup


> On Sun, Jun 27, 2004 at 08:48:06PM -0500, David Johnson wrote:
> : When using jsvc to srart the Tomcat server with its own user ID,
launched from
> : a shell script in init.d during startup, jsvc aborts.  If, on the other
hand,
> : I launch the exact same script while logged in a root, the daemon
launches
> : correctly and stays in memory.  Finally, if I log in as "tomcat", it
fails
> : with exactly the same results as if it were launched during startup.
>
> jsvc expects to be run as root such that it can call setuid() and
> setgid() to change to the nonroot user that actually runs the daemon
> process.
>
> IIRC since jsvc expects root privs, calls to setuid() and setgid() fail
> when it is run as a nonroot user (in your case, "tomcat") even though
> said user is the intended daemon user.
>
> Long story short: sounds like expected behavior to me. ;)
>
> -QM
>
> --
>
> software  -- http://www.brandxdev.net
> tech news -- http://www.RoarNetworX.com
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
>


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org

Re: JSVC, Redhat 8, and TomCat 5.0.xx startup

[QM <qm...@brandxdev.net>]

On Sun, Jun 27, 2004 at 08:48:06PM -0500, David Johnson wrote:
: When using jsvc to srart the Tomcat server with its own user ID, launched from
: a shell script in init.d during startup, jsvc aborts.  If, on the other hand,
: I launch the exact same script while logged in a root, the daemon launches
: correctly and stays in memory.  Finally, if I log in as "tomcat", it fails
: with exactly the same results as if it were launched during startup.

jsvc expects to be run as root such that it can call setuid() and
setgid() to change to the nonroot user that actually runs the daemon
process.

IIRC since jsvc expects root privs, calls to setuid() and setgid() fail
when it is run as a nonroot user (in your case, "tomcat") even though
said user is the intended daemon user.

Long story short: sounds like expected behavior to me. ;)

-QM

-- 

software  -- http://www.brandxdev.net
tech news -- http://www.RoarNetworX.com


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org