You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by "See Kai Leong, Ken" <ke...@singnet.com.sg> on 2000/09/24 11:45:30 UTC
Running Tomcat 3.2 process as user:nobody
Hi,
Anyone has any idea how can I use nobody to run the tomcat process instead
of root?
Thanks.
Regards,
Ken, See Kai Leong
Re: Running Tomcat 3.2 process as user:nobody
Posted by Glenn Nielsen <gl...@voyager.apg.more.net>.
"See Kai Leong, Ken" wrote:
>
> Hi,
>
> I am using the startup.sh in the $TOMCAT_HOME/bin directory. I tried su -c
> ./startup.sh nobody but it failed with permission access rights errors.
>
> Apache do not have this access rights problem. Is there another way of doing
> it or am I suppose to change all the directory owner to nobody?
>
> Is tomcat going to have a "user" directive like apache for this?
>
You mean it starts as root then Tomcat changes to user nobody?
That is something very OS dependant and would require native libs.
What I did was create a user and group called "tomcat" with the
same /etc/passwd config as nobody. Then I wrote my own little start
script that uses su - tomcat startup.sh.
You also have to chown tomcat:tomcat the work, webapps, and log directories.
Also the conf directory if you use the web server config files generated
by tomcat.
I also configured a conf/tomcat.policy file and start tomcat with -security
so that the Java SecurityManager can be used to sandbox Tomcat and webapps.
(The java SecurityManager is only available in Tomcat 3.2 and above.)
Regards,
Glenn
> Thanks.
>
> Regards,
> Ken, See Kai Leong
>
> ----- Original Message -----
> From: "Holger Klawitter" <ho...@klawitter.de>
> To: <to...@jakarta.apache.org>
> Sent: Monday, September 25, 2000 15:10
> Subject: Re: Running Tomcat 3.2 process as user:nobody
>
> > "See Kai Leong, Ken" wrote:
> > >
> > > Hi,
> > >
> > > Anyone has any idea how can I use nobody to run the tomcat process
> instead
> > > of root?
> >
> > (Assuming you are starting tomcat with
> > /usr/local/tomcat/bin/start-tomcat.local.sh
> > you may use
> > su -c /usr/local/tomcat/bin/start-tomcat.local.sh nobody
> >
> > Regards,
> > Mit freundlichem Gruß,
> > Holger Klawitter
> > --
> > Holger Klawitter +49 (0)251 484 0637
> > holger@klawitter.de http://www.klawitter.de/
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
--
----------------------------------------------------------------------
Glenn Nielsen glenn@more.net | /* Spelin donut madder |
MOREnet System Programming | * if iz ina coment. |
Missouri Research and Education Network | */ |
----------------------------------------------------------------------
Re: Running Tomcat 3.2 process as user:nobody
Posted by "See Kai Leong, Ken" <ke...@singnet.com.sg>.
Hi,
I am using the startup.sh in the $TOMCAT_HOME/bin directory. I tried su -c
./startup.sh nobody but it failed with permission access rights errors.
Apache do not have this access rights problem. Is there another way of doing
it or am I suppose to change all the directory owner to nobody?
Is tomcat going to have a "user" directive like apache for this?
Thanks.
Regards,
Ken, See Kai Leong
----- Original Message -----
From: "Holger Klawitter" <ho...@klawitter.de>
To: <to...@jakarta.apache.org>
Sent: Monday, September 25, 2000 15:10
Subject: Re: Running Tomcat 3.2 process as user:nobody
> "See Kai Leong, Ken" wrote:
> >
> > Hi,
> >
> > Anyone has any idea how can I use nobody to run the tomcat process
instead
> > of root?
>
> (Assuming you are starting tomcat with
> /usr/local/tomcat/bin/start-tomcat.local.sh
> you may use
> su -c /usr/local/tomcat/bin/start-tomcat.local.sh nobody
>
> Regards,
> Mit freundlichem Gruß,
> Holger Klawitter
> --
> Holger Klawitter +49 (0)251 484 0637
> holger@klawitter.de http://www.klawitter.de/
>
Re: Running Tomcat 3.2 process as user:nobody
Posted by "See Kai Leong, Ken" <ke...@singnet.com.sg>.
Hi,
I am using the startup.sh in the $TOMCAT_HOME/bin directory. I tried su -c
./startup.sh nobody but it failed with permission access rights errors.
Apache do not have this access rights problem. Is there another way of doing
it or am I suppose to change all the directory owner to nobody?
Is tomcat going to have a "user" directive like apache for this?
Thanks.
Regards,
Ken, See Kai Leong
----- Original Message -----
From: "Holger Klawitter" <ho...@klawitter.de>
To: <to...@jakarta.apache.org>
Sent: Monday, September 25, 2000 15:10
Subject: Re: Running Tomcat 3.2 process as user:nobody
> "See Kai Leong, Ken" wrote:
> >
> > Hi,
> >
> > Anyone has any idea how can I use nobody to run the tomcat process
instead
> > of root?
>
> (Assuming you are starting tomcat with
> /usr/local/tomcat/bin/start-tomcat.local.sh
> you may use
> su -c /usr/local/tomcat/bin/start-tomcat.local.sh nobody
>
> Regards,
> Mit freundlichem Gruß,
> Holger Klawitter
> --
> Holger Klawitter +49 (0)251 484 0637
> holger@klawitter.de http://www.klawitter.de/
>
Re: Running Tomcat 3.2 process as user:nobody
Posted by Holger Klawitter <ho...@klawitter.de>.
"See Kai Leong, Ken" wrote:
>
> Hi,
>
> Anyone has any idea how can I use nobody to run the tomcat process instead
> of root?
(Assuming you are starting tomcat with
/usr/local/tomcat/bin/start-tomcat.local.sh
you may use
su -c /usr/local/tomcat/bin/start-tomcat.local.sh nobody
Regards,
Mit freundlichem Gruß,
Holger Klawitter
--
Holger Klawitter +49 (0)251 484 0637
holger@klawitter.de http://www.klawitter.de/