HELP: Tomcat 5.5.9 with jsvc as low priviledges user on Linux fails in Bootstrap

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

HELP: Tomcat 5.5.9 with jsvc as low priviledges user on Linux fails in Bootstrap

MC Moisei-2
I know this is a Tomcat problem, I was wondering if anyone experienced
this before and if there is a fix without compromising security.


> Hi,
>
> I manage to configure my tomcat with jsvc(common-daemon) and
> everything work great till I start to launch it as root. If I run it
> as tomcat user it does work great. If I try to run it as root from
> command prompt or from init.d I get the following exception ( see below )
>
> Right are given as below
> chown -R tomcat:tomcat /usr/local/tomcat
> chown -R root:root /usr/local/tomcat/bin
> chown -R root:root /usr/local/tomcat/common
>
> This is not right - looks like the bootstrap is trying to access the
> Realm and there is no write access to the conf/tomcat-users.xml file.
> I can't believe the common-daemon not tomcat side didn't say a thing
> about this, I bet there are others experiencing the matter.
> Do i have to disable Tomcat realms ? It doesn't sounds right. There is
> no way I'd give "others" write access on that.
>
> Looking forward to hear from you if you experienced something similar.
> Thanks,
> MC
>
>
>
>
> Aug 1, 2005 7:23:15 PM org.apache.naming.NamingContext lookup
> WARNING: Unexpected exception resolving reference
> java.io.FileNotFoundException:
> /usr/local/tomcat/tomcat_home/conf/tomcat-users.xml.new (Permission
> denied)
>     at java.io.FileOutputStream.open(Native Method)
>     at java.io.FileOutputStream.<init>(FileOutputStream.java:179)
>     at java.io.FileOutputStream.<init>(FileOutputStream.java:131)
>     at
> org.apache.catalina.users.MemoryUserDatabase.save(MemoryUserDatabase.java:462)
>
>     at
> org.apache.catalina.users.MemoryUserDatabaseFactory.getObjectInstance(MemoryUserDatabaseFactory.java:98)
>
>     at
> org.apache.naming.factory.ResourceFactory.getObjectInstance(ResourceFactory.java:129)
>
>     at
> javax.naming.spi.NamingManager.getObjectInstance(NamingManager.java:301)
>     at org.apache.naming.NamingContext.lookup(NamingContext.java:792)
>     at org.apache.naming.NamingContext.lookup(NamingContext.java:152)
>     at
> org.apache.catalina.mbeans.GlobalResourcesLifecycleListener.createMBeans(GlobalResourcesLifecycleListener.java:138)
>
>     at
> org.apache.catalina.mbeans.GlobalResourcesLifecycleListener.createMBeans(GlobalResourcesLifecycleListener.java:108)
>
>     at
> org.apache.catalina.mbeans.GlobalResourcesLifecycleListener.lifecycleEvent(GlobalResourcesLifecycleListener.java:80)
>
>     at
> org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:119)
>
>     at
> org.apache.catalina.core.StandardServer.start(StandardServer.java:676)
>     at org.apache.catalina.startup.Catalina.start(Catalina.java:537)
>     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>     at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
>
>     at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
>
>     at java.lang.reflect.Method.invoke(Method.java:324)
>     at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:271)
>     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>     at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
>
>     at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
>
>     at java.lang.reflect.Method.invoke(Method.java:324)
>     at
> org.apache.commons.daemon.support.DaemonLoader.start(DaemonLoader.java:218)
>
> Aug 1, 2005 7:23:15 PM
> org.apache.catalina.mbeans.GlobalResourcesLifecycleListener createMBeans
> SEVERE: Exception processing Global JNDI Resources
>
>
>


---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]