Re: Running as user tomcat

2018-02-23 Thread Coty Sutherland 
Also see https://bz.apache.org/bugzilla/show_bug.cgi?id=60560 :) I've
been planning to push a solution for that, just haven't gotten around
to it yet.

On Fri, Feb 23, 2018 at 5:34 PM, André Warnier (tomcat)  wrote:
> On 23.02.2018 23:32, André Warnier (tomcat) wrote:
>>
>> On 23.02.2018 18:52, Peter@Kreuser-Online wrote:
>>>
>>> Hi Chris,
>>>
>>>
>>>
 Am 23.02.2018 um 18:36 schrieb Cheltenham, Chris
 :

 Hello All,

 I am trying to run tomcat as a non root user.

 It will start as the tomcat user but it will not bind to connector 443
 unless it starts
 as root.

 Does anyone know why?
>>>
>>>
>>> Unix will not let you open ports below 1024 as non-root user!
>>>
>>> You may use a proxy in front of it or maybe use iptables to be able to
>>> use standard
>>> ports AND user tomcat.
>>
>>
>> See also : https://commons.apache.org/proper/commons-daemon/jsvc.html
>
>
> Or if you are running under Linux, check :
> https://en.wikipedia.org/wiki/Authbind
>
>
>
>>
>>>
 23-Feb-2018 09:14:59.140 SEVERE [main]
 org.apache.catalina.core.StandardService.initInternal Failed to
 initialize connector
 [Connector[HTTP/1.1-443]]
 org.apache.catalina.LifecycleException: Failed to initialize component
 [Connector[HTTP/1.1-443]]

 I’m using java 9.0.4 and Tomcat 8.5.28


 ===

 Thank You;

 Chris Cheltenham
 Technology Services
 The School District of Philadelphia

 Work # 215-400-5025
 Cell # 215-301-6571
>>>
>>>
>>> Best regards
>>>
>>> Peter
>>>
>>
>>
>> -
>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
>> For additional commands, e-mail: users-h...@tomcat.apache.org
>>
>
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Running as user tomcat

2018-02-23 Thread tomcat 

On 23.02.2018 23:32, André Warnier (tomcat) wrote:

On 23.02.2018 18:52, Peter@Kreuser-Online wrote:

Hi Chris,




Am 23.02.2018 um 18:36 schrieb Cheltenham, Chris :

Hello All,

I am trying to run tomcat as a non root user.

It will start as the tomcat user but it will not bind to connector 443 unless 
it starts
as root.

Does anyone know why?


Unix will not let you open ports below 1024 as non-root user!

You may use a proxy in front of it or maybe use iptables to be able to use 
standard
ports AND user tomcat.


See also : https://commons.apache.org/proper/commons-daemon/jsvc.html


Or if you are running under Linux, check : 
https://en.wikipedia.org/wiki/Authbind







23-Feb-2018 09:14:59.140 SEVERE [main]
org.apache.catalina.core.StandardService.initInternal Failed to initialize 
connector
[Connector[HTTP/1.1-443]]
org.apache.catalina.LifecycleException: Failed to initialize component
[Connector[HTTP/1.1-443]]

I’m using java 9.0.4 and Tomcat 8.5.28


===

Thank You;

Chris Cheltenham
Technology Services
The School District of Philadelphia

Work # 215-400-5025
Cell # 215-301-6571


Best regards

Peter




-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org




-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Running as user tomcat

2018-02-23 Thread tomcat 

On 23.02.2018 18:52, Peter@Kreuser-Online wrote:

Hi Chris,




Am 23.02.2018 um 18:36 schrieb Cheltenham, Chris :

Hello All,

I am trying to run tomcat as a non root user.

It will start as the tomcat user but it will not bind to connector 443 unless 
it starts as root.

Does anyone know why?


Unix will not let you open ports below 1024 as non-root user!

You may use a proxy in front of it or maybe use iptables to be able to use 
standard ports AND user tomcat.


See also : https://commons.apache.org/proper/commons-daemon/jsvc.html




23-Feb-2018 09:14:59.140 SEVERE [main] 
org.apache.catalina.core.StandardService.initInternal Failed to initialize 
connector [Connector[HTTP/1.1-443]]
org.apache.catalina.LifecycleException: Failed to initialize component 
[Connector[HTTP/1.1-443]]

I’m using java 9.0.4 and Tomcat 8.5.28


===

Thank You;

Chris Cheltenham
Technology Services
The School District of Philadelphia

Work # 215-400-5025
Cell # 215-301-6571


Best regards

Peter




-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

RE: Running as user tomcat

2018-02-23 Thread Cheltenham, Chris 
YES! Thank you.

I forgot about that.



===

Thank You;

Chris Cheltenham
Technology Services
The School District of Philadelphia

Work # 215-400-5025
Cell # 215-301-6571


-Original Message-
From: Peter@Kreuser-Online [mailto:l...@kreuser.name]
Sent: Friday, February 23, 2018 12:53 PM
To: Tomcat Users List <users@tomcat.apache.org>
Subject: Re: Running as user tomcat

Hi Chris,



> Am 23.02.2018 um 18:36 schrieb Cheltenham, Chris 
> <ccheltenham-...@philasd.org>:
>
> Hello All,
>
> I am trying to run tomcat as a non root user.
>
> It will start as the tomcat user but it will not bind to connector 443 
> unless it starts as root.
>
> Does anyone know why?

Unix will not let you open ports below 1024 as non-root user!

You may use a proxy in front of it or maybe use iptables to be able to use 
standard ports AND user tomcat.

> 23-Feb-2018 09:14:59.140 SEVERE [main] 
> org.apache.catalina.core.StandardService.initInternal Failed to initialize 
> connector [Connector[HTTP/1.1-443]]
> org.apache.catalina.LifecycleException: Failed to initialize component 
> [Connector[HTTP/1.1-443]]
>
> I’m using java 9.0.4 and Tomcat 8.5.28
>
>
> ===
>
> Thank You;
>
> Chris Cheltenham
> Technology Services
> The School District of Philadelphia
>
> Work # 215-400-5025
> Cell # 215-301-6571

Best regards

Peter

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

RE: Running as user tomcat

2018-02-23 Thread Caldarale, Charles R 
> From: Peter@Kreuser-Online [mailto:l...@kreuser.name] 
> Subject: Re: Running as user tomcat

> Am 23.02.2018 um 18:36 schrieb Cheltenham, Chris
<ccheltenham-...@philasd.org>:

> > I am trying to run tomcat as a non root user.
 
> > It will start as the tomcat user but it will not bind to connector 443
unless it starts as root.

> Unix will not let you open ports below 1024 as non-root user!

> You may use a proxy in front of it or maybe use iptables to be able to use
standard ports AND user tomcat.

And definitely read the wiki entry about this, before doing anything else:
https://wiki.apache.org/tomcat/HowTo#How_to_run_Tomcat_without_root_privileg
es.3F

  - Chuck


THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
MATERIAL and is thus for use only by the intended recipient. If you received
this in error, please contact the sender and delete the e-mail and its
attachments from all computers.



smime.p7s
Description: S/MIME cryptographic signature

Re: Running as user tomcat

2018-02-23 Thread Peter@Kreuser-Online 
Hi Chris,



> Am 23.02.2018 um 18:36 schrieb Cheltenham, Chris 
> :
> 
> Hello All,
>  
> I am trying to run tomcat as a non root user.
>  
> It will start as the tomcat user but it will not bind to connector 443 unless 
> it starts as root.
>  
> Does anyone know why?

Unix will not let you open ports below 1024 as non-root user!

You may use a proxy in front of it or maybe use iptables to be able to use 
standard ports AND user tomcat.

> 23-Feb-2018 09:14:59.140 SEVERE [main] 
> org.apache.catalina.core.StandardService.initInternal Failed to initialize 
> connector [Connector[HTTP/1.1-443]]
> org.apache.catalina.LifecycleException: Failed to initialize component 
> [Connector[HTTP/1.1-443]]
>  
> I’m using java 9.0.4 and Tomcat 8.5.28
>  
>  
> ===
> 
> Thank You;
> 
> Chris Cheltenham
> Technology Services
> The School District of Philadelphia
> 
> Work # 215-400-5025
> Cell # 215-301-6571

Best regards

Peter