Hi Tim
When creating the "dspace" user and then assigning this user the Tomcat6
account, how do we deal with file permissions needed by Tomcat6 for the
following system files;
*dspace@ir1:~$ dpkg -L tomcat6*
*/.*
*/usr*
*/usr/share*
*/usr/share/doc*
*/usr/share/doc/tomcat6*
*/usr/share/doc/tomcat6/changelog.Debian.gz*
*/usr/share/doc/tomcat6/copyright*
*/usr/share/tomcat6*
*/usr/share/tomcat6/webapps*
*/usr/share/tomcat6/webapps/default_root*
*/usr/share/tomcat6/webapps/default_root/index.html*
*/usr/share/tomcat6/webapps/default_root/META-INF*
*/usr/share/tomcat6/webapps/default_root/META-INF/context.xml*
*/var*
*/var/cache*
*/var/cache/tomcat6*
*/var/log*
*/var/log/tomcat6*
*/var/lib*
*/var/lib/tomcat6*
*/var/lib/tomcat6/common*
*/var/lib/tomcat6/common/classes*
*/var/lib/tomcat6/server*
*/var/lib/tomcat6/server/classes*
*/var/lib/tomcat6/webapps*
*/var/lib/tomcat6/shared*
*/var/lib/tomcat6/shared/classes*
*/etc*
*/etc/init.d*
*/etc/init.d/tomcat6*
*/etc/tomcat6*
*/etc/tomcat6/context.xml*
*/etc/tomcat6/web.xml*
*/etc/tomcat6/logging.properties*
*/etc/tomcat6/policy.d*
*/etc/tomcat6/policy.d/02debian.policy*
*/etc/tomcat6/policy.d/50local.policy*
*/etc/tomcat6/policy.d/03catalina.policy*
*/etc/tomcat6/policy.d/01system.policy*
*/etc/tomcat6/policy.d/04webapps.policy*
*/etc/tomcat6/catalina.properties*
*/etc/tomcat6/tomcat-users.xml*
*/etc/tomcat6/Catalina*
*/etc/tomcat6/Catalina/localhost*
*/etc/tomcat6/server.xml*
*/etc/cron.daily*
*/etc/cron.daily/tomcat6*
*/etc/default*
*/etc/default/tomcat6*
*/usr/share/doc/tomcat6/README.Debian.gz*
*/var/lib/tomcat6/conf*
*/var/lib/tomcat6/work*
*/var/lib/tomcat6/logs*
*
*
Regards
Hilton
On 4 June 2013 17:38, Tim Donohue <[email protected]> wrote:
>
>
> On 6/4/2013 10:30 AM, Mark H. Wood wrote:
> > In the DSpace context, would it be fair to say that, while developers
> > take reasonable care, DSpace is not tested to run as root and should
> > not be so used?
>
> I think that's correct.
>
> Our DSpace Installation documentation specifically recommends that
> DSpace be installed under its own "service account" (a user named
> 'dspace'). We don't explicitly warn against using 'root'. (To be honest,
> it's really up to you and your local policies what you want to do. I,
> personally, never run DSpace as 'root'. I always create a service
> account and run DSpace & Tomcat as that user.)
>
> However, if you follow our DSpace instruction guidelines, the very first
> step is to create a 'dspace' service user (and to run Tomcat as that
> user). See Step #1 here:
>
>
> https://wiki.duraspace.org/display/DSDOC4x/Installation#Installation-InstallationInstructions
>
> - Tim
>
>
> ------------------------------------------------------------------------------
> How ServiceNow helps IT people transform IT departments:
> 1. A cloud service to automate IT design, transition and operations
> 2. Dashboards that offer high-level views of enterprise services
> 3. A single system of record for all IT processes
> http://p.sf.net/sfu/servicenow-d2d-j
> _______________________________________________
> DSpace-tech mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/dspace-tech
> List Etiquette:
> https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
>
--
*Hilton Gibson*
Linux Systems Administrator
JS Gericke Library
Room 1025C
Stellenbosch University
Private Bag X5036
Stellenbosch
7599
South Africa
Tel: +27 21 808 4100 | Cell: +27 84 646 4758
http://library.sun.ac.za
http://scholar.sun.ac.za
http://www.journals.ac.za
------------------------------------------------------------------------------
How ServiceNow helps IT people transform IT departments:
1. A cloud service to automate IT design, transition and operations
2. Dashboards that offer high-level views of enterprise services
3. A single system of record for all IT processes
http://p.sf.net/sfu/servicenow-d2d-j
_______________________________________________
DSpace-tech mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/dspace-tech
List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
