Re: JSVC, Redhat 8, and TomCat 5.0.xx startup
Hold on, I got another look at your first message: if the init script (run as root) fails, but jsvc works when called by root on the commandline, you most likely have an error in your init script. Most init script problems I've seen are based on assumptions about the (minimal) boot-time environment. e.g. look for environment variables that are set by root's .profile and such, because that file isn't sourced in for init scripts at boot time. If you're still stuck, post the script and I'll take a look at it. -QM -- software -- http://www.brandxdev.net tech news -- http://www.RoarNetworX.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JSVC, Redhat 8, and TomCat 5.0.xx startup
On Mon, Jun 28, 2004 at 07:18:00AM -0500, David Johnson wrote: : That leaves the launch at boot time from init.d with unexpected behavior - : is the boot script not being launched under root authority? Or is there a : known corrective action? "Unexpected" how? Step-by-step: 1/ The boot script is called by root. 2/ Root runs jsvc, which calls the port (or whatever) with root privs. 3/ Root then calls setuid() et al under the covers to switch IDs to the Tomcat user. 4/ Tomcat (or whatever daemon) is run as the specified user. -QM -- software -- http://www.brandxdev.net tech news -- http://www.RoarNetworX.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JSVC, Redhat 8, and TomCat 5.0.xx startup
So its behavior is expected when launched manually as a non-root user, and when launched manually as a root user. That leaves the launch at boot time from init.d with unexpected behavior - is the boot script not being launched under root authority? Or is there a known corrective action? Thanks, - Original Message - From: "QM" <[EMAIL PROTECTED]> To: "Tomcat Users List" <[EMAIL PROTECTED]> Sent: Sunday, June 27, 2004 9:21 PM Subject: Re: JSVC, Redhat 8, and TomCat 5.0.xx startup > On Sun, Jun 27, 2004 at 08:48:06PM -0500, David Johnson wrote: > : When using jsvc to srart the Tomcat server with its own user ID, launched from > : a shell script in init.d during startup, jsvc aborts. If, on the other hand, > : I launch the exact same script while logged in a root, the daemon launches > : correctly and stays in memory. Finally, if I log in as "tomcat", it fails > : with exactly the same results as if it were launched during startup. > > jsvc expects to be run as root such that it can call setuid() and > setgid() to change to the nonroot user that actually runs the daemon > process. > > IIRC since jsvc expects root privs, calls to setuid() and setgid() fail > when it is run as a nonroot user (in your case, "tomcat") even though > said user is the intended daemon user. > > Long story short: sounds like expected behavior to me. ;) > > -QM > > -- > > software -- http://www.brandxdev.net > tech news -- http://www.RoarNetworX.com > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JSVC, Redhat 8, and TomCat 5.0.xx startup
On Sun, Jun 27, 2004 at 08:48:06PM -0500, David Johnson wrote: : When using jsvc to srart the Tomcat server with its own user ID, launched from : a shell script in init.d during startup, jsvc aborts. If, on the other hand, : I launch the exact same script while logged in a root, the daemon launches : correctly and stays in memory. Finally, if I log in as "tomcat", it fails : with exactly the same results as if it were launched during startup. jsvc expects to be run as root such that it can call setuid() and setgid() to change to the nonroot user that actually runs the daemon process. IIRC since jsvc expects root privs, calls to setuid() and setgid() fail when it is run as a nonroot user (in your case, "tomcat") even though said user is the intended daemon user. Long story short: sounds like expected behavior to me. ;) -QM -- software -- http://www.brandxdev.net tech news -- http://www.RoarNetworX.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]