Re: file permission problem SOLVED
On Mon, Dec 18, 2017 at 1:11 PM, Chris Cheshirewrote: > Since moving from a yum controlled installation of tomcat and starting > tomcat via jsvc I have a problem with permissions of uploaded files. > > Now all files that are written by tomcat have permissions of 0600, > where they used to be 0644. I need the to be group readable, world > readable is not necessary. > > I tried setting the UMASK environment variable in my script that > starts jsvc but that has no effect. > > #!/bin/sh > > export UMASK=0027 > export JAVA_HOME="/usr/lib/jvm/java-1.8.0" > export TOMCAT_USER="sandbox1" > export CATALINA_HOME="/usr/local/apache-tomcat-8.5.24" > export CATALINA_BASE="/home/sandbox1/tomcat" > export CATALINA_OUT="/var/log/catalina-1.out" > export CATALINA_PID="/var/run/tomcat-1.pid" > > $CATALINA_HOME/bin/daemon.sh $* > > > Where and to what do I set the umask such that uploaded files have at > least group read permission? Solved it. After digging through daemon.sh, I see it is adding $JSVC_OPTS to the call to jsvc. Doing some googling led me to https://issues.apache.org/jira/browse/DAEMON-221, which unfortunately is not documented in jsvc -help (I'll see what I can do to submit a patch for that). Thus, it is a matter of adding export JSVC_OPTS="-umask 0027" to the above script. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Using CentOS 7 logrotate
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Lance, On 12/19/17 10:30 AM, Campbell, Lance wrote: > Tomcat 8.0.x CentOS 7 1) Is there a way to tell tomcat to put the > logs for a running instance into /var/log/{somefoldername}/ Sure. Just change the paths of the log files to /var/log/somewhere. Note that writing to /var is usually not allowed except by root-owned processes, and running Tomcat as root as a Bad Idea. You should also set CATALINA_OUT to point to /var/log/somewhere/catalina.out as well. Set this in CATALINA_BASE/setenv.sh. > 2) Then have CentOS 7 logrotate take care of the rotation of the > files? Yes. Just configure logrotate as usual. However: 1. Most Tomcat log files can rotate themselves quite well. 2. catalina.out is a special case because it's a redirected-stdout, so you'll have the usual caveats about those kinds of things with logrotate. I'd recommend either using copy+truncate or hack catalina.sh to pipe stdout through a logger that supports rotation, such as rotatelogs. Hope that helps, - -chris -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQJRBAEBCAA7FiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlo5QMkdHGNocmlzQGNo cmlzdG9waGVyc2NodWx0ei5uZXQACgkQHPApP6U8pFhLVhAAyCYv+jA3SD59gEJb +AHRtdc6C6CAkvcA9vwpxllqKTBfsW/Ojc1tq2wx+bVMa4c0qbY3SaZm05tcqcke GXd+/Dx5ve0OdEKYcHk6VobOird5EAIdDvlE2DchgTT7x2r5/CocqAm3Gq4giFkU fMESqm/BWG6S+Yt7I/v1LTumgPRwkKO13yYin9A4qEen2T6jb7wMx2NzfT8hWof0 XCiUbFQ7npC/vzkolmHaee+WXiuDih/FMFD1hfGm6wLLIW24V8H1eh6yXuNWJ/3O tK1nHsTwYgRXnZroBQIEfHOGqSrcieDTxNbWdwfS+4E1GwmInDE/i5gIhtlQGAAd 9QAZL9IK75lG1K2TMj1peCXjEoShX2XolnpfkRxBxP0V2CAlPvTxlDGdWBdRPox2 I6y+XvyfbH83Ujxw6DiqfJckvcx2nFjC0oT92kRAxWtUnDaa2PJqcqSGS0deP7lg eKMGbKSwepdRgG7yId54s0+bQtdYIjzT2EhKsu/MbBRXbQfnxa6c50S2Bdv7FyLi +vQgaUJe0HCKv6wBtv2X16irS5AadruL5/mLse7BZs1jzTjXOrtwn9MQrAdMA6u8 I/OLKZH61AWkiTMcOm1AjvHFVDV828lv1IH1n41JW8SsFwpHBX91oBUibEBycGYf M2ncrPx+3zxJwj6L9JN96wU5mCg= =rOMs -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Using CentOS 7 logrotate
Tomcat 8.0.x CentOS 7 1) Is there a way to tell tomcat to put the logs for a running instance into /var/log/{somefoldername}/ . 2) Then have CentOS 7 logrotate take care of the rotation of the files? Thanks, Lance