Thank you all for the insight into this problem. I was 100%
positive that selinux and file permissions were not the problems.
Turns out that tomcat 6 on ubuntu comes with a tomcat security manager
enabled by default. I had no desire to figure out how this works
since this is for local testing. I did find you could simply set
"TOMCAT6_SECURITY=no" in "/etc/default/tomcat6". Restarting tomcat
after that fixed my problems.
Thanks again,
Charlie
On Mon, Nov 23, 2009 at 4:38 PM, Chris Hostetter
<hossman_luc...@fucit.org> wrote:
>
> : Check. I even verified that the tomcat user could create the
> : directory (i.e. "sudo -u tomcat6 mkdir /opt/solr/steve/lib"). Still
> : solr complains.
>
> Note that you have an AccessControlException, not a simple
> FileNotFoundException ... the error here is coming from File.canRead (when
> Solr is asking if it has permision to read the file) but your
> ServletContainer evidently has a security policy in place that prevent's
> solr from even checking (if the security policy allowed it to check, then
> it would return true/false based on the actaul file permisions)...
>
> http://java.sun.com/j2se/1.4.2/docs/api/java/io/File.html#canRead%28%29
>
> Tests whether the application can read the file denoted by this
> abstract pathname.
>
> Returns:
> true if and only if the file specified by this abstract pathname
> exists and can be read by the application; false otherwise
> Throws:
> SecurityException - If a security manager exists and its
> SecurityManager.checkRead(java.lang.String) method denies read
> access to the file
>
> ...note that Tomcat doesn't have any special SecurityManager settings that
> prevent this by default. something about your tomcat deployment must be
> specifying specific Security Permision rules.
>
> : >> Caused by: java.security.AccessControlException: access denied
> : >> (java.io.FilePermission /opt/solr/steve/./lib read)
> : >> at
> java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
> : >> at
> java.security.AccessController.checkPermission(AccessController.java:546)
> : >> at
> java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
> : >> at java.lang.SecurityManager.checkRead(SecurityManager.java:871)
> : >> at java.io.File.canRead(File.java:689)
> : >> at
> org.apache.solr.core.SolrResourceLoader.replaceClassLoader(SolrResourceLoader.java:157)
> : >> at
> org.apache.solr.core.SolrResourceLoader.addToClassLoader(SolrResourceLoader.java:128)
> : >> at
> org.apache.solr.core.SolrResourceLoader.<init>(SolrResourceLoader.java:97)
> : >> at
> org.apache.solr.core.SolrResourceLoader.<init>(SolrResourceLoader.java:195)
> : >> at org.apache.solr.core.Config.<init>(Config.java:93)
> : >> at
> org.apache.solr.servlet.SolrDispatchFilter.<init>(SolrDispatchFilter.java:65)
> : >> ... 40 more
>
>
> -Hoss
>
> imamuseum.org made the following annotations
> ---------------------------------------------------------------------
> Be A Member. Be Amazed. | Make your Museum, your community and your world a
> better place. | Join Today!
>
>
> ---------------------------------------------------------------------
>
>
>
> NOTICE:
>
> Mon Nov 23 2009 16:38:55
>
>
>
> This email message is for the sole use of the intended
> recipient(s) and may contain confidential and privileged information. Any
> unauthorized review, use, disclosure or distribution is prohibited. If you are
> not the intended recipient, please contact the sender by reply email and
> destroy all copies of the original message.
> ---------------------------------------------------------------------
>
>
