> /usr/local/tomcat doesn't necessarily have to be
> owned by root. The only thing you need to so is make
> sure that whichever user you run tomcat as has write
> permissions to the logs, conf and work directories
> (those are the only ones Tomcat writes to I think).
I was a little iffy about leaving the entire conf
directory writable by the nobody group, so I wound up
just checking the java exceptions and permitting group
write access to the affected files - mostly they are
the automatically generated files like *.conf-auto.
On a side note, I found that I was regenerating the
Windows registry settings for redirecting IIS every
time I started up Tomcat.
> This doesn't have to be 'nobody' though. You could
> create a tomcat or www user for example.
Yes, I just figured I would use the same nobody user
that apache was using.
Would it be best practises to have apache and tomcat
running on separate, minimal userids?
> And if you want it to be owned by root, that's fine,
> just use the group permissions to set the write
> access.
Do you mean something like:
1 -r--rw-r-- 1 root nobody 1024 foo
Thanks,
_______________________________________________________
Do You Yahoo!?
Get your free @yahoo.ca address at http://mail.yahoo.ca
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]
