For some reason during startup tomcat writes (!) the file tomcat-users.xml. It does it in the way that it writes to tomcat-users.xml.new and then renames that file to tomcat-users.xml. At least that's what was in the 5.0 code. I assume that didn't change with 5.5.
As a consequence the user running tomcat needs write access to the directory the tomcat-users.xml file is in. If you don't like the idea of giving that runtime user write access to the conf directory, you can configure tomcat-users.xml inside server.xml to be in some other directory - which then is the one that needs write access. As far as I know, there is no workaround for that at the moment (except for choosing another user realm). > > Interesting, Thanks Darryl for sharing. So you run 5.5.9 and no problem > huh > ? > > What's the access given for the tomcat structure ? I'm interested in > particular on that conf folder. I can run it fine too but not as root and > root has no write access to the conf folder. How is your set up ? > > BTW that .new extension looked strange to me too. I cannot explain it - > didn't look yet in TC source code. > > Here's the way I call the jsvc > > JAVA_HOME=/usr/local/java_home > CATALINA_HOME=/usr/local/tomcat/tomcat_home > TOMCAT_USER=tomcat > TMP_DIR=/var/tmp > > CATALINA_OPTS= > > CLASSPATH=\ > $JAVA_HOME/lib/tools.jar:\ > $CATALINA_HOME/bin/commons-daemon.jar:\ > $CATALINA_HOME/bin/bootstrap.jar:\ > $CATALINA_HOME/bin/mx4j-jmx.jar:\ > $CATALINA_HOME/bin/mx4j.jar:\ > > $CATALINA_HOME/bin/jsvc \ > -user $TOMCAT_USER \ > -home $JAVA_HOME \ > -Dcatalina.home=$CATALINA_HOME \ > -Djava.io.tmpdir=$TMP_DIR \ > -outfile $CATALINA_HOME/logs/catalina-daemon.out \ > -errfile $CATALINA_HOME/logs/catalina-daemon.err \ > $CATALINA_OPTS \ > -cp > $CLASSPATH:$CATALINA_HOME/bin/bootstrap.jar:$CATALINA_HOME/bin/commons-daemon.jar > org.apache.catalina.startup.Bootstrap > > > Did you have any issues while installing jsvc ? > > Thanks again, > MC > > http://www.goodstockimages.com > > > >>From: "Darryl L. Miles" <[EMAIL PROTECTED]> >>Reply-To: "Tomcat Users List" <tomcat-user@jakarta.apache.org> >>To: Tomcat Users List <tomcat-user@jakarta.apache.org> >>Subject: Re: HELP: Tomcat 5.5.9 with jsvc as low priviledges user on >> Linux >>fails in Bootstrap >>Date: Tue, 02 Aug 2005 08:01:36 +0100 >> >>MC Moisei wrote: >> >>>java.io.FileNotFoundException: >>>/usr/local/tomcat/tomcat_home/conf/tomcat-users.xml.new (Permission >>>denied) >>> at java.io.FileOutputStream.open(Native Method) >> >>This smells like its calling for write access to the DIRECTORY >>/usr/local/tomcat/tomcat_home/conf/ (not the file) >> >>Unless you have a left over file that is actually called >>conf/tomcat-users.xml.new from a previous execution of TC that did not >>complete the edit and rename. In which case I think you need to delete >> the >>conf/tomcat-users.xml.new file (after you've ensured you have a valid and >>working conf/tomcat-users.xml file itself). >> >> >>FYI - I run jsvc too and have not seen this problem with 5.5.9. >> >>jsvc.exec -Djava.endorsed.dirs=./common/endorsed -classpath >>:/opt/jakarta-tomcat-5.5.9/bin/bootstrap.jar:/opt/jakarta-tomcat-5.5.9/bin/commons-logging-api.jar >>-Dcatalina.base=/opt/jakarta-tomcat-5.5.9 >>-Dcatalina.home=/opt/jakarta-tomcat-5.5.9 >>-Djava.io.tmpdir=/opt/jakarta-tomcat-5.5.9/temp -outfile >>./logs/catalina.out -errfile ./logs/catalina.err -pidfile ./logs/jsvc.pid >>-user jakarta -Xmx2048M -Xms512M >>-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager >>org.apache.catalina.startup.Bootstrap start >> >>-- >>Darryl L. Miles >> >> >> >>--------------------------------------------------------------------- >>To unsubscribe, e-mail: [EMAIL PROTECTED] >>For additional commands, e-mail: [EMAIL PROTECTED] >> > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
