Additionally, you can add the "su tomcat -c" in a wrapper script that
calls the startup.sh file. Mine looks like this:
case "$1" in
start)
echo -n "Starting Tomcat..."
/bin/su tomcat -c "/usr/local/tomcat1/bin/startup.sh"
/bin/su tomcat -c "/usr/local/tomcat2/bin/startup.sh"
;;
That way, you CAN use root (and a startup script) to start Tomcat and
still get the security benefits of running as an unpriveledged, locked
user.
Ben Ricker
Wellinx.com
On Mon, 2002-12-30 at 12:15, Turner, John wrote:
> assume a user named 'tomcat' already created, and a group named 'tomcat'
> already created.
>
> at a command prompt, as root:
>
> chown -R tomcat:tomcat $CATALINA_HOME
> su - tomcat
> $CATALINA_HOME/bin/startup.sh
> exit
>
> Note that if you are running Tomcat on port 80, it must run as root. You
> shouldn't have to change the permissions on any of the Tomcat files from
> what they are in a default install...I never have.
>
> John
>
>
>
> -----Original Message-----
> From: waimun
> To: [EMAIL PROTECTED]
> Sent: 12/30/02 10:25 AM
> Subject: running tomcat as a non-root user?
>
> Hi,
>
> Has anybody tried running tomcat as a non-root user in Linux? If so, how
> do you proceed (ie. making script setuid doesn't work for me). Pls
> advice.
>
> Thanks alot!
>
> --
> To unsubscribe, e-mail:
> <mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail:
> <mailto:[EMAIL PROTECTED]>
>
> --
> To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
--
Ben Ricker <[EMAIL PROTECTED]>
Wellinx.com
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
