Of course the user 'tomcat7' is not a shell user, the shell was set to /bin/false so I had to change it to /bin/bash before I was able to log in. Is it possible the umask settings don't apply to non-shell users?
On Thu, Apr 28, 2016 at 5:19 PM, Frank <[email protected]> wrote: > tomcat7@app1:~$ umask > 0002 > > > On Thu, Apr 28, 2016 at 5:11 PM, sigzero <[email protected]> wrote: > >> Log in as "tomcat7" and type "umask" at the command line. What does it >> tell you? >> >> Bob >> >> On Thu, Apr 28, 2016 at 5:09 PM, Frank <[email protected]> wrote: >> >>> Bob, >>> >>> It is running as user tomcat7 and group tomcat7. That is fine. I just >>> want files to be writeable by other users I add to the tomcat7 group. Here >>> is what the process looks like (I have redacted the IP address of the >>> server): >>> >>> tomcat7 16377 12.3 18.7 12026768 3080408 ? Sl 15:39 3:17 >>> /usr/lib/jvm/default-java/bin/java >>> -Djava.util.logging.config.file=/var/lib/tomcat7/conf/logging.properties >>> -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager >>> -Djava.awt.headless=true >>> -javaagent:/usr/share/tomcat7/newrelic/newrelic.jar >>> -Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.port=9004 >>> -Dcom.sun.management.jmxremote.ssl=false >>> -Dcom.sun.management.jmxremote.authenticate=false >>> -Djava.rmi.server.hostname=XXX.XXX.XXX.XXX >>> -DAPP_PROPERTIES_FILE=/etc/tomcat7/GPS/gps.properties >>> -DGPS_CONFIG_LOCATION=/etc/tomcat7/GPS/gps-config.groovy -server >>> -XX:PermSize=1024m -XX:MaxPermSize=1024m -XX:+UseParNewGC >>> -XX:MaxNewSize=2048m -Xms6144m -Xmx6144m -XX:NewRatio=4 -XX:SurvivorRatio=8 >>> -XX:+UseCompressedOops -XX:+UseTLAB -XX:+UseConcMarkSweepGC >>> -XX:+CMSClassUnloadingEnabled -XX:+CMSPermGenSweepingEnabled >>> -XX:+CMSScavengeBeforeRemark -XX:CMSInitiatingOccupancyFraction=50 >>> -Djava.endorsed.dirs=/usr/share/tomcat7/endorsed -classpath >>> /usr/share/tomcat7/bin/bootstrap.jar:/usr/share/tomcat7/bin/tomcat-juli.jar >>> -Dcatalina.base=/var/lib/tomcat7 -Dcatalina.home=/usr/share/tomcat7 >>> -Djava.io.tmpdir=/tmp/tomcat7-tomcat7-tmp >>> org.apache.catalina.startup.Bootstrap start >>> >>> >>> On Thu, Apr 28, 2016 at 5:03 PM, sigzero <[email protected]> wrote: >>> >>>> What user is running it and what umask is set for that user? >>>> >>>> On Thu, Apr 28, 2016 at 4:57 PM, Frank <[email protected]> wrote: >>>> >>>>> Sadly, updating the umask in both the init.d script and the startup.sh >>>>> did not do the trick. :( >>>>> >>>>> -rw-r--r-- 1 tomcat7 tomcat7 1466 Apr 28 14:52 ps16.txt_2016041191401 >>>>> -rw-r--r-- 1 tomcat7 tomcat7 1466 Apr 28 14:52 ps16.txt_2016041191437 >>>>> -rw-r--r-- 1 tomcat7 tomcat7 1466 Apr 28 14:53 ps16.txt_2016041191411 >>>>> -rw-r--r-- 1 tomcat7 tomcat7 1504 Apr 28 14:58 >>>>> echeck%20andrew%20copy.txt_2016041191409 >>>>> -rw-r--r-- 1 tomcat7 tomcat7 1504 Apr 28 15:55 >>>>> echeck%20andrew%20copy.txt_2016041191527 <--- this just in >>>>> >>>>> -Frank >>>>> >>>>> >>>>> On Thu, Apr 28, 2016 at 4:37 PM, Frank <[email protected]> wrote: >>>>> >>>>>> I did not put it into the init.d script. I will try having it in >>>>>> both places and report back. >>>>>> >>>>>> -Frank >>>>>> >>>>>> On Thu, Apr 28, 2016 at 4:26 PM, sigzero <[email protected]> wrote: >>>>>> >>>>>>> What is the umask for the user that is running Tomcat? >>>>>>> >>>>>>> I am assuming you restarted Tomcat after updating the startup.sh. >>>>>>> >>>>>>> Did you try "umask 022" in the init.d script as well? >>>>>>> >>>>>>> Bob >>>>>>> >>>>>>> On Thu, Apr 28, 2016 at 4:07 PM, Frank <[email protected]> wrote: >>>>>>> >>>>>>>> Hi Bob, >>>>>>>> >>>>>>>> Thanks for the suggestion. I added 'umask 002' to the >>>>>>>> tomcat7/bin/startup.sh script. Sadly it did nothing. Here are some >>>>>>>> files >>>>>>>> from my testing. These are logo files the application receives and >>>>>>>> stores >>>>>>>> on disk >>>>>>>> >>>>>>>> -rw-r--r-- 1 tomcat7 tomcat7 17771 Apr 28 14:48 69ff2f84bf5ffa08 >>>>>>>> -rw-r--r-- 1 tomcat7 tomcat7 6247 Apr 28 14:49 7eeb290334835693 >>>>>>>> -rw-r--r-- 1 tomcat7 tomcat7 18683 Apr 28 15:02 4c0df621ab060c47 >>>>>>>> >>>>>>>> >>>>>>>> Any other ideas? >>>>>>>> >>>>>>>> Kind regards, >>>>>>>> >>>>>>>> -Frank >>>>>>>> >>>>>>>> On Thu, Apr 28, 2016 at 3:08 PM, sigzero <[email protected]> wrote: >>>>>>>> >>>>>>>>> Try setting it in: tomcat/bin/startup.sh >>>>>>>>> >>>>>>>>> I think it is just "umask 002" not "umask=002" as well from >>>>>>>>> everything I have seen and read. >>>>>>>>> >>>>>>>>> Bob >>>>>>>>> >>>>>>>>> On Thu, Apr 28, 2016 at 2:27 PM, Frank <[email protected]> wrote: >>>>>>>>> >>>>>>>>>> Hi, >>>>>>>>>> >>>>>>>>>> Ubuntu Server 14.04LTS >>>>>>>>>> Tomcat 7.0.52 >>>>>>>>>> Groovy 2.0.8 >>>>>>>>>> >>>>>>>>>> I have a Groovy application which I run within Tomcat7. *It >>>>>>>>>> creates files with permissions of 644 and I would like it to create >>>>>>>>>> them >>>>>>>>>> with permissions of 664 instead* (group read/writable). >>>>>>>>>> >>>>>>>>>> We have a packaged installation of Tomcat7 and we drop our .WAR >>>>>>>>>> file in /var/lib/tomcat7/webapps/. We start the application using >>>>>>>>>> the >>>>>>>>>> /etc/init.d/tomcat7 script (or `sudo service tomcat7 start`). We >>>>>>>>>> have some >>>>>>>>>> other things (like newrelic) which we set to run in a >>>>>>>>>> /usr/share/tomcat7/bin/setenv.sh script >>>>>>>>>> >>>>>>>>>> I've tried changing the umask setting in the /etc/init.d/tomcat7 >>>>>>>>>> script from >>>>>>>>>> >>>>>>>>>> umask=022 -to- umask=002 >>>>>>>>>> >>>>>>>>>> it doesn't affect the permissions on files created by the >>>>>>>>>> application. >>>>>>>>>> >>>>>>>>>> Is there a place where I can configure the application itself to >>>>>>>>>> create files with these looser default permissions? >>>>>>>>>> >>>>>>>>>> Thanks in advance. >>>>>>>>>> >>>>>>>>>> Kind regards, >>>>>>>>>> >>>>>>>>>> -Frank >>>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>> >>>>>>> >>>>>> >>>>> >>>> >>> >> >
