Thanks André for your answers. I added the permissions you mentioned
to /etc/tomcat5/policy.d/04webapps.policy but it did not work. So for
now I will use TOMCAT5_SECURITY=no
To fixe the missing library problem the following 2 lines were added
to /etc/default/tomcat5.5
LD_LIBRARY_PATH=/lib:/usr/lib/:/lib/i486-linux-gnu:/usr/lib/i486-linux-
gnu:/lib/i486-linux-gnu:/usr/lib/i486-linux-gnu:/usr/lib/jvm/
java-1.5.0-sun/jre/lib/i386:/usr/local/lib
export LD_LIBRARY_PATH
mmbase is up and running although in an insecure environment. Whenever
I find out the write permissions I will post them here.
Thanks, for your help.
On Apr 28, 2008, at 11:10 PM, André van Toly wrote:
Op 28 apr 2008, om 17:36 heeft Rui Guerra het volgende geschreven:
Thanks for your comment Michiel.
Since it is a development server, I turn off the security by
setting TOMCAT5_SECURITY=no at /etc/default/tomcat5.5
Related to your former (security) problem: have you studied the
Tomcat Security Manager?
http://tomcat.apache.org/tomcat-5.5-doc/security-manager-howto.html
I needed to configure them once in a 'catalina.policy' file to be
able to run MMBase with Tomcat on Debian, but I am not sure whether
these are still correct:
// ========== MMBase CODE PERMISSIONS
=========================================
grant {
permission java.lang.RuntimePermission "createClassLoader";
permission java.lang.RuntimePermission "createSecurityManager";
permission java.lang.RuntimePermission "setIO";
permission java.net.NetPermission "specifyStreamHandler";
permission java.util.PropertyPermission "user.dir", "read";
permission java.util.PropertyPermission
"java.rmi.server.hostname", "write";
};
I do get a different exception now, related with libawt.so or
libmlib_image.so which I actually have both in the right location.
Any help is highly appreciated.
I think Java/Tomcat needs permissions to access these two. Something
your sysadmin should help you with I believe. As was mentioned
before: Debian's security settings are rather strict.
---André
<code>
exception
javax.servlet.ServletException: /usr/lib/jvm/java-1.5.0-
sun-1.5.0.15/jre/lib/i386/libawt.so: libmlib_image.so: cannot open
shared object file: No such file or directory
org
.apache
.jasper
.runtime.PageContextImpl.doHandlePageException(PageContextImpl.java:
841)
org
.apache
.jasper
.runtime.PageContextImpl.handlePageException(PageContextImpl.java:
774)
org.apache.jsp.index_jsp._jspService(index_jsp.java:211)
org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:98)
javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
org
.apache
.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:331)
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:
329)
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:265)
javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
root cause
java.lang.UnsatisfiedLinkError: /usr/lib/jvm/java-1.5.0-
sun-1.5.0.15/jre/lib/i386/libawt.so: libmlib_image.so: cannot open
shared object file: No such file or directory
java.lang.ClassLoader$NativeLibrary.load(Native Method)
java.lang.ClassLoader.loadLibrary0(ClassLoader.java:1751)
java.lang.ClassLoader.loadLibrary(ClassLoader.java:1668)
java.lang.Runtime.loadLibrary0(Runtime.java:822)
java.lang.System.loadLibrary(System.java:993)
sun.security.action.LoadLibraryAction.run(LoadLibraryAction.java:50)
java.security.AccessController.doPrivileged(Native Method)
sun.awt.NativeLibLoader.loadLibraries(NativeLibLoader.java:38)
sun.awt.DebugHelper.<clinit>(DebugHelper.java:29)
java.awt.Cursor.<clinit>(Cursor.java:167)
javax.swing.text.html.HTMLEditorKit.<clinit>(HTMLEditorKit.java:586)
org
.mmbase
.util
.transformers
.TagStripperFactory.createTransformer(TagStripperFactory.java:70)
org.mmbase.bridge.jsp.taglib.ContentTag.readXML(ContentTag.java:225)
org.mmbase.bridge.jsp.taglib.ContentTag.initialize(ContentTag.java:
161)
org.mmbase.bridge.jsp.taglib.ContentTag.access$600(ContentTag.java:
44)
org.mmbase.bridge.jsp.taglib.ContentTag$2.onChange(ContentTag.java:
81)
org.mmbase.bridge.jsp.taglib.ContentTag.<clinit>(ContentTag.java:86)
sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native
Method)
sun
.reflect
.NativeConstructorAccessorImpl
.newInstance(NativeConstructorAccessorImpl.java:39)
sun
.reflect
.DelegatingConstructorAccessorImpl
.newInstance(DelegatingConstructorAccessorImpl.java:27)
java.lang.reflect.Constructor.newInstance(Constructor.java:494)
java.lang.Class.newInstance0(Class.java:350)
java.lang.Class.newInstance(Class.java:303)
org.apache.jasper.runtime.TagHandlerPool.get(TagHandlerPool.java:
117)
org.apache.jsp.index_jsp._jspService(index_jsp.java:58)
org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:98)
javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
org
.apache
.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:331)
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:
329)
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:265)
javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
</code>
On Apr 23, 2008, at 6:05 PM, Meeuwissen wrote:
2008/4/23, Rui Guerra <[EMAIL PROTECTED]>:
I just downloaded mmbase and tried to install it in a server with
a fresh
installation of tomcat5.5 and apache (ubuntu).
I've encountered a permission problem. I suspected that is not
related to
mmbase but some security policy of apache/tomcat. Any ideas?
The default security settings for tomcat in debian (so I suppose in
ubuntu) too are pretty restrictive. Indeed too much so for MMBase.
A minimal security.properties is available somewhere, but my
advice is
to simly download tomcat, drop it into /opt and ignore the .deb. The
default security manager of tomcat is permissive enough (eh, it may
equal to no security manager).
Michiel
--
mihxil' http://meeuw.org
nl_NL eo_XX en_US
_______________________________________________
Users mailing list
Users@lists.mmbase.org
http://lists.mmbase.org/mailman/listinfo/users
_______________________________________________
Users mailing list
Users@lists.mmbase.org
http://lists.mmbase.org/mailman/listinfo/users
--
André van Toly
MMBase development & Userfriendly webdesign
W: http://www.toly.nl
M: +31(0)627233562
------------------------------------------------------------------
~~<<>>~~
_______________________________________________
Users mailing list
Users@lists.mmbase.org
http://lists.mmbase.org/mailman/listinfo/users
_______________________________________________
Users mailing list
Users@lists.mmbase.org
http://lists.mmbase.org/mailman/listinfo/users