On 12/6/13 6:56 PM, CRPence (on the Midrange Java List) wrote:
The T-AF audit entry should log the object to which there
was insufficient authority, then the chmod can be requested against that
object to grant the necessary authority bits.
The T-AF audit entry shows (and I'm no longer bothering to "change names
to protect the innocent"):
00001 'A*N *N *STMF QP0ZSPWP WTADMIN '
00051 '280199 WTADMIN 0000'
00101 '000 '
00151 ' '
00201 ' '
00251 ' nP8 ry '
. . .
00801 ' nP8 ry QASP01 00001 USENU Y '
00851 ' /wintouch/tomcat/bin/startup.sh '
Which would seem to indicate that it's the startup shell script itself
that has the authority problem.
So looking at the paths using the QShell "ls" command, I get:
cd /wintouch/tomcat/bin
$
ls -l startup.sh
-rw-rw-rw- 1 WTADMIN 0 1961 Oct 18 13:19 startup.sh
for the 7.0.47 version, which has the authority failure, and
cd /wintouch/tomcat.bak/bin
$
ls -l startup.sh
-rw-rw-rw- 1 WINTOUCH 0 1961 Jun 15 2012 startup.sh
for the 7.0.25, which looks exactly the same, except for the owner and
the date, and yet it works.
The bin directory shows:
drwxrwsrwx 2 WTADMIN 0 32768 Oct 18 13:19 bin
for 7.0.47 (fails), and
drwxrwsrwx 2 WINTOUCH 0 32768 Jun 15 2012 bin
for 7.0.25 (works)
The tomcat (7.0.47) and tomcat.bak (7.0.25) directories show:
drwxrwsrwx 9 WTADMIN 0 12288 Dec 6 14:21 tomcat
drwxrwsrwx 9 WINTOUCH 0 12288 Jun 15 2012 tomcat.bak
Finally, for comparison, here are the corresponding results on our own
box, where there are no problems at all:
drwxrwsrwx 9 RABBIT 0 8192 Nov 29 16:48 tomcat
drwxrwsrwx 2 RABBIT 0 28672 Oct 18 13:19 bin
-rw-rw-rw- 1 RABBIT 0 1961 Oct 18 13:19 startup.sh
and
drwxrwsrwx 9 RABBIT 0 24576 Nov 5 17:14 tomcat.bak
drwxrwsrwx 2 RABBIT 0 28672 Jun 18 2012 bin
-rw-rw-rw- 1 RABBIT 0 1961 Feb 14 2012 startup.sh
I don't see any difference
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
