-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Brett,
On 1/15/14, 7:41 PM, Brett Delle Grazie wrote: > On 15 January 2014 16:53, Mubeen Shah <mubeens...@gmail.com> > wrote: > >> Hello, >> >> I am trying to configure tomcat 7 on ubuntu machine and wanted to >> run it as non-root on port 80, Here is what I did so far: >> >> OS (Ubuntu 12.04 LTS): >> >> - installed oracle JDK 1.7.0_45 using "apt-get" - downloaded and >> extracted tomcat 7.0.50 (.gz format) - created ubuntu user >> 'tomcat' and granted 'chown -R CATALINA_HOME' to this user - >> changed tomcat default port to 80 in server.xml - installed and >> configured authbind tool - created sh script >> "/etc/init.d/tomcat7" to start tomcat as tomcat user. >> > > What was in this script? > > >> - tomcat 7 was working as expected on 80 port as non-root user. >> > > That is surprising, see further below. [snip] > Linux will not allow anything but root to bind on ports < 1024. > Usually the process starts as root, binds to the port and then > drops it's privileges back to the desired user. Note that the OP is using authbind (or at least attempting to do so). > You'll need to use jsvc to start Tomcat and drop privileges. Um... authbind? Perhaps authbind doesn't work with Java and/or Tomcat/APR but this is precisely what authbind was designed to do. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJS2F0JAAoJEBzwKT+lPKRYuVsQALp+Hbtc/SjgszPUeTgc9aJ7 0UEg4S3cHqozrXVgn45V+zAXYqsCfzoge0nS9VK4ar/RJiF0mVMLG3TUm6+0fget l7O1YDZU+VgNEBd/ci/25BmZwZIJ4e9d53N24mJ2Et7FuWuhFOK8FrtcfFmyZPRa j0xndOJCNg7Yeub6kYLRWDXIuLdRkzwWMtqGnQ4kb15pyM1TdMiaL4BvYDfECjC8 uwwU0jipJE+2JPTqwzn+MgUolcVEmJRoL0MfGyMT1kE4smLXFOGPuDFL7cmJtikx Elmr7BvTMc9POY4BzXEkVwCfHcA+dqKJNzeELfJffzVD2qKvM2m3Ivp4vZglukKE Joho1PWeN1dRasU+ncZI+EiDtnE8tI114kHrehBBTYjdM0q9zQnYGewycBVQMIrU /TbxbOdUB8rBM3yIN1JRA6psE+r9jVxg/6sva+qN8gww7eQJFtvVI8oRViHT4sya dMI162eRDYhN9L2ZZv51UV6LBHTaKybL1WZQRahJw3rFysQQk51DXGPuOiKruzyF FwcrMVxvyaANGRsr4YpjfKg9sKBxjXbO+AhCX6loY8SUWHufy7nAT8+LGayRirjR LlDYQqcaMWzxZCPYOLl1VcjkUuGSJQP7th2xXdiHSGwZPj9W31RFsZHp0pQESBkD /7vB2xDCfrJk2zKbPKa0 =o6Wu -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
