epicwin...@hotmail.com wrote:
I have the latest tomcat 6 installed under centos 5.2. The problem I am having
is that it appears that I have to run tomcat as root user, because the spring
app that tomcat starts needs to write files to other users' home directories.
The tomcat user doesn't have access to these directories.
I tried making these users part of a shared group, but to complicate the
problem the users are jailed using jailkit. So it doesn't appear that jailkit
lets me add group write privileges to the home directories and maintain a
working jail.
Can anyone suggest another alternative? I am not linux user expert so maybe
there is an obvious solution i am missing?
If you are courageous, you could try using ACL's.
One pre-requisite is that the filesystem type on which the users's
directories are located, must support ACL. The other pre-requisite is
that ACLs be actually enabled on that filesystem. This has to do with
the "mount" command that mounts the filesystem.
I am no specialist myself, and you'll have to get some help from a Linux
forum for that.
The next part is to understand the commands that deal with ACL's, and
that is why I said that you have to be courageous. They are not for the
faint-hearted.
Try :
man setfacl
man getfacl
Very briefly :
ACL = Access Control List
They are a possibility to set access permissions to files and
directories, in a more detailed and flexible way than Unix usual
"rwxrwxrwx"-style permissions.
You can have a directory belonging to user X and group Y, but still
allow users of group Z (e.g. Tomcat) to write to it.
All of the above of course may or may not be compatible with the "jail"
you are mentioning. I make no guarantees there.
And otherwise, you'll have to run Tomcat as root and that's it.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
