commons-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "simon.kitching@chello.at" <simon.kitch...@chello.at>
Subject Re: jsvc: app won't bind to socket when started as root
Date Tue, 22 Apr 2008 14:14:45 GMT
Hi Fred,

Are you sure you know what the "-user" option is for?

>From the commons-daemon site: "Jsvc is a daemon process so it should be
started as root and the |-user| parameter allows to downgrade to an
unprivilegded user."

You *have* to run jsvc as root if you want to bind to ports < 1000, or
if you want it to run as some user other than the current user; only
root has the ability to do either of those things.

Regards,
Simon


Waseem Azhar schrieb:
> Hi,
>
> This is my script to start tomcat using jsvc. It works fine with me, you can
> try it. make sure to change variable values according to your environment.
> Also  make sure that your script has execute permissions.
>
> #!/bin/sh
> ##############################################################################
> #
>
> JAVA_HOME=/usr/java/jdk1.5.0_12
> CATALINA_HOME=/var/lib/tomcat
> DAEMON_HOME=/var/lib/tomcat/bin
> TOMCAT_USER=root
> TMP_DIR=/var/tmp
> CATALINA_OPTS=
> CLASSPATH=\
> $JAVA_HOME/lib/tools.jar:\
> $DAEMON_HOME/commons-daemon.jar:\
> $CATALINA_HOME/bin/bootstrap.jar
>
> start() {
>     #
>     # Start Tomcat
>     #
>     $DAEMON_HOME/jsvc \
>     -user $TOMCAT_USER \
>     -home $JAVA_HOME \
>     -Dcatalina.home=$CATALINA_HOME \
>     -Djava.io.tmpdir=$TMP_DIR \
>     -errfile '&1' \
>     -pidfile /var/run/jsvc.pid \
>     -outfile $CATALINA_HOME/logs/catalina.out \
>     $CATALINA_OPTS \
>     -cp $CLASSPATH \
>     org.apache.catalina.startup.Bootstrap
>     #
>     # To get a verbose JVM
>     #-verbose \
>     # To get a debug of jsvc.
>     #-debug \
>
> }
>
> stop(){
>     #
>     # Stop Tomcat
>     #
>     PID=`cat /var/run/jsvc.pid`
>     kill $PID
>     sleep 3
>
> }
>
> restart(){
>     if [ -e /var/run/jsvc.pid ]; then
>         printf "shutting down tomcat \n"
>     stop
>     sleep 2
>     fi
>    printf "starting up tomcat...\n"
>        start
>     sleep 2
>    printf "tomcat started.\n"
>
> }
>
> status(){
>     if [ -e /var/run/jsvc.pid ]; then
>                 printf "tomcat is running\n"
>
>         fi
>         if [ ! -e /var/run/jsvc.pid ]; then
>                 printf "tomcat is *not* running.\n"
>
>         fi
> }
>
> case "$1" in
>   start)
>     start
>      ;;
>
>    status)
>     status
>       ;;
>
>   restart)
>    if [ -e /var/run/jsvc.pid ]; then
>         printf "shutting down tomcat \n"
>     stop
>     sleep 3
>     fi
>        printf "starting up tomcat...\n"
>        start
>     sleep 2
>     printf "tomcat started.\n"
>       ;;
>   stop)
>     stop
>       ;;
>   *)
>     echo "Usage tomcat start/stop/restart/status"
>     exit 1;;
> esac
>
>
> -Azhar
>
>
> On Tue, Apr 22, 2008 at 2:45 AM, Fred Toth <ftoth@synernet.com> wrote:
>
>   
>> Hi all,
>>
>> We've run into a problem with jsvc. In our environment we need to run
>> tomcat
>> as root so that it can bind to several low numbered ports.
>>
>> However, when using the "-user root" argument to jsvc, tomcat still can't
>> bind
>> to the ports.
>>
>> If we run tomcat directly (as root) with its "startup.sh", everything
>> works fine.
>>
>> In researching this, I found a reference where someone claimed there was a
>> problem
>> with the set_cap() capabilities support in jsvc. I've looked at the
>> source, but I don't know
>> enough about how that's supposed to work to know if it's correct or not. I
>> was
>> hoping to find a patch somewhere, but no luck so far.
>>
>> Has anyone on the list run into this? Is there a patch available? Or a
>> work-around?
>>
>> Many thanks,
>>
>> Fred Toth
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: user-unsubscribe@commons.apache.org
>> For additional commands, e-mail: user-help@commons.apache.org
>>
>>
>>     
>
>   


---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@commons.apache.org
For additional commands, e-mail: user-help@commons.apache.org


Mime
View raw message