Return-Path: Delivered-To: apmail-commons-user-archive@www.apache.org Received: (qmail 92636 invoked from network); 22 Apr 2008 14:15:22 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 22 Apr 2008 14:15:22 -0000 Received: (qmail 14356 invoked by uid 500); 22 Apr 2008 14:15:20 -0000 Delivered-To: apmail-commons-user-archive@commons.apache.org Received: (qmail 14193 invoked by uid 500); 22 Apr 2008 14:15:19 -0000 Mailing-List: contact user-help@commons.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Jakarta Commons Users List" Delivered-To: mailing list user@commons.apache.org Received: (qmail 14182 invoked by uid 99); 22 Apr 2008 14:15:19 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 22 Apr 2008 07:15:19 -0700 X-ASF-Spam-Status: No, hits=1.2 required=10.0 tests=SPF_NEUTRAL X-Spam-Check-By: apache.org Received-SPF: neutral (nike.apache.org: local policy) Received: from [194.152.182.1] (HELO mgate.ops.co.at) (194.152.182.1) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 22 Apr 2008 14:14:26 +0000 Received: from smtp.ops.co.at (smtp.int.ops.co.at [172.27.0.4]) by mgate.ops.co.at (OPS Mail Gateway - authorized use only - NO UCE/UBE C=AT L=VIE) with ESMTP id 93D26AFE3A for ; Tue, 22 Apr 2008 16:14:46 +0200 (CEST) Received: by smtp.ops.co.at (Postfix, from userid 65534) id 72A166E023F; Tue, 22 Apr 2008 16:14:45 +0200 (CEST) Received: from [172.27.1.104] (lints2.int.ops.co.at [172.27.1.104]) by smtp.ops.co.at (Postfix) with ESMTP id C53036E0234 for ; Tue, 22 Apr 2008 16:14:44 +0200 (CEST) Message-ID: <480DF2D5.5030606@chello.at> Date: Tue, 22 Apr 2008 16:14:45 +0200 From: "simon.kitching@chello.at" User-Agent: Thunderbird 2.0.0.0 (X11/20070418) MIME-Version: 1.0 To: Jakarta Commons Users List Subject: Re: jsvc: app won't bind to socket when started as root References: <480D0AE5.10002@synernet.com> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Spam-Checker-Version: SpamAssassin 2.64 (2004-01-11) on smtp.ops.co.at X-Spam-Level: X-Virus-Checked: Checked by ClamAV on apache.org X-Old-Spam-Status: No, hits=-4.0 required=7.0 tests=AWL,BAYES_00,RATWR10_MESSID, SARE_TOCC_USER,TW_JS autolearn=no version=2.64 Hi Fred, Are you sure you know what the "-user" option is for? >From the commons-daemon site: "Jsvc is a daemon process so it should be started as root and the |-user| parameter allows to downgrade to an unprivilegded user." You *have* to run jsvc as root if you want to bind to ports < 1000, or if you want it to run as some user other than the current user; only root has the ability to do either of those things. Regards, Simon Waseem Azhar schrieb: > Hi, > > This is my script to start tomcat using jsvc. It works fine with me, you can > try it. make sure to change variable values according to your environment. > Also make sure that your script has execute permissions. > > #!/bin/sh > ############################################################################## > # > > JAVA_HOME=/usr/java/jdk1.5.0_12 > CATALINA_HOME=/var/lib/tomcat > DAEMON_HOME=/var/lib/tomcat/bin > TOMCAT_USER=root > TMP_DIR=/var/tmp > CATALINA_OPTS= > CLASSPATH=\ > $JAVA_HOME/lib/tools.jar:\ > $DAEMON_HOME/commons-daemon.jar:\ > $CATALINA_HOME/bin/bootstrap.jar > > start() { > # > # Start Tomcat > # > $DAEMON_HOME/jsvc \ > -user $TOMCAT_USER \ > -home $JAVA_HOME \ > -Dcatalina.home=$CATALINA_HOME \ > -Djava.io.tmpdir=$TMP_DIR \ > -errfile '&1' \ > -pidfile /var/run/jsvc.pid \ > -outfile $CATALINA_HOME/logs/catalina.out \ > $CATALINA_OPTS \ > -cp $CLASSPATH \ > org.apache.catalina.startup.Bootstrap > # > # To get a verbose JVM > #-verbose \ > # To get a debug of jsvc. > #-debug \ > > } > > stop(){ > # > # Stop Tomcat > # > PID=`cat /var/run/jsvc.pid` > kill $PID > sleep 3 > > } > > restart(){ > if [ -e /var/run/jsvc.pid ]; then > printf "shutting down tomcat \n" > stop > sleep 2 > fi > printf "starting up tomcat...\n" > start > sleep 2 > printf "tomcat started.\n" > > } > > status(){ > if [ -e /var/run/jsvc.pid ]; then > printf "tomcat is running\n" > > fi > if [ ! -e /var/run/jsvc.pid ]; then > printf "tomcat is *not* running.\n" > > fi > } > > case "$1" in > start) > start > ;; > > status) > status > ;; > > restart) > if [ -e /var/run/jsvc.pid ]; then > printf "shutting down tomcat \n" > stop > sleep 3 > fi > printf "starting up tomcat...\n" > start > sleep 2 > printf "tomcat started.\n" > ;; > stop) > stop > ;; > *) > echo "Usage tomcat start/stop/restart/status" > exit 1;; > esac > > > -Azhar > > > On Tue, Apr 22, 2008 at 2:45 AM, Fred Toth wrote: > > >> Hi all, >> >> We've run into a problem with jsvc. In our environment we need to run >> tomcat >> as root so that it can bind to several low numbered ports. >> >> However, when using the "-user root" argument to jsvc, tomcat still can't >> bind >> to the ports. >> >> If we run tomcat directly (as root) with its "startup.sh", everything >> works fine. >> >> In researching this, I found a reference where someone claimed there was a >> problem >> with the set_cap() capabilities support in jsvc. I've looked at the >> source, but I don't know >> enough about how that's supposed to work to know if it's correct or not. I >> was >> hoping to find a patch somewhere, but no luck so far. >> >> Has anyone on the list run into this? Is there a patch available? Or a >> work-around? >> >> Many thanks, >> >> Fred Toth >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: user-unsubscribe@commons.apache.org >> For additional commands, e-mail: user-help@commons.apache.org >> >> >> > > --------------------------------------------------------------------- To unsubscribe, e-mail: user-unsubscribe@commons.apache.org For additional commands, e-mail: user-help@commons.apache.org