tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Mika Goeckel" <m...@stepstone.de>
Subject Re: Réf. : How to enable port 80 on RH Linux 7.1?
Date Tue, 06 Nov 2001 13:23:13 GMT
Hi,

yes, you need root permissions to bind tomcat to port 80. But you don't want
to start tomcat as user root without further measurements because it would
mean a high security risk for your system. There are several known ways to
get around. You can create a sandbox using tools like tcpwrapper, chroot and
suid. Apache itself has a suid functionality built in, that means it changes
the user it is running under itself to that user configured in apache.conf.
That is a strong reason to use Apache as a frontend to tomcat.
If you want to use xinetd to start tomcat, you can specify the user that
runs the server there.But that is only suitable if you don't have much load
for tomcat because xinetd will start a new instance for every new
connection. Another possibility is to use xinetd to forward the port, this
gives you interesing options as xinetd can control things for you like
blocking computers or whole networks or limiting the number of requests at a
time. Look up xinetd and xinetd.conf man pages.

Hope to have helped you,
Mika

----- Original Message -----
From: "James Yap" <james@miweb.es>
To: <tomcat-user@jakarta.apache.org>
Sent: Tuesday, November 06, 2001 2:02 PM
Subject: Re: Réf. : How to enable port 80 on RH Linux 7.1?


>
> I think you need to be root to start a service with a port lower than
1024.
>
> >
> > Hello...
> >
> >     Did you check if the port is enabled in xinetd?
> >
> > ---------------------------------------------------
> > Raul Davidovich
> > Responsable Informatique
> > Cvitkovic & Associés Consultants
> >
> > (33) 1 45 15 40 68
> > (33) 1 45 15 40 41 Fax
> > -------------------------------------------------------
> > http://www.caconcology.com
> >
> >
> > |--------+----------------------->
> > |        |          stefanom     |
> > |        |          <stefano@pcdi|
> > |        |          rect.it>     |
> > |        |                       |
> > |        |          06/11/2001   |
> > |        |          13:27        |
> > |        |          Veuillez     |
> > |        |          répondre à   |
> > |        |          "Tomcat Users|
> > |        |          List"        |
> > |        |                       |
> > |--------+----------------------->
> >
>------------------------------------------------------------------------
> ---------------------------------------------------------------------|
> >  |
> >
> >  | |       Pour :  tomcat-user@jakarta.apache.org
> >
> >    | |       cc :
> >
> >      | |       Objet :      How to enable port 80 on RH Linux 7.1?
> >
> >        |
> >
>------------------------------------------------------------------------
> ---------------------------------------------------------------------|
> >
> >
> >
> >
> > Hi all,
> > thi forum is a great idea, hope I can be helpful in the future (I'm
> > still a newbie...)
> >
> > My question:
> >
> > I've just migrated my webapp fron Jserv to Tomcat 3.3, on RH Linux 7.1,
> > everything's ok but a couple of points:
> >
> > 1 - Tomcat is running as a standalone server, and it works great on
> > port 8080. When I try to run it serving port 80 (changing server.xml
> > parameter), I cannot start it due to missing root permission to access
> > the port: EmbededTomcat: Init time 1884
> >
> > Guessed home=/var/tomcat
> >
> > java.lang.reflect.InvocationTargetException:
> > org.apache.tomcat.core.TomcatExcept
> > ion: Root cause - Permesso negato
> >
> >        at
> > org.apache.tomcat.modules.server.PoolTcpConnector.engineStart(PoolTcp
> > Connector.java)
> >
> >        ...
> >        ...
> >
> >        at org.apache.tomcat.startup.Main.main(Main.java)
> >
> >
> > How can I fix this?
> >
> >
> > TNX in advance!
> >
>
> --------------------------------------------------------------------------
> -
> > This message has been posted through the Jakarta Tomcat 3.3 F.A.Q. on
> > line forum, and can be seen at:
> > <http://nagoya.apache.org:8080/jive/thread.jsp?forum=3&thread=21>
> > For more informations about the on-line Jakarta forums, please go to:
> > <http://nagoya.apache.org:8080/jive/>
>
> --------------------------------------------------------------------------
> -
> >
> > --
> > To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
> > For additional commands: <mailto:tomcat-user-help@jakarta.apache.org>
> > Troubles with the list: <mailto:tomcat-user-owner@jakarta.apache.org>
> >
> >
> >
> >
> >
> >
> > --
> > To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
> > For additional commands: <mailto:tomcat-user-help@jakarta.apache.org>
> > Troubles with the list: <mailto:tomcat-user-owner@jakarta.apache.org>
>
>
>
>
> --
> To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
> For additional commands: <mailto:tomcat-user-help@jakarta.apache.org>
> Troubles with the list: <mailto:tomcat-user-owner@jakarta.apache.org>
>


--
To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands: <mailto:tomcat-user-help@jakarta.apache.org>
Troubles with the list: <mailto:tomcat-user-owner@jakarta.apache.org>


Mime
View raw message