Return-Path: Delivered-To: apmail-jakarta-tomcat-user-archive@apache.org Received: (qmail 65197 invoked from network); 13 Sep 2002 17:35:38 -0000 Received: from unknown (HELO nagoya.betaversion.org) (192.18.49.131) by daedalus.apache.org with SMTP; 13 Sep 2002 17:35:38 -0000 Received: (qmail 26950 invoked by uid 97); 13 Sep 2002 17:35:55 -0000 Delivered-To: qmlist-jakarta-archive-tomcat-user@jakarta.apache.org Received: (qmail 26916 invoked by uid 97); 13 Sep 2002 17:35:54 -0000 Mailing-List: contact tomcat-user-help@jakarta.apache.org; run by ezmlm Precedence: bulk List-Unsubscribe: List-Subscribe: List-Help: List-Post: List-Id: "Tomcat Users List" Reply-To: "Tomcat Users List" Delivered-To: mailing list tomcat-user@jakarta.apache.org Received: (qmail 26904 invoked by uid 98); 13 Sep 2002 17:35:53 -0000 X-Antivirus: nagoya (v4218 created Aug 14 2002) Date: Fri, 13 Sep 2002 11:35:16 -0600 From: "Peter T. Abplanalp" To: Tomcat Users List Subject: Re: Unix file socket / mod_jk2 Message-ID: <20020913173516.GF30913@psaconsultants.com> Mail-Followup-To: Tomcat Users List References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii; x-action=pgp-signed Content-Disposition: inline In-Reply-To: X-Crypto: GnuPG/1.0.7 http://www.gnupg.org X-GPG-Key: pgp.mit.edu X-GPG-KeyID: 0x7d224574 X-GPG-Fingerprint: 13BD EF58 6A89 033D D1C3 0F6C 8200 3CB0 7D22 4574 X-message-flag: Get a real email client, http://www.mutt.org/ - Linux: The choice of a GNU generation! User-Agent: Mutt/1.5.1i X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 * On Fri, Sep 13, 2002 at 01:29:08PM -0400, Maxime Colas des Francs wrote: > Hi > > I'm on Linux (RH 7.3) with jsdk 1.4 > > I attempt to use Tomcat 4, Apache 2 and mod_jk2 with a > unix socket file for communication. > > Tomcat is launched as root, and creates the socket file : > srw-rw---- 1 root root 0 sep 13 13:17 jk2.socket > > Apache 2 is launched as nobody and can't read/write in this file > (works with after a chmod 777 on jk2.socket) > > what is the best (secure) solution ? 1) add a tomcat group to your system. 2) add nobody to the tomcat group. 3) chgrp tomcat jk2.socket. 4) chmod g+w jk2.socket. 5) restart everything. - -- Peter Abplanalp PGP: pgp.mit.edu -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE9giHUggA8sH0iRXQRAhZmAKCuXYvqyUs6Z48hBHIuDtdd39dWPgCgt2uC 6BjV4PC6iw/x/ChnJwNRG6A= =PRY9 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: For additional commands, e-mail: