Return-Path: Delivered-To: apmail-jakarta-tomcat-user-archive@www.apache.org Received: (qmail 91501 invoked from network); 5 Apr 2005 01:48:57 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 5 Apr 2005 01:48:57 -0000 Received: (qmail 50399 invoked by uid 500); 5 Apr 2005 01:48:37 -0000 Delivered-To: apmail-jakarta-tomcat-user-archive@jakarta.apache.org Received: (qmail 50389 invoked by uid 500); 5 Apr 2005 01:48:37 -0000 Mailing-List: contact tomcat-user-help@jakarta.apache.org; run by ezmlm Precedence: bulk List-Unsubscribe: List-Subscribe: List-Help: List-Post: List-Id: "Tomcat Users List" Reply-To: "Tomcat Users List" Delivered-To: mailing list tomcat-user@jakarta.apache.org Received: (qmail 50376 invoked by uid 99); 5 Apr 2005 01:48:37 -0000 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_HELO_PASS X-Spam-Check-By: apache.org Received-SPF: neutral (hermes.apache.org: local policy) Received: from smtpauth07.mail.atl.earthlink.net (HELO smtpauth07.mail.atl.earthlink.net) (209.86.89.67) by apache.org (qpsmtpd/0.28) with ESMTP; Mon, 04 Apr 2005 18:48:35 -0700 Received: from [67.101.129.85] (helo=[192.168.1.150]) by smtpauth07.mail.atl.earthlink.net with asmtp (Exim 4.34) id 1DIdBA-0003yx-De for tomcat-user@jakarta.apache.org; Mon, 04 Apr 2005 21:48:32 -0400 Mime-Version: 1.0 (Apple Message framework v619.2) Content-Transfer-Encoding: 7bit Message-Id: <12697ce3d2a5d7a813aa3002167aa9a1@arachnedesign.net> Content-Type: text/plain; charset=US-ASCII; format=flowed To: Tomcat Users List From: John Lianogou Subject: Fwd: non-root on 80 Date: Mon, 4 Apr 2005 21:48:30 -0400 X-Mailer: Apple Mail (2.619.2) X-ELNK-Trace: ad68dfe1585cc1d766e19d6f8fecf7737e972de0d01da940c117c344e0c8dd402dc47753545cd2ee350badd9bab72f9c350badd9bab72f9c350badd9bab72f9c X-Originating-IP: 67.101.129.85 X-Virus-Checked: Checked X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N Hey Jeff, Using jsvc is not at all mutually exclusive to the solution i offered. :-) AFAIK, there is no way to make tomcat bind to 80 w/o running it as the root user... if anyone else has experience to the contrary, however, I'd be most pleased to be wrong on this one. jL On Apr 4, 2005, at 7:20 PM, Jeff Duska wrote: > I'm using the jsvc in the commons-daemon with a Tomcat user. Other > than not having to deal with the jsvc, is there a reason to pick this > over jsvc? > > Thanks, > > Jeff Duska > > > John Lianogou wrote: >> I had to set up a solution using IP tables on my redhat box. First >> some background as to why I solved it this way: >> You can't run anything directly on port 80 without that process being >> executed as the root user... which -- for a variety of reasons I'm >> sure you needn't hear me go into -- is a Really Bad Idea. ;-) >> What you want to do in this case is to reroute port 80 traffic to a >> port that tomcat can bind to when executed as a "normal" user. >> Here's what I did to accomplish this (hopefully you've got iptables >> on your box, as well... tho the path of this script may be different >> on yr system... so check into both matters if this doesn't work for >> you): > > > >> /sbin/iptables -t nat -I PREROUTING -p tcp --dport 80 -j REDIRECT >> --to-port 8080 >> You'll need root permissions to do this, tho. >> Hope that helps, >> jL >> On Apr 4, 2005, at 5:58 PM, NetSQL wrote: >>> I read that it has a stop method... but how do I get it to run at >>> port 80 ? >>> >>> .V >>> >>> David Smith wrote: >>> >>>> Look at jsvc in the commons-daemon project on >>>> jakarta.apache.org/commons >>>> --David >>>> NetSQL wrote: >>>> >>>>> apache drops to non root after bind to 80. >>>>> How can this be done w/ tc 5.5? >>>>> .V --------------------------------------------------------------------- To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org For additional commands, e-mail: tomcat-user-help@jakarta.apache.org