tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alan Chaney <>
Subject Re: Permissions of File Created by Tomcat
Date Sun, 20 Apr 2008 16:13:13 GMT
This is really a linux permissions issue.

How are you starting tomcat? with the $TOMCAT_HOME/bin/ or 
with jsvc or are you using an ubuntu startup script?

You don't say anything about the user who will run the java application.

Generally, the way to control the access permissions with which files 
are created in linux is to call 'umask' with the correct parameters. As 
mentioned before on this list umask is a shell command, so you must do 
it at the correct point or severely weaken the overall security of your 

You need to do the following:

1. decide which user or users will be executing tomcat and the java 
2. If you decide that you need to have two separate users, then make 
them both in the same group.
3. Use umask in the tomcat startup script and/or the shell in which you 
run your application to set appropriate access permissions - GIYF

As an aside, if you are going to have two different processes writing 
these shared files you may also have to consider locking issues - maybe 
you have already done this.


Alan Chaney

Daniel J Hulme wrote:
> Hi,
> I'm running a WebService using Tomcat 5.5 on Ubuntu 7.10 with Axis2.
> Files (and directories) are created by this service on a local directory:
> /myfiles/
> The permission of the new directories and files in this directory are:
> Directories: 		'drwxr-xr-x 2 tomcat55 nogroup  4096'
> Files:			'-rw-r--r-- 1 tomcat55 nogroup 10041'
> The problem is, is I want to access (write) these files using, say, a java
> application, it give me:
> /myfiles/aDir/aFile.txt (Permission denied)
> How can I either:
> 1.Gain write access to these files (without having to constantly change the
> permissions in the command prompt, and without running my java application
> with 'root' access).
> 2.Create the files/dirs from tomcat with 'write access'
> 3.Other....
> Thanking you in advance.
> Daniel

To start a new topic, e-mail:
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message