tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Óscar Frías Barranco <ofr...@gmail.com>
Subject Problem starting Tomcat + APR on port 80 using jsvc with setuid
Date Mon, 28 Nov 2011 13:14:48 GMT
Hi.

I want to start Tomcat 6.0.33 (running on port 80) from the command line of
a non-root user.  I have set the setuid flag in the jsvc binary to
"convert" the non-root user to root at the time of execution.  Then the
jsvc binary is executed with the "--user tomcat" parameter.

The thing is that the whole setup works and I can successfully start Tomcat
from a non-root user command line if I don't use APR (libtcnative-1).

But then I installed APR and now I can only start Tomcat from root command
line.  If I try to start Tomcat from the non-root user command line I get
the exception at the bottom.

Why is this happening?  Is this a Tomcat bug?  Do I have to setuid another
file besides "jsvc"?  Thanks!


INFO: JvmRouteBinderValve started
Nov 28, 2011 1:28:25 PM org.apache.coyote.http11.Http11AprProtocol start
SEVERE: Error starting endpoint
java.lang.Exception: Socket bind failed: [13] Permission denied
        at org.apache.tomcat.util.net.AprEndpoint.init(AprEndpoint.java:649)
        at
org.apache.tomcat.util.net.AprEndpoint.start(AprEndpoint.java:766)
        at
org.apache.coyote.http11.Http11AprProtocol.start(Http11AprProtocol.java:137)
        at
org.apache.catalina.connector.Connector.start(Connector.java:1095)
        at
org.apache.catalina.core.StandardService.start(StandardService.java:540)
        at
org.apache.catalina.core.StandardServer.start(StandardServer.java:754)
        at org.apache.catalina.startup.Catalina.start(Catalina.java:595)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at
org.apache.commons.daemon.support.DaemonLoader.start(DaemonLoader.java:243)
Nov 28, 2011 1:28:25 PM org.apache.catalina.core.StandardService start
SEVERE: Failed to start connector [Connector[HTTP/1.1-80]]
LifecycleException:  service.getName(): "Catalina";  Protocol handler start
failed: java.lang.Exception: Socket bind failed: [13] Permission denied
        at
org.apache.catalina.connector.Connector.start(Connector.java:1102)
        at
org.apache.catalina.core.StandardService.start(StandardService.java:540)
        at
org.apache.catalina.core.StandardServer.start(StandardServer.java:754)
        at org.apache.catalina.startup.Catalina.start(Catalina.java:595)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at
org.apache.commons.daemon.support.DaemonLoader.start(DaemonLoader.java:243)
Nov 28, 2011 1:28:25 PM org.apache.catalina.startup.Catalina start
INFO: Server startup in 4120 ms


Óscar

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message