Danek Duvall napsal(a): > Petr Sumbera wrote: > >> The original idea was to deliver /var/run/tomcat6 directory via >> package so that tomcat could write into it. It was wrong.. >> >> As tomcat6 is started with 'webservd' credential it's not able to >> write into /var/run. Therefore I'm proposing to change pid file >> location to: >> >> /var/tomcat6/logs/pid Committed PID file > > There's no way to get tomcat to start as root and setuid to webservd and/or > drop all unnecessary privileges? Perhaps have the start method do the > work? If not, then yeah, this is fine.
Currently Tomcat SMF manifest takes care of setting 'webservd' credentials and adding extra privilege 'net_privaddr'. I think it's not possible to do this later in start method. I mean to combine 'su' command with 'ppriv'. Petr
