In my code, the RandomAccess file is trying to do a read (code below). That's why all my tests are doing reads.
logFile = new RandomAccessFile(fileToRead, "r"); The sample java application I ran executes the exact same line above (with the same file) and reads the contents correctly. However, in Tomcat webapp, this fails. Thanks, Udam On Thu, Sep 6, 2012 at 1:15 PM, André Warnier <a...@ice-sa.com> wrote: > Udam Dewaraja wrote: > >> Hi all, >> >> I'm stumped on a seemingly java/tomcat related issue and am hoping someone >> can provide some help. >> >> >> We have two users ('user1' and 'user2') on our linux server that share the >> same group ('group1'). User 'user1' writes some files that have the >> following permissions: >> >> -rw-r----- 1 user1 group1 788 Sep 5 19:42 file.log >> >> The folder containing this file has the following permissions: >> >> drwxr-xr-- 2 user1 group1 4096 Sep 5 19:42 log >> >> >> The tomcat web app is launched as user 'user2'. Below is the ps output for >> the process. I've also verified that the java web app is running with gid >> of the shared group 'group1'. >> >> >> user2 31920 31919 99 21:30 ? 00:00:36 /usr/local/jre/bin/java >> .... org.apache.catalina.startup.**Bootstrap start >> >> When the web app tries to read the file, *it gets the following >> exception*: >> >> >> java.io.FileNotFoundException: /foo/bar/data/log/file.log (Permission >> denied) >> at java.io.RandomAccessFile.open(**Native Method) >> at java.io.RandomAccessFile.<**init>(RandomAccessFile.java:**233) >> at java.io.RandomAccessFile.<**init>(RandomAccessFile.java:**118) >> … >> at java.lang.Thread.run(Thread.**java:679) >> >> >> However, while logged in as 'user2', I can run a simple >> cat /foo/bar/data/log/file.log and* I can read the contents of the file*. >> >> >> Also, if I provide 'other' read permissions to the file (e.g. -rw-r--r-- >> 1 user1 group1 788 Sep 5 19:42 file.log), *the web app is able to read >> the file*. >> >> >> If I write a sample java application that tries to read this file and >> execute it while logged in as 'user2', again *Java is able to read the >> file. >> >> * >> >> >> Tomcat doesn't seem to be using any security policy as far as I can tell. >> Any ideas why the group permissions seem to be ignored by tomcat? >> >> >> Nothing to do with Tomcat I think. > Maybe it is because java.io.RandomAccessFile is a read/write kind of file, > and the group just has read permission ? > All your tests involve reading, not writing, and reading is allowed for > the group. > > Google for java.io.RandomAccessFile. > > ------------------------------**------------------------------**--------- > To unsubscribe, e-mail: > users-unsubscribe@tomcat.**apache.org<users-unsubscr...@tomcat.apache.org> > For additional commands, e-mail: users-h...@tomcat.apache.org > >