-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Chris,
On 9/5/17 4:42 PM, Chris Cheshire wrote: > On Tue, Sep 5, 2017 at 2:07 PM, Christopher Schultz > <ch...@christopherschultz.net> wrote: >> If I were king, I'd set things up like this: >> >> 1. Tomcat is installed in /usr/local/tomcat (or >> /usr/local/tomcat-x.y.z, or /opt/whatever, etc.). > > > Looks like I do need to adjust default permissions on this if I > expand as root. > > The tarball leaves me with > > [root@host apache-tomcat-8.5.20]# ls -al total 124 drwxr-xr-x 9 > root root 4096 Sep 5 20:31 . drwxr-xr-x 14 root root 4096 Sep 5 > 20:31 .. -rw-r----- 1 root root 57092 Aug 2 21:36 LICENSE > -rw-r----- 1 root root 1723 Aug 2 21:36 NOTICE -rw-r----- 1 > root root 7064 Aug 2 21:36 RELEASE-NOTES -rw-r----- 1 root root > 15946 Aug 2 21:36 RUNNING.txt drwxr-x--- 2 root root 4096 Sep 5 > 20:31 bin drwx------ 2 root root 4096 Aug 2 21:36 conf > drwxr-x--- 2 root root 4096 Sep 5 20:31 lib drwxr-x--- 2 root > root 4096 Aug 2 21:35 logs drwxr-x--- 2 root root 4096 Sep 5 > 20:31 temp drwxr-x--- 7 root root 4096 Aug 2 21:36 webapps > drwxr-x--- 2 root root 4096 Aug 2 21:35 work > > > What should the permissions, owner & group be set to for > CATALINA_HOME if I am running separate instances per user? It doesn't really matter. You just need to make sure that your "users" can read the default config files -- especially conf/web.xml and conf/tomcat.xml which usually shouldn't be modified from their defaults anyway. I've always been irritated that the conf/ directory is only readable by the owner in the tarball. Maybe I'll agitate to get that changed, and only protect conf/server.xml and conf/tomcat-users.xml in that way. - -chris -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJZsbqPAAoJEBzwKT+lPKRY+bcQAI6I9VMV42xTiV/02XT1idic GJQzfD6fpukZ2ZoCltzsQ9n9oygAb43QAnslGLwzG+xa4+Kon+TkgNLlckhpO0IK yw65LAcEkG8x7iggX23l1I4u4c51GlPERqb8FXH4Sys8JNMFaM3r48/SMiBmVW3r 29ILYk3yHhUWovZGnHcqzosTECo9FBfCNMe8bp+v7vDCifODKPrRRVUtzmOFdN+a 4YAqG+aRIQVHZHqE/2h5lbnnER5PzERj7igfArjOuHwkR4W283y/VxasOaQVrNgL R/r+Qb99KNH5djiNj3kvfpqLO9Jq3rrIpuc6zH6yrv8EJcgmEoy494bONixt7Eus q8g/0XTzU9izPfG3wRaCQaPh7oV+ZurYOZAFeYz0eOj5a/AjZfWnwpFSfcTyP5qD IIrfiaysH+j3NwGpTsT2B1q5Ecp1bugzuIiHHnoZDVDodncSI52XdgykL9tyrjN7 20d4pcepVEdQoTT1ABJKl6mONKMuG3NA+rvNYJQvIlq642LbUx/3rkA+dk+m7OeY TkCquZZ128NBGzMhwEuEnNSEmBmGyF27vH4qi+2HKi8dsVDsdvRb+mnmFJWTeWVC ndW3Px/xldEDyhdF84g5TzX8Y7fYjJLOC2EzjkDZmZmI0/l54e7Y/+aq6pThrIpC q2SjSPEtuzmmlEh2OC1z =Xei9 -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org