Petr, Are you executing JSVC as root or no? If you aren't, then I can understand why your non-root account cannot bind to 443. The way JSVC works is by starting up under the account that executed it and then spawning a child process that is owned by the account specified in the -user option.
A- On 10/31/08 10:56 AM, "Petr Sumbera" <[EMAIL PROTECTED]> wrote: > > > Caldarale, Charles R wrote: >> >>> From: Andrew Ralph Feller, afelle1 [mailto:[EMAIL PROTECTED] >>> Subject: Re: relation between Tomcat and Apache Commons >>> >>> it seems possible to run Tomcat on a non-privileged port with a >>> non-root account and have requests for port 443 redirected to >>> Tomcat's listening port. >> >> Of course - but it requires additional configuration (e.g., iptables, >> firewall). Using jsvc may be simpler and avoid dependencies external to >> Tomcat. >> > > What I have just found is that jsvc enables Tomcat to bind privileged port > only on Linux (it's using capabilities). > > For example on Solaris one need to add net_privadd privilege for Tomcat > user. This can be done by modifying /etc/user_attr. In such case I believe > there is no need for jsvc. > > grep tomcat /etc/user_attr > tomcat::::defaultpriv=basic,net_privaddr > > -- > > Petr -- Andrew R. Feller, Analyst Information Technology Services 200 Fred Frey Building Louisiana State University Baton Rouge, LA 70803 (225) 578-3737 (Office) (225) 578-6400 (Fax) --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
