I'm running jsvc as root. If you look in jsvc.c you will see some linux ifdefs. Particularly look for set_caps() function.
Petr Andrew Ralph Feller, afelle1 wrote: > > Petr, > > Are you executing JSVC as root or no? If you aren't, then I can > understand > why your non-root account cannot bind to 443. The way JSVC works is by > starting up under the account that executed it and then spawning a child > process that is owned by the account specified in the -user option. > > A- > > On 10/31/08 10:56 AM, "Petr Sumbera" <[EMAIL PROTECTED]> wrote: > >> >> >> Caldarale, Charles R wrote: >>> >>>> From: Andrew Ralph Feller, afelle1 [mailto:[EMAIL PROTECTED] >>>> Subject: Re: relation between Tomcat and Apache Commons >>>> >>>> it seems possible to run Tomcat on a non-privileged port with a >>>> non-root account and have requests for port 443 redirected to >>>> Tomcat's listening port. >>> >>> Of course - but it requires additional configuration (e.g., iptables, >>> firewall). Using jsvc may be simpler and avoid dependencies external to >>> Tomcat. >>> >> >> What I have just found is that jsvc enables Tomcat to bind privileged >> port >> only on Linux (it's using capabilities). >> >> For example on Solaris one need to add net_privadd privilege for Tomcat >> user. This can be done by modifying /etc/user_attr. In such case I >> believe >> there is no need for jsvc. >> >> grep tomcat /etc/user_attr >> tomcat::::defaultpriv=basic,net_privaddr >> >> -- >> >> Petr > > -- > Andrew R. Feller, Analyst > Information Technology Services > 200 Fred Frey Building > Louisiana State University > Baton Rouge, LA 70803 > (225) 578-3737 (Office) > (225) 578-6400 (Fax) > > > --------------------------------------------------------------------- > To start a new topic, e-mail: users@tomcat.apache.org > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > -- View this message in context: http://www.nabble.com/relation-between-Tomcat-and-Apache-Commons-tp20145816p20270558.html Sent from the Tomcat - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
