Jimmy Spam wrote:
Please, excuse my poor english.
It sounds fine.
When I deploy an java app (.war file) with tomcat manager, it create the
folder of this app inside of webapps with user: tomcat, group: tomcat
and permissions 750. I need, at least, have write privilege for group
(770), since some user of my system (wich are inside of tomcat group),
need can modify files of the apps.
Can I change this behavior?
Hi.
Maybe not directly in Tomcat (although since it is open-source, you
could modify the Manager application yourself).
But if you are under Linux, and the filesystem where Tomcat resides
allows it (supports ACL), there is another way (ACL) : look up the commands
setfacl, getfacl etc..
The point is : you can set permissions for the webapps
directory/subdirectory, which will override what the Manager says.
Be prepared : these commands are a bit hard to understand; but they work.
Make sure that you understand the security implications of what you are
doing, and make sure the Manager itself is well-protected. It has been
used in the past for attacks, to upload applications which in turn act
as Trojans e.g.
Also, in the above, the logic itself of your requirement does raise some
doubts : apparently thus, you deploy an application from a .war file
through the Manager. This generates (explodes) a series of directories
and files under tomcat/webapps.
And then, you allow some people to go and modify these files directly.
You probably know what you are doing, but as a general mechanism that
does not sound like a very safe/consistent thing to do. For example, it
means that if someone modifies a file, and then the application is
redeployed using the Manager, the changes are lost.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
