-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Gregor,
On 11/30/2010 4:18 PM, Gregor Schneider wrote: > Mladen, > >> Believe it or not, this is intentional and correct behavior. >> Almost any server behaves like that. > > thanks for sharing your views on this one, which I, however, do not share at > all > > besides, no server behaves like you're stating: Apache httpd acts this way: $ ls -l /usr/sbin/apache2 - -rwxr-xr-x 1 root root 365308 Apr 19 2010 /usr/sbin/apache2 $ grep ErrorLog /etc/apache2/apache2.conf # ErrorLog: The location of the error log file. # If you do not specify an ErrorLog directive within a <VirtualHost> ErrorLog /var/log/apache2/error.log $ sudo ls -l /var/log/apache2/error.log - -rw-r----- 1 root adm 16813 Nov 30 15:33 /var/log/apache2/error.log Looks like root ownership to me. > if an application is started in a non-root-context and producing any output > such as log-files, those files usually are owned by the user in whose > context the application is running. Try running 'stat jsvc' and tell us who the "user context" should be? > besides, superuser root can watch / edit those files anyway. > and what sense should any generated output make, if the app-owner is not > able to read those files, esp. when those files contain stuff such as > logging-information? > therefor, in my humble opinion, i'd consider such a behaviour as a bug Patches are always welcome :) How about something like a new option for jsvc "-outfilePriv unprivileged|privileged" or something: that would indicate that the log file should be opened either before or after root privileges are dropped. Also, have you tried setting your umask before launching jsvc? You may get a lot of mileage out of umask 0022 jsvc ... Hope that helps, - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkz1bZ4ACgkQ9CaO5/Lv0PD4EQCgnwQzsIrgHe1E/QOxouZ0kyY4 R3UAoKoVj9KoMY/joXvIfHpUJ1D/1R8X =ExC+ -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
