DSpace installation instructions <https://wiki.duraspace.org/display/DSDOC6x/Installing+DSpace> suggest creating a `dspace` user account to own the DSpace installation, while current advice (1 <https://groups.google.com/forum/#!searchin/dspace-tech/dspace$20user$20tomcat|sort:relevance/dspace-tech/QIO16TmcvMg/6htAE_QBBwAJ>, 2 <https://groups.google.com/forum/#!searchin/dspace-tech/dspace$20user$20tomcat|sort:relevance/dspace-tech/3cTb-IGoSuM/lJX2jwb9BgAJ>, 3 <https://groups.google.com/forum/#!searchin/dspace-tech/dspace$20user$20tomcat|sort:relevance/dspace-tech/AOWr4UuHpxs/lA0YCMf6BgAJ>) suggests having `tomcat` be the owner of these files (though all of these links are several years old at this point).
Neither is ideal. It is relatively easy to set up Tomcat to run as a different user (I've used the instructions at https://askubuntu.com/questions/371809/run-tomcat7-as-tomcat7-or-any-other-user/527826#527826 before), but the permission changes required are reverted whenever Tomcat is updated by one's package manager. It is also relatively easy to just assign ownership of the dspace installation files to Tomcat, but on some Linux distros `tomcat` is a nologin user, which makes running mvn, ant, and bin/dspace commands awkward (`sudo -u tomcat ...`). It is also possible to change group ownership settings on some DSpace dirs (log, assetstore, etc.) so that tomcat can write to them, but is difficult to keep these up to date, and the Solr index is especially tricky permission-wise. *It would be really nice if both the DSpace installation files and the files generated at runtime (logs, etc.) had permissions that were conducive to group-based reading/writing.* Is this something others are interested in? What is the current consensus on this issue? I'm currently using the following setup (with DSpace 5.9): Tomcat is run as tomcat. DSpace (both source and installation) is owned by tomcat. To build, I have to do `sudo -u tomcat /full/path/to/maven package`, then `sudo -u tomcat /full/path/to/ant update -f path/to/dspace/target/dspace-installer/build.xml`. Any DSpace command (e.g., `index-discovery` or `filter-media`), I run as `sudo -u tomcat path/to/dspace/bin/dspace ...`. Thanks, Jacob -- All messages to this mailing list should adhere to the DuraSpace Code of Conduct: https://duraspace.org/about/policies/code-of-conduct/ --- You received this message because you are subscribed to the Google Groups "DSpace Technical Support" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/dspace-tech. For more options, visit https://groups.google.com/d/optout.
