On 9/7/17, 3:15 AM, Emmanuel Bourg wrote:
You didn't change the TOMCAT8_USER variable in /etc/default/tomcat8 and
authbind is installed, right?
What is the output of (as root):
su tomcat8 -s /bin/bash -c "authbind --deep /bin/bash -c 'netcat -v -p 443 -l'"
Well, all that does is ask me for a nonexistent password (Google Compute
instances are ssh-by-keypair only), but if I change the su to a sudo, then:
jamesl@xxxxx:~$ sudo -u tomcat8 -s /bin/bash -c "authbind --deep /bin/bash -c
'netcat -v -p 443 -l'"
Can't grab 0.0.0.0:443 with bind : Permission denied
jamesl@xxxxx:~$ sudo -s /bin/bash -c "authbind --deep /bin/bash -c 'netcat -v -p 443
-l'"
listening on [any] 443 ...
^C
jamesl@xxxxx:~$ sudo -u tomcat7 -s /bin/bash -c "authbind --deep /bin/bash -c
'netcat -v -p 443 -l'"
listening on [any] 443 ...
^C
So apparently, there's something different between the tomcat7 and
tomcat8 user profiles that's killing authbind.
From /etc/passwd:
tomcat7:x:107:113::/usr/share/tomcat7:/bin/false
. . .
tomcat8:x:109:115::/var/lib/tomcat8:/bin/false
The only places "tomcat7" and "tomcat8" appear in /etc/group are:
tomcat7:x:113:
. . .
tomcat8:x:115:
The only difference I see is the home directories.
--
JHHL
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
