André Warnier wrote:
epicwin...@hotmail.com wrote:
You are correct, I found a setting that relaxes the group access
permissions on the jailkit.
Now I just have one more problem. When tomcat creates files in these
user directories I need the permissions to be set appropriately. What
is the best way to set the umask value when running tomcat using jsvc?
That's a good question.
I don't think jsvc would take any account of the Tomcat user's .profile
file.
ACLs would allow you to do that however :-)
(Seriously, I believe you can set an ACL on the target directory that
would make it so that when this particular user (Tomcat) creates a file
there, it has by default a given set of permissions).
Otherwise, you might have to do some kind of chmod from within your
webapp itself, after it creates the file. I don't know what Java method
that would be.
Replying to myself : upon further reflection, I am not even sure that
Java would have a method to do this, since it is supposed to be
platform-independent, and setting filesystem permissions and group
ownership is rather on the platform-dependent side.
How often do such upload requests come in ? I'm thinking that if this is
a single-platform solution, and file uploads don't come up tens per
second at a time, it may be possible (though I also don't know how) to
simply execute an OS-level command (chmod 0xxx filename; chgroup xxxxx
filename) from within a Tomcat webapp, or a servlet filter that would
run after the webapp.
Otherwise, ACLs are complicated in terms of understanding the
documentation of setfacl; but once you have it down, it is after all
only a matter of running a single setfacl command once on each of your
target directories. And it has the advantage of being done totally
outside of your webapp, once and for all. It "sticks" to the directory,
not to your code.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
