Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Changing the owner of an existing process in Linux

Tags:

linux

tomcat

redhat

I would like to start tomcat (Web Server) as a privileged user, and then bring it back to an unprivileged user once it has started. Is there a way to do this programatically, or in general with Linux?

Thanks.

like image 587
rudle Avatar asked Jan 09 '09 17:01

rudle

People also ask

Can we change owner of directory in Linux?

To change ownership of files or directories we use chown command in the Linux system. This command is also available in the IBM i operating system. The chgrp command is also used to change only the group ownership of the file in the Linux system.

Does process have owners in Linux?

Users, processes, and files in Linux. Launch processes and own files. A process is a program (executable file) that the kernel has loaded into main memory and runs. Have owners; by default, the user who creates the file owns it.

What do you mean by change ownership in Linux?

Change owner (chown) is a command in Linux that effectively changes the owner of a file. Files in Linux have one owner and one group assigned, as part of a consistent system for data administration in this operating system environment.

How do I change the owner of a link in Linux?

To change the owner of a symbolic link, use the -h option. Otherwise, the ownership of the linked file will be changed. The following image shows how symbolic links behave when -h is omitted. The owner and group of the symbolic link remain intact.

1 Answers

The underlying system call that you need is setuid(2), but it's not exposed by any of the Java APIs.

It's not hard to write a JNI wrapper that would give access to it though, although even then you'd need to find a suitable place in the Tomcat startup code to invoke setuid after the bind(2) calls have been made (those being the ones that normally require the root privileges).

As recommended by geocar you could use authbind so that Tomcat never needs to run as root at all.

Alternatively, as you've presumably got root access on the server in question, just run Tomcat on a non-privileged port and then use iptables tricks to forward inbound requests from the privileged port to the one that Tomcat is actually listening on. See this SO post for info on how to do this.

like image 179
Alnitak Avatar answered Sep 30 '22 05:09

Alnitak
Sign in to Comment

Related questions

How to convert 'ls' command to 'cat' command?
Linux, UDP datagrams, and kernel timestamps: Lots of examples and stackoversflow entries later, and still cannot get timestamps at all
How to run the django web server even after closing the shell on Amazon Linux
Are C standard library structures compatible between compilers and library versions on macOS or Linux?
glibc application holding onto unused memory until just before exit
Linux PCIe DMA Driver (Xilinx XDMA)
Running background process with kubectl exec
Problems with building image using snap docker
error_code: how to set and check errno
Generate list of Windows-like friendly time zone names on Linux .NET Core
R system() cannot allocate memory even though the same command can be run from a terminal
Accessing two discontinuous memory blocks as a single continuous block, in C?
What do f_bsize and f_frsize in struct statvfs stand for?
What are threads (i.e. lightweight processes) named `{java}` created for?
libudev development package not found
Differences between openembedded-core and poky
How to distinguish armhf (ARMv7) and armel (ARMv4) in C code?
Is it possible to intercept unencrypted HTTPS request body of local programs?
GDB shows incorrect arguments of functions for stack frames
How do you set the current directory of a debugged process?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!