I'd like for my webapp which is deployed as a war ROOT.war
to have write access to /var/www/html/static/images
so that it can write uploaded and converted images to that folder so nginx can serve it statically. Currently it doesn't work and triggers a java.nio.file.FileSystemException
exception together with the Filesystem is read-only
message.
But the filesystem is not read-only and is in great condition. The folder has already been chmodded 777.
Extra info: The tomcat setup is running on an Ubuntu 18.04 Azure VM with managed disk. The folder is residing on an Ext4 formatted drive
By default, these files are located at TOMCAT-HOME/conf/server. xml and TOMCAT-HOME/conf/web. xml, respectively.
The webapps directory is where deployed applications reside in Tomcat. The webapps directory is the default deployment location, but this can be configured with the appBase attribute on the <Host> element.
I would do this by renaming my application specific.war and then going to Tomcat Web Application Manager and then going to "WAR file to deploy", select my WAR file and deploy it. However I would like to deploy it so that if the user types www.abc.com he/she will go straight to the application, without specifying the directory. How is this possible?
I am able to deploy my .war application to a specific directory e.g. www.abc.com/specific I would do this by renaming my application specific.war and then going to Tomcat Web Application Manager and then going to "WAR file to deploy", select my WAR file and deploy it.
To deploy a web application to Apache Tomcat, you can copy a WAR file to the application base directory, e.g., c:/Tomcat8/webapps. This operation of course presupposes we know the application base directory. We could consult server.xml and look up the Host element to determine the directory name.
It provides a management dashboard from which you can deploy a new web application, or undeploy an existing one without having to restart the container. This is especially useful in production environments. In this article, we will do a quick overview of Tomcat and then cover various approaches to deploying a WAR file.
Let's start with: chmod 777
is great for testing, but absolutely unfit for the real world and you shouldn't get used to this setting. Rather set the owner/group correctly, before you give world write permissions.
Edit: A similar question just came up on the Tomcat mailing list, and Emmanuel Bourg pointed out that Debian Tomcat is sandboxed by systemd. Read your /usr/share/doc/tomcat9/README.Debian which contains this paragraph:
Tomcat is sandboxed by systemd and only has write access to the following directories:
- /var/lib/tomcat9/conf/Catalina (actually /etc/tomcat9/Catalina)
- /var/lib/tomcat9/logs (actually /var/log/tomcat9)
- /var/lib/tomcat9/webapps
- /var/lib/tomcat9/work (actually /var/cache/tomcat9)
If write access to other directories is required the service settings have to be overridden. This is done by creating an override.conf file in /etc/systemd/system/tomcat9.service.d/ containing:
[Service]
ReadWritePaths=/path/to/the/directory/
The service has to be restarted afterward with:
systemctl daemon-reload systemctl restart tomcat9
Edit 2022: Note that these are the 2019 paths - validate if you need to adapt them to the current location of your tomcat whenever you run across this answer (e.g. see Ng Sek Long's comment for Ubuntu 20)
End of edit, continuing with the passage that didn't solve OP's problem, but should stay in:
If - all things tested - Tomcat should have write access to that directory, but doesn't have it, the error message points me to an assumption: Could it be that
The default configuration for NFS is that root has no permissions whatsoever on that external filesystem (or was it no write-permission? this is ancient historical memory - look up "NFS root squash" to get the full story)
If this is a condition that matches what you are running, you should stop running Tomcat as root, and rather run it as an unprivileged user. Then you can set the permissions on the directory in question to be writeable by your tomcat-user, and readable by nginx, and you're done.
Running Tomcat as root is a recipe for disaster: You don't want a process that's available from the internet to run as root.
If these conditions don't meet your configuration: Elaborate on the configuration. I'd still stand by this description for others who might find this question/answer later.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With