Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Tomcat not parsing .war symlinks

Tags:

java

tomcat

I have a development machine I'd installed Tomcat on previously, and just run it as the same user who was doing dev work. I dropped a symbolic link in $CATALINA_HOME/webapps to the directory I built the WAR to, and every time I updated the build tomcat followed the symlink and extracted the new WAR. Never any problems.

But in preparation for moving it to a production machine I created a new user with restricted permissions and set tomcat up to run as that user, as you do for security reasons.

Now tomcat doesn't follow the symlink anymore, even when I give its user ownership of the WAR file and set permissions to 777. I'm not seeing anything come up in catalina.out or the daily log about what's going on, either.

It's just one more step to the test cycle to copy the WAR over, so this isn't too crucial, but I'm still curious as to what's going on.

Permissions on the webapps directory:

drwxr-xr-x 3 tomcat tomcat  4096 Dec 11 14:34 webapps

Permissions on the directory I'm building to:

drwxrwxr-x 11 tomcat   tomcat   4096 Dec 11 14:34 target

Permissions on the WAR file maven produces:

-rw-rw-r-- 1 tomcat tomcat 16822856 Dec 11 14:34 [webapp].war

Permissions on the symlink I create to it:

lrwxrwxrwx 1 tomcat tomcat 60 Dec 11 17:33 [webapp].war -> [webapp directory]/[webapp].war
like image 913
Glazius Avatar asked Dec 05 '13 15:12

Glazius

2 Answers

I suspect the tomcat user does not have traversal permissions on one of the nested folders containing the real WAR file. As you said, he has permission on tomcat folders so he can start Tomcat and he can see that the symlink exists.

Maybe your build process creates the WAR file inside a private folder, let's say the home folder of the user glazius, and this prevents tomcat user from reading the file even if the file has the correct permissions attached.

You can easily use:

ls -Cf

inside your webapps folder to check the symlink color: if it's red tomcat user can't reach the file, if it's blue it should already work without any problems.

If it's red, ensure every folders to your WAR file have the traversal (x) permission on the other group. If for example the path is /home/glazius/workspace/target/webapp.war, execute these commands:

chmod o+x /home/glazius
chmod o+x /home/glazius/workspace
chmod o+x /home/glazius/workspace/target
like image 112
Giuseppe Bertone Avatar answered Nov 11 '22 02:11

Giuseppe Bertone

Give the new user write permission on $CATALINA_HOME/work.

like image 1
Italo Borssatto Avatar answered Nov 11 '22 00:11

Italo Borssatto
Sign in to Comment

Related questions

Spring upload file problems
LIBGDX: How do I draw a filled polygon with the shaperenderer?
Scroll gridview while dragging item (as shadow)
Best way to execute method asynchronously in Android (compact and correct)
How Implementations can be replaced at run-time for object composition(interface inheritance)
Why do I get a not exposed to the weaver warnings when making my Spring project?
Determine whether a PDF page contains text or is purely picture
How to access an object's public fields from a Velocity template
Karatsuba Algorithm without BigInteger usage
Random.nextInt(int) is [slightly] biased
Trying to import nested types from class
How to add ArrayList<String> to JSON Array - keeping type safety in mind
JOptionPane with username and password input
JDesktopPane resize
Writing ico files java
maven Could not transfer artifact, Not authorized, ReasonPhrase:Unauthorized
SQOOP SQLSERVER Failed to load driver " appropriate connection manager is not being set"
In the Java install directory, why are there multiple java.exe files?
Java getMethod with subclass parameter
Hibernate session thread safety

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!