Thanks Gary!
http://www.simisen.com/jmg/pmwiki/pmwiki.php?n=Main.GNUJavaOnFedora
---John
--- Gary Benson gbenson@redhat.com wrote:
John M. Gabriele wrote:
--- Gary Benson gbenson@redhat.com wrote:
John M. Gabriele wrote:
I noticed there's a tomcat user on my system:
[root@localhost ~]# cat /etc/passwd | grep tom tomcat:x:91:91:Tomcat:/usr/share/tomcat5:/bin/sh
I'm just getting started using Tomcat on FC4.
Should I be su'ing to tomcat to work with files in (and copy files into) /var/lib/tomcat5?
Or do I work in there as root, then chown -R everthing to root:tomcat when I'm done?
Neither, ideally. You should be able to work as root and leave the files owned as root. Or as any other user: I'll often create a directory /var/lib/tomcat5/webapps/whatever and chown it gary.gary, and then just work in there under my normal login.
What's the purpose of having a "tomcat" user on the system at all?
Most things that run as daemons have their own user, to limit the effects of security vulnerabilities. Malicious code inserted into a daemon running as root can do _anything_. Malicious code inserted into a daemon running as an unprivileged user can only do what that user can do, which should ideally be as little as possible.
Daemons historically ran as root, but those that still do are a security nightmare.
What's the point of having those links in /usr/share/tomcat5?
Because Tomcat expects to run out of one directory, but the FHS dictates that the various different files in that directory should live in various different places on the filesystem.
Cheers, Gary
-- fedora-devel-java-list mailing list fedora-devel-java-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-java-list
____________________________________________________ Start your day with Yahoo! - make it your home page http://www.yahoo.com/r/hs