apache, tomcat6 not as root user

Hi,

I have installed and am running: apache2, tomcat6 and ant 1.8.

my question is; how can i run these NOT as root?

all the permissions are root, because Yast requires you to log in as root and download them.

i dont want to run a webserver or app server as root, for security reasons.

how easy is it, and how, do i go about getting this type of software running as a non root user?

regards, samwootton

In order to run Apache on port 80 you will need to run it as root. Anything under 1024 is a privileged port.

Apache has a large amount of security measures in place which makes it safe to run as root. All Apache connection are made through the Apache user. (I believe this is wwwrun as default)

Although, this doesn’t answer your question, if you want Apache on port 80 I don’t think you can run it on anything else but root. There probably is a way to allow port 80 to be opened by a user but I am not aware of this procedure.

Tomcat can definitely be ran by a different user than root. This I would recommend. It as simple as:

  1. Adding a new Tomcat user and set its home directory to Tomcat directory
  2. Set the permissions of Tomcat directory to allow for Tomcat user.
  3. Run startup / shutdown scripts using the Tomcat user.

Hi, thanks for your reply and apologies for my late response.

How can i install, e.g. tomcat not as root? Yast always requires root details.

On the whole, i would like as little as possible to be installed with root permissions. How can i do this?

I dont want to “sudo” everytime i want to e.g. run an ant script to buld a webapp, or if i wanted to set up a virtual host etc.

I would like to house keep and run these servers as an administrator not as root.

Regards, samwootton

You could run the build script as the tomcat user.

Hi,

If i have used Yast (which i need root user), then tomcat and its scripts etc, are all installed as root.

I have a database that requires user “informix”, when tomcat (running as root) tries to connect, it fails.

I really need to have tomcat running / set up not as root. I have it running on port 8080.

There must be a way. JUst because i used Yast - does that mean i can only have webapp permissions running as root?

Seems like a bit of an obvious restriction?

Regards, samwootton

Just because a file is owned by root does not mean it is run as root. It is run by the user that starts it if the permissions allow it. Almost all programs are installed with root ownership but permissions are set for at least some subset of users to run them. If the ownership was to a single user only that user could run them unless they give permission to other users to run them. So don’t confuse ownership with the permissions a program runs under.