Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place! |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
10-14-2006, 11:36 AM
|
#1
|
Member
Registered: Aug 2003
Distribution: Red Hat RHEL WS 3, RHEL WS 4
Posts: 228
Rep:
|
ownership of symbolic links
I've got a directory inside /opt called apache-tomcat-5.5
I've created a symbolic link to the directory
Code:
ln -s apache-tomcat-5.5 tomcat
So now when I list ls -l I see
Code:
root root apache-tomcat-5.5
root root tomcat
I want to change the ownership of the symbolic link in addition to the actual directory. But I can't.
Code:
chown -R developer:developer apache-tomcat-5.5
chown -Rv developer:developer tomcat
output is : changed ownership of '/opt/tomcat' to developer:developer
but after ls -l I see
Code:
developer developer apache-tomcat-5.5
root root tomcat
And of course I can't read files inside the apache-tomcat-5.5 even when I am logged in as developer.
WTF ? How do I do it? How do I access apache-tomcat-5.5 using the symlink tomcat as a non root user?
Help is greatly appreciated. Thanks.
|
|
|
10-14-2006, 12:42 PM
|
#2
|
Member
Registered: Sep 2005
Location: US
Distribution: Gentoo AMD64 Testing
Posts: 129
Rep:
|
As you will also notice, symbolic links have very strange looking permissions (777), yet everyone is not able to read or write to the linked file.
Permissions or ownership of symbolic links do not make any difference, and they can not be changed after the link is made. Don't worry about it, if you are having problems, then you just need to change the permissions of the file that it is linking to.
As long as all the folders in the path to the folder you want to have access to have the execute bit set, then you should be able to access the directory.
If you are still haveing problems you may want to post the permissions to the folders in question, as I have a feeling that is where the problem is.
Last edited by chadl; 10-14-2006 at 12:44 PM.
|
|
|
11-26-2006, 03:14 PM
|
#3
|
Member
Registered: Aug 2003
Distribution: Red Hat RHEL WS 3, RHEL WS 4
Posts: 228
Original Poster
Rep:
|
Thank you for your response.
I've done ls -l apache-tomcat-5.5 from within /opt and the group and user ownership for every file and subdirectory is developer developer.
But I do appreciate your feedback. Thanks again.
|
|
|
11-26-2006, 03:59 PM
|
#4
|
Senior Member
Registered: Dec 2005
Location: Brisbane, Australia
Distribution: Slackware64 14.0
Posts: 4,141
Rep:
|
What are the permissions (not ownership) of the /opt/apache-tomcat-5.5 directory and the files in it? Also, is it a Linux file system (not something like vfat)? chadl is correct in that if the link's permissions are rwxrwxrwx then it's not the link stopping you from accessing the contents of /opt/apache-tomcat-5.5
|
|
|
11-26-2006, 05:59 PM
|
#5
|
Member
Registered: Aug 2003
Distribution: Red Hat RHEL WS 3, RHEL WS 4
Posts: 228
Original Poster
Rep:
|
The permissions of apache-tomcat-5.5 and all of the files within it are rwxrwx---. So I guess it's not the link that's stopping me. What could it be?
|
|
|
11-27-2006, 01:21 PM
|
#6
|
Senior Member
Registered: Dec 2005
Location: Brisbane, Australia
Distribution: Slackware64 14.0
Posts: 4,141
Rep:
|
What happens when you run the following (can you copy/paste the output into your reply)?
Code:
su - developer
cd /opt/apache-tomcat-5.5
ls -l /opt/apache-tomcat-5.5
cd /opt/tomcat
ls -l /opt/tomcat
|
|
|
11-27-2006, 08:42 PM
|
#7
|
Member
Registered: Aug 2003
Distribution: Red Hat RHEL WS 3, RHEL WS 4
Posts: 228
Original Poster
Rep:
|
Thanks for your reply. It got me thinking about what it was I should really be doing...
The objective is .. 1) To install tomcat into the /opt directory, which is owned by root, 2) to symlink it so that when I install upgrades I only need to change the symbolic link and 3) to be able to manage the server as my own user, rather than logging in or switching to root each time I wish to start/stop tomcat.
So what I did was to create a user and a group, both named "developer". The user has no home directory. ( I wonder if I needed to create this user..) I made developer, myself, and root as members of the group developer. And I've tried to offer group ownership of tomcat to developer so that I could access it.
Here is the output from what you asked me to do...
Code:
[me@localhost ~]$ su - developer
Password:
su: warning: cannot change directory to : No such file or directory
-bash-3.00$ cd /opt/apache-tomcat-5.5.20
-bash-3.00$ ls -l /opt/apache-tomcat-5.5.20
total 120
drwxrwx--- 2 developer developer 4096 Oct 20 09:25 bin
drwxrwx--- 6 developer developer 4096 Oct 14 12:12 common
drwxrwx--- 3 developer developer 4096 Nov 1 13:45 conf
-rwxrwx--- 1 developer developer 11357 Sep 12 09:12 LICENSE
drwxrwx--- 2 developer developer 4096 Nov 1 12:15 logs
-rwxrwx--- 1 developer developer 688 Sep 12 09:12 NOTICE
-rwxrwx--- 1 developer developer 6744 Sep 12 09:10 RELEASE-NOTES
-rwxrwx--- 1 developer developer 6964 Sep 12 09:12 RUNNING.txt
drwxrwx--- 5 developer developer 4096 Sep 12 09:10 server
drwxrwx--- 4 developer developer 4096 Sep 12 09:10 shared
drwxrwx--- 2 developer developer 4096 Oct 14 09:24 temp
drwxrwx--- 10 developer developer 4096 Nov 1 13:45 webapps
drwxrwx--- 3 developer developer 4096 Oct 14 11:07 work
-bash-3.00$ cd /opt/tomcat
-bash-3.00$ ls -l /opt/tomcat
lrwxrwxrwx 1 root root 20 Oct 14 10:19 /opt/tomcat -> apache-tomcat-5.5.20
-bash-3.00$
...I've done this before, I can't remember how I did it, but at one time I was able to get this to work.
|
|
|
11-27-2006, 10:08 PM
|
#8
|
Senior Member
Registered: Dec 2005
Location: Brisbane, Australia
Distribution: Slackware64 14.0
Posts: 4,141
Rep:
|
If I understand what you're trying to do, you need to set the group sticky bit on the directories. That way, when members of the developer group modify files, the group membership of the file stays as developer and other members of the group can modify the files. Running the following as root, will set the modified permissions:
Code:
find /opt/apache-tomcat-5.5 -type d -exec chmod -c g+s {} \;
|
|
|
11-30-2006, 12:58 PM
|
#9
|
Member
Registered: Aug 2003
Distribution: Red Hat RHEL WS 3, RHEL WS 4
Posts: 228
Original Poster
Rep:
|
Thanks again for your help.
I switched to root user, changed directory into /opt and entered the command into the shell as you instructed.. ( That's cool, running an exec command inside find like that. Never knew. *Learning Every day* )
What I saw was the following printed to the console for every file within /opt/apache..
Code:
mode of ' <full path to filename> ' changed to 2770 (rwxrws---)
That looked promising. So I restarted the computer and logged into my own non-administrator account and tried to execute a file which was a symbolic link to the startup file inside the tomcat directory. And the following was the result.
Code:
Using CATALINA_BASE: /opt/tomcat
Using CATALINA_HOME: /opt/tomcat
Using CATALINA_TMPDIR: /opt/tomcat/temp
Using JRE_HOME: /usr/java/jdk1.5.0_06
touch: cannot touch '/opt/tomcat/logs/catalina.out': Permission denied
/opt/tomcat/bin/catalina.sh: line 258: /opt/tomcat/logs/catalina.out: Permission denied
|
|
|
11-30-2006, 01:16 PM
|
#10
|
Senior Member
Registered: Dec 2005
Location: Brisbane, Australia
Distribution: Slackware64 14.0
Posts: 4,141
Rep:
|
That command was run as the user developer, is that right? That's similar to how I start Tomcat on my system. My Tomcat directory is owned by my jakarta user and the startup script runs this way:
Code:
/bin/su - jakarta -c /usr/local/bin/start-tomcat.sh
That script contains:
Code:
#!/bin/sh
export CATALINA_BASE=/usr/local/apache-tomcat
export CATALINA_HOME=/usr/local/apache-tomcat
export JAVA_HOME=/usr/local/jdk
/usr/local/apache-tomcat/bin/startup.sh
If you run su - develop can you manually run touch /opt/tomcat/logs/catalina.out? That will at least identify whether something strange is happening with that account.
|
|
|
11-30-2006, 08:51 PM
|
#11
|
Member
Registered: Aug 2003
Distribution: Red Hat RHEL WS 3, RHEL WS 4
Posts: 228
Original Poster
Rep:
|
Thanks again for your posts..
Quote:
Originally Posted by gilead
That command was run as the user developer, is that right?
|
Actually no, I ran that while I was logged in as myself. I assumed that since I was part of the developer group that I could do that.. But I'm confused about things..
Quote:
Originally Posted by gilead
That's similar to how I start Tomcat on my system. My Tomcat directory is owned by my jakarta user and the startup script runs this way:
Code:
/bin/su - jakarta -c /usr/local/bin/start-tomcat.sh
That script contains:
Code:
#!/bin/sh
export CATALINA_BASE=/usr/local/apache-tomcat
export CATALINA_HOME=/usr/local/apache-tomcat
export JAVA_HOME=/usr/local/jdk
/usr/local/apache-tomcat/bin/startup.sh
|
I tried to reproduce what you have done using my own setup but it didn't work, but the idea looks good. So I went back and reviewed something I had found on the web a while ago - Installing Tomcat - Running Tomcat as Non-Root User. Section 3.5 here...
http://www.linux-sxs.org/internet_serving/c140.html
Quote:
Originally Posted by gilead
If you run su - develop can you manually run touch /opt/tomcat/logs/catalina.out? That will at least identify whether something strange is happening with that account.
|
That's a good idea, I'll try that next. And I'm also going to read up a bit on groups and permissions and ownerships because I don't understand why this isn't working. But yeah maybe the developer account itself is toast. In the meantime, thanks again.
Last edited by lel800; 11-30-2006 at 08:52 PM.
|
|
|
07-04-2007, 08:20 AM
|
#12
|
LQ Newbie
Registered: Jan 2006
Location: Bulgaria
Distribution: Fedora Core 8
Posts: 11
Rep:
|
change with -h
Hi man,
you can try to set the symlink ownership like this
chown -h name:name tom
and it will work i think.
Bye
|
|
1 members found this post helpful.
|
11-11-2008, 04:53 PM
|
#13
|
LQ Newbie
Registered: Oct 2008
Location: Bangalore
Distribution: RHEL 5
Posts: 9
Rep:
|
Thanks a lot man...!
hanks a lot man
it helps me to solve my problem.
|
|
|
06-04-2012, 04:34 PM
|
#14
|
Member
Registered: Sep 2011
Location: /dev/null
Distribution: ubuntu 64bits
Posts: 135
Rep:
|
Quote:
Originally Posted by beji
Hi man,
you can try to set the symlink ownership like this
chown -h name:name tom
and it will work i think.
Bye
|
thanks a lot - helped me either.
|
|
|
All times are GMT -5. The time now is 09:55 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|