Permission issues with tomcat

server permissions tomcat tomcat7

53,069

I noticed two problems here.

Two lines in the error log stood out to me:

SEVERE: Cannot find specified temporary folder at /var/lib/tomcat7/temp

and:

java.io.FileNotFoundException: /var/lib/tomcat7/conf/tomcat-users.xml (Permission denied)

Doing a bit of diagnosis with Lucio, I figured out that the tomcat-users.xml file was not owned by Tomcat, but instead root. Change the permissions to the proper ones by running the command:

sudo chown tomcat7:tomcat7 /var/lib/tomcat7/conf/tomcat-users.xml

Also, create the folder /var/lib/tomcat7/temp with tomcat permissions, like so:

sudo mkdir /var/lib/tomcat7/temp && sudo chown -R tomcat7:tomcat7 /var/lib/tomcat7/temp

Finally, fixing the logs should be done by making /var/lib/tomcat7/logs owned by the tomcat7 user/group. The /var/log/tomcat7/ should also be owned by the tomcat7 user AND group.

53,069

Lucio

Web Developer building cool stuff on Spotify! Do you like recursion? Enjoy it! Full Profile

Updated on September 18, 2022

Comments

Lucio over 1 year

I installed Tomcat 7 following the Ubuntu guide. The server is working and gives me the "It works!" page on http://localhost:8080/.

Now I want to setup my own webapp using Netbeans. I generated a new Web Project with Java EE 6 and Tomcat 7. The user is on the /var/lib/tomcat7/conf/tomcat-users.xml file properly configured.

When I run the project everything seems ok, but when I open the browser it displays a 500 error.

The Tomcat output mentions permission errors trying to access tomcat7/logs and
The IDE logs trying to access tomcat7/conf.

Files permissions:

lucio@lucio-pc:/$ ll /var/lib/tomcat7/logs
lrwxrwxrwx 1 root root 17 jul 24 18:07 /var/lib/tomcat7/logs -> ../../log/tomcat7/
lucio@lucio-pc:/$ ll /var/log/tomcat7/
total 136
drwxr-x---  2 tomcat7 adm      4096 ago 28 10:50 ./
drwxrwxr-x 15 root    syslog   4096 ago 28 09:29 ../
-rw-r--r--  1 tomcat7 tomcat7   800 ago 26 17:23 catalina.2014-08-26.log.gz
-rw-r--r--  1 tomcat7 tomcat7  5173 ago 27 21:59 catalina.2014-08-27.log
-rw-r--r--  1 tomcat7 tomcat7 31285 ago 28 10:36 catalina.2014-08-28.log
-rw-r--r--  1 tomcat7 root    44192 ago 28 10:36 catalina.out
-rw-r--r--  1 tomcat7 tomcat7    45 ago 26 16:19 localhost.2014-08-26.log.gz
-rw-r--r--  1 tomcat7 tomcat7     0 ago 27 11:15 localhost.2014-08-27.log
-rw-r--r--  1 tomcat7 tomcat7   433 ago 28 09:49 localhost.2014-08-28.log
-rw-r--r--  1 tomcat7 tomcat7  7435 ago 26 17:23 localhost_access_log.2014-08-26.txt
-rw-r--r--  1 tomcat7 tomcat7     0 ago 27 11:15 localhost_access_log.2014-08-27.txt
-rw-r--r--  1 tomcat7 tomcat7 15186 ago 28 09:58 localhost_access_log.2014-08-28.txt

I don't understand why can't access the files, you can see that the user and group tomcat7 has permissions to the files. Is there a user for the JVM that needs privileges over the files?

I also tried changing files ownerships as mentioned here but it doesn't change at all.

The /etc/default/tomcat7 file has:

TOMCAT7_USER=tomcat7
TOMCAT7_GROUP=tomcat7

So I guess it is running as tomcat7 user.

I added my user into the tomcat7 group:

sudo usermod -aG tomcat7 $USER

And then restarted the machine, but the problem persist.

Lucio over 9 years

For me, changing the permissions on the tomcat-user.xml file was enough. Doing the same for the logs didn't worked but the application is running anyway :-)