John M. Gabriele wrote: > I noticed there's a tomcat user on my system: > > [root@localhost ~]# cat /etc/passwd | grep tom > tomcat:x:91:91:Tomcat:/usr/share/tomcat5:/bin/sh > > I'm just getting started using Tomcat on FC4. > > Should I be su'ing to tomcat to work with files > in (and copy files into) /var/lib/tomcat5? > > Or do I work in there as root, then chown -R > everthing to root:tomcat when I'm done? Neither, ideally. You should be able to work as root and leave the files owned as root. Or as any other user: I'll often create a directory /var/lib/tomcat5/webapps/whatever and chown it gary.gary, and then just work in there under my normal login. Incidentally, does anyone know why the example webapps are chgrp tomcat? It seems to have been done in order to giving the server write access to its webapps, but allowing the server write into classloader directories seems to me like an open invitation for vulnerabilities and I'd like to remove it. Cheers, Gary
