websphere 操作系统用户创建文件夹和写入文件需要哪些 Linux 权限？

发布于 2024-11-26 11:20:02 字数 526 浏览 1 评论 0原文

我们最近安装的网络应用程序遇到了问题。

它允许用户上传文件并将其保存到操作系统中的目录中。我们已要求安全人员将 websphere 用户添加到目标路径组中，该路径具有 770 权限。

应该可以了，如果我们用websphere用户登录机器，我们就可以在该路径下创建文件夹和文件；但我们的 java web 应用程序无法创建目录并且失败。

不幸的是，没有抛出异常，失败的方法首先使用 File.isDirectory() 检查此目录是否存在，如果返回 false，则尝试使用 File.mkdirs( ）。

未创建该目录，因此会向用户显示自定义错误消息。日志中没有其他线索。

我尝试在我的本地 Linux 笔记本电脑中重现该问题，并与用户和组进行交互，我发现权限的更改在新会话启动之前不会生效，但我不确定这如何影响我们部署的java web 应用程序以及需要做什么才能使权限有效。

我还确信这些文件是用 websphere 用户编写的，因为该应用程序已在不同的路径中写入了一些文件。

有人遇到过类似的事情吗？

谢谢

原文

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

春庭雪 2024-12-03 11:20:02

chown 似乎是一个解决方案。

更新：

另一个解决方案是检查 java 客户端的“文件权限策略”(参见）。

Java 2 安全性使用多个策略文件来确定为每个 Java 程序授予的权限。
有关 WebSphere® Application Server 支持的可用策略文件的列表，请参阅 Java 2 安全策略文件。

* The client.policy file is a default policy file that is shared by all of the WebSphere Application Server client containers and applets on a node.
* The union of the permissions that is contained in the java.policy file and the client.policy file are given to all of the client containers for WebSphere Application Server and applets running on the node.
* The client.policy file is not a configuration file that is managed by the repository and the file replication service. Changes to this file are local and do not replicate to the other machine.
* The client.policy file supplied by WebSphere Application Server is located in the profile_root/properties/client.policy.
* If the default permissions for a client (union of the permissions defined in the java.policy file and the client.policy file) are enough, no action is required. The default client policy is picked up automatically.
* If a specific change is required to some of the client containers and applets on a node, modify the client.policy file with the Policy Tool. Refer to Using PolicyTool to edit policy files for Java 2 security, to edit policy files. Changes to the client.policy file are local for the node.

我希望它对你有帮助。

chown seems to be a solution.

UPDATE:

Another solution is to check the 'file permission policy' for the java client (see).

Java 2 security uses several policy files to determine the granted permission for each Java program.
For the list of available policy files that are supported by WebSphere® Application Server, see Java 2 security policy files.

* The client.policy file is a default policy file that is shared by all of the WebSphere Application Server client containers and applets on a node.
* The union of the permissions that is contained in the java.policy file and the client.policy file are given to all of the client containers for WebSphere Application Server and applets running on the node.
* The client.policy file is not a configuration file that is managed by the repository and the file replication service. Changes to this file are local and do not replicate to the other machine.
* The client.policy file supplied by WebSphere Application Server is located in the profile_root/properties/client.policy.
* If the default permissions for a client (union of the permissions defined in the java.policy file and the client.policy file) are enough, no action is required. The default client policy is picked up automatically.
* If a specific change is required to some of the client containers and applets on a node, modify the client.policy file with the Policy Tool. Refer to Using PolicyTool to edit policy files for Java 2 security, to edit policy files. Changes to the client.policy file are local for the node.

I hope it helps you.

回复收藏 0 原文

~没有更多了~