如何允许Tomcat War应用程序在文件夹中写入
我想为我的web应用程序部署为战争root.war以写入/var/var/www/html/static/static/images,以便它可以写入上载并将其转换为该文件夹,因此Nginx可以静态地使用。当前,它不起作用,并且触发java.nio.file.filesystemexception异常以及filesystem均已读取消息。
但是文件系统不是只读的,并且状况良好。该文件夹已经是chmod ded 777。
额外信息: Tomcat设置正在使用带有托管磁盘的Ubuntu 18.04 Azure VM运行。该文件夹位于Ext4格式驱动器上
I'd like for my webapp which is deployed as a war ROOT.war to have write access to /var/www/html/static/images so that it can write uploaded and converted images to that folder so nginx can serve it statically. Currently it doesn't work and triggers a java.nio.file.FileSystemException exception together with the Filesystem is read-only message.
But the filesystem is not read-only and is in great condition. The folder has already been chmodded 777.
Extra info:
The tomcat setup is running on an Ubuntu 18.04 Azure VM with managed disk. The folder is residing on an Ext4 formatted drive
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
让我们从:
CHMOD 777非常适合测试,但绝对不适合现实世界,您不应该习惯这种设置。宁愿在授予世界写入权限之前正确设置所有者/组。编辑:一个类似的问题刚刚出现在Tomcat邮件列表上,Emmanuel Bourg指出 Debian Tomcat是由Systemd 打磨的。阅读您的/usr/usr/usr/share/doc/doc/doc/tomcat9/readme。 Debian 包含此段落:
Edit 2022:请注意,这些是2019年路径 - 验证以后版本的文件位置。从评论到这个答案(谢谢 v h and ng sek long)这里有一些更新:
编辑结束,继续段落无法解决OP的问题,但应该留在:
如果 - 所有事物都经过测试-Tomcat 应该是否有对该目录的写入访问权限,但没有它,错误消息将我指向一个假设:
是没有写入的?
NFS的默认配置是根部在该外部文件系统上没有任何权限(或者 匹配您正在运行的内容,您应该停止以root 的态度运行tomcat,而宁愿将其作为无私人用户运行。然后,您可以将有关目录上的权限设置为可以由tomcat-user编写的权限,并且可以由Nginx读取,并且完成了。
作为root运行tomcat是灾难的秘诀:您不希望从Internet可用的过程作为root运行。
如果这些条件不符合您的配置:对配置进行详细说明。我仍然为其他可能在以后找到这个问题/答案的人坚持此描述。
Let's start with:
chmod 777is great for testing, but absolutely unfit for the real world and you shouldn't get used to this setting. Rather set the owner/group correctly, before you give world write permissions.Edit: A similar question just came up on the Tomcat mailing list, and Emmanuel Bourg pointed out that Debian Tomcat is sandboxed by systemd. Read your /usr/share/doc/tomcat9/README.Debian which contains this paragraph:
Edit 2022: Note that these are the 2019 paths - validate the file locations for later versions. From the comments to this answer (thank you to V H and Ng Sek Long) here are some updates:
End of edit, continuing with the passage that didn't solve OP's problem, but should stay in:
If - all things tested - Tomcat should have write access to that directory, but doesn't have it, the error message points me to an assumption: Could it be that
The default configuration for NFS is that root has no permissions whatsoever on that external filesystem (or was it no write-permission? this is ancient historical memory - look up "NFS root squash" to get the full story)
If this is a condition that matches what you are running, you should stop running Tomcat as root, and rather run it as an unprivileged user. Then you can set the permissions on the directory in question to be writeable by your tomcat-user, and readable by nginx, and you're done.
Running Tomcat as root is a recipe for disaster: You don't want a process that's available from the internet to run as root.
If these conditions don't meet your configuration: Elaborate on the configuration. I'd still stand by this description for others who might find this question/answer later.