336342 – setuid documentation is not complete.

Bug 336342 - setuid documentation is not complete.

Summary: setuid documentation is not complete.

Status:	CLOSED FIXED

Alias:	None

Product:	Jetty
Classification:	RT
Component:	server (show other bugs)
Version:	7.2.2
Hardware:	PC Linux

Importance:	P3 normal (vote)
Target Milestone:	7.2.x
Assignee:	Shirley Boulay
QA Contact:

URL:
Whiteboard:
Keywords:	Documentation

Depends on:
Blocks:

Reported:	2011-02-04 09:06 EST by valentino miazzo
Modified:	2011-09-20 16:36 EDT (History)
CC List:	2 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description valentino miazzo

2011-02-04 09:06:07 EST

Build Identifier: jetty-distribution-7.2.2.v20101205.tar.gz

It took me a while to have setuid working as explained in http://wiki.eclipse.org/Jetty/Howto/Port80#Using_Jetty.27s_setuid_feature .

Note: on Linux you want to use 'service jetty' (alias bin/jetty.sh) and not use directly the command line.

Basically, adding to start.ini the 'etc/jetty-setuid.xml' is not enough.

You must add '--pre=etc/jetty-setuid.xml' to start.ini .
Alternatively, you can add '--pre=etc/jetty-setuid.xml' to $JETTY_ARGS in /etc/default/jetty .
Another option is to add in etc/jetty.conf the line '--pre=etc/jetty-setuid.xml' before '--pre=etc/jetty-logging.xml' .

In this way the the Object with id 'Server' is created as an instance of org.mortbay.setuid.SetUIDServer before etc/jetty-logging.xml could instantiate it as an instance of org.eclipse.jetty.server.Server.

I think this should be document.

Reproducible: Always

Steps to Reproduce:
1. Follow http://wiki.eclipse.org/Jetty/Howto/Port80#Using_Jetty.27s_setuid_feature
2. Place 'etc/jetty-setuid.xml' in start.ini
2. service jetty start

Result:
a. Jetty creates temporary folders as root 
b. Jetty switches to jetty user
c. Jetty tries to write compiled JSP pages on the temporary folders but it ahs not the rights to do it.

Comment 1 Greg Wilkins

2011-02-23 00:24:42 EST

I think you need to prepend etc/jetty-setuid.xml if you are editing start.ini.

But we will update the doco.

Comment 2 Shirley Boulay

2011-03-04 16:38:31 EST

(In reply to comment #1)
> I think you need to prepend etc/jetty-setuid.xml if you are editing start.ini.
> 
> But we will update the doco.

(In reply to comment #1)
> I think you need to prepend etc/jetty-setuid.xml if you are editing start.ini.
> 
> But we will update the doco.

Hi Greg,

I don't know what to do with this:

"Note: on Linux you want to use 'service jetty' (alias bin/jetty.sh) and not use
directly the command line."

or where in start.ini to put this (although I did take a stab at it):

--pre=etc/jetty-setuid.xml

or what to do with this:

"I think you need to prepend etc/jetty-setuid.xml if you are editing start.ini."

Other than that, there's a decent doc to review at 
http://wiki.eclipse.org/Jetty/Howto/Port80

Thanks,
sb

Comment 3 Jesse McConnell

2011-09-20 16:36:38 EDT

generally we should be driving people towards modifying the start.ini file and rejiggering the order to the xml files at the bottom there...

but I'll close this for now since the docs do exist