It is very likely that you will not want to have the Geronimo server process under the super user root. The following are a series of simple steps for changing the ownership and permissions for the required files in order to run Geronimo with a different user.

The following tasks should be performed while logged as root or a user with enough access rights.

  1. create a new user (i.e. gmo) and add it to a specific user group. You could use the predefined www user group for instance.
  2. edit the .bashrc for the user you just created and add the PATH and JAVA_HOME variables:
    PATH=$PATH:<java_home>/bin
    export PATH
    JAVA_HOME=<java_home>
    export JAVA_HOME
  3. change the user group to all the subdirs in <geronimo_home>
    chown -R root:www <geronimo_home>
  4. create a deploy directory within the <geronimo_home> directory structure.
  5. change the access permissions to the following directories
    chmod -R 774 <geronimo_home>/bin
    chmod -R 774 <geronimo_home>/deploy
    chmod -R 774 <geronimo_home>/repository
    chmod -R 774 <geronimo_home>/var
  6. login as the new user (i.e. gmo)
  7. cd <geronimo_home>/bin
  8. ./geronimo.sh run

You are now able to run and deploy applications with a user other than root.

  • No labels