This Confluence has been LDAP enabled, if you are an ASF Committer, please use your LDAP Credentials to login. Any problems file an INFRA jira ticket please.

Child pages
  • Running Geronimo as a non-root user
Skip to end of metadata
Go to start of metadata

It is very likely that you will not want to have the Geronimo server process under the super user root. The following are a series of simple steps for changing the ownership and permissions for the required files in order to run Geronimo with a different user.

The following tasks should be performed while logged in as root or a user with enough access rights.

  1. Create a new user (i.e. gmo) and add it to a specific user group. You could use the predefined www user group for instance.
  2. Edit the .bashrc for the user you just created and add the PATH and JAVA_HOME variables:
        export PATH
        export JAVA_HOME
  3. Change the user group to all the subdirs in <geronimo_home>
    chown -R root:www <geronimo_home>
  4. Create a deploy directory within the <geronimo_home> directory structure.
  5. Change the access permissions to the following directories
        chmod -R 774 <geronimo_home>/bin
        chmod -R 774 <geronimo_home>/deploy
        chmod -R 774 <geronimo_home>/repository
        chmod -R 774 <geronimo_home>/var
  6. Login as the new user (i.e. gmo)
  7. Start the server
    cd <geronimo_home>/bin
    ./ run 

You are now able to run and deploy applications with a user other than root.

  • No labels