Running Geronimo as a non-root user
Skip to end of metadata
Go to start of metadata

It is very likely that you will not want to have the Geronimo server process under the super user root. The following are a series of simple steps for changing the ownership and permissions for the required files in order to run Geronimo with a different user.

The following tasks should be performed while logged in as root or a user with enough access rights.

  1. Create a new user (i.e. gmo) and add it to a specific user group. You could use the predefined www user group for instance.
  2. Edit the .bashrc for the user you just created and add the PATH and JAVA_HOME variables:
  3. Change the user group to all the subdirs in <geronimo_home>
    chown -R root:www <geronimo_home>
    
  4. Create a deploy directory within the <geronimo_home> directory structure.
  5. Change the access permissions to the following directories
        chmod -R 774 <geronimo_home>/bin
        chmod -R 774 <geronimo_home>/deploy
        chmod -R 774 <geronimo_home>/repository
        chmod -R 774 <geronimo_home>/var
    
  6. Login as the new user (i.e. gmo)
  7. Start the server
    cd <geronimo_home>/bin
    ./geronimo.sh run 
    

You are now able to run and deploy applications with a user other than root.

Labels
  • No labels