aspose file tools*
The moose likes Linux / UNIX and the fly likes linux, tomcat and upload tmp-files Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » Linux / UNIX
Bookmark "linux, tomcat and upload tmp-files" Watch "linux, tomcat and upload tmp-files" New topic
Author

linux, tomcat and upload tmp-files

nimo frey
Ranch Hand

Joined: Jun 28, 2008
Posts: 580
Hello,

I run a java-websystem in tomcat under linux
and have a page for uploading items
and storing it (via mysql) as a blob in the database.


As the blobs are big, I create tmp-files via "java.io.File.createTempFile" to upload these items.

In Windows, the websystem works without problems and tmp-files can be created.

But in Linux, the site for uploading items works not, because of the error:

"Could not create tmpfile"

So I guess, it is a security-restriction under linux.

How can I solve it?
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 16305
    
  21

First, determine where the temp files are being uploaded. By default, it should be TOMCAT_HOME/temp, but it can be changed, including at the app level.

The temp directory must be writeable by the userid that Tomcat is running under. As far as I can recall, there shouldn't be any selinux issues with Tomcat, so only the basic file access rights need to be verified.


Customer surveys are for companies who didn't pay proper attention to begin with.
nimo frey
Ranch Hand

Joined: Jun 28, 2008
Posts: 580
hello,

I use "java.io.File.createTempFile":

according to api:

java.io.File.createTempFile(String prefix, String suffix)
Creates an empty file in the default temporary-file directory, using the given prefix and suffix to generate its name.


So the default temporary-file directory in linux is root/TMP ?

Does using java.io.File.createTempFile(String prefix, String suffix) store the tmp files ins TOMCAT_HOME/temp ?

Would it be enough to make in linux something like



Or what should I do?
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 16305
    
  21

nimo frey wrote:hello,

So the default temporary-file directory in linux is root/TMP ?


No, it's the directory defined by the system property "java.io.tmpdir". Which they didn't document in java.io.File. Well, technically, it's a JVM parameter, but still...

The JVM designer picks the default value for that path, and in Unix/Linux, it would usually be "/tmp". When tomcat starts, it assigns that property to point to its own temp directory. Note that you can't just arbitrarily reassign this value at runtime. There are certain limitations, but I couldn't locate the docs. It doesn't matter here, anyway. You can override Tomcat's choice and I have done so, but in most cases it's not necessary.

Yes, a "chmod 755" is what my copy of tomcat has assigned to my TOMCAT_HOME/temp directory.
nimo frey
Ranch Hand

Joined: Jun 28, 2008
Posts: 580
hello tim,

thanks for helping!

My root/tmp has this:




My tomcats tmp-directory is linked to:

where:

- var directory has this:



- tomcat6-directory has this:



- temp-directory has this:


And my tomcat-users.xml looks like this:



So now my question:

How do I secure, that tomcat can access the tmp-directory ?
Should I add:


where "root" is the user of my linux-system?
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 16305
    
  21

tomcat-users.xml has nothing at all to do with tempfiles. It's just a database for the Tomcat Memory Security Realm. It supports J2EE container-based security, and only does that if you enable it.

Your file access rights should be sufficient unless selinux is getting annoyed (look in /var/log/audit/audit.log if you're running a Red Hat-like system).

But it's not really a good practice to run Tomcat (or any other server) as root. Your directory setup looks like it may have been created by the RHEL J2EE RPMs, and if that's the case, there should have been a "tomcat" user created the init-script startup should be running Tomcat under that user ID.

Some people have had problems in cases like that, where Tomcat was started at different times under the root and private accounts. That's because if Tomcat creates resources while running as root, the private account can't delete/replace the old work/temp/deployed files.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: linux, tomcat and upload tmp-files