Bug#554853: [jetty-user] Running Jetty on port 80 with SetUIDServer

Pablo Duboue pablo.duboue at gmail.com
Wed Feb 17 01:52:08 UTC 2010 

On Monday 15 February 2010, you wrote:
> Hello,
> 
> I've been struggling to run Jetty on port 80 using the setuid feature
> documented here: http://docs.codehaus.org/display/JETTY/port80. This is on
>  a 64bit version of Ubuntu 9.10 on an EC2 instance. Per the documentation
>  at /usr/share/doc/jetty/README.Debian, I have installed the following
>  packages:
> 
> jetty
> libjetty-java
> libjetty-extra-java

Hi Mike,

I'm part of debian-java, the team that packaged Jetty for Debian (and I guess 
Ubuntu). Which version are you using? You seem to have a case for Debian bug 
#554853

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=554853

the original submitter never followed up with us.

I'm cc:ing the bug to add your e-mail to our BTS.

I'd love to close this bug and to put information in the README.Debian that 
makes clear how to go about this.

> Next, I edit /etc/default/jetty and set the following options:
> 
> NO_START=0
> JETTY_USER=root
> JETTY_PORT=80
> 
> /etc/jetty/jetty.conf contains the following (jetty-setuid.xml is first,
>  per the documentation):
> 
> # list of jetty configuration and property files
> /etc/jetty/jetty-setuid.xml
> /etc/jetty/jetty-logging.xml
> /etc/jetty/jetty.xml
> /etc/jetty/jetty-shared-webapps.xml
> 
> /etc/jetty/jetty-setuid.xml contains the following. Note that I had to use
> the uid and gid *numbers* for the jetty user (rather than the actual
> user/group names) in order to avoid a configuration exception:
> 
> <Configure id="Server" class="org.mortbay.setuid.SetUIDServer">
>   <Set name="startServerAsPrivileged">false</Set>
>   <Set name="umask">2</Set>
>   <Set name="uid">110</Set>
>   <Set name="gid">118</Set>
> </Configure>
> 
> Now when I start jetty using "/etc/init.d/jetty start," I get an exception
> in /var/log/jetty/out.log:
> 
> 236 [main] WARN org.mortbay.log - Nested in
> java.lang.reflect.InvocationTargetException: java.io.IOException: Cannot
> write log directory /var/log/jetty
> 
> Permissions for that directory are as follows:
> 
> drwxr-x---  2 jetty    adm    4096 2010-02-15 14:53 jetty
> 
> Obviously, both the root and Jetty user already have write access to this
> directory, but just for fun, I'll chmod it 777. This gets me a little
> further by creating this file:
> 
> -rw-r--r--  1 root  root 1563 2010-02-15 15:01 2010_02_15.stderrout.log
> 
> But it contains another exception:
> 
> 281 [main] WARN org.mortbay.log - failed SetUIDServer at 30ec4a87:
> java.net.SocketException: Permission denied
> 
> Has anyone else gotten this to work? Is there something obvious that I'm
> doing wrong?
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.alioth.debian.org/pipermail/pkg-java-maintainers/attachments/20100216/843d0252/attachment.pgp>

More information about the pkg-java-maintainers mailing list