All geek questions in one place

Best way to set unix permissions when deploying a war file

We have a provider application in which we download their updates and deploy the war file. We deploy the war file on a unix application server running on a 9ac application server. I believe that when we deploy a war file, we remove the previous installation and then deploy a new war file. When we deploy a war file, sometimes we have to manually set the permissions of unix files for the class and other files. We do this, so all unix user IDs can run the processes they need. Is there a better way to do this?

+4
source share
3 answers

Based on your answer to Stephen's answer, how about setting umask to 000 for a user who is deploying a war file? (This will be an oracle, the umask variable is often set to this user's .profile.) Umask (which is now probably set to 027) masks file permissions, 000 does not mask anything, which leads to permissions for others.

-1
source

I don’t know much about OAS ... but I would suggest that files unpacked from a war file will belong to and be accessible to the user, how OAS works. It is not right? Can you explain a little more about what is actually happening or why is this a problem?

Following your additional comments below ...

It looks like your security model is simply not quite right: you are linking OAS and its data to the dba group, but some dependencies of OAS (and its data) are not in this group. I have a few suggestions:

  • Create a new group for OAS and its dependencies and evaluate which users in the dba group should also be in this group. If necessary, save the OAS user in the dba group.
  • Deploy the war file with a script that waits for the deployment to complete and changes the permissions for you.
  • Fix your dependencies. Sounds such as some of the classes in a war file should rather be deployed elsewhere β€” outside the application context β€” and are listed there. They can then have a new, more suitable group to which you add the batch process user and OAS user.
0
source

Just a few tips: Unable to set file permissions in war / jar.

Permissions depend on the user of the umask oracle. Change it and you will all tune in.

Is there a way to keep the war packed?

0
source

Source: https://habr.com/ru/post/1306814/

More articles:


All Articles