[ale] make some apps/scripts run as root
Jim Kinney
jim.kinney at gmail.com
Wed Feb 23 13:32:42 EST 2011
Yes. And websphere runs as a service on developers machine for them to
develop on. Just like X and ssh and all the other "services" that
Linux uses.
777 is a setting that is NEVER used unless you want BAD THINGS to happen.
So just set it to 755 and run from that.
Developers _should_ be writing their app stuff to their own folders
and then deploying onto websphere using the tools in WS.
Alternatively, set up a single internal Websphere server that all
developers can write to and let them use that.
Be sure to read all the setup docs that IBM provides on how to both
admin and develop for WS. They are the best source of of "how do
I...?" answers.
On Wed, Feb 23, 2011 at 1:05 PM, Narahari 'n' Savitha
<savithari at gmail.com> wrote:
>
> See we dont want the Websphere to be running as a service. This Websphere
> is for development and for devleopers.
>
> We dont want to be run as a service. Inface we are going out of the way to
> make it NOT run as a service.
>
> The IDE controls the start and stop of the server based on our development
> needs.
>
> Is that possible to run it in a non-service mode and also can I just do
> chmod 777 on the entire folder I should be set.
>
> -Narahari
>
> On Wed, Feb 23, 2011 at 12:58 PM, Jim Kinney <jim.kinney at gmail.com> wrote:
>>
>> Websphere is a service. It should be run from a startup script in
>> /etc/init.d (see man chkconfig). The normal install will do it for you
>> and all you have to do is start the service.
>>
>> The ide will require a PATH change most likely or at the least a path
>> to the runable binary. If the binary is not already 755 then sudo
>> chmod 755 foo will fix that.
>>
>> On Wed, Feb 23, 2011 at 12:49 PM, Narahari 'n' Savitha
>> <savithari at gmail.com> wrote:
>> > I installed using sudo both Websphere7 and MyEclipseIDE to /opt....
>> > folders.
>> >
>> > Now its allworking fine. I want to be able to be able to allow regular
>> > user
>> > to run the stuff.
>> >
>> > Is it possible that way or, I need to set some mask or umask or change
>> > permissions etc., ?
>> >
>> > -Narahari
>> >
>> > On Wed, Feb 23, 2011 at 8:30 AM, Jim Kinney <jim.kinney at gmail.com>
>> > wrote:
>> >>
>> >> That's the way it works in Linuxland as well. Admin installs
>> >> application and users have access to use it.
>> >>
>> >> The vm stuff will be static - i.e. a single user login unless you have
>> >> some ldap/ad stuff setup inside the vm.
>> >>
>> >> So you create a vm and install as root the apps you need setting stuff
>> >> to run on boot as needed. Now create a simple user inthe vm with a
>> >> disposable password, login and verify that user can do what is
>> >> required. Then you shutdown and copy the vm space. Each developer then
>> >> has their own vmware space and they import the vm you made to their
>> >> space. Once they start your vm, the switch into it, login as the
>> >> preset user and they're back to work.
>> >>
>> >> On Wed, Feb 23, 2011 at 7:05 AM, Narahari 'n' Savitha
>> >> <savithari at gmail.com> wrote:
>> >> > Here is what I want to do.
>> >> >
>> >> > VM = VMWare Server
>> >> > VM Inside = Ubuntu 10.10 64 bit
>> >> >
>> >> > I want to install Websphere 7 inside the VM.
>> >> > Then I want to install the MyEclipse IDE.
>> >> >
>> >> > Then I want to kick start the WebSphere server from inside the IDE
>> >> > (it
>> >> > does
>> >> > this anyways).
>> >> >
>> >> > Once it is all up and runing I plan to distribute the VM to our
>> >> > developers,
>> >> > so we dont have to worry about configuration of IDE's to new folks.
>> >> >
>> >> > If this can be accomplished as a reg user, I am all for it.
>> >> >
>> >> > I thougt that if I do this as superuser then it might be easy to
>> >> > install
>> >> > once and every one gets it.
>> >> > What equivalnce I am looking for is, in Windoze world the LAN admin
>> >> > installs
>> >> > Word as an admin and the next thing you know all users who
>> >> > login to that box get Word as an application and thats what I am
>> >> > trying
>> >> > to
>> >> > accomplish.
>> >> >
>> >> > -Narahari
>> >> > On Tue, Feb 22, 2011 at 6:17 PM, Michael B. Trausch <mike at trausch.us>
>> >> > wrote:
>> >> >>
>> >> >> On Tue, 2011-02-22 at 14:34 -0500, Narahari 'n' Savitha wrote:
>> >> >> > How do I run a few scripts like my IDE launcher, the Websphere
>> >> >> > server
>> >> >> > etc., to run as sudo aka root without prompting me for the
>> >> >> > password
>> >> >> > each time ?
>> >> >>
>> >> >> As Mike W. pointed out, there is little need to run such things as
>> >> >> the
>> >> >> superuser.
>> >> >>
>> >> >> If you need to start a dæmon that needs to listen on a privileged
>> >> >> port,
>> >> >> there are a few ways that you can do this. You can grant the
>> >> >> approriate
>> >> >> capability to the user account that runs the software (or to the
>> >> >> software itself, using filesystem capabilities), though this is not
>> >> >> a
>> >> >> universally supported method of operation (why, I'm not sure).
>> >> >>
>> >> >> The other means would be to have a small (and I mean *tiny*) program
>> >> >> that runs setuid root and does ABSOLUTELY nothing other than to
>> >> >> acquire
>> >> >> the listening socket, drop root privileges permanently, and then
>> >> >> exec
>> >> >> the target program. That might require a patch to the target
>> >> >> program
>> >> >> so
>> >> >> that it can take the listening socket file descriptor either on a
>> >> >> well-known file descriptor or via a command line option that can
>> >> >> pass
>> >> >> in
>> >> >> the fd number.
>> >> >>
>> >> >> There are more clever means to do these sorts of things, as well.
>> >> >> They
>> >> >> are, however, left as an exercise to the reader.
>> >> >>
>> >> >> > Also how do you start any gui app minimized, I need to run VMWare
>> >> >> > tools as root and minimized.
>> >> >>
>> >> >> That depends on the toolkit that the program in question is built to
>> >> >> run
>> >> >> with. For GTK+ based software, I am not aware of any such
>> >> >> functionality.
>> >> >>
>> >> >> --- Mike
>> >> >>
>> >> >> _______________________________________________
>> >> >> Ale mailing list
>> >> >> Ale at ale.org
>> >> >> http://mail.ale.org/mailman/listinfo/ale
>> >> >> See JOBS, ANNOUNCE and SCHOOLS lists at
>> >> >> http://mail.ale.org/mailman/listinfo
>> >> >>
>> >> >
>> >> >
>> >> > _______________________________________________
>> >> > Ale mailing list
>> >> > Ale at ale.org
>> >> > http://mail.ale.org/mailman/listinfo/ale
>> >> > See JOBS, ANNOUNCE and SCHOOLS lists at
>> >> > http://mail.ale.org/mailman/listinfo
>> >> >
>> >> >
>> >>
>> >>
>> >>
>> >> --
>> >> --
>> >> James P. Kinney III
>> >> I would rather stumble along in freedom than walk effortlessly in
>> >> chains.
>> >>
>> >> _______________________________________________
>> >> Ale mailing list
>> >> Ale at ale.org
>> >> http://mail.ale.org/mailman/listinfo/ale
>> >> See JOBS, ANNOUNCE and SCHOOLS lists at
>> >> http://mail.ale.org/mailman/listinfo
>> >
>> >
>> > _______________________________________________
>> > Ale mailing list
>> > Ale at ale.org
>> > http://mail.ale.org/mailman/listinfo/ale
>> > See JOBS, ANNOUNCE and SCHOOLS lists at
>> > http://mail.ale.org/mailman/listinfo
>> >
>> >
>>
>>
>>
>> --
>> --
>> James P. Kinney III
>> I would rather stumble along in freedom than walk effortlessly in chains.
>>
>> _______________________________________________
>> Ale mailing list
>> Ale at ale.org
>> http://mail.ale.org/mailman/listinfo/ale
>> See JOBS, ANNOUNCE and SCHOOLS lists at
>> http://mail.ale.org/mailman/listinfo
>
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
>
--
--
James P. Kinney III
I would rather stumble along in freedom than walk effortlessly in chains.
More information about the Ale
mailing list