Very late to this discussion, but it appears that the 03catalina.policy file in both tomcat5.5 & tomcat6 doesn't actually permit writing to logfiles.
The simplest solution is to change the JULI permissions to:
// These permissions apply to JULI
grant codeBase "file:${catalina.home}/bin/tomcat-juli.jar" {
permission java.security.AllPermission;
};
Obviously, there may be security issues I'm not aware of, but I really can't be bothered to dig deeper - I've spent too long on this myself.
I am guessing this is related to an earlier question?
Ubuntu - can non-root user run process in chroot jail?
To run Tomcat as root...*
Assuming you have installed the tomcat6 package from the Ubuntu repository edit the /etc/init.d/tomcat6 file and change the line:
TOMCAT6_USER=tomcat6
to read
TOMCAT6_USER=root
That being said...
Running Tomcat as root is not recommended in environments where it is accessible to untrusted clients (e.g. the Internet). The problem is if Tomcat or one of your web applications running within it are exploited in some manner they have full access to the underlying system. e.g. They can modify files, execute processes, etc.
Granted the chances of this are slim, but it is better to plan for the worst and hope for the best.
A more secure approach is to continue running Tomcat as the default tomcat6 user and have that call the external, chrooted process in a more isolated manner. How you do this depends on the process that is being called and what needs to occur.
If you post information on the process being called, what it is doing and why others will be able to help you identify the best way of achieving this. For example you could setup a monitor that executes the chrooted task whenever the contents of a directory change, or a local web service that Tomcat can call to run the process.
Best Answer
Here is how I just did it with tomcat6 installed..
I first stopped tomcat from running
Changed the following in
To be the following
Then I had to change ownership of the log directory
Then I was able to run tomcat6
See the results