# Tomcat + chroot

## Gustavo_Maciel

Hi people...

I would like some help to chroot the TOMCAT at the gentoo... I've trying to do it... but until now didn't have success, so if someone could send me or sugest me a HOWTO I really apreciet it!

Thanks for all  []'s

Gustavo Maciel

----------

## weisso5

Hello and welcome,

 that is a pretty intense task especially if you want to incorporate an Apache webserver with it. I would suggest starting with this guide, and work from there:

http://www.gentoo-wiki.com/Apache_chroot:_the_mod_security_way

also check out:

http://www.gentoo-wiki.com/HOWTO_Jail

Hope this helps,

weisso

----------

## Voltago

Hi Gustavo! I don't know why you want to chroot your tomcat instance, but I guess you want to have it to listen to port 80 instead of 8080, and so you run it as root user. If this is the case, there is an easier (and safer) way to achieve this: Let tomcat run with user privileges, and let xinetd listen to port 80 and redirect all connections to localhost:8080. Just install xinetd (with tcpd USE flag set) and create a file /etc/xinetd.d/tomcat with the content

```
# Redirects any requests on port 80 

# to port 8080 (where Tomcat is listening)

service http

{

   socket_type     = stream

   protocol        = tcp

   user            = root

   wait            = no

   port            = 80

   redirect        = localhost 8080

   #disable         = yes

}
```

----------

## Gustavo_Maciel

 *weisso5 wrote:*   

> Hello and welcome,
> 
>  that is a pretty intense task especially if you want to incorporate an Apache webserver with it. I would suggest starting with this guide, and work from there:
> 
> http://www.gentoo-wiki.com/Apache_chroot:_the_mod_security_way
> ...

 

Hi there, and thx so much for the help. Well the real case is that I already have an apache chrooted and you'll like to put the tomcat at the same jail, like... /chroot/apache & /chroot/tomcat... 

I didnt understand so much how to jail the dependencies... so... if you could point me a walkthru to jail a tomcat... I'll study the jail tutorial that you've send me...

And Thanks soooo much for all

[]'s

Gustavo Maciel

----------

## Gustavo_Maciel

 *Voltago wrote:*   

> Hi Gustavo! I don't know why you want to chroot your tomcat instance, but I guess you want to have it to listen to port 80 instead of 8080, and so you run it as root user. If this is the case, there is an easier (and safer) way to achieve this: Let tomcat run with user privileges, and let xinetd listen to port 80 and redirect all connections to localhost:8080. Just install xinetd (with tcpd USE flag set) and create a file /etc/xinetd.d/tomcat with the content
> 
> ```
> # Redirects any requests on port 80 
> 
> ...

 

Hi!!! Thx so much for your help, but I really need a tomcat chrooted  :Sad:  ...

----------

## bunder

Moved from Portage & Programming to Networking & Security.

----------

