Search code examples
tomcattomcat7centos7file-permissionsselinux

Tomcat7 has no writing permissions

I installed Tomcat 7.0.76 on my CentOs 7 machine from the official sources and can't get Tomcat to have writing access at all. Every time when something in my code wants to write to the disk or create a directory I get a Permission Denied Error.

For example, if I want to create a directory I get this error:

org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'application': Invocation of init method failed; nested exception is org.ehcache.StateTransitionException: Directory couldn't be created: /usr/share/tomcat/myDir

When I create the directory myself and want to write to a file inside this directory I get this error:

org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'application': Invocation of init method failed; nested exception is org.ehcache.StateTransitionException: Location isn't writable: /usr/share/tomcat/myDir

I already tried:

chown -R tomcat:tomcat /usr/share/tomcat
chmod -R 775  /usr/share/tomcat/

The tomcat service is running under the tomcat user

$ top | grep tomcat
 PID USER      PR  NI    VIRT    RES    SHR S  %CPU %MEM     TIME+ COMMAND
2725 tomcat    20   0   21,7g   2,2g  24612 S   0,9  7,1   2:28.16 java

Thats the output from ll 

$ ll  /usr/share/tomcat/
insgesamt 8,0K
drwxrwxr-x. 2 tomcat tomcat 4,0K 24. Mai 18:48 bin
lrwxrwxrwx. 1 tomcat tomcat   11 24. Mai 18:48 conf -> /etc/tomcat
lrwxrwxrwx. 1 tomcat tomcat   22 24. Mai 18:48 lib -> /usr/share/java/tomcat
lrwxrwxrwx. 1 tomcat tomcat   15 24. Mai 18:48 logs -> /var/log/tomcat
drwxrwxr-x. 5 tomcat tomcat 4,0K 24. Mai 19:54 resources
lrwxrwxrwx. 1 tomcat tomcat   22 24. Mai 18:48 temp -> /var/cache/tomcat/temp
lrwxrwxrwx. 1 tomcat tomcat   23 24. Mai 18:48 webapps -> /var/lib/tomcat/webapps
lrwxrwxrwx. 1 tomcat tomcat   22 24. Mai 18:48 work -> /var/cache/tomcat/work

Note: I deployed the same .war file on another CentOs 7 machine with the same Tomcat version and everything worked fine.

Solution

  • SELinux might be responsible of this permission denied. Try disabling it with setenforce permissive, and if it resolves your issue, adjust the SELinux policy correctly. In this case, probably you just need to copy on the first server where it is working, unless this one has SELinux disabled, but remember disabling it is not recommended in production.