Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

tomcat 7 and seculinks

Discussion in 'CloudLinux' started by chrismfz, Aug 11, 2013.

  1. chrismfz

    chrismfz Well-Known Member

    Joined:
    Jul 4, 2007
    Messages:
    123
    Likes Received:
    1
    Trophy Points:
    68
    Location:
    Greece
    cPanel Access Level:
    DataCenter Provider
    Tomcat keeps shouting about this:

    [114743.154708] access denied ffff88077c63bcb8 uid 497 target uid 0!
    [114743.154720] access denied ffff88077c635eb8 uid 497 target uid 0!
    [114743.154759] access denied ffff88077c63bcb8 uid 497 target uid 0!
    [114743.155187] access denied ffff88077c63bcb8 uid 497 target uid 0!
    [114743.155197] access denied ffff88077c635eb8 uid 497 target uid 0!
    [114743.155604] access denied ffff88077c63bcb8 uid 497 target uid 0!
    [114945.473533] access denied ffff88077c63bcb8 uid 497 target uid 0!
    [114945.473545] access denied ffff88077c635eb8 uid 497 target uid 0!
    [114945.473587] access denied ffff88077c63bcb8 uid 497 target uid 0!
    [114945.473992] access denied ffff88077c63bcb8 uid 497 target uid 0!
    [114945.474002] access denied ffff88077c635eb8 uid 497 target uid 0!
    [114945.474084] access denied ffff88077c63bcb8 uid 497 target uid 0!

    I don't know what exactly needs from root, but it cannot write to catalina.err because of that.
    Changed /var/log/easy-tomcat7/ contents to tomcat:nobody but still it should be something else too.
     
  2. iseletsk

    iseletsk Well-Known Member

    Joined:
    Mar 3, 2010
    Messages:
    163
    Likes Received:
    1
    Trophy Points:
    68
    Location:
    Princeton, New Jersey, United States
    User with id 497 trying to follow symlink that leads to a file owned by root (symlink attack).
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. chrismfz

    chrismfz Well-Known Member

    Joined:
    Jul 4, 2007
    Messages:
    123
    Likes Received:
    1
    Trophy Points:
    68
    Location:
    Greece
    cPanel Access Level:
    DataCenter Provider
    id 497 is user "tomcat".

    Server is empty with 0 users in it.

    It started when I installed tomcat with easyapache.
     
  4. iseletsk

    iseletsk Well-Known Member

    Joined:
    Mar 3, 2010
    Messages:
    163
    Likes Received:
    1
    Trophy Points:
    68
    Location:
    Princeton, New Jersey, United States
    If it is tomcat, than figure out which group tomcat runs in, and follow this guide to whitelist it:
    CloudLinux Documentation
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice