Executable jar fails when started by root if log_file does not exist
cataling opened this issue · 3 comments
Reproduced with: 2.0.0RC1
Steps to reproduce:
- package a spring boot application as executable jar owned by a non-root user
- make sure the log file does not exist
- start the executable jar as root (
./app.jar start)
Result:sh: <<logfile>>: Permission denied
Expected: application should start, process owner should be the owner of the executable jar file.
The cause seems to be that helper function checkPermissions does a touch on both $pid_file and $log_file. In the scenario above, this will cause both files to be created and owned by root.
While this is ok for the pid file, it's not ok for the log file because in do_start() the application process is started with su -s /bin/sh -c "$javaexe $(printf "\"%s\" " "${arguments[@]}") >> \"$log_file\" 2>&1 & echo \$!" "$run_user" > "$pid_file", which essentially starts a process as $run_user with stdout redirected to $log_file which is now owned by root.
The issues seems to have been introduced by 886b392 which removed the line chown "$run_user" "$log_file"
If you would like us to look at this issue, please provide the requested information. If the information is not provided within the next 7 days this issue will be closed.
Closing due to lack of requested feedback. If you would like us to look at this issue, please provide the requested information and we will re-open the issue.