0

i've created a webapp that i deploy on the debian default tomcat9 server.

I need to write PDF files to the local filesystem. So i create a folder and write them using the ByteArrayOutputStream and a FileOutputStream.

The webapp is deployed by copying the war file to the /var/lib/tomcat9/webapps directory.

I want the files to be created in the following Path: /home/myuser/rechnungsexport/a1/

when i run the code, the tomcat server creates them in the following path:

/tmp/systemd-private-6ce0d50d8582493fb365de9c539261d0-tomcat9.service-bsQJTg/home/myuser/rechnungsexport/a1/

This is the Java code that writes the File

        String lokalerDateiPfad = "/home/myuser/rechnungsexport/a1/";
        ByteArrayOutputStream baos = new ByteArrayOutputStream();
        JasperExportManager.exportReportToPdfStream(jasperPrint, baos);

        try (OutputStream outputStream = new FileOutputStream(lokalerDateiPfad + dateiName)) {
            baos.writeTo(outputStream);
        } catch (Exception e) {
            logger.error(e);
        }

How can i change this so that my application creates them in the correct directory ?

eckad158
  • 385
  • 6
  • 19
  • how does your code create the file? Looks like it's an explicit temp file, not one that's expected to live for longer. – Olaf Kock Jun 21 '22 at 10:26
  • i added my codesnippet that writes the file(s) – eckad158 Jun 21 '22 at 10:43
  • I'm hoping that is not an example of what upstream devs refer to as "Debian bork" ;) (especially since I'm a confirmed Debian user and also contemplating installing tomcat9 with apt). Maybe it's a security measure? – g00se Jun 21 '22 at 10:48
  • Also, it has to be said that `myuser` is probably not `tomcat`, the user under which tomcat9 runs on Debian. Does `tomcat` have permissions to write to that directory? – g00se Jun 21 '22 at 10:57
  • i am running it in a dev environment. Tomcat runs as root so it has full access. The directories also also exist so writing to it should be possible. – eckad158 Jun 21 '22 at 11:00
  • Really? Please post output of `ps faux | grep Bootstrap | grep -v "^$USER"` – g00se Jun 21 '22 at 11:06
  • it seems as if i was wrong, here is the output: tomcat 11623 0.0 71.8 35319532 1505848 ? Ssl 09:33 0:56 /usr/lib/jvm/default-java/bin/java -Dignore.endorsed.dirs= -classpath /usr/share/tomcat9/bin/bootstrap.jar:/usr/share/tomcat9/bin/tomcat-juli.jar -Dcatalina.base=/var/lib/tomcat9 -Dcatalina.home=/usr/share/tomcat9 -Djava.io.tmpdir=/tmp org.apache.catalina.startup.Bootstrap start i tried to apply "chmod 777" to the /home/myuser/a1/ directory but it did not change anything. – eckad158 Jun 21 '22 at 11:46
  • 1
    Does this answer your question? [How to allow Tomcat war app to write in folder](https://stackoverflow.com/questions/56827735/how-to-allow-tomcat-war-app-to-write-in-folder) (that is: You might run into Debian's sandboxing of your tomcat - it's running within a security manager) – Olaf Kock Jun 21 '22 at 11:56
  • Ha. So I'm reasonably comfortable in saying that having to provide a systemd override or indeed *anything* other than editing /var/lib/tomcat9/policy/catalina.policy *is* an example of "Debian bork" ;) – g00se Jun 21 '22 at 12:31

0 Answers0