I am trying to get Crowd to run as a non-privileged user on Linux (user: atlcrowd) but it doesn't appear to be working. I've been able to enable SSL on my Crowd environment by adding a Connector 8443 to the server.xml section under Apache Tomcat. The atlcrowd user has full owner and group permissions (owner and group) of /opt/atlassian/crowd (where the binaries are installed) and /var/atlassian/crowd (where the Crowd home directory is located). But if I attempt to run /opt/atlassian/crowd/start_crowd.sh as the atlcrowd user, I can get the initial screen at https://crowd.<mydomain.com> but if I try to get to the console screen (/crowd/console) I get an Error 404 message.
However, if I stop and start the Crowd service as root, everything works fine. Is there another directory that the atlcrowd user needs to have permissions on in order to fully function? (Error attached)
OS: CentOS 7.4
Crowd Version: 3.1.2
Hi,
Make sure all the files under those directories are owned by atlcrowd
chown -R atlcrowd:atlcrowd <home/app dirs>
There is also a Crowd service script you can use
Indeed it turned out to be a permission issue.
For the record, Crowd needs to have permissions to application (Crowd install), home and share home directories.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi @OneTech IT,
I assume that you've seen Crowd's documentation about running Crowd as unprivileged system user.
I believe that directories you've mentioned are all that Crowd needs to have access to, but in order to resolve your problem we will need to check the log files both from Crowd and Tomcat. We can create a support issue for you if you do not want to share those logs publicly here.
Best regards,
Marcin Kempa
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I submitted a ticket last night but have received no notifications that it has been received by a support technician,.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.