# Tomcat / shell scripts user rights



## fgordon (Jul 7, 2010)

Hello,

I "need" a webserver that will do some "low-level" system stuff, like mounting/dismounting/access zfs data/check or alter the status of some devices/... ....

While some of this can be done via trigger-files and scripts others should access "real-time" data some shell scripts deliver....

As scripts don`t support suid  I see only one other way to do this with FreeBSD than making a programm that is started via rc.conf offering an interface e.g. on a TCP Port the tomcat servlets communicate with.... 

Or ist there any other way to access "realtime" system data by a tomcat servlet running on a FreeBSD system?


----------



## Christopher (Jul 13, 2010)

I've solved similar problems (web services needing elevated privileges) by configuring sudo to allow the web service (user "www") to execute a carefully crafted shell script without a password.

The web service calls the shell script with sudo and a few specific command line arguments.  The script itself executes with elevated privileges thanks to sudo, and returns the requested data back to the web service.


----------



## fgordon (Jul 15, 2010)

Ah yes forgot about sudo though used it in Linux too   though I implemented the things I needed as mutiple small tcp-services...   but thanks for the answer will surely be very usefull me sooner or later - probably sooner


----------

