Tomcat
1. 概念部分
一直以来都觉得Tomcat以root身份运行非常不安全,故研究Tomcat如何以普通用户身份运行,以下是参考网络上的一些配置实现Tomcat以daemon方式运行于CentOS 6&7系统下面。
另外,如果你是比较新的系统,请参阅以下章节,
2 实操部分
2.1 系统环境
2.1.1 系统信息
OS = RHEL 6.x x86_64
IP Address = 10.168.0.157
Host Name = any.cmdschool.org
2.1.2 配置编译环境和依赖包
yum -y install gcc gcc-c++ make expat-devel yum install -y libcap-devel
2.1.3 关闭SELinux
setenforce 0 sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
2.1.4 配置防火墙
firewall-cmd --permanent --add-port=8080/tcp firewall-cmd --reload firewall-cmd --list-all
2.2 软件配置
2.2.1 安装JDK
请参阅以下文章安装JDK,
2.2.2 下载安装包
cd ~ wget http://apache.fayea.com/tomcat/tomcat-9/v9.0.0.M13/bin/apache-tomcat-9.0.0.M13.tar.gz
2.2.3 配置运行用户
groupadd -g 91 tomcat useradd -u 91 -g 91 -d /usr/tomcat -s /sbin/nologin tomcat
2.2.4 部署tomcat目录
mkdir /usr/tomcat chown root:tomcat -R /usr/tomcat chmod 770 -R /usr/tomcat/
2.2.5 配置安装目录
cd ~ tar -xf apache-tomcat-9.0.0.M13.tar.gz mv apache-tomcat-9.0.0.M13 /usr/tomcat/ chown root:tomcat -R /usr/tomcat chmod 770 -R /usr/tomcat/ ln -s /usr/tomcat/apache-tomcat-9.0.0.M13/logs/ /var/log/tomcat
2.3 配置Tomcat
2.3.1 配置环境变量
echo 'JAVA_HOME=/usr/java/jdk1.8.0_65' > /usr/tomcat/apache-tomcat-9.0.0.M13/bin/setenv.sh
echo 'JRE_HOME=${JAVA_HOME}/jre' >> /usr/tomcat/apache-tomcat-9.0.0.M13/bin/setenv.sh
echo 'CATALINA_HOME=/usr/tomcat/apache-tomcat-9.0.0.M13' >> /usr/tomcat/apache-tomcat-9.0.0.M13/bin/setenv.sh
echo 'CATALINA_BASE=${CATALINA_HOME}' >> /usr/tomcat/apache-tomcat-9.0.0.M13/bin/setenv.sh
echo "JAVA_OPTS='-server -Xms2048m -Xmx4096m -Xss512k'" >> /usr/tomcat/apache-tomcat-9.0.0.M13/bin/setenv.sh
echo 'TOMCAT_USER=tomcat' >> /usr/tomcat/apache-tomcat-9.0.0.M13/bin/setenv.sh
2.3.2解压daemon工具包
cd /usr/tomcat/apache-tomcat-9.0.0.M13/bin/ tar -xf commons-daemon-native.tar.gz
2.3.3 编译daemon工具
cd commons-daemon-1.0.15-native-src/unix ./configure make
2.3.4 部署daemon工具
cp jsvc /usr/tomcat/apache-tomcat-9.0.0.M13/bin/
2.3.5 手动测试服务启停
/usr/tomcat/apache-tomcat-9.0.0.M13/bin/daemon.sh start /usr/tomcat/apache-tomcat-9.0.0.M13/bin/daemon.sh stop netstat -antp
2.3.6 配置tomcat服务
vim /etc/init.d/tomcat9
输入如下配置:
#!/bin/bash
# tomcat9 - Startup script for tomcat9
# chkconfig: 35 96 04
# description: tomcat9
# processname: tomcat9
source /etc/profile
user=tomcat
tomcat_dir=/usr/tomcat/apache-tomcat-9.0.0.M13
pid_dir=${tomcat_dir}/logs
start() {
if [ `pgrep -u $user jsvc | wc -l` != 0 ]; then
echo $0 is already exists!; exit 1
fi
${tomcat_dir}/bin/daemon.sh start || return 1
sleep 1
if [ -f "${pid_dir}/catalina-daemon.pid" ] && [ `cat "${pid_dir}/catalina-daemon.pid" | wc -l` != 0 ]; then
echo -ne "$0 started"; return 0
else
echo -ne "$0 start failed, see logfile."; return 1
fi
}
stop() {
if [ -f "${pid_dir}/catalina-daemon.pid" ]; then
${tomcat_dir}/bin/daemon.sh stop || return 1
fi
for ((i=0; i<15*1; i++)); do
if [ `pgrep -u $user jsvc | wc -l` = 0 ]; then
return 0
fi
sleep 1s
done
echo -ne "Error: $0 could not be stopped"
}
status() {
if [ `pgrep -u $user jsvc | wc -l` != 0 ]; then
echo "$0 is runing!";
else
echo "$0 is not run!"; exit 1
fi
}
case "$1" in
start)
start
;;
restart)
stop
start
;;
stop)
stop
;;
status)
status
;;
*)
echo "Usage: $0 {start|stop|restart|status}"
exit 1
;;
esac
2.3.7 启动服务并配置自启动
chmod +x /etc/init.d/tomcat9
2.3.8 启动服务并配置自启动
/etc/init.d/tomcat9 start chkconfig tomcat9 on
2.3.9 浏览器测试
http://10.168.0.157:8080/
参阅文档:
=============================
http://blog.csdn.net/bebabyron/article/details/11852317
http://www.liaoshixiong.cn/java/centos7-tomcat-daemon.html
http://www.xuebuyuan.com/1361441.html
http://blog.csdn.net/centre10/article/details/50639693
没有评论