
Tomcat
1. 概念部分
一直以来都觉得Tomcat以root身份运行非常不安全,故研究Tomcat如何以普通用户身份运行,以下是参考网络上的一些配置实现Tomcat以daemon方式运行于CentOS 6&7系统下面。
另外,如果你是比较新的系统,请参阅以下章节,
2 实操部分
2.1 系统环境
2.1.1 系统信息
OS = RHEL 6.x x86_64
IP Address = 10.168.0.157
Host Name = any.cmdschool.org
2.1.2 配置编译环境和依赖包
yum -y install gcc gcc-c++ make expat-devel yum install -y libcap-devel
2.1.3 关闭SELinux
setenforce 0 sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
2.1.4 配置防火墙
firewall-cmd --permanent --add-port=8080/tcp firewall-cmd --reload firewall-cmd --list-all
2.2 软件配置
2.2.1 安装JDK
请参阅以下文章安装JDK,
2.2.2 下载安装包
cd ~ wget http://apache.fayea.com/tomcat/tomcat-9/v9.0.0.M13/bin/apache-tomcat-9.0.0.M13.tar.gz
2.2.3 配置运行用户
groupadd -g 91 tomcat useradd -u 91 -g 91 -d /usr/tomcat -s /sbin/nologin tomcat
2.2.4 部署tomcat目录
mkdir /usr/tomcat chown root:tomcat -R /usr/tomcat chmod 770 -R /usr/tomcat/
2.2.5 配置安装目录
cd ~ tar -xf apache-tomcat-9.0.0.M13.tar.gz mv apache-tomcat-9.0.0.M13 /usr/tomcat/ chown root:tomcat -R /usr/tomcat chmod 770 -R /usr/tomcat/ ln -s /usr/tomcat/apache-tomcat-9.0.0.M13/logs/ /var/log/tomcat
2.3 配置Tomcat
2.3.1 配置环境变量
echo 'JAVA_HOME=/usr/java/jdk1.8.0_65' > /usr/tomcat/apache-tomcat-9.0.0.M13/bin/setenv.sh echo 'JRE_HOME=${JAVA_HOME}/jre' >> /usr/tomcat/apache-tomcat-9.0.0.M13/bin/setenv.sh echo 'CATALINA_HOME=/usr/tomcat/apache-tomcat-9.0.0.M13' >> /usr/tomcat/apache-tomcat-9.0.0.M13/bin/setenv.sh echo 'CATALINA_BASE=${CATALINA_HOME}' >> /usr/tomcat/apache-tomcat-9.0.0.M13/bin/setenv.sh echo "JAVA_OPTS='-server -Xms2048m -Xmx4096m -Xss512k'" >> /usr/tomcat/apache-tomcat-9.0.0.M13/bin/setenv.sh echo 'TOMCAT_USER=tomcat' >> /usr/tomcat/apache-tomcat-9.0.0.M13/bin/setenv.sh
2.3.2解压daemon工具包
cd /usr/tomcat/apache-tomcat-9.0.0.M13/bin/ tar -xf commons-daemon-native.tar.gz
2.3.3 编译daemon工具
cd commons-daemon-1.0.15-native-src/unix ./configure make
2.3.4 部署daemon工具
cp jsvc /usr/tomcat/apache-tomcat-9.0.0.M13/bin/
2.3.5 手动测试服务启停
/usr/tomcat/apache-tomcat-9.0.0.M13/bin/daemon.sh start /usr/tomcat/apache-tomcat-9.0.0.M13/bin/daemon.sh stop netstat -antp
2.3.6 配置tomcat服务
vim /etc/init.d/tomcat9
输入如下配置:
#!/bin/bash # tomcat9 - Startup script for tomcat9 # chkconfig: 35 96 04 # description: tomcat9 # processname: tomcat9 source /etc/profile user=tomcat tomcat_dir=/usr/tomcat/apache-tomcat-9.0.0.M13 pid_dir=${tomcat_dir}/logs start() { if [ `pgrep -u $user jsvc | wc -l` != 0 ]; then echo $0 is already exists!; exit 1 fi ${tomcat_dir}/bin/daemon.sh start || return 1 sleep 1 if [ -f "${pid_dir}/catalina-daemon.pid" ] && [ `cat "${pid_dir}/catalina-daemon.pid" | wc -l` != 0 ]; then echo -ne "$0 started"; return 0 else echo -ne "$0 start failed, see logfile."; return 1 fi } stop() { if [ -f "${pid_dir}/catalina-daemon.pid" ]; then ${tomcat_dir}/bin/daemon.sh stop || return 1 fi for ((i=0; i<15*1; i++)); do if [ `pgrep -u $user jsvc | wc -l` = 0 ]; then return 0 fi sleep 1s done echo -ne "Error: $0 could not be stopped" } status() { if [ `pgrep -u $user jsvc | wc -l` != 0 ]; then echo "$0 is runing!"; else echo "$0 is not run!"; exit 1 fi } case "$1" in start) start ;; restart) stop start ;; stop) stop ;; status) status ;; *) echo "Usage: $0 {start|stop|restart|status}" exit 1 ;; esac
2.3.7 启动服务并配置自启动
chmod +x /etc/init.d/tomcat9
2.3.8 启动服务并配置自启动
/etc/init.d/tomcat9 start chkconfig tomcat9 on
2.3.9 浏览器测试
http://10.168.0.157:8080/
参阅文档:
=============================
http://blog.csdn.net/bebabyron/article/details/11852317
http://www.liaoshixiong.cn/java/centos7-tomcat-daemon.html
http://www.xuebuyuan.com/1361441.html
http://blog.csdn.net/centre10/article/details/50639693
没有评论