启动TOMCAT想搞定为80端口(非ROOT用户)
非root用户,修改tomcat启动端口为80,启动时报错解决方案————通过Iptables端口转发2011-07-17 13:21:42 org.apache.tomcat.util.digester.SetPropertiesRule begin
警告: {Server/Service/Engine/Host/Context} Setting property 'debug' to '0' did not find a matching property.
2011-07-17 13:21:42 org.apache.catalina.core.AprLifecycleListener init
信息: The APR based Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path: /usr/jdk1.5.0_16/jre/lib/i386/client:/usr/jdk1.5.0_16/jre/lib/i386:/usr/jdk1.5.0_16/jre/../lib/i386
2011-07-17 13:21:42 org.apache.coyote.http11.Http11Protocol init
严重: Error initializing endpoint
java.net.BindException: Permission denied:80
... ...
上面可以看到,非root用户其实没有绑定80端口的权限。在Linux下低于1024的端口是root专用,而Tomcat安装后默认使用用户tomcat启动的,所以将端口改为80后启动,会产生错误:java.net.BindException: Permission denied:80
解决方法是:
第一步,重将Tomcat的端口(server.xml)由80改回8080。
第二步,通过Iptables端口实现80到8080的转发,命令为:
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080
-A PREROUTING 添加新规则
-p 检查tcp协议
--dport 80 指定目标端口
-j REDIRECT 目标跳转
--to-prot 8080 指定源端口
需要用root用户的权限去执行!
这样,用户访问80端口和8080端口时,得到的结果是一样的,以为内其实都是访问到了8080端口。
页:
[1]