在linux下如果想让tomcat在开机时自启动,可以将启动代码写到/etc/rc.local里面。但是,这样的话,tomcat将以root权限运行,这是不安全的。因此,要想办法让tomcat以非特权身份作为daemon运行。
要将tomcat作为linux的daemon运行,需要commons-daemon工程的jsvc工具,tomcat的bin目录里已经自带了这个工具的源码。
解压commons-daemon-native.tar.gz,进入unix子目录,然后configure。configure的时候需要指定jdk路径或者当前环境中有JAVA_HOME变量。
接下来在make的时候可能会出现如下错误:
ar: libservice.a: Malformed archivemake[1]: *** [libservice.a] Error 1
这是一个已知的bug:
The file bin/commons-daemon-native.tar.gz contains dirty (already compiled)code. On some systems this causes "make" to return the following error:ar: libservice.a: Malformed archiveThe solution is to run "make clean" before running "make".I believe that "make clean" should be run before creating the tgz file, so thatthere are no compiled/generated files laying around.
make以后得到jsvc文件,复制到tomcat的bin目录中。另外在native目录下有一个Tomcat5.sh,是用于tomcat自启动的一个模板,我们可以修改它快速得到一个符合要求的启动文件。在这里,我将它修改为如下内容:
#!/bin/sh################################################################################ Licensed to the Apache Software Foundation (ASF) under one or more# contributor license agreements. See the NOTICE file distributed with# this work for additional information regarding copyright ownership.# The ASF licenses this file to You under the Apache License, Version 2.0# (the "License"); you may not use this file except in compliance with# the License. You may obtain a copy of the License at## http://www.apache.org/licenses/LICENSE-2.0## Unless required by applicable law or agreed to in writing, software# distributed under the License is distributed on an "AS IS" BASIS,# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.# See the License for the specific language governing permissions and# limitations under the License.################################################################################ Small shell script to show how to start/stop Tomcat using jsvc# If you want to have Tomcat running on port 80 please modify the server.xml# file:## <!-- Define a non-SSL HTTP/1.1 Connector on port 80 --># <Connector className="org.apache.catalina.connector.http.HttpConnector"# port="80" minProcessors="5" maxProcessors="75"# enableLookups="true" redirectPort="8443"# acceptCount="10" debug="0" connectionTimeout="60000"/>## That is for Tomcat-5.0.x (Apache Tomcat/5.0)## Adapt the following lines to your configurationJAVA_HOME=/usr/local/sun-java6-jdkCATALINA_HOME=/usr/local/apache-tomcat-6DAEMON_HOME=$CATALINA_HOMETOMCAT_USER=tomcat6# for multi instances adapt those lines.TMP_DIR=/var/tmpPID_FILE=/var/run/jsvc.pidCATALINA_BASE=$CATALINA_HOME#CATALINA_OPTS="-Djava.library.path=/home/jfclere/jakarta-tomcat-connectors/jni/native/.libs"CLASSPATH=/$JAVA_HOME/lib/tools.jar:/$CATALINA_HOME/bin/commons-daemon.jar:/$CATALINA_HOME/bin/bootstrap.jarcase "$1" instart)## Start Tomcat#echo "Starting tomcat6..."$DAEMON_HOME/bin/jsvc /-user $TOMCAT_USER /-home $JAVA_HOME /-Dcatalina.home=$CATALINA_HOME /-Dcatalina.base=$CATALINA_BASE /-Djava.io.tmpdir=$TMP_DIR /-wait 10 /-pidfile $PID_FILE /-outfile $CATALINA_HOME/logs/catalina.out /-errfile $CATALINA_HOME/logs/catalina.err /$CATALINA_OPTS /-cp $CLASSPATH /org.apache.catalina.startup.Bootstrap## To get a verbose JVM#-verbose /# To get a debug of jsvc.#-debug /if test $? -eq 0thenexit 0elseecho "Failed to start tomcat6"exit 1fi;;stop)## Stop Tomcat#$DAEMON_HOME/bin/jsvc /-stop /-pidfile $PID_FILE /org.apache.catalina.startup.Bootstrapif test $? -eq 0thenecho "tomcat6 stopped"exit 0elseecho "Failed to stop tomcat6"exit 1fi;;restart)## Restart Tomcat#if $0 stopthen$0 startelseecho "Failed to stop running server, so refusing to try to start."fiexit 0;;*)echo "Usage: tomcat6 start|stop|restart"exit 1;;esac
在以的脚本里面指定了TOMCAT_USER,jsvc将先以特权身份启动tomcat,随后切换到指定的用户,这样可以使tomcat以非特权身份监听需要特权的端口。
将脚本复制到/etc/init.d,改名为tomcat6,然后执行
update-rc.d tomcat6 defaults
配置完成以后,tomcat就可以以非特权用户作为daemon运行了。
QQ群⑧:
窥视卡
雷达卡
发表于 2015-11-14 11:13:23
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡