tomcat 以非root身份启动
该如何设置?并且,如何设置为使用80端口呢?谢谢!
[ 本帖最后由 diyself 于 2009-9-25 09:59 编辑 ]
回复 #1 diyself 的帖子
su - tomcat -c '/usr/local/tomcat/bin/startup.sh'iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-ports 8080
自问自答:mrgreen: 看12期的开源时代 iptables
# cd /opt/tomcat/bin/
# ls
bootstrap.jar catalina-tasks.xml digest.bat service.bat shutdown.bat startup.sh tomcat-juli.jar tool-wrapper.sh
catalina.bat commons-daemon.jar digest.sh setclasspath.bat shutdown.sh tomcat6.exe tomcat-native.tar.gz version.bat
catalina.sh cpappend.bat jsvc.tar.gz setclasspath.sh startup.bat tomcat6w.exe tool-wrapper.bat version.sh
# tar zxvf jsvc.tar.gz
# cd jsvc-src/
# chmod +x configure
# ./configure --with-java=/opt/java
# make
# cp /opt/tomcat/bin/jsvc-src/native/Tomcat5.sh /etc/rc.d/init.d/
# cd /etc/rc.d/init.d/
# chmod +x Tomcat5.sh
# ln -s /etc/init.d/tomcat5.sh /etc/rc0.d/K90tomcat5.sh
# ln -s /etc/init.d/tomcat5.sh /etc/rc1.d/K90tomcat5.sh
# ln -s /etc/init.d/tomcat5.sh /etc/rc2.d/S90tomcat5.sh
# ln -s /etc/init.d/tomcat5.sh /etc/rc3.d/S90tomcat5.sh
# ln -s /etc/init.d/tomcat5.sh /etc/rc4.d/S90tomcat5.sh
# ln -s /etc/init.d/tomcat5.sh /etc/rc5.d/S90tomcat5.sh
# ln -s /etc/init.d/tomcat5.sh /etc/rc6.d/K95tomcat5.sh
# more Tomcat5.sh
#!/bin/sh
##############################################################################
#
# Copyright 2004 The Apache Software Foundation.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
##############################################################################
#
# Small shell script to show how to start/stop Tomcat using jsvc
# If you want to have Tomcat running on port 80 please modify the server.xml
# file:
#
# <!-- Define a non-SSL HTTP/1.1 Connector on port 80 -->
# <Connector className="org.apache.catalina.connector.http.HttpConnector"
# port="80" minProcessors="5" maxProcessors="75"
# enableLookups="true" redirectPort="8443"
# acceptCount="10" debug="0" connectionTimeout="60000"/>
#
# That is for Tomcat-5.0.x (Apache Tomcat/5.0)
#
# Adapt the following lines to your configuration
JAVA_HOME=/opt/java
CATALINA_HOME=/opt/tomcat
DAEMON_HOME=/opt/tomcat
TOMCAT_USER=root
# for multi instances adapt those lines.
TMP_DIR=/var/tmp
PID_FILE=/var/run/jsvc.pid
CATALINA_BASE=/opt/tomcat
CATALINA_OPTS="-Djava.library.path=/home/jfclere/jakarta-tomcat-connectors/jni/native/.libs"
CLASSPATH=\
$JAVA_HOME/lib/tools.jar:\
$CATALINA_HOME/bin/commons-daemon.jar:\
$CATALINA_HOME/bin/bootstrap.jar
case "$1" in
start)
#
# Start Tomcat
#
$DAEMON_HOME/bin/jsvc-src/jsvc \
-user $TOMCAT_USER \
-home $JAVA_HOME \
-Dcatalina.home=$CATALINA_HOME \
-Dcatalina.base=$CATALINA_BASE \
-Djava.io.tmpdir=$TMP_DIR \
-wait 10 \
-pidfile $PID_FILE \
-outfile $CATALINA_HOME/logs/catalina.out \
-errfile '&1' \
$CATALINA_OPTS \
-cp $CLASSPATH \
org.apache.catalina.startup.Bootstrap
#
# To get a verbose JVM
#-verbose \
# To get a debug of jsvc.
#-debug \
exit $?
;;
stop)
#
# Stop Tomcat
#
$DAEMON_HOME/bin/jsvc-src/jsvc \
-stop \
-pidfile $PID_FILE \
org.apache.catalina.startup.Bootstrap
exit $?
;;
*)
echo "Usage tomcat.sh start/stop"
exit 1;;
esac
# /etc/rc.d/init.d/Tomcat5.sh start
# netstat -tnl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN
tcp 0 0 :::8009 :::* LISTEN
tcp 0 0 :::8080 :::* LISTEN
tcp 0 0 :::80 :::* LISTEN
tcp 0 0 :::22 :::* LISTEN
# /etc/rc.d/init.d/Tomcat5.sh stop
# netstat -tnl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN
tcp 0 0 :::80 :::* LISTEN
tcp 0 0 :::22 :::* LISTEN
# useradd tomcatadmin
# vi Tomcat5.sh
TOMCAT_USER=tomcatadmin 改为这样
# chown -R tomcatadmin:tomcatadmin /opt/tomcat
# netstat -tnl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN
tcp 0 0 :::80 :::* LISTEN
tcp 0 0 :::22 :::* LISTEN
# /etc/rc.d/init.d/Tomcat5.sh start
# netstat -tnl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN
tcp 0 0 :::8009 :::* LISTEN
tcp 0 0 :::8080 :::* LISTEN
tcp 0 0 :::80 :::* LISTEN
tcp 0 0 :::22 :::* LISTEN
# /etc/rc.d/init.d/Tomcat5.sh stop
# netstat -tnl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN
tcp 0 0 :::80 :::* LISTEN
tcp 0 0 :::22 :::* LISTEN
# vi /etc/rc.d/init.d/Tomcat5.sh
在#!/bin/sh下面加入
#chkconfig: 2345 85 15
#description: 任意内容
# chkconfig --level 345 Tomcat5.sh on
# init 6
用nginx proxy吧,很方便
加一个serveletwrapper,重载getRemoteAddr方法 原帖由 jhsea3do 于 2009-9-29 10:17 发表 http://bbs3.chinaunix.net/images/common/back.gif
用nginx proxy吧,很方便
加一个serveletwrapper,重载getRemoteAddr方法
nginx和tomcat比apache和tomcat怎么样,给讲讲吧,谢谢!
页:
[1]