linux下tomcat作为daemon运行

在linux下如果想让tomcat在开机时自启动,可以将启动代码写到/etc/rc.local里面。但是,这样的话,tomcat将以root权限运行,这是不安全的。因此,要想办法让tomcat以非特权身份作为daemon运行。

要将tomcat作为linux的daemon运行,需要commons-daemon工程的jsvc工具,tomcat的bin目录里已经自带了这个工具的源码。

解压commons-daemon-native.tar.gz,进入unix子目录,然后configure。configure的时候需要指定jdk路径或者当前环境中有JAVA_HOME变量。

接下来在make的时候可能会出现如下错误:

 ar: libservice.a: Malformed archive make[1]: *** [libservice.a] Error 1

这是一个已知的bug:

The file bin/commons-daemon-native.tar.gz contains dirty (already compiled) code. On some systems this causes "make" to return the following error: ar: libservice.a: Malformed archive The solution is to run "make clean" before running "make". I believe that "make clean" should be run before creating the tgz file, so that there are no compiled/generated files laying around.

make以后得到jsvc文件,复制到tomcat的bin目录中。另外在native目录下有一个Tomcat5.sh,是用于tomcat自启动的一个模板,我们可以修改它快速得到一个符合要求的启动文件。在这里,我将它修改为如下内容:

#!/bin/sh ############################################################################## # # Licensed to the Apache Software Foundation (ASF) under one or more # contributor license agreements. See the NOTICE file distributed with # this work for additional information regarding copyright ownership. # The ASF licenses this file to You under the Apache License, Version 2.0 # (the "License"); you may not use this file except in compliance with # the License. You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. ############################################################################## # # Small shell script to show how to start/stop Tomcat using jsvc # If you want to have Tomcat running on port 80 please modify the server.xml # file: # # <!-- Define a non-SSL HTTP/1.1 Connector on port 80 --> # <Connector className="org.apache.catalina.connector.http.HttpConnector" # port="80" minProcessors="5" maxProcessors="75" # enableLookups="true" redirectPort="8443" # acceptCount="10" debug="0" connectionTimeout="60000"/> # # That is for Tomcat-5.0.x (Apache Tomcat/5.0) # # Adapt the following lines to your configuration JAVA_HOME=/usr/local/sun-java6-jdk CATALINA_HOME=/usr/local/apache-tomcat-6 DAEMON_HOME=$CATALINA_HOME TOMCAT_USER=tomcat6 # for multi instances adapt those lines. TMP_DIR=/var/tmp PID_FILE=/var/run/jsvc.pid CATALINA_BASE=$CATALINA_HOME #CATALINA_OPTS="-Djava.library.path=/home/jfclere/jakarta-tomcat-connectors/jni/native/.libs" CLASSPATH=/ $JAVA_HOME/lib/tools.jar:/ $CATALINA_HOME/bin/commons-daemon.jar:/ $CATALINA_HOME/bin/bootstrap.jar case "$1" in start) # # Start Tomcat # echo "Starting tomcat6..." $DAEMON_HOME/bin/jsvc / -user $TOMCAT_USER / -home $JAVA_HOME / -Dcatalina.home=$CATALINA_HOME / -Dcatalina.base=$CATALINA_BASE / -Djava.io.tmpdir=$TMP_DIR / -wait 10 / -pidfile $PID_FILE / -outfile $CATALINA_HOME/logs/catalina.out / -errfile $CATALINA_HOME/logs/catalina.err / $CATALINA_OPTS / -cp $CLASSPATH / org.apache.catalina.startup.Bootstrap # # To get a verbose JVM #-verbose / # To get a debug of jsvc. #-debug / if test $? -eq 0 then exit 0 else echo "Failed to start tomcat6" exit 1 fi ;; stop) # # Stop Tomcat # $DAEMON_HOME/bin/jsvc / -stop / -pidfile $PID_FILE / org.apache.catalina.startup.Bootstrap if test $? -eq 0 then echo "tomcat6 stopped" exit 0 else echo "Failed to stop tomcat6" exit 1 fi ;; restart) # # Restart Tomcat # if $0 stop then $0 start else echo "Failed to stop running server, so refusing to try to start." fi exit 0 ;; *) echo "Usage: tomcat6 start|stop|restart" exit 1;; esac

在以的脚本里面指定了TOMCAT_USER,jsvc将先以特权身份启动tomcat,随后切换到指定的用户,这样可以使tomcat以非特权身份监听需要特权的端口。

将脚本复制到/etc/init.d,改名为tomcat6,然后执行

update-rc.d tomcat6 defaults

配置完成以后,tomcat就可以以非特权用户作为daemon运行了。

 

 

你可能感兴趣的:(tomcat,linux,Daemon)