我想在CentOS 6上以用户身份运行Tomcat 7.我创建了一个用户tomcat:tomcat并更改了/ var / lib / apache-tomcat *等下的所有权…
网上有很多关于如何做到这一点的文档,但我不认为它们是最新的.他们中的大多数表明你是这样做的.问题是……这种技术会爆炸,因为tomcat启动等脚本由于文件系统权限较低而无法写入PID.我不想开始放松对文件系统的写权限.目标是提高安全性.
有什么更好的方法呢?我很惊讶没有tomcat的“canned”init脚本.我知道这并不复杂.但为什么我们必须继续重新发明轮子?
谢谢
我多年来一直在使用这个.我不记得我在哪里得到它.我刚刚添加了/ bin / su tomcat.
# Startup script for the Jakarta Tomcat Java Servlets and JSP server
#
# chkconfig: - 85 15
# description: Jakarta Tomcat Java Servlets and JSP server
# processname: tomcat
# pidfile: /var/run/tomcat.pid
# config:
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ ${NETWORKING} = "no" ] && exit 0
# Set Tomcat environment.
export JAVA_HOME=/usr/lib/jvm/java/
#export CLASSPATH=.:/usr/local/j2sdk/lib/tools.jar:/usr/local/j2re/lib/rt.jar
export CATALINA_HOME=/var/lib/tomcat
#export CATALINA_OPTS="-server -Xms64m -Xmx512m -Dbuild.compiler.emacs=true"
#export PATH=/usr/local/j2sdk/bin:/usr/local/j2re/bin:$PATH
export CATALINA_PID=/var/run/tomcat.pid
[ -f $CATALINA_HOME/bin/startup.sh ] || exit 0
[ -f $CATALINA_HOME/bin/shutdown.sh ] || exit 0
export PATH=$PATH:/usr/bin:/usr/local/bin
# See how we were called.
case "$1" in
start)
# Start daemon.
echo -n "Starting Tomcat: "
/bin/su tomcat $CATALINA_HOME/bin/startup.sh
RETVAL=$?
echo
[ $RETVAL = 0 ] && touch /var/lock/subsys/tomcat
;;
stop)
# Stop daemons.
echo -n "Shutting down Tomcat: "
/bin/su tomcat $CATALINA_HOME/bin/shutdown.sh
RETVAL=$?
echo
[ $RETVAL = 0 ] && rm -f /var/lock/subsys/tomcat
;;
restart)
$0 stop
sleep 1
$0 start
;;
condrestart)
[ -e /var/lock/subsys/tomcat ] && $0 restart
;;
status)
status tomcat
;;
*)
echo "Usage: $0 {start|stop|restart|status}"
exit 1
esac
exit 0
