使用普通用戶啟動Tomcat服務

本文章內容:

使用普通用戶啟動Tomcat服務。

 

環境:

[root@localhost ~]# cat /etc/redhat-release 
CentOS Linux release 7.8.2003 (Core)
[root@localhost ~]# ip a | grep ens33
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    inet 192.168.128.194/24 brd 192.168.128.255 scope global noprefixroute dynamic ens33

 

1. 參考"JDK安裝"那篇安裝JDK環境

2. 安裝Tomcat

2.1 訪問Tomcat官方網站"http://tomcat.apache.org/" → 點Download下的"Tomcat 9"

2.2 滑鼠右鍵"tar.gz"複製鏈結網址

2.3 使用wget下載tar.gz

[root@localhost ~]# wget http://ftp.twaren.net/Unix/Web/apache/tomcat/tomcat-9/v9.0.38/bin/apache-tomcat-9.0.38.tar.gz
[root@localhost ~]# ls
anaconda-ks.cfg  apache-tomcat-9.0.38.tar.gz

2.4 將下載的tar.gz解壓縮到/usr/local目錄下

[root@localhost ~]# tar xf apache-tomcat-9.0.38.tar.gz -C /usr/local/
[root@localhost ~]# ll /usr/local/
total 0
drwxr-xr-x. 9 root root 220 Sep 27 03:55 apache-tomcat-9.0.38
drwxr-xr-x. 2 root root   6 Apr 11  2018 bin
drwxr-xr-x. 2 root root   6 Apr 11  2018 etc
drwxr-xr-x. 2 root root   6 Apr 11  2018 games
drwxr-xr-x. 2 root root   6 Apr 11  2018 include
drwxr-xr-x. 2 root root   6 Apr 11  2018 lib
drwxr-xr-x. 2 root root   6 Apr 11  2018 lib64
drwxr-xr-x. 2 root root   6 Apr 11  2018 libexec
drwxr-xr-x. 2 root root   6 Apr 11  2018 sbin
drwxr-xr-x. 5 root root  49 Aug 15 05:47 share
drwxr-xr-x. 2 root root   6 Apr 11  2018 src

2.5 設定軟鏈接

[root@localhost ~]# ln -sv /usr/local/apache-tomcat-9.0.38 /usr/local/tomcat
‘/usr/local/tomcat’ -> ‘/usr/local/apache-tomcat-9.0.38’
[root@localhost ~]# ll /usr/local/tomcat
lrwxrwxrwx. 1 root root 31 Sep 27 03:56 /usr/local/tomcat -> /usr/local/apache-tomcat-9.0.38

2.6 設定環境變量

[root@localhost ~]# vim /etc/profile.d/tomcat.sh
export CATALINA_BASE="/usr/local/tomcat"
export PATH="$CATALINA_BASE/bin:$PATH"
[root@localhost ~]# . /etc/profile.d/tomcat.sh 

2.7 新建tomcat用戶

[root@localhost ~]# useradd -r tomcat

2.8 修改/usr/local/tomcat目錄下的所有檔案權限為tomcat.tomcat或者root.tomcat

提示:
1. 只改/usr/local/tomcat目錄下的文件而不要改目錄本身更合適一點。
2. 最好只改屬組為tomcat,這樣可以避免tomcat應用程序被劫持了而被刪了文件。那只改屬組為tomcat的話還需要將:
    a. logs、temp、work這三個目錄的屬組改成有寫權限,這樣才能寫資料進裡面;
    b. conf目錄的屬組改成有讀及執行的權限,其下的文件改成有讀的權限,這樣啟動tomcat服務時才能加載配置文件成功啟動,否則服務會啟動不了,catalina.out日誌會顯示"Cannot start server, server instance is not configured"。
[root@localhost ~]# chown -R tomcat.tomcat /usr/local/tomcat/*
[root@localhost ~]# ll /usr/local/tomcat/
total 124
drwxr-x---. 2 tomcat tomcat  4096 Sep 27 03:55 bin
-rw-r-----. 1 tomcat tomcat 18982 Sep 10 04:25 BUILDING.txt
drwx------. 2 tomcat tomcat   238 Sep 10 04:25 conf
-rw-r-----. 1 tomcat tomcat  5409 Sep 10 04:25 CONTRIBUTING.md
drwxr-x---. 2 tomcat tomcat  4096 Sep 27 03:55 lib
-rw-r-----. 1 tomcat tomcat 57092 Sep 10 04:25 LICENSE
drwxr-x---. 2 tomcat tomcat     6 Sep 10 04:20 logs
-rw-r-----. 1 tomcat tomcat  2333 Sep 10 04:25 NOTICE
-rw-r-----. 1 tomcat tomcat  3257 Sep 10 04:25 README.md
-rw-r-----. 1 tomcat tomcat  6898 Sep 10 04:25 RELEASE-NOTES
-rw-r-----. 1 tomcat tomcat 16262 Sep 10 04:25 RUNNING.txt
drwxr-x---. 2 tomcat tomcat    30 Sep 27 03:55 temp
drwxr-x---. 7 tomcat tomcat    81 Sep 10 04:23 webapps
drwxr-x---. 2 tomcat tomcat     6 Sep 10 04:20 work

2.9 使用tomcat用戶啟動Tomcat服務

[root@localhost ~]# su - tomcat -c "/usr/local/tomcat/bin/catalina.sh start"
su: warning: cannot change directory to /home/tomcat: No such file or directory
Using CATALINA_BASE:   /usr/local/tomcat
Using CATALINA_HOME:   /usr/local/tomcat
Using CATALINA_TMPDIR: /usr/local/tomcat/temp
Using JRE_HOME:        /
Using CLASSPATH:       /usr/local/tomcat/bin/bootstrap.jar:/usr/local/tomcat/bin/tomcat-juli.jar
Using CATALINA_OPTS:   
Tomcat started.
[root@localhost ~]# ss -tnl
State       Recv-Q Send-Q                                  Local Address:Port                                                 Peer Address:Port              
LISTEN      0      1                                  [::ffff:127.0.0.1]:8005                                                         [::]:*                  
LISTEN      0      100                                              [::]:8080                                                         [::]:*   

2.10 執行ps aux | grep tomcat可以看到啟動Tomcat服務的用戶是tomcat

[root@localhost ~]# ps aux | grep tomcat
tomcat     1545 10.9  8.2 2440864 81672 ?       Sl   04:04   0:06 //bin/java -Djava.util.logging.config.file=/usr/local/tomcat/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Djdk.tls.ephemeralDHKeySize=2048 -Djava.protocol.handler.pkgs=org.apache.catalina.webresources -Dorg.apache.catalina.security.SecurityListener.UMASK=0027 -Dignore.endorsed.dirs= -classpath /usr/local/tomcat/bin/bootstrap.jar:/usr/local/tomcat/bin/tomcat-juli.jar -Dcatalina.base=/usr/local/tomcat -Dcatalina.home=/usr/local/tomcat -Djava.io.tmpdir=/usr/local/tomcat/temp org.apache.catalina.startup.Bootstrap start
root       1578  0.0  0.0 112808   968 pts/0    R+   04:05   0:00 grep --color=auto tomcat