Starting Tomcat Service when starting CentOS/RHEL/Fedora
Neither of the tutorials you mentioned suggest using useradd
with all of those options. By setting the login shell
to /sbin/nologin
you encounter:
incorrect password
and
This account is currently not available
The following command will cause tomcat
to be a system account without a /home/tomcat
directory:
useradd -r tomcat --shell /bin/false
And this command will create a non-system tomcat
account with a /home/tomcat
directory:
useradd tomcat --shell /bin/false
EDIT:
You are correct about the similarities of /sbin/nologin
and /bin/false
. The install instructions from Option #2
in the OP seem to be somewhat incomplete. I suggest using just one set of instructions until tomcat
is working.
This is the Tomcat 8 version of Option #1
you provided. I suggest using only these instructions to get your installation working. (It looks like mixing and matching is causing some grief.) By doing this, you will avoid other issues like your $JAVA_HOME
and $PATH
not being exported (Question 1) and Question 2 will be answered as well.
Notice in your Option #1
script, you have lines like this:
/bin/su $TOMCAT_USER $TOMCAT_HOME/bin/startup.sh
/bin/su $TOMCAT_USER $TOMCAT_HOME/bin/shutdown.sh
/bin/su $TOMCAT_USER $TOMCAT_HOME/bin/shutdown.sh
/bin/su $TOMCAT_USER $TOMCAT_HOME/bin/startup.sh
However the Option #1
link you provided has these lines:
sh $CATALINA_HOME/bin/startup.sh
sh $CATALINA_HOME/bin/shutdown.sh
sh $CATALINA_HOME/bin/shutdown.sh
sh $CATALINA_HOME/bin/startup.sh
Related videos on Youtube
Lluís Alemany-Puig
Updated on September 18, 2022Comments
-
Lluís Alemany-Puig almost 2 years
I want to install tomcat 8 and run it at startup time
I am following these tutorials:
I created the tomcat user:
# useradd -U -r -M -d /usr/local/ServerWeb/tomcat -s /sbin/nologin tomcat
The file was in
/etc/init.d/tomcat
In the option 1:
#!/bin/bash # description: Tomcat Start Stop Restart # processname: tomcat # chkconfig: 234 20 80 JAVA_HOME=/opt/jdk export JAVA_HOME PATH=$JAVA_HOME/bin:$PATH export PATH TOMCAT_HOME=/usr/local/tomcat TOMCAT_USER=tomcat case $1 in start) /bin/su $TOMCAT_USER $TOMCAT_HOME/bin/startup.sh ;; stop) /bin/su $TOMCAT_USER $TOMCAT_HOME/bin/shutdown.sh ;; restart) /bin/su $TOMCAT_USER $TOMCAT_HOME/bin/shutdown.sh /bin/su $TOMCAT_USER $TOMCAT_HOME/bin/startup.sh ;; esac exit 0
In the Option 2:
#!/bin/bash # # tomcat # # chkconfig: - 80 20 # ### BEGIN INIT INFO # Provides: tomcat # Required-Start: $network $syslog # Required-Stop: $network $syslog # Default-Start: # Default-Stop: # Description: Tomcat # Short-Description: start and stop tomcat ### END INIT INFO ## Source function library. #. /etc/rc.d/init.d/functions export JAVA_HOME=/opt/jdk export JAVA_OPTS="-Dfile.encoding=UTF-8 \ -Dnet.sf.ehcache.skipUpdateCheck=true \ -XX:+UseConcMarkSweepGC \ -XX:+CMSClassUnloadingEnabled \ -XX:+UseParNewGC \ -XX:MaxPermSize=128m \ -Xms512m -Xmx512m" export PATH=$JAVA_HOME/bin:$PATH TOMCAT_HOME=/usr/local/tomcat TOMCAT_USER=tomcat SHUTDOWN_WAIT=20 tomcat_pid() { echo `ps aux | grep org.apache.catalina.startup.Bootstrap | grep -v grep | awk '{ print $2 }'` } start() { pid=$(tomcat_pid) if [ -n "$pid" ] then echo "Tomcat is already running (pid: $pid)" else # Start tomcat echo "Starting tomcat" ulimit -n 100000 umask 007 /bin/su -p -s /bin/sh $TOMCAT_USER $TOMCAT_HOME/bin/startup.sh fi return 0 } stop() { pid=$(tomcat_pid) if [ -n "$pid" ] then echo "Stoping Tomcat" /bin/su -p -s /bin/sh $TOMCAT_USER $TOMCAT_HOME/bin/shutdown.sh let kwait=$SHUTDOWN_WAIT count=0; until [ `ps -p $pid | grep -c $pid` = '0' ] || [ $count -gt $kwait ] do echo -n -e "\nwaiting for processes to exit"; sleep 1 let count=$count+1; done if [ $count -gt $kwait ]; then echo -n -e "\nkilling processes which didn't stop after $SHUTDOWN_WAIT seconds" kill -9 $pid fi else echo "Tomcat is not running" fi return 0 } case $1 in start) start ;; stop) stop ;; restart) stop start ;; status) pid=$(tomcat_pid) if [ -n "$pid" ] then echo "Tomcat is running with pid: $pid" else echo "Tomcat is not running" fi ;; esac exit 0
I don't understand why this is needed in the start of option 2:
ulimit -n 100000 umask 007
I changed the ownership with
chown -Rvh tomcat: /usr/local/tomcat/
Later
# chmod +x /etc/init.d/tomcat # chkconfig --add tomcat`
But after restarting the CentOS 6.6, the service is not running.
Testing:
$ echo $JAVA_HOME $ $ echo $PATH /usr/lib/qt-3.3/bin:/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/sbin:/home/IntUser/bin $
In other words $JAVA_HOME and $PATH aren't assigned!!!
Trying to start manually (I did not assign password to tomcat user, which password should I use?):
$ service tomcat start Password: /bin/su: incorrect password $
Running as
root
, I was checking:# service tomcat start This account is currently not available. #
Checking the account:
# finger tomcat Login: tomcat Name: Tomcat User Directory: /usr/local/tomcat Shell: /sbin/nologin Never logged in. No mail. No Plan. # # more /etc/passwd | grep tomcat tomcat:x:493:490:Tomcat User:/usr/local/tomcat:/sbin/nologin #
Checking the ownership:
# ls -al /usr/local/tomcat/ total 120 drwxr-xr-x. 9 tomcat tomcat 4096 Jun 27 09:29 . drwxr-xr-x. 20 root root 4096 Jun 27 09:29 .. drwxr-xr-x. 2 tomcat tomcat 4096 Jun 27 09:29 bin drwxr-xr-x. 3 tomcat tomcat 4096 Jun 27 11:04 conf drwxr-xr-x. 2 tomcat tomcat 4096 Jun 27 09:29 lib -rw-r--r--. 1 tomcat tomcat 56977 May 19 15:03 LICENSE drwxr-xr-x. 2 tomcat tomcat 4096 Jun 27 11:04 logs -rw-r--r--. 1 tomcat tomcat 1397 May 19 15:03 NOTICE -rw-r--r--. 1 tomcat tomcat 6741 May 19 15:03 RELEASE-NOTES -rw-r--r--. 1 tomcat tomcat 16204 May 19 15:03 RUNNING.txt drwxr-xr-x. 2 tomcat tomcat 4096 Jun 27 09:29 temp drwxr-xr-x. 7 tomcat tomcat 4096 May 19 15:00 webapps drwxr-xr-x. 3 tomcat tomcat 4096 Jun 27 11:04 work #
Please help me.
Question 1: The script was created in:
/etc/init.d/tomcat
. Why were$JAVA_HOME
and$PATH
not assigned?Question 2 Is there a method to install a service without root privileges, that starts at boot time without intervention (e.g., sudo, su, etc)?
-
Lluís Alemany-Puig almost 9 yearsThank you, Is bad idea to use
--shell /bin/false
? and with creating the account-r
is better to use System account or not? -
Timothy Martin almost 9 yearsThis does a great job of explaining
/sbin/nologin
and/bin/false
. As for-r
or not, perhaps someone else can answer. -
Lluís Alemany-Puig almost 9 years