我正在使用apache-tomcat-7.0.50运行web应用程序。我的applcication将用户上传的文件存储在文件系统的目录(./opt/data)中。当我以$ CATALINA_HOME / bin / startup.sh手动以root用户身份启动服务器时,我可以访问文件系统,所有图像都可以在我的网站上看到。我不想以root身份执行tomcat,因为我认为这可能是一个安全问题,我自动希望在服务器重启时启动tomcat。所以我使用脚本将服务器作为服务启动:
#!/bin/bash # # tomcat7 This shell script takes care of starting and stopping Tomcat
# Description: This shell script takes care of starting and stopping Tomcat
# chkconfig: - 80 20
#
## Source function library.
#. /etc/rc.d/init.d/functions
TOMCAT_HOME=/home/peter/tomcat
SHUTDOWN_WAIT=20
tomcat_pid() {
echo `ps aux | grep org.apache.catalina.startup.Bootstrap | grep -v grep | awk '{ print $2 }'`
}
start() {
pid=$(tomcat_pid)
if [ -n "$pid" ]
then
echo "Tomcat is already running (pid: $pid)"
else
# Start tomcat
echo "Starting tomcat"
ulimit -n 100000
umask 007
/bin/su -p -s /bin/sh root $TOMCAT_HOME/bin/startup.sh
fi
return 0
}
stop() {
pid=$(tomcat_pid)
if [ -n "$pid" ]
then
echo "Stoping Tomcat"
/bin/su -p -s /bin/sh root $TOMCAT_HOME/bin/shutdown.sh
let kwait=$SHUTDOWN_WAIT
count=0;
until [ `ps -p $pid | grep -c $pid` = '0' ] || [ $count -gt $kwait ]
do
echo -n -e "\nwaiting for processes to exit";
sleep 1
let count=$count+1;
done
if [ $count -gt $kwait ]; then
echo -n -e "\nkilling processes which didn't stop after $SHUTDOWN_WAIT seconds"
kill -9 $pid
fi
else
echo "Tomcat is not running"
fi
return 0
}
case $1 in
start)
start
;;
stop)
stop
;;
restart)
stop
start
;;
status)
pid=$(tomcat_pid)
if [ -n "$pid" ]
then
echo "Tomcat is running with pid: $pid"
else
echo "Tomcat is not running"
fi
;;
esac
exit 0
不幸的是,如果我将tomcat作为服务启动,我的图片将无法在网站上显示。
我已经为目录提供了以下读/写/执行权限:
drwxrwxrwx 2 root tomandruser 12288 Jan 21 21:09 data
用户roup tomandruser:
[root@s17139702 init.d]# groups root
root : root tomandruser
[root@s17139702 init.d]# groups tomcat
tomcat : tomcat tomandruser
[root@s17139702 init.d]#
如何指定哪个用户运行tomcat服务?如何让他访问/ opt / data目录以便我的服务器可以加载图像?
感谢您帮助我。
更新结果ps -aef | grep java
作为服务开始:
[root@s17139702 init.d]# ps -aef | grep java
root 28898 1 2 14:21 pts/0 00:01:01 /usr/bin/java -Djava.util.logging.config.file=/opt/apache-tomcat-7.0.50/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Djava.endorsed.dirs=/opt/apache-tomcat-7.0.50/endorsed -classpath /opt/apache-tomcat-7.0.50/bin/bootstrap.jar:/opt/apache-tomcat-7.0.50/bin/tomcat-juli.jar -Dcatalina.base=/opt/apache-tomcat-7.0.50 -Dcatalina.home=/opt/apache-tomcat-7.0.50 -Djava.io.tmpdir=/opt/apache-tomcat-7.0.50/temp org.apache.catalina.startup.Bootstrap start
root 29066 28724 0 14:58 pts/0 00:00:00 grep java
手动启动:
[root@s17139702 bin]# ps -aef | grep java
root 29147 1 99 14:59 pts/0 00:00:11 /usr/bin/java -Djava.util.logging.config.file=/opt/apache-tomcat-7.0.50/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Dfile.encoding=UTF-8 -Djava.endorsed.dirs=/opt/apache-tomcat-7.0.50/endorsed -classpath /opt/apache-tomcat-7.0.50/bin/bootstrap.jar:/opt/apache-tomcat-7.0.50/bin/tomcat-juli.jar -Dcatalina.base=/opt/apache-tomcat-7.0.50 -Dcatalina.home=/opt/apache-tomcat-7.0.50 -Djava.io.tmpdir=/opt/apache-tomcat-7.0.50/temp org.apache.catalina.startup.Bootstrap start
root 29165 28724 0 14:59 pts/0 00:00:00 grep java
**更新II **
好的,我创建了用户更新了目录和子目录的用户权限。
drwxr-xr-x 9 tomcatuser tomcatuser 4096 Jan 21 15:09 apache-tomcat-7.0.50
drwxrwxrwx 2 tomcatuser tomcatuser 12288 Jan 21 21:09 data
我调整了启动脚本:
之前:/bin/su -p -s /bin/sh root $TOMCAT_HOME/bin/startup.sh
之后:sudo -u tomcatuser /bin/sh $TOMCAT_HOME/bin/startup.sh
并像这样调用服务:
sudo service tomcat7 start
仍未显示图像。谢谢你的帮助,我真的很感激。
答案 0 :(得分:1)
您粘贴的脚本以root用户身份运行tomcat,这绝对不是您想要做的。
这是你应该做的:
tomcatuser chown -R tomcatuser:tomcatuser <directory>)sudo -u tomcatuser <command>