多实例tomcat server.xml权限被拒绝

时间:2018-07-18 17:27:54

标签: tomcat centos tomcat7

我正在尝试在centos上运行tomcat7的多实例配置。我已经安装了tomcat 

yum install tomcat

在开始时有效

systemctl start tomcat.service

在自述文件之后,我创建了catalina基本目录结构的副本,该目录最初位于/ var / lib / tomcats / name中,但此后已移动

drwxr-xr-x. 7 tomcat tomcat   69 Jul 17 16:16 .
drwxr-xr-x. 3 tomcat tomcat   23 Jul 17 15:50 ..
drwxr-xr-x. 4 tomcat tomcat  231 Jul 17 15:52 conf
drwxrwx---. 2 tomcat tomcat 4096 Jul 18 09:36 logs
drwxrwx---. 2 tomcat tomcat    6 Apr 10 20:38 temp
drwxrwxr-x. 7 tomcat tomcat   83 Jul 16 14:07 webapps
drwxrwx---. 3 tomcat tomcat   22 Jul 16 14:11 work

当我尝试使用权限播放时,此文件夹结构现在位于/ tomcat / tomcats / instance1 /中。

使用实例启动时

systemctl start tomcat@instance1.service

此操作失败

journalctl -u tomcat@instance1.service

Jul 18 10:00:09 tomcat-server systemd[1]: Started Apache Tomcat Web Application Container.
Jul 18 10:00:09 tomcat-server systemd[1]: Starting Apache Tomcat Web Application Container...
Jul 18 10:00:09 tomcat-server server[5142]: Java virtual machine used: /usr/lib/jvm/jre/bin/java
Jul 18 10:00:09 tomcat-server server[5142]: classpath used: /usr/share/tomcat/bin/bootstrap.jar:/usr/share/tomcat/bin/tomcat-juli.jar:/usr/share/java/commons-daemon.jar
Jul 18 10:00:09 tomcat-server server[5142]: main class used: org.apache.catalina.startup.Bootstrap
Jul 18 10:00:09 tomcat-server server[5142]: flags used:
Jul 18 10:00:09 tomcat-server server[5142]: options used: -Dcatalina.base=/tomcat/tomcats/instance1 -Dcatalina.home=/usr/share/tomcat -Djava.endorsed.dirs= -Djava.io.tmpdir=/var/cache/tomcat/temp -Djava.util.logging.config.file=/usr/share/tomcat/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager
Jul 18 10:00:09 tomcat-server server[5142]: arguments used: start
Jul 18 10:00:09 tomcat-server server[5142]: Jul 18, 2018 10:00:09 AM org.apache.catalina.startup.Catalina load
Jul 18 10:00:09 tomcat-server server[5142]: WARNING: Unable to load server configuration from [/tomcat/tomcats/instance1/conf/server.xml]
Jul 18 10:00:09 tomcat-server server[5142]: Jul 18, 2018 10:00:09 AM org.apache.catalina.startup.Catalina load
Jul 18 10:00:09 tomcat-server server[5142]: WARNING: Unable to load server configuration from [/tomcat/tomcats/instance1/conf/server.xml]
Jul 18 10:00:09 tomcat-server server[5142]: Jul 18, 2018 10:00:09 AM org.apache.catalina.startup.Catalina start
Jul 18 10:00:09 tomcat-server server[5142]: SEVERE: Cannot start server. Server instance is not configured.
Jul 18 10:00:09 tomcat-server server[5171]: Java virtual machine used: /usr/lib/jvm/jre/bin/java
Jul 18 10:00:09 tomcat-server server[5171]: classpath used: /usr/share/tomcat/bin/bootstrap.jar:/usr/share/tomcat/bin/tomcat-juli.jar:/usr/share/java/commons-daemon.jar
Jul 18 10:00:09 tomcat-server server[5171]: main class used: org.apache.catalina.startup.Bootstrap
Jul 18 10:00:09 tomcat-server server[5171]: flags used:
Jul 18 10:00:09 tomcat-server server[5171]: options used: -Dcatalina.base=/tomcat/tomcats/instance1 -Dcatalina.home=/usr/share/tomcat -Djava.endorsed.dirs= -Djava.io.tmpdir=/var/cache/tomcat/temp -Djava.util.logging.config.file=/usr/share/tomcat/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager
Jul 18 10:00:09 tomcat-server server[5171]: arguments used: stop
Jul 18 10:00:10 tomcat-server server[5171]: Jul 18, 2018 10:00:10 AM org.apache.catalina.startup.Catalina stopServer
Jul 18 10:00:10 tomcat-server server[5171]: SEVERE: Catalina.stop:
Jul 18 10:00:10 tomcat-server server[5171]: java.io.FileNotFoundException: /tomcat/tomcats/instance1/conf/server.xml (Permission denied)
Jul 18 10:00:10 tomcat-server server[5171]: at java.io.FileInputStream.open0(Native Method)
Jul 18 10:00:10 tomcat-server server[5171]: at java.io.FileInputStream.open(FileInputStream.java:195)
Jul 18 10:00:10 tomcat-server server[5171]: at java.io.FileInputStream.<init>(FileInputStream.java:138)
Jul 18 10:00:10 tomcat-server server[5171]: at org.apache.catalina.startup.Catalina.stopServer(Catalina.java:466)
Jul 18 10:00:10 tomcat-server server[5171]: at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
Jul 18 10:00:10 tomcat-server server[5171]: at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
Jul 18 10:00:10 tomcat-server server[5171]: at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
Jul 18 10:00:10 tomcat-server server[5171]: at java.lang.reflect.Method.invoke(Method.java:498)
Jul 18 10:00:10 tomcat-server server[5171]: at org.apache.catalina.startup.Bootstrap.stopServer(Bootstrap.java:343)
Jul 18 10:00:10 tomcat-server server[5171]: at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:430)
Jul 18 10:00:10 tomcat-server systemd[1]: tomcat@instance1.service: control process exited, code=exited status=1
Jul 18 10:00:10 tomcat-server systemd[1]: Unit tomcat@instance1.service entered failed state.
Jul 18 10:00:10 tomcat-server systemd[1]: tomcat@instance1.service failed.

关键问题是

Jul 18 10:00:10 tomcat-server server[5171]: java.io.FileNotFoundException: /tomcat/tomcats/instance1/conf/server.xml (Permission denied)

我可以以tomcat用户身份登录并读取server.xml文件。我可以将tomcat用户更改为root并成功启动tomcat@instance1.service,但无法弄清楚为什么我在使用tomcat用户启动时被拒绝了权限。任何帮助将不胜感激。

conf文件夹权限

drwxr-xr-x. 4 tomcat tomcat    231 Jul 17 15:52 .
drwxr-xr-x. 7 tomcat tomcat     69 Jul 17 16:16 ..
drwxrwxr-x. 3 tomcat tomcat     23 Jul 16 11:13 Catalina
-rw-r--r--. 1 tomcat tomcat  13443 Apr 10 20:38 catalina.policy
-rw-r--r--. 1 tomcat tomcat   6496 Apr 10 20:38 catalina.properties
drwxr-xr-x. 2 tomcat tomcat     20 Jul 17 13:51 conf.d
-rw-r--r--. 1 tomcat tomcat   1394 Apr 10 20:38 context.xml
-rw-r--r--. 1 tomcat tomcat    547 Apr 10 20:38 log4j.properties
-rw-r--r--. 1 tomcat tomcat   3288 Apr 10 20:38 logging.properties
-rw-rwxr--. 1 tomcat tomcat   6613 Apr 10 20:38 server.xml
-rw-r--r--. 1 tomcat tomcat   1681 Jul 17 14:27 tomcat.conf
-rw-r-----. 1 tomcat tomcat   2407 Jul 16 14:11 tomcat-users.xml
-rw-r--r--. 1 tomcat tomcat 167655 Apr 10 20:38 web.xml

更新1-从根目录到server.xml的文件夹权限在/tomcat/tomcats/instance1/conf/server.xml中一直相同

drwxr-xr-x.   3 tomcat tomcat   21 Jul 17 16:39 tomcat
drwxr-xr-x.  3 tomcat tomcat  23 Jul 17 15:50 tomcats
drwxr-xr-x. 7 tomcat tomcat 69 Jul 17 16:16 instance1
drwxr-xr-x. 4 tomcat tomcat  231 Jul 17 15:52 conf
-rw-rwxr--. 1 tomcat tomcat   6613 Apr 10 20:38 server.xml

更新2-/usr/lib/systemd/system/tomcat@.service。这里没有更改

# Systemd unit file for tomcat instances.
#
# To create clones of this service:
# 0. systemctl enable tomcat@name.service
# 1. create catalina.base directory structure in
#    /var/lib/tomcats/name
#    CHANGED TO /tomcat/tomcats/name due to permissions
# 2. profit.

[Unit]
Description=Apache Tomcat Web Application Container
After=syslog.target network.target

[Service]
Type=simple
EnvironmentFile=/etc/tomcat/tomcat.conf
Environment="NAME=%I"
EnvironmentFile=-/etc/sysconfig/tomcat@%I
ExecStart=/usr/libexec/tomcat/server start
ExecStop=/usr/libexec/tomcat/server stop
SuccessExitStatus=143
User=tomcat

[Install]
WantedBy=multi-user.target

/etc/tomcat/tomcat.conf将TOMCATS_BASE更改为/ tomcat / tomcats,如果CATALINA_BASE不存在,则将其与实例名称结合在一起

# System-wide configuration file for tomcat services
# This will be loaded by systemd as an environment file,
# so please keep the syntax. For shell expansion support
# place your custom files as /etc/tomcat/conf.d/*.conf
#
# There are 2 "classes" of startup behavior in this package.
# The old one, the default service named tomcat.service.
# The new named instances are called tomcat@instance.service.
#
# Use this file to change default values for all services.
# Change the service specific ones to affect only one service.
# For tomcat.service it's /etc/sysconfig/tomcat, for
# tomcat@instance it's /etc/sysconfig/tomcat@instance.

# This variable is used to figure out if config is loaded or not.
TOMCAT_CFG_LOADED="1"

# In new-style instances, if CATALINA_BASE isn't specified, it will
# be constructed by joining TOMCATS_BASE and NAME.
TOMCATS_BASE="/tomcat/tomcats/"
#TOMCATS_BASE="/var/tomcats/"

# Where your java installation lives
JAVA_HOME="/usr/lib/jvm/jre"

# Where your tomcat installation lives
CATALINA_HOME="/usr/share/tomcat"

# System-wide tmp
CATALINA_TMPDIR="/var/cache/tomcat/temp"

# You can pass some parameters to java here if you wish to
#JAVA_OPTS="-Xminf0.1 -Xmaxf0.3"

# Use JAVA_OPTS to set java.library.path for libtcnative.so
#JAVA_OPTS="-Djava.library.path=/usr/lib"

# You can change your tomcat locale here
#LANG="en_US"

# Run tomcat under the Java Security Manager
SECURITY_MANAGER="false"

# Time to wait in seconds, before killing process
# TODO(stingray): does nothing, fix.
# SHUTDOWN_WAIT="30"

# If you wish to further customize your tomcat environment,
# put your own definitions here
# (i.e. LD_LIBRARY_PATH for some jdbc drivers)

1 个答案:

答案 0 :(得分:0)

伙计,这与tomcat配置无关。它是RHEL和CentOS上的SELinux框,阻止了与默认tomcat安装无关的文件夹的读写权限。要解决此问题,请安装SELinux管理工具,并为tomcat_t SELinux类型设置许可。

yum安装selinux-policy-devel

允许放宽-a tomcat_t

相关问题
最新问题