Month: June 2020

25
Jun
2020

Run tomcat as unprivileged user

  1. Install java – https://kostadinovi.info/2019/11/12/install-oracle-java-8-on-debian-10/
  2. apt install tomcat9-user
  3. adduser user
  4. su – user
  5. mkdir -p /home/user/tomcats/common/bin
  6. cd tomcats
  7. tomcat9-instance-create test
  8. cp test/bin/* common/bin/
  9. vi common/bin/setenv.sh
  10. vi common/bin/env_vars.sh
  11. rm test/bin/*
  12. cd test/bin/
  13. ln -s ../../common/bin/startup.sh .
  14. ln -s ../../common/bin/shutdown.sh .
  15. vi /home/user/tomcats/test/conf/env_vars.sh
  16. vi /home/user/start_all_tomcats.sh
  17. vi /home/user/stop_all_tomcats.sh
  18. exit
  19. vi /etc/systemd/system/tomcats.service
  20. systemctl daemon-reload
  21. systemctl enable tomcats.service
Content of bin/setenv.sh
#!/bin/sh
#

. conf/env_vars.sh
. ../common/bin/env_vars.sh

export JAVA_OPTS="-Djava.security.egd=file:/dev/urandom  -Djava.awt.headless=true -XX:+UseConcMarkSweepGC -Dfile.encoding=UTF-8 -server -Xms$XMS -Xmx$XMX -XX:PermSize=$PERM_SIZE -XX:MaxPermSize=$MAX_PERM_SIZE -Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.port=$JMX_REMOTE_PORT -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false -Xrunjdwp:transport=dt_socket,address=$JMX_DEBUG_PORT,server=y,suspend=n"
export UMASK="0022"

Content of bin/env_vars.sh
#!/bin/sh

export CATALINA_HOME=/usr/share/tomcat9

export JDK_DIRS="/usr/lib/jvm/java-8-oracle"
export JAVA_HOME="/usr/lib/jvm/java-8-oracle"

Content of conf/env_vars.sh
#!/bin/sh

XMS=128m
XMX=2048m
JMX_REMOTE_PORT=8013
JMX_DEBUG_PORT=8014

Content of /home/user/start_all_tomcats.sh
#!/bin/sh

TOMCATS_ROOT_DIR="/home/user/tomcats"

cd $TOMCATS_ROOT_DIR
for i in $(ls | grep -v common); do 

    cd $i
    bin/startup.sh
    cd $TOMCATS_ROOT_DIR

done

Content of /home/user/stop_all_tomcats.sh
#!/bin/sh

TOMCATS_ROOT_DIR="/home/user/tomcats"

cd $TOMCATS_ROOT_DIR
for i in $(ls | grep -v common); do 

    cd $i
    bin/shutdown.sh
    cd $TOMCATS_ROOT_DIR

done

Content of /etc/systemd/system/tomcats.service
[Unit]
Description=Start all tomcats instancies
After=network.target
After=network-online.target

[Service]
User=user
Type=forking
ExecStart=/home/user/start_all_tomcats.sh
ExecStop=/home/user/stop_all_tomcats.sh
TimeoutSec=30
Restart=on-failure
RestartSec=30
StartLimitInterval=350
StartLimitBurst=10

[Install]
WantedBy=multi-user.target
Posted by admin in linux, 0 comments