How to setup Tomcat to run as user and daemon in Lunix/Redhat ?
Joined: Dec 20, 2009
I have the following:
* A redhat box running Fedora release 7 (Moonshine)
* Tomcat apache-tomcat-6.0.18 distribution
Currently, Apache is setup to work with Tomcat using the AJP connector, that works fine.
When I boot the box I su root and then I run the script startup.sh which is on the bin directory of tomcat, that starts tomcat without a problem. I can close my root session, my ssh and tomcat keeps running.
The problem is that running as root is a huge security problem. I run multiple virtual hosts in tomcat and although all sites are developed by me, I want to prevent any webapp from causing any harm such as:
* System.exit() which will shutdown Tomcat
* writing to secure directories
* practically control the box!
I need to be able to run tomcat as user not as root and also as a daemon on start up so that I don't need to manually start it.
There have been a couple of RPMs created that will do what you want (I've even built one or 2 myself). What they do is create a user/group named tomcat, install an init script, and alias over the work, temp and config files to the standard LSB locations (/var, /tmp and /etc).
There was (is?) a French site that contained a wealth of packages for Java. In fact, it's biggest fault was that it had a separate Java package for almost everything you could think of. But it included a Tomcat RPM. Sometimes it was more up-to-date than others.
Red Hat Enterprise Linux provides a set of tomcat RPMs, as does its free port, CentOS. You can probably install them in Fedora if you hammer on them a little.
Customer surveys are for companies who didn't pay proper attention to begin with.