Threats:
Typically, when configuring Tomcat production environment, often configured to run Tomcat specific identity (non-root), this will help improve safety and prevent further elevate privileges after the site was black.
Jdk installation please refer to: http: //53cto.blog.51cto.com/9899631/1697368
Please refer to the installation tomcat: http://53cto.blog.51cto.com/9899631/1697386
1, into the Tomcat installation directory bin directory
cd /usr/local/apache-tomcat-8.0.30/bin
2, extract commons-daemon-native.tar.gz
tar zxvf commons-daemon-native.tar.gz
cd commons-daemon-native/unix
3. It should gcc , the make and other build tools, if you do not specify JAVA_HOME environment variable, you need --with-java = parameter specifies the jdk directory
./configure
make
4, after the make, will generate a file named js in the current folder vc file, copy it to $ CATALINA_HOME / bin directory
cp jsvc /usr/local/apache-tomcat-8.0.30/bin
5, to add a user to run program Tomcat
useradd -M -d / -s /usr/sbin/nologin tomcat
6, modify daemon.sh files under $ CATALINA_HOME / bin directory ( if configured jdk environment variable can ignore this step)
These settings
Modify the startup script file
we / opt / tomcat6 / bin / daemon. sh
Find the following
test ".$TOMCAT_USER" = . && TOMCAT_USER=tomcat
# Set JAVA_HOME to working JDK or JRE
# JAVA_HOME=/opt/jdk-1.6.0.22
Modify TOMCAT_USER = tomcat specify the user name used to run tomcat as you remove the comment before the JAVA_HOME (ie, the "#"), and set to the directory where the JDK.
7, if the * .sh file does not have permission to run in the $ CATALINA_HOME / bin, then run to add permissions
chmod +x *.sh
8, set the $ CATALINE_HOME folder and all subfolders for the tomcat Owner
chown -R tomcat:tomcat /usr/local/apache-tomcat-8.0.30
9, start Tomcat
daemon.sh start [root@bogon bin]# ./daemon.sh -help Unknown command: `-help' Usage: daemon.sh ( commands ... ) commands: run Start Tomcat without detaching from console start Start Tomcat stop Stop Tomcat version What version of commons daemon and Tomcat are you running?
6. 添加tomcat为CentOS的服务
ln -s /opt/tomcat/bin/daemon.sh /etc/init.d/tomcat6
chkconfig –-add tomcat6
随后就可以用chkconfig命令开启/关闭服务的运行状态了。