Running Tomcat on Port 80 via a Service Wrapper

jsvc介绍：

Another way to run Tomcat on port 80 as a user other than root is use a service wrapper binary. A service wrapper is a program written in C that is meant just for this purpose: to run a Java server boundto a privilegedport on a non-Windows operating system as a user other than root. The idea is that you start the service wrapper binary as the root user, it instantiates a Java VM with Tomcat in it as a separate process that has the root-like capability of opening server sockets on privilegedports—while running as a non-root user—andTomcat opens its server socket(s) on the privilegedport(s). Then, Tomcat is no longer running as root but is serving requests over the privilegedport. jsvc (short for “Java Service”) is a native service wrapper that comes with Tomcat’s binary distribution.

1：安装jsvc

[root@localhost bin]# pwd
/opt/tomcat5.5/bin
[root@localhost bin]# tar zxvf jsvc.tar.gz

[root@localhost bin]# cd jsvc-src/
[root@localhost jsvc-src]# chmod a+x configure
[root@localhost jsvc-src]# ./configure --with-java=/usr/local/jdk

[root@localhost jsvc-src]# make

即可发现生产的jsvc位于当前目录下(.)

然后复制jsvc到/opt/tomcat5.5/bin目录下

[root@localhost jsvc-src]# cp jsvc /opt/tomcat5.5/bin

2：[root@localhost jsvc-src]# groupadd tomcat

   [root@localhost jsvc-src]# useradd -g tomcat -s  /sbin/nologin tomcat

[root@localhost jsvc-src]# chown -R tocmat:tomcat  /opt/tomcat5.5

上面必须执行，否则会在启动tomcat时在日志文件中有如下的问题：

Java HotSpot(TM) Client VM warning: Can't detect initial thread stack location - find_vma failed
Jun 11, 2010 12:20:13 PM org.apache.catalina.startup.Catalina load
WARNING: Can't load server.xml from /opt/tomcat5.5/conf/server.xml
Jun 11, 2010 12:20:13 PM org.apache.catalina.startup.Catalina load
WARNING: Can't load server.xml from /opt/tomcat5.5/conf/server.xml
Jun 11, 2010 12:20:13 PM org.apache.catalina.startup.Catalina start
INFO: Server startup in 0 ms

Tomcat根本就启动不起来

3：修改tomcat的端口为80，

[root@localhost jsvc-src]# cat /opt/tomcat5.5/conf/server.xml | grep -n 80
30:<Server port="8005" shutdown="SHUTDOWN">
71:         By default, a non-SSL HTTP/1.1 Connector is established on port 8080.
93:    <!-- Define a non-SSL HTTP/1.1 Connector on port 8080 -->
94:    <Connector port="80" maxHttpHeaderSize="8192" ##需要将改行的8080改为80即可
118:    <!-- Define an AJP 1.3 Connector on port 8009 -->
119:    <Connector port="8009"
122:    <!-- Define a Proxied HTTP/1.1 Connector on port 8082 -->
125:    <Connector port="8082"
128:               proxyPort="80" disableUploadTimeout="true" />

4：通过jsvc启动tomcat，命令如下：

[root@localhost jsvc-src]# /opt/tomcat5.5/bin/jsvc -user tomcat -home /usr/local/jdk -wait 10 -pidfile /var/run/jsvc.pid -outfile /opt/tomcat5.5/logs/catalina.out -errfile /opt/tomcat5.5/logs/catalina.out -Djvm=tomcat -Xmx384M -Djava.awt.headless=true -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Djava.util.logging.config.file=/opt/tomcat5.5/conf/logging.properties -Djava.endorsed.dirs=/opt/tomcat5.5/common/endorsed -classpath :/opt/tomcat5.5/bin/bootstrap.jar:/opt/tomcat5.5/bin/commons-logging-api.jar -Dcatalina.base=/opt/tomcat5.5 -Dcatalina.home=/opt/tomcat5.5 -Djava.io.tmpdir=/opt/tomcat5.5/temp/ org.apache.catalina.startup.Bootstrap start

可以通过如下查询：

[root@localhost jsvc-src]# ps -ef |grep java root 16089 1 0 14:15 ? 00:00:00 jsvc.exec -user tomcat -home /usr/local/jdk -wait 10 -pidfile /var/run/jsvc.pid -outfile /opt/tomcat5.5/logs/catalina.out -errfile /opt/tomcat5.5/logs/catalina.out -Djvm=tomcat -Xmx384M -Djava.awt.headless=true -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Djava.util.logging.config.file=/opt/tomcat5.5/conf/logging.properties -Djava.endorsed.dirs=/opt/tomcat5.5/common/endorsed -classpath :/opt/tomcat5.5/bin/bootstrap.jar:/opt/tomcat5.5/bin/commons-logging-api.jar -Dcatalina.base=/opt/tomcat5.5 -Dcatalina.home=/opt/tomcat5.5 -Djava.io.tmpdir=/opt/tomcat5.5/temp/ org.apache.catalina.startup.Bootstrap start tomcat 16090 16089 0 14:15 ? 00:00:10 jsvc.exec -user tomcat -home /usr/local/jdk -wait 10 -pidfile /var/run/jsvc.pid -outfile /opt/tomcat5.5/logs/catalina.out -errfile /opt/tomcat5.5/logs/catalina.out -Djvm=tomcat -Xmx384M -Djava.awt.headless=true -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Djava.util.logging.config.file=/opt/tomcat5.5/conf/logging.properties -Djava.endorsed.dirs=/opt/tomcat5.5/common/endorsed -classpath :/opt/tomcat5.5/bin/bootstrap.jar:/opt/tomcat5.5/bin/commons-logging-api.jar -Dcatalina.base=/opt/tomcat5.5 -Dcatalina.home=/opt/tomcat5.5 -Djava.io.tmpdir=/opt/tomcat5.5/temp/ org.apache.catalina.startup.Bootstrap start 也可以用: [root@localhost jsvc-src]# lsof -i :80 COMMAND   PID   USER   FD   TYPE DEVICE SIZE NODE NAME jsvc    16090 tomcat   45u  IPv6  64937       TCP *:http (LISTEN) [root@localhost jsvc-src]# netstat -antl | grep  :80 tcp     0    0  :::8009        :::*                        LISTEN      tcp     0    0  :::80          :::*                        LISTEN    显然80端口以及在监听

或用top命令如图：

显然jsvs已经启动

 

 

配置过程中遇到的问题：

由于没有执行chown -R tomcat:  /opt/tomcat5.5启动jsvc的时候失败

出错如下：

 

Java HotSpot(TM) Client VM warning: Can't detect initial thread stack location - find_vma failed Jun 11, 2010 12:20:13 PM org.apache.catalina.startup.Catalina load WARNING: Can't load server.xml from /opt/tomcat5.5/conf/server.xml Jun 11, 2010 12:20:13 PM org.apache.catalina.startup.Catalina load WARNING: Can

还有一个问题没解决：

Java HotSpot(TM) Client VM warning: Can't detect initial thread stack location - find_vma failed

后台日志会抛出如下warning。有人怀疑是java混合模式的问题，我的java版本信息如下:

[root@localhost jsvc-src]# java -version
java version "1.6.0_20"
Java(TM) SE Runtime Environment (build 1.6.0_20-b02)
Java HotSpot(TM) Client VM (build 16.3-b01, mixed mode, sharing)
我把jdk版本从1.5升级成1.6还是没有解决此问题，但不影响jsvc的使用！

 

关闭jsvc：

/opt/tomcat5.5/bin/jsvc -stop -pidfile /var/run/jsvc.pid org.apache.catalina.startup.Bootstrap