• 1.添加用户(如r00t)
[root@localhost local]# groupadd r00t
[root@localhost local]# useradd -g r00t r00t
[root@localhost local]# passwd r00t
• 2.修改tomcat所属用户
[root@localhost local]# cd /usr/local
[root@localhost local]# chown -R r00t:r00t tomcat-6.0.36_1
[root@localhost local]# ll
total 84
drwxr-xr-x. 15 root root 4096 Aug 21 2014 apache2.2.17
drwxr-xr-x. 2 root root 4096 Aug 20 2014 bin
drwxr-xr-x. 5 root root 4096 Aug 21 2014 cronolog-1.6.2
drwxr-xr-x 5 root root 4096 Mar 24 09:27 denyhosts-2.6
drwxr-xr-x. 8 root root 4096 Apr 9 17:31 etc
drwxr-xr-x. 2 root root 4096 Jun 28 2011 games
drwxr-xr-x. 2 root root 4096 Jun 28 2011 include
drwxr-xr-x. 10 root root 4096 Jun 19 2012 jdk1.6.0_30_x86_64
drwxr-xr-x. 3 root root 4096 Apr 9 17:31 lib
drwxr-xr-x. 3 root root 4096 Aug 20 2014 lib64
drwxr-xr-x. 2 root root 4096 Jun 28 2011 libexec
drwxr-xr-x. 5 memcached memcached 4096 Aug 21 2014 memcached
drwxr-xr-x. 12 mysql mysql 4096 Aug 21 2014 mysql
drwxr-xr-x 11 root root 4096 Feb 11 12:31 nginx
drwxr-xr-x. 6 root root 4096 Apr 20 15:18 redis-2.6.14
drwxr-xr-x. 2 root root 4096 Apr 9 17:33 sbin
drwxr-xr-x. 6 root root 4096 Aug 20 2014 share
drwxr-xr-x. 2 root root 4096 Jun 28 2011 src
drwxr-xr-x. 9 r00t r00t 4096 Mar 8 2013 tomcat-6.0.36_1
drwxr-xr-x. 9 root root 4096 Jul 31 2014 tomcat-6.0.36_2
drwxr-xr-x 4 root root 4096 Apr 9 17:31 var
• 3.修改项目所属路径
[root@localhost webapps]# cd /www/htdocs/webapps/
[root@localhost webapps]# ll
total 4
drwxr-xr-x 2 root root 4096 May 6 09:11 xm_manager
[root@localhost webapps]# chown -R r00t:r00t xm_manager
[root@localhost webapps]# ll
total 4
drwxr-xr-x 2 r00t r00t 4096 May 6 09:11 xm_manager
• 4.使用新用户启动tomcat
[root@localhost webapps]# su - r00t
[r00t@localhost ~]$ cd /usr/local/tomcat-6.0.36_1/
[r00t@localhost tomcat-6.0.36_1]$ ./bin/startup.sh
• 进阶
修改tomcat启动脚本,禁止root用户启动
[root@localhost tomcat-6.0.36_1]# vi bin/startup.sh
#!/bin/sh
if [ "root" == "$USER" ]
then
echo "can't start with user 'root',retry after change user!"
exit 1
fi