3

I want to install tomcat 8 and run it at startup time

I am following these tutorials:

  1. Install Tomcat 7 on CentOS, RHEL, or Fedora
  2. How to install Tomcat 8 on a CentOS 6 VPS

I created the tomcat user:

# useradd -U -r -M -d /usr/local/ServerWeb/tomcat -s /sbin/nologin tomcat

The file was in /etc/init.d/tomcat

In the option 1:

#!/bin/bash  
# description: Tomcat Start Stop Restart  
# processname: tomcat  
# chkconfig: 234 20 80  
JAVA_HOME=/opt/jdk
export JAVA_HOME
PATH=$JAVA_HOME/bin:$PATH
export PATH
TOMCAT_HOME=/usr/local/tomcat
TOMCAT_USER=tomcat

case $1 in  
start)  
/bin/su $TOMCAT_USER $TOMCAT_HOME/bin/startup.sh  
;;   
stop)     
/bin/su $TOMCAT_USER $TOMCAT_HOME/bin/shutdown.sh  
;;   
restart)  
/bin/su $TOMCAT_USER $TOMCAT_HOME/bin/shutdown.sh  
/bin/su $TOMCAT_USER $TOMCAT_HOME/bin/startup.sh  
;;   
esac      
exit 0

In the Option 2:

#!/bin/bash
#
# tomcat
#
# chkconfig: - 80 20
#
### BEGIN INIT INFO
# Provides: tomcat
# Required-Start: $network $syslog
# Required-Stop: $network $syslog
# Default-Start:
# Default-Stop:
# Description: Tomcat 
# Short-Description: start and stop tomcat
### END INIT INFO

## Source function library.
#. /etc/rc.d/init.d/functions
export JAVA_HOME=/opt/jdk
export JAVA_OPTS="-Dfile.encoding=UTF-8 \
  -Dnet.sf.ehcache.skipUpdateCheck=true \
  -XX:+UseConcMarkSweepGC \
  -XX:+CMSClassUnloadingEnabled \
  -XX:+UseParNewGC \
  -XX:MaxPermSize=128m \
  -Xms512m -Xmx512m"
export PATH=$JAVA_HOME/bin:$PATH
TOMCAT_HOME=/usr/local/tomcat
TOMCAT_USER=tomcat
SHUTDOWN_WAIT=20

tomcat_pid() {
  echo `ps aux | grep org.apache.catalina.startup.Bootstrap | grep -v grep | awk '{ print $2 }'`
}

start() {
  pid=$(tomcat_pid)
  if [ -n "$pid" ] 
  then
    echo "Tomcat is already running (pid: $pid)"
  else
    # Start tomcat
    echo "Starting tomcat"
    ulimit -n 100000
    umask 007
    /bin/su -p -s /bin/sh $TOMCAT_USER $TOMCAT_HOME/bin/startup.sh
  fi


  return 0
}

stop() {
  pid=$(tomcat_pid)
  if [ -n "$pid" ]
  then
    echo "Stoping Tomcat"
    /bin/su -p -s /bin/sh $TOMCAT_USER $TOMCAT_HOME/bin/shutdown.sh

    let kwait=$SHUTDOWN_WAIT
    count=0;
    until [ `ps -p $pid | grep -c $pid` = '0' ] || [ $count -gt $kwait ]
    do
      echo -n -e "\nwaiting for processes to exit";
      sleep 1
      let count=$count+1;
    done

    if [ $count -gt $kwait ]; then
      echo -n -e "\nkilling processes which didn't stop after $SHUTDOWN_WAIT seconds"
      kill -9 $pid
    fi
  else
    echo "Tomcat is not running"
  fi

  return 0
}

case $1 in
start)
  start
;; 
stop)   
  stop
;; 
restart)
  stop
  start
;;
status)
  pid=$(tomcat_pid)
  if [ -n "$pid" ]
  then
    echo "Tomcat is running with pid: $pid"
  else
    echo "Tomcat is not running"
  fi
;; 
esac    
exit 0

I don't understand why this is needed in the start of option 2:

ulimit -n 100000
umask 007

I changed the ownership with chown -Rvh tomcat: /usr/local/tomcat/

Later 

# chmod +x /etc/init.d/tomcat
# chkconfig --add tomcat`

But after restarting the CentOS 6.6, the service is not running.

Testing:

$ echo $JAVA_HOME
$ 

$ echo $PATH
/usr/lib/qt-3.3/bin:/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/sbin:/home/IntUser/bin
$

In other words $JAVA_HOME and $PATH aren't assigned!!!

Trying to start manually (I did not assign password to tomcat user, which password should I use?):

$ service tomcat start
Password: 
/bin/su: incorrect password
$

Running as root, I was checking:

# service tomcat start
This account is currently not available.
#

Checking the account:

# finger tomcat
Login: tomcat                   Name: Tomcat User
Directory: /usr/local/tomcat    Shell: /sbin/nologin
Never logged in.
No mail.
No Plan.
# 


# more /etc/passwd | grep tomcat
tomcat:x:493:490:Tomcat User:/usr/local/tomcat:/sbin/nologin
#

Checking the ownership:

# ls -al /usr/local/tomcat/
total 120
drwxr-xr-x.  9 tomcat tomcat  4096 Jun 27 09:29 .
drwxr-xr-x. 20 root   root    4096 Jun 27 09:29 ..
drwxr-xr-x.  2 tomcat tomcat  4096 Jun 27 09:29 bin
drwxr-xr-x.  3 tomcat tomcat  4096 Jun 27 11:04 conf
drwxr-xr-x.  2 tomcat tomcat  4096 Jun 27 09:29 lib
-rw-r--r--.  1 tomcat tomcat 56977 May 19 15:03 LICENSE
drwxr-xr-x.  2 tomcat tomcat  4096 Jun 27 11:04 logs
-rw-r--r--.  1 tomcat tomcat  1397 May 19 15:03 NOTICE
-rw-r--r--.  1 tomcat tomcat  6741 May 19 15:03 RELEASE-NOTES
-rw-r--r--.  1 tomcat tomcat 16204 May 19 15:03 RUNNING.txt
drwxr-xr-x.  2 tomcat tomcat  4096 Jun 27 09:29 temp
drwxr-xr-x.  7 tomcat tomcat  4096 May 19 15:00 webapps
drwxr-xr-x.  3 tomcat tomcat  4096 Jun 27 11:04 work
#

Please help me.

Question 1: The script was created in: /etc/init.d/tomcat. Why were $JAVA_HOME and $PATH not assigned?

Question 2 Is there a method to install a service without root privileges, that starts at boot time without intervention (e.g., sudo, su, etc)?

Thomas Dickey
  • 76,765
QA_Col
  • 484

1 Answers1

1

Neither of the tutorials you mentioned suggest using useradd with all of those options. By setting the login shell to /sbin/nologin you encounter:

incorrect password

and

This account is currently not available

The following command will cause tomcat to be a system account without a /home/tomcat directory:

useradd -r tomcat --shell /bin/false

And this command will create a non-system tomcat account with a /home/tomcat directory:

useradd tomcat --shell /bin/false

EDIT:

You are correct about the similarities of /sbin/nologin and /bin/false. The install instructions from Option #2 in the OP seem to be somewhat incomplete. I suggest using just one set of instructions until tomcat is working.

This is the Tomcat 8 version of Option #1 you provided. I suggest using only these instructions to get your installation working. (It looks like mixing and matching is causing some grief.) By doing this, you will avoid other issues like your $JAVA_HOME and $PATH not being exported (Question 1) and Question 2 will be answered as well.

Notice in your Option #1 script, you have lines like this:

/bin/su $TOMCAT_USER $TOMCAT_HOME/bin/startup.sh
/bin/su $TOMCAT_USER $TOMCAT_HOME/bin/shutdown.sh   
/bin/su $TOMCAT_USER $TOMCAT_HOME/bin/shutdown.sh  
/bin/su $TOMCAT_USER $TOMCAT_HOME/bin/startup.sh

However the Option #1 link you provided has these lines:

sh $CATALINA_HOME/bin/startup.sh       
sh $CATALINA_HOME/bin/shutdown.sh  
sh $CATALINA_HOME/bin/shutdown.sh  
sh $CATALINA_HOME/bin/startup.sh
Timothy Martin
  • 8,595
  • Thank you, Is bad idea to use --shell /bin/false ? and with creating the account -ris better to use System account or not? – QA_Col Jun 29 '15 at 22:31
  • This does a great job of explaining /sbin/nologin and /bin/false. As for -r or not, perhaps someone else can answer. – Timothy Martin Jun 29 '15 at 23:30
  • I was check your link your post and it has the same effect (only the difference is the additional message for -s /sbin/nologin). And Option 2 uses # useradd -r tomcat8 --shell /bin/false ... In other words -s /sbin/nologin or --shell /bin/false will cause the same problem. This post shows this. – QA_Col Jun 30 '15 at 01:30