mavericks安装tomcat7

Posted on Edited on In

下载解压

1
2
3
4
5
$ cd ~/Downloads
$ wget http://mirror.esocc.com/apache/tomcat/tomcat-7/v7.0.53/bin/apache-tomcat-7.0.53.tar.gz
$ cd /usr/local
$ sudo tar xvzf ~/Downloads/apache-tomcat-7.0.53.tar.gz
$ sudo ln -s apache-tomcat-7.0.53 tomcat

创建运行tomcat的非特权用户
使用root用户运行tomcat会有安全性方面的问题,如果tomcat被攻陷则整个系统就会沦陷。因此创建一个非特权用户来运行tomcat

首先选择一个User ID和Group ID,500以上的ID用于正常的用户,因此需要选择一个0-500之间的数字作为GID和UID。

列出当前系统组,用户及其ID

1
2
$ dscl . -list /Groups PrimaryGroupID sort -n -k 2
$ dscl . -list /Users UniqueID sort -n -k 2

这里选择101作为UID和GID,创建组和用户:

1
2
3
4
5
6
7
8
9
# dscl . -create /Groups/_tomcat PrimaryGroupID 101
# dscl . -create /Groups/_tomcat RealName "Tomcat Users"
# dscl . -create /Groups/_tomcat Password \\*
# dscl . -create /Users/_tomcat UniqueID 101
# dscl . -create /Users/_tomcat PrimaryGroupID 101
# dscl . -create /Users/_tomcat HomeDirectory /usr/local/tomcat
# dscl . -create /Users/_tomcat UserShell /usr/bin/false
# dscl . -create /Users/_tomcat RealName "Tomcat Administrator"
# dscl . -create /Users/_tomcat Password \\*

新创建用户的shell设置为/usr/bin/false,使其无法登录,密码设置为*为禁用账户。

设置tomcat目录权限

1
2
3
4
5
6
7
8
$ cd /usr/local/tomcat
# chmod 644 conf/*
# chown root:_tomcat conf/tomcat-users.xml
# chmod 640 conf/tomcat-users.xml
# mkdir conf/Catalina
# chown _tomcat:_tomcat conf/Catalina
# chown _tomcat:admin logs temp webapps work
# chmod 2770 logs temp webapps work

launchd脚本
写一个launchd包装脚本来启动tomcat,并且一直等待tomcat进程直到其退出。
/usr/local/tomcat/bin/tomcat-launchd.sh

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
#!/bin/sh

# tomcat-launchd.sh
# 
# Wrapper script that starts Tomcat and waits for the Tomcat process 
# to exit. This is needed for proper interaction with launchd.

#---------------------------------------------------------
# Helper functions
#---------------------------------------------------------

# NOTE: We are inheriting CATALINA_HOME from launchd, because its value 
# was defined in the launchd plist configuration file.

function shutdown() {
 
 # Bye Tomcat!
 echo "Shutting down Tomcat... "
 $CATALINA_HOME/bin/catalina.sh stop
 echo "done."
 
 # Cleaning up the temporary file
 rm -f $CATALINA_PID 
}

function startup() {
 
 # Define the file where we want the Tomcat process ID to be stored.
 export CATALINA_PID=$(mktemp /tmp/\`basename -s .sh $0\`.XXXXXX)
 if \[ $? -ne 0 \]
 then
 echo "$0: Failed to create temporary file. Aborting."
 exit 1
 fi
 rm -f $CATALINA_PID
 
 # Let's go!
 echo "Starting up Tomcat... "
 . $CATALINA_HOME/bin/catalina.sh start
 
 # Register the shutdown function as callback to execute when a signal 
 # is sent to this process.
 #捕捉以下信号使tomcat关闭
 trap shutdown HUP INT QUIT ABRT KILL ALRM TERM TSTP
 echo "done." 
}

function wait_for_tomcat_to_exit() {
 echo "Waiting for Tomcat to exit (PID: \`cat $CATALINA_PID\`)... "
 #等待tomcat进程退出
 wait \`cat $CATALINA_PID\`
 echo "done waiting for Tomcat to exit."
}

#---------------------------------------------------------
# Let's go
#---------------------------------------------------------

startup
wait_for_tomcat_to_exit

plist配置文件:
/usr/local/tomcat/conf/org.apache.tomcat.plist
[xml]




Label
org.apache.tomcat
ServiceDescription
Tomcat Servlet/JSP Server
UserName
_tomcat
GroupName
_tomcat
EnvironmentVariables

CATALINA_HOME
/usr/local/tomcat
JAVA_HOME
/Library/Java/JavaVirtualMachines/jdk1.8.0.jdk/Contents/Home

ProgramArguments

/usr/local/tomcat/bin/tomcat-launchd.sh

StandardOutPath
/usr/local/tomcat/logs/launchd-stdout.log
StandardErrorPath
/usr/local/tomcat/logs/launchd-stderr.log
RunAtLoad

KeepAlive



[/xml]

JAVA_HOME变量的值由以下命令确定:

1
$ /usr/libexec/java_home

然后将plist文件符号链接到/Library/LaunchDaemons目录:

1
2
# cd /Library/LaunchDaemons
# ln -sfv /usr/local/tomcat/conf/org.apache.tomcat.plist

使用launchd管理tomcat
设置完成后,可以使用以下命令加载配置并启动tomcat

1
# launchctl load /Library/LaunchDaemons/org.apache.tomcat.plist

修改plist配置文件后重新加载配置:

1
2
# launchctl unload /Library/LaunchDaemons/org.apache.tomcat.plist
# launchctl load /Library/LaunchDaemons/org.apache.tomcat.plist

plist文件中RunAtLoad设置为true会使tomcat开机自动运行。而如果KeepAlive设置为true,则当tomcat进程退出后,无论是什么原因导致tomcat进程退出,launchd守护进程会重新启动tomcat。因此更改tomcat配置后可以这样重新启动tomcat进程:

1
# launchctl stop org.apache.tomcat

或者直接kill tomcat进程亦可。

如果KeepAlive设置为false,则需要手工启动tomcat进程,如下:

1
2
# launchctl stop org.apache.tomcat
# launchctl start org.apache.tomcat

servlet api符号链接

1
2
# ln -sfv /usr/local/tomcat/lib/servlet-api.jar /usr/share/java/servlet-api.jar
# ln -sfv /usr/local/tomcat/lib/servlet-api.jar /usr/share/java/servlet-api-3.0.jar

References:
[1]installing Tomcat On Mac OS X

===
[erq]