The http://jakarta.apache.org/tomcat/tomcat-5.0-doc/setup.html isn't the way for doing jsvc that I used (it didn't work right).
You should already have jsvc.tar.gz in the bin dir for tomcat; unpack it, and follow the instructions in INSTALL.txt for building jsvc. There's a page for it at http://jakarta.apache.org/commons/daemon/jsvc.html as well.
Then, you use the tomcat/bin/jsvc-src/native/Tomcat5.sh script to start and stop it, after first editing that script to get the values in there right. Mine is as follows (that $DAEMON_HOME/jsvc-src/jsvc \ one was important, since it defaulted to a different directory structure than the one that was created by my jsvc and tomcat unpacking).
Then I did chown on the files in the tomcat directory to be my non-root 'tomcat' user, fixed the server.xml to have non-SSL Coyote HTTP/1.1 Connector on port 80 and SSL Coyote HTTP/1.1 Connector on port 443 and it seems to be working like a champ.
I also got the logging running by un-commenting the AccessLogValve at the end of server.xml, and changed the pattern=common to pattern=combined so I could get apache-type logs like I had before.
MUCH nicer than fooling with those connectors.
Now, if I can only figure out why the 'referer' is always blank when somebody first hits my site, I'll be very happy...
rj
#!/bin/sh ############################################################################## # # Copyright 2004 The Apache Software Foundation. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. ############################################################################## # # Small shell script to show how to start/stop Tomcat using jsvc # If you want to have Tomcat running on port 80 please modify the server.xml # file: # # <!-- Define a non-SSL HTTP/1.1 Connector on port 80 --> # <Connector className="org.apache.catalina.connector.http.HttpConnector" # port="80" minProcessors="5" maxProcessors="75" # enableLookups="true" redirectPort="8443" # acceptCount="10" debug="0" connectionTimeout="60000"/> # # That is for Tomcat-5.0.x (Apache Tomcat/5.0) # # Adapt the following lines to your configuration JAVA_HOME=/usr/java/j2sdk1.4.2_03 CATALINA_HOME=/usr/local/tomcat5 DAEMON_HOME=/usr/local/tomcat5/bin TOMCAT_USER=tomcat TMP_DIR=/var/tmp CATALINA_OPTS="-Xms64m -Xmx200m" CLASSPATH=\ $JAVA_HOME/lib/tools.jar:\ $CATALINA_HOME/bin/commons-daemon.jar:\ $CATALINA_HOME/bin/bootstrap.jar
case "$1" in
start)
#
# Start Tomcat
#
$DAEMON_HOME/jsvc-src/jsvc \
-user $TOMCAT_USER \
-home $JAVA_HOME \
-Dcatalina.home=$CATALINA_HOME \
-Djava.io.tmpdir=$TMP_DIR \
-outfile $CATALINA_HOME/logs/catalina.out \
-errfile '&1' \
$CATALINA_OPTS \
-cp $CLASSPATH \
org.apache.catalina.startup.Bootstrap
#
# To get a verbose JVM
#-verbose \
# To get a debug of jsvc.
#-debug \
;; stop)
#
# Stop Tomcat
#
PID=`cat /var/run/jsvc.pid`
kill $PID
;; *)
echo "Usage tomcat.sh start/stop"
exit 1;;
esacAt 03:19 AM 5/27/2004, Justin Jaynes wrote:
I am intending to run in a fully internet exposed environment and I only have ONE physical machine to use for deployment. It will be directly connected to the internet at co-location service provider. So ...
In a conversation from yesterday, it appears another user had a similar question. How to run on port 80, securly.
Is it possible to run tomcat with a non-priviliged user? What is this JSVC approach they referred to, and what is the solution that was given? Where can I go to read more?
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
