...
Package Version | Comments | Next Step Version |
---|---|---|
v0.1 | Basic Tomcat with Java embedded. This should be run only as serveradmin per the Bonsai approach to server management. | Ongoing Maintenance with new versions of Java and documentation of who's using it and where. |
v0.2 | Harden Tomcat and maintain a log. | ... will be done as part of the Bonsai group work ... |
v0.3 | Rolling Logs | Fix catalina.outlog rotation (determine best route) and petition to get this fixed. Kevin looking into this. |
Install by unzipping as serveradminan unzip using a staff account. The use of sudo is necessary to retain permission,
Code Block | ||
---|---|---|
| ||
su - serveradmin wget http://www.bonsaiframework.com/downloads/0fs-tomcat-linux/0fs-tomcat.tar.gz # this symbolically points to the latest 64-bit version tar -xvpf 0fs-tomcat.tar.gz exitsudo # leave server admin back to staff user, |
...
mv /0fs-tomcat/ /opt/ |
You are now ready to go and start Tomcat as serveradmin,
Code Block |
---|
su - serveradmin
cd /opt/0fs-tomcat/bin/
./startup.sh |
Verify it is Tomcat is running,
Code Block | ||
---|---|---|
| ||
cdps /opt-ef sudo| mv /home/serveradmin/0fs-tomcat/ /opt/ sudo chown -R serveradmin:staff grep java |
To stop Tomcat,
Code Block | ||
---|---|---|
| ||
su - serveradmin # if not already serveradmin cd /opt/0fs-tomcat/bin/ ./shutdown.sh |
That's it.
Tomcat and serveradmin
I will re-iterated that you should run Tomcat or any public facing service for that matter as serveradmin. As noted in account creation, this is for security reasons. In the event that Tomcat is somehow attacked, the compromise would be limited to serveradmin which has reduced limited priviledges.
...
Code Block | ||
---|---|---|
| ||
<Connector port="8109" protocol="AJP/1.3" redirectPort="8643" URIEncoding="UTF-8" /> |
Make Your Own 0FS TAR Package
Once you are happy with your setup you may want to make your own package.
Cleanup Log Files
...
TAR Maintaining Permissions and Roles
...
References
http://wiki.apache.org/tomcat/FAQ/CharacterEncoding#Q9 - still to finish reading
...