tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bill Barker" <wbar...@wilshire.com>
Subject Re: starting tomcat at system boot
Date Wed, 20 Aug 2008 02:33:02 GMT

"Markus Schönhaber" <tomcat-users@list-post.mks-mail.de> wrote in message 
news:48AAC109.7070708@list-post.mks-mail.de...
> Zemian Deng wrote:
>
>> When setting up tomcat during boot startup on a linux/unix, is there more
>> advantage using jsrv that comes with Tomcat as describe here:
>> http://tomcat.apache.org/tomcat-6.0-doc/setup.html
>>
>> VS
>>
>> Just a plain shell script that calls catalina.sh ?
>
> With jsvc Tomcat is able to bind to privileged ports (for example 80,
> 443) and drop root privileges right afterwards.
> If you just use the shell scripts, you'd have to run Tomcat as root if
> you'd want it to bind to privileged ports[1].
>

There is one other (usually small) advantage to jsvc.  With jsvc, the 
shutdown port isn't used, so only root can shutdown/restart Tomcat.  With 
the scripts, anyone with physical access to the machine can shutdown Tomcat.

> Regards
>  mks
>
> [1] OTOH, making Tomcat *accessible* through a privileged port doesn't
> necessarily mean that Tomcat has to *bind* to this port. Another
> possibility to achieve this is, for example, to use netfilter or
> something to redirect traffic from a privileged port to the
> non-privileged port that Tomcat listens on.
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
> 




---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message