Ubuntu
tomcat5.5 package

  1. Bug #115852
  2. Comment #2

Comment 2 for bug 115852

Revision history for this message
Sorsis (mikael-haapakoski) wrote :

Found this kind of information about installation. I didn't find this kind of groups from my comp. Could this be the reason?

4. Installing Tomcat

Download a binary distribution of Tomcat from the Apache Jakarta website:

  http://jakarta.apache.org/tomcat/

If you don't want to run the Tomcat daemon as root, create a new user/group tomcat (first make sure that the UID and GID you use are still available by checking the files /etc/passwd and /etc/group):

  groupadd -g 220 tomcat
  useradd -u 220 -g tomcat -c "Tomcat" -r -d /usr/local/tomcat -s "/sbin/nologin" tomcat

Warning

You really should not use the root account to run the Tomcat daemon; (using Tomcat version 4.1.27) we found out that this allows the MMBase admin user to write backup dumps of his sites anywhere on the system.

<TODO: better solution available?>

Extract the Tomcat distribution in a new directory:

  cd /usr/local/
  tar -zxvf .../jakarta-tomcat-xxx.tar.gz

Note

Version 4.1.27 came with a hot-fix:

  cd /usr/local/jakarta-tomcat-xxx/
  tar -zxvf .../xxx-hotfix-xxx.tar.gz

Change the ownership of the Tomcat directory and make it available as /usr/local/tomcat/:

  chown -R tomcat:tomcat /usr/local/jakarta-tomcat-xxx
  ln -s /usr/local/jakarta-tomcat-xxx /usr/local/tomcat

Open up the firewall for web access to the Tomcat server by adding to the file /etc/sysconfig/iptables:

  -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 8080 --syn -j ACCEPT

You need to reboot your system to make this rule effective or restart the iptables firewall:

  service iptables restart

Tip

Since (for some odd reason) some network managers allow outgoing web connections only to TCP port 80, there might be people around that cannot access your Tomcat (and MMBase) server through port 8080. Further below we will explain how to install a JK 2 mapping or a reverse proxy in Apache, so Tomcat and MMBase can be accessed through the Apache web server at port 80. Apart from the port issue, this has the advantage that you can use Apache to manage you SSL connections and use your existing Apache logs and statistics facilities for Tomcat and MMBase as well.

If you decide to use Apache as a front-end to your Tomcat and MMBase server, there's no need to open up port 8080 in your firewall.

To run Tomcat, set the $CATALINA_HOME environment variable: