David Ghedini

Linux, Java, Oracle, and PostgreSQL


David Ghedini

Friday Mar 04, 2011

Install Tomcat 6 on CentOS or RHEL

This post will cover installation and configuration of Tomcat 6 on CentOS 5.

We will also show how to run Tomcat as a service, create a start/stop script, and configure Tomcat to run under a non-root user.

This post has been updated for Tomcat 6.0.32.

This post below will work with any Tomcat 6.x version, but I have been keeping it updated to keep the links consistent and to make it as "copying-and-paste" as possible.

If you are looking for our tutorial on installing Tomcat 7 on CentOS/RHEL, you can find it here.

This installation of Tomcat 6.0.32 was done on CentOS 5.5, but any CentOS 5.x should work, as well as RHEL and Fedora.

If you do not already have the Java Development Kit (JDK) installed on your machine, you will need to download and install the required JDK for your platform.

If you do have the JDK installed, you can skip to: Step 2: Download and Install the Tomcat 6.0.32:

Step 1: Install the JDK


You can download the JDK here: http://www.oracle.com/technetwork/java/javase/downloads/index.html

I'm using the latest, which is JDK 6, update 24. The JDK is specific to 32 and 64 bit versions.

My CentOS box is 64 bit, so I'll need: jdk-6u24-linux-x64.bin.

If you are on 32 bit, you'll need: jdk-6u24-linux-i586.bin

Download the appropriate JDK and save it to a directory. I'm saving it to /root.

Move (mv) or copy (cp) the file to the /opt directory:

[root@blanche ~]# mv jdk-6u24-linux-x64.bin /opt/jdk-6u24-linux-x64.bin  


Create a new directory /usr/java.

[root@blanche ~]# mkdir /usr/java  


Change to the /usr/java directory we created and install the JDK using 'sh /opt/jdk-6u24-linux-x64.bin'

[root@blanche ~]# cd /usr/java
[root@blanche java]# sh /opt/jdk-6u24-linux-x64.bin


Set the JAVA_HOME path. This is where we installed our JDK above.

To set it for your current session, you can issue the following from the CLI:

[root@blanche java]# JAVA_HOME=/usr/java/jdk1.6.0_24
[root@blanche java]# export JAVA_HOME
[root@blanche java]# PATH=$JAVA_HOME/bin:$PATH
[root@blanche java]# export PATH


To set the JAVA_HOME for users, we add below to the user ~/.bashrc or ~/.bash_profile of the user. We can also add it /etc/profile and then source it to give to all users.

JAVA_HOME=/usr/java/jdk1.6.0_24
export JAVA_HOME
PATH=$JAVA_HOME/bin:$PATH
export PATH


Once you have added the above to ~/.bash_profile or ~/.bashrc, you should log out, then log back in and check that the JAVA_HOME is set correctly.

[root@blanche ~]#  echo $JAVA_HOME
/usr/java/jdk1.6.0_24


Step 2: Download and Install Tomcat 6.0.32:


Download apache-tomcat-6.0.32.tar.gz here

Save the file to a directory. I'm saving it to /root/apache-tomcat-6.0.32.tar.gz

Before proceeding, you should verify the MD5 Checksum for your Tomcat download (or any other download).

Since we saved the Tomcat download to /root/apache-tomcat-6.0.32.tar.gz, we'll go to the /root directory and use the md5sum command.

[root@blanche ~]# md5sum apache-tomcat-6.0.32.tar.gz
082a0707985b6c029920d4d6d5ec11cd


Compare the output above to the MD5 Checksum provided by the Apache Tomcat MD5 page and insure that they match exactly. (There is also a link to display the MD5 checksum located just to the right off the download link).

Now, move (mv) or copy (cp) the file to the /usr/share directory:

[root@blanche ~]# mv apache-tomcat-6.0.32.tar.gz /usr/share/apache-tomcat-6.0.32.tar.gz


Change to the /usr/share directory and unpack the file using tar -xzf:

[root@blanche ~]# cd /usr/share
[root@sv2 blanche ]# tar -xzf apache-tomcat-6.0.32.tar.gz  


This will create the directory /usr/share/apache-tomcat-6.0.32

At this point, you could start Tomcat via the Tomcat bin directory using the Tomcat startup.sh script located at /usr/share/apache-tomcat-6.0.32/bin.

[root@blanche share]# cd /usr/share/apache-tomcat-6.0.32/bin
[root@blanche bin]# ./startup.sh


Step 3: How to Run Tomcat as a Service.


We will now see how to run Tomcat as a service and create a simple Start/Stop/Restart script, as well as to start Tomcat at boot.

Change to the /etc/init.d directory and create a script called 'tomcat' as shown below.

[root@blanche share]# cd /etc/init.d
[root@blanche init.d]# vi tomcat


#!/bin/bash
# description: Tomcat Start Stop Restart
# processname: tomcat
# chkconfig: 234 20 80
JAVA_HOME=/usr/java/jdk1.6.0_24
export JAVA_HOME
PATH=$JAVA_HOME/bin:$PATH
export PATH
CATALINA_HOME=/usr/share/apache-tomcat-6.0.32

case $1 in
start)
sh $CATALINA_HOME/bin/startup.sh
;; 
stop)   
sh $CATALINA_HOME/bin/shutdown.sh
;; 
restart)
sh $CATALINA_HOME/bin/shutdown.sh
sh $CATALINA_HOME/bin/startup.sh
;; 
esac    
exit 0


The above script is simple and contains all of the basic elements you will need to get going.

As you can see, we are simply calling the startup.sh and shutdown.sh scripts located in the Tomcat bin directory (/usr/share/apache-tomcat-6.0.32/bin).

You can adjust your script according to your needs and, in subsequent posts, we'll look at additional examples.

CATALINA_HOME is the Tomcat home directory (/usr/share/apache-tomcat-6.0.32)

Now, set the permissions for your script to make it executable:

[root@blanche init.d]# chmod 755 tomcat


We now use the chkconfig utility to have Tomcat start at boot time. In my script above, I am using chkconfig: 244 20 80. 2445 are the run levels and 20 and 80 are the stop and start priorities respectively. You can adjust as needed.

[root@blanche init.d]# chkconfig --add tomcat
[root@blanche init.d]# chkconfig --level 234 tomcat on


Verify it:

[root@blanche init.d]# chkconfig --list tomcat
tomcat          0:off   1:off   2:on    3:on    4:on    5:off   6:off


Now, let's test our script.

Start Tomcat:

[root@blanche ~]# service tomcat start
Using CATALINA_BASE:   /usr/share/apache-tomcat-6.0.32
Using CATALINA_HOME:   /usr/share/apache-tomcat-6.0.32
Using CATALINA_TMPDIR: /usr/share/apache-tomcat-6.0.32/temp
Using JRE_HOME:        /usr/java/jdk1.6.0_24
Using CLASSPATH:       /usr/share/apache-tomcat-6.0.32/bin/bootstrap.jar


Stop Tomcat:

[root@blanche ~]# service tomcat stop
Using CATALINA_BASE:   /usr/share/apache-tomcat-6.0.32
Using CATALINA_HOME:   /usr/share/apache-tomcat-6.0.32
Using CATALINA_TMPDIR: /usr/share/apache-tomcat-6.0.32/temp
Using JRE_HOME:        /usr/java/jdk1.6.0_24
Using CLASSPATH:       /usr/share/apache-tomcat-6.0.32/bin/bootstrap.jar
Restarting Tomcat (Must be started first):

[root@blanche ~]# service tomcat restart
Using CATALINA_BASE:   /usr/share/apache-tomcat-6.0.32
Using CATALINA_HOME:   /usr/share/apache-tomcat-6.0.32
Using CATALINA_TMPDIR: /usr/share/apache-tomcat-6.0.32/temp
Using JRE_HOME:        /usr/java/jdk1.6.0_24
Using CLASSPATH:       /usr/share/apache-tomcat-6.0.32/bin/bootstrap.jar
Using CATALINA_BASE:   /usr/share/apache-tomcat-6.0.32
Using CATALINA_HOME:   /usr/share/apache-tomcat-6.0.32
Using CATALINA_TMPDIR: /usr/share/apache-tomcat-6.0.32/temp
Using JRE_HOME:        /usr/java/jdk1.6.0_24
Using CLASSPATH:       /usr/share/apache-tomcat-6.0.32/bin/bootstrap.jar


We should review the Catalina.out log located at /usr/share/apache-tomcat-6.0.32/logs/catalina.out and check for any errors.

[root@blanche init.d]# less /usr/share/apache-tomcat-6.0.32/logs/catalina.out


We can now access the Tomcat Manager page at:

http://yourdomain.com:8080 or http://yourIPaddress:8080 and we should see the Tomcat home page.

Step 5 (Optional): How to Run Tomcat using Minimally Privileged (non-root) User.


In our Tomcat configuration above, we are running Tomcat as Root.

For security reasons, it is always best to run services with the only those privileges that are necessary.

There are some who make a strong case that this is not required, but it's always best to err on the side of caution.

To run Tomcat as non-root user, we need to do the following:

1. Create the group 'tomcat':

[root@blanche ~]# groupadd tomcat
[root@blanche ~]# useradd -s /bin/bash -g tomcat tomcat


2. Create the user 'tomcat' and add this user to the tomcat group we created above.

[root@blanche ~]# groupadd tomcat
[root@blanche ~]# useradd -s /bin/bash -g tomcat tomcat


The above will create a home directory for the user tomcat in the default user home as /home/tomcat

If we want the home directory to be elsewhere, we simply specify so using the -d switch.

[root@blanche ~]# useradd -g tomcat -d /usr/share/apache-tomcat-6.0.32/tomcat tomcat


The above will create the user tomcat's home directory as /usr/share/apache-tomcat-6.0.32/tomcat

3. Change ownership of the tomcat files to the user we created above:

[root@blanche ~]# chown -Rf tomcat.tomcat /usr/share/apache-tomcat-6.0.32/


Note: it is possible to enhance our security still further by making certain files and directory read-only. This will not be covered in this post and care should be used when setting such permissions.

4. Adjust the start/stop service script we created above. In our new script, we need to su to the user tomcat:

#!/bin/bash
# description: Tomcat Start Stop Restart
# processname: tomcat
# chkconfig: 234 20 80
JAVA_HOME=/usr/java/jdk1.6.0_24
export JAVA_HOME
PATH=$JAVA_HOME/bin:$PATH
export PATH
TOMCAT_HOME=/usr/share/apache-tomcat-6.0.32/bin

case $1 in
start)
/bin/su tomcat $TOMCAT_HOME/startup.sh
;; 
stop)   
/bin/su tomcat $TOMCAT_HOME/shutdown.sh
;; 
restart)
/bin/su tomcat $TOMCAT_HOME/shutdown.sh
/bin/su tomcat $TOMCAT_HOME/startup.sh
;; 
esac    
exit 0


Step 6 (Optional): How to Run Tomcat on Port 80 as Non-Root User.


Note: the following applies when you are running Tomcat in "stand alone" mode. That is, you are running Tomcat without Apache in front of it.

To run services below port 1024 as a user other than root, you can add the following to your IP tables:

[root@blanche ~]# iptables -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080  
[root@blanche ~]# iptables -t nat -A PREROUTING -p udp -m udp --dport 80 -j REDIRECT --to-ports 8080  


Learn More About Apache Tomcat

Apache Tomcat Foundation

Tomcat 6



Tomcat 6 Hosting

Bookmark and Share



Comments:

great explanation. Helped me with the issues i was working for days. Thanks

Posted by hp on August 05, 2011 at 02:03 PM CDT #

Hi Dave, I like your blog very much. I am having one issue to install tomcat6 on CentOs5.3. I followed your protocol, no tomcat process and here is the error in log file "java.lang.ClassNotFoundException: org.apache.juli.Cl assLoaderLogManager not found....". here is the info you might need, [tgong@aa bin]$ java -version java version "1.6.0_26" Java(TM) SE Runtime Environment (build 1.6.0_26-b03) Java HotSpot(TM) 64-Bit Server VM (build 20.1-b02, mixed mode) [tgong@aa bin]$ echo $JAVA_HOME /usr/java/jdk1.6.0_26 [tgong@aa bin]$echo $JRE_HOME /usr/java/latest [tgong@aa bin]$ sudo ./startup.sh Using CATALINA_BASE: /usr/share/apache-tomcat-6.0.32 Using CATALINA_HOME: /usr/share/apache-tomcat-6.0.32 Using CATALINA_TMPDIR: /usr/share/apache-tomcat-6.0.32/temp Using JRE_HOME: /usr Using CLASSPATH: /usr/share/apache-tomcat-6.0.32/bin/bootstrap.jar<br> Thank you in advance for help, TG

Posted by Tom Gong on August 10, 2011 at 01:38 PM CDT #

Hi Tom -

Tomcat is not finding the JDK.

Firstly, unset the JRE_HOME.

For some reason, you have JRE_HOME=/usr/java/latest.

I'm not sure where this came from.

If you want to set JRE_HOME it should point to JDK installation at /usr/java/jdk1.6.0_26, the same as JAVA_HOME.

The Catalina.sh script you are invoking with startup.sh will automatically set the JRE_HOME to to JAVA_HOME if JRE_HOME is not set, so there is really no need to set it anyways.

Hope this helps,
David Ghedini

Posted by David Ghedini on August 10, 2011 at 05:13 PM CDT #

Hi Dave, Thank you very much for your reply. The problem still there after unset JRE_HOME. Thank you again for your help, [tgong@aa bin]$ echo $JRE_HOME [tgong@aa bin]$ echo $JAVA_HOME /usr/java/jdk1.6.0_26 [tgong@harding bin]$ $JAVA_HOME/bin/java -version java version "1.6.0_26" Java(TM) SE Runtime Environment (build 1.6.0_26-b03) Java HotSpot(TM) 64-Bit Server VM (build 20.1-b02, mixed mode) [tgong@aa bin]$ sudo ./startup.sh Using CATALINA_BASE: /usr/share/apache-tomcat-6.0.32 Using CATALINA_HOME: /usr/share/apache-tomcat-6.0.32 Using CATALINA_TMPDIR: /usr/share/apache-tomcat-6.0.32/temp Using JRE_HOME: /usr Using CLASSPATH: /usr/share/apache-tomcat-6.0.32/bin/bootstrap.jar [tgong@aa bin]$ pwd /usr/share/apache-tomcat-6.0.32/bi [tgong@aa bin]$ sudo ps -ef | grep tomcat tgong 28978 28304 0 18:21 pts/3 00:00:00 grep tomcat TG

Posted by Tom Gong on August 10, 2011 at 05:41 PM CDT #

One thing I don't understand is after unset JRE_HOME and then I run sudo ./startup.sh it still says "JRE_HOME=/usr".

Posted by Tom Gong on August 10, 2011 at 05:41 PM CDT #

Hi Tom -
Sorry, I didn't look closely enough at your output and use of sudo
Add the E switch to sudo to keep your environment.
i.e. sudo -E startup.sh
David

Posted by David Ghedini on August 10, 2011 at 06:25 PM CDT #

Hi Dave, Thank you so much for your great help!! I can see Tomcat process is running. I can shutdown, restart without problem. Thanks again! TG

Posted by Tom Gong on August 10, 2011 at 06:44 PM CDT #

Hi Tom, you are very welcome. Glad we could get it running. David

Posted by David Ghedini on August 10, 2011 at 06:47 PM CDT #

greatt work bro...keep it up...

Posted by zahid on December 22, 2011 at 12:22 AM CST #

This worked great!

Posted by Rudy on April 07, 2012 at 02:58 PM CDT #

thx for the information...I'm able to configure tomcat6 server in CentOs6.2 machine... I need to confgure SOLR in that... thx again..

Posted by karunaker on April 19, 2012 at 02:21 AM CDT #

Hi David, I just want to thank this post.

Posted by Janos Ujvari on July 11, 2012 at 02:50 AM CDT #

excellent description. I was stuck.

Posted by tinmailbox on September 10, 2012 at 12:17 AM CDT #

Great description. Very easy for linux beginners. thank you.

Posted by Commanders on December 03, 2012 at 12:42 PM CST #

Great info ... but for one thing ... FROM root@foo ~]# useradd -s /bin/bash -g tomcat tomcat TO root@foo ~]# useradd -s /sbin/nologin -g tomcat tomcat

Posted by Edward on February 06, 2013 at 12:34 AM CST #

excellent description I can't access from another host pls give me a solution.......

Posted by Jithesh NH on May 22, 2013 at 12:04 AM CDT #

Post a Comment:
  • HTML Syntax: Allowed

Main Menu

Built With

Search

Pages

LinkedIn

Technorati Profile

Add Technorati Favorite

Tag Cloud

Enciva Solutions

Navigation

Visitors

Sponsors

Feeds

Tag Cloud

VPS Hosting: 1Gbps Network