My tomcat is being stopped by some users, who used "kill" command to terminate the process, not shutdown.sh. So, how to prevent and track(log) this. Like, user should not able to terminate the process using kill unless he has authentication.
Asked
Active
Viewed 210 times
1 Answers
1
Tomcat can be killed only if the rogue user(s) have access to the account Tomcat server is using (or the other user is superuser, but that's a different story).
What you need to do is to fix the problem using sysadmin tools and not Tomcat. Simply don't provide Tomcat user account details to other people.
NOTE: other users can still shut down Tomcat gracefully by sending shutdown command to shutdown port but I presume this is irrelevant to this question.
mindas
- 26,463
- 15
- 97
- 154
-
I'd add that for the security conscious this is a good thing. The most secure way to handle shut down is to run Tomcat under a dedicated user account that has minimal privileges (and certainly not the ability to log in) and disable the shut down port by setting it to -1. Use root to start Tomcat (with an su to the right user) and then only root can shut down Tomcat (gracefully will a kill -15) while Tomcat runs with minimal privileges. – Mark Thomas Apr 30 '13 at 08:10
-
Thanks @MarkThomas for your input! Just a small comment - starting as root (only for being able to use 80 port) I think is a bit overkill. I normally prefer using `iptables` and redirecting everything from port 80 to 8080 (or whatever the port is). – mindas Apr 30 '13 at 08:37
-
You misunderstood my point. Tomcat should *never* be run as root. You have an init.d script (or any other script) that does something along the lines of "/usr/bin/su $TOMCAT_USER $CATALINA_HOME/bin/startup.sh". Strictly, any user with suitable sudo privs can execute that but I normally do it as root. That way Tomcat is always running as $TOMCAT_USER and the only way to stop it is with kill and only root (or a user with su privs to $TOMCAT_USER) can stop Tomcat. – Mark Thomas Apr 30 '13 at 12:18