您的位置:首页 > 运维架构 > Tomcat

linux系统非ROOT用户80端口不能启动tomcat问题的变通办法——通过Iptables端口转发

2015-08-08 09:16 736 查看
2010-07-17 13:21:42 org.apache.tomcat.util.digester.SetPropertiesRule begin
警告: [SetPropertiesRule]{Server/Service/Engine/Host/Context} Setting property 'debug' to '0' did not find a matching property.
2010-07-17 13:21:42 org.apache.catalina.core.AprLifecycleListener init
信息: The APR based Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path: /usr/jdk1.5.0_16/jre/lib/i386/client:/usr/jdk1.5.0_16/jre/lib/i386:/usr/jdk1.5.0_16/jre/../lib/i386
2010-07-17 13:21:42 org.apache.coyote.http11.Http11Protocol init
严重: Error initializing endpoint
java.net.BindException: Permission denied:80
at org.apache.tomcat.util.net.JIoEndpoint.init(JIoEndpoint.java:502)
at org.apache.coyote.http11.Http11Protocol.init(Http11Protocol.java:176)
at org.apache.catalina.connector.Connector.initialize(Connector.java:1058)
at org.apache.catalina.core.StandardService.initialize(StandardService.java:677)
at org.apache.catalina.core.StandardServer.initialize(StandardServer.java:795)
at org.apache.catalina.startup.Catalina.load(Catalina.java:530)
at org.apache.catalina.startup.Catalina.load(Catalina.java:550)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:260)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:412)
2010-07-17 13:21:43 org.apache.catalina.startup.Catalina load

上面可以看到,非root用户其实没有绑定80端口的权限。在Linux下低于1024的端口是root专用,而Tomcat安装后默认使用用户tomcat启动的,所以将端口改为80后启动,会产生错误:java.net.BindException: Permission denied:80

解决方法是:

第一步,重将Tomcat的端口(server.xml)由80改回8080。

第二步,通过Iptables端口实现80到8080的转发,命令为:

iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080

用root用户直接去执行就可以了!

这样,用户访问80端口和8080端口其实都到了8080端口。
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 点击这里给我发消息
标签: