I decided to write a script to automate the process of starting and stopping Lucee and Nginx on my laptop.

I have updated this script to include the ability to run Tomcat as a non-root user - a useful trick for those who want to adhere to standard conventions, e.g. not running Tomcat as a user with root privileges.


Running as Your Username

Depending on how you have configured your local environment, it may be easiest for you to run Lucee as your own username. For instance, all of my virtual hosts are inside my home folder in OSX, all owned by me, so running Tomcat as my user might make sense. If you want to run Tomcat as your user, make sure you own the Tomcat application folder:

sudo chown -R <username> /usr/local/tomcat

where username is your username and /usr/local/tomcat is the Tomcat application folder.

The only downside of this approach is that your account probably has root privileges, and with this approach you are deviating from the principle of not granting more permissions than necessary.

 

Creating a User

If you want to run more securely, you can run Tomcat as an ordinary user without root privileges. First, you need to create a new user. Use the System Preferences | Users and Groups app in OSX to creae a new user. Make it a non-admin user. This user should never login, so you should make the password something secure to prevent unauthorized use of the account. For convenience, the script uses tomcat as the default user. If you name the script lucee and you set the user as tomcat, you can type either:

sudo ./lucee start

or

sudo ./lucee start tomcat

where the second argument on the command line is the name of the user you would like Tomcat to run as. You can also change the default user in the script if you prefer to use another name.

 

Setting Permissions

Tomcat needs to own its folders in order to run correctly. Assuming you created a tomcat user, you should make sure it owns the tomcat application folder and everything in it, e.g.:

sudo chown -R tomcat /usr/local/tomcat

where tomcat is the user that will run the process and /usr/local/tomcat is the Tomcat application folder.

You should also verify that your virtual host folders and their contents have privileges set such that the user that will run Tomcat has the necessary permissions on those folders.

 

Privileged Ports

The new script is listed below. Note that this script will not work if you run Tomcat on a privileged port (below 1024), e.g. ports 80 or 443. If you are running Tomcat on the default port of 8080, or the Lucee standard port of 8888, everything should be ok.
 

#!/bin/sh

if [ "$2" = "" ]
then
    DaemonUser="tomcat"
else
    DaemonUser="$2"
fi

case $1 in

start)
        if [ "$(ps -ef | grep tomcat | grep java | awk ' { print $2 } ')" ]
        then
            echo Tomcat is running
        else
            echo Starting Tomcat ...
            su $DaemonUser - /opt/tomcat/bin/startup.sh
        fi

        if [ "$(ps -ef | grep 'nginx\:' | awk ' {print $2}')" ]
        then
            echo Nginx is running
        else
            echo Starting Nginx ...
            sudo nginx
        fi
        ;;
stop)
        if [ "$(ps -ef | grep tomcat | grep java | awk ' { print $2 } ')" ]
        then
            echo Stopping Tomcat ...
            su $DaemonUser - /opt/tomcat/bin/shutdown.sh
        else
            echo Tomcat is not running
        fi

        if [ "$(ps -ef | grep 'nginx\:' | awk ' {print $2}')" ]
        then
            echo Stopping Nginx ...
            sudo nginx -s stop
        else
            echo Nginx is not running
        fi
    ;;
*)
    echo "Usage: ./lucee start|stop <user>"
    ;;
esac