我正在尝试在 CentOS 7 上设置一个名为 Scipio 的 OFBiz 分支作为服务。
服务包装器脚本将用户更改为该程序的专用用户。该程序的所有文件均归该专用用户名所有,并归该专用用户名下的组所有。
如果我授予脚本的执行权限,将其放在程序的子目录中,并以该专用用户身份登录,并像标准 bash 脚本一样直接执行它,它就可以完美运行。但是,如果我将其复制到 /etc/rc.d/init.d/scipio 并尝试使用 sudo 以另一个用户(我的普通帐户)身份执行它(“正常”执行或作为服务执行),它会失败。
看起来错误是这样的:
failed to start service interactive authentication required
权限如下(ls -l):
-rwxr-xr-x. 1 root root 4165 Jul 8 16:00 /etc/rc.d/init.d/scipio
以下是我喜欢的启动方式(作为 sudoer):
sudo service scipio restart
脚本本身如下:
#!/bin/sh
#####################################################################
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
#####################################################################
#
# scipio This shell script takes care of starting and stopping
# the Scipio ERP server
#
# chkconfig: 2345 80 10
# description: Scipio ERP
# Source function library
# this does not exist in Debian/Ubuntu/etc. => see rc.ofbiz.for.debian
# => comment out and use "echo failure" and "echo success" in place of echo_failure and echo_success (minor anyway)
. /etc/rc.d/init.d/functions
# Source networking configuration
# this does not exist in Debian/Ubuntu/etc. => see rc.ofbiz.for.debian
. /etc/sysconfig/network
# Paths - Edit for your locations
JAVA_BINARY=$JAVA_HOME/bin/java
OFBIZ_HOME=/opt/scipio-erp
OFBIZ_LOG=$OFBIZ_HOME/runtime/logs/console.log
# VM Options
JAVA_VMOPTIONS="-Xms128M -Xmx1024M -XX:MaxPermSize=512M"
# Java arguments
JAVA_ARGS="-jar ofbiz.jar"
# *nix user ofbiz should run as (you must create this user first)
OFBIZ_USER=scipio
# OFBiz processes running
ofbizprocs() {
OFBIZ_PROCS=`/bin/ps h -o pid,args -C java | /bin/grep -e "$JAVA_ARGS" | /bin/egrep -o "^[[:space:]]*[[:digit:]]*"`
}
# Checking user...
checkuser() {
if [ "$USER" != "$OFBIZ_USER" ]; then
echo failure
echo
echo "Only users root or $OFBIZ_USER should start/stop the application"
exit 1
fi
}
# Start OFBiz
start() {
echo -n "Starting OFBiz: "
checkuser
ofbizprocs
if [ "$OFBIZ_PROCS" != "" ]; then
echo failure
echo
echo "OFBiz is already running..."
return 1
fi
# All clear
cd $OFBIZ_HOME
umask 007
/bin/rm -f $OFBIZ_LOG
$JAVA_BINARY $JAVA_VMOPTIONS $JAVA_ARGS >>$OFBIZ_LOG 2>>$OFBIZ_LOG&
echo success
return 0
}
# Stop OFBiz
stop() {
echo -n "Stopping OFBiz: "
checkuser
ofbizprocs
if [ "$OFBIZ_PROCS" == "" ]; then
echo failure
echo
echo "OFBiz is not running..."
return 1
fi
# All clear
cd $OFBIZ_HOME
umask 007
$JAVA_BINARY $JAVA_VMOPTIONS $JAVA_ARGS -shutdown >>$OFBIZ_LOG
ofbizprocs
if [ "$OFBIZ_PROCS" != "" ]; then
# Let's try to -TERM
/bin/kill -TERM $OFBIZ_PROCS
fi
ofbizprocs
if [ "$OFBIZ_PROCS" != "" ]; then
# Let's try it the hard way!
/bin/kill -9 $OFBIZ_PROCS
fi
ofbizprocs
if [ "$OFBIZ_PROCS" != "" ]; then
echo failure
echo
echo "Some processes could not be stopped:"
echo $OFBIZ_PROCS
echo "A possible solution is to try this command once more!"
return 1
else
echo success
return 0
fi
}
# If root is running this script, su to $OFBIZ_USER first
# Note that under Debian/Ubuntu/etc. you should use instead
# if [ "$USER" = "root" ]; then
if [ "$UID" = "0" ]; then
exec su - $OFBIZ_USER -c "$0 $1"
fi
case "$1" in
'start')
start
;;
'stop')
stop
;;
'restart')
stop
start
;;
'status')
ofbizprocs
if [ "$OFBIZ_PROCS" == "" ]; then
echo "OFBiz is stopped"
exit 1
else
echo "OFBiz is running"
exit 0
fi
;;
*)
echo "Usage: $0 {start|stop|kill|restart|status|help}"
exit 1
;;
esac
echo
exit $?
这似乎是 CentOS 7 特有的问题。我相信服务模型已经改变,这些 init.d 样式的脚本不再是自然机制。也许这与 SELinux 有关?
更新
应该定义JAVA_HOME,正如我之前运行的那样:
export JAVA_HOME=/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.171-8.b10.el7_5.x86_64/jre
sudo sh -c "echo export JAVA_HOME=/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.171-8.b10.el7_5.x86_64/jre >> /etc/environment"
... 我测试并确认在这种情况下可以解决问题。
记录错误消息
-- Unit session-c16.scope has begun starting up.
Jul 09 20:56:19 SERVERNAME-XXXX scipio[27942]: Starting scipio (via systemctl): Failed to start scipio.service: Interactive authentication required.
Jul 09 20:56:19 SERVERNAME-XXXX scipio[27942]: See system logs and 'systemctl status scipio.service' for details.
Jul 09 20:56:19 SERVERNAME-XXXX scipio[27942]: [FAILED]
Jul 09 20:56:19 SERVERNAME-XXXX su[27942]: pam_unix(su-l:session): session closed for user scipio
Jul 09 20:56:19 SERVERNAME-XXXX systemd[1]: scipio.service: control process exited, code=exited status=1
Jul 09 20:56:19 SERVERNAME-XXXX systemd[1]: Failed to start SYSV: Scipio ERP.
-- Subject: Unit scipio.service has failed
答案1
在我看来,它似乎JAVA_HOME没有定义。因此,当您尝试运行该脚本时,它/bin/java不存在,并且会失败。
如果您以登录用户的身份执行此操作,则您最终可能会得到在 rc 文件中定义的环境变量,或者从更改为服务帐户之前的用户那里继承的环境变量。
是的,CentOS 7 确实切换为使用 systemd 而不是 initV - 但即使已被弃用,这样的 initscript 仍应可以工作。