Configuration of Java, MySql, Tomcat and FTP environment on linux server

About Java

         Detect whether there is a Java environment in the current system

[root@Server /]# java -version
#If it exists, you need to remove the environment and reinstall it

         View the current jdk information. If not, it will not be output

[root@Server /]# rpm -qa|grep jdk

         Install jdk-8u261-linux-x64.rpm package

[root@Server /]# rpm -ivh jdk-8u261-linux-x64.rpm

         After installation, you can use java -version, java and javac to check whether the installation is successful

[root@Server /]# java -version
java version "1.8.0_261"
Java(TM) SE Runtime Environment (build 1.8.0_261-b12)
Java HotSpot(TM) 64-Bit Server VM (build 25.261-b12, mixed mode)
#Indicates that the installation was successful

  About Tomcat

         Put the compressed package apache-tomcat-9.0.37.tar.gz under the Linux server / usr/local/tomcat, extract it and run Tomcat

#Unzip in the / usr/local/tomcat directory
[root@Server /]# tar -zxvf apache-tomcat-9.0.37.tar.gz
#Run tomcat in the bin directory
[root@Server /]# cd /usr/local/tomcat/apache-tomcat-9.0.37/bin
[root@Server bin]# ./startup.sh
Using CATALINA_BASE:   /usr/local/tomcat/apache-tomcat-9.0.37
Using CATALINA_HOME:   /usr/local/tomcat/apache-tomcat-9.0.37
Using CATALINA_TMPDIR: /usr/local/tomcat/apache-tomcat-9.0.37/temp
Using JRE_HOME:        /usr
Using CLASSPATH:       /usr/local/tomcat/apache-tomcat-9.0.37/bin/bootstrap.jar:/usr/local/tomcat/apache-tomcat-9.0.37/bin/tomcat-juli.jar
Tomcat started.#Represents successful startup

         Open port 8080 on the server and firewall port 8080/tcp in Linux

#Check the firewall service status. If the green light is on, the firewall is on. If the gray light is off, the firewall is not on
[root@Server /]# systemctl status firewalld
#Opening status information
● firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
   Active: active (running) since Fri 2020-09-04 19:18:10 CST; 1 weeks 1 days ago
     Docs: man:firewalld(1)
 Main PID: 28002 (firewalld)
   CGroup: /system.slice/firewalld.service
           └─28002 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid

Sep 04 19:18:10 Server systemd[1]: Starting firewalld - dynamic firewall daemon...
Sep 04 19:18:10 Server systemd[1]: Started firewalld - dynamic firewall daemon.

#If not, turn on the firewall
[root@Server /]# service firewalld start
Redirecting to /bin/systemctl start  firewalld.service
#Check whether the firewall is turned on successfully check the firewall status running started not running not started
[root@Server /]# firewall-cmd --state
running	#Indicates successful opening

#Open port 8080
[root@Server /]# firewall-cmd --zone=public --add-port=8080/tcp --permanent
success #Indicates that the port was opened successfully

#After each port is opened, the firewall needs to be restarted to take effect
[root@Server /]# firewall-cmd --reload
#View all currently open ports
[root@Server /]# firewall-cmd --list-ports
3306/tcp 6379/tcp 8080/tcp
  • At present, the tomcat page can be accessed through ip:8080

  • Add execute permission to file

    #Attention path
    [root@Server etc]# chmod -x rc.local

  • Test failed

  • Want to access on the server http://47.90.101.219:8080/manager/html Report 403 unauthorized and 401 unauthorized

  • Modify the / usr/local/tomcat/apache-tomcat-9.0.37/webapps/manager/META-INF/context.xml file

    <!--Original document-->
    <Valve className="org.apache.catalina.valves.RemoteAddrValve"
             allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />
    <!--Change to-->
    <Valve className="org.apache.catalina.valves.RemoteAddrValve"
             allow="^.*$" />

    Add the following to the end of the / usr/local/tomcat/apache-tomcat-9.0.37/conf/tomcat-users.xml file

    <role rolename="admin-gui"/>
    <role rolename="manager-gui"/>
    <user username="tomcat" password="123456" roles="manager-gui,admin-gui"/>
  • Go back to the bin directory and restart. / startup.sh tomcat and then access it

About MySQL

         Check whether MySQL has been installed before

[root@Server /]# rpm -qa | grep mysql
#No output is not installed

         Check whether the mysql directory exists. If it exists, all directories need to be deleted

[root@Server /]# whereis mysql
#It indicates that / usr/lib64/mysql and / usr/share/mysql need to be deleted. The self built one in the middle does not need to be deleted
mysql: /usr/lib64/mysql /usr/local/mysql /usr/share/mysql
#Execute the delete directory command
[root@Server /]# rm -rf /usr/lib64/mysql /usr/share/mysql
#After deletion, query again and find that there is no output, indicating that the deletion is successful. The find command is similar to the where is command
[root@Server /]# find / -name mysql
#No MySQL directories were found

         Check whether the Linux server system has the two tools libaio and numactl required by mysql. If either is missing, an error will be reported in the later installation process

[root@Server bin]# rpm -qa|grep libaio
#Install without
[root@Server bin]# yum -y install libaio-devel.x86_64

[root@Server bin]# rpm -qa|grep numactl
#Install without
[root@localhost bin]#  yum -y install numactl

         Mysql-5.7.24-linux-glibc2.12-x86_ Transfer the 64.tar.gz package to the / home directory

#Direct decompression after transmission
[root@Server home]# tar -zxvf mysql-5.7.24-linux-glibc2.12-x86_64.tar.gz

#View directory
[root@Server home]# ls
mysql-5.7.24-linux-glibc2.12-x86_64  mysql-5.7.24-linux-glibc2.12-x86_64.tar.gz
#In mysql-5.7.24-linux-glibc2.12-x86_ Create data directory under directory 64
[root@Server mysql-5.7.24-linux-glibc2.12-x86_64]# mkdir data
#Mysql-5.7.24-linux-glibc2.12-x86_ Move the 64 directory to / usr/local / and rename it mysql
[root@Server home]# mv /home/mysql-5.7.24-linux-glibc2.12-x86_64 /usr/local/mysql
#Check whether the mysql user group and user exist. If not, create it
[root@Server mysql]# cat /etc/group | grep mysql
[root@Server mysql]# cat /etc/passwd |grep mysql
#Create user groups and users
[root@localhost /]# groupadd mysql
[root@localhost /]# useradd -r -g mysql mysql
#Change the user group and user to which all directories and folders under the mysql directory belong, that is, change the owner and group
[root@Server mysql]# chown -R mysql:mysql /usr/local/mysql
#Set permissions
[root@Server mysql]# chmod -R 755 /usr/local/mysql

#Compile, install and initialize mysql in the bin directory. Be sure to remember the password at the end of the initialization output log (temporary password of database administrator), such as i0vo6: uzr > C(
[root@Server bin]# ./mysqld --initialize --user=mysql --datadir=/usr/local/mysql/data --basedir=/usr/local/mysql
2020-09-13T17:07:00.791651Z 0 [Warning] TIMESTAMP with implicit DEFAULT value is deprecated. Please use --explicit_defaults_for_timestamp server option (see documentation for more details).
2020-09-13T17:07:00.791709Z 0 [Warning] 'NO_ZERO_DATE', 'NO_ZERO_IN_DATE' and 'ERROR_FOR_DIVISION_BY_ZERO' sql modes should be used with strict mode. They will be merged with strict mode in a future release.
2020-09-13T17:07:00.791726Z 0 [Warning] 'NO_AUTO_CREATE_USER' sql mode was not set.
2020-09-13T17:07:01.861507Z 0 [Warning] InnoDB: New log files created, LSN=45790
2020-09-13T17:07:01.975886Z 0 [Warning] InnoDB: Creating foreign key constraint system tables.
2020-09-13T17:07:02.041173Z 0 [Warning] No existing UUID has been found, so we assume that this is the first time that this server has been started. Generating a new UUID: 8aa1070c-f5e3-11ea-b3b5-00163e04009e.
2020-09-13T17:07:02.044736Z 0 [Warning] Gtid table is not ready to be used. Table 'mysql.gtid_executed' cannot be opened.
2020-09-13T17:07:02.045234Z 1 [Note] A temporary password is generated for root@localhost: kl3IL>vZiz6y
#When you see all [Warning] and one [Note], it indicates that there is no [error], and the temporary password needs to remember kl3il > vziz6y (, which is the temporary login password of the mysql administrator

#Replace the contents of the configuration file my.cnf as follows
[root@Server bin]# vim /etc/my.cnf
[mysqld]
datadir=/usr/local/mysql/data
port=3306
sql_mode=NO_ENGINE_SUBSTITUTION,STRICT_TRANS_TABLES
symbolic-links=0
max_connections=600
innodb_file_per_table=1
lower_case_table_names=1

#Test start mysql server
[root@Server /]# /usr/local/mysql/support-files/mysql.server start
#[ok] indicates success
#Add soft connection
[root@Server /]# ln -s /usr/local/mysql/support-files/mysql.server /etc/init.d/mysql
[root@Server /]# ln -s /usr/local/mysql/bin/mysql /usr/bin/mysql
#Restart mysql service
[root@Server /]# service mysql restart
#Login to Mysql
[root@Server /]# mysql -u root -p
Enter password: #The password is the temporary password of the administrator
#Next, connect to the mysql server

#Set the user name and password of mysql server
mysql> alter user 'root'@'localhost' identified by '123456';
#Open remote connection
mysql>use mysql;
msyql>update user set user.Host='%' where user.User='root';
mysql>flush privileges;
mysql>exit
Bye

#Set automatic startup
#Copy the service file to init.d and rename it to mysql
[root@localhost /]# cp /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld
#Give executable permission
[root@localhost /]# chmod +x /etc/init.d/mysqld
#Add service
[root@localhost /]# chkconfig --add mysqld
#Displays a list of services
[root@localhost /]# chkconfig --list
Note: This output shows SysV services only and does not include native
      systemd services. SysV configuration data might be overridden by native
      systemd configuration.

      If you want to list systemd services use 'systemctl list-unit-files'.
      To see services enabled on particular target use
      'systemctl list-dependencies [target]'.

aegis          	0:off	1:off	2:on	3:on	4:on	5:on	6:off
jexec          	0:off	1:on	2:on	3:on	4:on	5:on	6:off
mysqld         	0:off	1:off	2:on	3:on	4:on	5:on	6:off
netconsole     	0:off	1:off	2:off	3:off	4:off	5:off	6:off
network        	0:off	1:off	2:on	3:on	4:on	5:on	6:off

  • Installation of Mysql environment completed

About FTP

         Building ftp using vsftpd

[root@Server ~]#  yum -y install vsftpd
...
Complete!
#Installation succeeded

         vsftp supports system account system login by default, but it is not safe. We can use virtual account system

#Establish the system account associated with the virtual account
[root@Server ~]# useradd -s /sbin/nologin virftp
#Create files related to virtual account (edit user name and password)
[root@Server ~]# vim /etc/vsftpd/vsftpd_login
Martha_ftp_01#user name
Martha#password
Martha_ftp_02#Username 2
Martha#Password 2

#Change the permissions of the file to improve the security level
[root@Server ~]# chmod 600 /etc/vsftpd/vsftpd_login
#The password file used by vsfptd is not clear text, and the corresponding library file needs to be generated
[root@Server ~]# db_load -T -t hash -f /etc/vsftpd/vsftpd_login /etc/vsftpd/vsftpd_login.db
#View the details of the corresponding library file
[root@Server ~]# ll /etc/vsftpd/vsftpd_login.db
-rw-r--r-- 1 root root 12288 Sep 14 08:57 /etc/vsftpd/vsftpd_login.db

#Create the directory where the virtual user profile is located
[root@Server ~]# mkdir /etc/vsftpd/vsftpd_user_conf
#Enter this directory
[root@Server ~]#  cd /etc/vsftpd/vsftpd_user_conf
#Create a configuration file corresponding to the user (the user's configuration file exists separately. Each user has its own configuration file, and the file name is consistent with the user name)
[root@Server vsftpd_user_conf]#vim Martha_ftp_01
#Add the following local_root as your user name
local_root=/home/virftp/Martha_ftp_01
anonymous_enable=NO
write_enable=YES
local_umask=022
anon_upload_enable=NO
anon_mkdir_write_enable=NO
idle_session_timeout=600
data_connection_timeout=120
max_clients=10

#Create home directory for virtual users
[root@Server /]# mkdir /home/virftp/Martha_ftp_01
#Create a txt file in the virtual user's home directory
[root@Server /]# touch /home/virftp/Martha_ftp_01/martha.txt
#Change the / home/virftp / directory and the owner and group of all files in the directory
[root@Server virftp]# chown -R virftp:virftp /home/virftp/

#The virtual user we established will be verified by PAM, which is enabled by the statement pam_service_name=vsftpd.vu in the / etc/vsftpd.conf file
[root@Server virftp]# vim /etc/pam.d/vsftpd
#Add 2 lines at the beginning
auth sufficient /lib64/security/pam_userdb.so db=/etc/vsftpd/vsftpd_login #Custom password file location
account sufficient /lib64/security/pam_userdb.so db=/etc/vsftpd/vsftpd_login
#%PAM-1.0
session    optional     pam_keyinit.so    force revoke
auth       required	pam_listfile.so item=user sense=deny file=/etc/vsftpd/ftpusers onerr=succeed
auth       required	pam_shells.so
auth       include	password-auth
account    include	password-auth
session    required     pam_loginuid.so
session    include	password-auth

#Modify the global configuration file (it is not available after modifying the user's configuration file. To modify some global configuration files of vsftpd)
#First edit the vsftpd.conf file
[root@Server vsftpd]# vim /etc/vsftpd/vsftpd.conf
#These three commands can be found by using / anonymous_enable → enter in command line mode
anonymous_enable=YES      (YSE Change to NO)             #Anonymous users are not allowed
anon_upload_enable=YES      (Remove'#',YES Change to NO)        #Upload not allowed
anon_mkdir_write_enable=YES    (Remove'#',YES Change to NO)       #Directory creation is not allowed
#Add a few lines at the end:
chroot_local_user=YES                       	  #Restrict all users to the home directory#
guest_enable=YES                            		#Open virtual user mapping system user#
guest_username=virftp                        		#Map to that system user#
virtual_use_local_privs=YES                     #Tell the service about the virtual users we use#
user_config_dir=/etc/vsftpd/vsftpd_user_conf    #Path of virtual configuration file#
allow_writeable_chroot=YES                      #After logging in, it is in its home directory by default#

#Start vsftpd service
[root@Server vsftpd]# service vsftpd start
Redirecting to /bin/systemctl start  vsftpd.service
#View the vsftp process. If the following information appears, it indicates that the startup is successful
[root@Server vsftpd]# ps ax |grep vsftp
14064 ?        Ss     0:00 /usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf
14066 pts/1    S+     0:00 grep --color=auto vsftp
#Check the port monitored by the Linux server. The vsftp process occupies port 21. That's right
[root@Server vsftpd]# netstat -lntp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      4103/sshd           
tcp6       0      0 :::3306                 :::*                    LISTEN      13202/mysqld        
tcp6       0      0 :::21                   :::*                    LISTEN      14064/vsftpd 

         Test FTP service

#Quickly install using yum or up2date
[root@Server ~]# yum -y install lftp
...
Complete!
#Log in to the first account with lftp -- Martha_ftp_01
[root@Server vsftpd_user_conf]# lftp Martha_ftp_01@127.0.0.1
Password: 
lftp Martha_ftp_01@127.0.0.1:~> get martha.txt
lftp Martha_ftp_01@127.0.0.1:/> quit
[root@Server vsftpd_user_conf]# ls
Martha_ftp_01  martha.txt

        

  • Shutting down the FTP service can attempt to kill the process

  • Next, you can use the local disk ftp://ip/ Access FTP

  • Enter the user name and password to enter the ftp server site

  • Exception 1: if 200 227 error code message pops up during entry, follow the steps below

    • Windows → control panel → Internet Options → advanced → uncheck the use of passive FTP (compatible with firewall and DSL modem)

  • Exception 2: after entering the site and seeing the file, click to access, such as txt file. If the application cannot be found, follow the steps below

    • Windows → control panel → Internet Options → program → set program → associate with program according to file type or protocol → specify default application according to protocol → modify the default application corresponding to FTP [click Modify browser]

Tags: Java Linux MySQL ftp Tomcat

Posted on Sat, 16 Oct 2021 15:08:45 -0400 by gijs25