Jsvc is a set of libraries and applications that facilitates running Java applications on Linux, UNIX, and similar operating systems. Using Jsvc with Red Hat JBoss Web Server 3 allows Tomcat to switch identities. Using Jsvc, Tomcat can perform root-level operations and then revert to a non-privileged user.
There are two ways to use Commons Daemon: by implementing the daemon interface or by calling a class that provides the required methods for daemon. For example, Tomcat-4.1. x uses the daemon interface and Tomcat-5.0. x provides a class whose methods are called by JSVC directly.
In general, most of the functionality provided by jsvc is provided by systemd, with the exception of opening of privileged ports (see below). If possible, it is a very good idea to switch to using systemd functionality directly, since things become simpler and more efficient.
Your unit file looks mostly OK, with the exception of
ExecStart=/opt/tomcat/bin/startup.sh
ExecStop=/opt/tomcat/bin/shutdown.sh
This part looks like another wrapper which can be replaced with a direct to
java -jar ...
.
Under Systemd this is usually done through socket activation. Systemd opens the socket and hands it to the daemon as an open file descriptor (like stdin, stdout, stderr).
The daemon can then be started as unprivileged user, and does not drop privileges itself. The daemon has to support this, and instead of opening the socket by itself, it should use the one it was given. Under Java this is made very problematic by the lack of support in the Java stdlib.
AFAIK, tomcat does not support socket activation, so if you want to use an privileged port and run the daemon under an unprivileged user, jsvc might still be necessary.
At this point, I'd use JSvc. But wrap it with a Systemd script if I had to.
Keep in mind JSvc is just another executable. So a regular system user can configure a JSvc service for instance. It's safe to say that on most distros Systemd requires root privileges to be configured.
I've also written Java programs that use JSvc and ProcRun.exe by wrapping a small Java interface. This allows me to use the same service code and even JUnit integration tests on Unix and Windows OSes. So I would argue JSvc and ProcRun.exe together facilitate cross-platform service code.
JSvc has some interesting Java specific options that may be useful to you. Such as how to start the JVM ( process or DLL ), etc. You can write a lot of those into a Systemd script, but I suspect you'd just be rewriting JSvc in Bash at that point.
So maybe it's not very compelling for your specific Tomcat example. But there are some advantages to using the tiny JSvc service wrapper over Systemd.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With