3 Replies Latest reply on Aug 10, 2017 10:11 AM by Paul Anom

    Run JBOSS EAP 6.4 as a linux service as non-root user without password

    Avnish Choudhary Newbie

      I would like to run JBOSS EAP 6.4 as a linux service using user "jboss" without using password.

      Currently when I am issuing command "service jboss start" I am being prompted for password.

      I have created file called "jboss" under */etc/init.d/* and it looks like this

       

       

      #!/bin/sh
          #
          # JBoss standalone control script
          #
          # chkconfig: - 80 20
          # description: JBoss EAP Standalone
          # processname: standalone
          # pidfile: /usr/local/jboss-eap-6.4/jboss-eap-standalone.pid
          # config: /usr/local/jboss-eap-6.4/bin/standalone.conf
          
          # Source function library.
          . /etc/init.d/functions
          
          export JBOSS_USER=jboss
          
          # Load Java configuration.
          [ -r /etc/java/java.conf ] && . /etc/java/java.conf
          export JAVA_HOME
          
          # Load JBoss AS init.d configuration.
          if [ -z "$JBOSS_CONF" ]; then
            JBOSS_CONF=“/usr/local/jboss-eap-6.4/bin/standalone.conf"
          fi
          
          [ -r "$JBOSS_CONF" ] && . "${JBOSS_CONF}"
          
          # Set defaults.
          
          if [ -z "$JBOSS_HOME" ]; then
            JBOSS_HOME=/usr/local/jboss-eap-6.4
          fi
          export JBOSS_HOME
          
          if [ -z "$JBOSS_PIDFILE" ]; then
            JBOSS_PIDFILE=/usr/local/jboss-eap-6.4/jboss-eap-standalone.pid
          fi
          export JBOSS_PIDFILE
          
          if [ -z "$JBOSS_CONSOLE_LOG" ]; then
            JBOSS_CONSOLE_LOG=/usr/local/jboss-eap-6.4/standalone/log/console.log
          fi
          
          if [ -z "$STARTUP_WAIT" ]; then
            STARTUP_WAIT=30
          fi
          
          if [ -z "$SHUTDOWN_WAIT" ]; then
            SHUTDOWN_WAIT=30
          fi
          
          if [ -z "$JBOSS_CONFIG" ]; then
            JBOSS_CONFIG=standalone-full.xml
          fi
          
          JBOSS_SCRIPT=$JBOSS_HOME/bin/standalone.sh
          
          prog='jboss-eap-6.4'
          
          CMD_PREFIX=''
          
          if [ ! -z "$JBOSS_USER" ]; then
            if [ -r /etc/rc.d/init.d/functions ]; then
              CMD_PREFIX="daemon --user $JBOSS_USER"
              else
              CMD_PREFIX="su - $JBOSS_USER -c"
            fi
          fi
          
          start() {
            echo -n "Starting $prog: "
            if [ -f $JBOSS_PIDFILE ]; then
              read ppid < $JBOSS_PIDFILE
              if [ `ps --pid $ppid 2> /dev/null | grep -c $ppid 2> /dev/null` -eq '1' ]; then
                echo -n "$prog is already running"
                failure
                echo
                return 1
              else
                rm -f $JBOSS_PIDFILE
              fi
            fi
            mkdir -p $(dirname $JBOSS_CONSOLE_LOG)
            cat /dev/null > $JBOSS_CONSOLE_LOG
          
            mkdir -p $(dirname $JBOSS_PIDFILE)
            chown $JBOSS_USER $(dirname $JBOSS_PIDFILE) || true
            #$CMD_PREFIX JBOSS_PIDFILE=$JBOSS_PIDFILE $JBOSS_SCRIPT 2>&1 > $JBOSS_CONSOLE_LOG &
            #$CMD_PREFIX JBOSS_PIDFILE=$JBOSS_PIDFILE $JBOSS_SCRIPT &
          
            if [ ! -z "$JBOSS_USER" ]; then
              if [ -r /etc/rc.d/init.d/functions ]; then
                daemon --user $JBOSS_USER LAUNCH_JBOSS_IN_BACKGROUND=1 JBOSS_PIDFILE=$JBOSS_PIDFILE $JBOSS_SCRIPT -c $JBOSS_CONFIG > $JBOSS_CONSOLE_LOG 2>&1 &
                else
                su - $JBOSS_USER -c "LAUNCH_JBOSS_IN_BACKGROUND=1 JBOSS_PIDFILE=$JBOSS_PIDFILE $JBOSS_SCRIPT -c $JBOSS_CONFIG" > $JBOSS_CONSOLE_LOG 2>&1 &
              fi
            fi
          
            count=0
            launched=false
          
            until [ $count -gt $STARTUP_WAIT ]
            do
              grep 'JBAS015961:' $JBOSS_CONSOLE_LOG > /dev/null
              if [ $? -eq 0 ] ; then
                launched=true
                break
              fi
              sleep 1
              let count=$count+1;
            done
          
            if [ "$launched" = "false" ] ; then
              echo "$prog failed to startup in the time allotted"
              failure
              echo
              return 7
            fi
          
            success
            echo
           return 0
          }
          
          stop() {
            echo -n $"Stopping $prog: "
            count=0;
          
            if [ -f $JBOSS_PIDFILE ]; then
              read kpid < $JBOSS_PIDFILE
              let kwait=$SHUTDOWN_WAIT
          
              # Try issuing SIGTERM
          
              kill -15 $kpid
              until [ `ps --pid $kpid 2> /dev/null | grep -c $kpid 2> /dev/null` -eq '0' ] || [ $count -gt $kwait ]
              do
                sleep 1
                let count=$count+1;
              done
          
              if [ $count -gt $kwait ]; then
                kill -9 $kpid
              fi
            fi
            rm -f $JBOSS_PIDFILE
            success
            echo
          }
          
          status() {
            if [ -f $JBOSS_PIDFILE ]; then
            read ppid < $JBOSS_PIDFILE
              if [ `ps --pid $ppid 2> /dev/null | grep -c $ppid 2> /dev/null` -eq '1' ]; then
                echo "$prog is running (pid $ppid)"
                return 0
              else
                echo "$prog dead but pid file exists"
                return 1
              fi
            fi
            echo "$prog is not running"
            return 3
          }
          
          case "$1" in
            start)
                start
                ;;
            stop)
                stop
                ;;
            restart)
                $0 stop
                $0 start
                ;;
            status)
                status
                ;;
            *)
                ## If no parameters are given, print which are avaiable.
                echo "Usage: $0 {start|stop|status|restart|reload}"
                exit 1
                ;;
          esac
      

       

      My */etc/sudoers* file has following entries

       

       

          ALL ALL=(root) NOPASSWD: /bin/su - jboss
          ALL ALL=(root) NOPASSWD: /sbin/service jboss start 
          ALL ALL=(root) NOPASSWD: /sbin/service jboss stop
          ALL ALL=(root) NOPASSWD: /sbin/service jboss status
      

       

      JBOSS location = */usr/local/jboss-eap-6.4* and following are the permission on this

       

       

      drwxrwxr-x. 11 jboss jboss 236 Mar 27  2015 jboss-eap-6.4
      

       

       

      Permission on */etc/init.d/jboss*

       

       

       -rwxr-xr-x. 1 root root  3917 Aug  6 16:23 jboss
      

       

       

      I am newbie to JBOSS and LINUX. So please help me out to achieve this.